Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-10-2019 Ran by User (22-10-2019 13:47:12) Running from C:\Users\User\Desktop Windows 7 Ultimate Service Pack 1 (X64) (2014-07-31 11:03:16) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-101217576-2858605893-2529171766-500 - Administrator - Disabled) HomeGroupUser$ (S-1-5-21-101217576-2858605893-2529171766-1018 - Limited - Enabled) Invitado (S-1-5-21-101217576-2858605893-2529171766-501 - Limited - Disabled) User (S-1-5-21-101217576-2858605893-2529171766-1000 - Administrator - Enabled) => C:\Users\User ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Actualización de NVIDIA 35.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 35.0.0.0 - NVIDIA Corporation) Hidden Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated) Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.14 - Adobe Systems) Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.270 - Adobe) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.270 - Adobe) Age of Mythology + The Titans (HKLM-x32\...\Age of Mythology + The Titans Expansion_is1) (Version: - ) AMX Mod X Installer 1.8.1 (HKLM-x32\...\AMX Mod X Installer) (Version: 1.8.1 - AMX Mod X Dev Team) Apple Application Support (32 bits) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach) Bandicam (HKLM-x32\...\Bandicam) (Version: 4.4.2.1550 - Bandicam.com) Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB) Battlezone 98 Redux (HKLM-x32\...\Battlezone 98 Redux_is1) (Version: - ) BCL easyConverter SDK 5 Word (HKLM\...\{F0CBBA19-423B-4E3B-AA92-B58B5070A8D0}) (Version: 5.0.157 - BCL Technologies) Binance version 1.0.0 (HKLM-x32\...\{F7C9C013-C42C-440F-979C-46BA1F534351}_is1) (Version: 1.0.0 - Binance) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.69.1079 - AB Team, d.o.o.) Call of Duty Modern Warfare 2 (HKLM-x32\...\Call of Duty Modern Warfare 2_is1) (Version: - Activision) CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform) Championify (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\Championify) (Version: 2.1.5 - Dustin Blackman) Command & Conquer Generals (HKLM-x32\...\{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts) Hidden Command & Conquer Generals (HKLM-x32\...\InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts) Command & Conquer™ Red Alert™ 3 (HKLM-x32\...\{296D8550-CB06-48E4-9A8B-E5034FB64715}) (Version: 1.0.1.0 - Electronic Arts) Command and Conquer 3 Tiberium Wars Complete Collection versión 1.02 (HKLM-x32\...\{01BB7046-6217-4225-BFA8-A5E5DB2B0977}_is1) (Version: 1.02 - Electronic Arts) Command and ConquerTM Generals Zero Hour (HKLM-x32\...\{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts) Hidden Command and ConquerTM Generals Zero Hour (HKLM-x32\...\InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts) Compresor WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - ) Counter-Strike 1.6 (HKLM-x32\...\{13B792AA-C078-43A4-8A3A-8B12D629940D}) (Version: 1.00.0000 - ) CPUID HWMonitor 1.32 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.32 - ) Crysis 3 version 1.0 (HKLM-x32\...\{646928DD-48C1-461C-AF2D-4BC15CB44A5A}_is1) (Version: 1.0 - Electronic Arts) DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd) Diablo Gold Repack (HKLM-x32\...\Diablo Gold Repack) (Version: - ) Discord (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\Discord) (Version: 0.0.305 - Discord Inc.) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.17 - NVIDIA Corporation) Hidden Dolby Axon - 1.5.1.1 (HKLM-x32\...\{17936630-5344-4F18-9970-616129E2A114}_is1) (Version: 1.5.1.1 - Dolby Laboratories) Droid4X (HKLM-x32\...\Droid4X) (Version: 0.9.0 - Haiyu Dongxiang Co.,Ltd.) Dying Light (HKLM-x32\...\Dying Light_is1) (Version: - ) Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden El Señor de los Anillos® - La Conquista™ (HKLM-x32\...\{628C3D50-F524-4C49-A958-672CE7953756}) (Version: 1.0.0.1 - Electronic Arts) Entropia Universe (HKLM-x32\...\Entropia Universe) (Version: 15.19.0.156378 - MindArk PE AB) Epic Games Launcher (HKLM-x32\...\{16639F01-568E-450C-B4EF-4878543EC172}) (Version: 1.1.125.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version: - Image-Line) Game Summary (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\Overwolf_nafihghfcpikebhfhdhljejkcifgbdahdhngepfb) (Version: 126.0.5 - Overwolf app) GameRanger (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\GameRanger) (Version: - GameRanger Technologies) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.120 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden GoPro App (HKLM-x32\...\{D0B85070-C2A8-4B3B-981B-D0D7229AA614}) (Version: 5.7.544 - GoPro, Inc.) Hidden GoPro Studio 2.5.7 (HKLM-x32\...\{6cc291a1-549a-455c-bc7d-ec03aaf8f6b9}) (Version: 2.5.7.544 - GoPro, Inc.) Hard Disk Low Level Format Tool 4.25 (HKLM-x32\...\Hard Disk Low Level Format Tool_is1) (Version: - HDDGURU) Hero Editor V1.04 (HKLM-x32\...\ST6UNST #1) (Version: - ) Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.1.91 - Riot Games, Inc.) HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.1.6.3 - Hi-Rez Studios) Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) HP Deskjet 2510 series Estudio para la mejora del producto (HKLM\...\{D9C3A88D-5B0F-4FC3-8A7C-96B4E9AB1ADC}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) HP Deskjet 2510 series Setup Guide (HKLM-x32\...\{216C7F38-4BBC-4E9A-8392-C9FA21B54386}) (Version: 27.0.0 - Hewlett Packard) HP Deskjet 2510 series Software básico del dispositivo (HKLM\...\{A8F738FC-F8E7-4581-8929-F22136401377}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard) IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line) iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.) Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) Juego Prototype(TM) (HKLM-x32\...\InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}) (Version: 1.0 - Activision) La Batalla por la Tierra Media™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version: - ) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Left 4 Dead 2 Standalone Patch™ (HKLM-x32\...\L4D2SP) (Version: 9.5 - Gaming eXtreme) LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.9.33 - www.leaguereplays.com) LoLwiz (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\Overwolf_dmpfhbhjknfmncjinjaikncjjnklcplnodamiimn) (Version: 4.6.3 - Overwolf app) Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes) Microsoft .NET Framework 4.6.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.6.01590 - Microsoft Corporation) Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE (HKLM-x32\...\{4D243BA7-9AC4-46D1-90E5-EEB88974F501}) (Version: 2.0.687.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}) (Version: 2.0.687.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40649 (HKLM-x32\...\{35b83883-40fa-423c-ae73-2aff7e1ea820}) (Version: 12.0.40649.5 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.21.27702 (HKLM-x32\...\{f4220b74-9edd-4ded-bc8b-0342c1e164d8}) (Version: 14.21.27702.2 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (HKLM-x32\...\{49697869-be8e-427d-81a0-c334d1d14950}) (Version: 14.21.27702.2 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.26.02.03 - Huawei Technologies Co.,Ltd) Mouse Controller version 1.10.0.0 (HKLM-x32\...\{558409e4-71ad-4b5f-9db7-15e987d0e3aa}_is1) (Version: 1.10.0.0 - MuGiRi Software Development) Mozilla Firefox 61.0.1 (x64 es-AR) (HKLM\...\Mozilla Firefox 61.0.1 (x64 es-AR)) (Version: 61.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 61.0.1.6759 - Mozilla) MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios) Need for Speed™ Most Wanted (HKLM-x32\...\{ADE91A13-434D-4229-00BC-182BAD607303}) (Version: - ) Need for Speed™ Payback (HKLM-x32\...\{F4CF3D08-565C-40B7-B351-D3033DE2172B}) (Version: 1.0.51.15364 - Electronic Arts) Nero 7.10.1.0 (HKLM-x32\...\Nero7_is1) (Version: 7.10.1.0 - Nero AG) NetLimiter 4 (HKLM\...\{C2475E06-0F70-4CDC-906E-DC48F716A376}) (Version: 4.0.30.0 - Locktime Software) Hidden NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.30.0) (Version: 4.0.30.0 - Locktime Software) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.13 - NVIDIA Corporation) Hidden NVIDIA Controlador de 3D Vision 419.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 419.17 - NVIDIA Corporation) NVIDIA Controlador de audio HD 1.3.38.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.13 - NVIDIA Corporation) NVIDIA Controlador de gráficos 419.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 419.17 - NVIDIA Corporation) NVIDIA Controlador de la controladora 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation) NVIDIA GeForce Experience 3.17.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.17.0.126 - NVIDIA Corporation) NVIDIA Software del sistema PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 19.0.3 - OBS Project) Oracle VM VirtualBox 4.3.12_ZZZZ (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation) Outfox (HKLM\...\{D6F22242-0EDB-4505-B1E9-DF536EB7D477}) (Version: 1.6.0 - Golden Frog, GmbH) Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Overwolf (HKLM-x32\...\Overwolf) (Version: 0.125.0.27 - Overwolf Ltd.) Panel de control de NVIDIA 419.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 419.17 - NVIDIA Corporation) Hidden Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation) PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.2211.0 - CyberLink Corporation) Prototype(TM) (HKLM-x32\...\{9322A850-9091-4D0E-B252-3E82EDA3D94A}) (Version: 1.0 - Activision) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) Python 3.7.2 (32-bit) (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\{0f40e78b-67e1-4e0c-a2fd-e9325d9dfc82}) (Version: 3.7.2150.0 - Python Software Foundation) Python 3.7.2 Add to Path (32-bit) (HKLM-x32\...\{A0253733-D4C4-4964-AB97-C5C80FCD580F}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 Core Interpreter (32-bit) (HKLM-x32\...\{3A09B849-4D48-41AA-9461-112E6CEC405D}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 Development Libraries (32-bit) (HKLM-x32\...\{A14E7090-5888-460B-9003-1C3DA5AD3D35}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 Documentation (32-bit) (HKLM-x32\...\{D2FA452F-4742-4805-BEB1-AC81ED48F4A8}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 Executables (32-bit) (HKLM-x32\...\{D6FF50CC-E41E-4FFB-B7B9-72D71BF00C55}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 pip Bootstrap (32-bit) (HKLM-x32\...\{0D2B3674-3B1E-4281-B5FD-37D700602129}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 Standard Library (32-bit) (HKLM-x32\...\{667226B8-23CA-47C1-A070-D3B85E8C9292}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 Tcl/Tk Support (32-bit) (HKLM-x32\...\{34AD493A-01AA-4D6A-9229-BF0406F22D14}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 Test Suite (32-bit) (HKLM-x32\...\{F0B6A6E9-C7E1-4730-A29D-71C02B800028}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 Utility Scripts (32-bit) (HKLM-x32\...\{06CE3F8B-A658-462C-AD3D-FA7142297E97}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden qlub.gg (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\Overwolf_bekkfkjdkbginihlkpegcpomdeonddjhgbhgaaeh) (Version: 0.9.5.1040 - Overwolf app) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek) RESIDENT EVIL 5 (HKLM-x32\...\{AC08BBA0-96B9-431A-A7D0-D8598E493775}) (Version: 1.0.0.129 - CAPCOM CO., LTD.) Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden RMVB Converter 1.8 (HKLM-x32\...\{C3BDF1C8-66EF-4A0F-B427-A99E39706F45}_is1) (Version: - RMVB Codec) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Seven Kingdoms (HKLM-x32\...\Seven Kingdoms) (Version: - ) Sony PC Companion 2.10.235 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.235 - Sony) StarCraft II (HKLM-x32\...\StarCraft II) (Version: 1.4.2.20141 - Blizzard Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version: - ) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1250 - SUPERAntiSpyware.com) TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - ) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.3 - TeamSpeak Systems GmbH) TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.1.1548 - TeamViewer) Telegram Desktop version 1.8.15 (HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.8.15 - Telegram FZ-LLC) TL-WN822N/TL-WN821N Driver (HKLM-x32\...\{62FE0726-9652-4CD2-9F09-C769D8699C21}) (Version: 1.0.0 - TP-LINK) TP-LINK TL-WN8200ND Controlador (HKLM-x32\...\{FDA7E907-6539-42C1-9721-0239C281B336}) (Version: 1.3.1 - TP-LINK) Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{DAFCD7DE-1531-4483-9F53-170766074E85}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft) VFW_Codec32 (HKLM-x32\...\{D935F8D7-8B51-4C56-8BF6-3C35CBADCF39}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden VFW_Codec64 (HKLM\...\{188A81E4-B0F0-4B0F-9627-1C1FE192EA58}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Windows Driver Package - BigNox Corporation YSDrv System (01/20/2017 4.3.12) (HKLM\...\1FF524CF3E58304F349D809470EC4A689914A4D5) (Version: 01/20/2017 4.3.12 - BigNox Corporation) WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) Wondershare Filmora9(Build 9.1.5) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software) Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare) Wordfast Pro (HKLM\...\{AA79D061-3D10-4482-9609-6BC6F75FD04A}) (Version: 5.10.0 - Wordfast LLC) Hidden Wordfast Pro (HKLM\...\Wordfast Pro 5.10.0) (Version: 5.10.0 - Wordfast LLC) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-101217576-2858605893-2529171766-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-101217576-2858605893-2529171766-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-101217576-2858605893-2529171766-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-101217576-2858605893-2529171766-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-101217576-2858605893-2529171766-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-101217576-2858605893-2529171766-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-05-17] (Notepad++ -> ) ContextMenuHandlers1: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} => -> No File ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] () [File not signed] ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-05-22] () [File not signed] ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] () [File not signed] ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-05-22] () [File not signed] ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-02-20] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] () [File not signed] ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-05-22] () [File not signed] ==================== Codecs (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [VIDC.CFHD] => C:\Windows\system32\CFHD.dll [1355264 2015-09-22] (CineForm Inc.) [File not signed] HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2018-09-25] (Beepa P/L) [File not signed] HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2009-09-15] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed] HKLM\...\Drivers32: [VIDC.CFHD] => C:\Windows\SysWOW64\CFHD.dll [1138688 2015-09-22] (CineForm Inc.) [File not signed] HKLM\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [746496 2009-07-13] (Microsoft Windows -> Intel Corporation) HKLM\...\Drivers32: [msacm.iac2] => C:\Windows\SysWOW64\iac25_32.ax [197632 2009-07-13] (Microsoft Windows -> Intel Corporation) HKLM\...\Drivers32: [VIDC.IV41] => C:\Windows\SysWOW64\IR41_32.AX [839680 2009-07-13] (Microsoft Windows -> Intel Corporation) HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2018-09-25] (Beepa P/L) [File not signed] HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> ) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\User\Desktop\Games\Dark Reign.lnk -> C:\Program Files (x86)\Activision\Dark Reign\Dark Reign W7.bat () Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Image-Line website.lnk -> hxxp://www.image-line.com Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk -> hxxp://www.image-line.com/diagnosti Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk -> hxxp://www.deckadance.com Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk ShortcutWithArgument: C:\Users\User\Desktop\Todo luckygames\Cacatua - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 119" ShortcutWithArgument: C:\Users\User\Desktop\Todo luckygames\NightElf - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 26" ShortcutWithArgument: C:\Users\User\Desktop\MEGA ESCRITORIO NIVEL DIOS\CacaDeCamello - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 121" ShortcutWithArgument: C:\Users\User\Desktop\MEGA ESCRITORIO NIVEL DIOS\Persona 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default" ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b739e5c93ca27df0\Optica - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 79" ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\6c4e6cd5a0fae580\LecheEntera - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 108" ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\495da1bfff1f1192\ElTriste - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 118" ==================== Loaded Modules (Whitelisted) ============== 2019-07-23 14:26 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll 2019-07-23 14:26 - 2017-09-12 10:34 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll 2014-07-31 08:19 - 2006-12-11 02:14 - 000043008 _____ () [File not signed] C:\Program Files (x86)\WinRAR\rarext64.dll 2012-09-23 20:44 - 2012-09-23 20:44 - 000010240 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\es_es\Acrobat Elements\ContextMenuShim64.esp 2019-07-23 14:26 - 2017-09-12 10:36 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Windows:CM_19eafbed2e5c22a84b131f38305ac75313a8de243df0836e0998844693ddf628 [74] AlternateDataStreams: C:\Windows:CM_599e40e338059b7c8201d84b6a6f021a4177c11e44d72cdd6d7af9f4fe138d3a [74] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [488] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\84623655.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\84623655.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service" ==================== Association (Whitelisted) =============== ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\sony.com -> sony.com IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-101217576-2858605893-2529171766-1000\...\100sexlinks.com -> 100sexlinks.com There are 4788 more sites. ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 23:34 - 2019-02-01 23:44 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts 2016-03-24 04:24 - 2019-10-22 13:38 - 000000435 _____ C:\Windows\system32\drivers\etc\hosts.ics 192.168.0.104 User-PC.mshome.net # 2024 10 4 17 3 29 54 905 ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Windows\system32;C:\Windows;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common HKU\S-1-5-21-101217576-2858605893-2529171766-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 200.114.96.10 - 200.114.96.11 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is disabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) MSCONFIG\Services: AIPS => 2 MSCONFIG\Services: Apple Mobile Device Service => 2 MSCONFIG\Services: BEService => 3 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: BstHdAndroidSvc => 3 MSCONFIG\Services: BstHdLogRotatorSvc => 2 MSCONFIG\Services: BstHdUpdaterSvc => 2 MSCONFIG\Services: Droid4XService => 2 MSCONFIG\Services: EasyAntiCheat => 3 MSCONFIG\Services: HiPatchService => 2 MSCONFIG\Services: HPSupportSolutionsFrameworkService => 3 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: LiveUpdateSvc => 2 MSCONFIG\Services: Mobile Broadband HL Service => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: nlsvc => 2 MSCONFIG\Services: Outfox => 2 MSCONFIG\Services: OverwolfUpdater => 3 MSCONFIG\Services: rpcapd => 3 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: Sony PC Companion => 3 MSCONFIG\Services: ss_conn_service => 2 MSCONFIG\Services: Steam Client Service => 3 MSCONFIG\Services: TeamViewer => 2 MSCONFIG\Services: TunngleService => 3 MSCONFIG\startupfolder: C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Chrome.exe => C:\Windows\pss\Chrome.exe.Startup MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: BingSvc => C:\Users\User\AppData\Local\Microsoft\BingSvc\BingSvc.exe MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: Chromium => "c:\users\user\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory=Default --restore-last-session MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun MSCONFIG\startupreg: Discord => C:\Users\User\AppData\Local\Discord\app-0.0.298\Discord.exe MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup MSCONFIG\startupreg: EpicGamesLauncher => "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent MSCONFIG\startupreg: GarenaPlus => "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch MSCONFIG\startupreg: GoPro Studio Importer => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: LanguageShortcut => "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe" MSCONFIG\startupreg: MinerGateGui => C:\Program Files\MinerGate\minergate.exe --auto MSCONFIG\startupreg: NetLimiter => "C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe" /minimized MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background MSCONFIG\startupreg: Spotify => "C:\Users\User\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\User\AppData\Roaming\Spotify\SpotifyWebHelper.exe" MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" MSCONFIG\startupreg: Windscribe => "C:\Program Files (x86)\Windscribe\Windscribe.exe" -os_restart ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [TCP Query User{026DBEDD-98C2-45D4-A3DC-FDCEEDC8388A}C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd) FirewallRules: [UDP Query User{B35540D9-9737-413F-A8F9-A6FEC11D8044}C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd) FirewallRules: [TCP Query User{89E79A6E-5504-43F6-AB46-D50FAC437764}C:\users\user\desktop\mega escritorio nivel dios\escritorio\age of empires\age2_x1.exe] => (Allow) C:\users\user\desktop\mega escritorio nivel dios\escritorio\age of empires\age2_x1.exe (Microsoft Corporation) [File not signed] FirewallRules: [UDP Query User{AC442BA9-307D-4881-BE4D-4CC39A13B534}C:\users\user\desktop\mega escritorio nivel dios\escritorio\age of empires\age2_x1.exe] => (Allow) C:\users\user\desktop\mega escritorio nivel dios\escritorio\age of empires\age2_x1.exe (Microsoft Corporation) [File not signed] FirewallRules: [TCP Query User{566F43A4-4AFF-41B7-B89E-9F806C51299A}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{71574750-0DD7-449C-87E0-A04C3CBD74D8}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{634139B8-5F9F-4621-808C-37C4C16E017F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{224A880A-8EEA-4FD6-A0B9-2D14A2097EFE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{FC98C3D7-66E0-4000-A41C-EC48C2C57399}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{2CBE84F2-AD0F-48FC-85E7-014C3DD91419}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{6E381328-2A2B-4B7C-A1F4-CDA0B3FEE3CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{C0C8B31E-9E4D-48DB-A784-ADF87463FFFB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{985948B2-3CE5-453B-97C5-80549CEF86A5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{47E64B01-74FE-4994-94FC-890B124C46D8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{5FB571CF-14CA-4710-A9F7-4028235DB909}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{0F0B407F-7918-4F92-8837-66BE2915C0BD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{18F1599B-84E3-4370-AAC2-428ABB78AC50}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{16AA3F03-23FE-4A89-B22F-B30A886E6242}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{563B1254-A7ED-497F-B70F-77A832ADC9CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{E3335384-20B4-4084-A31F-7D072F863C31}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> ) FirewallRules: [{D9EF1E50-0E2F-49D5-A816-BF136614275F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{665378DE-90EB-4710-990E-DDDF7071EF61}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{B7686CA7-7C40-4F33-9B8D-1BABF7E9C2FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{EC0FAF06-C615-4A9A-9D41-AA25C80B8A0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> ) FirewallRules: [{31D47819-573F-4DF1-B83D-2F4529563812}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{D9CBE819-F60B-4B2C-9997-D3428393DC4B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{BED60128-316F-439D-995B-93F48C0D4CC7}] => (Allow) C:\Users\User\Desktop\League of Legends\LeagueClient.exe (Riot Games, Inc. -> ) FirewallRules: [{9E63C6D5-E173-4192-8895-5434A9DDA56A}] => (Allow) C:\Users\User\Desktop\League of Legends\LeagueClient.exe (Riot Games, Inc. -> ) FirewallRules: [{52FB5F78-772A-41CA-8908-2A313BB426AE}] => (Allow) C:\Users\User\Desktop\League of Legends\LeagueClient.exe (Riot Games, Inc. -> ) FirewallRules: [{6DEBE3E7-BBA2-4D95-A881-E9EC05D059D5}] => (Allow) C:\Users\User\Desktop\League of Legends\LeagueClient.exe (Riot Games, Inc. -> ) FirewallRules: [TCP Query User{581496B3-FA22-440E-857E-1D382861A614}C:\users\user\desktop\mega escritorio nivel dios\todo\series\copia del l4d1 sin el sourcemod\left 4 dead\left4dead -console -toggleconsole.exe] => (Allow) C:\users\user\desktop\mega escritorio nivel dios\todo\series\copia del l4d1 sin el sourcemod\left 4 dead\left4dead -console -toggleconsole.exe () [File not signed] FirewallRules: [UDP Query User{A181CB1D-BA66-4D2E-968A-E4E64185377F}C:\users\user\desktop\mega escritorio nivel dios\todo\series\copia del l4d1 sin el sourcemod\left 4 dead\left4dead -console -toggleconsole.exe] => (Allow) C:\users\user\desktop\mega escritorio nivel dios\todo\series\copia del l4d1 sin el sourcemod\left 4 dead\left4dead -console -toggleconsole.exe () [File not signed] FirewallRules: [TCP Query User{BE36AD6E-CB0B-4B94-BCDF-2FD4275CB81A}C:\program files (x86)\left 4 dead 2\left4dead2.exe] => (Block) C:\program files (x86)\left 4 dead 2\left4dead2.exe (Gaming eXtreme) [File not signed] FirewallRules: [UDP Query User{17C0458C-60D8-48A6-AC3E-C82283D6A141}C:\program files (x86)\left 4 dead 2\left4dead2.exe] => (Block) C:\program files (x86)\left 4 dead 2\left4dead2.exe (Gaming eXtreme) [File not signed] FirewallRules: [TCP Query User{56884C4B-A544-44BC-BC1B-5941520B34E5}C:\users\user\desktop\mega escritorio nivel dios\todo\aca esta el puto escritorio\backup l4d2\left 4 dead 2\left4dead2.exe] => (Allow) C:\users\user\desktop\mega escritorio nivel dios\todo\aca esta el puto escritorio\backup l4d2\left 4 dead 2\left4dead2.exe (Gaming eXtreme) [File not signed] FirewallRules: [UDP Query User{BE3CBDAD-25C7-4E3E-AD95-85536B53BDF7}C:\users\user\desktop\mega escritorio nivel dios\todo\aca esta el puto escritorio\backup l4d2\left 4 dead 2\left4dead2.exe] => (Allow) C:\users\user\desktop\mega escritorio nivel dios\todo\aca esta el puto escritorio\backup l4d2\left 4 dead 2\left4dead2.exe (Gaming eXtreme) [File not signed] FirewallRules: [TCP Query User{E88F4091-E413-463B-9E58-CFF7A12F4603}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed] FirewallRules: [UDP Query User{7A07FF00-1D84-414B-BF4A-306A2D41C81A}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed] FirewallRules: [TCP Query User{0399E66F-5F61-4231-BF24-BD86D0F1463D}C:\program files (x86)\techland\dying light\dyinglightgame.exe] => (Allow) C:\program files (x86)\techland\dying light\dyinglightgame.exe (TECHLAND SP Z O O -> Techland) [File not signed] FirewallRules: [UDP Query User{AFC60460-E7B3-4FF5-B7AE-68C767EC7EC8}C:\program files (x86)\techland\dying light\dyinglightgame.exe] => (Allow) C:\program files (x86)\techland\dying light\dyinglightgame.exe (TECHLAND SP Z O O -> Techland) [File not signed] FirewallRules: [TCP Query User{164FC2A3-663C-4B86-9161-A96B7D4D7650}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe FirewallRules: [UDP Query User{CC49BE41-4DC1-4321-99AA-361AA23F8CB5}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe FirewallRules: [TCP Query User{4CDD98A5-C554-4B79-B825-A18408620DF5}C:\users\user\desktop\age of empires\age2_x1.exe] => (Allow) C:\users\user\desktop\age of empires\age2_x1.exe (Microsoft Corporation) [File not signed] FirewallRules: [UDP Query User{C11F9FE8-BE3B-4213-A293-4D5CAF81A422}C:\users\user\desktop\age of empires\age2_x1.exe] => (Allow) C:\users\user\desktop\age of empires\age2_x1.exe (Microsoft Corporation) [File not signed] FirewallRules: [TCP Query User{17DB9A18-AD70-4EF9-835B-4D9414C6B3B8}C:\users\user\desktop\league of legends\game\league of legends.exe] => (Allow) C:\users\user\desktop\league of legends\game\league of legends.exe (Riot Games, Inc. -> ) FirewallRules: [UDP Query User{AE4A4AC6-039A-41A1-8DA3-F3CE074FE6D8}C:\users\user\desktop\league of legends\game\league of legends.exe] => (Allow) C:\users\user\desktop\league of legends\game\league of legends.exe (Riot Games, Inc. -> ) FirewallRules: [{0573E653-6332-460A-B5F7-8EBB2A57E688}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Restore Points ========================= Check "winmgmt" service or repair WMI. ==================== Faulty Device Manager Devices ============= Could not list Devices. Check "winmgmt" service or repair WMI. ==================== Event log errors: ========================= Application errors: ================== Error: (10/22/2019 01:51:51 PM) (Source: MsiInstaller) (EventID: 1024) (User: User-PC) Description: Producto: Adobe Acrobat Reader DC - Español - la actualización "{AC76BA86-7AD7-0000-2550-AC0F174E6600}" no se pudo instalar. Código de error 1625. Windows Installer no puede crear registros para ayudar a solucionar problemas de instalación de paquetes de software. Use el vínculo siguiente para obtener instrucciones sobre la activación de la compatibilidad de registro: http://go.microsoft.com/fwlink/?LinkId=23127 Error: (10/22/2019 03:20:22 AM) (Source: MsiInstaller) (EventID: 1024) (User: User-PC) Description: Producto: Adobe Acrobat Reader DC - Español - la actualización "{AC76BA86-7AD7-0000-2550-AC0F174E6600}" no se pudo instalar. Código de error 1625. Windows Installer no puede crear registros para ayudar a solucionar problemas de instalación de paquetes de software. Use el vínculo siguiente para obtener instrucciones sobre la activación de la compatibilidad de registro: http://go.microsoft.com/fwlink/?LinkId=23127 Error: (10/22/2019 01:33:57 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (10/21/2019 11:49:34 PM) (Source: MsiInstaller) (EventID: 1024) (User: User-PC) Description: Producto: Adobe Acrobat Reader DC - Español - la actualización "{AC76BA86-7AD7-0000-2550-AC0F174E6600}" no se pudo instalar. Código de error 1625. Windows Installer no puede crear registros para ayudar a solucionar problemas de instalación de paquetes de software. Use el vínculo siguiente para obtener instrucciones sobre la activación de la compatibilidad de registro: http://go.microsoft.com/fwlink/?LinkId=23127 Error: (10/21/2019 08:20:26 PM) (Source: MsiInstaller) (EventID: 1024) (User: User-PC) Description: Producto: Adobe Acrobat Reader DC - Español - la actualización "{AC76BA86-7AD7-0000-2550-AC0F174E6600}" no se pudo instalar. Código de error 1625. Windows Installer no puede crear registros para ayudar a solucionar problemas de instalación de paquetes de software. Use el vínculo siguiente para obtener instrucciones sobre la activación de la compatibilidad de registro: http://go.microsoft.com/fwlink/?LinkId=23127 Error: (10/21/2019 01:19:46 PM) (Source: MsiInstaller) (EventID: 1024) (User: User-PC) Description: Producto: Adobe Acrobat Reader DC - Español - la actualización "{AC76BA86-7AD7-0000-2550-AC0F174E6600}" no se pudo instalar. Código de error 1625. Windows Installer no puede crear registros para ayudar a solucionar problemas de instalación de paquetes de software. Use el vínculo siguiente para obtener instrucciones sobre la activación de la compatibilidad de registro: http://go.microsoft.com/fwlink/?LinkId=23127 Error: (10/21/2019 04:29:01 AM) (Source: MsiInstaller) (EventID: 1024) (User: User-PC) Description: Producto: Adobe Acrobat Reader DC - Español - la actualización "{AC76BA86-7AD7-0000-2550-AC0F174E6600}" no se pudo instalar. Código de error 1625. Windows Installer no puede crear registros para ayudar a solucionar problemas de instalación de paquetes de software. Use el vínculo siguiente para obtener instrucciones sobre la activación de la compatibilidad de registro: http://go.microsoft.com/fwlink/?LinkId=23127 Error: (10/21/2019 01:00:07 AM) (Source: MsiInstaller) (EventID: 1024) (User: User-PC) Description: Producto: Adobe Acrobat Reader DC - Español - la actualización "{AC76BA86-7AD7-0000-2550-AC0F174E6600}" no se pudo instalar. Código de error 1625. Windows Installer no puede crear registros para ayudar a solucionar problemas de instalación de paquetes de software. Use el vínculo siguiente para obtener instrucciones sobre la activación de la compatibilidad de registro: http://go.microsoft.com/fwlink/?LinkId=23127 System errors: ============= Error: (10/22/2019 01:44:30 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: Se recibió la siguiente alerta irrecuperable: 80. Error: (10/22/2019 01:44:29 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: Se recibió la siguiente alerta irrecuperable: 70. Error: (10/22/2019 01:40:28 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: Se recibió la siguiente alerta irrecuperable: 80. Error: (10/22/2019 01:40:28 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: Se recibió la siguiente alerta irrecuperable: 70. Error: (10/22/2019 01:38:17 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: Se recibió la siguiente alerta irrecuperable: 80. Error: (10/22/2019 01:38:17 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: Se recibió la siguiente alerta irrecuperable: 70. Error: (10/22/2019 01:37:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Outfox. Error: (10/22/2019 01:37:18 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY) Description: El módulo de extensibilidad de WLAN no se pudo iniciar. Ruta de acceso del módulo: C:\Windows\system32\Rtlihvs.dll Código de error: 126 Windows Defender: =================================== Date: 2019-10-18 23:54:05.529 Description: El examen de Windows Defender se detuvo antes de completarse. Id. de examen:{5BB340B4-2FC8-435C-A521-E0BF0D514FC5} Tipo de examen:AntiSpyware Parámetros de examen:Examen rápido Usuario:User-PC\User CodeIntegrity: =================================== Date: 2015-10-06 12:58:29.354 Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\sXe Injected\ddsxei.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido. Date: 2015-10-06 12:58:29.314 Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\sXe Injected\ddsxei.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido. Date: 2015-09-29 18:52:34.343 Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\sXe Injected\ddsxei.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido. Date: 2015-09-29 18:52:34.303 Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\sXe Injected\ddsxei.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido. ==================== Memory info =========================== BIOS: American Megatrends Inc. F1 08/06/2013 Motherboard: Gigabyte Technology Co., Ltd. 970A-UD3P Processor: AMD FX(tm)-8350 Eight-Core Processor Percentage of memory in use: 31% Total physical RAM: 16348.63 MB Available physical RAM: 11172.76 MB Total Virtual: 32695.46 MB Available Virtual: 26550.55 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:976.46 GB) (Free:61.57 GB) NTFS Drive d: () (Fixed) (Total:886.45 GB) (Free:433.44 GB) NTFS \\?\Volume{26f5efa5-1899-11e4-ac21-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 93A663B9) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=976.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=886.5 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================