Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I don't know what I've got on my computer...


  • This topic is locked This topic is locked
35 replies to this topic

#1 IHadABadDay

IHadABadDay

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:02:52 AM

Posted 15 March 2018 - 04:01 PM

Well, before changing to my actual Internet Company (Jazztel) I was using Vodafone's services (see I'm Spanish). You might also consider that I also ran in some virus not too long in the past but as I think they were solved. My problem starts when I see that the connection (ping, upload, download and charging pages) is slower than before. Considering that I had 300 megabytes/s with Vodafone and now I pay for 400 I don't know what is happening. I ran a full analysis with Avast! Premium last night and I think it detected nothing but the lag is incrementing, it's even hard to write this lines down as they appear slowly... 

My question is, what is happening? I have to add that I have an app for my Connection box that doesn't allow me to do the dyagnosis, it fails. I have also to tell that at random moments I just lost totally the connection. Also to mention that Avast! says that the router is not up to date and is vulnerable but it doesn't update and the admin functions don't work properly. Also and very important I don't lag with normal apps, that don't need connection... I think that's all.

Save me :(



BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,150 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:52 PM

Posted 16 March 2018 - 12:57 PM

Greetings IHadABadDay and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

Now that you have already started a topic please follow the relevant steps as outlined here. If your computer language is Spanish right click on the FRST icon after downloading it, select Rename, and rename it to FRSTenglish (or FRST64english if you have a 64 bit computer). Make sure to copy and paste both logs in your reply. If you receive an error message the content is too long simply post each report in a separate reply.

Edited by Oh My!, 16 March 2018 - 12:58 PM.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 IHadABadDay

IHadABadDay
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:02:52 AM

Posted 16 March 2018 - 02:22 PM

As it tells me that the text is too long to put it all here I have attached a file with the info. And as you asked for my first name, yes you can, I'm Dídac ;).


#4 IHadABadDay

IHadABadDay
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:02:52 AM

Posted 16 March 2018 - 02:26 PM

It's down here 

Attached Files



#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,150 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:52 PM

Posted 16 March 2018 - 04:43 PM

Please attach the actual Notepad document files.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 IHadABadDay

IHadABadDay
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:02:52 AM

Posted 17 March 2018 - 05:34 AM

There you go!

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by Dídac (administrator) on ALFA (17-03-2018 11:30:54)
Running from C:\Users\Dídac\Downloads
Loaded Profiles: Dídac (Available Profiles: Dídac)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(HUION Animation Technology Co.,ltd) C:\Huion Tablet\Huion Tablet.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Discord Inc.) C:\Users\Dídac\AppData\Local\Discord\app-0.0.300\Discord.exe
() E:\Juegos\Steam\Mortal Kombat X\steamapps\common\wallpaper_engine\wallpaper32.exe
(Spotify Ltd) C:\Users\Dídac\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Discord Inc.) C:\Users\Dídac\AppData\Local\Discord\app-0.0.300\Discord.exe
(Discord Inc.) C:\Users\Dídac\AppData\Local\Discord\app-0.0.300\Discord.exe
(Spotify Ltd) C:\Users\Dídac\AppData\Roaming\Spotify\Spotify.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser_crashreporter.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
(Spotify Ltd) C:\Users\Dídac\AppData\Roaming\Spotify\Spotify.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
() C:\Program Files\AVAST Software\Avast\AvastNM.exe
(Spotify Ltd) C:\Users\Dídac\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Dídac\AppData\Roaming\Spotify\Spotify.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Dídac\Downloads\FRST64english.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [245608 2018-03-01] (AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8843784 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [TabletDriver] => C:\Huion Tablet\Huion Tablet.exe [2821128 2017-06-26] (HUION Animation Technology Co.,ltd)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2406496 2017-06-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5885352 2017-06-29] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-15] (Valve Corporation)
HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\Run: [Discord] => C:\Users\Dídac\AppData\Local\Discord\app-0.0.300\Discord.exe [57821176 2018-01-08] (Discord Inc.)
HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\Run: [WallpaperEngine] => E:\Juegos\Steam\Mortal Kombat X\steamapps\common\wallpaper_engine\wallpaper32.exe [1348072 2017-12-17] ()
HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\Run: [Spotify Web Helper] => C:\Users\Dídac\AppData\Roaming\Spotify\SpotifyWebHelper.exe [782736 2018-03-01] (Spotify Ltd)
HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [50100160 2018-03-02] (Skype Technologies S.A.)
HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\MountPoints2: {2a4a7669-a903-11e7-baa4-74d435bb1d68} - G:\FingerPrint.exe
HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\MountPoints2: {aee757bb-b5b4-11e7-8a37-74d435bb1d68} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\MountPoints2: {ce06a66e-e73f-11e7-b539-74d435bb1d68} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\arcrepair.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\databasecompare.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\galaxyclient.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\groove.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\hamachi-2-ui.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\hirezgamesdiagandsupport.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\lync.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\mbam.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\misc.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\msoev.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\msotd.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\ocpubmgr.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\securityconfig.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\spreadsheetcompare.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\v2ibrowser.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\vproconsole_.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\winword.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
Startup: C:\Users\Dídac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2017-12-22]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Rainmeter)
Startup: C:\Users\Dídac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2017-08-26]
ShortcutTarget: Twitch.lnk -> C:\Users\Dídac\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7EB90F17-5E05-4726-87C0-7056D9784B84}: [NameServer] 77.234.40.79
Tcpip\..\Interfaces\{F452E2E8-B94F-4231-A498-12423AD9F773}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKU\S-1-5-21-1435063854-307818520-736119647-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll => No File
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2018-02-14] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-02-15] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll => No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2018-02-14] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-24] (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Arc\Plugins\ArcPluginIE.dll [2017-07-18] (Perfect World Entertainment Inc)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-02-15] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-24] (Oracle Corporation)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll No File
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll No File
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-02-14] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-02-14] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-02-14] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-02-14] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: 48xzim08.default
FF ProfilePath: C:\Users\Dídac\AppData\Roaming\Mozilla\Firefox\Profiles\48xzim08.default [2018-01-30]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_29_0_0_113.dll [2018-03-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-06-04] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_113.dll [2018-03-13] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-02-14] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll [2017-07-18] (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-06-04] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1435063854-307818520-736119647-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Dídac\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
FF Plugin HKU\S-1-5-21-1435063854-307818520-736119647-1000: torrents-time.com/TTPlugin -> C:\Program Files (x86)\TorrentsTime Media Player\bin\npTTPlugin.dll [2016-02-25] (Torrents Time)

Chrome:
=======
CHR HKU\S-1-5-21-1435063854-307818520-736119647-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-06-04] (Adobe Systems Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)
S4 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [87064 2017-07-18] (Perfect World Entertainment Inc)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7556704 2018-03-01] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [303728 2018-03-01] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [357760 2018-03-01] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7002120 2017-12-28] ()
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [7649576 2018-03-11] (AVAST Software)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-03-13] (EasyAntiCheat Ltd)
S4 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2017-05-19] (Futuremark)
S4 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [662600 2018-02-05] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8410184 2018-02-05] (GOG.com)
S4 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3418024 2017-06-29] (LogMeIn Inc.)
S4 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-09-20] (Hi-Rez Studios) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319096 2016-05-12] (Intel Corporation)
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [387144 2016-02-04] ()
S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
S4 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S3 NGS; C:\Windows\NGService.exe [2466888 2017-07-05] (NEXON Korea Corporation)
S3 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-17] (NVIDIA Corporation)
S4 Origin Client Service; E:\Juegos\80. Portables\ZX.Indice\Origin\OriginClientService.exe [2155328 2017-12-26] (Electronic Arts)
S4 Origin Web Helper Service; E:\Juegos\80. Portables\ZX.Indice\Origin\OriginWebHelperService.exe [3025224 2017-12-26] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-08-10] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2015-08-10] ()
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1282232 2018-01-19] (Bitdefender)
S4 TTService; C:\Program Files (x86)\TorrentsTime Media Player\bin\TTService.exe [3312152 2016-03-02] (TorrentsTime) [File not signed]
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
S4 GenericMount Helper Service; "C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelper.exe" [X]
S3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\3.11.266\McCHSvc.exe" [X]
S2 Norton Ghost; C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe [X]
R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem"
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService"
S3 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
S3 Symantec SymSnap VSS Provider; C:\Windows\system32\dllhost.exe /Processid:{BAC57C50-80C1-4BBB-BE1D-3DF7965F2C16}
S4 SymSnapService; "C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe" [X]
S3 WatAdminSvc; %SystemRoot%\system32\Wat\WatAdminSvc.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [39704 2017-01-09] (Windows ® Win 7 DDK provider)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [196648 2018-03-01] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [227504 2018-03-01] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199440 2018-03-01] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343752 2018-03-01] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57680 2018-03-01] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-03-01] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-09-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [146656 2018-03-01] (AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2017-07-07] (AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [619984 2018-03-01] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110328 2018-03-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84368 2018-03-01] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1026696 2018-03-01] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460520 2018-03-01] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [205976 2018-03-01] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [53904 2017-03-08] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380528 2018-03-01] (AVAST Software)
S3 ATP; C:\Windows\System32\DRIVERS\AsusTP.sys [75584 2017-01-09] (ASUS Corporation)
S3 CorsairGamingAudioService; C:\Windows\System32\DRIVERS\CorsairGamingAudioamd64.sys [123392 2016-12-11] (Corsair Components, Inc.)
R3 CorsairVBusDriver; C:\Windows\System32\DRIVERS\CorsairVBusDriver.sys [54256 2016-12-11] (Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\DRIVERS\CorsairVHidDriver.sys [29168 2016-12-11] (Corsair)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2015-01-02] (DT Soft Ltd)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2017-07-26] (Huawei Technologies Co., Ltd.)
R3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [54320 2009-09-21] (Symantec Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-03] (REALiX™)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-07-26] (Huawei Technologies Co., Ltd.) [File not signed]
S3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2014-10-23] (ASUSTeK Computer Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2015-02-14] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-11-17] (NVIDIA Corporation)
S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2014-08-08] (The OpenVPN Project) [File not signed]
S3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [52232 2017-03-13] (Razer Inc)
R3 sshid; C:\Windows\System32\DRIVERS\sshid.sys [51400 2016-05-27] (SteelSeries ApS)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [25608 2018-03-02] (SlimWare Utilities, Inc.)
R0 symsnap; C:\Windows\System32\DRIVERS\symsnap.sys [170032 2009-09-21] (StorageCraft)
S3 uvhid; C:\Windows\System32\DRIVERS\uvhid.sys [28128 2017-12-13] (Windows ® Win 7 DDK provider)
R3 vmulti; C:\Windows\System32\DRIVERS\vmulti.sys [10752 2014-09-17] (Windows ® Win 7 DDK provider)
S3 VProEventMonitor; C:\Windows\System32\DRIVERS\vproeventmonitor.sys [20528 2009-09-21] (Symantec Corporation)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2018-03-15] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2018-03-15] (Zemana Ltd.)
S3 esihdrv; \??\C:\TEMP\esihdrv.sys [X]
S0 pbtklp; System32\drivers\fbedansp.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
U2 V2iMount; no ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-16 20:25 - 2018-03-16 20:25 - 002845013 _____ C:\Users\Dídac\Downloads\BleepingComputers.pdf
2018-03-16 20:21 - 2018-03-16 20:21 - 000080956 _____ C:\Users\Dídac\Documents\BleepingComputers.odt
2018-03-16 20:14 - 2018-03-16 20:18 - 000175804 _____ C:\Users\Dídac\Downloads\Addition.txt
2018-03-16 20:12 - 2018-03-17 11:31 - 000030435 _____ C:\Users\Dídac\Downloads\FRST.txt
2018-03-16 19:59 - 2018-03-16 19:59 - 033072904 _____ (EaseUS ) C:\Users\Dídac\Downloads\drw_trial.exe
2018-03-16 19:55 - 2018-03-17 11:30 - 000000000 ____D C:\FRST
2018-03-16 19:55 - 2018-03-16 19:55 - 002403328 _____ (Farbar) C:\Users\Dídac\Downloads\FRST64english.exe
2018-03-15 22:57 - 2018-03-16 21:40 - 000000000 ____D C:\EEK
2018-03-15 22:56 - 2018-03-15 22:57 - 319574296 _____ C:\Users\Dídac\Downloads\EmsisoftEmergencyKit.exe
2018-03-15 22:21 - 2018-03-17 11:30 - 000177041 _____ C:\Windows\ZAM.krnl.trace
2018-03-15 22:21 - 2018-03-17 11:30 - 000054636 _____ C:\Windows\ZAM_Guard.krnl.trace
2018-03-15 22:21 - 2018-03-15 22:21 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2018-03-15 22:21 - 2018-03-15 22:21 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2018-03-15 22:20 - 2018-03-15 22:21 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2018-03-15 22:20 - 2018-03-15 22:20 - 006625600 _____ (Zemana Ltd. ) C:\Users\Dídac\Downloads\Zemana.AntiMalware.Setup.exe
2018-03-15 17:36 - 2018-03-15 17:36 - 000662940 _____ C:\Users\Dídac\Downloads\data_samples.zip
2018-03-14 20:58 - 2018-03-14 20:58 - 000001927 _____ C:\Users\Public\Desktop\Google Web Designer.lnk
2018-03-14 19:03 - 2018-03-14 19:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-03-14 18:49 - 2018-03-14 18:49 - 000849239 _____ C:\Users\Dídac\Downloads\PR4t_QuehihadarreredeGoogle  .pdf
2018-03-13 20:19 - 2018-03-09 04:39 - 005580992 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-03-13 20:19 - 2018-03-09 04:39 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-03-13 20:19 - 2018-03-09 04:39 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-03-13 20:19 - 2018-03-09 04:39 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-03-13 20:19 - 2018-03-09 04:39 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-03-13 20:19 - 2018-03-09 04:18 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-03-13 20:19 - 2018-03-09 04:14 - 004044992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-03-13 20:19 - 2018-03-09 04:14 - 004025536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-03-13 20:19 - 2018-03-09 04:09 - 001665336 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 001461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 03:47 - 001314064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 03:38 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-03-13 20:19 - 2018-03-09 03:38 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-03-13 20:19 - 2018-03-09 03:38 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-03-13 20:19 - 2018-03-09 03:37 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-03-13 20:19 - 2018-03-09 03:34 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-03-13 20:19 - 2018-03-09 03:34 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-03-13 20:19 - 2018-03-09 03:33 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-03-13 20:19 - 2018-03-09 03:31 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-03-13 20:19 - 2018-03-09 03:30 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-03-13 20:19 - 2018-03-09 03:30 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-03-13 20:19 - 2018-03-09 03:29 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-03-13 20:19 - 2018-03-09 03:29 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-03-13 20:19 - 2018-03-09 03:26 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-03-13 20:19 - 2018-03-09 03:22 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-03-13 20:19 - 2018-03-09 03:22 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-03-13 20:19 - 2018-03-09 03:22 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-03-13 20:19 - 2018-03-09 03:22 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-03-13 20:19 - 2018-03-09 03:22 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-03-13 20:19 - 2018-03-09 03:21 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 03:21 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 03:21 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-03-13 20:19 - 2018-03-09 03:21 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-03-13 20:19 - 2018-03-01 09:36 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-03-13 20:19 - 2018-02-22 04:28 - 000217600 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2018-03-13 20:19 - 2018-02-22 04:06 - 000134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2018-03-13 20:19 - 2018-02-18 22:34 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-03-13 20:19 - 2018-02-17 05:27 - 000395928 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-03-13 20:19 - 2018-02-17 04:36 - 000340088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-03-13 20:19 - 2018-02-16 16:51 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-03-13 20:19 - 2018-02-16 16:51 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-03-13 20:19 - 2018-02-16 16:51 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-03-13 20:19 - 2018-02-16 16:45 - 025742848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-03-13 20:19 - 2018-02-16 16:44 - 013678080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-03-13 20:19 - 2018-02-16 16:24 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-03-13 20:19 - 2018-02-16 16:24 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-03-13 20:19 - 2018-02-16 16:24 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-03-13 20:19 - 2018-02-16 16:19 - 020286976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-03-13 20:19 - 2018-02-16 15:37 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-03-13 20:19 - 2018-02-16 15:37 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-03-13 20:19 - 2018-02-15 16:15 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-03-13 20:19 - 2018-02-15 15:57 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-03-13 20:19 - 2018-02-13 19:17 - 000136384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-03-13 20:19 - 2018-02-13 19:10 - 000655872 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-03-13 20:19 - 2018-02-13 15:05 - 001994752 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-03-13 20:19 - 2018-02-13 15:05 - 001560064 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-03-13 20:19 - 2018-02-13 15:05 - 000740864 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-03-13 20:19 - 2018-02-13 15:05 - 000600576 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-03-13 20:19 - 2018-02-13 15:05 - 000451072 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-03-13 20:19 - 2018-02-13 15:05 - 000380928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-03-13 20:19 - 2018-02-13 15:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-03-13 20:19 - 2018-02-13 15:05 - 000237568 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-03-13 20:19 - 2018-02-10 19:35 - 000367296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-03-13 20:19 - 2018-02-10 19:35 - 000334528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2018-03-13 20:19 - 2018-02-10 19:35 - 000185024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2018-03-13 20:19 - 2018-02-10 19:35 - 000122560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS
2018-03-13 20:19 - 2018-02-10 19:35 - 000068288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2018-03-13 20:19 - 2018-02-10 19:35 - 000064192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS
2018-03-13 20:19 - 2018-02-10 19:35 - 000063168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2018-03-13 20:19 - 2018-02-10 19:35 - 000060608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys
2018-03-13 20:19 - 2018-02-10 19:35 - 000036032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
2018-03-13 20:19 - 2018-02-10 19:35 - 000031936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys
2018-03-13 20:19 - 2018-02-10 19:35 - 000023744 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll
2018-03-13 20:19 - 2018-02-10 19:35 - 000020160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2018-03-13 20:19 - 2018-02-10 19:35 - 000015040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys
2018-03-13 20:19 - 2018-02-10 19:35 - 000012096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys
2018-03-13 20:19 - 2018-02-10 19:23 - 002292224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2018-03-13 20:19 - 2018-02-10 19:23 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-03-13 20:19 - 2018-02-10 19:23 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\racpldlg.dll
2018-03-13 20:19 - 2018-02-10 19:11 - 003665920 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2018-03-13 20:19 - 2018-02-10 19:11 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-03-13 20:19 - 2018-02-10 19:11 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\msrahc.dll
2018-03-13 20:19 - 2018-02-10 19:11 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\racpldlg.dll
2018-03-13 20:19 - 2018-02-10 18:55 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-03-13 20:19 - 2018-02-10 18:55 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-03-13 20:19 - 2018-02-10 18:40 - 002901504 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-03-13 20:19 - 2018-02-10 18:40 - 000577536 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-03-13 20:19 - 2018-02-10 18:40 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-03-13 20:19 - 2018-02-10 18:40 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-03-13 20:19 - 2018-02-10 18:40 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-03-13 20:19 - 2018-02-10 18:37 - 005779968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-03-13 20:19 - 2018-02-10 18:36 - 000108032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msra.exe
2018-03-13 20:19 - 2018-02-10 18:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdchange.exe
2018-03-13 20:19 - 2018-02-10 18:36 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsraLegacy.tlb
2018-03-13 20:19 - 2018-02-10 18:32 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-03-13 20:19 - 2018-02-10 18:31 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-03-13 20:19 - 2018-02-10 18:29 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-03-13 20:19 - 2018-02-10 18:28 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-03-13 20:19 - 2018-02-10 18:28 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-03-13 20:19 - 2018-02-10 18:27 - 000817152 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-03-13 20:19 - 2018-02-10 18:27 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-03-13 20:19 - 2018-02-10 18:26 - 000653312 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2018-03-13 20:19 - 2018-02-10 18:26 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\sdchange.exe
2018-03-13 20:19 - 2018-02-10 18:25 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys
2018-03-13 20:19 - 2018-02-10 18:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys
2018-03-13 20:19 - 2018-02-10 18:25 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb
2018-03-13 20:19 - 2018-02-10 18:22 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-03-13 20:19 - 2018-02-10 18:20 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-03-13 20:19 - 2018-02-10 18:10 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-03-13 20:19 - 2018-02-10 18:10 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-03-13 20:19 - 2018-02-10 18:10 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-03-13 20:19 - 2018-02-10 18:09 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-03-13 20:19 - 2018-02-10 18:09 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-03-13 20:19 - 2018-02-10 18:09 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-03-13 20:19 - 2018-02-10 18:09 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-03-13 20:19 - 2018-02-10 18:06 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-03-13 20:19 - 2018-02-10 18:06 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-03-13 20:19 - 2018-02-10 18:03 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-03-13 20:19 - 2018-02-10 18:03 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-03-13 20:19 - 2018-02-10 18:01 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-03-13 20:19 - 2018-02-10 18:01 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-03-13 20:19 - 2018-02-10 18:00 - 000661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-03-13 20:19 - 2018-02-10 18:00 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-03-13 20:19 - 2018-02-10 18:00 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-03-13 20:19 - 2018-02-10 17:57 - 015281664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-03-13 20:19 - 2018-02-10 17:52 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-03-13 20:19 - 2018-02-10 17:50 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-03-13 20:19 - 2018-02-10 17:50 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-03-13 20:19 - 2018-02-10 17:47 - 002134016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-03-13 20:19 - 2018-02-10 17:47 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-03-13 20:19 - 2018-02-10 17:47 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-03-13 20:19 - 2018-02-10 17:47 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-03-13 20:19 - 2018-02-10 17:46 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-03-13 20:19 - 2018-02-10 17:44 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-03-13 20:19 - 2018-02-10 17:41 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-03-13 20:19 - 2018-02-10 17:40 - 004496384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-03-13 20:19 - 2018-02-10 17:35 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-03-13 20:19 - 2018-02-10 17:34 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-03-13 20:19 - 2018-02-10 17:33 - 002058240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-03-13 20:19 - 2018-02-10 17:33 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-03-13 20:19 - 2018-02-10 17:23 - 001545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-03-13 20:19 - 2018-02-10 17:12 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-03-13 20:19 - 2018-02-10 17:11 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-03-13 20:19 - 2018-02-10 17:09 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-03-13 20:19 - 2018-02-02 19:40 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-03-13 20:19 - 2018-02-02 19:29 - 002365952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-03-13 20:19 - 2018-02-02 19:29 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2018-03-13 20:19 - 2018-02-02 19:29 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2018-03-13 20:19 - 2018-02-02 19:28 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-03-13 20:19 - 2018-02-02 19:16 - 003246080 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-03-13 20:19 - 2018-02-02 19:16 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-03-13 20:19 - 2018-02-02 19:16 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-03-13 20:19 - 2018-02-02 19:14 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-03-13 20:19 - 2018-02-02 19:14 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-03-13 20:19 - 2018-02-02 18:46 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-03-13 20:19 - 2018-02-02 18:36 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-03-13 20:19 - 2018-01-15 20:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-03-13 20:19 - 2018-01-15 20:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-03-13 20:19 - 2018-01-12 17:40 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2018-03-13 20:19 - 2018-01-12 17:26 - 000308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2018-03-13 17:52 - 2018-03-16 23:02 - 000004484 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-03-13 17:33 - 2018-03-17 11:08 - 000003648 _____ C:\Windows\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2018-03-13 17:31 - 2018-03-13 17:32 - 000000000 ____D C:\Program Files\Bitdefender Agent
2018-03-13 17:30 - 2018-03-13 17:30 - 011145008 _____ C:\Users\Dídac\Downloads\bitdefender_windows_e1458f9e-58f5-432c-a5d5-6597a943d9d5.exe
2018-03-12 22:43 - 2018-03-12 22:43 - 000677685 _____ C:\Users\Dídac\Downloads\Cosas que potser no son tan certes....pdf
2018-03-04 22:13 - 2018-03-04 22:13 - 001143451 _____ C:\Users\Dídac\Downloads\ACUSACIONES.pdf
2018-03-04 12:11 - 2018-03-04 12:11 - 000013912 _____ C:\Users\Dídac\Downloads\DocumentManagement.svg
2018-03-04 12:05 - 2018-03-04 12:05 - 000557798 _____ C:\Users\Dídac\Downloads\How to Pull Offbelow-the-line campaigns.pdf
2018-03-03 14:01 - 2018-03-03 14:01 - 000059701 _____ C:\Users\Dídac\Downloads\1c97ea618eb754f65b340faaebd1862dd1d0fc80.jpeg
2018-03-03 11:24 - 2018-03-03 11:24 - 000250264 _____ C:\Users\Dídac\Downloads\___soonex_clock___free____by_aidendrew-d8hlt4p (1).rmskin
2018-03-03 11:23 - 2018-03-03 11:23 - 000250264 _____ C:\Users\Dídac\Downloads\___soonex_clock___free____by_aidendrew-d8hlt4p.rmskin
2018-03-02 13:38 - 2018-01-12 17:44 - 001894120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-03-02 13:38 - 2018-01-12 17:44 - 000377064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-03-02 13:38 - 2018-01-12 17:44 - 000371432 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2018-03-02 13:38 - 2018-01-12 17:44 - 000287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-03-02 13:38 - 2018-01-12 17:40 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-03-02 13:38 - 2018-01-12 17:27 - 004834816 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2018-03-02 13:38 - 2018-01-12 17:26 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-03-02 13:38 - 2018-01-12 17:16 - 003405824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2018-03-02 13:38 - 2018-01-12 17:16 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2018-03-02 13:38 - 2018-01-12 17:16 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2018-03-02 13:38 - 2018-01-12 17:15 - 000032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-03-02 13:38 - 2018-01-11 17:41 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2018-03-02 13:38 - 2018-01-11 17:22 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2018-03-02 13:38 - 2018-01-05 17:31 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-03-02 13:38 - 2018-01-05 17:31 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-03-02 13:38 - 2018-01-05 17:30 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-03-02 13:38 - 2018-01-05 17:30 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-03-02 13:38 - 2018-01-05 17:30 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-03-02 13:38 - 2018-01-05 17:25 - 000383720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-03-02 13:38 - 2018-01-05 17:14 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-03-02 13:38 - 2018-01-05 17:11 - 000111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-03-02 13:38 - 2018-01-05 17:11 - 000071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-03-02 13:38 - 2018-01-05 17:11 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-03-02 13:38 - 2018-01-05 17:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-03-02 13:38 - 2018-01-05 16:50 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-03-02 13:38 - 2018-01-01 03:21 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-03-02 13:38 - 2018-01-01 03:21 - 000948968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-03-02 13:38 - 2018-01-01 03:21 - 000288488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2018-03-02 13:38 - 2018-01-01 03:21 - 000213736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2018-03-02 13:38 - 2018-01-01 03:18 - 014183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 002066432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 002004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 001741312 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 001361408 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000961024 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2018-03-02 13:38 - 2018-01-01 03:18 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000705024 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2018-03-02 13:38 - 2018-01-01 03:18 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000439296 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000366592 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2018-03-02 13:38 - 2018-01-01 03:18 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000264704 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2018-03-02 13:38 - 2018-01-01 03:18 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\vmicres.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistHttpTrans.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2018-03-02 13:38 - 2018-01-01 03:18 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\traffic.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\wshqos.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wshnetbs.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-03-02 13:38 - 2018-01-01 03:18 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-03-02 13:38 - 2018-01-01 03:04 - 000559616 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2018-03-02 13:38 - 2018-01-01 03:00 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-03-02 13:38 - 2018-01-01 03:00 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-03-02 13:38 - 2018-01-01 03:00 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-03-02 13:38 - 2018-01-01 03:00 - 001390080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-03-02 13:38 - 2018-01-01 03:00 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-03-02 13:38 - 2018-01-01 03:00 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2018-03-02 13:38 - 2018-01-01 03:00 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-03-02 13:38 - 2018-01-01 03:00 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2018-03-02 13:38 - 2018-01-01 03:00 - 000304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2018-03-02 13:38 - 2018-01-01 03:00 - 000276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2018-03-02 13:38 - 2018-01-01 03:00 - 000217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
2018-03-02 13:38 - 2018-01-01 03:00 - 000216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2018-03-02 13:38 - 2018-01-01 03:00 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2018-03-02 13:38 - 2018-01-01 03:00 - 000139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDist.dll
2018-03-02 13:38 - 2018-01-01 03:00 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2018-03-02 13:38 - 2018-01-01 03:00 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2018-03-02 13:38 - 2018-01-01 03:00 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2018-03-02 13:38 - 2018-01-01 03:00 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2018-03-02 13:38 - 2018-01-01 03:00 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2018-03-02 13:38 - 2018-01-01 03:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2018-03-02 13:38 - 2018-01-01 03:00 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\traffic.dll
2018-03-02 13:38 - 2018-01-01 03:00 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2018-03-02 13:38 - 2018-01-01 03:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-03-02 13:38 - 2018-01-01 02:59 - 000309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-03-02 13:38 - 2018-01-01 02:55 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2018-03-02 13:38 - 2018-01-01 02:55 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2018-03-02 13:38 - 2018-01-01 02:55 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2018-03-02 13:38 - 2018-01-01 02:55 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
2018-03-02 13:38 - 2018-01-01 02:55 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2018-03-02 13:38 - 2018-01-01 02:54 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-03-02 13:38 - 2018-01-01 02:50 - 000455680 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2018-03-02 13:38 - 2018-01-01 02:47 - 000244224 _____ (Microsoft Corporation) C:\Windows\system32\vmicsvc.exe
2018-03-02 13:38 - 2018-01-01 02:46 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\IcCoinstall.dll
2018-03-02 13:38 - 2018-01-01 02:46 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
2018-03-02 13:38 - 2018-01-01 02:43 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2018-03-02 13:38 - 2018-01-01 02:43 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2018-03-02 13:38 - 2018-01-01 02:43 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2018-03-02 13:38 - 2018-01-01 02:43 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2018-03-02 13:38 - 2018-01-01 02:43 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapPeerProxy.dll
2018-03-02 13:38 - 2018-01-01 02:43 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapAuthProxy.dll
2018-03-02 13:38 - 2018-01-01 02:43 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2018-03-02 13:38 - 2018-01-01 02:43 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshqos.dll
2018-03-02 13:38 - 2018-01-01 02:42 - 000460288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2018-03-02 13:38 - 2018-01-01 02:42 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-03-02 13:38 - 2018-01-01 02:42 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-03-02 13:38 - 2018-01-01 02:41 - 000754176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2018-03-02 13:38 - 2018-01-01 02:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-03-02 13:38 - 2018-01-01 02:41 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2018-03-02 13:38 - 2017-12-05 18:36 - 001484288 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2018-03-02 13:38 - 2017-12-05 18:36 - 000625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2018-03-02 13:38 - 2017-12-05 18:36 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2018-03-02 13:38 - 2017-12-05 18:36 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2018-03-02 13:38 - 2017-12-05 18:36 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2018-03-02 13:38 - 2017-12-05 18:36 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2018-03-02 13:38 - 2017-12-05 18:36 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2018-03-02 13:38 - 2017-12-05 18:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2018-03-02 13:38 - 2017-12-05 18:08 - 001176576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2018-03-02 13:38 - 2017-12-05 18:08 - 000481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2018-03-02 13:38 - 2017-12-05 18:08 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2018-03-02 13:38 - 2017-12-05 18:08 - 000179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2018-03-02 13:38 - 2017-12-05 18:08 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2018-03-02 13:38 - 2017-12-05 18:08 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2018-03-02 13:38 - 2017-12-05 17:04 - 000404992 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2018-03-02 13:38 - 2017-12-05 16:49 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2018-03-02 13:38 - 2017-11-04 16:31 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-03-02 13:38 - 2017-11-04 16:31 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-03-02 13:38 - 2017-11-04 16:10 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2018-03-02 13:38 - 2017-11-04 16:10 - 000142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-03-02 13:38 - 2017-11-02 17:55 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2018-03-02 13:38 - 2017-11-02 17:55 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll
2018-03-02 13:38 - 2017-11-02 17:55 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2018-03-02 13:38 - 2017-11-02 17:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll
2018-03-02 13:38 - 2017-11-02 16:11 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2018-03-02 13:38 - 2017-11-02 16:11 - 000115200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtm.dll
2018-03-02 13:38 - 2017-11-02 16:11 - 000075264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprdim.dll
2018-03-02 13:38 - 2017-11-02 15:56 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtprio.dll
2018-03-02 13:38 - 2017-10-17 00:04 - 001001984 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2018-03-02 13:38 - 2017-10-16 23:46 - 000953344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2018-03-02 13:38 - 2017-10-12 01:20 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2018-03-02 08:36 - 2018-03-11 20:38 - 000001306 _____ C:\Users\Public\Desktop\Skype.lnk
2018-03-02 08:25 - 2018-03-14 15:48 - 000495592 _____ C:\Windows\system32\FNTCACHE.DAT
2018-03-01 21:31 - 2018-03-17 11:11 - 000676492 _____ C:\Windows\system32\perfh00E.dat
2018-03-01 21:31 - 2018-03-17 11:11 - 000172076 _____ C:\Windows\system32\perfc00E.dat
2018-03-01 21:31 - 2018-03-01 21:31 - 000000000 ____D C:\Windows\SysWOW64\hu
2018-03-01 21:31 - 2018-03-01 21:31 - 000000000 ____D C:\Windows\system32\hu
2018-03-01 21:31 - 2018-03-01 21:30 - 000287518 _____ C:\Windows\system32\perfi00E.dat
2018-03-01 21:31 - 2018-03-01 21:30 - 000048094 _____ C:\Windows\system32\perfd00E.dat
2018-03-01 21:19 - 2018-03-01 21:19 - 000745079 _____ C:\Users\Dídac\Downloads\AlphaConsole.zip
2018-03-01 21:10 - 2018-03-17 11:11 - 000385082 _____ C:\Windows\system32\perfh00D.dat
2018-03-01 21:10 - 2018-03-17 11:11 - 000085560 _____ C:\Windows\system32\perfc00D.dat
2018-03-01 21:10 - 2018-03-01 21:10 - 000229316 _____ C:\Windows\system32\perfi00D.dat
2018-03-01 21:10 - 2018-03-01 21:10 - 000032166 _____ C:\Windows\system32\perfd00D.dat
2018-03-01 21:10 - 2018-03-01 21:10 - 000000000 ____D C:\Windows\SysWOW64\he
2018-03-01 21:10 - 2018-03-01 21:10 - 000000000 ____D C:\Windows\system32\he
2018-03-01 20:54 - 2018-03-17 11:11 - 000732784 _____ C:\Windows\system32\perfh010.dat
2018-03-01 20:54 - 2018-03-17 11:11 - 000147648 _____ C:\Windows\system32\perfc010.dat
2018-03-01 20:54 - 2018-03-01 20:53 - 000335478 _____ C:\Windows\system32\perfi010.dat
2018-03-01 20:54 - 2018-03-01 20:53 - 000037534 _____ C:\Windows\system32\perfd010.dat
2018-03-01 20:53 - 2018-03-01 20:53 - 000000000 ____D C:\Windows\SysWOW64\it
2018-03-01 20:53 - 2018-03-01 20:53 - 000000000 ____D C:\Windows\SysWOW64\0410
2018-03-01 20:53 - 2018-03-01 20:53 - 000000000 ____D C:\Windows\system32\it
2018-03-01 20:53 - 2018-03-01 20:53 - 000000000 ____D C:\Windows\system32\0410
2018-03-01 18:09 - 2018-03-17 11:11 - 000683362 _____ C:\Windows\system32\perfh00C.dat
2018-03-01 18:09 - 2018-03-17 11:11 - 000471752 _____ C:\Windows\system32\perfh001.dat
2018-03-01 18:09 - 2018-03-17 11:11 - 000131034 _____ C:\Windows\system32\perfc00C.dat
2018-03-01 18:09 - 2018-03-17 11:11 - 000095574 _____ C:\Windows\system32\perfc001.dat
2018-03-01 18:09 - 2018-03-01 18:08 - 000344522 _____ C:\Windows\system32\perfi00C.dat
2018-03-01 18:09 - 2018-03-01 18:08 - 000289060 _____ C:\Windows\system32\perfi001.dat
2018-03-01 18:09 - 2018-03-01 18:08 - 000042056 _____ C:\Windows\system32\perfd001.dat
2018-03-01 18:09 - 2018-03-01 18:08 - 000038160 _____ C:\Windows\system32\perfd00C.dat
2018-03-01 18:08 - 2018-03-01 18:08 - 000000000 ____D C:\Windows\SysWOW64\fr
2018-03-01 18:08 - 2018-03-01 18:08 - 000000000 ____D C:\Windows\SysWOW64\ar
2018-03-01 18:08 - 2018-03-01 18:08 - 000000000 ____D C:\Windows\SysWOW64\040C
2018-03-01 18:08 - 2018-03-01 18:08 - 000000000 ____D C:\Windows\system32\fr
2018-03-01 18:08 - 2018-03-01 18:08 - 000000000 ____D C:\Windows\system32\ar
2018-03-01 18:08 - 2018-03-01 18:08 - 000000000 ____D C:\Windows\system32\040C
2018-03-01 18:00 - 2018-03-01 18:00 - 000000000 ____D C:\Windows\SysWOW64\0409
2018-03-01 18:00 - 2018-03-01 18:00 - 000000000 ____D C:\Windows\system32\0409
2018-03-01 17:55 - 2018-03-17 11:11 - 000689946 _____ C:\Windows\system32\perfh007.dat
2018-03-01 17:55 - 2018-03-17 11:11 - 000149918 _____ C:\Windows\system32\perfc007.dat
2018-03-01 17:55 - 2018-03-01 21:30 - 000000000 ____D C:\Program Files\Windows Journal
2018-03-01 17:55 - 2018-03-01 17:55 - 000000000 ____D C:\Windows\SysWOW64\de
2018-03-01 17:55 - 2018-03-01 17:55 - 000000000 ____D C:\Windows\SysWOW64\0407
2018-03-01 17:55 - 2018-03-01 17:55 - 000000000 ____D C:\Windows\system32\de
2018-03-01 17:55 - 2018-03-01 17:55 - 000000000 ____D C:\Windows\system32\0407
2018-03-01 17:55 - 2018-03-01 17:54 - 000295922 _____ C:\Windows\system32\perfi007.dat
2018-03-01 17:55 - 2018-03-01 17:54 - 000038104 _____ C:\Windows\system32\perfd007.dat
2018-03-01 17:29 - 2017-07-19 01:37 - 040239736 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2018-03-01 17:29 - 2017-07-19 01:37 - 035803256 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2018-03-01 17:29 - 2017-07-19 01:37 - 035314296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-03-01 17:29 - 2017-07-19 01:37 - 028928120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2018-03-01 17:29 - 2017-07-19 01:37 - 017808120 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2018-03-01 17:29 - 2017-07-19 01:37 - 015482488 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2018-03-01 17:29 - 2017-07-19 01:37 - 013655672 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-03-01 17:29 - 2017-07-19 01:37 - 012451608 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2018-03-01 17:29 - 2017-07-19 01:37 - 012133112 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2018-03-01 17:29 - 2017-07-19 01:37 - 011591392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-03-01 17:29 - 2017-07-19 01:37 - 010487760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2018-03-01 17:29 - 2017-07-19 01:37 - 009982968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2018-03-01 17:29 - 2017-07-19 01:37 - 003803768 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-03-01 17:29 - 2017-07-19 01:37 - 003359168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-03-01 17:29 - 2017-07-19 01:37 - 001988216 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438494.dll
2018-03-01 17:29 - 2017-07-19 01:37 - 001598072 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438494.dll
2018-03-01 17:29 - 2017-07-19 01:37 - 001067640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2018-03-01 17:29 - 2017-07-19 01:37 - 001005176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-03-01 17:29 - 2017-07-19 01:37 - 000972920 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2018-03-01 17:29 - 2017-07-19 01:37 - 000924280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-03-01 17:29 - 2017-07-19 01:37 - 000689992 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2018-03-01 17:29 - 2017-07-19 01:37 - 000609912 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-03-01 17:29 - 2017-07-19 01:37 - 000578056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2018-03-01 17:29 - 2017-07-19 01:37 - 000512856 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2018-03-01 17:29 - 2017-07-19 01:37 - 000499320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2018-03-01 17:29 - 2017-07-19 01:37 - 000491536 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2018-03-01 17:29 - 2017-07-19 01:37 - 000429920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2018-03-01 17:29 - 2017-07-19 01:37 - 000407064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2018-03-01 17:29 - 2017-07-19 01:37 - 000171384 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2018-03-01 17:29 - 2017-07-19 01:37 - 000154208 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2018-03-01 17:29 - 2017-07-19 01:37 - 000149224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2018-03-01 17:29 - 2017-07-19 01:37 - 000132072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2018-03-01 17:29 - 2017-07-19 01:37 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2018-03-01 17:29 - 2017-07-19 01:37 - 000000669 _____ C:\Windows\system32\nv-vk64.json
2018-03-01 17:27 - 2018-03-01 17:27 - 000000000 ____D C:\NVIDIA
2018-03-01 17:05 - 2018-03-01 17:05 - 000380768 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-02-18 00:14 - 2018-03-01 17:37 - 000000000 ____D C:\Users\Dídac\Downloads\wordpress
2018-02-17 18:53 - 2018-02-17 18:53 - 000000000 ____D C:\Users\Dídac\Documents\Didacticus
2018-02-17 18:52 - 2018-03-16 23:02 - 000003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-02-17 18:52 - 2018-03-16 23:02 - 000003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-02-17 18:52 - 2018-02-17 18:52 - 000000000 ____D C:\Users\Dídac\Documents\Google Web Designer
2018-02-17 18:52 - 2018-02-17 18:52 - 000000000 ____D C:\Program Files\Google

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-17 11:31 - 2014-12-31 20:09 - 000000000 ____D C:\TEMP
2018-03-17 11:11 - 2009-07-14 10:31 - 000176270 _____ C:\Windows\system32\perfh00A.dat
2018-03-17 11:11 - 2009-07-14 10:31 - 000051660 _____ C:\Windows\system32\perfc00A.dat
2018-03-17 11:11 - 2009-07-14 06:13 - 004656284 _____ C:\Windows\system32\PerfStringBackup.INI
2018-03-17 11:11 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-03-17 11:08 - 2015-01-02 14:38 - 000000000 ____D C:\Users\Dídac\AppData\Roaming\Spotify
2018-03-17 11:06 - 2016-08-26 19:02 - 000000000 ____D C:\Program Files (x86)\Steam
2018-03-17 11:06 - 2016-08-25 19:12 - 000000000 __SHD C:\Users\Dídac\IntelGraphicsProfiles
2018-03-17 11:05 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-03-17 01:54 - 2009-07-14 05:45 - 000014544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-03-17 01:54 - 2009-07-14 05:45 - 000014544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-03-16 23:02 - 2016-07-25 16:54 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-03-16 18:53 - 2017-07-31 19:31 - 000000033 _____ C:\Users\Dídac\AppData\Roaming\AdobeWLCMCache.dat
2018-03-16 17:40 - 2016-12-15 17:10 - 000000000 ____D C:\Users\Dídac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-03-15 23:05 - 2018-01-24 16:00 - 000000000 _RSHD C:\Users\Dídac\AppData\Roaming\AdobeUpdate
2018-03-15 22:21 - 2015-01-02 12:15 - 000000000 ____D C:\Users\Dídac
2018-03-15 19:16 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2018-03-15 18:00 - 2017-09-13 20:17 - 000000000 ____D C:\Users\Dídac\AppData\Roaming\laverna
2018-03-15 17:59 - 2016-09-01 09:10 - 000000000 ____D C:\Program Files (x86)\Minecraft
2018-03-15 17:59 - 2016-08-26 11:05 - 000000000 ____D C:\Users\Dídac\AppData\Roaming\.minecraft
2018-03-15 09:18 - 2017-08-21 21:07 - 000000000 ____D C:\Windows\rescache
2018-03-14 19:03 - 2009-07-14 03:34 - 000000478 _____ C:\Windows\win.ini
2018-03-14 15:47 - 2015-01-02 12:51 - 000000000 ____D C:\Windows\system32\appraiser
2018-03-14 15:47 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2018-03-13 23:11 - 2015-01-02 12:47 - 000000000 ____D C:\Windows\system32\MRT
2018-03-13 23:09 - 2017-10-11 17:33 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-03-13 23:09 - 2015-01-02 12:47 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-03-13 17:52 - 2016-06-13 20:13 - 000804352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-03-13 17:52 - 2016-06-13 20:13 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-03-13 17:52 - 2016-06-13 20:13 - 000004322 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-03-13 17:52 - 2015-01-02 13:08 - 000000000 ____D C:\Windows\system32\Macromed
2018-03-13 17:51 - 2015-01-02 13:08 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-03-12 19:35 - 2016-09-09 08:24 - 000000000 ____D C:\Users\Dídac\AppData\Roaming\discord
2018-03-11 20:35 - 2016-08-25 19:12 - 000000000 ____D C:\Users\Dídac\AppData\Roaming\Skype
2018-03-05 17:22 - 2017-07-18 15:04 - 000000000 ___SD C:\Users\Dídac\Creative Cloud Files
2018-03-04 12:21 - 2016-09-18 19:29 - 000274742 _____ C:\Users\Dídac\Documents\Portada.odt
2018-03-02 23:57 - 2017-10-04 14:37 - 000025608 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2018-03-02 13:44 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Setup
2018-03-02 13:44 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Setup
2018-03-02 08:37 - 2017-12-21 17:29 - 000001066 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-03-01 23:21 - 2016-11-27 19:27 - 004509222 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-03-01 21:31 - 2009-07-14 10:30 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer
2018-03-01 21:31 - 2009-07-14 10:30 - 000000000 ____D C:\Windows\SysWOW64\winrm
2018-03-01 21:31 - 2009-07-14 10:30 - 000000000 ____D C:\Windows\SysWOW64\WCN
2018-03-01 21:31 - 2009-07-14 10:30 - 000000000 ____D C:\Windows\SysWOW64\slmgr
2018-03-01 21:31 - 2009-07-14 10:30 - 000000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2018-03-01 21:31 - 2009-07-14 10:30 - 000000000 ____D C:\Windows\system32\winrm
2018-03-01 21:31 - 2009-07-14 10:30 - 000000000 ____D C:\Windows\system32\WCN
2018-03-01 21:31 - 2009-07-14 10:30 - 000000000 ____D C:\Windows\system32\slmgr
2018-03-01 21:31 - 2009-07-14 10:30 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2018-03-01 21:31 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files (x86)\Windows Sidebar
2018-03-01 21:31 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-03-01 21:31 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-03-01 21:31 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\MUI
2018-03-01 21:31 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\migwiz
2018-03-01 21:31 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2018-03-01 21:31 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\com
2018-03-01 21:31 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\sysprep
2018-03-01 21:31 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\oobe
2018-03-01 21:31 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\MUI
2018-03-01 21:31 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\migwiz
2018-03-01 21:31 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Dism
2018-03-01 21:31 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\servicing
2018-03-01 21:31 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\IME
2018-03-01 21:30 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\Windows Sidebar
2018-03-01 21:30 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-03-01 21:30 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\Windows Defender
2018-03-01 21:30 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\DVD Maker
2018-03-01 21:30 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\com
2018-03-01 21:30 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\System
2018-03-01 20:53 - 2009-07-14 10:30 - 000000000 ____D C:\Windows\SysWOW64\sysprep
2018-03-01 20:53 - 2009-07-14 06:37 - 000000000 ____D C:\Windows\DigitalLocker
2018-03-01 20:53 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2018-03-01 20:53 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\oobe
2018-03-01 17:37 - 2018-02-08 16:55 - 000000000 ____D C:\Users\Dídac\Downloads\Drive Fotos Drops
2018-03-01 17:30 - 2015-01-02 12:45 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-03-01 17:05 - 2017-11-17 15:48 - 000196648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-03-01 17:05 - 2017-03-08 19:49 - 000619984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2018-03-01 17:05 - 2017-03-08 19:40 - 001026696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-03-01 17:05 - 2017-03-08 19:40 - 000460520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-03-01 17:05 - 2017-03-08 19:40 - 000380528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-03-01 17:05 - 2017-03-08 19:40 - 000343752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-03-01 17:05 - 2017-03-08 19:40 - 000227504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-03-01 17:05 - 2017-03-08 19:40 - 000205976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-03-01 17:05 - 2017-03-08 19:40 - 000199440 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-03-01 17:05 - 2017-03-08 19:40 - 000146656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-03-01 17:05 - 2017-03-08 19:40 - 000110328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-03-01 17:05 - 2017-03-08 19:40 - 000084368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-03-01 17:05 - 2017-03-08 19:40 - 000057680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-03-01 17:05 - 2017-03-08 19:40 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-03-01 17:05 - 2017-03-08 19:40 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-02-28 19:29 - 2017-02-14 21:11 - 000000000 ____D C:\Users\Dídac\AppData\Roaming\EasyAntiCheat
2018-02-26 19:17 - 2016-09-18 19:31 - 000270703 _____ C:\Users\Dídac\Documents\Índice.odt
2018-02-22 04:46 - 2018-02-08 00:29 - 000000000 ____D C:\Users\Dídac\Downloads\AlphaConsole
2018-02-19 18:37 - 2017-11-17 15:49 - 000004194 _____ C:\Windows\System32\Tasks\Avast TUNEUP Update
2018-02-18 23:19 - 2017-08-26 13:02 - 000000000 ____D C:\Users\Dídac\AppData\Roaming\Twitch
2018-02-17 22:50 - 2016-10-15 12:20 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-02-17 18:52 - 2015-01-02 15:45 - 000000000 ____D C:\Program Files (x86)\Google
2018-02-15 14:55 - 2009-07-14 06:08 - 000032534 _____ C:\Windows\Tasks\SCHEDLGU.TXT

==================== Files in the root of some directories =======

2017-07-31 19:31 - 2018-03-16 18:53 - 000000033 _____ () C:\Users\Dídac\AppData\Roaming\AdobeWLCMCache.dat
2017-09-04 16:34 - 2017-09-05 13:08 - 000000028 _____ () C:\Users\Dídac\AppData\Roaming\kulerdata.json
2017-01-04 14:49 - 2017-06-12 17:45 - 000008782 _____ () C:\Users\Dídac\AppData\Roaming\SpeedRunnersLog.txt
2017-07-16 22:44 - 2017-07-16 22:44 - 000000218 _____ () C:\Users\Dídac\AppData\Local\recently-used.xbel

Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\lastpass_1337.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-03-13 15:22

==================== End of FRST.txt ============================

Attached Files


Edited by Oh My!, 17 March 2018 - 07:03 PM.


#7 IHadABadDay

IHadABadDay
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:02:52 AM

Posted 17 March 2018 - 05:46 AM

May I add my thoughts? - Because I think that it overheats very fast and that's why... But I neither know how to solve it, I don't work more than with my Vodafone router...



#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,150 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:52 PM

Posted 17 March 2018 - 06:02 PM

Greetings.
 

If your computer language is Spanish right click on the FRST icon after downloading it, select Rename, and rename it to FRSTenglish (or FRST64english if you have a 64 bit computer).

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 IHadABadDay

IHadABadDay
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:02:52 AM

Posted 17 March 2018 - 06:35 PM

I did! But I think it didn't work.

I can translate anything if you please.

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Dídac (17-03-2018 11:31:17)
Running from C:\Users\Dídac\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2015-01-02 11:15:08)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1435063854-307818520-736119647-500 - Administrator - Disabled)
Dídac (S-1-5-21-1435063854-307818520-736119647-1000 - Administrator - Enabled) => C:\Users\Dídac
HomeGroupUser$ (S-1-5-21-1435063854-307818520-736119647-1002 - Limited - Enabled)
Invitado (S-1-5-21-1435063854-307818520-736119647-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark (HKLM\...\{139D7147-6175-4398-88D3-E8C3A4A13DFF}) (Version: 2.3.3732.0 - Futuremark) Hidden
3DMark (HKLM-x32\...\{3c2496ac-4fcf-49c9-aac4-7fc4b9cdbb71}) (Version: 2.3.3732.0 - Futuremark)
7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
7-Zip 18.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1801-000001000000}) (Version: 18.01.00.0 - Igor Pavlov)
Actualización de NVIDIA 2.13.0.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.13.0.21 - NVIDIA Corporation) Hidden
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe After Effects CC 2017 (HKLM-x32\...\AEFT_14_2_1) (Version: 14.2.1 - Adobe Systems Incorporated)
Adobe Animate CC 2017 (HKLM-x32\...\FLPR_16_5_1) (Version: 16.5.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.1.1.202 - Adobe Systems Incorporated)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.113 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_1_0) (Version: 21.1.0 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2017 (HKLM-x32\...\AME_11_1_2) (Version: 11.1.2 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.50.1224 Beta 1, 31.01.2013 - AIMP DevTeam)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.8 - Sereby Corporation)
AlphaGo (HKLM-x32\...\{B7CB7055-EFAE-4CD2-928A-15DB5F4FF7C7}) (Version: 1.2.5 - AlphaGo) <==== ATTENTION
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 375.95 - NVIDIA Corporation) Hidden
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{981F324E-98F4-4784-B76F-04E92039F3F6}) (Version: 5.2.60328.3 - Microsoft Corporation)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
Atom (HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\atom) (Version: 1.17.1 - GitHub Inc.)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 17.3.4228 - AVAST Software)
Avast Driver Updater (HKLM-x32\...\{06E0CADE-89B2-4EFD-B0AF-0DDCE4400E70}) (Version: 2.2.3 - AVAST Software) Hidden
Avast Driver Updater (HKLM-x32\...\Avast Driver Updater) (Version: 2.2.3 - AVAST Software)
Avast Premier (HKLM-x32\...\Avast Antivirus) (Version: 18.2.2328 - AVAST Software)
Azure AD Authentication Connected Service (HKLM-x32\...\{3FEAC561-1CF6-41D6-B0F3-BECDD9C88A1B}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (HKLM-x32\...\{1E5CA362-39B6-4BD0-B9C0-69CF15F0FEA2}) (Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.50.17863 - Electronic Arts)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 22.0.10.78 - Bitdefender)
Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Broforce (HKLM-x32\...\Broforce_is1) (Version:  - )
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 5.2.0 - Canon Inc.)
Canon MG3600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3600_series) (Version: 1.00 - Canon Inc.)
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version:  - )
Cities Skylines After Dark (HKLM-x32\...\Cities Skylines After Dark_is1) (Version:  - )
Corsair Utility Engine (HKLM-x32\...\{F646F9C9-ABAF-479B-850F-C08F2DEA39BE}) (Version: 2.8.70 - Corsair)
CurveFever version v0.5.2p1 (HKLM-x32\...\{BB93318E-F11A-484C-8629-BCFC5D47914D}_is1) (Version: v0.5.2p1 - Curve Fever)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0315 - DT Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Deluge 1.3.15 (HKLM-x32\...\Deluge) (Version:  - )
Destiny 2 (HKLM-x32\...\Destiny 2) (Version:  - Blizzard Entertainment)
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
Discord (HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\Discord) (Version: 0.0.300 - Discord Inc.)
Dotfuscator and Analytics Community Edition 5.19.1 (HKLM-x32\...\{2A7F99F6-88A4-4B44-B350-41C0B147A39C}) (Version: 5.19.1.3091 - PreEmptive Solutions) Hidden
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version:  - EaseUS)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{C8E7C575-FCFA-46B2-8FC0-E8AC65501350}) (Version: 1.1.78.0 - Epic Games, Inc.)
Feist (HKLM-x32\...\Feist_is1) (Version:  - )
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ForHonor (HKLM-x32\...\Uplay Install 569) (Version:  - Ubisoft)
Futuremark SystemInfo (HKLM-x32\...\{85F94959-7098-4B55-9F39-27D880FE5BA1}) (Version: 5.1.620.0 - Futuremark)
Game Dev Tycoon versió 1.4.5 (HKLM-x32\...\{5BBB8682-1335-410F-A79F-8E5611A54BD0}_is1) (Version: 1.4.5 - Greenheart Games Pty. Ltd.)
GameMaker Studio 2 (HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\GameMakerStudio2) (Version:  - )
Gauntlet (HKLM-x32\...\Gauntlet_is1) (Version:  - )
GetDiz (HKLM-x32\...\GetDiz) (Version: 4.9 - Outertech)
Ghost War PVP Beta (HKLM-x32\...\Uplay Install 2970) (Version:  - Ubisoft)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Gods Will Be Watching (HKLM-x32\...\1207664883_is1) (Version: 2.0.0.1 - GOG.com)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Web Designer (HKLM\...\{811767F4-C586-4673-A41F-E9D767497222}) (Version: 1.9.0.0 - Google LLC.)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Heroes of the Storm Public Test (HKLM-x32\...\Heroes of the Storm Public Test) (Version:  - Blizzard Entertainment)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.8.3 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Icecream Screen Recorder versión 4.96 (HKLM-x32\...\{7ADEC622-3230-4C9A-9DCE-9BD462B74095}_is1) (Version: 4.96 - Icecream Apps)
iColorFolder (HKLM-x32\...\iColorFolder) (Version:  - )
INSIDE (HKLM-x32\...\1916896012_is1) (Version: 2.0.0.2 - GOG.com)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4425 - Intel Corporation)
Intel® USB 3.0\3.1 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 5.0.0.32 - Intel Corporation)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
LADSPA_plugins-win-0.4.15 (HKLM-x32\...\LADSPA_plugins-win_is1) (Version:  - Audacity Team)
LAN Messenger (HKLM-x32\...\LAN Messenger) (Version: 1.2.35 - LAN Messenger)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{62292933-30AF-4962-B6BB-59191D386D94}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
LogMeIn Hamachi (HKLM-x32\...\{BE82D2D7-6CA2-43B3-8C22-CCF6405806E7}) (Version: 2.2.0.579 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.579 - LogMeIn, Inc.)
Malwarebytes versión 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.11.266.3 - McAfee, Inc.)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25123 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 RC Redistributable (x64) - 14.0.22816 (HKLM-x32\...\{e2495eb6-cca8-47aa-91ea-3410ca44d7b7}) (Version: 14.0.22816.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Update 2 (HKLM-x32\...\{04fa3a35-1f49-4510-8051-819cdc1e6e01}) (Version: 14.0.25123.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{449EFED6-5F86-4428-8EB2-3DA1F6E67CE4}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Minecraft: Story Mode - Season Two (HKLM-x32\...\1614341910_is1) (Version: episode_1 - GOG.com)
Mirror's Edge™ Catalyst (HKLM-x32\...\{12228a0d-f6ad-4691-82af-d2c643424468}) (Version: 1.0.3.47248 - Electronic Arts)
MSBuild/NuGet Integration 14.0 (x86) (HKLM-x32\...\{13FE8B50-B340-4FDA-BB6E-AA1F5FAB8205}) (Version: 14.0.25123 - Microsoft Corporation) Hidden
Multi-Device Hybrid Apps using C# - Templates - ENU (HKLM-x32\...\{12D99739-FFD3-3761-8AA6-F929E0FE407E}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Norton Ghost (HKLM-x32\...\{B0255743-165B-4BD5-8DA8-37DFB9930015}) (Version: 15.0.0.35659 - Symantec Corporation)
NVIDIA Controlador de audio HD 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 375.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.95 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.0.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.0.52 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.1.0.52 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
OlliOlli2 - Welcome to Olliwood (HKLM-x32\...\1438603531_is1) (Version: 2.2.0.3 - GOG.com)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.2 (HKLM-x32\...\{8AA1F27D-72F0-4E80-9976-41180A769B3B}) (Version: 4.12.9782 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.8.17910 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
Panel de control de NVIDIA 375.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 375.95 - NVIDIA Corporation) Hidden
Paquete de compatibilidad de Microsoft .NET Framework 4.6.1 (español) (HKLM-x32\...\{2ECA62A3-BA78-4B96-BEA3-0E9DA82F08D9}) (Version: 4.6.01055 - Microsoft Corporation)
Paquete de controladores de Windows - Graphics Tablet (WinUsb) USBDevice  (04/10/2014 8.33.30.0) (HKLM\...\142118DF51345EA02D2B1583E102C8FB95FD6D52) (Version: 04/10/2014 8.33.30.0 - Graphics Tablet)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
Pelis Magnet (HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\Pelis Magnet) (Version: 0.7.0.0 - PopFilms)
PhotoFiltre (HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\PhotoFiltre) (Version:  - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlanetSide 2 (HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
Plants vs Zombies GW2 (HKLM-x32\...\{C4F00C98-13B4-4313-8152-50EE0B04ABE2}) (Version: 1.0.7.0 - Electronic Arts)
PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}) (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prison Architect MULTi20 - ElAmigos versión 7b (HKLM-x32\...\{C53F1F2A-F731-486B-AC00-89F90EED151E}_is1) (Version: 7b - Introversion Software)
Process Hacker 2.39 (r124) (HKLM\...\Process_Hacker2_is1) (Version: 2.39.0.124 - wj32)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
Rainbow Six Siege - Open Beta (HKLM-x32\...\Uplay Install 1001) (Version:  - Ubisoft)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.1 beta r2838 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.99.311.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7904 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (HKLM-x32\...\{6C1985E7-E1C5-3A95-86EF-2C62465F15C3}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (HKLM-x32\...\{E6CAD8B3-5682-31CA-A05E-79F6DBF81066}) (Version: 14.0.25132 - Microsoft Corporation) Hidden
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Screencheat (HKLM-x32\...\1207666493_is1) (Version: 2.13.0.15 - GOG.com)
SDK de Microsoft .NET Framework 4.6.1 (español) (HKLM-x32\...\{07570008-8840-4A14-A752-1367157138A5}) (Version: 4.6.01055 - Microsoft Corporation)
Seven: The Days Long Gone (HKLM\...\c2V2ZW50aGVkYXlzbG9uZ2dvbmU_is1) (Version: 1 - )
Seven: The Days Long Gone (HKLM-x32\...\1276856962_is1) (Version: 1.0 - GOG.com)
Seven: The Days Long Gone Pre-Order DLC (HKLM-x32\...\1936984468_is1) (Version: 1.0 - GOG.com)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0330 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.1.0.52 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype versión 8.17 (HKLM-x32\...\Skype_is1) (Version: 8.17 - Skype Technologies S.A.)
Specify 6.6.04 (HKLM-x32\...\5397-6897-2502-8965) (Version: 6.6.04 - Biodiversity Research Center, University of Kansas)
SpeedRunners (HKLM-x32\...\SpeedRunners_is1) (Version:  - )
Spotify (HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\Spotify) (Version: 1.0.75.483.g7ff4a0dc - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Station (HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\browserX) (Version: 1.0.9 - eFounders)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
STEAM/Steamapps/common/The Talos Principle (HKLM-x32\...\STEAM/Steamapps/common/The Talos Principle_is1) (Version: Unknown - StarDima Repack Games)
tAPI version 1.2.4.1 r15 (HKLM-x32\...\{6D47E78A-A9FE-41B8-A5C6-8A6A04FB8F71}_is1) (Version: 1.2.4.1 r15 - tAPI Development Team)
Team Explorer for Microsoft Visual Studio 2015 Update 2 (HKLM-x32\...\{7932CD6F-86D3-3EE4-8A02-B954404D1FFC}) (Version: 14.95.25118 - Microsoft) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
Test Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{9EABBFE1-7EED-47D9-8FB8-21D7E4808057}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version:  - Ubisoft)
The Red Strings Club (HKLM-x32\...\1209307763_is1) (Version: 20180122 - GOG.com)
Tom Clancy's Ghost Recon Wildlands (HKLM-x32\...\Uplay Install 1771) (Version:  - Ubisoft)
TorrentsTime Media Player (HKLM\...\TorrentsTime Media Player_is1) (Version: 1.1.9.5 - Torrents Time)
Towerfall - Ascension - Dark World (HKLM-x32\...\Towerfall: Ascension - Dark World_is1) (Version: 2.0.0.1 - GOG.com)
Towerfall - Ascension (HKLM-x32\...\1430924174_is1) (Version: 2.0.0.1 - GOG.com)
Twitch (HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
TypeScript Power Tool (HKLM-x32\...\{60890089-588B-4362-B9C5-A9C11D6E5DD1}) (Version: 1.8.9.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{4AC64C61-A7EC-4E4E-8F28-F57EB3430334}) (Version: 1.8.31.0 - Microsoft Corporation) Hidden
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Ultimate Chicken Horse (HKLM-x32\...\Ultimate Chicken Horse_is1) (Version:  - )
UninstallTabletDeviceDriver (HKLM\...\{39089688-F09E-4DAD-8C80-647D3DF68630}_is1) (Version: v13.14.13.170626 - )
Unity (HKLM-x32\...\Unity) (Version: 5.3.5f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\UnityWebPlayer) (Version: 5.3.5f1 - Unity Technologies ApS)
univcredist (HKLM-x32\...\{2d9d4a60-1d22-46c1-84bb-1de04b4715d7}) (Version: 1.0.0.0 - Motiga)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Skype for Business 2016 (KB4011725) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{E4EFE857-B051-4AB1-80A7-A0279FB2B33C}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4011725) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{E4EFE857-B051-4AB1-80A7-A0279FB2B33C}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4011725) 64-Bit Edition (HKLM\...\{90160000-012B-0C0A-1000-0000000FF1CE}_Office16.PROPLUS_{E4EFE857-B051-4AB1-80A7-A0279FB2B33C}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 22.0 - Ubisoft)
Vista Shortcut Manager x64 (HKLM\...\{C7311329-C491-427B-8880-133E84869B3A}) (Version: 2.0 - Frameworkx)
Visual Studio 2015 Update 2 (KB3022398) (HKLM-x32\...\{78c1b501-a6eb-4f29-88c5-84189564827e}) (Version: 14.0.25123 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.1 - VideoLAN)
VS Update core components (HKLM-x32\...\{6A878817-D626-305A-BE8D-94C93F70E27A}) (Version: 14.0.25123 - Microsoft Corporation) Hidden
vs_update2notification (HKLM-x32\...\{C0719D2C-5CA9-3824-903F-74F2CB9257D3}) (Version: 14.0.25132 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
WCF Data Services 5.6.4 Runtime (HKLM-x32\...\{DB85E7BD-B2DD-43D4-B3C0-23D7B527B597}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{0A3B508E-5638-4471-BCC9-954E1868CB86}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WinDirStat 1.1.2 (HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\WinDirStat) (Version:  - )
Windows 7 Logon Background Changer (HKLM-x32\...\{2E6044C5-3495-485F-91BC-46D1B6430E51}) (Version: 1.5.2 - Julien MANICI)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WWE 2K16 (HKLM-x32\...\WWE 2K16_is1) (Version:  - )
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1435063854-307818520-736119647-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Dídac\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1435063854-307818520-736119647-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Dídac\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1435063854-307818520-736119647-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1435063854-307818520-736119647-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Dídac\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1435063854-307818520-736119647-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Dídac\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Dídac\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Dídac\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-01] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-01] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Dídac\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Dídac\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Dídac\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2018-03-15] ()
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\Modules\aimp_menu64.dll -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-01] (AVAST Software)
ContextMenuHandlers1: [BB FlashBack 2] -> {A8065B9E-193F-4797-B62D-8F6321E7FCCB} =>  -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Dídac\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-01] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Dídac\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Dídac\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\Modules\aimp_menu64.dll -> No File
ContextMenuHandlers4-x32: [CMenuExtender] -> {ABC70703-32AF-11d4-90C4-D483A70F4825} => C:\Program Files (x86)\iColorFolder\CMExt.dll [2001-10-18] (Revenger inc.)
ContextMenuHandlers4-x32: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Dídac\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers4-x32: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-05-12] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-11-17] (NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2018-03-15] ()
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-01] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03B34E95-6496-429B-8E8F-2861D4F57C31} - System32\Tasks\{C4DA5F21-B06D-45A4-9057-FA9AD99D41DF} => C:\Users\Dídac\Desktop\Downloads II\Dark Souls 3\DarkSoulsIII.exe
Task: {0600DC7C-3F13-4BDE-B2C4-CF0EE8A88651} - System32\Tasks\GPU Tweak II => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe
Task: {088DF3FE-EB54-42E8-B8CC-6C78551A28FA} - System32\Tasks\{E77AD7D3-5A1D-4C19-8764-18D93EC646A1} => C:\Windows\system32\pcalua.exe -a C:\TEMP\Worms.exe -d C:\TEMP <==== ATTENTION
Task: {17B5B95B-BCB5-4123-B8CB-227D3DB28ED0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-01-17] (Adobe Systems Incorporated)
Task: {1F1E63B3-7F9E-46FD-A530-E95A4394B0EB} - System32\Tasks\{0C79F26E-EE3C-4FC0-8DDD-2A06B36646F5} => C:\Windows\system32\pcalua.exe -a "C:\Users\Dídac\Documents\MEGAsync Downloads\Nuclear Throne v26.06.2016-MPCG\NTT-Assemble.exe" -d "C:\Users\Dídac\Documents\MEGAsync Downloads\Nuclear Throne v26.06.2016-MPCG"
Task: {1F39FD3E-813F-473A-BB6E-E4B46204A56C} - System32\Tasks\{D76A9456-519D-44C2-9CF5-0389882576B0} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe"
Task: {210A173F-3ED9-43CF-A9D0-65DF868E1616} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
Task: {33DC091D-D797-497F-A7D6-8361949E2199} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe
Task: {342A866B-E958-44D9-9F3D-6DFBBE7C7B11} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-11-17] (NVIDIA Corporation)
Task: {3B8266DD-0807-4E77-AD3E-2A6571BF6464} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-17] (Google Inc.)
Task: {4C5612FE-4D3F-4C9F-BF6D-41F074A79DFC} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [2018-03-11] (AVAST Software)
Task: {4DA655F9-2B9E-41C4-A0E2-57FDE76E46E7} - \AdobeUpdate -> No File <==== ATTENTION
Task: {5F67F9FF-517B-4178-A11E-14BC66470707} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {5FE02EF6-2D24-4F5F-810F-9F3FFBA5F638} - System32\Tasks\SafeZone scheduled Autoupdate 1488998469 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {6C2D8031-54F1-49C5-88F6-27F3D868ACB1} - System32\Tasks\AdobeAAMUpdater-1.0-Alfa-Dídac => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {71271C2F-5548-4115-858F-BEBFD2BA0FD2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-03-13] (Adobe Systems Incorporated)
Task: {74E3BD76-889F-47A7-A493-B89B1973A6AA} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-05-15] (Microsoft Corporation)
Task: {7EF5CB39-C269-4715-A5F7-A42FE0B4F6EA} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-03-01] (AVAST Software)
Task: {82CC3E96-04FE-4C63-A920-42A5C559BD5A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
Task: {844D39AE-33D7-4F44-93F9-5D30BEF8A343} - System32\Tasks\{F2F1721E-691C-413C-9CBB-40FC9A294748} => C:\Program Files (x86)\Steam\Steam.exe [2017-12-15] (Valve Corporation)
Task: {8F18296A-4E72-45E1-A778-D494B8D223B6} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_113_Plugin.exe [2018-03-13] (Adobe Systems Incorporated)
Task: {91EC8524-E252-43F6-A50F-4AE58157CFFC} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-11-17] (NVIDIA Corporation)
Task: {95054D93-DA11-439E-BB62-F058EBEAFF37} - System32\Tasks\{68FFB849-A6CE-4035-822A-3C4F008CE6B7} => C:\Windows\system32\pcalua.exe -a "C:\Users\Dídac\Desktop\Downloads II\Crocodile_Clips_v3.5.exe" -d "C:\Users\Dídac\Desktop\Downloads II"
Task: {984516FA-0AA3-47E2-97C0-248EE240EA7B} - System32\Tasks\Driver Booster SkipUAC (Dídac) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {9900CE10-097C-472A-8DC9-FB3BB4ADF93C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {A529A205-598D-4E89-8D53-7B3AA739E35F} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_137_pepper.exe [2017-07-15] (Adobe Systems Incorporated)
Task: {A8B39A81-0F25-45D1-8AC5-A9A7CA7EE680} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {AB0183FB-BA2A-4D84-9CDC-948E2C289947} - System32\Tasks\{51D51555-3314-49A6-80D5-334A2AE72E9E} => C:\Program Files (x86)\Cities Skylines After Dark\Cities.exe
Task: {AC72B8EA-94C4-4398-A97E-C2896A042057} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2018-01-19] (Bitdefender)
Task: {B7216C0A-1550-4B82-B8FC-978301E0F6AB} - System32\Tasks\{A30B0A72-E2BE-41DC-9FE2-3A541863C226} => C:\Windows\system32\pcalua.exe -a C:\TEMP\Deus-Ex-Mankind-Divided.exe -d C:\TEMP <==== ATTENTION
Task: {B803049C-7011-453C-A676-331A9C6B95CE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {C002A28A-2BCC-4F70-AE95-F4213C8E6EF1} - System32\Tasks\{ABFAEF28-21F9-4981-8716-B337A4387927} => C:\Program Files\Cobalt\cobalt.exe
Task: {C5219974-9A4F-4EB8-AB0D-8DFD6395DF4B} - System32\Tasks\Microsoft\Windows\Application Experience\Threat Base Loader => C:\Users\Dídac\AppData\Roaming\\threatdatabase\\tdget.exe
Task: {CCD847AD-F6C8-491E-926C-201E03BD8ED3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {D00AED49-BE5A-48E1-9317-F4D66FD7952A} - System32\Tasks\{7DBF5A33-AE75-4B6D-AF3F-6F6D10A807B9} => C:\Windows\system32\pcalua.exe -a C:\TEMP\Worms-WMD.exe -d C:\TEMP <==== ATTENTION
Task: {DAC36FA8-A682-419D-A8A9-220CFF1A7C95} - \Ajuent -> No File <==== ATTENTION
Task: {DCE2D29D-299B-4207-9370-0C344D9E2A50} - System32\Tasks\{027ED632-FD6A-48FF-9A9A-8B6E81E95892} => C:\Program Files (x86)\Steam\Steam.exe [2017-12-15] (Valve Corporation)
Task: {DE7E7C82-66DB-4A34-B980-12E4B91B6C5D} - System32\Tasks\{4144CEBF-CE9D-4BB2-B220-3017B324EAA7} => C:\Windows\system32\pcalua.exe -a "F:\STEAM DESCARGAS\BETAS\steamapps\common\Alien Swarm\bin\addoninstaller.exe" -d "F:\STEAM DESCARGAS\BETAS\steamapps\common\Alien Swarm" -c /register
Task: {E7221DCF-1B52-4454-BB4D-4667507BD525} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-01-07] (AVAST Software)
Task: {E913BD2C-7404-45BE-87CE-ADDE72D7C5DC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-17] (Google Inc.)
Task: {F69A36DD-D0C4-4F02-B788-9F8799E80484} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-11-22 19:16 - 2016-11-17 03:04 - 001147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-11-22 19:16 - 2016-11-17 03:04 - 004489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-11-22 19:16 - 2016-11-17 03:04 - 000418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2015-08-10 13:15 - 2015-08-10 13:15 - 000076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-08-10 13:15 - 2015-08-10 13:16 - 000189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2018-03-01 17:05 - 2018-03-01 17:05 - 000721624 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2018-03-01 17:05 - 2018-03-01 17:05 - 000912088 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2018-03-01 17:05 - 2018-03-01 17:05 - 000341720 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2017-05-26 02:18 - 2017-05-26 02:18 - 000492112 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2017-08-21 11:05 - 2017-12-17 11:48 - 001348072 _____ () E:\Juegos\Steam\Mortal Kombat X\steamapps\common\wallpaper_engine\wallpaper32.exe
2017-08-20 20:14 - 2017-08-20 20:14 - 000556032 _____ () C:\Users\Dídac\AppData\Roaming\Rainmeter\Plugins\SpotifyPlugin.DLL
2017-07-28 21:05 - 2017-07-28 21:05 - 000093184 _____ () C:\Program Files\Rainmeter\Plugins\Process.DLL
2017-07-28 21:05 - 2017-07-28 21:05 - 000173568 _____ () C:\Program Files\Rainmeter\Plugins\AudioLevel.DLL
2018-03-01 17:05 - 2018-03-01 17:05 - 000613440 _____ () C:\Program Files\AVAST Software\Avast\AvastNM.exe
2018-03-01 17:05 - 2018-03-01 17:05 - 000287960 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-03-01 17:05 - 2018-03-01 17:05 - 000280280 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2018-03-16 20:14 - 2018-03-16 20:14 - 005800080 _____ () C:\Program Files\AVAST Software\Avast\defs\18031604\algo.dll
2018-03-01 17:05 - 2018-03-01 17:05 - 000756952 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2018-03-01 17:05 - 2018-03-01 17:05 - 000172760 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-03-01 17:05 - 2018-03-01 17:05 - 000964824 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-03-01 17:05 - 2018-03-01 17:05 - 000475352 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-03-01 17:05 - 2018-03-01 17:05 - 000339672 _____ () C:\Program Files\AVAST Software\Avast\streamback_avast.dll
2018-03-17 11:21 - 2018-03-17 11:21 - 005800080 _____ () C:\Program Files\AVAST Software\Avast\defs\18031700\algo.dll
2016-11-22 19:16 - 2016-11-17 03:04 - 000018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-08-26 19:03 - 2017-11-29 06:09 - 000781088 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-08-26 19:03 - 2016-09-01 02:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-08-26 19:03 - 2016-09-01 02:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-08-26 19:03 - 2016-09-01 02:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-08-26 19:03 - 2017-12-15 20:59 - 002558752 _____ () C:\Program Files (x86)\Steam\video.dll
2017-12-14 17:53 - 2017-11-04 02:54 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2017-12-14 17:53 - 2017-11-04 02:54 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2017-12-14 17:53 - 2017-11-04 02:54 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2017-12-14 17:53 - 2017-11-04 02:54 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2017-12-14 17:53 - 2017-11-04 02:54 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2016-08-26 19:03 - 2017-12-15 20:59 - 000904992 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-08-26 19:03 - 2016-07-04 23:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2018-01-09 15:07 - 2018-01-08 17:52 - 001891832 _____ () C:\Users\Dídac\AppData\Local\Discord\app-0.0.300\ffmpeg.dll
2018-01-09 15:07 - 2018-02-10 17:49 - 001780216 _____ () \\?\C:\Users\Dídac\AppData\Roaming\discord\0.0.300\modules\discord_overlay2\discord_overlay2.node
2017-11-17 15:48 - 2016-09-12 14:53 - 048936448 _____ () C:\Program Files (x86)\AVAST Software\Avast Cleanup\libcef.dll
2018-03-01 17:05 - 2018-03-01 17:05 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-03-01 17:05 - 2018-03-01 17:05 - 000275160 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2016-11-22 19:16 - 2016-11-17 03:04 - 060817344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-06-08 14:32 - 2017-09-07 03:04 - 000678400 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2016-12-12 21:46 - 2017-10-31 05:44 - 071471904 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2016-08-26 19:03 - 2015-09-25 00:52 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2016-11-22 19:16 - 2016-11-17 03:04 - 000506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-11-22 19:16 - 2016-11-17 03:04 - 000255936 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-11-22 19:16 - 2016-11-17 03:04 - 002808256 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-11-22 19:16 - 2016-11-17 03:04 - 000900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-11-22 19:16 - 2016-11-17 03:04 - 003774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-11-22 19:16 - 2016-11-17 03:04 - 000246840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-11-22 19:16 - 2016-11-17 03:04 - 000436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-11-22 19:16 - 2016-11-17 03:04 - 000338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-11-22 19:16 - 2016-11-17 03:04 - 000968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2018-01-09 15:07 - 2018-01-08 17:52 - 001937912 _____ () C:\Users\Dídac\AppData\Local\Discord\app-0.0.300\libglesv2.dll
2018-01-09 15:07 - 2018-01-08 17:52 - 000095736 _____ () C:\Users\Dídac\AppData\Local\Discord\app-0.0.300\libegl.dll
2018-01-09 15:07 - 2018-03-13 21:10 - 009634296 _____ () \\?\C:\Users\Dídac\AppData\Roaming\discord\0.0.300\modules\discord_voice\discord_voice.node
2018-01-09 15:07 - 2018-02-01 14:58 - 001508344 _____ () \\?\C:\Users\Dídac\AppData\Roaming\discord\0.0.300\modules\discord_utils\discord_utils.node
2018-01-09 15:07 - 2018-01-09 15:07 - 000513016 _____ () \\?\C:\Users\Dídac\AppData\Roaming\discord\0.0.300\modules\discord_erlpack\discord_erlpack.node
2018-01-09 15:07 - 2018-03-13 21:10 - 001517560 _____ () \\?\C:\Users\Dídac\AppData\Roaming\discord\0.0.300\modules\discord_game_utils\discord_game_utils.node
2018-01-09 15:07 - 2018-01-09 15:07 - 002662904 _____ () \\?\C:\Users\Dídac\AppData\Roaming\discord\0.0.300\modules\discord_rpc\discord_rpc.node
2016-08-26 19:24 - 2018-03-01 17:35 - 080302992 _____ () C:\Users\Dídac\AppData\Roaming\Spotify\libcef.dll
2017-09-03 20:11 - 2017-08-04 10:38 - 071398944 _____ () C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser_browser.dll
2016-08-26 19:24 - 2018-03-01 17:35 - 003734416 _____ () C:\Users\Dídac\AppData\Roaming\Spotify\libglesv2.dll
2016-08-26 19:24 - 2018-03-01 17:35 - 000088464 _____ () C:\Users\Dídac\AppData\Roaming\Spotify\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\TEMP:$DATA​ [16]
AlternateDataStreams: C:\Users\Public\AppData:CSM [468]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7901 more sites.

IE restricted site: HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1435063854-307818520-736119647-1000\...\123simsen.com -> www.123simsen.com

There are 7901 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2017-07-08 00:58 - 001022209 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com
127.0.0.1    www.100sexlinks.com
127.0.0.1    100sexlinks.com
127.0.0.1    10sek.com
127.0.0.1    www.10sek.com
127.0.0.1    www.1-2005-search.com
127.0.0.1    1-2005-search.com
127.0.0.1    123fporn.info
127.0.0.1    www.123fporn.info
127.0.0.1    123haustiereundmehr.com
127.0.0.1    www.123haustiereundmehr.com
127.0.0.1    123moviedownload.com
127.0.0.1    www.123moviedownload.com

There are 29295 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1435063854-307818520-736119647-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Dídac\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: Corsair Utility Engine => "C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe" --autorun
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: GalaxyClient => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart                                                                                                                                                                                                  
MSCONFIG\startupreg: Norton Ghost 15.0 => "C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe"
MSCONFIG\startupreg: PeerBlock => C:\Program Files\PeerBlock\peerblock.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8C24563A-2A2B-4DD9-ADD8-5B973C5BAC02}] => (Allow) C:\Program Files (x86)\LAN Messenger\lmc.exe
FirewallRules: [{C9AAB099-DD6A-4F9D-A95F-519B3540D4DB}] => (Allow) C:\Program Files (x86)\LAN Messenger\lmc.exe
FirewallRules: [TCP Query User{1680F33C-6045-477F-9C25-58B318EEFE6B}C:\program files (x86)\lan messenger\lmc.exe] => (Allow) C:\program files (x86)\lan messenger\lmc.exe
FirewallRules: [UDP Query User{E05C0202-6605-4183-A66E-4C078D4BA661}C:\program files (x86)\lan messenger\lmc.exe] => (Allow) C:\program files (x86)\lan messenger\lmc.exe
FirewallRules: [TCP Query User{3CE4CD80-9210-411B-B6A1-F8626D020DE4}C:\users\dídac\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dídac\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{78F05808-DCBE-4C30-85FA-F9A89F6EC54E}C:\users\dídac\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dídac\appdata\roaming\spotify\spotify.exe
FirewallRules: [{5B081F68-5C17-4174-9D40-25404BA8EA08}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C3FB51BB-416B-43FE-9505-49D5E3CFE008}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{57FC3026-9324-4723-9A6A-0E3401F7CFB3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{577A7429-5A83-4A1A-81A1-C733A04C92A7}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9723BEE1-1167-4F93-9911-4F8833B59239}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{6CD54470-8110-4618-B417-A977DD8EB2CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{179070C8-F069-4D2D-9EBC-EB06972A53B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\aceofspades\aos.exe
FirewallRules: [{E8FEA901-C2C0-47DC-BF89-56BA141E695F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\aceofspades\aos.exe
FirewallRules: [TCP Query User{F3B0166A-8798-413E-BC6F-313FDA248D45}C:\program files\java\jre8\bin\java.exe] => (Allow) C:\program files\java\jre8\bin\java.exe
FirewallRules: [UDP Query User{98710C0D-68BE-4B0E-B404-312E574238FA}C:\program files\java\jre8\bin\java.exe] => (Allow) C:\program files\java\jre8\bin\java.exe
FirewallRules: [TCP Query User{BB870A8B-9E53-486F-8A70-09244A2A937C}C:\program files (x86)\java\jre8\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre8\bin\javaw.exe
FirewallRules: [UDP Query User{69F93831-1889-44FE-8931-4D69C0737171}C:\program files (x86)\java\jre8\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre8\bin\javaw.exe
FirewallRules: [TCP Query User{41E8CD45-4489-44BD-8771-A95C3FF194DE}C:\gog games\divinity - original sin\shipping\eocapp.exe] => (Allow) C:\gog games\divinity - original sin\shipping\eocapp.exe
FirewallRules: [UDP Query User{A8AC5D6C-1379-4AA2-9BF0-A3801D965A28}C:\gog games\divinity - original sin\shipping\eocapp.exe] => (Allow) C:\gog games\divinity - original sin\shipping\eocapp.exe
FirewallRules: [TCP Query User{8B034A96-154D-4912-B564-15AF522A443E}E:\juegos\70. independientes\game dev tycoon\multijugador\server application-8-1-5-5-0\dmultiplayersrv.exe] => (Allow) E:\juegos\70. independientes\game dev tycoon\multijugador\server application-8-1-5-5-0\dmultiplayersrv.exe
FirewallRules: [UDP Query User{5938E93D-A4FE-4413-930A-32748B776837}E:\juegos\70. independientes\game dev tycoon\multijugador\server application-8-1-5-5-0\dmultiplayersrv.exe] => (Allow) E:\juegos\70. independientes\game dev tycoon\multijugador\server application-8-1-5-5-0\dmultiplayersrv.exe
FirewallRules: [TCP Query User{B3E80EF6-D780-4699-8B63-AEB717B32E8B}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [UDP Query User{92033B80-FCE1-428E-B7EA-DB703BFB64E9}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [TCP Query User{FCA8BFEF-B9BD-4CA0-9BD0-4631FD208174}E:\juegos\80. portables\rock of ages\binaries\win32\roa.exe] => (Allow) E:\juegos\80. portables\rock of ages\binaries\win32\roa.exe
FirewallRules: [UDP Query User{23DC1F03-2D31-40A7-B6E4-84B23BA25FF4}E:\juegos\80. portables\rock of ages\binaries\win32\roa.exe] => (Allow) E:\juegos\80. portables\rock of ages\binaries\win32\roa.exe
FirewallRules: [TCP Query User{18426B7E-7188-44BD-B50A-83BB5F62B1C3}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [UDP Query User{C7FF7355-7E54-4041-8875-040B1CB15B24}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [TCP Query User{04AA309C-E67F-4AC6-B528-23C20D8DDD07}C:\program files (x86)\evolve\bin64_steamretail\evolve.exe] => (Block) C:\program files (x86)\evolve\bin64_steamretail\evolve.exe
FirewallRules: [UDP Query User{C7693EB0-1E71-4AEE-86DA-5C8C927AEC8C}C:\program files (x86)\evolve\bin64_steamretail\evolve.exe] => (Block) C:\program files (x86)\evolve\bin64_steamretail\evolve.exe
FirewallRules: [TCP Query User{780BF107-CFFD-40A3-9412-BC3D34314B28}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{A399A99B-6AFD-49D0-97D9-F613144D2A32}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{D4F472CD-D770-4FF4-9501-88E85E9E778A}C:\users\dídac\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dídac\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{63853427-2D78-448F-BBB4-475A53B252EB}C:\users\dídac\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dídac\appdata\roaming\spotify\spotify.exe
FirewallRules: [{2AACF24B-2581-498F-AF88-661CEE2553A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magicka\Magicka.exe
FirewallRules: [{060600E9-3E3C-4A86-AFEB-336F45850264}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magicka\Magicka.exe
FirewallRules: [TCP Query User{589D0EFD-1981-42AE-A3D1-EFB65EFE2621}E:\juegos\70. independientes\terraria\v1.2.4.1 + n terraria\nterrariaserver.exe] => (Allow) E:\juegos\70. independientes\terraria\v1.2.4.1 + n terraria\nterrariaserver.exe
FirewallRules: [UDP Query User{7BBA24E9-30CE-4A76-B5DE-F7F698616287}E:\juegos\70. independientes\terraria\v1.2.4.1 + n terraria\nterrariaserver.exe] => (Allow) E:\juegos\70. independientes\terraria\v1.2.4.1 + n terraria\nterrariaserver.exe
FirewallRules: [TCP Query User{1BE320E1-4890-4F9E-8A54-6F7BBF6CED71}E:\juegos\80. portables\worms forts under siege\wf.exe] => (Block) E:\juegos\80. portables\worms forts under siege\wf.exe
FirewallRules: [UDP Query User{4AFA62EB-A8AE-423E-A701-8ECB119484DD}E:\juegos\80. portables\worms forts under siege\wf.exe] => (Block) E:\juegos\80. portables\worms forts under siege\wf.exe
FirewallRules: [TCP Query User{64906BAD-490F-4B6A-8C6B-40C3733701EE}C:\games\broforce alien infestation update\broforce_beta.exe] => (Allow) C:\games\broforce alien infestation update\broforce_beta.exe
FirewallRules: [UDP Query User{A0B743FC-4A00-402E-A3B7-BE3DB6E6ABB7}C:\games\broforce alien infestation update\broforce_beta.exe] => (Allow) C:\games\broforce alien infestation update\broforce_beta.exe
FirewallRules: [{C87846DF-E90F-4B77-90EE-B6C59088AD11}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{5A262C16-9145-4219-A201-0D316F8FACBD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [TCP Query User{6169DECA-E111-404A-B2B0-0F3DEAEBE15F}C:\program files (x86)\mortal kombat komplete edition\disccontentpc\mkke.exe] => (Allow) C:\program files (x86)\mortal kombat komplete edition\disccontentpc\mkke.exe
FirewallRules: [UDP Query User{F9E58DE0-F7B1-4EC8-B8E9-D5D9075419E0}C:\program files (x86)\mortal kombat komplete edition\disccontentpc\mkke.exe] => (Allow) C:\program files (x86)\mortal kombat komplete edition\disccontentpc\mkke.exe
FirewallRules: [TCP Query User{0BA5745F-01B2-416B-8CDA-9C5ED9D5989D}C:\program files (x86)\assassins creed chronicles china\binaries\win32\accgame-win32-shipping.exe] => (Allow) C:\program files (x86)\assassins creed chronicles china\binaries\win32\accgame-win32-shipping.exe
FirewallRules: [UDP Query User{F111B77D-5EB8-4AC3-9171-1FB778A777D2}C:\program files (x86)\assassins creed chronicles china\binaries\win32\accgame-win32-shipping.exe] => (Allow) C:\program files (x86)\assassins creed chronicles china\binaries\win32\accgame-win32-shipping.exe
FirewallRules: [{2E98DB2F-44CD-45C7-9F77-2C420387FA4B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Minimum\Binaries\Win32\MinGame-Win32-F.exe
FirewallRules: [{F95B7FFE-EA75-4E08-B3A1-9046C5CC7001}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Minimum\Binaries\Win32\MinGame-Win32-F.exe
FirewallRules: [{B3D7E50C-B8D3-42C6-AD56-87F83AE25113}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{2D438FC9-228B-454A-A0B3-06E715877C0A}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{BD098B04-CA15-43AB-BCBF-85FD3696C171}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{E35BA87A-6C43-4980-8843-B8490926A3C5}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{AB715B80-0B3B-4A5D-9CC3-5E5CE8C311BD}C:\program files (x86)\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{3B297A5D-8640-4E45-9381-C0F15F62432F}C:\program files (x86)\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\terraria\terrariaserver.exe
FirewallRules: [TCP Query User{3FE99160-6423-488C-A4B0-98DC97006AA4}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{17E57ABF-7906-4CEE-8E1A-645DAB04F299}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{5E700F2B-ACE5-47CE-9C71-0DFC5ED1EE0E}E:\juegos\70. independientes\project zomboid\v. bld.30.6\projectzomboid64.exe] => (Allow) E:\juegos\70. independientes\project zomboid\v. bld.30.6\projectzomboid64.exe
FirewallRules: [UDP Query User{0F8B38CB-3837-444E-92B1-DE7E95AFE5F7}E:\juegos\70. independientes\project zomboid\v. bld.30.6\projectzomboid64.exe] => (Allow) E:\juegos\70. independientes\project zomboid\v. bld.30.6\projectzomboid64.exe
FirewallRules: [TCP Query User{8852B55D-2E0E-4261-962C-03D3915DA7F3}E:\juegos\70. independientes\project zomboid\v. bld.30.6\jre\bin\java.exe] => (Allow) E:\juegos\70. independientes\project zomboid\v. bld.30.6\jre\bin\java.exe
FirewallRules: [UDP Query User{FE70EEC6-0A7A-41EC-BC4D-13899B4C22AA}E:\juegos\70. independientes\project zomboid\v. bld.30.6\jre\bin\java.exe] => (Allow) E:\juegos\70. independientes\project zomboid\v. bld.30.6\jre\bin\java.exe
FirewallRules: [TCP Query User{767DFF5A-D999-4EFB-A420-05874147F8B2}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{AE7011BC-C0E5-42B7-80D6-DA2E15885742}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [{067B4022-838A-452D-90F6-A1AA345323E9}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{5DABB6BE-B06B-43A6-9612-4B3EFDC3159E}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{3E1919D3-198A-4C03-AB81-E34DC2A1F7D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gang Beasts\Gang Beasts.exe
FirewallRules: [{9FF1AE6D-AD72-4FE7-B036-06239D0DC82E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gang Beasts\Gang Beasts.exe
FirewallRules: [TCP Query User{85AFEDB0-1572-4D6D-AA62-EF226ABD3FB2}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{6298925D-5DA5-4546-80C6-48731336152F}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{69720D20-73C4-4F8E-976D-6EC916A6D159}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{E9122451-FB2C-4602-8DA5-EF49CF94D6F7}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{4A4E6427-E9A4-469E-BAA4-30BBD9B0BDD7}C:\users\dídac\desktop\downloads\terraria.v1.3.0.1\terraria.v1.3.0.1\terraria.exe] => (Allow) C:\users\dídac\desktop\downloads\terraria.v1.3.0.1\terraria.v1.3.0.1\terraria.exe
FirewallRules: [UDP Query User{27A4810E-019B-4D56-94B1-D7FCCFCD87BF}C:\users\dídac\desktop\downloads\terraria.v1.3.0.1\terraria.v1.3.0.1\terraria.exe] => (Allow) C:\users\dídac\desktop\downloads\terraria.v1.3.0.1\terraria.v1.3.0.1\terraria.exe
FirewallRules: [TCP Query User{4EB84216-5EC6-4759-9D9C-6094AE566160}C:\users\dídac\desktop\downloads\terraria.v1.3.0.1\terraria.v1.3.0.1\terraria.exe] => (Allow) C:\users\dídac\desktop\downloads\terraria.v1.3.0.1\terraria.v1.3.0.1\terraria.exe
FirewallRules: [UDP Query User{7D7B16C8-0576-41B2-80E7-F6EC2F2E34BA}C:\users\dídac\desktop\downloads\terraria.v1.3.0.1\terraria.v1.3.0.1\terraria.exe] => (Allow) C:\users\dídac\desktop\downloads\terraria.v1.3.0.1\terraria.v1.3.0.1\terraria.exe
FirewallRules: [TCP Query User{3D24F69E-06B6-4ABE-AE96-DC94F306D16F}C:\users\dídac\desktop\downloads\terraria.v1.3.0.1\terraria.v1.3.0.1\terrariaserver.exe] => (Allow) C:\users\dídac\desktop\downloads\terraria.v1.3.0.1\terraria.v1.3.0.1\terrariaserver.exe
FirewallRules: [UDP Query User{ADA7D225-C578-4585-8DB6-69CECD9CA2E1}C:\users\dídac\desktop\downloads\terraria.v1.3.0.1\terraria.v1.3.0.1\terrariaserver.exe] => (Allow) C:\users\dídac\desktop\downloads\terraria.v1.3.0.1\terraria.v1.3.0.1\terrariaserver.exe
FirewallRules: [TCP Query User{3B508DC8-9663-4F5D-8145-5F60F9BF9B40}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{64B593EA-D8FC-4162-8CBB-DF6AF3D04D66}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [TCP Query User{43449270-65A7-4AA3-AA66-2D222CFF3332}E:\juegos\70. independientes\terraria\v1.3.0.1\terraria.exe] => (Allow) E:\juegos\70. independientes\terraria\v1.3.0.1\terraria.exe
FirewallRules: [UDP Query User{CA824936-F33B-43CD-A44C-BC307E9DFEF4}E:\juegos\70. independientes\terraria\v1.3.0.1\terraria.exe] => (Allow) E:\juegos\70. independientes\terraria\v1.3.0.1\terraria.exe
FirewallRules: [TCP Query User{1AC959A4-992B-446B-8940-04D083403E65}E:\juegos\70. independientes\terraria\v1.3.0.1\terrariaserver.exe] => (Allow) E:\juegos\70. independientes\terraria\v1.3.0.1\terrariaserver.exe
FirewallRules: [UDP Query User{6955E502-93ED-4912-8631-031FAD4ED8D7}E:\juegos\70. independientes\terraria\v1.3.0.1\terrariaserver.exe] => (Allow) E:\juegos\70. independientes\terraria\v1.3.0.1\terrariaserver.exe
FirewallRules: [TCP Query User{3C192A84-5FCE-403C-9746-EF7630F566A5}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [UDP Query User{362AB863-7DD9-4DE9-B045-33439BB00E89}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [{A43B1353-7758-4205-A9E7-A5CEFD618460}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{BFF1C808-B8B1-4E18-8E2A-F38BC3C2A07E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [TCP Query User{ED6F9E2B-FFAE-4D88-B285-D79253C4A272}E:\juegos\70. independientes\game dev tycoon\multijugador\server application-8-1-5-5-0\dmultiplayersrv.exe] => (Allow) E:\juegos\70. independientes\game dev tycoon\multijugador\server application-8-1-5-5-0\dmultiplayersrv.exe
FirewallRules: [UDP Query User{C5B3CAF1-1380-4376-84E8-823945596706}E:\juegos\70. independientes\game dev tycoon\multijugador\server application-8-1-5-5-0\dmultiplayersrv.exe] => (Allow) E:\juegos\70. independientes\game dev tycoon\multijugador\server application-8-1-5-5-0\dmultiplayersrv.exe
FirewallRules: [TCP Query User{CE60C90F-C005-4AF8-A4D1-5EB3C6AD0F80}E:\juegos\70. independientes\project zomboid\v32.6\jre64\bin\java.exe] => (Allow) E:\juegos\70. independientes\project zomboid\v32.6\jre64\bin\java.exe
FirewallRules: [UDP Query User{F0E07FC2-497F-445A-B480-00B5B969874B}E:\juegos\70. independientes\project zomboid\v32.6\jre64\bin\java.exe] => (Allow) E:\juegos\70. independientes\project zomboid\v32.6\jre64\bin\java.exe
FirewallRules: [TCP Query User{E89FCAAB-8D4B-4CAC-8EA2-30F9B5A11F04}E:\juegos\70. independientes\project zomboid\v32.6\projectzomboid64.exe] => (Allow) E:\juegos\70. independientes\project zomboid\v32.6\projectzomboid64.exe
FirewallRules: [UDP Query User{5AF9119B-4464-4517-A4D7-F07E605B7A2D}E:\juegos\70. independientes\project zomboid\v32.6\projectzomboid64.exe] => (Allow) E:\juegos\70. independientes\project zomboid\v32.6\projectzomboid64.exe
FirewallRules: [{DA8FD629-F244-43BD-B5B5-4863C1D9906E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E9339E93-5D06-48BC-B961-1FD861C3CA5B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{56B3055F-6ED9-4669-9D19-B03B0C9518E6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{8E0EB2C3-18CE-4A13-84A0-D606F34FFDDC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{2EA28970-B664-4308-9C6A-FC94F4AF2017}E:\juegos\70. independientes\project zomboid\v32.16\project zomboid\projectzomboid64.exe] => (Allow) E:\juegos\70. independientes\project zomboid\v32.16\project zomboid\projectzomboid64.exe
FirewallRules: [UDP Query User{0E3D07CB-3891-479A-AF04-3B9E84C80F39}E:\juegos\70. independientes\project zomboid\v32.16\project zomboid\projectzomboid64.exe] => (Allow) E:\juegos\70. independientes\project zomboid\v32.16\project zomboid\projectzomboid64.exe
FirewallRules: [TCP Query User{596A202C-B874-4608-A922-AE55B487FCD6}E:\juegos\70. independientes\hammerwatch\v1.3\hammerwatch.exe] => (Allow) E:\juegos\70. independientes\hammerwatch\v1.3\hammerwatch.exe
FirewallRules: [UDP Query User{20ABB8C2-E8E7-4C24-BB48-665990F3C7B3}E:\juegos\70. independientes\hammerwatch\v1.3\hammerwatch.exe] => (Allow) E:\juegos\70. independientes\hammerwatch\v1.3\hammerwatch.exe
FirewallRules: [TCP Query User{2DB0F1A2-F758-45E0-849A-FC8A966290EC}E:\juegos\70. independientes\project zomboid\v32.16\project zomboid\jre64\bin\java.exe] => (Allow) E:\juegos\70. independientes\project zomboid\v32.16\project zomboid\jre64\bin\java.exe
FirewallRules: [UDP Query User{9FF62E7A-A9F0-4B96-9496-5CF41584ABD1}E:\juegos\70. independientes\project zomboid\v32.16\project zomboid\jre64\bin\java.exe] => (Allow) E:\juegos\70. independientes\project zomboid\v32.16\project zomboid\jre64\bin\java.exe
FirewallRules: [TCP Query User{6D005179-4813-4DF7-8761-BE1B58E397A7}C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{AA06A85F-857E-4A57-B9E6-FC4ECE60FB0D}C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{AE8A7913-8231-4B90-A3F4-7B6239332136}C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{4326C132-2326-47DC-B37E-41DF5ABB2634}C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{419F6DC8-2440-4EB2-AC95-DB5A7CF2E6F8}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{A7819CD4-1677-4F3A-AE0B-72870DA98B2C}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{516F4C00-306C-46B4-B08E-698CE3B2B1D4}F:\documents and settings\apps\transmission\app\transmission\transmission-qt.exe] => (Allow) F:\documents and settings\apps\transmission\app\transmission\transmission-qt.exe
FirewallRules: [UDP Query User{DC83CF27-655F-4FF5-995F-CA3938F4B12F}F:\documents and settings\apps\transmission\app\transmission\transmission-qt.exe] => (Allow) F:\documents and settings\apps\transmission\app\transmission\transmission-qt.exe
FirewallRules: [TCP Query User{2CDE9865-094C-483A-A932-65FC0351DED7}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{C6F5D5D1-99F5-4688-96CF-69A467CB9170}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [{13CAB575-6173-42DB-868B-747C1E412819}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rainbow Six Siege - Closed Beta\RainbowSix.exe
FirewallRules: [{E205AAAC-E542-4CA9-A166-C468BEB4472A}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rainbow Six Siege - Closed Beta\RainbowSix.exe
FirewallRules: [TCP Query User{588CBC0C-463C-4F69-9DBC-B257C5008130}C:\temp\rar$exa0.766\teamspeak3-server_win64\ts3server_win64.exe] => (Allow) C:\temp\rar$exa0.766\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [UDP Query User{648131FE-C1A3-4011-B36C-B4A06C17AB8B}C:\temp\rar$exa0.766\teamspeak3-server_win64\ts3server_win64.exe] => (Allow) C:\temp\rar$exa0.766\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [TCP Query User{BB94E81B-304D-4653-B968-7E6E02B82622}C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe
FirewallRules: [UDP Query User{B41CD48B-2F10-40C7-876C-BD6066ECC8FD}C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe
FirewallRules: [TCP Query User{DA3CC98B-F429-4F40-A4C4-C7ACB9109DAD}C:\program files (x86)\heroes of the storm\versions\base38500\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base38500\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{26B10B17-30D2-417A-BCE4-DDE3ED5AB4A7}C:\program files (x86)\heroes of the storm\versions\base38500\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base38500\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{E40B4350-CAFB-497D-AB2C-D9B38B8A87A4}C:\program files (x86)\steam\steamapps\common\greygoo\instanceserverg.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\greygoo\instanceserverg.exe
FirewallRules: [UDP Query User{900A7D2F-C3A7-40CA-BECE-5028FF16279A}C:\program files (x86)\steam\steamapps\common\greygoo\instanceserverg.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\greygoo\instanceserverg.exe
FirewallRules: [TCP Query User{FBE5E022-8C77-4378-AF13-8D58FE37F57A}C:\program files (x86)\steam\steamapps\common\greygoo\goog.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\greygoo\goog.exe
FirewallRules: [UDP Query User{D0CF5C5E-65A9-41EC-8788-A99EE5323535}C:\program files (x86)\steam\steamapps\common\greygoo\goog.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\greygoo\goog.exe
FirewallRules: [{505A240B-96CF-4FB3-B272-E7A59F6B7547}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magicka 2 beta\engine\Magicka2.exe
FirewallRules: [{1CBED79E-EBD3-4F3D-B37D-4C47F48559B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magicka 2 beta\engine\Magicka2.exe
FirewallRules: [TCP Query User{0B1B54AF-233D-4F9D-B92C-91DE93D9AC7F}C:\program files (x86)\broforce\broforce.exe] => (Allow) C:\program files (x86)\broforce\broforce.exe
FirewallRules: [UDP Query User{9C74D175-B862-44AA-B025-C2949CC70185}C:\program files (x86)\broforce\broforce.exe] => (Allow) C:\program files (x86)\broforce\broforce.exe
FirewallRules: [TCP Query User{18254E08-F3BE-4A63-86DA-11D6471E203C}C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{D4CAD28C-5F60-4CE1-B37F-E2051D31C807}C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{98569702-8815-487F-9B0C-F71F0B49A454}C:\program files (x86)\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{4C79DD6F-367A-4BD0-B31D-BBF479C1A0F1}C:\program files (x86)\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe
FirewallRules: [{A6409FFC-9E3E-40AF-A13B-C27C55BCF413}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rainbow Six Siege - Open Beta\RainbowSix.exe
FirewallRules: [{F205FF94-F894-4B3F-8EAE-965177DA1206}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rainbow Six Siege - Open Beta\RainbowSix.exe
FirewallRules: [TCP Query User{460E3535-8A04-4300-8355-7B10A7AF113F}C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{3FA3CA4A-11B2-4B5C-B4CE-62042C791DA3}C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{A496DC16-3CCA-4B21-9B03-6DF9EF3AA3C4}C:\program files (x86)\heroes of the storm\versions\base39445\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39445\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{F87A6747-715E-4F1D-BB22-429EE787E4A2}C:\program files (x86)\heroes of the storm\versions\base39445\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39445\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{5EAA8B09-F443-4CF0-AABE-CE7147E6A2CD}C:\program files (x86)\heroes of the storm\versions\base39595\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39595\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{D5FFD353-5771-4936-AAAB-1C9A9562ACCB}C:\program files (x86)\heroes of the storm\versions\base39595\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39595\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{95FA1BF6-14B4-4791-89AC-E49F8927134E}C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{E5D94172-A790-47C6-A795-DAD5F939261C}C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe
FirewallRules: [{05533DDC-14DF-4747-B3CD-C57C8D2B276E}] => (Allow) E:\Juegos\Comprados\METAL GEAR SOLID V\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{0D58BC8A-FA53-4A46-A5A0-3F689B21CAF4}] => (Allow) E:\Juegos\Comprados\METAL GEAR SOLID V\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{9A1F4432-BFD9-4E32-A0F2-BA4D145F3369}] => (Allow) E:\Juegos\Comprados\METAL GEAR SOLID V\steamapps\common\MagickaWizardWars\WizardWarsLauncher.exe
FirewallRules: [{19160C12-8DB5-407F-A558-0369F92B4127}] => (Allow) E:\Juegos\Comprados\METAL GEAR SOLID V\steamapps\common\MagickaWizardWars\WizardWarsLauncher.exe
FirewallRules: [TCP Query User{39ADFC36-CC1F-438C-85DC-37FA814C21E5}E:\juegos\comprados\metal gear solid v\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) E:\juegos\comprados\metal gear solid v\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [UDP Query User{FBEEA411-5ED2-4A79-8E3B-F83AD5C7BA14}E:\juegos\comprados\metal gear solid v\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) E:\juegos\comprados\metal gear solid v\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [{31976A61-BAC3-42D5-AE11-B96296738B56}] => (Allow) E:\Juegos\Comprados\METAL GEAR SOLID V\steamapps\common\Keep Talking and Nobody Explodes\ktane.exe
FirewallRules: [{847B3F00-9511-49FF-8281-990A1C709A37}] => (Allow) E:\Juegos\Comprados\METAL GEAR SOLID V\steamapps\common\Keep Talking and Nobody Explodes\ktane.exe
FirewallRules: [{9521D140-A09C-46AF-973A-CFCF52EEDBE2}] => (Allow) E:\Juegos\Comprados\METAL GEAR SOLID V\steamapps\common\Poly Bridge\polybridge.exe
FirewallRules: [{F3BA7ECB-244D-439B-9337-41F7A93C7F65}] => (Allow) E:\Juegos\Comprados\METAL GEAR SOLID V\steamapps\common\Poly Bridge\polybridge.exe
FirewallRules: [{19051C9F-7D79-4CB8-BF2E-29FE3D3D5692}] => (Allow) E:\Juegos\Comprados\METAL GEAR SOLID V\steamapps\common\Helldivers\binaries\x64\helldivers.exe
FirewallRules: [{B0384483-B744-4914-8706-59B9A3D96974}] => (Allow) E:\Juegos\Comprados\METAL GEAR SOLID V\steamapps\common\Helldivers\binaries\x64\helldivers.exe
FirewallRules: [{FAD3B16E-8F02-4334-BAFF-A1FEDEBB6180}] => (Allow) E:\Juegos\Comprados\METAL GEAR SOLID V\steamapps\common\Helldivers\binaries\x86\helldivers.exe
FirewallRules: [{6A75CCC6-5B10-4A40-9EF3-FB328360461F}] => (Allow) E:\Juegos\Comprados\METAL GEAR SOLID V\steamapps\common\Helldivers\binaries\x86\helldivers.exe
FirewallRules: [{F214FE32-AC2F-4DAA-8271-2921A2A333BB}] => (Allow) E:\Juegos\Comprados\METAL GEAR SOLID V\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{0F8D329F-D6E9-47E0-81E2-4B93B0FEA9CE}] => (Allow) E:\Juegos\Comprados\METAL GEAR SOLID V\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [TCP Query User{FA8FA8CE-8548-4F57-B315-F47747EC164A}E:\juegos\comprados\metal gear solid v\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) E:\juegos\comprados\metal gear solid v\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{47C9FBB4-BA83-4BEA-81B4-234DDE0A3FF8}E:\juegos\comprados\metal gear solid v\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) E:\juegos\comprados\metal gear solid v\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [{4BE2A57B-FAA2-4717-AA94-E8345B6D39F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magicka 2\engine\Magicka2.exe
FirewallRules: [{26D00A4B-25F3-44B1-BC88-C83A0BE964A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magicka 2\engine\Magicka2.exe
FirewallRules: [{BBEC31E8-6E73-4283-9C17-0CD55B30B069}] => (Allow) E:\Juegos\Comprados\METAL GEAR SOLID V\steamapps\common\nosgoth\NosgothLauncher.exe
FirewallRules: [{6AC9FA41-58B5-4037-8612-010CFCFA5671}] => (Allow) E:\Juegos\Comprados\METAL GEAR SOLID V\steamapps\common\nosgoth\NosgothLauncher.exe
FirewallRules: [TCP Query User{6A92C09E-C213-47CF-AF7F-27E4DB3CBAA0}C:\program files (x86)\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{84333481-CAE2-4822-A265-48A680A5958D}C:\program files (x86)\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{28899A4F-43F3-4EE2-922C-16AF449E6970}C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{84678B74-C81D-489C-83F6-01CB84DEE737}C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe
FirewallRules: [{F443EF6C-D733-44D2-B330-E165B06A7B9B}] => (Allow) E:\Juegos\Comprados\METAL GEAR SOLID V\steamapps\common\TheRoom\TheRoom.exe
FirewallRules: [{80925924-FCD0-48C2-B064-8FC5033A3237}] => (Allow) E:\Juegos\Comprados\METAL GEAR SOLID V\steamapps\common\TheRoom\TheRoom.exe
FirewallRules: [TCP Query User{F32D7371-D4B4-4546-8EF4-155C2AFA0F04}C:\program files (x86)\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{6CD31132-7611-4160-A42C-179ABD0E2577}C:\program files (x86)\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{3E6116D2-50BB-455D-8A7F-FA77FC525970}C:\temp\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\temp\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{544911D8-A9E9-4A20-A2CC-2672A4801AAD}C:\temp\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\temp\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{C4968234-0363-4113-B158-A0EFFAD30E33}C:\program files (x86)\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{E245EDA6-A01C-4C68-8EED-CC2849DA12D6}C:\program files (x86)\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe
FirewallRules: [{86639D49-503C-4976-A5F4-2F871E8AC18A}] => (Allow) F:\STEAM DESCARGAS\BETAS\steamapps\common\Enter the Gungeon\EtG.exe
FirewallRules: [{2BA46D05-4AF9-4CCC-BA03-8823CE6CF80D}] => (Allow) F:\STEAM DESCARGAS\BETAS\steamapps\common\Enter the Gungeon\EtG.exe
FirewallRules: [TCP Query User{3FDDD655-6121-4326-9610-2756C070B896}C:\program files\java\jre1.8.0_77\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_77\bin\javaw.exe
FirewallRules: [UDP Query User{420453E0-734B-4E95-B971-871487379396}C:\program files\java\jre1.8.0_77\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_77\bin\javaw.exe
FirewallRules: [TCP Query User{9ABD90F3-7A4B-45BF-BB1E-8AE360665961}C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe
FirewallRules: [UDP Query User{B92320F3-324C-4450-A759-161FB38B44DD}C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe
FirewallRules: [{21ABD254-372C-4291-847C-3D5B382CBD8E}] => (Allow) F:\STEAM DESCARGAS\BETAS\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{9AC7E0EB-EFA5-4A0D-90A0-67CE3E3DACE6}] => (Allow) F:\STEAM DESCARGAS\BETAS\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{792AE4A3-9856-4394-A53A-499BCB80EE2F}] => (Allow) F:\STEAM DESCARGAS\BETAS\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{4BF6D2E5-91BF-4FEB-95EF-B3C45D400857}] => (Allow) F:\STEAM DESCARGAS\BETAS\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{548741F7-5E91-4330-9C97-C2F1803A6211}] => (Allow) F:\STEAM DESCARGAS\BETAS\steamapps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{C9442CFA-3658-448F-AA4F-846B2D2A631D}] => (Allow) F:\STEAM DESCARGAS\BETAS\steamapps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{C57C6FDB-74CB-4BCF-B4A1-F74663DB600B}] => (Allow) F:\STEAM DESCARGAS\BETAS\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{6C45EDC3-67D0-40B9-8D25-FD5FFA7F42A6}] => (Allow) F:\STEAM DESCARGAS\BETAS\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [TCP Query User{83C3A0BF-FB39-47C3-8221-1A55EED262DD}C:\program files (x86)\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{686EAD7C-01A9-4BB1-95CC-EA9EA7B1DF8D}C:\program files (x86)\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{083CBA9B-AEE8-420D-BB30-91B9F04426FA}C:\program files (x86)\heroes of the storm\versions\base42273\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base42273\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{B2392220-55A0-4925-8D53-B2DFFB010877}C:\program files (x86)\heroes of the storm\versions\base42273\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base42273\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{84144E0F-9B0E-45B0-BCD8-FD9E75C487D8}C:\program files (x86)\heroes of the storm\versions\base42406\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base42406\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{417FED59-AB26-4795-85BE-01AAADA232E7}C:\program files (x86)\heroes of the storm\versions\base42406\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base42406\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{2E28AAEF-5875-47F0-9016-9B6ED24FB724}C:\program files (x86)\heroes of the storm\versions\base42506\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base42506\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{9A19E2C9-7F10-476E-9A11-19B8E376D69C}C:\program files (x86)\heroes of the storm\versions\base42506\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base42506\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{B1316999-B1E2-4C91-8A43-4DC8BA11CCFB}F:\steam descargas\betas\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) F:\steam descargas\betas\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{846E2EC5-69A2-446D-BAA9-62783454A6B4}F:\steam descargas\betas\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) F:\steam descargas\betas\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{F75D08C5-7985-46C5-8A77-C6A43D2F8699}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{F14DED15-A8F2-493B-BC91-6FE3BCF9A60F}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{1D6E9215-6B98-4F2B-ABC5-4CB5AF411C50}] => (Allow) E:\Juegos\Comprados\METAL GEAR SOLID V\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{183D77AE-2447-440E-B73C-5A0B4ED6513D}] => (Allow) E:\Juegos\Comprados\METAL GEAR SOLID V\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [TCP Query User{B668A4EA-ECD1-4565-9764-E5D5DDBBB2DE}C:\program files (x86)\heroes of the storm\versions\base42958\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base42958\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{F2CC7E5E-2A3C-42DD-A858-1DCC876D5472}C:\program files (x86)\heroes of the storm\versions\base42958\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base42958\heroesofthestorm_x64.exe
FirewallRules: [{B2A19815-EFB0-487D-8AE4-62D68BBFAAFF}] => (Allow) F:\STEAM DESCARGAS\BETAS\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{E1843F60-36DF-4C44-BC3E-8030343D2A8C}] => (Allow) F:\STEAM DESCARGAS\BETAS\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [TCP Query User{235E4CAD-CFFB-4E54-8BA3-08058F768DC8}C:\program files (x86)\heroes of the storm\versions\base43259\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base43259\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{007DA1A1-B515-433D-BD7D-47C06DA059BB}C:\program files (x86)\heroes of the storm\versions\base43259\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base43259\heroesofthestorm_x64.exe
FirewallRules: [{1C561B64-2D43-4EE9-B0B0-C257A3AED014}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [TCP Query User{83C21234-4F9D-48A6-8EA7-079263372CA8}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [UDP Query User{EE0ECE23-5525-4302-92E6-9246D9795480}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [TCP Query User{7E7B88BB-0E39-40B7-9A0C-C0B7B3B84A7E}C:\program files (x86)\heroes of the storm\versions\base43571\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base43571\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{1B818C17-3D83-4BF0-8EDC-03B33395B52B}C:\program files (x86)\heroes of the storm\versions\base43571\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base43571\heroesofthestorm_x64.exe
FirewallRules: [{CE51C6A2-8275-4728-8FFD-E2D8D094F353}] => (Allow) F:\STEAM DESCARGAS\BETAS\steamapps\common\Gang Beasts Online Beta\Gang Beasts Online Multiplayer Beta.exe
FirewallRules: [{C2DF4A8D-D832-4400-9BD2-47078ED03F5F}] => (Allow) F:\STEAM DESCARGAS\BETAS\steamapps\common\Gang Beasts Online Beta\Gang Beasts Online Multiplayer Beta.exe
FirewallRules: [TCP Query User{24A4C6DC-B961-4937-A862-FDA1C3B6DB8F}C:\temp\rar$exa0.484\teamspeak3-server_win64\ts3server.exe] => (Allow) C:\temp\rar$exa0.484\teamspeak3-server_win64\ts3server.exe
FirewallRules: [UDP Query User{C3B24494-D5EB-415B-A57E-B805C4272E9C}C:\temp\rar$exa0.484\teamspeak3-server_win64\ts3server.exe] => (Allow) C:\temp\rar$exa0.484\teamspeak3-server_win64\ts3server.exe
FirewallRules: [{583C0581-4A9B-4964-BCAF-A5003FBF43F7}] => (Allow) E:\Juegos\Comprados\METAL GEAR SOLID V\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{A579A2F8-1253-495F-ACFB-56369C6E3869}] => (Allow) E:\Juegos\Comprados\METAL GEAR SOLID V\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [TCP Query User{2FB75F4D-0140-4222-BF9F-139430CA4692}C:\program files (x86)\heroes of the storm\versions\base43905\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base43905\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{E0317932-E08A-40C1-A341-69F931F8234A}C:\program files (x86)\heroes of the storm\versions\base43905\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base43905\heroesofthestorm_x64.exe
FirewallRules: [{A43C65E4-624C-4250-B5D7-0B811863A88E}] => (Allow) F:\STEAM DESCARGAS\BETAS\steamapps\common\TheRoomTwo\TheRoomTwo.exe
FirewallRules: [{E5B27DB9-13CF-4F35-AC9C-2CF6A4D7D6A0}] => (Allow) F:\STEAM DESCARGAS\BETAS\steamapps\common\TheRoomTwo\TheRoomTwo.exe
FirewallRules: [TCP Query User{96B9334A-5005-4553-BA70-0158711CA74B}C:\program files (x86)\heroes of the storm\versions\base44468\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base44468\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{1D6B41DA-738C-4538-BD65-3B9F92470CE9}C:\program files (x86)\heroes of the storm\versions\base44468\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base44468\heroesofthestorm_x64.exe
FirewallRules: [{1985471A-DFEB-4F5D-B15C-2BE898A6F202}] => (Allow) F:\STEAM DESCARGAS\BETAS\steamapps\common\Alien Swarm\swarm.exe
FirewallRules: [{2CAAD014-B731-4C6C-BD48-3D3881342765}] => (Allow) F:\STEAM DESCARGAS\BETAS\steamapps\common\Alien Swarm\swarm.exe
FirewallRules: [TCP Query User{C1803074-CBA7-472F-9487-F0CBFF78D352}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [UDP Query User{949EC958-3BA2-4903-85C6-E4D3365813C7}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [{0966885C-C040-4AD1-838F-5633FB098613}] => (Allow) F:\STEAM DESCARGAS\BETAS\steamapps\common\LawBreakers\ShooterGame\Binaries\Win64\LawBreakers.exe
FirewallRules: [{6004AADB-84AD-4A23-BE5C-F99F2CCF7603}] => (Allow) F:\STEAM DESCARGAS\BETAS\steamapps\common\LawBreakers\ShooterGame\Binaries\Win64\LawBreakers.exe
FirewallRules: [{74DF6F2E-480A-4B9A-BAF8-4BFDF3FF0ECD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\mod_uploader.exe
FirewallRules: [{D411FE2E-C6D8-4F2F-83D4-E73ECAF250A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\mod_uploader.exe
FirewallRules: [{B0340106-73A6-4090-B901-5E90CB4E1358}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{010E2E7F-686B-4EC6-B650-738EE5E3B691}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{82F8245B-DF4D-4D74-8C30-572754505919}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{85F66835-5BDC-4765-8454-1A5E7FA8079D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{58224960-AC9D-4EF7-8E25-4B1E235EEA6C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{79F613DD-E208-4A2B-AA0C-5BB339A9A2A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{BAFB4E5C-53DF-409A-9031-631BF202D47D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{78A6CA3F-E629-4E69-853F-17029C299018}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{28A40745-F71B-4B8B-B963-B734FEB2B5BC}] => (Allow) F:\STEAM DESCARGAS\BETAS\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [{B7714BDC-9D2D-45B4-94E2-EDCABF6F8A4B}] => (Allow) F:\STEAM DESCARGAS\BETAS\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [TCP Query User{E4FE037C-B47D-4124-80A7-2DDE1EEA3205}E:\juegos\comprados\metal gear solid v\steamapps\common\tom clancy's rainbow six siege\rainbowsixgame.exe] => (Allow) E:\juegos\comprados\metal gear solid v\steamapps\common\tom clancy's rainbow six siege\rainbowsixgame.exe
FirewallRules: [UDP Query User{921D4B55-8BA7-4357-AB8A-63045FFEFDBC}E:\juegos\comprados\metal gear solid v\steamapps\common\tom clancy's rainbow six siege\rainbowsixgame.exe] => (Allow) E:\juegos\comprados\metal gear solid v\steamapps\common\tom clancy's rainbow six siege\rainbowsixgame.exe
FirewallRules: [{D02A01E7-698F-4514-ABEF-1204E78E328F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{062C252C-749F-4485-9E4E-6BD79DEF118D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{EC5DD5B1-F15F-41C9-9357-2542EA286800}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{C6AE4982-0679-448A-A747-A2B0330428B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{5EB3E33A-2A40-4380-9A0F-872934E911D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{3216FE37-F27B-4BC7-B5D0-7C5A55089DA2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{5B5B6EC4-E2A3-4DE8-A55A-18A9AFEB9770}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{39FB5AEC-A3E6-4028-8FEC-0A74AA8BA7C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [TCP Query User{A46B0977-D23D-4D57-A6D7-7B1BB5591C34}E:\juegos\comprados\metal gear solid v\steamapps\common\tom clancy's rainbow six siege\rainbowsixgame.exe] => (Allow) E:\juegos\comprados\metal gear solid v\steamapps\common\tom clancy's rainbow six siege\rainbowsixgame.exe
FirewallRules: [UDP Query User{9E4DF04D-C76E-40CD-B460-6406B1D63A37}E:\juegos\comprados\metal gear solid v\steamapps\common\tom clancy's rainbow six siege\rainbowsixgame.exe] => (Allow) E:\juegos\comprados\metal gear solid v\steamapps\common\tom clancy's rainbow six siege\rainbowsixgame.exe
FirewallRules: [TCP Query User{C9A8F867-52B9-41F7-B68D-D47D79081C9D}E:\juegos\comprados\metal gear solid v\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Allow) E:\juegos\comprados\metal gear solid v\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [UDP Query User{7B672C73-5AAF-4C91-ADBF-7606D68176FE}E:\juegos\comprados\metal gear solid v\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Allow) E:\juegos\comprados\metal gear solid v\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [TCP Query User{8FBF4665-B025-462B-BE8D-E6D07FC00E0B}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [UDP Query User{315952B7-76EE-4C35-813C-6D32FD34D66D}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [TCP Query User{35CDFA96-AC30-4253-94F2-245A04297C6F}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{3CC0CB36-B653-4BD4-B7A7-04CB23EAAC40}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{405F7111-020A-4F36-AB5D-5073F94E257D}] => (Allow) F:\STEAM DESCARGAS\BETAS\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [{A596BA0E-DAA2-416A-A0A2-1DE2B51AA935}] => (Allow) F:\STEAM DESCARGAS\BETAS\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [TCP Query User{84846916-7116-4D95-8B93-3C2363CDD02D}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{F4317557-B76D-4FE3-8163-6B0ED7384F03}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{88112AA4-EDD1-49F7-983C-613754477210}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{D3886B87-680B-4E99-86DC-1EFEA58F55F4}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{02801EAF-F948-45AF-B0CF-71ED9EC28B75}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{E1259F7D-80C9-485E-9079-916E00B11BCB}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{BF2A7D8C-28D2-46AC-8CC1-1884856E8BD1}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{78E2C94B-54AF-40AC-8F48-4FBA0702985D}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{C3E9A9ED-71AA-4B12-94AE-4AA4F899FDDB}F:\steam descargas\betas\steamapps\common\tom clancy's rainbow six siege\rainbowsixgame.exe] => (Allow) F:\steam descargas\betas\steamapps\common\tom clancy's rainbow six siege\rainbowsixgame.exe
FirewallRules: [UDP Query User{71DCFC2C-60B0-4E90-8696-DDCC5FD76F96}F:\steam descargas\betas\steamapps\common\tom clancy's rainbow six siege\rainbowsixgame.exe] => (Allow) F:\steam descargas\betas\steamapps\common\tom clancy's rainbow six siege\rainbowsixgame.exe
FirewallRules: [TCP Query User{BA099A33-3F35-47EA-9265-D6D8EF0AE51A}E:\steam\steamapps\common\gang beasts\gang beasts.exe] => (Allow) E:\steam\steamapps\common\gang beasts\gang beasts.exe
FirewallRules: [UDP Query User{DD3E2F40-4866-4090-BE08-E04BF00B6B17}E:\steam\steamapps\common\gang beasts\gang beasts.exe] => (Allow) E:\steam\steamapps\common\gang beasts\gang beasts.exe
FirewallRules: [{D0FDEBB7-5B7B-492E-8C19-C0EA9A40E1F4}] => (Allow) F:\STEAM DESCARGAS\BETAS\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [{82FBC18A-1912-4E05-B0CD-28BD39B81415}] => (Allow) F:\STEAM DESCARGAS\BETAS\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [TCP Query User{AE08DD7B-C372-4429-AD4E-B5B2AFA0D56E}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [UDP Query User{D95235D4-528B-4535-AFCD-65E0EB63D24E}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [TCP Query User{D0BB8BA2-BCE9-47CE-A664-055B888E3921}E:\battle.net (blizzard)\blizzard games\hearthstone\hearthstone.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{13EE9D44-23C5-4D17-965F-0708438A7542}E:\battle.net (blizzard)\blizzard games\hearthstone\hearthstone.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{E0418F4A-E81F-45D2-9172-6AF197096D8F}F:\documents and settings\apps\transmission\app\transmission\transmission-qt.exe] => (Allow) F:\documents and settings\apps\transmission\app\transmission\transmission-qt.exe
FirewallRules: [UDP Query User{E8C70324-93D4-4375-ADFC-D86CE9093141}F:\documents and settings\apps\transmission\app\transmission\transmission-qt.exe] => (Allow) F:\documents and settings\apps\transmission\app\transmission\transmission-qt.exe
FirewallRules: [{4F64A093-524D-46AB-A5CC-6AA94D941C11}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duelyst\Duelyst.exe
FirewallRules: [{C0BBC769-2FFA-4AEF-A248-728DAE38412E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duelyst\Duelyst.exe
FirewallRules: [{F7BE719C-1AB8-45E6-A2F8-3ABCD85F3047}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{B84971C9-829D-48D8-85B8-5F13C8C07AF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{86DCA8A5-5346-42E7-A8A3-B18E4D449FDD}] => (Allow) E:\Juegos\Steam\Tom Clancy's Rainbow's Six Siege\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [{A084FF6D-BBCE-4222-B258-A20A2ACB94B0}] => (Allow) E:\Juegos\Steam\Tom Clancy's Rainbow's Six Siege\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [TCP Query User{4EC3C259-C3DB-4276-98B5-D1284BCAAD0D}E:\juegos\steam\tom clancy's rainbow's six siege\steamapps\common\tom clancy's rainbow six siege\rainbowsixgame.exe] => (Allow) E:\juegos\steam\tom clancy's rainbow's six siege\steamapps\common\tom clancy's rainbow six siege\rainbowsixgame.exe
FirewallRules: [UDP Query User{4CD15B52-C791-4A43-9ED2-E67083CD485F}E:\juegos\steam\tom clancy's rainbow's six siege\steamapps\common\tom clancy's rainbow six siege\rainbowsixgame.exe] => (Allow) E:\juegos\steam\tom clancy's rainbow's six siege\steamapps\common\tom clancy's rainbow six siege\rainbowsixgame.exe
FirewallRules: [TCP Query User{59ABC19B-EBA9-4996-B567-6CFA92E0F5B0}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{BBACE5E8-A972-4B80-A1F3-886BB9D876A6}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{D05AE5FA-963E-4CA1-B5EF-CE5B82803846}E:\juegos\steam\tom clancy's rainbow's six siege\steamapps\common\tom clancy's rainbow six siege\rainbowsixgame.exe] => (Allow) E:\juegos\steam\tom clancy's rainbow's six siege\steamapps\common\tom clancy's rainbow six siege\rainbowsixgame.exe
FirewallRules: [UDP Query User{B577EA74-F3A2-4995-BC1D-BD50E428F060}E:\juegos\steam\tom clancy's rainbow's six siege\steamapps\common\tom clancy's rainbow six siege\rainbowsixgame.exe] => (Allow) E:\juegos\steam\tom clancy's rainbow's six siege\steamapps\common\tom clancy's rainbow six siege\rainbowsixgame.exe
FirewallRules: [{575DDA94-6F5B-40AE-8360-F06A07EACAEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{BF565A3F-3BC9-415C-B20F-34B65674273C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{9F98A25D-7D84-43D8-AB12-2C17750A3E43}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheRoomTwo\TheRoomTwo.exe
FirewallRules: [{CD57E2BF-39C2-4221-BDBC-DD3F764EF8E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheRoomTwo\TheRoomTwo.exe
FirewallRules: [TCP Query User{2AE00C62-3679-458B-92C6-4BC9C3A31D67}E:\battle.net (blizzard)\blizzard games\hearthstone\hearthstone.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{E8AADD09-377F-42BC-BB44-23EF997C56DE}E:\battle.net (blizzard)\blizzard games\hearthstone\hearthstone.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{ECAC6280-172A-482B-9006-7B18BE63E261}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{E90DA7D7-0F1C-485F-95E8-21150999D670}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{921C8085-3822-4BC1-84EC-04F3A17EB2AF}C:\users\dídac\desktop\downloads ii\ultimate chicken horse\win64\ultimatechickenhorse.exe] => (Block) C:\users\dídac\desktop\downloads ii\ultimate chicken horse\win64\ultimatechickenhorse.exe
FirewallRules: [UDP Query User{3E21BB67-473E-43B6-AF78-4663F3B9EC7A}C:\users\dídac\desktop\downloads ii\ultimate chicken horse\win64\ultimatechickenhorse.exe] => (Block) C:\users\dídac\desktop\downloads ii\ultimate chicken horse\win64\ultimatechickenhorse.exe
FirewallRules: [TCP Query User{4F14D959-2880-4BDE-9671-4DE77255585B}C:\gog games\broforce\broforce_beta.exe] => (Allow) C:\gog games\broforce\broforce_beta.exe
FirewallRules: [UDP Query User{2A1A4682-E601-4074-A240-A0178B9151DF}C:\gog games\broforce\broforce_beta.exe] => (Allow) C:\gog games\broforce\broforce_beta.exe
FirewallRules: [{023C466A-724B-4818-BF11-10C877149D78}] => (Allow) E:\Juegos\Steam\Tom Clancy's Rainbow's Six Siege\steamapps\common\Tom Clancy's Splinter Cell Blacklist\Blacklist_Launcher.exe
FirewallRules: [{52C3055A-104C-4540-A25E-85AACE81533B}] => (Allow) E:\Juegos\Steam\Tom Clancy's Rainbow's Six Siege\steamapps\common\Tom Clancy's Splinter Cell Blacklist\Blacklist_Launcher.exe
FirewallRules: [{20F591FD-221C-4882-95A5-F4BFA19EEBD6}] => (Allow) E:\Juegos\Steam\Tom Clancy's Rainbow's Six Siege\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{396B8350-4EBB-4311-A51E-EAE536F15F26}] => (Allow) E:\Juegos\Steam\Tom Clancy's Rainbow's Six Siege\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{C88BD265-D5E6-4DC6-81A7-525EB08727BA}] => (Allow) E:\Juegos\Steam\Tom Clancy's Rainbow's Six Siege\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{41AC5128-56BA-4DB8-839C-82CD13DCA7EB}] => (Allow) E:\Juegos\Steam\Tom Clancy's Rainbow's Six Siege\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{1B99D91B-985D-47BF-826C-9EC973C38BE2}] => (Allow) E:\Juegos\Steam\Tom Clancy's Rainbow's Six Siege\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\gu.exe
FirewallRules: [{1590598B-4166-426A-84E0-1E08934C4B53}] => (Allow) E:\Juegos\Steam\Tom Clancy's Rainbow's Six Siege\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\gu.exe
FirewallRules: [TCP Query User{E9C12FDC-E2A9-44BD-B9E9-D83B9BCB0246}E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{6FE4E71E-DF03-40E8-9113-2DD192A9A4A1}E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe
FirewallRules: [{32D2A6DC-E8E3-41E8-A08B-DADE87CA6A13}] => (Allow) E:\Juegos\Steam\Tom Clancy's Rainbow's Six Siege\steamapps\common\Enter the Gungeon\EtG.exe
FirewallRules: [{ED685062-D6EB-489B-8670-C06EE20B934A}] => (Allow) E:\Juegos\Steam\Tom Clancy's Rainbow's Six Siege\steamapps\common\Enter the Gungeon\EtG.exe
FirewallRules: [{F18115A2-D3CF-4198-A536-938753951007}] => (Allow) E:\Juegos\Steam\Tom Clancy's Rainbow's Six Siege\steamapps\common\Gang Beasts\Gang Beasts.exe
FirewallRules: [{DADC60A4-B559-4BB6-A9FA-AF6FE955EDF4}] => (Allow) E:\Juegos\Steam\Tom Clancy's Rainbow's Six Siege\steamapps\common\Gang Beasts\Gang Beasts.exe
FirewallRules: [TCP Query User{A81BFF85-C2CB-45AC-85D7-7988DCD90FC8}E:\juegos\uplay\games\forhonortt\forhonor.exe] => (Allow) E:\juegos\uplay\games\forhonortt\forhonor.exe
FirewallRules: [UDP Query User{7C910D1C-95C5-45EF-87F3-F6CDA0F5D1CE}E:\juegos\uplay\games\forhonortt\forhonor.exe] => (Allow) E:\juegos\uplay\games\forhonortt\forhonor.exe
FirewallRules: [{FB36C15F-079C-4FEE-A88F-3ECB8C8DF0F4}] => (Allow) E:\Juegos\Uplay\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{90E72B32-9205-4FFD-ADBC-413CE3F88F9A}] => (Allow) E:\Juegos\Uplay\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [TCP Query User{A7B3FDBC-213F-4DE7-B5F5-D4B3DC3CFEF7}E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base46158\heroesofthestorm_x64.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base46158\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{635A20CB-B300-4FF5-9FAB-6320D6830FA0}E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base46158\heroesofthestorm_x64.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base46158\heroesofthestorm_x64.exe
FirewallRules: [{698A6147-9B4E-4094-825D-09421C764943}] => (Allow) E:\Juegos\Steam\Tom Clancy's Rainbow's Six Siege\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{D393BE0D-2027-40B1-8E03-DDB97417D651}] => (Allow) E:\Juegos\Steam\Tom Clancy's Rainbow's Six Siege\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [TCP Query User{C704F6DD-F52F-46EF-8BFE-4D5AE47E99A3}E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{2FB19490-8701-4ABF-B20B-CA407FA29EEF}E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{435686B7-FF54-4FD6-8AAE-F9467DF22D51}F:\pelismagnet\pelismagnet.exe] => (Allow) F:\pelismagnet\pelismagnet.exe
FirewallRules: [UDP Query User{D29F74D6-3141-409F-A9A4-4809D79A1B5E}F:\pelismagnet\pelismagnet.exe] => (Allow) F:\pelismagnet\pelismagnet.exe
FirewallRules: [{2D53B8F9-C9D5-4B66-8BC9-53720C5DAEE9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
FirewallRules: [{B930C113-44F3-490D-8F57-D875740DEB64}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
FirewallRules: [{32DF5B91-BD93-49F1-81DC-EF6ABCAC2B0E}] => (Allow) C:\Program Files (x86)\TorrentsTime Media Player\bin\chromecast\node.exe
FirewallRules: [{03D10AE1-FDFA-4580-A5B1-70088D2B33E3}] => (Allow) C:\Program Files (x86)\TorrentsTime Media Player\bin\chromecast\node.exe
FirewallRules: [TCP Query User{D281A611-6C98-495E-8E28-E2C35DDDBA64}C:\users\dídac\desktop\downloads ii\office\office 2016\microsoft windows & office activator\aact.exe] => (Allow) C:\users\dídac\desktop\downloads ii\office\office 2016\microsoft windows & office activator\aact.exe
FirewallRules: [UDP Query User{5BF8921C-FC14-4A4B-9BAA-AA5395097528}C:\users\dídac\desktop\downloads ii\office\office 2016\microsoft windows & office activator\aact.exe] => (Allow) C:\users\dídac\desktop\downloads ii\office\office 2016\microsoft windows & office activator\aact.exe
FirewallRules: [TCP Query User{B39F77E6-48F2-4FFE-8045-E50FF1732649}E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{8C658209-63BE-4143-ABE8-981A58C82603}E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{C1A8C2F3-4F8C-422A-A659-D2CDD4D17314}E:\juegos\steam\tom clancy's rainbow's six siege\steamapps\common\space\spacegame\binaries\win64\spserver.exe] => (Allow) E:\juegos\steam\tom clancy's rainbow's six siege\steamapps\common\space\spacegame\binaries\win64\spserver.exe
FirewallRules: [UDP Query User{51D528C0-5A20-4422-8C7C-24101C6A2B0C}E:\juegos\steam\tom clancy's rainbow's six siege\steamapps\common\space\spacegame\binaries\win64\spserver.exe] => (Allow) E:\juegos\steam\tom clancy's rainbow's six siege\steamapps\common\space\spacegame\binaries\win64\spserver.exe
FirewallRules: [{5FE8EFFB-9DB2-4627-8C0E-868A9C9C55BE}] => (Allow) E:\Juegos\Steam\Tom Clancy's Rainbow's Six Siege\steamapps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [{F3459899-05C6-47F2-A84E-0DB716745838}] => (Allow) E:\Juegos\Steam\Tom Clancy's Rainbow's Six Siege\steamapps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [{47953FA6-288C-427A-9630-0937393528C6}] => (Allow) C:\Users\Dídac\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C9D8983F-2364-4569-A206-A8AF9CB51F72}] => (Allow) C:\Users\Dídac\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{956EF5DD-224F-4A2F-8EE7-17E42C890426}] => (Allow) C:\Users\Dídac\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8DAF0D5C-E062-4184-B99E-3D79601003BF}] => (Allow) C:\Users\Dídac\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{65B9B19C-D7D8-46C9-9A7B-CC4E5D242C46}] => (Allow) C:\Users\Dídac\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4C868163-C78E-42B6-9B23-C763CB15C2C7}] => (Allow) C:\Users\Dídac\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B6B27636-B64A-4F11-9A1A-CE3780E51CFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Helldivers\binaries\x64\helldivers.exe
FirewallRules: [{C84487AD-603D-4126-AF93-2EA9CDB649DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Helldivers\binaries\x64\helldivers.exe
FirewallRules: [{BA2B64FC-DF04-49E0-AFDC-26B15E7F70D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Helldivers\binaries\x86\helldivers.exe
FirewallRules: [{475AEE19-5D8E-4D26-9145-010C087AA3E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Helldivers\binaries\x86\helldivers.exe
FirewallRules: [TCP Query User{7D744232-C851-4469-AE2C-24E1265E70CE}C:\users\dídac\desktop\downloads ii\neurovoider\neurovoider.exe] => (Allow) C:\users\dídac\desktop\downloads ii\neurovoider\neurovoider.exe
FirewallRules: [UDP Query User{DADBCED7-2612-4B4C-ADE7-4F36AC425A55}C:\users\dídac\desktop\downloads ii\neurovoider\neurovoider.exe] => (Allow) C:\users\dídac\desktop\downloads ii\neurovoider\neurovoider.exe
FirewallRules: [TCP Query User{B2754583-5A12-43B7-A5D1-CD5EB0626D0E}C:\users\dídac\desktop\downloads ii\move or die\love\win\love.exe] => (Allow) C:\users\dídac\desktop\downloads ii\move or die\love\win\love.exe
FirewallRules: [UDP Query User{71C8D7FB-047F-4644-963F-6568623C5705}C:\users\dídac\desktop\downloads ii\move or die\love\win\love.exe] => (Allow) C:\users\dídac\desktop\downloads ii\move or die\love\win\love.exe
FirewallRules: [{724B8467-B734-4C60-8E6C-B8C8F17D39FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Keep Talking and Nobody Explodes\ktane.exe
FirewallRules: [{9C6BBB0E-CAFF-47BD-9815-784C657193D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Keep Talking and Nobody Explodes\ktane.exe
FirewallRules: [TCP Query User{58D107CF-DE05-4F4A-80D3-132790A7DA6A}C:\program files (x86)\assassin s creed chronicles india\binaries\win32\accgame-win32-shipping.exe] => (Allow) C:\program files (x86)\assassin s creed chronicles india\binaries\win32\accgame-win32-shipping.exe
FirewallRules: [UDP Query User{5B4998F7-F0DA-4984-A3D4-509C507C0589}C:\program files (x86)\assassin s creed chronicles india\binaries\win32\accgame-win32-shipping.exe] => (Allow) C:\program files (x86)\assassin s creed chronicles india\binaries\win32\accgame-win32-shipping.exe
FirewallRules: [TCP Query User{A4DD63E2-7BE8-4454-B420-395FD404790F}C:\temp\rar$exa0.781\minecraft_test_launcher\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) C:\temp\rar$exa0.781\minecraft_test_launcher\runtime\jre-x64\1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{94F3B071-7CA6-4E48-B31E-8835EA3E5681}C:\temp\rar$exa0.781\minecraft_test_launcher\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) C:\temp\rar$exa0.781\minecraft_test_launcher\runtime\jre-x64\1.8.0_51\bin\javaw.exe
FirewallRules: [TCP Query User{7E4BD2DE-88ED-4344-AA36-9FCB09EC8BB5}C:\users\dídac\desktop\downloads ii\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) C:\users\dídac\desktop\downloads ii\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{C860BEC7-9802-476C-AC7E-4DBD38458A38}C:\users\dídac\desktop\downloads ii\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) C:\users\dídac\desktop\downloads ii\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe
FirewallRules: [TCP Query User{A4397471-6532-41AD-80B8-389D7408FF8A}E:\battle.net (blizzard)\battle.net.8098\battle.net.exe] => (Allow) E:\battle.net (blizzard)\battle.net.8098\battle.net.exe
FirewallRules: [UDP Query User{CA9A3BD1-553F-48F8-8268-E4B8248F0CC1}E:\battle.net (blizzard)\battle.net.8098\battle.net.exe] => (Allow) E:\battle.net (blizzard)\battle.net.8098\battle.net.exe
FirewallRules: [TCP Query User{7DE66C58-D503-4E68-984C-F2BF7B418EBD}E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base47479\heroesofthestorm_x64.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base47479\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{15EE434B-504E-4ADF-86B6-FF2196360EB3}E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base47479\heroesofthestorm_x64.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base47479\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{B5FA26C9-A7E5-4CF4-BD74-A6C9F7308C3D}E:\battle.net (blizzard)\battle.net.8142\battle.net.exe] => (Allow) E:\battle.net (blizzard)\battle.net.8142\battle.net.exe
FirewallRules: [UDP Query User{6ACB690E-85D0-44D9-9292-DEB107DD2C58}E:\battle.net (blizzard)\battle.net.8142\battle.net.exe] => (Allow) E:\battle.net (blizzard)\battle.net.8142\battle.net.exe
FirewallRules: [TCP Query User{B1F93DA7-E00E-4C2B-B8BC-6CE7F02D3FC0}E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{FFC04665-E178-4DF4-BD04-8374A5B5CC6E}E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe
FirewallRules: [{79F9FDD1-AF4C-472C-B3C7-34AF153E47FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Broforce\Broforce_beta.exe
FirewallRules: [{51CF3CD1-D522-4D27-A14D-DADB6F55F8EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Broforce\Broforce_beta.exe
FirewallRules: [{CFFDFD59-718A-4BA7-B4A6-57A9B8EF93D6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{E7B704F0-97D1-4989-A71F-76A11F8A1EB5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{D1F49C09-5804-4750-9CE8-5B1EBA8DD8BA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{2E59F2FE-6905-485A-8C6B-377DBA7571AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1C582871-70FC-4522-96FD-4EC86B304B93}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{9FC58760-0813-4A0B-ADF4-1A6FFBCFB68C}E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base48297\heroesofthestorm_x64.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base48297\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{33B246D9-5183-422A-B4EE-0CAB93DB4F1D}E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base48297\heroesofthestorm_x64.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base48297\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{6EC0451F-0ECF-4063-BDB1-B15870B937BA}C:\users\dídac\desktop\downloads ii\hello neighbour\hello.neighbor.alpha.2\helloneighborreborn\binaries\win64\helloneighborreborn.exe] => (Allow) C:\users\dídac\desktop\downloads ii\hello neighbour\hello.neighbor.alpha.2\helloneighborreborn\binaries\win64\helloneighborreborn.exe
FirewallRules: [UDP Query User{5E45A805-D1C4-4200-A2D6-C7773E8B968D}C:\users\dídac\desktop\downloads ii\hello neighbour\hello.neighbor.alpha.2\helloneighborreborn\binaries\win64\helloneighborreborn.exe] => (Allow) C:\users\dídac\desktop\downloads ii\hello neighbour\hello.neighbor.alpha.2\helloneighborreborn\binaries\win64\helloneighborreborn.exe
FirewallRules: [TCP Query User{B92E2C87-8D98-4ABB-9D7E-0C0E05B092CD}C:\users\dídac\desktop\downloads ii\crawl\crawl.exe] => (Allow) C:\users\dídac\desktop\downloads ii\crawl\crawl.exe
FirewallRules: [UDP Query User{CD7BCF16-A731-4112-879D-B169FDAEEB0B}C:\users\dídac\desktop\downloads ii\crawl\crawl.exe] => (Allow) C:\users\dídac\desktop\downloads ii\crawl\crawl.exe
FirewallRules: [{F39A954C-52A9-4736-B096-83E7BAE5E4BD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{4ACC0E6C-C7BC-42C6-8802-3840210D9465}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{EB729B05-6659-4B49-9908-E45A19E90A15}] => (Allow) E:\Juegos\Steam\JocActiu\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{DC11FCD1-0705-42E4-BF7A-DFA7CE3AECA5}] => (Allow) E:\Juegos\Steam\JocActiu\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [TCP Query User{DDF4A78B-6933-4A01-94DF-53EDE7C88B49}E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base48760\heroesofthestorm_x64.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base48760\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{819A527F-247E-4D4E-BF03-946C3B769A6A}E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base48760\heroesofthestorm_x64.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base48760\heroesofthestorm_x64.exe
FirewallRules: [{61E62A47-0386-4277-8958-E22AF2F09798}] => (Allow) E:\Juegos\Steam\JocActiu\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [{E934ABA6-6DF4-4474-A5CC-D29AB4020A29}] => (Allow) E:\Juegos\Steam\JocActiu\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [TCP Query User{0F892D91-2D8D-4E8A-9310-4BFE6CB03A8D}E:\juegos\steam\jocactiu\steamapps\common\tom clancy's rainbow six siege\rainbowsixgame.exe] => (Allow) E:\juegos\steam\jocactiu\steamapps\common\tom clancy's rainbow six siege\rainbowsixgame.exe
FirewallRules: [UDP Query User{6794D2F4-777D-4A16-856B-07F4FE8571FC}E:\juegos\steam\jocactiu\steamapps\common\tom clancy's rainbow six siege\rainbowsixgame.exe] => (Allow) E:\juegos\steam\jocactiu\steamapps\common\tom clancy's rainbow six siege\rainbowsixgame.exe
FirewallRules: [{9A3ACEA9-FA93-4A34-ADCC-C2039F66747E}] => (Allow) E:\Juegos\Steam\JocActiu\steamapps\common\Enter the Gungeon\EtG.exe
FirewallRules: [{BF40714D-51C3-4A18-90FB-5EF4CE112FC3}] => (Allow) E:\Juegos\Steam\JocActiu\steamapps\common\Enter the Gungeon\EtG.exe
FirewallRules: [TCP Query User{37EA6E16-4100-448E-8DAD-4BBF73981074}E:\battle.net (blizzard)\battle.net.8180\battle.net.exe] => (Allow) E:\battle.net (blizzard)\battle.net.8180\battle.net.exe
FirewallRules: [UDP Query User{0CA7AD29-B557-4680-A918-EC03D3E984D1}E:\battle.net (blizzard)\battle.net.8180\battle.net.exe] => (Allow) E:\battle.net (blizzard)\battle.net.8180\battle.net.exe
FirewallRules: [{6FBC04A4-0E20-4E37-8225-19A4C7FF8A36}] => (Allow) E:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare 2\GW2.Main_Win64_Retail.exe
FirewallRules: [{AD2198FD-C4DD-4EBE-84EC-2DCD52A391DF}] => (Allow) E:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare 2\GW2.Main_Win64_Retail.exe
FirewallRules: [{38E61C5D-66CA-44D1-AC70-D937C3A0763E}] => (Allow) E:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare 2\GW2.Trial_Win64_Retail.exe
FirewallRules: [{79675F1F-DF13-4412-9026-CA0AEF227A1C}] => (Allow) E:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare 2\GW2.Trial_Win64_Retail.exe
FirewallRules: [TCP Query User{F5A88DCB-C613-4DEB-A86A-21DB990110EE}E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{3B047391-35BC-4FB3-AB34-8DD18A24C8E4}E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe
FirewallRules: [{21AA1475-3CA5-433D-A69C-417C61269860}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{DEE2497E-450B-47DE-AB8F-80A618A6511C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{95EEA90E-5373-46DB-87F2-E3FB92DEE60E}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{730C38DB-8A94-4797-8B9E-C618BF9BFF36}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{6969C591-B74E-4846-B8BC-3F157906DDFD}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{274F76BC-DCA3-49B2-87C1-2624D0415486}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [TCP Query User{184A5826-D453-47ED-B9FF-471AFF528218}C:\users\dídac\desktop\downloads ii\inversus\inversus.exe] => (Allow) C:\users\dídac\desktop\downloads ii\inversus\inversus.exe
FirewallRules: [UDP Query User{0F639326-513E-418F-8588-7C15F95CB796}C:\users\dídac\desktop\downloads ii\inversus\inversus.exe] => (Allow) C:\users\dídac\desktop\downloads ii\inversus\inversus.exe
FirewallRules: [TCP Query User{83B9D179-6092-4002-AFA7-FFF1A1ADAA45}C:\users\dídac\desktop\downloads ii\crewsaders\crewsaders.exe] => (Allow) C:\users\dídac\desktop\downloads ii\crewsaders\crewsaders.exe
FirewallRules: [UDP Query User{EF1EFD9D-2F18-48B7-B702-5FA360AD327C}C:\users\dídac\desktop\downloads ii\crewsaders\crewsaders.exe] => (Allow) C:\users\dídac\desktop\downloads ii\crewsaders\crewsaders.exe
FirewallRules: [TCP Query User{9548F5BE-3EBB-403F-8A04-47C109F78ACB}E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base49076\heroesofthestorm_x64.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base49076\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{C26598D5-717B-4A49-A935-C533074A7D6E}E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base49076\heroesofthestorm_x64.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base49076\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{C9DF75F7-F6CD-48DA-A326-288C0BBEA864}E:\juegos\steam\real tom clancy's rainbow's six siege\steamapps\common\tom clancy's rainbow six siege\rainbowsixgame.exe] => (Block) E:\juegos\steam\real tom clancy's rainbow's six siege\steamapps\common\tom clancy's rainbow six siege\rainbowsixgame.exe
FirewallRules: [UDP Query User{2D4C1779-8A4E-463D-8498-2F9AC1AF4356}E:\juegos\steam\real tom clancy's rainbow's six siege\steamapps\common\tom clancy's rainbow six siege\rainbowsixgame.exe] => (Block) E:\juegos\steam\real tom clancy's rainbow's six siege\steamapps\common\tom clancy's rainbow six siege\rainbowsixgame.exe
FirewallRules: [TCP Query User{CA18E6B5-BB33-4C6F-B7EE-8B12D59F2D0A}C:\program files (x86)\steam\steamapps\common\artofwar\game\u1game.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\artofwar\game\u1game.exe
FirewallRules: [UDP Query User{B42DC1EB-F880-4218-8ECA-B7F6036490D8}C:\program files (x86)\steam\steamapps\common\artofwar\game\u1game.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\artofwar\game\u1game.exe
FirewallRules: [{69280ED4-364E-456C-B135-1E0E47709548}] => (Allow) E:\Juegos\Steam\Real Tom Clancy's Rainbow's Six Siege\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [{34940CCF-D306-420B-92A4-2A83D1728C01}] => (Allow) E:\Juegos\Steam\Real Tom Clancy's Rainbow's Six Siege\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [TCP Query User{9E80BDDB-F332-4933-8362-450B294F3507}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{AC69CD87-8490-427F-8ACE-6DE9857EEF8E}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [TCP Query User{A1197945-78B3-4EAC-A537-5B0FD55533B0}E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base49278\heroesofthestorm_x64.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base49278\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{436FDF74-6035-4D29-86B2-9F55317FB696}E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base49278\heroesofthestorm_x64.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base49278\heroesofthestorm_x64.exe
FirewallRules: [{6AD44957-73A9-41C8-81F4-C0E1DBC4A2C4}] => (Allow) E:\Juegos\Steam\Carpeta intercanvis\EVOLVE Stage 2\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [{D48AD56A-B374-445A-96AB-963B5051CEA8}] => (Allow) E:\Juegos\Steam\Carpeta intercanvis\EVOLVE Stage 2\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [TCP Query User{E9B51972-CD70-4D20-968E-B328DCC77283}C:\users\dídac\desktop\downloads ii\ultimate chicken horse\game ii\ultimate chicken horse v1.3.15 [x64].veroxpivigames\ultimatechickenhorse.exe] => (Allow) C:\users\dídac\desktop\downloads ii\ultimate chicken horse\game ii\ultimate chicken horse v1.3.15 [x64].veroxpivigames\ultimatechickenhorse.exe
FirewallRules: [UDP Query User{00D0B852-63E9-40DD-8C89-8E81853C6123}C:\users\dídac\desktop\downloads ii\ultimate chicken horse\game ii\ultimate chicken horse v1.3.15 [x64].veroxpivigames\ultimatechickenhorse.exe] => (Allow) C:\users\dídac\desktop\downloads ii\ultimate chicken horse\game ii\ultimate chicken horse v1.3.15 [x64].veroxpivigames\ultimatechickenhorse.exe
FirewallRules: [{299E1008-A32E-4BE3-BFC5-27FD2A14EBC6}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Atlas Reactor\GlyphClient.exe
FirewallRules: [{D9D07F62-B8A8-4E63-8C80-96962206339B}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Atlas Reactor\GlyphClient.exe
FirewallRules: [{6B8A4761-9A4F-4A6D-B9C2-5259F8D48D89}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Enter the Gungeon\EtG.exe
FirewallRules: [{7F7B81DF-408F-4FAD-8963-5F9C04132BDE}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Enter the Gungeon\EtG.exe
FirewallRules: [TCP Query User{A896DA6C-49F6-4B52-819A-32FE72D1A31D}E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base49747\heroesofthestorm_x64.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base49747\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{CE74B826-4C48-43DD-B2F8-F337D3B93496}E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base49747\heroesofthestorm_x64.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base49747\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{07464038-81AF-42CD-BE13-88BBEC8AFD94}E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base49907\heroesofthestorm_x64.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base49907\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{446DC5CD-7BE6-4390-AE58-11F53A76A347}E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base49907\heroesofthestorm_x64.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base49907\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{D0F920E6-2E15-453E-9D0D-882E71720A8E}E:\juegos\uplay\games\forhonor\forhonor.exe] => (Allow) E:\juegos\uplay\games\forhonor\forhonor.exe
FirewallRules: [UDP Query User{4D14F789-E532-447F-B5A0-C80E23E917A8}E:\juegos\uplay\games\forhonor\forhonor.exe] => (Allow) E:\juegos\uplay\games\forhonor\forhonor.exe
FirewallRules: [TCP Query User{E9A785D3-67E8-4D87-8072-58E42211924D}E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base50441\heroesofthestorm_x64.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base50441\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{CC0976E1-23B0-40BC-B709-527183C56D74}E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base50441\heroesofthestorm_x64.exe] => (Allow) E:\battle.net (blizzard)\blizzard games\heroes of the storm\versions\base50441\heroesofthestorm_x64.exe
FirewallRules: [{B1D42ECC-18D5-4DE2-9707-494BBD66AB45}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Deus Ex Mankind Divided\retail\DXMD.exe
FirewallRules: [{6D9338F5-93E3-457F-A4D7-31DE7A0F6C6E}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Deus Ex Mankind Divided\retail\DXMD.exe
FirewallRules: [{A2FA8BC5-B2F9-4A72-ABF3-D3C4AB0F81EF}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\LawBreakers\ShooterGame\Binaries\Win64\LawBreakers.exe
FirewallRules: [{18AF405D-8155-499B-88A3-E1AA0A1E5226}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\LawBreakers\ShooterGame\Binaries\Win64\LawBreakers.exe
FirewallRules: [{BABE70E1-E32C-4402-858C-FFDFF7A79E48}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{F5EE3C00-31B3-465C-BDAE-DB21D8FAEC7A}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{E3FF8411-6A71-4331-8254-CF200B40159B}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{CE1355EC-92C2-4833-B885-496B323F6227}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{925CA55C-7E22-4F84-99C3-7B3E9DC85689}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{CC3229BD-4D5C-4347-A0F7-FAC0C49F7F2E}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
FirewallRules: [{AD119E9B-219E-4135-83B1-657E8B270ECA}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.607\SZBrowser.exe
FirewallRules: [{947DA65E-CF96-4B04-BEE0-694A61D175B4}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{FFDD00D9-30FD-44ED-B560-7CB22BD0C779}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{045C3715-0191-499F-9EFB-8E77A4914EF9}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{B6F6A1C7-F086-41AD-9457-392B9C379C66}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{1B4605AE-2A6B-4A8D-9B27-F5D1B2C4D8AC}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{571E9881-3C0E-4BF5-96F9-49D8E7574907}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{CE17B39D-7DA0-424D-99CF-44E71F3481ED}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{7D75DF70-3CE1-4423-9C13-FC770EA672E5}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{6A37D7BC-0874-4E95-AFF1-3ACF8CD80F4E}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Dungeonland\dungeonland.exe
FirewallRules: [{BCB4FEF1-729B-4EAD-88DC-2735C9586428}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Dungeonland\dungeonland.exe
FirewallRules: [{39F16255-F5C4-4B66-ADB8-09EB78C826BA}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{9CA24436-A063-4353-94B4-A9B52583AFE1}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{A0D84B57-1F14-4D89-8919-AA8B8548BC94}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [{BA0EB156-1062-42C5-8AE5-EB44750AF4AB}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [{14093927-891A-41A4-9BC4-D4758F526B7A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C6A9952D-0CCC-41DA-8C68-75FC3BECB843}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Hitman™\Launcher.exe
FirewallRules: [{035CCF91-416D-4F4B-B1F1-E39BF65461DD}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Hitman™\Launcher.exe
FirewallRules: [{DA3A0963-2784-47DB-B568-3BF7919DC5B1}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{CD2A341D-9980-48F9-BD49-272B92141DDB}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{128C712C-6D17-47ED-98AE-30D7C0017DBD}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\wallpaper_engine\launcher.exe
FirewallRules: [{63C3C9CB-5E68-435A-B9E7-09726F5BDC4E}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\wallpaper_engine\launcher.exe
FirewallRules: [{2BCB2D70-CACB-4DC1-9C03-064F08B98E08}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
FirewallRules: [{432DA470-D885-467F-9483-7E45E10A413E}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [{DD2DA350-79C6-49C1-887F-BD6DD8DAA3D1}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Human Fall Flat\Human.exe
FirewallRules: [{3BE5B410-F52D-48BF-A977-D8E0A525EAE2}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Human Fall Flat\Human.exe
FirewallRules: [{E7F5D15D-2268-4A53-8707-8FFA73A0EB2A}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Samorost 3\Samorost3.exe
FirewallRules: [{17BC8599-5B6D-4A41-8F55-A010DB4631CF}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Samorost 3\Samorost3.exe
FirewallRules: [{2DC9F898-72A5-4428-82A1-316ADFC2B733}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{666CF33B-F969-4CEC-BFC0-88D817D4C6FC}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{399B974C-D37B-443A-8D68-6CCE7DCBEE5C}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{4259BC5D-2183-41E3-AC2F-79A849BB6493}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{7A047A84-4E9E-4F25-B6F2-2A9B611F0A3D}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{2AB14200-AA35-46D6-9006-157614682B57}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{DE2D89D2-1CFB-4B5D-810D-6FFFCFD8F4C0}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Hand of the Gods\HirezBridge\Bin\HirezBridge.exe
FirewallRules: [{224F3B10-EDAC-4D79-8E15-E74FAC9AE7FF}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Hand of the Gods\HirezBridge\Bin\HirezBridge.exe
FirewallRules: [{016C4A43-33CD-4B2F-9B34-C0DE3ABB348D}] => (Allow) E:\Juegos\Uplay\games\Ghost War PVP Beta\GRW.exe
FirewallRules: [{665271B3-F40F-4B96-9B5B-7729B62654F4}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Furi\Furi.exe
FirewallRules: [{68C562E6-5E3E-44EF-8F30-5C62554837A9}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Furi\Furi.exe
FirewallRules: [{0CD8A08A-2F57-4927-A684-208EF63CA051}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{5333B4F7-1283-465E-BE01-179094F37234}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{FFFDFBBD-4E23-4F17-A869-E64D1E1671E5}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\DreadOut\dreadout.exe
FirewallRules: [{614A4E6E-F380-4848-9574-E54809B93517}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\DreadOut\dreadout.exe
FirewallRules: [{57158E68-C5A9-45D9-BE1B-7BCB07E78543}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\DreadOut\dreadout32.exe
FirewallRules: [{9F483C25-1C72-4B47-A6D1-EF6931AB9FCA}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\DreadOut\dreadout32.exe
FirewallRules: [{8AE5F2B5-3863-4CE5-8413-BAD89C576832}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Lakeview Cabin Collection\Lakeview Cabin Collection.exe
FirewallRules: [{ACE8FF1F-EF6C-40C9-A76C-1FB5D1883A81}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Lakeview Cabin Collection\Lakeview Cabin Collection.exe
FirewallRules: [{33F94E65-2933-49A9-917E-C15E3C3AE420}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\KHOLAT\Kholat.exe
FirewallRules: [{9080E1EC-F477-4002-BF6A-47D97DE98118}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\KHOLAT\Kholat.exe
FirewallRules: [{9DC29A30-BD2B-40EA-9661-6F08BDF8F80A}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Bloons TD Battles\Battles-Win.exe
FirewallRules: [{31303706-2CB9-4813-84B8-DDC0C47F296B}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Bloons TD Battles\Battles-Win.exe
FirewallRules: [{9127E5C9-F9B4-4219-97C5-86CCD4BCA29E}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Project Rhombus\Project_Rhombus.exe
FirewallRules: [{83EDFEE5-7EFD-4CA9-B762-415D4C6B3154}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Project Rhombus\Project_Rhombus.exe
FirewallRules: [{3FC48AEB-FD1B-44FC-8FF8-7B2414CD691C}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\StickFightTheGame\StickFight.exe
FirewallRules: [{8E1E1A16-F138-4C66-907B-E015B276ABAD}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\StickFightTheGame\StickFight.exe
FirewallRules: [{26D70B81-F3BF-49D1-B24C-C1D3A47B317D}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Move or Die\MoveOrDie.exe
FirewallRules: [{D4D25772-9277-483B-B1DD-C886E9D81F01}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Move or Die\MoveOrDie.exe
FirewallRules: [{8DC0246D-475B-4BB8-913A-99C9C573C6CF}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Move or Die\Editor.exe
FirewallRules: [{1D848A73-9556-4924-9CAE-3EB3EB5C5215}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Move or Die\Editor.exe
FirewallRules: [{DF1D227E-146B-4E47-91C5-DC05D855550F}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{014CBA1E-4203-456A-AF42-2179BAFD1F9C}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{802859B2-788A-427D-AA24-5E6171F7B7AE}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\12 is Better Than 6\12ibt6Hi\12ibt6.exe
FirewallRules: [{897F0D77-364C-4C46-A0E4-126E625B9D61}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\12 is Better Than 6\12ibt6Hi\12ibt6.exe
FirewallRules: [{C6C2535E-0F36-40B3-955D-344ED2EC3EE1}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\12 is Better Than 6\12ibt6Low\12ibt6.exe
FirewallRules: [{445D3E3D-E3ED-49F4-AFB4-262FA484461E}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\12 is Better Than 6\12ibt6Low\12ibt6.exe
FirewallRules: [TCP Query User{DC9A8D7B-31E2-4ACC-B40B-72765560DCEB}C:\program files (x86)\telepad\telepad.exe] => (Block) C:\program files (x86)\telepad\telepad.exe
FirewallRules: [UDP Query User{58A34E95-7419-430E-85AA-C89290665591}C:\program files (x86)\telepad\telepad.exe] => (Block) C:\program files (x86)\telepad\telepad.exe
FirewallRules: [{3D8959BD-04BA-4C61-B81A-D3A2890AC50D}] => (Allow) F:\STEAM DESCARGAS\Rocket League\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{689A20C5-2809-4D0C-89E1-206C8C5B6E9C}] => (Allow) F:\STEAM DESCARGAS\Rocket League\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{E941D03D-BCCE-4326-B80F-E708C168DF55}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\TheRedSolstice\bin\Game.exe
FirewallRules: [{3AB681F9-6301-4C9C-A4C5-5323F1AAFBC9}] => (Allow) E:\Juegos\Steam\Mortal Kombat X\steamapps\common\TheRedSolstice\bin\Game.exe
FirewallRules: [{60F6BC5F-C6A3-4322-BCB8-40224A76A8D8}] => (Allow) F:\STEAM DESCARGAS\Rocket League\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{6F4FE419-7924-4A3F-9AD4-053788481CCD}] => (Allow) F:\STEAM DESCARGAS\Rocket League\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{F29D479A-45C8-4704-9577-AC8E2C3B77A2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{9AA6E3EF-FB49-49A1-B87E-E73F4DFD5F11}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/17/2018 11:06:33 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x80070005.

Error: (03/17/2018 01:51:24 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Error del Programador de activación de licencias (sppuinotify.dll) con el siguiente código:
0x80070005

Error: (03/17/2018 12:51:24 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Error del Programador de activación de licencias (sppuinotify.dll) con el siguiente código:
0x80070005

Error: (03/16/2018 11:51:24 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Error del Programador de activación de licencias (sppuinotify.dll) con el siguiente código:
0x80070005

Error: (03/16/2018 10:51:24 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Error del Programador de activación de licencias (sppuinotify.dll) con el siguiente código:
0x80070005

Error: (03/16/2018 09:51:24 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Error del Programador de activación de licencias (sppuinotify.dll) con el siguiente código:
0x80070005

Error: (03/16/2018 08:51:24 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Error del Programador de activación de licencias (sppuinotify.dll) con el siguiente código:
0x80070005

Error: (03/16/2018 07:51:24 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Error del Programador de activación de licencias (sppuinotify.dll) con el siguiente código:
0x80070005


System errors:
=============
Error: (03/17/2018 11:21:37 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.

Error: (03/17/2018 11:21:37 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 70.

Error: (03/17/2018 11:13:36 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.

Error: (03/17/2018 11:13:36 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 70.

Error: (03/17/2018 11:09:35 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.

Error: (03/17/2018 11:09:35 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 70.

Error: (03/17/2018 11:07:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Norton Ghost no pudo iniciarse debido al siguiente error:
El sistema no puede encontrar el archivo especificado.

Error: (03/17/2018 11:07:34 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.


CodeIntegrity:
===================================

Date: 2016-07-30 20:02:45.576
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-07-30 20:02:09.693
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-07-30 20:02:09.599
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\ehdrv.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-07-30 20:02:09.599
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-07-30 20:02:07.446
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-07-25 17:58:10.791
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-07-25 17:57:35.630
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-07-25 17:57:35.537
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\ehdrv.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

==================== Memory info ===========================

Processor: Intel® Core™ i7-4790 CPU @ 3.60GHz
Percentage of memory in use: 33%
Total physical RAM: 16300.46 MB
Available physical RAM: 10890.91 MB
Total Virtual: 32599.08 MB
Available Virtual: 26437.05 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.57 GB) (Free:44.88 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (AlfaE) (Fixed) (Total:1704.69 GB) (Free:26.31 GB) NTFS
Drive f: (AlfaF) (Fixed) (Total:1089.82 GB) (Free:213.69 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 2794.5 GB) (Disk ID: 82BA8A68)
Partition 1: (Not Active) - (Size=1704.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1089.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: CD889079)
Partition 1: (Active) - (Size=223.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


Edited by Oh My!, 17 March 2018 - 07:04 PM.


#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,150 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:52 PM

Posted 17 March 2018 - 07:42 PM

Greetings Divac.

Thank you for your offer, I was able to work through things.

Do you have evidence your computer is overheating?

Do you recognize this program?

Feist

Please consider and do this.

===================================================

Peer to Peer (P2P) Warning

--------------------

Going over your logs I noticed that you have Peer 2 Peer (torrent) program(s) installed. It is pretty much certain that if you continue to use P2P programs, you will get infected again.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
I would recommend that you uninstall Peer 2 Peer programs, however that choice is up to you. If you choose to remove the program, you can do so via Start > Control Panel > Add/Remove Programs.

If you are still leaning toward using this program, please take a look at this information about CryptoLocker Ransomware, a type of Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities.

If you wish to keep it, please do not use it until we are completely done and your machine is determined to be clean and updated.

===================================================

Uninstalling Programs Using Revo Uninstaller Free

--------------------

We need to remove the below programs. We can reinstall one of the programs a bit later.
  • Please download and install Revo Uninstaller Free
  • Right click Revo Uninstaller and select Run as administrator
  • From the list of programs double click on the listed program(s), or anything similar, to remove it (if it exists)
Avast Cleanup Premium
Avast Driver Updater 
Avast Premier
Bitdefender Agent
Feist
McAfee Security Scan Plus
Norton Ghost
SafeZone Stable
Zemana AntiMalware
  • Click Yes to any warning screen that may appear
  • If presented with the program uninstall option click Uninstall
  • If asked to restart now click No
  • Under Scanning Modes select Advanced then select Scan
  • On the Found leftover Registry items window click Select All, Delete, then Yes
  • If prompted click on Next
  • On the Found leftover files and folders window click on Select all, Delete, Yes, OK on any warning screen, then Finish
  • Reboot your computer into Normal Boot and check the performance
===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Right click on the FRST icon and select Run as administrator
  • Highlight the below information then hit the Ctrl + C keys at the same time (there is no need to paste the information anywhere)
Start::
CreateRestorePoint:
CloseProcesses:
Tcpip\..\Interfaces\{7EB90F17-5E05-4726-87C0-7056D9784B84}: [NameServer] 77.234.40.79
SearchScopes: HKU\S-1-5-21-1435063854-307818520-736119647-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll => No File
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll => No File
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll No File
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll No File
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
S4 GenericMount Helper Service; "C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelper.exe" [X]
S3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\3.11.266\McCHSvc.exe" [X]
S2 Norton Ghost; C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe [X]
S3 Symantec SymSnap VSS Provider; C:\Windows\system32\dllhost.exe /Processid:{BAC57C50-80C1-4BBB-BE1D-3DF7965F2C16}
S4 SymSnapService; "C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe" [X]
S3 esihdrv; \??\C:\TEMP\esihdrv.sys [X]
S0 pbtklp; System32\drivers\fbedansp.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
U2 V2iMount; no ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
C:\Windows\SysWOW64\lastpass_1337.exe
Task: {4DA655F9-2B9E-41C4-A0E2-57FDE76E46E7} - \AdobeUpdate
Task: {984516FA-0AA3-47E2-97C0-248EE240EA7B} - System32\Tasks\Driver Booster SkipUAC (Dídac) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
C:\Program Files (x86)\IObit
Task: {DAC36FA8-A682-419D-A8A9-220CFF1A7C95} - \Ajuent
Task: {D00AED49-BE5A-48E1-9317-F4D66FD7952A} - System32\Tasks\{7DBF5A33-AE75-4B6D-AF3F-6F6D10A807B9} => C:\Windows\system32\pcalua.exe -a C:\TEMP\Worms-WMD.exe -d C:\TEMP
Task: {B7216C0A-1550-4B82-B8FC-978301E0F6AB} - System32\Tasks\{A30B0A72-E2BE-41DC-9FE2-3A541863C226} => C:\Windows\system32\pcalua.exe -a C:\TEMP\Deus-Ex-Mankind-Divided.exe -d C:\TEMP
Task: {D00AED49-BE5A-48E1-9317-F4D66FD7952A} - System32\Tasks\{7DBF5A33-AE75-4B6D-AF3F-6F6D10A807B9} => C:\Windows\system32\pcalua.exe -a C:\TEMP\Worms-WMD.exe -d C:\TEMP
AlternateDataStreams: C:\TEMP:$DATA​ [16]
AlternateDataStreams: C:\Users\Public\AppData:CSM [468]
File: C:\TEMP\Worms-WMD.exe
File: C:\TEMP\Worms.exe 
File: C:\TEMP\Deus-Ex-Mankind-Divided.exe
cmd: netsh winsock reset catalog
cmd: netsh int ip reset C:\resettcpip.txt
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state ON
cmd: Bitsadmin /Reset /Allusers
cmd: ipconfig /flushdns
Removeproxy:
End::
  • Click Fix
  • When completed he tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
  • Note: This step resets your Firewall settings and you may be asked later to grant permission for legitimate programs to pass through the Firewall. If you recognize the program agree to the request.
===================================================

Malwarebytes AdwCleaner

-------------------
  • Please download AdwCleaner and save it on your desktop.
  • Close all open programs and browsers
  • Double click on AdwCleaner.exe, click Run, then select I agree if it appears
  • Click Scan
  • Once the scan has completed if there are threats found you will see Found 3 threats or something similar above the progress bar
  • Click each tab under Results and uncheck any items you want to keep
  • Click on Clean
  • Confirm the cleaning and rebooting of your computer by clicking OK
  • Click OK twice to finish the removal process by automatically rebooting your computer
  • Once completed an AdwCleaner document will open on your desktop
  • Copy and paste the contents in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Reply to questions
  • Did the programs uninstall?
  • Fixlog
  • AdwCleaner
  • Update on computer performance

Edited by Oh My!, 18 March 2018 - 10:16 AM.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 IHadABadDay

IHadABadDay
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:02:52 AM

Posted 18 March 2018 - 06:17 AM

Some things before getting started I want to ask. I do not recognize the name Feist now but I know I installed a game called that way a lot ago (and then unistalled it). You are telling me to use Revo to uninstall my Antivirus? Then how I would prevent beeing attacked within the time you can't talk? I think you miss-understood what I told you before, my PC is not overheating, the box that is supposed to give me the 400 megabytes/s is overheating. Finally I want to know, what if AdwCleaner doesn't find anything? Thx for your help.



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,150 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:52 PM

Posted 18 March 2018 - 10:19 AM

Greetings.

We will remove Feist. I modified my previous Revo steps to include that.

You have far too many antivirus programs on your computer. Having more than one can cause conflicts and computer performance issues. We need to clean things out then select just one to install. As long as you limit your online exposure until we reinstall one you should be fine.

If AdwCleaner doesn't find anything just report that in your reply.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 IHadABadDay

IHadABadDay
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:02:52 AM

Posted 19 March 2018 - 03:11 PM

I need a reply fast I'm telling you or I will drive crazy. Anything has happened but I'm afraid it will. My computer is "maybe" slightly faster but I can't tell at all. My programs uninstalled properly but I think I did the wrong steps with one "skipping the analysis" and I didn't uninstall the Avast SafeZone because it's the browser I use and without it I could not talk with you. I think it's not a problem of the router but I don't have any idea of what it could be. To add to this, here go the logs:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Dídac (19-03-2018 20:59:30) Run:1
Running from C:\Users\Dídac\Downloads
Loaded Profiles: Dídac (Available Profiles: Dídac)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
Tcpip\..\Interfaces\{7EB90F17-5E05-4726-87C0-7056D9784B84}: [NameServer] 77.234.40.79
SearchScopes: HKU\S-1-5-21-1435063854-307818520-736119647-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll => No File
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll => No File
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll No File
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll No File
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
S4 GenericMount Helper Service; "C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelper.exe" [X]
S3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\3.11.266\McCHSvc.exe" [X]
S2 Norton Ghost; C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe [X]
S3 Symantec SymSnap VSS Provider; C:\Windows\system32\dllhost.exe /Processid:{BAC57C50-80C1-4BBB-BE1D-3DF7965F2C16}
S4 SymSnapService; "C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe" [X]
S3 esihdrv; \??\C:\TEMP\esihdrv.sys [X]
S0 pbtklp; System32\drivers\fbedansp.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
U2 V2iMount; no ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
C:\Windows\SysWOW64\lastpass_1337.exe
Task: {4DA655F9-2B9E-41C4-A0E2-57FDE76E46E7} - \AdobeUpdate
Task: {984516FA-0AA3-47E2-97C0-248EE240EA7B} - System32\Tasks\Driver Booster SkipUAC (Dídac) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
C:\Program Files (x86)\IObit
Task: {DAC36FA8-A682-419D-A8A9-220CFF1A7C95} - \Ajuent
Task: {D00AED49-BE5A-48E1-9317-F4D66FD7952A} - System32\Tasks\{7DBF5A33-AE75-4B6D-AF3F-6F6D10A807B9} => C:\Windows\system32\pcalua.exe -a C:\TEMP\Worms-WMD.exe -d C:\TEMP
Task: {B7216C0A-1550-4B82-B8FC-978301E0F6AB} - System32\Tasks\{A30B0A72-E2BE-41DC-9FE2-3A541863C226} => C:\Windows\system32\pcalua.exe -a C:\TEMP\Deus-Ex-Mankind-Divided.exe -d C:\TEMP
Task: {D00AED49-BE5A-48E1-9317-F4D66FD7952A} - System32\Tasks\{7DBF5A33-AE75-4B6D-AF3F-6F6D10A807B9} => C:\Windows\system32\pcalua.exe -a C:\TEMP\Worms-WMD.exe -d C:\TEMP
AlternateDataStreams: C:\TEMP:$DATA​ [16]
AlternateDataStreams: C:\Users\Public\AppData:CSM [468]
File: C:\TEMP\Worms-WMD.exe
File: C:\TEMP\Worms.exe 
File: C:\TEMP\Deus-Ex-Mankind-Divided.exe
cmd: netsh winsock reset catalog
cmd: netsh int ip reset C:\resettcpip.txt
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state ON
cmd: Bitsadmin /Reset /Allusers
cmd: ipconfig /flushdns
Removeproxy:
 
*****************
 
Restore point was successfully created.
Processes closed successfully.
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7EB90F17-5E05-4726-87C0-7056D9784B84}\\NameServer" => removed successfully
"HKU\S-1-5-21-1435063854-307818520-736119647-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}" => removed successfully
"HKLM\Software\Classes\CLSID\{0F4B8786-5502-4803-8EBC-F652A1153BB6}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{0F4B8786-5502-4803-8EBC-F652A1153BB6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{4BAAC1B8-0800-42C9-8FA6-08B211F356B8}" => removed successfully
"HKLM\Software\Classes\CLSID\{4BAAC1B8-0800-42C9-8FA6-08B211F356B8}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{4BAAC1B8-0800-42C9-8FA6-08B211F356B8}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{4BAAC1B8-0800-42C9-8FA6-08B211F356B8}" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com" => removed successfully
"HKLM\System\CurrentControlSet\Services\GenericMount Helper Service" => removed successfully
GenericMount Helper Service => service removed successfully
"HKLM\System\CurrentControlSet\Services\McComponentHostService" => removed successfully
McComponentHostService => service removed successfully
"HKLM\System\CurrentControlSet\Services\Norton Ghost" => removed successfully
Norton Ghost => service removed successfully
"HKLM\System\CurrentControlSet\Services\Symantec SymSnap VSS Provider" => removed successfully
Symantec SymSnap VSS Provider => service removed successfully
"HKLM\System\CurrentControlSet\Services\SymSnapService" => removed successfully
SymSnapService => service removed successfully
"HKLM\System\CurrentControlSet\Services\esihdrv" => removed successfully
esihdrv => service removed successfully
"HKLM\System\CurrentControlSet\Services\pbtklp" => removed successfully
pbtklp => service removed successfully
"HKLM\System\CurrentControlSet\Services\Synth3dVsc" => removed successfully
Synth3dVsc => service removed successfully
"HKLM\System\CurrentControlSet\Services\tsusbhub" => removed successfully
tsusbhub => service removed successfully
"HKLM\System\CurrentControlSet\Services\V2iMount" => removed successfully
V2iMount => service removed successfully
"HKLM\System\CurrentControlSet\Services\VGPU" => removed successfully
VGPU => service removed successfully
C:\Windows\SysWOW64\lastpass_1337.exe => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4DA655F9-2B9E-41C4-A0E2-57FDE76E46E7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4DA655F9-2B9E-41C4-A0E2-57FDE76E46E7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{984516FA-0AA3-47E2-97C0-248EE240EA7B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{984516FA-0AA3-47E2-97C0-248EE240EA7B}" => removed successfully
C:\Windows\System32\Tasks\Driver Booster SkipUAC (Dídac) => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Dídac)" => removed successfully
C:\Program Files (x86)\IObit => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DAC36FA8-A682-419D-A8A9-220CFF1A7C95}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DAC36FA8-A682-419D-A8A9-220CFF1A7C95}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D00AED49-BE5A-48E1-9317-F4D66FD7952A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D00AED49-BE5A-48E1-9317-F4D66FD7952A}" => removed successfully
C:\Windows\System32\Tasks\{7DBF5A33-AE75-4B6D-AF3F-6F6D10A807B9} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7DBF5A33-AE75-4B6D-AF3F-6F6D10A807B9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B7216C0A-1550-4B82-B8FC-978301E0F6AB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7216C0A-1550-4B82-B8FC-978301E0F6AB}" => removed successfully
C:\Windows\System32\Tasks\{A30B0A72-E2BE-41DC-9FE2-3A541863C226} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A30B0A72-E2BE-41DC-9FE2-3A541863C226}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D00AED49-BE5A-48E1-9317-F4D66FD7952A} => could not remove. Access Denied.
"C:\Windows\System32\Tasks\{7DBF5A33-AE75-4B6D-AF3F-6F6D10A807B9}" => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7DBF5A33-AE75-4B6D-AF3F-6F6D10A807B9} => could not remove. Access Denied.
C:\TEMP => ":$DATA​" ADS removed successfully
C:\Users\Public\AppData => ":CSM" ADS removed successfully
 
========================= File: C:\TEMP\Worms-WMD.exe ========================
 
"C:\TEMP\Worms-WMD.exe" => not found
====== End of File: ======
 
 
========================= File: C:\TEMP\Worms.exe ========================
 
"C:\TEMP\Worms.exe" => not found
====== End of File: ======
 
 
========================= File: C:\TEMP\Deus-Ex-Mankind-Divided.exe ========================
 
"C:\TEMP\Deus-Ex-Mankind-Divided.exe" => not found
====== End of File: ======
 
 
========= netsh winsock reset catalog =========
 
 
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
 
 
========= End of CMD: =========
 
 
========= netsh int ip reset C:\resettcpip.txt =========
 
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
 
 
========= End of CMD: =========
 
 
========= netsh advfirewall reset =========
 
Aceptar
 
 
========= End of CMD: =========
 
 
========= netsh advfirewall set allprofiles state ON =========
 
Aceptar
 
 
========= End of CMD: =========
 
 
========= Bitsadmin /Reset /Allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
Unable to cancel {F08E5DD6-0701-4D0B-AFED-DF33AE9119FE}.
Unable to cancel {80D12036-63DA-4436-8570-969D866D5767}.
Unable to cancel {28C7C7B2-70D3-4BBD-ADA7-060AE39D8B2D}.
{6B5CF6BB-4657-410E-BF63-5DD78271C468} canceled.
Unable to cancel {4C288FA4-9F1C-4B78-B935-B7CDB3532356}.
1 out of 5 jobs canceled.
 
========= End of CMD: =========
 
 
========= ipconfig /flushdns =========
 
 
Configuraci¢n IP de Windows
 
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
 
========= End of CMD: =========
 
 
========= RemoveProxy: =========
 
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-1435063854-307818520-736119647-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-1435063854-307818520-736119647-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
 
 
========= End of RemoveProxy: =========
 
 
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 19-03-2018 21:01:39)
 
 
Result of scheduled keys to remove after reboot:
 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D00AED49-BE5A-48E1-9317-F4D66FD7952A} => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7DBF5A33-AE75-4B6D-AF3F-6F6D10A807B9} => could not remove. Access Denied.
 
==== End of Fixlog 21:01:39 ====

 

# AdwCleaner 7.0.8.0 - Logfile created on Mon Mar 19 20:06:23 2018
# Updated on 2018/08/02 by Malwarebytes 
# Database: 02-08-2018.1
# Running on Windows 7 Ultimate (X64)
# Mode: scan
 
***** [ Services ] *****
 
No malicious services found.
 
***** [ Folders ] *****
 
Adware.Elex, C:\Program Files\MK
Adware.Elex, C:\Users\Dídac\AppData\Local\terana
PUP.Optional.Legacy, C:\Users\Public\Documents\Downloaded Installers
PUP.Optional.SlimCleanerPlus, C:\Users\Dídac\AppData\Local\slimware utilities inc
PUP.Optional.SlimCleanerPlus, C:\Users\Dídac\AppData\Local\SlimWare Utilities Inc
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group
PUP.Optional.SpyHunter, C:\Users\Dídac\AppData\Roaming\Enigma Software Group
PUP.Optional.SpyHunter, C:\sh4ldr
PUP.Optional.SpyHunter, C:\sh4ldr
 
 
***** [ Files ] *****
 
PUP.Optional.Legacy, C:\Users\Public\Documents\report.dat
PUP.Optional.Legacy, C:\Users\Public\Documents\temp.dat
PUP.Optional.Legacy, C:\Windows\SysNative\drivers\swdumon.sys
PUP.Optional.SpyHunter, C:\Windows\SysNative\drivers\EsgScanner.sys
PUP.Optional.SpyHunter, C:\Windows\SysNative\drivers\EsgScanner.sys
 
 
***** [ DLL ] *****
 
No malicious DLLs found.
 
***** [ WMI ] *****
 
No malicious WMI found.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts found.
 
***** [ Tasks ] *****
 
No malicious tasks found.
 
***** [ Registry ] *****
 
Adware.Elex, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Adware.Elex, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Adware.Elex, [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost | NPASRE
Adware.Elex, [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost | SNARE
Adware.Elex, [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost | swpvr
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1435063854-307818520-736119647-1000\Software\INSTALLPATH\STATUS
PUP.Optional.Legacy, [Key] - HKCU\Software\INSTALLPATH\STATUS
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\InterSect Alliance
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\952BA647474611149866C1269F6A0E36
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Installer\Features\952BA647474611149866C1269F6A0E36
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Installer\Products\952BA647474611149866C1269F6A0E36
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost | WinSAPSvc
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost | Kitty
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost | WANARE
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost | SNAREA
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost | ANSARE
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost | BIT
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost | VNASRE
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost | CWASRE
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost | CSHMDR
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost | terana
PUP.Optional.WinRepairPro, [Key] - HKU\S-1-5-21-1435063854-307818520-736119647-1000\Software\win
PUP.Optional.WinRepairPro, [Key] - HKCU\Software\win
PUP.Optional.SlimCleanerPlus, [Key] - HKU\S-1-5-21-1435063854-307818520-736119647-1000\Software\SlimWare Utilities Inc
PUP.Optional.SlimCleanerPlus, [Key] - HKCU\Software\SlimWare Utilities Inc
PUP.Optional.AuslogicsDriverUpdater, [Key] - HKLM\SOFTWARE\Auslogics
 
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries.
 
***** [ Chromium (and derivatives) ] *****
 
No malicious Chromium entries.
 
*************************
 
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########


#14 IHadABadDay

IHadABadDay
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:02:52 AM

Posted 19 March 2018 - 03:15 PM

After Cleanning
 
# AdwCleaner 7.0.8.0 - Logfile created on Mon Mar 19 20:12:44 2018
# Updated on 2018/08/02 by Malwarebytes 
# Running on Windows 7 Ultimate (X64)
# Mode: clean
 
***** [ Services ] *****
 
No malicious services deleted.
 
***** [ Folders ] *****
 
Deleted: C:\Program Files\\MK
Deleted: C:\Users\Dídac\AppData\Local\terana
Deleted: C:\Users\Public\Documents\Downloaded Installers
Deleted: C:\Users\Dídac\AppData\Local\slimware utilities inc
Deleted: C:\Users\Dídac\AppData\Local\SlimWare Utilities Inc
Deleted: C:\Program Files\Enigma Software Group
Deleted: C:\Users\Dídac\AppData\Roaming\Enigma Software Group
Deleted: C:\sh4ldr
Deleted: C:\sh4ldr
 
 
***** [ Files ] *****
 
Deleted: C:\Users\Public\Documents\\report.dat
Deleted: C:\Users\Public\Documents\\temp.dat
Deleted: C:\Windows\SysNative\drivers\swdumon.sys
Deleted: C:\Windows\SysNative\drivers\EsgScanner.sys
Deleted: C:\Windows\SysNative\drivers\EsgScanner.sys
 
 
***** [ DLL ] *****
 
No malicious DLLs cleaned.
 
***** [ WMI ] *****
 
No malicious WMI cleaned.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts cleaned.
 
***** [ Tasks ] *****
 
No malicious tasks deleted.
 
***** [ Registry ] *****
 
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost|NPASRE
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|SNARE
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|swpvr
Deleted: [Key] - HKU\S-1-5-21-1435063854-307818520-736119647-1000\Software\INSTALLPATH\STATUS
Deleted: [Key] - HKCU\Software\INSTALLPATH\STATUS
Deleted: [Key] - HKLM\SOFTWARE\InterSect Alliance
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\952BA647474611149866C1269F6A0E36
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Features\952BA647474611149866C1269F6A0E36
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Products\952BA647474611149866C1269F6A0E36
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|WinSAPSvc
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|Kitty
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|WANARE
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|SNAREA
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|ANSARE
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|BIT
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|VNASRE
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|CWASRE
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|CSHMDR
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|terana
Deleted: [Key] - HKU\S-1-5-21-1435063854-307818520-736119647-1000\Software\win
Deleted: [Key] - HKCU\Software\win
Deleted: [Key] - HKU\S-1-5-21-1435063854-307818520-736119647-1000\Software\SlimWare Utilities Inc
Deleted: [Key] - HKCU\Software\SlimWare Utilities Inc
Deleted: [Key] - HKLM\SOFTWARE\Auslogics
 
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries deleted.
 
***** [ Chromium (and derivatives) ] *****
 
No malicious Chromium entries deleted.
 
*************************
 
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
 
 
 
*************************
 
C:/AdwCleaner/AdwCleaner[S0].txt - [4143 B] - [2018/3/19 20:6:23]
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########


#15 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,150 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:52 PM

Posted 19 March 2018 - 07:32 PM

I would prefer you complete all the steps I post.

Please do this.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Right click on the FRST icon and select Run as administrator
  • Highlight the below information then hit the Ctrl + C keys at the same time (there is no need to paste the information anywhere)
Start::
CloseProcesses:
StartPowershell:
bitsadmin /list /allusers
EndPowershell:
End::
  • Click Fix
  • When completed he tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
  • Run a new FRST scan and attach both reports in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • Attached FRST and Addition reports

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users