Eliminar tgmgo y MPC


#1

tengo dos molestas: tgmgo (un buscador de internet) y el programa (MPc desktop,cleaner y adcleaner). solicito la ayuda para eliminar estos software ya que he leido son malware ademas de que no me ofrecen ninguna utilidad. el principal impedimento es que alguno de estos me aparecen en el administrador de programas para eliminarlos directamente, debido a esto no se cual es la mejor forma para eliminarlo.


#2

Hola MARCELO_BRAVO bienvenido al nuevo foro

Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.

  • Realiza un Análisis de amenazas, actualizando si te lo pide.
  • Pulsar en “Cuarentena seleccionado” para enviarlo a la cuarentena y Reinicias el sistema.
  • En el apartado del manual Informes :arrow_forward: Informe de análisis encontrarás el reporte de MBAM, clic en Exportar :arrow_forward: Copiar al portapapeles.

2) Descarga AdwCleaner | InfoSpyware en el escritorio.

  • Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus.
  • Cierra también todos los programas que tengas abiertos.
  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
  • Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
  • Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt

3) Descarga CCleaner

  • Instala Ccleaner
  • Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine :arrow_forward: clic en ejecutar limpiador
  • Clic en la pestaña Registro :arrow_forward: clic en buscar problemas esperas que termine :arrow_forward: clic en Reparar Seleccionadas y haces una copia de seguridad
  • Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.

Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.

Un saludo


#3
# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build:    12-18-2018
# Database: 2019-01-10.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    01-16-2019
# Duration: 00:00:07
# OS:       Windows 10 Home Single Language
# Cleaned:  24
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Users\usuario\AppData\Roaming\cpuminer
Deleted       C:\Program Files (x86)\MPC Cleaner

***** [ Files ] *****

Deleted       C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKU\S-1-5-18\Software\ByteFence
Deleted       HKU\.DEFAULT\Software\ByteFence
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence
Deleted       HKCU\Software\yahooprovidedsearch
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SU
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\plarium.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\plarium.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\DOMStorage\search.mpc.am
Deleted       HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mpc.am
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tlscdn.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tlscdn.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\softonic.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\microsoft-powerpoint.softonic.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\league-of-legends.softonic.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\softonic.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\microsoft-powerpoint.softonic.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\league-of-legends.softonic.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [5029 octets] - [16/01/2019 21:51:30]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

#4
Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 16/1/19
Hora del análisis: 19:06
Archivo de registro: 0a643e14-19db-11e9-8120-80ee735a411f.json

-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.519
Versión del paquete de actualización: 1.0.8822
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.523)
CPU: x64
Sistema de archivos: NTFS
Usuario: j2073\danny

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 290311
Amenazas detectadas: 368
Amenazas en cuarentena: 368
Tiempo transcurrido: 7 min, 45 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 1
PUP.Optional.MorePowerfulCleaner, C:\PROGRAM FILES (X86)\MPC CLEANER\MPCPROTECTSERVICE.EXE, En cuarentena, [3139], [258825],1.0.8822

Módulo: 6
PUP.Optional.MorePowerfulCleaner, C:\PROGRAM FILES (X86)\MPC CLEANER\MPCPROTECTSERVICE.EXE, En cuarentena, [3139], [258825],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Support.dll, En cuarentena, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\LpcManager.dll, En cuarentena, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Utility.dll, En cuarentena, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\WinService.dll, En cuarentena, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XProcessBus.dll, En cuarentena, [3139], [182708],1.0.8822

Clave del registro: 30
PUP.Optional.eShopComp, HKU\S-1-5-21-4263953724-3431975638-3843537034-1001_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\CHILDREN\001\INTERNET EXPLORER\EDPDOMSTORAGE\eshopcomp.com, Se eliminará al reiniciar, [4174], [259458],1.0.8822
PUP.Optional.eShopComp, HKU\S-1-5-21-4263953724-3431975638-3843537034-1001_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\CHILDREN\001\INTERNET EXPLORER\EDPDOMSTORAGE\pstatic.eshopcomp.com, Se eliminará al reiniciar, [4174], [259459],1.0.8822
PUP.Optional.InstallCore, HKU\S-1-5-21-4263953724-3431975638-3843537034-1001\SOFTWARE\ICSW1.17, Se eliminará al reiniciar, [419], [239562],1.0.8822
PUP.Optional.Palikan, HKU\S-1-5-21-4263953724-3431975638-3843537034-1001\SOFTWARE\palikan, Se eliminará al reiniciar, [329], [241487],1.0.8822
PUP.Optional.SysTweak, HKU\S-1-5-21-4263953724-3431975638-3843537034-1001\SOFTWARE\systweak, Se eliminará al reiniciar, [1481], [327156],1.0.8822
PUP.Optional.Wajam, HKU\S-1-5-21-4263953724-3431975638-3843537034-1001\SOFTWARE\WajIEnhance, Se eliminará al reiniciar, [204], [244670],1.0.8822
PUP.Optional.Wajam, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, Se eliminará al reiniciar, [204], [-1],0.0.0
PUP.Optional.Elex, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WdMan, Se eliminará al reiniciar, [843], [258962],1.0.8822
PUP.Optional.MorePowerfulCleaner, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MPCPROTECTSERVICE, Se eliminará al reiniciar, [3139], [258825],1.0.8822
PUP.Optional.Palikan, HKU\S-1-5-21-4263953724-3431975638-3843537034-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{1B31C9D2-7135-442B-BB93-7C002172ADC6}, Se eliminará al reiniciar, [329], [241491],1.0.8822
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{1b31c9d2-7135-442b-bb93-7c002172adc6}, Se eliminará al reiniciar, [329], [241491],1.0.8822
PUP.Optional.Palikan, HKU\S-1-5-21-4263953724-3431975638-3843537034-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6586D803-DF30-46D3-A89A-4136C8571D45}, Se eliminará al reiniciar, [329], [241491],1.0.8822
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6586d803-df30-46d3-a89a-4136c8571d45}, Se eliminará al reiniciar, [329], [241491],1.0.8822
PUP.Optional.MorePowerfulCleaner, HKLM\SOFTWARE\WOW6432NODE\MPC AdCleaner, Se eliminará al reiniciar, [3139], [256647],1.0.8822
PUP.Optional.SysTweak, HKLM\SOFTWARE\WOW6432NODE\Systweak, Se eliminará al reiniciar, [1481], [327155],1.0.8822
PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\WajaNetEn, Se eliminará al reiniciar, [204], [185150],1.0.8822
PUP.Optional.WdsManPro, HKLM\SOFTWARE\WOW6432NODE\WdsManPro, Se eliminará al reiniciar, [7177], [245723],1.0.8822
PUP.Optional.MorePowerfulCleaner, HKLM\SOFTWARE\WOW6432NODE\MPC, Se eliminará al reiniciar, [3139], [258607],1.0.8822
PUP.Optional.WordFly, HKLM\SOFTWARE\WOW6432NODE\WordFly_1.10.0.28, Se eliminará al reiniciar, [701], [245083],1.0.8822
PUP.Optional.CleanMyPC, HKLM\SOFTWARE\WOW6432NODE\REG\Clean, Se eliminará al reiniciar, [3229], [348488],1.0.8822
PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, Se eliminará al reiniciar, [1533], [190782],1.0.8822
PUP.Optional.RegCleanPro, HKU\S-1-5-21-4263953724-3431975638-3843537034-1001\SOFTWARE\REG\Clean, Se eliminará al reiniciar, [4492], [347493],1.0.8822
PUP.Optional.MorePowerfulCleaner, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MPCKpt, Se eliminará al reiniciar, [3139], [182747],1.0.8822
PUP.Optional.MorePowerfulCleaner, HKLM\SOFTWARE\WOW6432NODE\MPC DESKTOP, Se eliminará al reiniciar, [3139], [262109],1.0.8822
PUP.Optional.eShopComp, HKU\S-1-5-21-4263953724-3431975638-3843537034-1001_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\CHILDREN\001\INTERNET EXPLORER\DOMSTORAGE\eshopcomp.com, Se eliminará al reiniciar, [4174], [259456],1.0.8822
PUP.Optional.eShopComp, HKU\S-1-5-21-4263953724-3431975638-3843537034-1001_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\CHILDREN\001\INTERNET EXPLORER\DOMSTORAGE\pstatic.eshopcomp.com, Se eliminará al reiniciar, [4174], [259457],1.0.8822
PUP.Optional.InstallCore, HKU\S-1-5-21-4263953724-3431975638-3843537034-1001\SOFTWARE\PRODUCTSETUP, Se eliminará al reiniciar, [419], [481004],1.0.8822
PUP.Optional.SystemSpeedup, HKU\S-1-5-21-4263953724-3431975638-3843537034-1001\SOFTWARE\SYSTWEAK\ssd, Se eliminará al reiniciar, [1533], [190781],1.0.8822
PUP.Optional.Wajam, HKLM\SOFTWARE\WajaNetEn, Se eliminará al reiniciar, [204], [185150],1.0.8822
PUP.Optional.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\CPUMINER, Se eliminará al reiniciar, [1108], [182977],1.0.8822

Valor del registro: 23
PUP.Optional.Wajam, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Se eliminará al reiniciar, [204], [-1],0.0.0
PUP.Optional.Wajam, HKU\S-1-5-19\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Se eliminará al reiniciar, [204], [-1],0.0.0
PUP.Optional.Wajam, HKU\S-1-5-21-4263953724-3431975638-3843537034-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Se eliminará al reiniciar, [204], [-1],0.0.0
PUP.Optional.Wajam, HKU\S-1-5-21-4263953724-3431975638-3843537034-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, Se eliminará al reiniciar, [204], [-1],0.0.0
PUP.Optional.Wajam, HKU\S-1-5-21-4263953724-3431975638-3843537034-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, Se eliminará al reiniciar, [204], [-1],0.0.0
PUP.Optional.Wajam, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Se eliminará al reiniciar, [204], [-1],0.0.0
PUP.Optional.MorePowerfulCleaner, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MPCPROTECTSERVICE|IMAGEPATH, Se eliminará al reiniciar, [3139], [258825],1.0.8822
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{1b31c9d2-7135-442b-bb93-7c002172adc6}|URL, Se eliminará al reiniciar, [329], [241491],1.0.8822
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{1b31c9d2-7135-442b-bb93-7c002172adc6}|TOPRESULTURLFALLBACK, Se eliminará al reiniciar, [329], [241491],1.0.8822
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{1b31c9d2-7135-442b-bb93-7c002172adc6}|FAVICONPATH, Se eliminará al reiniciar, [329], [241491],1.0.8822
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{1b31c9d2-7135-442b-bb93-7c002172adc6}|, Se eliminará al reiniciar, [329], [241491],1.0.8822
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{1b31c9d2-7135-442b-bb93-7c002172adc6}|DISPLAYNAME, Se eliminará al reiniciar, [329], [241491],1.0.8822
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6586d803-df30-46d3-a89a-4136c8571d45}|URL, Se eliminará al reiniciar, [329], [241491],1.0.8822
PUP.Optional.Palikan, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6586d803-df30-46d3-a89a-4136c8571d45}|TOPRESULTURLFALLBACK, Se eliminará al reiniciar, [329], [241491],1.0.8822
PUP.Optional.MorePowerfulCleaner, HKLM\SOFTWARE\WOW6432NODE\MPC|LOCATION, Se eliminará al reiniciar, [3139], [258607],1.0.8822
PUP.Optional.MorePowerfulCleaner, HKLM\SOFTWARE\WOW6432NODE\MPC DESKTOP|LOCATION, Se eliminará al reiniciar, [3139], [262109],1.0.8822
PUP.Optional.Palikan, HKU\S-1-5-21-4263953724-3431975638-3843537034-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{1b31c9d2-7135-442b-bb93-7c002172adc6}|, Se eliminará al reiniciar, [329], [241488],1.0.8822
PUP.Optional.Palikan, HKU\S-1-5-21-4263953724-3431975638-3843537034-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6586d803-df30-46d3-a89a-4136c8571d45}|URL, Se eliminará al reiniciar, [329], [241488],1.0.8822
PUP.Optional.Palikan, HKU\S-1-5-21-4263953724-3431975638-3843537034-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6586d803-df30-46d3-a89a-4136c8571d45}|TOPRESULTURLFALLBACK, Se eliminará al reiniciar, [329], [241488],1.0.8822
PUM.Optional.ProxyHijacker, HKU\S-1-5-21-4263953724-3431975638-3843537034-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, Se eliminará al reiniciar, [6824], [250427],1.0.8822
PUP.Optional.NotChromeRun, HKU\S-1-5-21-4263953724-3431975638-3843537034-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|GOOGLECHROMEAUTOLAUNCH_4B64FD1BF105F1C2513DD9D68C049F2A, Se eliminará al reiniciar, [6835], [241243],1.0.8822
PUP.Optional.InstallCore, HKU\S-1-5-21-4263953724-3431975638-3843537034-1001\SOFTWARE\PRODUCTSETUP|TB, Se eliminará al reiniciar, [419], [481004],1.0.8822
PUP.Optional.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\CPUMINER|DISPLAYICON, Se eliminará al reiniciar, [1108], [182977],1.0.8822

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 45
PUP.Optional.ConvertAd, C:\USERS\USUARIO\APPDATA\LOCAL\03000200-1456669560-0500-0006-000700080009, Se eliminará al reiniciar, [1269], [236933],1.0.8822
PUP.Optional.ASPackage, C:\USERS\USUARIO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\ASPACKAGE, Se eliminará al reiniciar, [817], [235587],1.0.8822
PUP.Optional.WindowsProtectManager, C:\ProgramData\SWdMS\mini_zip, Se eliminará al reiniciar, [768], [259220],1.0.8822
PUP.Optional.WindowsProtectManager, C:\PROGRAMDATA\SWdMS, Se eliminará al reiniciar, [768], [259220],1.0.8822
PUP.Optional.MCorp, C:\Users\usuario\AppData\Roaming\MCorp\1147, Se eliminará al reiniciar, [4050], [261674],1.0.8822
PUP.Optional.MCorp, C:\Users\usuario\AppData\Roaming\MCorp\1282, Se eliminará al reiniciar, [4050], [261674],1.0.8822
PUP.Optional.MCorp, C:\USERS\USUARIO\APPDATA\ROAMING\MCORP, Se eliminará al reiniciar, [4050], [261674],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MPC, Se eliminará al reiniciar, [3139], [256641],1.0.8822
PUP.Optional.ConvertAd.Gen, C:\PROGRAM FILES (X86)\03000200-1456680123-0500-0006-000700080009, Se eliminará al reiniciar, [3736], [257681],1.0.8822
PUP.Optional.WinYahoo.TskLnk, C:\USERS\USUARIO\APPDATA\LOCAL\{28671E3B-0CCF-7283-6157-576B453FABF3}, Se eliminará al reiniciar, [748], [484244],1.0.8822
PUP.Optional.WordFly, C:\Program Files (x86)\WordFly_1.10.0.28\3rd Party Licenses, Se eliminará al reiniciar, [701], [180530],1.0.8822
PUP.Optional.WordFly, C:\Program Files (x86)\WordFly_1.10.0.28\Service, Se eliminará al reiniciar, [701], [180530],1.0.8822
PUP.Optional.WordFly, C:\Program Files (x86)\WordFly_1.10.0.28\Update, Se eliminará al reiniciar, [701], [180530],1.0.8822
PUP.Optional.WordFly, C:\PROGRAM FILES (X86)\WordFly_1.10.0.28, Se eliminará al reiniciar, [701], [180530],1.0.8822
PUP.Optional.Wajam, C:\Program Files\WajaNetEn\f9a5ded3845644d90f7214c482bafad9, Se eliminará al reiniciar, [204], [181823],1.0.8822
PUP.Optional.Wajam, C:\Program Files\WajaNetEn\WajaNetEnlibs, Se eliminará al reiniciar, [204], [181823],1.0.8822
PUP.Optional.Wajam, C:\PROGRAM FILES\WajaNetEn, Se eliminará al reiniciar, [204], [181823],1.0.8822
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaNetEn\Uninstall Wajam, Se eliminará al reiniciar, [204], [181824],1.0.8822
PUP.Optional.Wajam, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\WajaNetEn, Se eliminará al reiniciar, [204], [181824],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MPC ADCLEANER, Se eliminará al reiniciar, [3139], [181875],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\USERS\USUARIO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MPC ADCLEANER, Se eliminará al reiniciar, [3139], [181875],1.0.8822
PUP.Optional.ASPackage, C:\USERS\USUARIO\APPDATA\ROAMING\ASPACKAGE, Se eliminará al reiniciar, [817], [181992],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MPC DESKTOP, Se eliminará al reiniciar, [3139], [182682],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\USERS\USUARIO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MPC DESKTOP, Se eliminará al reiniciar, [3139], [182682],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\CrashReport, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\AdCleaner, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Uninstall, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Cleaner, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Desktop, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\News, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Tray, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config\DB, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Drivers, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Log, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Exe, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.BitCoinMiner, C:\Users\usuario\AppData\Roaming\gplyra\gplyra, Se eliminará al reiniciar, [1108], [316518],1.0.8822
PUP.Optional.BitCoinMiner, C:\USERS\USUARIO\APPDATA\ROAMING\GPLYRA, Se eliminará al reiniciar, [1108], [316518],1.0.8822
PUP.Optional.SysTweak, C:\USERS\USUARIO\APPDATA\ROAMING\SYSTWEAK, Se eliminará al reiniciar, [1481], [327152],1.0.8822

Archivo: 263
PUP.Optional.MorePowerfulCleaner, C:\USERS\PUBLIC\DESKTOP\MPC DESKTOP.LNK, Se eliminará al reiniciar, [3139], [182774],1.0.8822
PUP.Optional.Vitruvian, C:\WINDOWS\SYSTEM32\DRIVERS\wfdrvr_vt_1_10_0_28.sys, Se eliminará al reiniciar, [3425], [186404],1.0.8822
PUP.Optional.ConvertAd, C:\USERS\USUARIO\APPDATA\LOCAL\03000200-1456669560-0500-0006-000700080009\Uninstall.exe, Se eliminará al reiniciar, [1269], [236933],1.0.8822
PUP.Optional.ASPackage, C:\USERS\USUARIO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\ASPACKAGE\CONFIGURE.LNK, Se eliminará al reiniciar, [817], [235587],1.0.8822
PUP.Optional.Palikan, C:\USERS\USUARIO\APPDATA\LOCALLOW\MICROSOFT\INTERNET EXPLORER\SERVICES\PALIKAN.ICO, Se eliminará al reiniciar, [329], [255721],1.0.8822
PUP.Optional.WindowsProtectManager, C:\PROGRAMDATA\SWdMS\mini_zipconf, Se eliminará al reiniciar, [768], [259220],1.0.8822
PUP.Optional.MCorp, C:\USERS\USUARIO\APPDATA\ROAMING\MCORP\1147\udpx, Se eliminará al reiniciar, [4050], [261674],1.0.8822
PUP.Optional.MCorp, C:\Users\usuario\AppData\Roaming\MCorp\1147\config.ini, Se eliminará al reiniciar, [4050], [261674],1.0.8822
PUP.Optional.MCorp, C:\Users\usuario\AppData\Roaming\MCorp\1282\config.ini, Se eliminará al reiniciar, [4050], [261674],1.0.8822
PUP.Optional.MCorp, C:\Users\usuario\AppData\Roaming\MCorp\1282\udpx, Se eliminará al reiniciar, [4050], [261674],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MPC\MPC CLEANER.LNK, Se eliminará al reiniciar, [3139], [256641],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\USERS\PUBLIC\DESKTOP\MPC ADCLEANER.LNK, Se eliminará al reiniciar, [3139], [256639],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\USERS\PUBLIC\DESKTOP\MPC CLEANER.LNK, Se eliminará al reiniciar, [3139], [256640],1.0.8822
PUP.Optional.ConvertAd.Gen, C:\PROGRAM FILES (X86)\03000200-1456680123-0500-0006-000700080009\vnsd7019.tmp, Se eliminará al reiniciar, [3736], [257681],1.0.8822
PUP.Optional.ConvertAd.Gen, C:\Program Files (x86)\03000200-1456680123-0500-0006-000700080009\data.bin, Se eliminará al reiniciar, [3736], [257681],1.0.8822
PUP.Optional.WinYahoo.TskLnk, C:\USERS\USUARIO\APPDATA\LOCAL\{28671E3B-0CCF-7283-6157-576B453FABF3}\diso, Se eliminará al reiniciar, [748], [484244],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\PROGRAM FILES (X86)\MPC CLEANER\MPCPROTECTSERVICE.EXE, Se eliminará al reiniciar, [3139], [258825],1.0.8822
PUP.Optional.WordFly, C:\Program Files (x86)\WordFly_1.10.0.28\3rd Party Licenses\buildcrx-license.txt, Se eliminará al reiniciar, [701], [180530],1.0.8822
PUP.Optional.WordFly, C:\Program Files (x86)\WordFly_1.10.0.28\3rd Party Licenses\Info-ZIP-license.txt, Se eliminará al reiniciar, [701], [180530],1.0.8822
PUP.Optional.WordFly, C:\Program Files (x86)\WordFly_1.10.0.28\3rd Party Licenses\JSON-simple-license.txt, Se eliminará al reiniciar, [701], [180530],1.0.8822
PUP.Optional.WordFly, C:\Program Files (x86)\WordFly_1.10.0.28\3rd Party Licenses\nsJSON-license.txt, Se eliminará al reiniciar, [701], [180530],1.0.8822
PUP.Optional.WordFly, C:\Program Files (x86)\WordFly_1.10.0.28\3rd Party Licenses\Nustache-license.txt, Se eliminará al reiniciar, [701], [180530],1.0.8822
PUP.Optional.WordFly, C:\Program Files (x86)\WordFly_1.10.0.28\3rd Party Licenses\TaskScheduler-license.txt, Se eliminará al reiniciar, [701], [180530],1.0.8822
PUP.Optional.WordFly, C:\Program Files (x86)\WordFly_1.10.0.28\3rd Party Licenses\UAC-license.txt, Se eliminará al reiniciar, [701], [180530],1.0.8822
PUP.Optional.WordFly, C:\Program Files (x86)\WordFly_1.10.0.28\Update\Microsoft.Win32.TaskScheduler.dll, Se eliminará al reiniciar, [701], [180530],1.0.8822
PUP.Optional.WordFly, C:\Program Files (x86)\WordFly_1.10.0.28\Update\Nustache.Core.dll, Se eliminará al reiniciar, [701], [180530],1.0.8822
PUP.Optional.WordFly, C:\Program Files (x86)\WordFly_1.10.0.28\Update\WordflyAutoUpdateClient.exe.config, Se eliminará al reiniciar, [701], [180530],1.0.8822
PUP.Optional.WordFly, C:\Program Files (x86)\WordFly_1.10.0.28\terms-of-service.rtf, Se eliminará al reiniciar, [701], [180530],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\WINDOWS\SYSTEM32\DRIVERS\MPCKPT.SYS, Se eliminará al reiniciar, [3139], [182747],1.0.8822
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaNetEn\Settings.lnk, Se eliminará al reiniciar, [204], [181824],1.0.8822
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaNetEn\SignIn with Facebook.lnk, Se eliminará al reiniciar, [204], [181824],1.0.8822
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaNetEn\SignIn with Twitter.lnk, Se eliminará al reiniciar, [204], [181824],1.0.8822
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaNetEn\Wajam Website.lnk, Se eliminará al reiniciar, [204], [181824],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC AdCleaner\MPC AdCleaner.lnk, Se eliminará al reiniciar, [3139], [181875],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MPC AdCleaner\MPC AdCleaner.lnk, Se eliminará al reiniciar, [3139], [181875],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC Desktop\MPC Desktop.lnk, Se eliminará al reiniciar, [3139], [182682],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MPC Desktop\MPC Desktop.lnk, Se eliminará al reiniciar, [3139], [182682],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{08DA4B46-E0EB-4B4D-8C8B-558C967AF6C5}.ico, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{22A8D5A3-F368-4C6B-BF4D-3C901EBCF242}.ico, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{3F9A707D-2C36-4344-8621-B8E4ADC95C18}.ico, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{ADC520A9-B4B3-791E-B149-845C11673CB0}.ico, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{CDA529A9-B1B3-793E-B449-845C11673CB5}.ico, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{D8EC46AF-529F-4636-963B-C086429C73DA}.ico, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{DE37CD8C-DE7B-481F-A676-303ABAFBEE04}.ico, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{EDA029A1-B5BA-793E-B649-875C18673CC5}.ico, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{F154C596-75A9-4028-90E8-9752BD7CA05B}.ico, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{FDA029A2-A5BA-797E-B689-875E18673FC2}.ico, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\toasts_waring.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\adcapp.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\adcweb.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\block.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\home.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\ie.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\search.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\AR_green.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\AR_org.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\AR_red.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\Bp_green.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\Bp_org.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\Bp_red.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SpeedUp_green.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SpeedUp_org.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SpeedUp_red.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SVC_green.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SVC_org.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SVC_red.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\TSK_green.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\TSK_org.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\TSK_red.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q2.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\ad_gray.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\ad_green.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\ad_org.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\ad_red.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g1.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g10.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g11.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g12.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g2.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g3.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g4.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g5.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g6.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g7.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g8.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g9.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q1.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q10.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q11.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q12.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q3.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q4.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q5.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q6.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q7.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q8.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q9.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r1.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r10.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r11.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r12.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r2.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r3.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r4.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r5.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r6.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r7.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r8.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r9.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\sys_gray.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\sys_green.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\sys_org.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\sys_red.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y1.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y10.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y11.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y12.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y2.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y3.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y4.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y5.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y6.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y7.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y8.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y9.png, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Log\20190114.log, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Log\20190116.log, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\AdCleaner\Lang.xf, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\AdCleaner\Skin.xf, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Cleaner\Lang.xf, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Cleaner\Skin.xf, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\CrashReport\Lang.xf, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\CrashReport\Skin.xf, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Desktop\Lang.xf, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Desktop\Skin.xf, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\News\Lang.xf, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\News\Skin.xf, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Tray\Lang.xf, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Tray\Skin.xf, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Uninstall\Lang.xf, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Uninstall\Skin.xf, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config\DB\as.db, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config\DB\cf.db, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config\DB\run.db, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config\DB\st.db, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config\Clean.xf, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config\PlugIn.xf, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCBase_32.sys, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt.inf, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt.sys, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt_vista_32.sys, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt_vista_64.sys, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt_xp_32.sys, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Exe\ADC_qd00000.exe, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT\msvcm90.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT\msvcr90.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\adc.system.ruleon, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\CleanCache.bat, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\1034.dat, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\1034.rule, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\adc.system.dat, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\adc.system.datoff, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\adc.system.datoff_, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\adc.system.daton, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\adc.system.daton_, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\adc.system.rule, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\adc.system.ruleoff, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\default.dat, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\default.rule, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\fast.dat, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\fast.rule, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\LinkTarget.js, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\mod-support-and-service, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\no-such-domain, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\ReadMode.dat, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\ReadMode.rule, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\trust.txt, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\trust.txt_, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\user.dat, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\user.rule, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\video.dat, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\video.rule, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\antifraud.dat, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\antifraud.rule, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\auto.rule, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\base.dat, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\base.rule, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Module\blocked, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AdbWinApi.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AdbWinUsbApi.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AdCleaner.exe, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AdcManager.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AdControl.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AdkFwd.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AdkWsf.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AdPopWnd.exe, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\isafechlp.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\libtsr.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\libtsr_adcleaner.exe.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\libtsr_mpctray.exe.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\libxa.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\libxm.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\LogReport.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCSetting.exe, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\msvcm90.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\msvcr90.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\nmlct, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\ps.dat, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\ruleInfo.ini, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeNavi.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeProtect.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SetupFrame.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\silence.ini, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\snh.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\specRuleInfo.ini, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Support.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\symsrv.yes, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\TrayFrame.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\udpx, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\UninstallFrame.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AdxEngine.exe, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AndriodServer.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\BrowserPlugIn.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\ce.dat, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\CeBase.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Cleaner.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\config.ini, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Database.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\DesktopPatch.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\DesktopPatch64.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\DesktopPatch64_1.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AdUpdate.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\LpcManager.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeNavi64.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Update.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Utility.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\versioninfo.ini, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Web.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\wfhxte.dat, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\WinService.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\ws.db, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\xadb.exe, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XBus.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\xmlct.dat, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XProcessBus.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XSkin.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\zlib1.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\lxma.dat, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MainFrame.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT.manifest, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Monitor.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPC.exe, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCAutoClean.exe, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCBS.dll, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCDesktop.exe, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCDesktop64.exe, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\MPC AdCleaner.lnk, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\MPC Cleaner.lnk, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.MorePowerfulCleaner, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\MPC Desktop.lnk, Se eliminará al reiniciar, [3139], [182708],1.0.8822
PUP.Optional.BitCoinMiner, C:\USERS\USUARIO\APPDATA\ROAMING\CPUMINER\CPUMINER-CONF.JSON, Se eliminará al reiniciar, [1108], [302634],1.0.8822
PUP.Optional.Palikan, C:\USERS\USUARIO\APPDATA\LOCAL\CHROMIUM\USER DATA\DEFAULT\SECURE PREFERENCES, Sustituido, [329], [303034],1.0.8822

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

#5

Hola MARCELO_BRAVO

Cómo sigue el problema.

Un saludo


#6

se eliminaron esas mpc desktop, cleaner y adcleaner PERO persiste el tgmgo


#7

Hola

Descarga Farbar Recovery Scan Tool.en el escritorio, seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Pon los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Un saludo


#8
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.01.2019
Ran by danny (administrator) on J2073 (20-01-2019 13:45:42)
Running from C:\Users\usuario\Downloads
Loaded Profiles: danny &  (Available Profiles: danny)
Platform: Windows 10 Home Single Language Version 1803 17134.523 (X64) Language: Español (España, internacional)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCUpdate.exe
(Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe\HxTsr.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01202019134419960\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01202019134420562\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-4263953724-3431975638-3843537034-1001\...\Run: [BingSvc] => C:\Users\usuario\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-25] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-4263953724-3431975638-3843537034-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19589208 2018-12-10] (Piriform Software Ltd)
HKU\S-1-5-21-4263953724-3431975638-3843537034-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01202019134420920\...\Run: [BingSvc] => C:\Users\usuario\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-25] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-4263953724-3431975638-3843537034-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01202019134420920\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19589208 2018-12-10] (Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2019-01-13] (Google Inc.)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 200.83.1.4 190.160.0.14 200.30.192.15
Tcpip\..\Interfaces\{75529c4e-6c95-44f7-9a7f-5187a383fad3}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{8c7efe2d-1cea-4eee-b6f7-454a572e4f40}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{a43e038e-650e-4ec7-9aa6-bd8ce6a95248}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{ac390d1e-d1ec-413f-9802-1a4616b1e48c}: [DhcpNameServer] 200.83.1.4 190.160.0.14 200.30.192.15
Tcpip\..\Interfaces\{f225b862-6a16-4ba0-ab6e-da275de9759e}: [DhcpNameServer] 200.83.1.4 190.160.0.14 200.30.192.15

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKU\S-1-5-21-4263953724-3431975638-3843537034-1001\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKU\S-1-5-21-4263953724-3431975638-3843537034-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01202019134420920\Software\Microsoft\Internet Explorer\Main,Start Page = 
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {a62abdee-78a2-4ddb-9355-1c334abd6e43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4263953724-3431975638-3843537034-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4263953724-3431975638-3843537034-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4263953724-3431975638-3843537034-1001 -> {a62abdee-78a2-4ddb-9355-1c334abd6e43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4263953724-3431975638-3843537034-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01202019134420920 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4263953724-3431975638-3843537034-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01202019134420920 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4263953724-3431975638-3843537034-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01202019134420920 -> {a62abdee-78a2-4ddb-9355-1c334abd6e43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-16] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-16] ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-13] (Google Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://google.com/
CHR Profile: C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default [2019-01-20]
CHR Extension: (Presentaciones) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Documentos) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-10]
CHR Extension: (YouTube) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-10]
CHR Extension: (Hojas de cálculo) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-07]
CHR Extension: (Gmail) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-10]
CHR Extension: (Chrome Media Router) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-13]
CHR Profile: C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-01-19]
CHR Profile: C:\Users\usuario\AppData\Local\Google\Chrome\User Data\System Profile [2019-01-19]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2019-01-14] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2019-01-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-01-20] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [261032 2019-01-20] (Malwarebytes)
R3 NETJME; C:\WINDOWS\System32\drivers\NETJME.sys [137728 2018-04-11] (JMicron Technology Corp.)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2018-04-11] (Realtek Semiconductor Corporation )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 usbmmhid; C:\WINDOWS\System32\drivers\usbmmhid.sys [38320 2017-05-26] (Amyuni Technologies Inc.)
S3 usbmmm; C:\WINDOWS\system32\DRIVERS\usbmmm.sys [35248 2017-05-26] (Amyuni Technologies Inc.)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [22016 2018-04-11] (Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46680 2019-01-14] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [330936 2019-01-14] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2019-01-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-20 13:45 - 2019-01-20 13:46 - 000014733 _____ C:\Users\usuario\Downloads\FRST.txt
2019-01-20 13:45 - 2019-01-20 13:45 - 000000000 ____D C:\FRST
2019-01-20 13:44 - 2019-01-20 13:44 - 002428416 _____ (Farbar) C:\Users\usuario\Downloads\FRST64.exe
2019-01-20 13:42 - 2019-01-20 13:42 - 000261032 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-01-20 13:42 - 2019-01-20 13:42 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-01-19 09:20 - 2019-01-19 09:20 - 000000460 _____ C:\Users\usuario\Documents\cc_20190119_092006.reg
2019-01-16 22:05 - 2019-01-16 22:05 - 000007702 _____ C:\Users\usuario\Documents\cc_20190116_220522.reg
2019-01-16 22:04 - 2019-01-16 22:04 - 000166116 _____ C:\Users\usuario\Documents\cc_20190116_220406.reg
2019-01-16 21:55 - 2019-01-16 22:08 - 000004791 _____ C:\Users\usuario\Desktop\AdwCleaner[C00].txt
2019-01-16 21:50 - 2019-01-17 21:51 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-01-16 21:50 - 2019-01-16 21:50 - 000002868 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-01-16 21:50 - 2019-01-16 21:50 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-01-16 21:50 - 2019-01-16 21:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-01-16 21:50 - 2019-01-16 21:50 - 000000000 ____D C:\Program Files\CCleaner
2019-01-16 21:48 - 2019-01-16 21:49 - 019299120 _____ (Piriform Software Ltd) C:\Users\usuario\Downloads\ccsetup551.exe
2019-01-16 19:19 - 2019-01-16 22:08 - 000055752 _____ C:\Users\usuario\Desktop\malwater.txt
2019-01-16 19:00 - 2019-01-16 21:51 - 000000000 ____D C:\AdwCleaner
2019-01-16 19:00 - 2019-01-16 19:00 - 000000000 ____D C:\Users\usuario\AppData\Local\mbam
2019-01-16 18:59 - 2019-01-16 18:59 - 007320272 _____ (Malwarebytes) C:\Users\usuario\Downloads\adwcleaner_7.2.6.0.exe
2019-01-16 18:59 - 2019-01-16 18:59 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-01-16 18:59 - 2019-01-16 18:59 - 000000000 ____D C:\Users\usuario\AppData\Local\mbamtray
2019-01-16 18:59 - 2019-01-16 18:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-01-16 18:59 - 2018-12-04 08:09 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-01-16 18:58 - 2019-01-16 18:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-01-16 18:58 - 2019-01-16 18:58 - 000000000 ____D C:\Program Files\Malwarebytes
2019-01-16 18:57 - 2019-01-16 18:58 - 082321968 _____ (Malwarebytes ) C:\Users\usuario\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.519-1.0.8814.exe
2019-01-14 21:59 - 2019-01-01 04:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-14 21:59 - 2019-01-01 03:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-14 21:59 - 2019-01-01 03:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-14 21:59 - 2019-01-01 03:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-14 21:59 - 2018-11-01 06:15 - 023861760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-01-14 21:59 - 2018-11-01 06:13 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-01-14 21:59 - 2018-10-21 04:28 - 016592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-01-14 21:59 - 2018-10-21 04:09 - 013873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-01-14 21:58 - 2019-01-14 21:58 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-01-14 21:58 - 2019-01-14 21:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-01-14 21:58 - 2019-01-14 21:58 - 000000000 ____D C:\Program Files\WinRAR
2019-01-14 21:58 - 2019-01-01 04:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-14 21:58 - 2019-01-01 03:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-14 21:58 - 2019-01-01 03:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-14 21:58 - 2019-01-01 03:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-14 21:58 - 2019-01-01 03:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-14 21:58 - 2019-01-01 03:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-14 21:58 - 2018-12-08 09:42 - 004527800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-01-14 21:58 - 2018-12-08 09:42 - 001616824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-01-14 21:58 - 2018-12-08 09:29 - 013572608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2019-01-14 21:58 - 2018-12-08 09:28 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-01-14 21:58 - 2018-12-08 09:28 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-01-14 21:58 - 2018-12-08 09:27 - 005657600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-01-14 21:58 - 2018-12-08 09:25 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2019-01-14 21:58 - 2018-12-08 05:07 - 005625352 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-01-14 21:58 - 2018-12-08 05:05 - 007436216 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-01-14 21:58 - 2018-12-08 05:04 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-01-14 21:58 - 2018-12-08 04:45 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-01-14 21:58 - 2018-12-08 04:45 - 004789952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-01-14 21:58 - 2018-12-08 04:41 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2019-01-14 21:58 - 2018-12-08 04:40 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-01-14 21:58 - 2018-12-08 04:38 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-01-14 21:58 - 2018-12-08 04:36 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-01-14 21:58 - 2018-12-08 04:30 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2019-01-14 21:58 - 2018-12-08 04:30 - 002966528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-01-14 21:58 - 2018-12-08 04:29 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2019-01-14 21:58 - 2018-11-09 03:15 - 021388752 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-01-14 21:58 - 2018-11-09 02:59 - 008623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-01-14 21:58 - 2018-11-09 02:32 - 020383832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-01-14 21:58 - 2018-11-08 23:56 - 001213472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-01-14 21:58 - 2018-11-08 23:21 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-01-14 21:58 - 2018-11-08 22:29 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-01-14 21:58 - 2018-11-01 04:00 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-01-14 21:58 - 2018-11-01 01:33 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-01-14 21:58 - 2018-10-21 09:46 - 004393472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-01-14 21:57 - 2019-01-14 21:57 - 000000000 ____D C:\WINDOWS\pss
2019-01-14 21:57 - 2019-01-01 10:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-14 21:57 - 2019-01-01 10:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-14 21:57 - 2019-01-01 04:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-14 21:57 - 2019-01-01 04:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-14 21:57 - 2019-01-01 04:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-14 21:57 - 2019-01-01 04:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-14 21:57 - 2019-01-01 04:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-14 21:57 - 2019-01-01 04:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-14 21:57 - 2019-01-01 03:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-14 21:57 - 2019-01-01 03:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-14 21:57 - 2019-01-01 03:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-14 21:57 - 2019-01-01 03:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-14 21:57 - 2019-01-01 03:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-14 21:57 - 2019-01-01 03:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-14 21:57 - 2019-01-01 03:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-14 21:57 - 2018-12-14 04:25 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-01-14 21:57 - 2018-12-14 03:55 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-01-14 21:57 - 2018-12-14 03:54 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2019-01-14 21:57 - 2018-12-14 03:52 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-01-14 21:57 - 2018-12-08 09:47 - 001048712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-01-14 21:57 - 2018-12-08 09:41 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-01-14 21:57 - 2018-12-08 09:23 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-01-14 21:57 - 2018-12-08 09:23 - 002892288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-01-14 21:57 - 2018-12-08 09:23 - 001856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-01-14 21:57 - 2018-12-08 09:22 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-01-14 21:57 - 2018-12-08 05:06 - 001017168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2019-01-14 21:57 - 2018-12-08 05:05 - 002822656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-01-14 21:57 - 2018-12-08 05:05 - 001935008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-01-14 21:57 - 2018-12-08 05:05 - 001209888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-01-14 21:57 - 2018-12-08 05:04 - 002371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-01-14 21:57 - 2018-12-08 05:04 - 001943328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-01-14 21:57 - 2018-12-08 05:04 - 001188512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-01-14 21:57 - 2018-12-08 04:47 - 000861744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2019-01-14 21:57 - 2018-12-08 04:46 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-01-14 21:57 - 2018-12-08 04:45 - 002307240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2019-01-14 21:57 - 2018-12-08 04:45 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-01-14 21:57 - 2018-12-08 04:45 - 001620472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-01-14 21:57 - 2018-12-08 04:45 - 001379816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-01-14 21:57 - 2018-12-08 04:45 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-01-14 21:57 - 2018-12-08 04:42 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2019-01-14 21:57 - 2018-12-08 04:38 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-01-14 21:57 - 2018-12-08 04:37 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2019-01-14 21:57 - 2018-12-08 04:36 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2019-01-14 21:57 - 2018-12-08 04:36 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2019-01-14 21:57 - 2018-12-08 04:36 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-01-14 21:57 - 2018-12-08 04:35 - 002126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2019-01-14 21:57 - 2018-12-08 04:35 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-01-14 21:57 - 2018-12-08 04:34 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2019-01-14 21:57 - 2018-12-08 04:33 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-01-14 21:57 - 2018-12-08 04:33 - 001457152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-01-14 21:57 - 2018-12-08 04:33 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-01-14 21:57 - 2018-12-08 04:33 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-01-14 21:57 - 2018-12-08 04:32 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2019-01-14 21:57 - 2018-12-08 04:29 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-01-14 21:57 - 2018-12-08 04:28 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-01-14 21:57 - 2018-12-08 04:27 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2019-01-14 21:57 - 2018-12-08 04:27 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2019-01-14 21:57 - 2018-12-08 04:26 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2019-01-14 21:57 - 2018-12-08 04:25 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-01-14 21:57 - 2018-11-09 02:57 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-01-14 21:57 - 2018-11-09 02:55 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-01-14 21:57 - 2018-11-09 02:20 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-01-14 21:57 - 2018-11-09 02:20 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-01-14 21:57 - 2018-11-08 23:48 - 003179760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2019-01-14 21:57 - 2018-11-08 23:48 - 002719736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-01-14 21:57 - 2018-11-08 23:48 - 001613288 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-01-14 21:57 - 2018-11-08 23:48 - 000899920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-01-14 21:57 - 2018-11-08 23:47 - 002571128 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-01-14 21:57 - 2018-11-08 23:47 - 002062392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2019-01-14 21:57 - 2018-11-08 23:47 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2019-01-14 21:57 - 2018-11-08 23:21 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-01-14 21:57 - 2018-11-08 23:18 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-01-14 21:57 - 2018-11-08 23:18 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-01-14 21:57 - 2018-11-08 23:17 - 002584576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-01-14 21:57 - 2018-11-08 23:17 - 001069568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2019-01-14 21:57 - 2018-11-08 23:16 - 002224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-01-14 21:57 - 2018-11-08 23:16 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2019-01-14 21:57 - 2018-11-08 23:15 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2019-01-14 21:57 - 2018-11-08 23:07 - 002417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2019-01-14 21:57 - 2018-11-08 23:07 - 001299704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2019-01-14 21:57 - 2018-11-08 22:46 - 002161008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2019-01-14 21:57 - 2018-11-08 22:46 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-01-14 21:57 - 2018-11-08 22:46 - 000829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2019-01-14 21:57 - 2018-11-08 22:46 - 000721024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-01-14 21:57 - 2018-11-08 22:28 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-01-14 21:57 - 2018-11-08 22:26 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-01-14 21:57 - 2018-11-01 08:45 - 001376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-01-14 21:57 - 2018-11-01 04:25 - 001784680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-01-14 21:57 - 2018-11-01 04:25 - 001288920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-01-14 21:57 - 2018-11-01 03:56 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-01-14 21:57 - 2018-11-01 03:54 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-01-14 21:57 - 2018-11-01 03:53 - 001373696 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-01-14 21:57 - 2018-11-01 01:47 - 001020064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2019-01-14 21:57 - 2018-11-01 01:29 - 001862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-01-14 21:57 - 2018-11-01 01:28 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-01-14 21:57 - 2018-10-21 10:00 - 001516120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-01-14 21:57 - 2018-10-21 09:41 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-01-14 21:57 - 2018-10-21 08:38 - 001322376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-01-14 21:57 - 2018-10-21 08:22 - 002405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-01-14 21:57 - 2018-10-21 04:45 - 003283512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2019-01-14 21:57 - 2018-10-21 04:45 - 000607136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2019-01-14 21:57 - 2018-10-21 04:21 - 001589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-01-14 21:57 - 2018-10-21 04:19 - 002487088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2019-01-14 21:57 - 2018-10-21 04:19 - 000505616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2019-01-14 21:57 - 2018-10-21 04:17 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2019-01-14 21:57 - 2018-10-21 04:16 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-01-14 21:57 - 2018-10-21 04:15 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-01-14 21:57 - 2018-10-21 04:14 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-01-14 21:57 - 2018-10-21 04:14 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-01-14 21:57 - 2018-10-21 04:01 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-01-14 21:57 - 2018-10-21 03:58 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2019-01-14 21:57 - 2018-10-21 03:57 - 002611200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-01-14 21:56 - 2019-01-01 10:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-14 21:56 - 2019-01-01 10:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-14 21:56 - 2019-01-01 04:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-14 21:56 - 2019-01-01 04:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-14 21:56 - 2019-01-01 04:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-14 21:56 - 2019-01-01 04:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-14 21:56 - 2019-01-01 04:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-14 21:56 - 2019-01-01 04:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-14 21:56 - 2019-01-01 04:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-14 21:56 - 2019-01-01 04:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-14 21:56 - 2019-01-01 04:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-14 21:56 - 2019-01-01 04:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-14 21:56 - 2019-01-01 04:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-14 21:56 - 2019-01-01 04:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-14 21:56 - 2019-01-01 03:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-14 21:56 - 2019-01-01 03:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-14 21:56 - 2019-01-01 03:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-14 21:56 - 2019-01-01 03:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-14 21:56 - 2019-01-01 03:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-14 21:56 - 2019-01-01 03:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-14 21:56 - 2019-01-01 03:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-14 21:56 - 2019-01-01 03:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-14 21:56 - 2019-01-01 03:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-14 21:56 - 2019-01-01 03:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-14 21:56 - 2019-01-01 03:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-14 21:56 - 2019-01-01 03:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-14 21:56 - 2019-01-01 03:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-14 21:56 - 2019-01-01 03:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-14 21:56 - 2019-01-01 03:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-14 21:56 - 2019-01-01 03:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-14 21:56 - 2019-01-01 03:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-14 21:56 - 2019-01-01 03:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-14 21:56 - 2019-01-01 03:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-14 21:56 - 2019-01-01 03:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-14 21:56 - 2019-01-01 03:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-14 21:56 - 2019-01-01 03:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-14 21:56 - 2019-01-01 03:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-14 21:56 - 2019-01-01 03:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-14 21:56 - 2019-01-01 03:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-14 21:56 - 2019-01-01 03:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-14 21:56 - 2019-01-01 03:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-14 21:56 - 2019-01-01 03:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-14 21:56 - 2019-01-01 03:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-14 21:56 - 2019-01-01 03:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-14 21:56 - 2019-01-01 03:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-14 21:56 - 2019-01-01 03:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-14 21:56 - 2018-12-19 01:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-14 21:56 - 2018-12-14 04:29 - 001130760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-01-14 21:56 - 2018-12-14 04:21 - 001457240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-01-14 21:56 - 2018-12-14 04:21 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-01-14 21:56 - 2018-12-14 04:21 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-01-14 21:56 - 2018-12-14 04:21 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-01-14 21:56 - 2018-12-14 04:21 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-01-14 21:56 - 2018-12-14 04:10 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-01-14 21:56 - 2018-12-14 04:07 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-01-14 21:56 - 2018-12-14 03:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-01-14 21:56 - 2018-12-14 03:52 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-01-14 21:56 - 2018-12-14 03:51 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-01-14 21:56 - 2018-12-14 03:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-01-14 21:56 - 2018-12-08 09:47 - 000645320 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2019-01-14 21:56 - 2018-12-08 09:46 - 000549760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-01-14 21:56 - 2018-12-08 09:42 - 001634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-01-14 21:56 - 2018-12-08 09:41 - 000481880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2019-01-14 21:56 - 2018-12-08 09:40 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-01-14 21:56 - 2018-12-08 09:39 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-01-14 21:56 - 2018-12-08 09:27 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-01-14 21:56 - 2018-12-08 09:27 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
2019-01-14 21:56 - 2018-12-08 09:27 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
2019-01-14 21:56 - 2018-12-08 09:23 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-01-14 21:56 - 2018-12-08 09:23 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2019-01-14 21:56 - 2018-12-08 09:22 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-01-14 21:56 - 2018-12-08 09:22 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-01-14 21:56 - 2018-12-08 05:12 - 000272408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2019-01-14 21:56 - 2018-12-08 05:12 - 000269336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2019-01-14 21:56 - 2018-12-08 05:12 - 000092688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-01-14 21:56 - 2018-12-08 05:07 - 001328632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-01-14 21:56 - 2018-12-08 05:06 - 000777512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-01-14 21:56 - 2018-12-08 05:06 - 000491416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-01-14 21:56 - 2018-12-08 05:06 - 000433168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-01-14 21:56 - 2018-12-08 05:06 - 000249088 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-01-14 21:56 - 2018-12-08 05:05 - 001018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-01-14 21:56 - 2018-12-08 05:05 - 000793592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-01-14 21:56 - 2018-12-08 05:05 - 000706040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-01-14 21:56 - 2018-12-08 05:05 - 000594224 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-01-14 21:56 - 2018-12-08 05:05 - 000421176 _____ (Microsoft Corporation) C:\WINDOWS\system32\xbgmengine.dll
2019-01-14 21:56 - 2018-12-08 05:05 - 000413920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-01-14 21:56 - 2018-12-08 05:05 - 000130312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-01-14 21:56 - 2018-12-08 05:05 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2019-01-14 21:56 - 2018-12-08 05:04 - 002590296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2019-01-14 21:56 - 2018-12-08 05:04 - 001150312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2019-01-14 21:56 - 2018-12-08 05:04 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2019-01-14 21:56 - 2018-12-08 05:04 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-01-14 21:56 - 2018-12-08 05:04 - 000527160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-01-14 21:56 - 2018-12-08 05:04 - 000416024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2019-01-14 21:56 - 2018-12-08 05:04 - 000413176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-01-14 21:56 - 2018-12-08 05:04 - 000375608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-01-14 21:56 - 2018-12-08 05:04 - 000335672 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2019-01-14 21:56 - 2018-12-08 05:04 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-01-14 21:56 - 2018-12-08 05:04 - 000158624 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2019-01-14 21:56 - 2018-12-08 05:04 - 000058168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2019-01-14 21:56 - 2018-12-08 04:47 - 000785760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-01-14 21:56 - 2018-12-08 04:46 - 001397104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2019-01-14 21:56 - 2018-12-08 04:46 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-01-14 21:56 - 2018-12-08 04:46 - 000457056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2019-01-14 21:56 - 2018-12-08 04:46 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-01-14 21:56 - 2018-12-08 04:45 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2019-01-14 21:56 - 2018-12-08 04:45 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-01-14 21:56 - 2018-12-08 04:45 - 000129296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-01-14 21:56 - 2018-12-08 04:39 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnsruprov.dll
2019-01-14 21:56 - 2018-12-08 04:38 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\eeprov.dll
2019-01-14 21:56 - 2018-12-08 04:38 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-01-14 21:56 - 2018-12-08 04:38 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2019-01-14 21:56 - 2018-12-08 04:37 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-01-14 21:56 - 2018-12-08 04:37 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2019-01-14 21:56 - 2018-12-08 04:37 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
2019-01-14 21:56 - 2018-12-08 04:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2019-01-14 21:56 - 2018-12-08 04:37 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2019-01-14 21:56 - 2018-12-08 04:37 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2019-01-14 21:56 - 2018-12-08 04:37 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-01-14 21:56 - 2018-12-08 04:36 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-01-14 21:56 - 2018-12-08 04:36 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-01-14 21:56 - 2018-12-08 04:36 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2019-01-14 21:56 - 2018-12-08 04:36 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-01-14 21:56 - 2018-12-08 04:36 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mmcss.sys
2019-01-14 21:56 - 2018-12-08 04:34 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2019-01-14 21:56 - 2018-12-08 04:34 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2019-01-14 21:56 - 2018-12-08 04:34 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-01-14 21:56 - 2018-12-08 04:34 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2019-01-14 21:56 - 2018-12-08 04:33 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2019-01-14 21:56 - 2018-12-08 04:33 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2019-01-14 21:56 - 2018-12-08 04:33 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-01-14 21:56 - 2018-12-08 04:32 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-01-14 21:56 - 2018-12-08 04:32 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-01-14 21:56 - 2018-12-08 04:32 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-01-14 21:56 - 2018-12-08 04:29 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2019-01-14 21:56 - 2018-12-08 04:28 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-01-14 21:56 - 2018-12-08 04:28 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-01-14 21:56 - 2018-12-08 04:27 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2019-01-14 21:56 - 2018-12-08 04:27 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-01-14 21:56 - 2018-12-08 04:26 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2019-01-14 21:56 - 2018-12-08 04:25 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2019-01-14 21:56 - 2018-12-08 04:25 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2019-01-14 21:56 - 2018-12-08 04:25 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2019-01-14 21:56 - 2018-12-08 04:25 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-01-14 21:56 - 2018-12-08 04:24 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-01-14 21:56 - 2018-12-08 04:24 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-01-14 21:56 - 2018-12-08 04:24 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-01-14 21:56 - 2018-11-09 03:00 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-01-14 21:56 - 2018-11-09 02:58 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2019-01-14 21:56 - 2018-11-09 02:57 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2019-01-14 21:56 - 2018-11-09 02:56 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-01-14 21:56 - 2018-11-09 02:56 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2019-01-14 21:56 - 2018-11-09 02:56 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2019-01-14 21:56 - 2018-11-09 02:55 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-01-14 21:56 - 2018-11-09 02:54 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2019-01-14 21:56 - 2018-11-09 02:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-01-14 21:56 - 2018-11-09 02:19 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2019-01-14 21:56 - 2018-11-09 02:18 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-01-14 21:56 - 2018-11-09 02:18 - 000320512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2019-01-14 21:56 - 2018-11-09 02:17 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-01-14 21:56 - 2018-11-08 23:49 - 000723416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-01-14 21:56 - 2018-11-08 23:49 - 000565048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2019-01-14 21:56 - 2018-11-08 23:49 - 000368656 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2019-01-14 21:56 - 2018-11-08 23:48 - 000766704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-01-14 21:56 - 2018-11-08 23:48 - 000745472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2019-01-14 21:56 - 2018-11-08 23:48 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-01-14 21:56 - 2018-11-08 23:47 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-01-14 21:56 - 2018-11-08 23:47 - 000537912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-01-14 21:56 - 2018-11-08 23:21 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-01-14 21:56 - 2018-11-08 23:21 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2019-01-14 21:56 - 2018-11-08 23:20 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll

#9
2019-01-14 21:56 - 2018-11-08 23:20 - 000399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvctpSvc.dll
2019-01-14 21:56 - 2018-11-08 23:20 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2019-01-14 21:56 - 2018-11-08 23:19 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-01-14 21:56 - 2018-11-08 23:18 - 000573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2019-01-14 21:56 - 2018-11-08 23:18 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2019-01-14 21:56 - 2018-11-08 23:18 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-01-14 21:56 - 2018-11-08 23:16 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2019-01-14 21:56 - 2018-11-08 23:16 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2019-01-14 21:56 - 2018-11-08 23:15 - 000933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-01-14 21:56 - 2018-11-08 23:15 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2019-01-14 21:56 - 2018-11-08 22:48 - 000550728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-01-14 21:56 - 2018-11-08 22:47 - 000295224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2019-01-14 21:56 - 2018-11-08 22:46 - 000573504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-01-14 21:56 - 2018-11-08 22:31 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-01-14 21:56 - 2018-11-08 22:30 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2019-01-14 21:56 - 2018-11-08 22:29 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-01-14 21:56 - 2018-11-08 22:29 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2019-01-14 21:56 - 2018-11-08 22:27 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2019-01-14 21:56 - 2018-11-08 22:26 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2019-01-14 21:56 - 2018-11-08 22:25 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2019-01-14 21:56 - 2018-11-08 22:25 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2019-01-14 21:56 - 2018-11-01 08:49 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-01-14 21:56 - 2018-11-01 08:30 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2019-01-14 21:56 - 2018-11-01 08:29 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2019-01-14 21:56 - 2018-11-01 08:28 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2019-01-14 21:56 - 2018-11-01 08:27 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-01-14 21:56 - 2018-11-01 07:09 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-01-14 21:56 - 2018-11-01 06:56 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2019-01-14 21:56 - 2018-11-01 06:56 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2019-01-14 21:56 - 2018-11-01 06:53 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-01-14 21:56 - 2018-11-01 04:25 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll
2019-01-14 21:56 - 2018-11-01 03:59 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-01-14 21:56 - 2018-11-01 03:59 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2019-01-14 21:56 - 2018-11-01 03:59 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2019-01-14 21:56 - 2018-11-01 03:59 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2019-01-14 21:56 - 2018-11-01 03:58 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-01-14 21:56 - 2018-11-01 03:57 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-01-14 21:56 - 2018-11-01 03:57 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-01-14 21:56 - 2018-11-01 03:57 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2019-01-14 21:56 - 2018-11-01 03:56 - 002929664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-01-14 21:56 - 2018-11-01 03:56 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-01-14 21:56 - 2018-11-01 03:54 - 001679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-01-14 21:56 - 2018-11-01 03:54 - 000606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-01-14 21:56 - 2018-11-01 03:53 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-01-14 21:56 - 2018-11-01 01:48 - 000384520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll
2019-01-14 21:56 - 2018-11-01 01:29 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2019-01-14 21:56 - 2018-11-01 01:27 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-01-14 21:56 - 2018-10-21 10:00 - 001639560 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-01-14 21:56 - 2018-10-21 10:00 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-01-14 21:56 - 2018-10-21 10:00 - 000396304 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2019-01-14 21:56 - 2018-10-21 09:59 - 000766480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-01-14 21:56 - 2018-10-21 09:59 - 000236728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2019-01-14 21:56 - 2018-10-21 09:45 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-01-14 21:56 - 2018-10-21 09:44 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2019-01-14 21:56 - 2018-10-21 09:43 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-01-14 21:56 - 2018-10-21 09:43 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2019-01-14 21:56 - 2018-10-21 09:43 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-01-14 21:56 - 2018-10-21 09:42 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-01-14 21:56 - 2018-10-21 09:42 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-01-14 21:56 - 2018-10-21 09:42 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2019-01-14 21:56 - 2018-10-21 08:38 - 000662312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-01-14 21:56 - 2018-10-21 08:38 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-01-14 21:56 - 2018-10-21 08:38 - 000221216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2019-01-14 21:56 - 2018-10-21 08:37 - 001626656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-01-14 21:56 - 2018-10-21 08:23 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-01-14 21:56 - 2018-10-21 08:23 - 000523264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2019-01-14 21:56 - 2018-10-21 08:22 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2019-01-14 21:56 - 2018-10-21 06:29 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-01-14 21:56 - 2018-10-21 05:44 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-01-14 21:56 - 2018-10-21 04:46 - 000717112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-01-14 21:56 - 2018-10-21 04:46 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-01-14 21:56 - 2018-10-21 04:46 - 000560136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-01-14 21:56 - 2018-10-21 04:46 - 000497864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-01-14 21:56 - 2018-10-21 04:45 - 000185120 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2019-01-14 21:56 - 2018-10-21 04:45 - 000175624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-01-14 21:56 - 2018-10-21 04:45 - 000139792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2019-01-14 21:56 - 2018-10-21 04:45 - 000058088 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2019-01-14 21:56 - 2018-10-21 04:21 - 000123424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2019-01-14 21:56 - 2018-10-21 04:20 - 000424000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-01-14 21:56 - 2018-10-21 04:20 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-01-14 21:56 - 2018-10-21 04:20 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2019-01-14 21:56 - 2018-10-21 04:19 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-01-14 21:56 - 2018-10-21 04:19 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2019-01-14 21:56 - 2018-10-21 04:19 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-01-14 21:56 - 2018-10-21 04:19 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-01-14 21:56 - 2018-10-21 04:19 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2019-01-14 21:56 - 2018-10-21 04:19 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2019-01-14 21:56 - 2018-10-21 04:19 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhf.sys
2019-01-14 21:56 - 2018-10-21 04:19 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2019-01-14 21:56 - 2018-10-21 04:18 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-01-14 21:56 - 2018-10-21 04:18 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2019-01-14 21:56 - 2018-10-21 04:18 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2019-01-14 21:56 - 2018-10-21 04:18 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2019-01-14 21:56 - 2018-10-21 04:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2019-01-14 21:56 - 2018-10-21 04:18 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2019-01-14 21:56 - 2018-10-21 04:17 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-01-14 21:56 - 2018-10-21 04:17 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-01-14 21:56 - 2018-10-21 04:17 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcp.dll
2019-01-14 21:56 - 2018-10-21 04:17 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2019-01-14 21:56 - 2018-10-21 04:15 - 000743936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2019-01-14 21:56 - 2018-10-21 04:14 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2019-01-14 21:56 - 2018-10-21 04:14 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2019-01-14 21:56 - 2018-10-21 04:02 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-01-14 21:56 - 2018-10-21 04:01 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2019-01-14 21:56 - 2018-10-21 04:00 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2019-01-14 21:56 - 2018-10-21 03:59 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-01-14 21:56 - 2018-10-21 03:58 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-01-14 21:56 - 2018-10-21 02:59 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-01-14 21:56 - 2018-10-21 02:59 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2019-01-14 21:56 - 2018-04-28 01:02 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-01-14 21:55 - 2019-01-01 10:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-14 21:55 - 2019-01-01 10:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-14 21:55 - 2019-01-01 10:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-14 21:55 - 2019-01-01 10:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-14 21:55 - 2019-01-01 10:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-14 21:55 - 2019-01-01 10:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-14 21:55 - 2019-01-01 03:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-14 21:55 - 2019-01-01 03:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-14 21:55 - 2019-01-01 03:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-14 21:55 - 2019-01-01 03:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-14 21:55 - 2019-01-01 03:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-14 21:55 - 2019-01-01 03:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-14 21:55 - 2019-01-01 03:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-14 21:55 - 2019-01-01 03:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-14 21:55 - 2019-01-01 02:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-14 21:55 - 2018-12-14 03:55 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-01-14 21:55 - 2018-12-08 09:23 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-01-14 21:55 - 2018-12-08 04:38 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2019-01-14 21:55 - 2018-12-08 04:38 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2019-01-14 21:55 - 2018-12-08 04:38 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-01-14 21:55 - 2018-12-08 04:37 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2019-01-14 21:55 - 2018-12-08 04:36 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2019-01-14 21:55 - 2018-12-08 04:30 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-01-14 21:55 - 2018-12-08 04:29 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-01-14 21:55 - 2018-11-08 23:22 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-01-14 21:55 - 2018-11-08 23:22 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2019-01-14 21:55 - 2018-11-08 23:21 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-01-14 21:55 - 2018-11-08 23:20 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2019-01-14 21:55 - 2018-11-08 23:19 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-01-14 21:55 - 2018-11-08 22:31 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-01-14 21:55 - 2018-11-08 22:30 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2019-01-14 21:55 - 2018-11-01 08:30 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-01-14 21:55 - 2018-11-01 04:03 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2019-01-14 21:55 - 2018-11-01 04:02 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2019-01-14 21:55 - 2018-11-01 04:02 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2019-01-14 21:55 - 2018-11-01 03:59 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2019-01-14 21:55 - 2018-11-01 03:57 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2019-01-14 21:55 - 2018-10-21 09:44 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll
2019-01-14 21:55 - 2018-10-21 09:42 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2019-01-14 21:55 - 2018-10-21 08:28 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETRES.dll
2019-01-14 21:55 - 2018-10-21 04:20 - 000141312 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2019-01-14 21:55 - 2018-10-21 04:19 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-01-14 21:55 - 2018-10-21 04:19 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcpAppSvc.dll
2019-01-14 21:55 - 2018-10-21 04:16 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-01-14 21:55 - 2018-10-21 04:15 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-01-14 21:55 - 2018-10-21 03:58 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-01-14 21:54 - 2019-01-14 21:54 - 000000000 ____D C:\Users\usuario\AppData\Local\D3DSCache
2019-01-14 21:53 - 2019-01-14 21:53 - 003253552 _____ (Alexander Roshal) C:\Users\usuario\Downloads\winrar-x64-561es.exe
2019-01-13 15:43 - 2019-01-13 15:43 - 000000000 ____D C:\Users\usuario\AppData\Local\Sony Corporation
2019-01-13 15:41 - 2019-01-13 15:41 - 000002177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uso a distancia de tu PS4.lnk
2019-01-13 15:41 - 2019-01-13 15:41 - 000002165 _____ C:\Users\Public\Desktop\Uso a distancia de tu PS4.lnk
2019-01-13 15:41 - 2019-01-13 15:41 - 000000000 ____D C:\Program Files (x86)\Sony

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-20 13:48 - 2018-04-11 20:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-20 13:46 - 2018-05-31 10:30 - 001768608 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-20 13:46 - 2018-04-12 13:18 - 000786502 _____ C:\WINDOWS\system32\perfh00A.dat
2019-01-20 13:46 - 2018-04-12 13:18 - 000155134 _____ C:\WINDOWS\system32\perfc00A.dat
2019-01-20 13:46 - 2018-04-11 20:36 - 000000000 ____D C:\WINDOWS\INF
2019-01-20 13:40 - 2018-05-31 10:16 - 000000000 ____D C:\Users\usuario
2019-01-20 13:40 - 2018-05-31 10:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-20 08:24 - 2018-05-31 10:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-19 23:10 - 2018-05-31 10:50 - 000004204 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{87AF26EC-AD44-4375-BA2B-6A814E866B4D}
2019-01-19 21:36 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-18 08:23 - 2018-04-11 20:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-17 22:53 - 2017-09-29 00:45 - 000000000 ____D C:\Program Files\rempl
2019-01-17 21:54 - 2018-04-11 20:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-16 22:00 - 2018-05-26 01:39 - 000000000 ___DC C:\WINDOWS\Panther
2019-01-16 22:00 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\ModemLogs
2019-01-16 22:00 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-01-16 21:52 - 2018-04-11 18:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-01-16 16:57 - 2015-12-09 07:18 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-16 16:55 - 2015-12-09 07:18 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-14 23:30 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-01-14 22:46 - 2018-02-02 22:54 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-01-14 22:37 - 2015-12-13 08:33 - 000000000 ___RD C:\Users\usuario\3D Objects
2019-01-14 22:37 - 2015-11-22 09:45 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-01-14 22:35 - 2018-05-31 10:11 - 000234176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-01-14 22:31 - 2018-04-11 20:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-01-14 22:31 - 2018-04-11 20:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-01-14 22:31 - 2018-04-11 20:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-01-14 22:31 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-14 22:31 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2019-01-14 22:31 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-01-14 22:31 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-01-14 22:30 - 2018-04-11 20:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-01-14 22:30 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-14 21:37 - 2018-05-31 10:50 - 000000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2019-01-14 21:37 - 2015-11-24 07:51 - 000000000 ____D C:\Users\usuario\AppData\Local\Lenovo
2019-01-14 21:37 - 2015-11-24 07:51 - 000000000 ____D C:\Program Files (x86)\Lenovo
2019-01-14 21:27 - 2018-08-17 19:47 - 000000000 ____D C:\ProgramData\Packages
2019-01-14 21:27 - 2017-12-13 14:05 - 000000000 ____D C:\Users\usuario\AppData\Local\Packages
2019-01-13 15:49 - 2015-11-22 11:48 - 000592616 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-01-13 15:39 - 2016-11-10 21:24 - 000002382 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-13 15:39 - 2015-11-24 07:50 - 000000000 ____D C:\ProgramData\Package Cache
2019-01-13 15:38 - 2018-05-31 10:50 - 000003620 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-13 15:38 - 2018-05-31 10:50 - 000003496 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-01-11 03:02 - 2016-06-12 19:36 - 000000000 ____D C:\Users\usuario\AppData\Roaming\DVDVideoSoft
2019-01-11 03:02 - 2015-11-22 09:51 - 000000000 ___RD C:\Users\usuario\OneDrive
2019-01-11 03:00 - 2015-11-25 21:18 - 000000000 ___RD C:\Program Files (x86)\Skype
2019-01-11 03:00 - 2015-11-25 21:18 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Skype
2019-01-11 03:00 - 2015-11-25 21:18 - 000000000 ____D C:\ProgramData\Skype
2019-01-11 02:59 - 2018-08-18 15:38 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Zoom
2019-01-02 16:41 - 2018-08-08 09:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-02 16:41 - 2018-08-08 09:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2016-01-18 01:03 - 2016-01-18 01:03 - 002650644 _____ () C:\Users\usuario\AppData\Roaming\sb750.dat
2015-11-24 08:52 - 2016-07-23 01:57 - 000000299 _____ () C:\Users\usuario\AppData\Roaming\WB.CFG

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-31 10:11

==================== End of FRST.txt ============================

#10
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.01.2019
Ran by danny (20-01-2019 13:52:41)
Running from C:\Users\usuario\Downloads
Windows 10 Home Single Language Version 1803 17134.523 (X64) (2018-05-31 13:52:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-4263953724-3431975638-3843537034-500 - Administrator - Disabled)
danny (S-1-5-21-4263953724-3431975638-3843537034-1001 - Administrator - Enabled) => C:\Users\usuario
DefaultAccount (S-1-5-21-4263953724-3431975638-3843537034-503 - Limited - Disabled)
Invitado (S-1-5-21-4263953724-3431975638-3843537034-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4263953724-3431975638-3843537034-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.228 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
Uso a distancia de tu PS4 (HKLM-x32\...\{B93B8523-78A1-4949-8D16-94CA8B72FC88}) (Version: 2.7.0.07270 - Sony Interactive Entertainment Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4263953724-3431975638-3843537034-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01202019134420920_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-4263953724-3431975638-3843537034-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0769486D-BC25-4487-A434-056F47C55ADA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe [2015-12-16] (Adobe Systems Incorporated)
Task: {0A00AC4F-A08B-4EE5-98C3-969D7EC7D3A4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2019-01-14] (Microsoft Corporation)
Task: {1691DAFA-A713-4A1E-A33B-BC36A8A4467F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {19AD9533-CFC4-4D7F-A280-674CEDF0E26C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-12-10] (Piriform Software Ltd)
Task: {1A028049-4C4D-48EE-8C9D-9269619431D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {1B5284F1-56CF-4DB8-8251-2F488EA88643} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2019-01-14] (Microsoft Corporation)
Task: {4FB0192F-9896-429A-B00F-4654456C8B6D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-12-10] (Piriform Ltd)
Task: {52178C29-DB7E-4D81-9D53-4ABB0E73F31C} - System32\Tasks\{E227F637-0ED2-4C36-A75C-4FF49FA9DF85} => C:\WINDOWS\system32\pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {7CC9FB4E-0FBD-40A3-BE1A-E8EE4B0512C4} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo)
Task: {C797298F-539A-4A89-92A2-E985088FADBE} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {E70F6DC9-0208-475A-B311-71A0D0EEE53C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2019-01-14] (Microsoft Corporation)
Task: {F8963F02-8802-4B1C-99FD-4424B6C636C7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2019-01-14] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\usuario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://tgmgo.com

==================== Loaded Modules (Whitelisted) ==============

2019-01-16 18:59 - 2018-11-15 11:01 - 002712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-04-11 20:34 - 2018-04-11 20:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-11 20:34 - 2018-04-11 20:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2019-01-14 21:57 - 2018-11-08 23:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-01-14 21:57 - 2019-01-01 03:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2019-01-14 20:48 - 2019-01-14 20:54 - 034870272 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
2019-01-14 20:48 - 2019-01-14 20:54 - 000292352 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\SharedUI.dll
2017-12-09 23:40 - 2017-12-09 23:40 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2019-01-14 19:49 - 2019-01-14 19:56 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-14 20:48 - 2019-01-14 20:54 - 005967872 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-01-14 20:48 - 2019-01-14 20:54 - 009072128 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\EntPlat.dll
2019-01-14 20:38 - 2019-01-14 20:46 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-11-08 00:41 - 2018-11-08 08:20 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2019-01-14 20:38 - 2019-01-14 20:46 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2019-01-13 15:39 - 2018-12-12 02:12 - 002682336 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\swiftshader\libglesv2.dll
2019-01-13 15:39 - 2018-12-12 02:12 - 000156640 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\swiftshader\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 04:24 - 2019-01-13 15:57 - 000001011 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1       down.baidu2016.com
127.0.0.1       123.sogou.com
127.0.0.1       www.czzsyzgm.com
127.0.0.1       www.czzsyzxl.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01202019134419960\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01202019134420562\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-4263953724-3431975638-3843537034-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
HKU\S-1-5-21-4263953724-3431975638-3843537034-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01202019134420920\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 200.83.1.4 - 190.160.0.14
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKU\S-1-5-21-4263953724-3431975638-3843537034-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_4B64FD1BF105F1C2513DD9D68C049F2A"
HKU\S-1-5-21-4263953724-3431975638-3843537034-1001\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-4263953724-3431975638-3843537034-1001\...\StartupApproved\Run: => "MouseServer"
HKU\S-1-5-21-4263953724-3431975638-3843537034-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01202019134420920\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_4B64FD1BF105F1C2513DD9D68C049F2A"
HKU\S-1-5-21-4263953724-3431975638-3843537034-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01202019134420920\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-4263953724-3431975638-3843537034-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01202019134420920\...\StartupApproved\Run: => "MouseServer"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{687F3F67-F986-44F8-9EF3-B96C75A90FD4}] => (Allow) LPort=1900
FirewallRules: [{7FBDF104-5941-4401-BC48-016ED54DD184}] => (Allow) LPort=2869
FirewallRules: [{A8BDF86E-8596-46C2-AC00-BDF9884451BF}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
FirewallRules: [{0080D606-540A-4BF1-8221-70AFB00FD6C8}] => (Allow) C:\Users\usuario\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors)
FirewallRules: [{1536C120-EB42-4085-9737-9085C929DFAD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{7380DEAC-5B70-4601-AD75-425B286CF6A7}] => (Allow) C:\Program Files (x86)\Sony\PS4 Remote Play\RemotePlay.exe (Sony Interactive Entertainment Inc.)
FirewallRules: [{43EEBA5A-FA8B-45A7-8EC8-28A79098F0FC}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{68FA3F66-B7D0-42A3-9199-1CA72F4CA261}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)

==================== Restore Points =========================

17-01-2019 21:53:16 Windows Update

==================== Faulty Device Manager Devices =============

Name: Dispositivo base del sistema
Description: Dispositivo base del sistema
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Dispositivo base del sistema
Description: Dispositivo base del sistema
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/20/2019 08:21:28 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\VOCALOID3AE\VOCALOID3.exe".
No se encontró el ensamblado dependiente Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (01/18/2019 08:15:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\VOCALOID3AE\VOCALOID3.exe".
No se encontró el ensamblado dependiente Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (01/17/2019 09:53:58 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

#11
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddWin32ServiceFiles: Unable to back up image of service gupdatem since QueryServiceConfig API failed

System Error:
El sistema no puede encontrar el archivo especificado.
.

Error: (01/17/2019 09:53:58 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddWin32ServiceFiles: Unable to back up image of service Servicio de Google Update (gupdate) since QueryServiceConfig API failed

System Error:
El sistema no puede encontrar el archivo especificado.
.

Error: (01/16/2019 09:58:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (4584,R,98) WebCacheLocal: Error -1032 (0xfffffbf8) al abrir un archivo de registro C:\Users\usuario\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (01/16/2019 09:58:45 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (4584,R,98) WebCacheLocal: Al intentar abrir el archivo "C:\Users\usuario\AppData\Local\Microsoft\Windows\WebCache\V01.log" para acceso de lectura y escritura se produjo el error de sistema 32 (0x00000020): "El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso. ". La operación para abrir el archivo se cerrará con el error -1032 (0xfffffbf8).

Error: (01/16/2019 09:58:35 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (4584,R,98) WebCacheLocal: Error -1032 (0xfffffbf8) al abrir un archivo de registro C:\Users\usuario\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (01/16/2019 09:58:35 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (4584,R,98) WebCacheLocal: Al intentar abrir el archivo "C:\Users\usuario\AppData\Local\Microsoft\Windows\WebCache\V01.log" para acceso de lectura y escritura se produjo el error de sistema 32 (0x00000020): "El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso. ". La operación para abrir el archivo se cerrará con el error -1032 (0xfffffbf8).


System errors:
=============
Error: (01/20/2019 01:45:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (01/20/2019 01:43:28 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (01/20/2019 01:43:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.WscDataProtection
 y APPID 
No disponible
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (01/20/2019 01:42:53 PM) (Source: DCOM) (EventID: 10016) (User: j2073)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario j2073\danny con SID (S-1-5-21-4263953724-3431975638-3843537034-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (01/20/2019 01:41:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Windows Presentation Foundation Font Cache 3.0.0.0 no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (01/20/2019 01:41:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio FontCache3.0.0.0.

Error: (01/20/2019 01:41:26 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción del servicio iphlpsvc.

Error: (01/20/2019 01:41:05 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.


Windows Defender:
===================================
Date: 2019-01-19 21:36:40.232
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {6C173EE5-246B-4EF2-956B-20EC399BAB0A}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2018-10-24 22:03:01.473
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {1B696F48-1815-4561-AF7B-46018983297F}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-01-20 13:52:11.819
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.283.3364.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15500.2
Código de error: 0x80240016
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2019-01-17 22:15:02.826
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.283.3120.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15500.2
Código de error: 0x8024402c
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2019-01-14 16:41:20.852
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.279.1518.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.15400.4
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-01-14 16:41:20.852
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.279.1518.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.15400.4
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-01-14 16:41:20.851
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.279.1518.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.15400.4
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz
Percentage of memory in use: 61%
Total physical RAM: 3989.36 MB
Available physical RAM: 1532.99 MB
Total Virtual: 4693.36 MB
Available Virtual: 2133.84 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:450 GB) (Free:421.34 GB) NTFS
Drive e: (Nuevo) (CDROM) (Total:2.46 GB) (Free:0 GB) UDF

\\?\Volume{1eeda227-cf61-4161-9c06-615f693b707a}\ (Windows RE tools) (Fixed) (Total:0.29 GB) (Free:0.08 GB) NTFS
\\?\Volume{e9973349-0924-47c4-a9bf-60ab9c3767f8}\ () (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS
\\?\Volume{7f38646c-ad63-4a60-9ee6-10c3b748214c}\ (Recovery image) (Fixed) (Total:14.65 GB) (Free:7.06 GB) NTFS
\\?\Volume{9cff5961-f6a1-4833-aaf7-ee5efa000a41}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 0CC43A1C)

Partition: GPT.

==================== End of Addition.txt ============================

#12

Hola

No descargaste ni ejecutaste FRST desde el escritorio como te indiqué, muévelo al escritorio para realizar el siguiente paso, si no no funcionará.

:arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe( en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:

GroupPolicy: Restriction ? <==== ATTENTION
SearchScopes: HKLM -> {a62abdee-78a2-4ddb-9355-1c334abd6e43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4263953724-3431975638-3843537034-1001 -> {a62abdee-78a2-4ddb-9355-1c334abd6e43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4263953724-3431975638-3843537034-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01202019134420920 -> {a62abdee-78a2-4ddb-9355-1c334abd6e43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
CHR Extension: (Chrome Media Router) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-13]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {C797298F-539A-4A89-92A2-E985088FADBE} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
ShortcutWithArgument: C:\Users\usuario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://tgmgo.com

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.


  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
  • Presionar el botón FIX y aguardar a que termine.
  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo


#13
Fix result of Farbar Recovery Scan Tool (x64) Version: 20.01.2019
Ran by danny (23-01-2019 10:59:01) Run:1
Running from C:\Users\usuario\Desktop
Loaded Profiles: danny (Available Profiles: danny)
Boot Mode: Normal
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:

GroupPolicy: Restriction ? <==== ATTENTION
SearchScopes: HKLM -> {a62abdee-78a2-4ddb-9355-1c334abd6e43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4263953724-3431975638-3843537034-1001 -> {a62abdee-78a2-4ddb-9355-1c334abd6e43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4263953724-3431975638-3843537034-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01202019134420920 -> {a62abdee-78a2-4ddb-9355-1c334abd6e43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
CHR Extension: (Chrome Media Router) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-13]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {C797298F-539A-4A89-92A2-E985088FADBE} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
ShortcutWithArgument: C:\Users\usuario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://tgmgo.com

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
*****************

Restore point was successfully created.
Processes closed successfully.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{a62abdee-78a2-4ddb-9355-1c334abd6e43} => removed successfully
HKLM\Software\Classes\CLSID\{a62abdee-78a2-4ddb-9355-1c334abd6e43} => not found
HKU\S-1-5-21-4263953724-3431975638-3843537034-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{a62abdee-78a2-4ddb-9355-1c334abd6e43} => removed successfully
HKLM\Software\Classes\CLSID\{a62abdee-78a2-4ddb-9355-1c334abd6e43} => not found
SearchScopes: HKU\S-1-5-21-4263953724-3431975638-3843537034-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01202019134420920 -> {a62abdee-78a2-4ddb-9355-1c334abd6e43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 => Error: No automatic fix found for this entry.
CHR Extension: (Chrome Media Router) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-13] => Error: No automatic fix found for this entry.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{65B85F6F-35B3-4459-A179-28255D5B7B25}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65B85F6F-35B3-4459-A179-28255D5B7B25}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\HelloFace\FODCleanupTask" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C797298F-539A-4A89-92A2-E985088FADBE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C797298F-539A-4A89-92A2-E985088FADBE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
C:\Users\usuario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk => Shortcut argument removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-4263953724-3431975638-3843537034-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-4263953724-3431975638-3843537034-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Wi-Fi mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 2 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 3 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Ethernet 5 mientras los medios
est‚n desconectados.

Adaptador de Ethernet Ethernet:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Direcci¢n IPv6 . . . . . . . . . . : ::e04d:e4a4:e4bd:3f4a
   Direcci¢n IPv6 temporal. . . . . . : ::215c:21f6:d1c1:ff9b
   V¡nculo: direcci¢n IPv6 local. . . : fe80::e04d:e4a4:e4bd:3f4a%19
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.15
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.0.1

Adaptador de LAN inal mbrica Wi-Fi:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 2:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 3:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de Ethernet Ethernet 5:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

{FA2006C2-9D97-49C3-B244-B83FF519C422} canceled.
1 out of 1 jobs canceled.

========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 12083200 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11569713 B
Java, Flash, Steam htmlcache => 533 B
Windows/system/drivers => 20230988 B
Edge => 17888 B
Chrome => 350332017 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 11348 B
NetworkService => 0 B
usuario => 200473652 B

RecycleBin => 496450 B
EmptyTemp: => 567.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:04:09 ====

#14

TE AGRADEZCO ENORMEMENTE. AL f{in ya no aparece al iniciar chrome esto del tgmgo. bendita en el nombre de alá. eres genial, daniela. gracias.


#15

Hola MARCELO_BRAVO

Sigue estos pasos, para eliminar las herramientas utilizadas:

Para hacerlo utiliza de nuevo/descarga >> DelFix.exe en tu escritorio.

  • Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador -).

  • Marca todas las casillas, y pulsas en Run

Se abrirá el informe (DelFix.txt), puedes cerrarlo.


Gracias a ti por confiar en ForoSpyware. Ha sido un placer ayudarte :handshake:

Nos alegramos que se te haya resuelto :Bien: Damos el tema por solucionado.

Solucionado

Un saludo


cerrado #16