Hola que tal, Primeramente gracias por la ayuda que me puedan brindar, Mi PC normalmente va super bien, hace una semana para aca se ha puesto muy lenta, cuando estoy jugando me crashea, y son cosas que no tienen explicacion ya que ella tiene suficiente potencia para hacer lo que yo quiera, un dato es que se me instalo Chromium solo y ya lo desistale :(. Saludos!.
Buenas @fabil09
Para revisar tu máquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado. 
Desactiva temporalmente el Antivirus 
Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.
Vamos a descargar en TU ESCRITORIO(y NO en otro lugar 
) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :
-
Malwarebytes’ Anti-Malware + Manual.
revisa en detalle el manual, para que sepas usarlo y configurarlo correctamente. -
Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. [color=#FF8C00][size=1]
¿Cómo saber si mi Windows es de 32 o 64 bits.?[/size][/color]
Ejecutas las herramientas de una en una y en el orden indicado :
CCleaner.-
-
Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.
-
Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.
-
Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).
Malwarebytes.-
-
Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.
-
Realiza un Análisis Completo.
-
Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.
-
En el apartado del manual
Historial 
encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.
AdwCleaner.-
-
Ejecuta Adwcleaner.exe.
-
Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.
-
Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
-
El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.
-
El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt
Junkware Removal Tool.-
-
Ejecuta JRT.exe.
-
Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.
-
Si en algún momento te pide Reiniciar hazlo.
-
Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.
-
Copia y pega el contenido de JRT.txt en tu próxima respuesta.
Farbar Recovery Scan Tool.-
-
Ejecuta FRST.exe.
-
En el mensaje de la ventana del Disclaimer, pulsamos Yes
-
En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
-
Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.
Poner los informes en tu próxima respuesta de :
- Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden.
Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).
Y nos cuentas como funciona tu equipo en relación al problema planteado.
Saludos Javier.
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 8/9/19
Hora del análisis: 20:17
Archivo de registro: 9cb4dc9c-d29f-11e9-b148-e0d55e4f4ae3.json
-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.625
Versión del paquete de actualización: 1.0.12377
Licencia: Prueba
-Información del sistema-
SO: Windows 10 (Build 17763.678)
CPU: x64
Sistema de archivos: NTFS
Usuario: \
-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Cancelado
Objetos analizados: 140472
Amenazas detectadas: 223
Amenazas en cuarentena: 0
Tiempo transcurrido: 3 min, 41 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 2
PUP.Optional.Segurazo, C:\PROGRAM FILES (X86)\SEGURAZO\SEGURAZOIC.EXE, Sin acciones por parte del usuario, [1522], [715288],1.0.12377
PUP.Optional.Segurazo, C:\PROGRAM FILES (X86)\SEGURAZO\SEGURAZOSERVICE.EXE, Sin acciones por parte del usuario, [1522], [715287],1.0.12377
Módulo: 2
PUP.Optional.Segurazo, C:\PROGRAM FILES (X86)\SEGURAZO\SEGURAZOIC.EXE, Sin acciones por parte del usuario, [1522], [715288],1.0.12377
PUP.Optional.Segurazo, C:\PROGRAM FILES (X86)\SEGURAZO\SEGURAZOSERVICE.EXE, Sin acciones por parte del usuario, [1522], [715287],1.0.12377
Clave del registro: 19
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\NAHHMPBCKPGDIDFNMFKFGIFLPJIJILCE, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\NAHHMPBCKPGDIDFNMFKFGIFLPJIJILCE, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, HKU\S-1-5-21-3915770623-3759347639-1613647934-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nahhmpbckpgdidfnmfkfgiflpjijilce, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, Sin acciones por parte del usuario, [2083], [183362],1.0.12377
PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, Sin acciones por parte del usuario, [2083], [183362],1.0.12377
PUP.Optional.SearchManager, HKU\S-1-5-21-3915770623-3759347639-1613647934-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, Sin acciones por parte del usuario, [2083], [183362],1.0.12377
PUP.Optional.WinYahoo, HKU\S-1-5-21-3915770623-3759347639-1613647934-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}, Sin acciones por parte del usuario, [239], [254682],1.0.12377
PUP.Optional.Segurazo, HKLM\SOFTWARE\Segurazo, Sin acciones por parte del usuario, [1522], [709100],1.0.12377
PUP.Optional.Segurazo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SegurazoIC, Sin acciones por parte del usuario, [1522], [715288],1.0.12377
PUP.Optional.Segurazo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SEGURAZOKD, Sin acciones por parte del usuario, [1522], [715288],1.0.12377
PUP.Optional.Segurazo, HKLM\SOFTWARE\WOW6432NODE\Segurazo, Sin acciones por parte del usuario, [1522], [709100],1.0.12377
PUP.Optional.Segurazo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SegurazoSvc, Sin acciones por parte del usuario, [1522], [715287],1.0.12377
PUP.Optional.Segurazo, HKLM\SOFTWARE\WOW6432NODE\SegurazoAntivirus, Sin acciones por parte del usuario, [1522], [709101],1.0.12377
PUP.Optional.Segurazo, HKLM\SOFTWARE\MICROSOFT\TRACING\segurazoclient_RASAPI32, Sin acciones por parte del usuario, [1522], [709099],1.0.12377
PUP.Optional.Segurazo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\SegurazoSvc, Sin acciones por parte del usuario, [1522], [713771],1.0.12377
PUP.Optional.InstallCore, HKU\S-1-5-21-3915770623-3759347639-1613647934-1001\SOFTWARE\CSASTATS\ic, Sin acciones por parte del usuario, [450], [586068],1.0.12377
PUP.Optional.Segurazo, HKLM\SOFTWARE\MICROSOFT\TRACING\segurazoclient_RASMANCS, Sin acciones por parte del usuario, [1522], [709099],1.0.12377
PUP.Optional.Segurazo, HKLM\SOFTWARE\MICROSOFT\TRACING\SegurazoService_RASAPI32, Sin acciones por parte del usuario, [1522], [709099],1.0.12377
PUP.Optional.Segurazo, HKLM\SOFTWARE\MICROSOFT\TRACING\SegurazoService_RASMANCS, Sin acciones por parte del usuario, [1522], [709099],1.0.12377
Valor del registro: 3
PUP.Optional.SearchManager, HKU\S-1-5-21-3915770623-3759347639-1613647934-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|NAHHMPBCKPGDIDFNMFKFGIFLPJIJILCE, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, HKU\S-1-5-21-3915770623-3759347639-1613647934-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, Sin acciones por parte del usuario, [2083], [183362],1.0.12377
PUP.Optional.WinYahoo, HKU\S-1-5-21-3915770623-3759347639-1613647934-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}|URL, Sin acciones por parte del usuario, [239], [254682],1.0.12377
Datos del registro: 1
PUP.Optional.WinYahoo, HKU\S-1-5-21-3915770623-3759347639-1613647934-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Sin acciones por parte del usuario, [239], [707485],1.0.12377
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 25
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\sitesThumbnails, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\converter, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\weather, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\films, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\icons, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\tiles, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\maps, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\_locales\pt_BR, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\fonts, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\_locales\en, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\_locales\fr, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\_locales\hi, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\_locales\vi, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\skin\icons, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\_metadata, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\_locales, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\vendor, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\skin, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\NAHHMPBCKPGDIDFNMFKFGIFLPJIJILCE, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.Segurazo, C:\PROGRAM FILES (X86)\SEGURAZO, Sin acciones por parte del usuario, [1522], [709091],1.0.12377
PUP.Optional.Segurazo, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\SEGURAZO, Sin acciones por parte del usuario, [1522], [709092],1.0.12377
PUP.Optional.Segurazo, C:\PROGRAMDATA\SEGURAZO, Sin acciones por parte del usuario, [1522], [709093],1.0.12377
Archivo: 171
PUP.Optional.SearchModule, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\chrome-extension_nahhmpbckpgdidfnmfkfgiflpjijilce_0.localstorage, Sin acciones por parte del usuario, [279], [453492],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\fonts\HelveticaNeue-Thin.otf, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\fonts\HelveticaNeueLT-Roman.woff, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\fonts\neue-bold.woff, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\fonts\neue.woff, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\converter\close-FF8A5A.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\converter\collection-9B9B9B.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\converter\collection-FF691E.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\converter\doc-icon-FFFFFF.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\converter\error-FF691E.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\converter\pdf-2-doc-9B9B9B.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\converter\pdf-2-doc-FFFFFF.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\converter\pdf-icon-FFFFFF.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\converter\success-FF8A5A.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\converter\tab-arrow-FF691E.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\converter\upload-FF691E.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\films\amazon-FFFFFF.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\films\amazon.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\films\close.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\films\enlarge-000000-FFFFFF.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\films\enlarge-FFCA00-000000.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\films\hulu-FFFFFF.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\films\hulu.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\films\minimize-000000-FFFFFF.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\films\netflix-FFFFFF.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\films\netflix.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\films\refresh-FFFFFF-000000.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\films\shrink-FFCA00-000000.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\films\shuffle-000000.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\films\shuffle-FFFFFF.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\films\vudu-FFFFFF.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\films\vudu.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\icons\128.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\icons\16.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\icons\48.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\icons\close.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\icons\favicon.ico, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\icons\trends.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\maps\bing-maps-FFFFFF.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\maps\from-to-icon-8881FF.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\maps\google-maps-FFFFFF.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\maps\location-icon-8881FF.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\maps\search-4A4A4A.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\maps\search-8881FF.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\maps\switch-8881FF.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\maps\tab-arrow-8881FF.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\maps\whereto-logo-8881FF.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\maps\whereto-logo-FFFFFF.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\sitesThumbnails\facebook_tile_v2.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\sitesThumbnails\aliexpress.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\sitesThumbnails\aliexpress_tile_v2.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\sitesThumbnails\amazon.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\sitesThumbnails\amazon_tile_v2.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\sitesThumbnails\booking.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\sitesThumbnails\booking_tile_v2.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\sitesThumbnails\ebay.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\sitesThumbnails\ebay_tile_v2.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\sitesThumbnails\expedia.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\sitesThumbnails\expedia_tile_v2.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\sitesThumbnails\facebook.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\sitesThumbnails\gmail.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\sitesThumbnails\gmail_tile_v2.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\sitesThumbnails\google-translate-icon-FFFFFF.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\sitesThumbnails\gtranslte.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\sitesThumbnails\pinterest.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\sitesThumbnails\pinterest_tile_v2.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\sitesThumbnails\twitter.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\sitesThumbnails\twitter_tile_v2.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\sitesThumbnails\wix.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\sitesThumbnails\wix_tile_v2.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\sitesThumbnails\yahoo.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\sitesThumbnails\yahoo_tile_v2.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\sitesThumbnails\youtube.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\sitesThumbnails\youtube_tile_v2.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\tiles\DOC-to-PDF.jpg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\tiles\PDF-to-DOC.jpg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\tiles\Translation.jpg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\tiles\View-PDF.jpg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\weather\01d.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\weather\01n.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\weather\02d.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\weather\02n.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\weather\03d.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\weather\03n.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\weather\04d.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\weather\04n.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\weather\09d.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\weather\09n.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\weather\10d.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\weather\10n.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\weather\11d.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\weather\11n.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\weather\13d.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\weather\13n.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\weather\50d.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\weather\50n.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\down.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\alot.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\angle-arrow-down.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\bing.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\bing_large.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\bluesky-bg.jpg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\brush.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\bt.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\clock.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\cloud.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\cupcake-bg.jpg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\desk-bg.jpg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\doodle.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\enhanced_google.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\eyeglass.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\eyeglass_transparent.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\films-bg.jpg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\gmx_large.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\google.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\google_large.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\hero-bg.jpg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\just-the-box-empty.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\just-the-box.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\mountain-bg.jpg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\pointer2.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\radio-selected.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\radio-unselected.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\sea-bg.jpg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\search-D7D7D7.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\search-FFFFFF.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\settings.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\smallMagnifier.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\star-unselected.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\star.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\todoc.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\toggle-off.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\toggle-on.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\topdf.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\transparent_img.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\yahoo.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\yahoo.svg, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\yahoo_large.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\yandex.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\_enhanced_google.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\images\_gmx_large.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\content\bundle.v0.0.1.min.css, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\skin\icons\16.png, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\vendor\md5.min.js, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\vendor\react-dom.min.js, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\vendor\react-with-addons.min.js, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\_locales\en\messages.json, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\_locales\fr\messages.json, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\_locales\hi\messages.json, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\_locales\pt_BR\messages.json, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\_locales\vi\messages.json, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\_metadata\verified_contents.json, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\2bfc185be71f44cd73ac81511fc1f5a5.woff, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\AmpSearchServiceLocalList.json, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\b495e340f4ef8924fea0284c1bf9e7ac.woff, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\background.html, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\background.v0.0.1.min.js, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\c5a5cbf4dbcaa7064f2bc77f52101aec.otf, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\client.v0.0.1.min.js, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\common.js.v0.0.1.min.js, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\e5d3501d500d07b0a1e952b0f8a81d78.woff, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\e_.json, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\index.html, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\manifest.json, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.93_0\responseConfig.json, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Sin acciones por parte del usuario, [2083], [440037],1.0.12377
PUP.Optional.SearchManager, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sin acciones por parte del usuario, [2083], [183362],1.0.12377
PUP.Optional.Segurazo, C:\PROGRAM FILES (X86)\SEGURAZO\SEGURAZOIC.EXE, Sin acciones por parte del usuario, [1522], [715288],1.0.12377
PUP.Optional.Segurazo, C:\PROGRAM FILES (X86)\SEGURAZO\SEGURAZOKD.SYS, Sin acciones por parte del usuario, [1522], [715288],1.0.12377
PUP.Optional.Segurazo, C:\PROGRAM FILES (X86)\SEGURAZO\SEGURAZOSERVICE.EXE, Sin acciones por parte del usuario, [1522], [715287],1.0.12377
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-05-2019
# Database: 2019-09-06.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-08-2019
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 8
# Failed: 6
***** [ Services ] *****
Deleted SegurazoIC
Deleted SegurazoSvc
***** [ Folders ] *****
Not Deleted C:\Program Files (x86)\Segurazo
Not Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Segurazo
Not Deleted C:\ProgramData\Segurazo
Not Deleted C:\Users\usuario\AppData\Roaming\segurazoclient
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Apponic
Deleted HKLM\Software\Wow6432Node\SegurazoAntivirus
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Segurazo
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\SegurazoSvc
Not Deleted HKLM\Software\Segurazo
Not Deleted HKLM\Software\Wow6432Node\Segurazo
***** [ Chromium (and derivatives) ] *****
Deleted Search Manager
Deleted Search Manager
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2223 octets] - [24/11/2018 17:07:12]
AdwCleaner[C00].txt - [2223 octets] - [24/11/2018 17:07:24]
AdwCleaner[S01].txt - [1371 octets] - [24/11/2018 17:09:25]
AdwCleaner[S02].txt - [1432 octets] - [24/11/2018 17:10:14]
AdwCleaner_Debug.log - [23131 octets] - [08/09/2019 20:33:36]
AdwCleaner[S03].txt - [2583 octets] - [08/09/2019 20:47:11]
AdwCleaner[S04].txt - [2515 octets] - [08/09/2019 20:54:35]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ##########~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by usuario (Administrator) on dom. 08/09/2019 at 20:58:15,53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 5
Successfully deleted: C:\ProgramData\mntemp (File)
Successfully deleted: C:\WINDOWS\system32\Tasks\update-S-1-5-21-3915770623-3759347639-1613647934-1001 (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\update-sys (Task)
Successfully deleted: C:\WINDOWS\Tasks\update-S-1-5-21-3915770623-3759347639-1613647934-1001.job (Task)
Successfully deleted: C:\WINDOWS\Tasks\update-sys.job (Task)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on dom. 08/09/2019 at 21:08:38,16
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-09-2019
Ran by usuario (administrator) on DESKTOP-CM2QFMQ (Gigabyte Technology Co., Ltd. AX370-Gaming 3) (08-09-2019 21:09:39)
Running from C:\Users\usuario\Desktop
Loaded Profiles: usuario (Available Profiles: usuario)
Platform: Windows 10 Pro Version 1809 17763.678 (X64) Language: Español (España, internacional)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe
(@ByELDI -> @ByELDI) [File not signed] C:\Program Files\KMSpico\Service_KMS.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0340998.inf_amd64_4e7ad8ec950b7e37\B340755\atiesrxx.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Digital Communications Inc. -> Digital Communications Inc) C:\Program Files (x86)\Segurazo\SegurazoIC.exe
(Digital Communications Inc. -> Digital Communications Inc) C:\Program Files (x86)\Segurazo\SegurazoService.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\NisSrv.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(Nitro PDF Software -> ) C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe
(Nitro PDF Software -> Nitro PDF Software) C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-11-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] (OOO Lightshot -> )
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [555864 2017-11-06] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [402776 2017-11-06] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKU\S-1-5-21-3915770623-3759347639-1613647934-1001\...\Run: [Steam] => D:\Juegos\Steam\steam.exe [3210528 2019-08-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-3915770623-3759347639-1613647934-1001\...\Run: [Discord] => C:\Users\usuario\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3915770623-3759347639-1613647934-1001\...\Run: [com.blitz.app] => C:\Users\usuario\AppData\Local\Blitz\Update.exe [1845320 2019-09-06] (Swift Media Entertainment, Inc. -> GitHub)
HKU\S-1-5-21-3915770623-3759347639-1613647934-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22714912 2019-08-15] (Piriform Software Ltd -> Piriform Ltd)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\Installer\chrmstp.exe [2019-08-26] (Google LLC -> Google LLC)
Startup: C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2019-01-31]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\usuario\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook, Inc. -> Facebook)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02106632-A56B-4F64-8F5E-7CC604112D58} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-03-26] (Advanced Micro Devices, Inc.) [File not signed]
Task: {19602A3C-6345-4BA9-AFF0-4E7E9394D3D6} - System32\Tasks\MSIOSDx64_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe [37536 2017-09-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
Task: {3268519A-9765-4A48-A5FD-23453043DDD0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-16] (Google Inc -> Google Inc.)
Task: {33992D3E-B3FE-4A5E-BD0A-DB9176D7BDB0} - System32\Tasks\MSIOSDx86_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe [38560 2017-09-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
Task: {38D6649B-1263-48CA-80ED-B27339897B08} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367016 2019-08-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {3EE33E31-91C9-4C66-8F3C-4475AE559E8E} - System32\Tasks\GraphicsCardEngine => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngineStarter.exe [232880 2018-09-10] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {3FDF379F-9CB3-4F23-B0A5-D52BAA98C86D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6299288 2019-08-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {4175C74E-EABE-40E5-96CF-B79D73552BE1} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe
Task: {530F4653-B4B2-4AD9-A9FC-01C731AFEEF5} - System32\Tasks\SIV => C:\Program Files (x86)\GIGABYTE\SIV\thermald.exe [714160 2018-05-22] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {55643ACA-1A62-4D42-98C9-E0D3F4D11E46} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6299288 2019-08-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {6244CCE8-AB30-4E40-B8AD-CCC7D042FCAD} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [58760 2019-03-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {62FE0BBE-9721-4A40-ACFA-41FE40FF632B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [156712 2019-08-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {6E670BDA-DFD2-4103-9CEE-F2D4A60627DC} - System32\Tasks\MSIGH_Host => C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe [3352760 2017-11-01] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
Task: {6EE2A2F4-CDF3-4B79-9AAD-91028DD827B9} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-08-15] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {708EA3CD-13FB-4B56-A808-6763F6B9AB54} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-03-26] (Advanced Micro Devices, Inc.) [File not signed]
Task: {7E6E202F-128F-41EF-A146-4AB25801DDDA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [156712 2019-08-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {877F87AE-440F-4132-8E6D-7DCCC0E0E2BA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8B219F46-976C-4FF2-9C95-1654D4013311} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367016 2019-08-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {8E751ED9-59AE-4C98-8827-CD861BBACE15} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-16] (Google Inc -> Google Inc.)
Task: {9E3BD4A2-2BB5-4D2B-B935-4AA49AAFD111} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {A112C79C-DC4F-4715-96DF-61BDC0D46008} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {A756FBFA-BB57-4F26-94A0-A2E5245E7F91} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AA9A7144-DE9F-4D61-A4E4-19DB0B1E0BA6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B018BB6B-6F8F-449A-9334-7CA84BDF696C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2174608 2019-08-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {B8DBA90C-0EF2-4383-A245-C2A58F732785} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {D0C9EC9A-7C4D-4E75-A531-18D6FA64CB18} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16585328 2019-08-15] (Piriform Software Ltd -> Piriform Ltd)
Task: {D9A16A66-B9B2-44E7-BE4B-9F3A42AE0020} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E5AFDF5A-95CA-42B9-BEEA-6956E1760A20} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-CM2QFMQ-usuario => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {F4349945-E2F5-483C-A617-A69CF81B723C} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [745664 2016-01-11] (@ByELDI -> @ByELDI) [File not signed]
Task: {F9F010F7-9D45-4BDA-887C-E72136FD49C4} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2174608 2019-08-29] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\MSISW_Host.job => C:\WINDOWS\SysWOW64\muachost.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 190.157.8.42 190.157.8.33
Tcpip\..\Interfaces\{e0a5d0ca-4717-4483-b3fb-b7ce8ecb8e77}: [DhcpNameServer] 190.157.8.42 190.157.8.33
Internet Explorer:
==================
HKU\S-1-5-21-3915770623-3759347639-1613647934-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://co.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_bjiqs279bdfhjvqgikmoqs1f_19_36_ssg00¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dco%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0EtD0DyDyD0EyE0FyE0A0EtAzz0DzzyDtN0D0Tzu0StBzztDyDtN1L2XzuyEtFyDyDtFtDtFtCtByDtN1L1Czu1BtCtN1L1G1B1V1N2Y1L1Qzu2SyEtAtDyCzytB0FtBtGyDtB0DzytG0D0AtBtDtGtCtAyEtBtG0B0A0B0AyBtByCzy0C0F0AyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1StA1OtByDtC1OtCtG1O1QtByBtGyEyCtA1OtGzy1P1StAtGyCyDtB1RtA1O1TyEtBtCtAtC2QtN0A0LzutBtN1B2Z1V1T1S1NzutBtAtAzzzztN1Q2Z1B1P1RzutCyDyCyBzztByCzytBzy%26cr%3D1569461329%26a%3Dwsg_bjiqs279bdfhjvqgikmoqs1f_19_36_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BEnterprise
SearchScopes: HKU\S-1-5-21-3915770623-3759347639-1613647934-1001 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://co.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_bjiqs279bdfhjvqgikmoqs1f_19_36_ssg00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dco%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0EtD0DyDyD0EyE0FyE0A0EtAzz0DzzyDtN0D0Tzu0StBzztDyDtN1L2XzuyEtFyDyDtFtDtFtCtByDtN1L1Czu1BtCtN1L1G1B1V1N2Y1L1Qzu2SyEtAtDyCzytB0FtBtGyDtB0DzytG0D0AtBtDtGtCtAyEtBtG0B0A0B0AyBtByCzy0C0F0AyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1StA1OtByDtC1OtCtG1O1QtByBtGyEyCtA1OtGzy1P1StAtGyCyDtB1RtA1O1TyEtBtCtAtC2QtN0A0LzutBtN1B2Z1V1T1S1NzutBtAtAzzzztN1Q2Z1B1P1RzutCyDyCyBzztByCzytBzy%26cr%3D1569461329%26a%3Dwsg_bjiqs279bdfhjvqgikmoqs1f_19_36_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BEnterprise&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3915770623-3759347639-1613647934-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://co.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_bjiqs279bdfhjvqgikmoqs1f_19_36_ssg00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dco%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0EtD0DyDyD0EyE0FyE0A0EtAzz0DzzyDtN0D0Tzu0StBzztDyDtN1L2XzuyEtFyDyDtFtDtFtCtByDtN1L1Czu1BtCtN1L1G1B1V1N2Y1L1Qzu2SyEtAtDyCzytB0FtBtGyDtB0DzytG0D0AtBtDtGtCtAyEtBtG0B0A0B0AyBtByCzy0C0F0AyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1StA1OtByDtC1OtCtG1O1QtByBtGyEyCtA1OtGzy1P1StAtGyCyDtB1RtA1O1TyEtBtCtAtC2QtN0A0LzutBtN1B2Z1V1T1S1NzutBtAtAzzzztN1Q2Z1B1P1RzutCyDyCyBzztByCzytBzy%26cr%3D1569461329%26a%3Dwsg_bjiqs279bdfhjvqgikmoqs1f_19_36_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BEnterprise&p={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-11-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-11-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-04-07] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-11-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-11-16] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-08-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-08-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-08-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-08-29] (Microsoft Corporation -> Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-11-06] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-11-06] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-11-06] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-11-06] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-11-06] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-11-06] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-11-06] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-11-06] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-11-06] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-11-06] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-11-06] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-11-06] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-11-06] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-11-06] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-11-06] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-11-06] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2017-11-06] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-04-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> D:\Programas\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> D:\Programas\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> D:\Programas\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-07-31] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.com.co/"
CHR DefaultSearchURL: Default -> hxxp://srchbar.com/?q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default [2019-09-08]
CHR Extension: (Google Drive) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-16]
CHR Extension: (YouTube) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-16]
CHR Extension: (uBlock Origin) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-09-08]
CHR Extension: (Adobe Acrobat) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-08-20]
CHR Extension: (Emojis - Emoji Keyboard) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaoflciahikhligngeccdecgfjngejlh [2019-06-15]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-03]
CHR Extension: (Citrix Workspace) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\haiffjcadagjlijoggckpgfnoeiflnem [2019-09-04]
CHR Extension: (Delete All Messages) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgiidlnejdlfoacoeleopkljhbckmlko [2019-03-31]
CHR Extension: (Search Manager) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [2019-09-08]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-16]
CHR Extension: (Extensión de navegador para Laneros) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\odcfloakhlmignakgflbofpdaiaclijg [2019-07-12]
CHR Extension: (Citrix Receiver) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjifibmneiofdojiaplameloephoakpj [2019-09-04]
CHR Extension: (Gmail) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-19]
CHR Extension: (Chrome Media Router) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-09]
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3915770623-3759347639-1613647934-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3915770623-3759347639-1613647934-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3915770623-3759347639-1613647934-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
"SegurazoIC" => service was unlocked. <==== ATTENTION
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0340998.inf_amd64_4e7ad8ec950b7e37\B340755\atiesrxx.exe [508208 2019-04-03] (Advanced Micro Devices, Inc. -> AMD)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8577760 2019-03-27] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11568224 2019-08-24] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2018-11-26] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [142768 2018-09-12] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 gadjservice; C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe [17920 2015-06-25] () [File not signed]
R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [48824 2017-10-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2021048 2017-11-01] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft)
S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [117680 2018-04-12] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [83616 2017-12-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 NitroDriverReadSpool9; C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe [230920 2014-08-01] (Nitro PDF Software -> Nitro PDF Software)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe [418312 2014-08-01] (Nitro PDF Software -> )
S2 OcButtonService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe [123824 2018-09-10] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 SegurazoIC; C:\Program Files (x86)\Segurazo\SegurazoIC.exe [4473448 2019-08-29] (Digital Communications Inc. -> Digital Communications Inc) <==== ATTENTION
R2 SegurazoSvc; C:\Program Files (x86)\Segurazo\SegurazoService.exe [250984 2019-08-29] (Digital Communications Inc. -> Digital Communications Inc) <==== ATTENTION
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5356848 2019-08-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [745664 2016-01-11] (@ByELDI -> @ByELDI) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11660528 2018-12-07] (TeamViewer GmbH -> TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [34568 2019-04-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [24424 2016-08-12] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [75584 2018-12-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0340998.inf_amd64_4e7ad8ec950b7e37\B340755\atikmdag.sys [52888368 2019-04-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0340998.inf_amd64_4e7ad8ec950b7e37\B340755\atikmpag.sys [590128 2019-04-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [102856 2019-04-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31592 2018-04-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [137496 2018-09-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R2 AMDRyzenMasterDriver; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\AMD\Ryzen\AMDRyzenMasterDriver.sys [70304 2017-11-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [107496 2018-07-17] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2019-08-27] (Malwarebytes Corporation -> Malwarebytes)
R3 gdrv; C:\Windows\gdrv.sys [26792 2019-01-03] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 gdrv2; C:\Windows\gdrv2.sys [32720 2019-01-03] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (Feature Integration Technology -> FINTEK Corp.)
R3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45168 2018-10-05] (Logitech Inc -> Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc -> Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-09-08] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [225944 2019-09-08] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2019-09-08] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-09-08] (Malwarebytes Corporation -> Malwarebytes)R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [116832 2019-09-08] (Malwarebytes Corporation -> Malwarebytes)
S3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2224128 2018-09-15] (Microsoft Windows -> MediaTek Inc.)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-09-19] (Realtek Semiconductor Corp. -> Realtek )
R1 SEGURAZOKD; C:\Program Files (x86)\Segurazo\SegurazoKD.sys [84768 2019-08-29] (Digital Communications Inc. -> Digital Communications Inc)
S3 VBAudio100VMVAIO3MME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmvaio364_win10.sys [71712 2019-02-05] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVACMME; C:\WINDOWS\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVMAUXVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmauxvaio64_win10.sys [71920 2019-02-05] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVMVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmvaio64_win10.sys [71712 2019-02-05] (Vincent Burel -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-07-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344288 2019-07-26] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54496 2019-07-26] (Microsoft Windows -> Microsoft Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [310536 2019-09-06] (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation)
S3 Babongbbing; \??\C:\WINDOWS\system32\Babongbbing.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-09-08 21:09 - 2019-09-08 21:10 - 000040827 _____ C:\Users\usuario\Desktop\FRST.txt
2019-09-08 21:08 - 2019-09-08 21:08 - 000000964 _____ C:\Users\usuario\Desktop\JRT.txt
2019-09-08 20:55 - 2019-09-08 20:55 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-09-08 20:55 - 2019-09-08 20:55 - 000225944 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-09-08 20:55 - 2019-09-08 20:55 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-09-08 20:55 - 2019-09-08 20:55 - 000116832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-09-08 20:55 - 2019-09-08 20:55 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-09-08 20:28 - 2019-09-08 20:28 - 000052680 _____ C:\Users\usuario\Desktop\Informe MB.txt
2019-09-08 20:16 - 2019-09-08 20:16 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-09-08 20:16 - 2019-09-08 20:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-09-08 20:16 - 2019-09-08 20:16 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-09-08 20:16 - 2019-09-08 20:16 - 000000000 ____D C:\Program Files\Malwarebytes
2019-09-08 20:16 - 2019-08-27 05:50 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-09-08 20:16 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-09-08 20:14 - 2019-09-08 20:15 - 000772176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_clr0400.dll
2019-09-08 20:14 - 2019-09-08 20:15 - 000702400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase_clr0400.dll
2019-09-08 20:14 - 2019-09-08 20:15 - 000622832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_clr0400.dll
2019-09-08 20:14 - 2019-09-08 20:15 - 000433448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140_clr0400.dll
2019-09-08 20:14 - 2019-09-08 20:15 - 000087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140_clr0400.dll
2019-09-08 20:14 - 2019-09-08 20:15 - 000083768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140_clr0400.dll
2019-09-08 20:14 - 2019-09-08 20:15 - 000032816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2019-09-08 20:14 - 2019-09-08 20:15 - 000029232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2019-09-08 20:14 - 2019-09-08 20:15 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2019-09-08 20:14 - 2019-09-08 20:15 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2019-09-08 20:12 - 2019-09-08 20:12 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-09-08 20:12 - 2019-09-08 20:12 - 000002892 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-09-08 20:12 - 2019-09-08 20:12 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-09-08 20:12 - 2019-09-08 20:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-09-08 20:12 - 2019-09-08 20:12 - 000000000 ____D C:\Program Files\CCleaner
2019-09-08 18:56 - 2019-09-08 18:56 - 001614848 _____ (Farbar) C:\Users\usuario\Desktop\FRST64.exe
2019-09-08 18:55 - 2019-09-08 18:55 - 001790024 _____ (Malwarebytes) C:\Users\usuario\Desktop\JRT.exe
2019-09-08 18:53 - 2019-09-08 18:53 - 020889016 _____ (Piriform Software Ltd) C:\Users\usuario\Desktop\ccsetup561.exe
2019-09-08 18:53 - 2019-09-08 18:53 - 003126144 _____ (Nicolas Coolman) C:\Users\usuario\Desktop\ZHPCleaner.exe
2019-09-08 18:52 - 2019-09-08 18:52 - 007636680 _____ (Malwarebytes) C:\Users\usuario\Desktop\adwcleaner_7.4.1.exe
2019-09-08 18:51 - 2019-09-08 18:52 - 066395016 _____ (Malwarebytes ) C:\Users\usuario\Desktop\mb3-setup-consumer-3.8.3.2965-1.0.625-1.0.12373.exe
2019-09-07 22:46 - 2019-09-07 22:46 - 000004608 _____ C:\WINDOWS\SECOH-QAD.exe
2019-09-07 22:46 - 2019-09-07 22:46 - 000003584 _____ C:\WINDOWS\SECOH-QAD.dll
2019-09-07 22:12 - 2019-09-07 22:12 - 000000000 ____D C:\WINDOWS\Panther
2019-09-07 21:41 - 2019-09-07 21:41 - 000000000 ____D C:\Users\usuario\Documents\KoeiTecmo
2019-09-07 21:41 - 2019-09-07 21:41 - 000000000 ____D C:\Users\Public\Documents\Steam
2019-09-07 21:16 - 2019-09-07 21:16 - 000000836 _____ C:\Users\Public\Desktop\Attack on Titan 2.lnk
2019-09-07 21:16 - 2019-09-07 21:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Attack on Titan 2
2019-09-06 22:29 - 2019-09-07 16:39 - 000000000 ____D C:\Users\usuario\AppData\Local\chromium
2019-09-06 22:29 - 2019-09-06 22:30 - 000000000 ____D C:\Users\usuario\AppData\Local\{D32FE573-F787-89CB-9A1F-AC23BE7750BB}
2019-09-06 22:29 - 2019-09-06 22:29 - 000000000 ____D C:\Users\usuario\AppData\Roaming\NoxSrv
2019-09-06 22:28 - 2019-09-08 20:58 - 000000000 ____D C:\Program Files (x86)\Segurazo
2019-09-06 22:28 - 2019-09-06 22:30 - 000000000 ____D C:\ProgramData\ezdii
2019-09-06 22:28 - 2019-09-06 22:29 - 000000000 ____D C:\Users\usuario\.BigNox
2019-09-06 22:28 - 2019-09-06 22:28 - 000000000 ____D C:\Users\usuario\AppData\Roaming\segurazoclient
2019-09-06 22:28 - 2019-09-06 22:28 - 000000000 ____D C:\ProgramData\Segurazo
2019-09-06 22:28 - 2019-09-06 22:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Segurazo
2019-09-06 22:28 - 2019-09-06 22:28 - 000000000 ____D C:\Program Files (x86)\Bignox
2019-09-04 22:50 - 2019-09-04 22:50 - 000001506 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix Receiver.lnk
2019-09-04 22:50 - 2019-09-04 22:50 - 000000000 ____D C:\Program Files (x86)\Citrix
2019-09-04 22:14 - 2019-09-04 22:16 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
2019-09-04 21:26 - 2019-09-08 15:10 - 000000000 ____D C:\Users\usuario\AppData\Local\Citrix
2019-09-04 21:26 - 2019-09-04 22:50 - 000000000 ____D C:\ProgramData\Citrix
2019-09-04 21:26 - 2019-09-04 21:26 - 000000000 ____D C:\Users\usuario\AppData\Roaming\ICAClient
2019-08-31 16:10 - 2019-08-31 16:10 - 000000000 ____D C:\Users\usuario\AppData\LocalLow\Konami Digital Entertainment Co., Ltd_
2019-08-31 15:53 - 2019-08-31 15:53 - 000000209 _____ C:\Users\usuario\Desktop\Yu-Gi-Oh! Duel Links.url
2019-08-29 13:04 - 2019-08-29 13:04 - 000002538 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Empresarial 2016.lnk
2019-08-29 13:04 - 2019-08-29 13:04 - 000002489 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2019-08-29 13:04 - 2019-08-29 13:04 - 000002470 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2019-08-29 13:04 - 2019-08-29 13:04 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2019-08-29 13:04 - 2019-08-29 13:04 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2019-08-29 13:04 - 2019-08-29 13:04 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2019-08-29 13:04 - 2019-08-29 13:04 - 000002397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2019-08-29 13:04 - 2019-08-29 13:04 - 000002390 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive para la Empresa.lnk
2019-08-29 13:04 - 2019-08-29 13:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office 2016
2019-08-28 23:35 - 2019-08-28 23:35 - 000000000 ___HD C:\$WINDOWS.~BT
2019-08-18 20:26 - 2019-08-18 20:26 - 000000000 ____D C:\Users\usuario\AppData\Local\log
2019-08-18 20:25 - 2019-09-08 20:58 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Blitz
2019-08-18 20:25 - 2019-09-07 17:57 - 000000000 ____D C:\Users\usuario\AppData\Local\Blitz
2019-08-18 20:25 - 2019-09-06 13:28 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Blitz-helpers
2019-08-18 20:25 - 2019-09-06 13:27 - 000002235 _____ C:\Users\usuario\Desktop\Blitz.lnk
2019-08-18 20:25 - 2019-09-06 13:27 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blitz Inc
2019-08-13 13:03 - 2019-08-13 13:03 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2019-08-13 13:02 - 2019-08-13 13:03 - 011724288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 026808320 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 023453696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 022114960 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 020816896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 019011584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 012939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 012244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 009941504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 009682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 008900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 007921664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 007884288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 007871488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 007687784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 006925312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 006544552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 006441472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 006308016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 006065152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 005587968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 005570968 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 004737536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 004628992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 004351656 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 004344832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 004056576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 003978240 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 003818632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 003656704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 003635200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-08-13 13:02 - 2019-08-13 13:02 - 003614720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 003567104 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 003385856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 003363856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-08-13 13:02 - 2019-08-13 13:02 - 003335224 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 003333632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 002999808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 002942976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 002926096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-08-13 13:02 - 2019-08-13 13:02 - 002842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 002778760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 002767160 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 002706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-08-13 13:02 - 2019-08-13 13:02 - 002700792 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 002593544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 002438576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 002421760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-08-13 13:02 - 2019-08-13 13:02 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 002323688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 002298880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 002278792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 002177336 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-08-13 13:02 - 2019-08-13 13:02 - 002073232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 002031104 _____ C:\WINDOWS\system32\rdpnano.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 002022096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 002017792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-08-13 13:02 - 2019-08-13 13:02 - 001966904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-08-13 13:02 - 2019-08-13 13:02 - 001892864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001733120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001715712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001715000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001701880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-08-13 13:02 - 2019-08-13 13:02 - 001674752 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001668752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001662264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001641400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001483872 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001479184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001477432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001472568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 001466880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001465984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001391096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 001344960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-08-13 13:02 - 2019-08-13 13:02 - 001321784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001294488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001278808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 001267712 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001260560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-08-13 13:02 - 2019-08-13 13:02 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 001232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-08-13 13:02 - 2019-08-13 13:02 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001222160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001221528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 001205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001182240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 001180464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 001048376 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 001038336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001020416 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 001004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000993792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000895792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000864568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000850976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000831288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 000816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-08-13 13:02 - 2019-08-13 13:02 - 000806024 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 000799784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000794040 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000788480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000783184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000764416 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000763392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000758688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 000743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000732168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-08-13 13:02 - 2019-08-13 13:02 - 000730112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000678680 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000658944 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000652088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-08-13 13:02 - 2019-08-13 13:02 - 000649528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000603280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000586256 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000580024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 000553784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000535056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-08-13 13:02 - 2019-08-13 13:02 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000522104 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000515440 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000508968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000482104 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000449576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2019-08-13 13:02 - 2019-08-13 13:02 - 000444728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2PGraph.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 000398928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000396088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000383504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-08-13 13:02 - 2019-08-13 13:02 - 000378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000375752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingDiagSpp.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2PGraph.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingDiagSpp.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000317952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000317240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-08-13 13:02 - 2019-08-13 13:02 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000310072 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000294512 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000278624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000262336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000253256 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000248120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2019-08-13 13:02 - 2019-08-13 13:02 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000230848 _____ (Microsoft Corporation) C:\WINDOWS\system32\xmllite.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-08-13 13:02 - 2019-08-13 13:02 - 000212792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2pnetsh.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000203064 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-08-13 13:02 - 2019-08-13 13:02 - 000200504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000193040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 000189712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsutil.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-08-13 13:02 - 2019-08-13 13:02 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\p2pnetsh.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000173216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xmllite.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-08-13 13:02 - 2019-08-13 13:02 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000152576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000152576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000152080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fsutil.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000141736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2019-08-13 13:02 - 2019-08-13 13:02 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000125016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000121656 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000118480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pmem.sys
2019-08-13 13:02 - 2019-08-13 13:02 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2019-08-13 13:02 - 2019-08-13 13:02 - 000114128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-08-13 13:02 - 2019-08-13 13:02 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000092832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-08-13 13:02 - 2019-08-13 13:02 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-08-13 13:02 - 2019-08-13 13:02 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiskSnapshot.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000087056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2019-08-13 13:02 - 2019-08-13 13:02 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Groupinghc.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2019-08-13 13:02 - 2019-08-13 13:02 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000058882 _____ C:\WINDOWS\system32\srms.dat
2019-08-13 13:02 - 2019-08-13 13:02 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2019-08-13 13:02 - 2019-08-13 13:02 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000032784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys
2019-08-13 13:02 - 2019-08-13 13:02 - 000032568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2019-08-13 13:02 - 2019-08-13 13:02 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdcpw.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\shunimpl.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shunimpl.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-08-13 13:02 - 2019-08-13 13:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-08-13 13:02 - 2019-08-13 13:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-08-13 13:02 - 2019-08-13 13:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-08-13 13:02 - 2019-08-13 13:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-08-13 13:02 - 2019-08-13 13:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-08-13 13:02 - 2019-08-13 13:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-08-13 13:02 - 2019-08-13 13:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-08-13 13:02 - 2019-08-13 13:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-09-08 21:09 - 2018-11-24 18:05 - 000000000 ____D C:\FRST
2019-09-08 21:09 - 2018-09-15 02:31 - 000000000 ____D C:\WINDOWS\INF
2019-09-08 21:05 - 2018-11-16 21:02 - 000000000 ____D C:\Users\usuario\AppData\Local\D3DSCache
2019-09-08 21:04 - 2019-02-20 03:03 - 001773362 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-09-08 21:04 - 2018-09-15 11:37 - 000788392 _____ C:\WINDOWS\system32\perfh00A.dat
2019-09-08 21:04 - 2018-09-15 11:37 - 000155682 _____ C:\WINDOWS\system32\perfc00A.dat
2019-09-08 20:55 - 2019-03-21 17:06 - 000003116 _____ C:\WINDOWS\System32\Tasks\AMDLinkUpdate
2019-09-08 20:55 - 2019-02-20 02:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-09-08 20:55 - 2018-12-22 00:13 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-09-08 20:55 - 2018-09-15 02:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-09-08 20:54 - 2018-11-16 20:17 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-09-08 20:54 - 2018-09-15 01:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-09-08 20:22 - 2019-02-20 02:54 - 004551696 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-09-08 20:21 - 2019-02-20 02:55 - 000000000 ____D C:\Users\usuario
2019-09-08 20:16 - 2018-09-15 02:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-09-08 20:16 - 2018-09-15 02:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-09-08 20:14 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-09-08 20:13 - 2019-05-18 15:40 - 000000000 ____D C:\WINDOWS\Minidump
2019-09-08 20:13 - 2018-12-06 02:00 - 000000000 ____D C:\Users\usuario\AppData\Roaming\TeamViewer
2019-09-08 20:13 - 2018-11-22 09:56 - 000000000 ____D C:\Users\usuario\AppData\Roaming\uTorrent
2019-09-08 20:11 - 2019-02-20 02:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-09-08 19:50 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-09-08 14:58 - 2019-02-20 02:59 - 000004224 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8B1A19B7-BD62-4F9B-B472-C8503041A1CF}
2019-09-06 22:29 - 2019-01-08 17:36 - 000000000 ____D C:\Users\usuario\vmlogs
2019-09-06 22:29 - 2019-01-08 17:34 - 000000000 ____D C:\Users\usuario\AppData\Local\Nox
2019-09-06 22:28 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\Registration
2019-09-06 21:21 - 2019-01-08 17:38 - 000000298 _____ C:\Users\usuario\d4ac4633ebd6440fa397b84f1bc94a3c.7z
2019-09-06 21:19 - 2019-01-08 17:37 - 000000071 _____ C:\Users\usuario\AppData\Local\update_progress.txt
2019-09-06 20:58 - 2019-01-08 17:36 - 000000000 ____D C:\Users\usuario\.android
2019-09-06 19:33 - 2019-01-18 23:41 - 000000000 ____D C:\Users\usuario\AppData\Roaming\obs-studio
2019-09-06 13:10 - 2018-09-15 02:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-09-05 13:41 - 2019-02-20 02:59 - 000003384 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3915770623-3759347639-1613647934-1001
2019-09-05 13:41 - 2019-02-20 02:55 - 000002407 _____ C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-09-05 13:41 - 2018-11-16 19:37 - 000000000 ___RD C:\Users\usuario\OneDrive
2019-09-04 21:26 - 2018-11-16 20:17 - 000000000 ____D C:\ProgramData\Package Cache
2019-09-04 21:26 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\ServiceState
2019-09-01 11:01 - 2018-11-16 19:35 - 000000000 ____D C:\Users\usuario\AppData\Local\ConnectedDevicesPlatform
2019-08-31 16:14 - 2018-11-16 19:52 - 000000000 ____D C:\Users\usuario\AppData\Local\Comms
2019-08-31 15:53 - 2018-11-16 22:40 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-08-29 13:04 - 2019-04-26 18:22 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-08-29 13:04 - 2018-09-15 02:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-08-29 13:03 - 2018-11-16 21:12 - 000000000 ____D C:\Program Files\Microsoft Office
2019-08-28 19:06 - 2019-08-02 17:44 - 000212992 _____ C:\WINDOWS\system32\ClickToRun_Pipeline16
2019-08-26 18:02 - 2018-11-24 16:37 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-23 17:20 - 2019-06-05 07:01 - 000000000 ____D C:\Users\usuario\AppData\Local\BitTorrentHelper
2019-08-23 17:20 - 2019-06-04 20:59 - 000000000 ____D C:\Users\usuario\AppData\LocalLow\uTorrent
2019-08-23 15:32 - 2018-11-16 21:05 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-08-19 03:03 - 2019-06-24 18:15 - 000000000 ____D C:\Users\usuario\AppData\Local\Warframe
2019-08-19 00:44 - 2018-11-17 00:59 - 000000000 ____D C:\Users\usuario\AppData\Roaming\discord
2019-08-18 20:25 - 2018-11-17 00:59 - 000000000 ____D C:\Users\usuario\AppData\Local\SquirrelTemp
2019-08-13 17:22 - 2019-02-20 02:59 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-08-13 16:08 - 2018-11-16 19:35 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-08-13 16:08 - 2018-11-16 19:35 - 000000000 ___RD C:\Users\usuario\3D Objects
2019-08-13 13:47 - 2018-09-15 11:40 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-08-13 13:47 - 2018-09-15 02:33 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-08-13 13:47 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-08-13 13:47 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-08-13 13:47 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\Provisioning
2019-08-13 13:47 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-08-13 13:47 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-08-13 13:06 - 2018-11-17 00:03 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-08-13 13:03 - 2018-11-17 00:03 - 134272480 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories ================
2018-04-11 18:34 - 2018-04-11 18:34 - 000060416 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\hAwYUAXJE.exe
2018-04-11 18:34 - 2018-04-11 18:34 - 000060416 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\KIIa.exe
2019-02-05 01:32 - 2019-02-11 10:43 - 000034174 _____ () C:\Users\usuario\AppData\Roaming\VoiceMeeterBananaDefault.xml
2019-02-05 02:27 - 2019-02-05 02:27 - 000059738 _____ () C:\Users\usuario\AppData\Roaming\VoiceMeeterPotatoDefault.xml
2019-02-05 17:11 - 2019-02-05 21:55 - 000001456 _____ () C:\Users\usuario\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2018-11-22 16:49 - 2018-11-22 16:49 - 006161408 _____ () C:\Users\usuario\AppData\Local\dump007.dat
2018-11-22 16:45 - 2018-11-22 16:45 - 000000002 _____ () C:\Users\usuario\AppData\Local\imw.ini
2018-11-19 15:04 - 2018-11-19 15:04 - 000000000 _____ () C:\Users\usuario\AppData\Local\oobelibMkey.log
2018-12-26 16:34 - 2018-12-26 16:34 - 000007605 _____ () C:\Users\usuario\AppData\Local\Resmon.ResmonCfg
2019-01-19 00:37 - 2019-01-19 00:37 - 000000003 _____ () C:\Users\usuario\AppData\Local\updater.log
2019-01-08 17:37 - 2019-09-06 21:19 - 000000071 _____ () C:\Users\usuario\AppData\Local\update_progress.txt
2019-01-19 00:37 - 2019-01-19 00:37 - 000000425 _____ () C:\Users\usuario\AppData\Local\UserProducts.xml
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-09-2019
Ran by usuario (08-09-2019 21:11:07)
Running from C:\Users\usuario\Desktop
Windows 10 Pro Version 1809 17763.678 (X64) (2019-02-20 07:59:28)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-3915770623-3759347639-1613647934-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3915770623-3759347639-1613647934-503 - Limited - Disabled)
Invitado (S-1-5-21-3915770623-3759347639-1613647934-501 - Limited - Disabled)
usuario (S-1-5-21-3915770623-3759347639-1613647934-1001 - Administrator - Enabled) => C:\Users\usuario
WDAGUtilityAccount (S-1-5-21-3915770623-3759347639-1613647934-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3915770623-3759347639-1613647934-1001\...\uTorrent) (Version: 3.5.5.45291 - BitTorrent Inc.)
4K Video Downloader 4.4 (HKLM\...\{62C59C21-F5F5-41A1-B575-DE37FEAA285B}) (Version: 4.4.11.2412 - Open Media LLC)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 31.0.0.96 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2019 (HKLM-x32\...\AME_13_0_1) (Version: 13.0.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0) (Version: 20.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2019 (HKLM-x32\...\PPRO_13_0_1) (Version: 13.0.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.4.1 - Advanced Micro Devices, Inc.)
APP Center (HKLM-x32\...\{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.18.1030.1 - GIGABYTE) Hidden
APP Center (HKLM-x32\...\InstallShield_{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.18.1030.1 - GIGABYTE)
Attack on Titan 2 MULTi8 - ElAmigos versión 05.07.2019 (HKLM-x32\...\{9CC878A0-9BA0-48D9-91E2-839B2229FE0E}_is1) (Version: 05.07.2019 - Koei Tecmo)
Blitz (HKU\S-1-5-21-3915770623-3759347639-1613647934-1001\...\Blitz) (Version: 1.2.12 - Blitz Inc.)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
Cheat Engine 6.8.1 (HKLM-x32\...\Cheat Engine 6.8.1_is1) (Version: - Cheat Engine)
Citrix Receiver 4.9 LTSR (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.9.1000.17 - Citrix Systems, Inc.)
Corel Graphics - Windows Shell Extension (HKLM\...\_{39AB9389-ABC5-4603-AFB6-071BB35225E4}) (Version: 21.0.0.581 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{39AB9389-ABC5-4603-AFB6-071BB35225E4}) (Version: 21.0.581 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{95555783-E5F3-40B2-99C7-7345C39EFF76}) (Version: 21.0.581 - Corel Corporation) Hidden
Corel Update Manager (HKLM\...\{2945B729-98C9-4A18-A24E-AD5D84BB9A8E}) (Version: 2.10.442 - Corel corporation) Hidden
CorelDRAW Graphics Suite 2019 - BR (x64) (HKLM\...\{2FE926AD-01D6-4A84-BFB0-BE6ACF5CF6C6}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - Capture (x64) (HKLM\...\{3834C5F6-5079-4C23-B8B1-F0884A02690F}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - Common (x64) (HKLM\...\{E26C03B7-3DCF-46FD-9432-B8DAB1C34AEF}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - Connect (x64) (HKLM\...\{B850B42F-249D-4C94-8536-B08205EB5C77}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - Custom Data (x64) (HKLM\...\{FD08312C-7147-4417-9C0A-DE3C45DB56B5}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - DE (x64) (HKLM\...\{1675BBEB-CD1D-443E-A8E1-DFCDF2C5B401}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - Draw (x64) (HKLM\...\{0A15F4D7-3B53-45C1-BB67-23F27FF8B75B}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - EN (x64) (HKLM\...\{43EBAA78-1F47-4627-8F0D-5DA8630B4056}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - ES (x64) (HKLM\...\{504E61BD-1A7A-4629-89FB-960E2D15F072}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - Filters (x64) (HKLM\...\{DB0939C5-03D1-474D-8F60-2EFEE40EA114}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - Font Manager (x64) (HKLM\...\{CEE73B7E-2900-4C8B-BEF8-8E6B05C7703C}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - FR (x64) (HKLM\...\{959BF271-7FEC-4C97-B20B-1E54B8EC807B}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - IPM (x64) (HKLM\...\{A3BA4B57-A263-476E-B787-B5267F35201F}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - IPM Content BR (x64) (HKLM\...\{F3F8F532-0F11-49C7-8D49-967F4581C30A}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - IPM Content DE (x64) (HKLM\...\{DD666FC6-8807-45EA-B769-56475447DF80}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - IPM Content EN (x64) (HKLM\...\{E5A6F812-B03B-4054-BDC9-E92B1BC6B052}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - IPM Content ES (x64) (HKLM\...\{1F8D0F23-5574-4A2A-B580-CCCBD2F5FCDA}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - IPM Content FR (x64) (HKLM\...\{E1CB786C-4E64-48C0-8EC3-A7E7265FD42E}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - IPM Content IT (x64) (HKLM\...\{935C5EA6-B78E-4AE0-A72B-3FB5C0DA9487}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - IPM Content NL (x64) (HKLM\...\{9AD4C3CA-5968-44E0-B0B0-443A378FA67D}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - IT (x64) (HKLM\...\{23AAF608-B935-43F6-A1DE-876FDCD433DF}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - NL (x64) (HKLM\...\{9800FB54-97EF-4444-B636-184891F7CF45}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - PHOTO-PAINT (x64) (HKLM\...\{E1DB8CE4-D01D-48AF-B0C3-189B9000756C}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - Setup Files (x64) (HKLM\...\{E82C45F0-2C79-47A5-B90B-C514724B1C48}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - VBA (x64) (HKLM\...\{E633140C-B07F-4EF6-8316-BEA221E359EF}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - Workspaces (x64) (HKLM\...\{CBF86165-DBBB-4DA7-9070-3AFC86EA4745}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - Writing Tools (x64) (HKLM\...\{F37A71D2-9B69-45E5-B6B1-DE9D98C197FC}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 (64-Bit) (HKLM\...\_{E82C45F0-2C79-47A5-B90B-C514724B1C48}) (Version: 21.0.0.593 - Corel Corporation)
CorelDRAW Graphics Suite 2019 (HKLM\...\{DC01BBC9-8212-45F7-A89B-FBDD4BC2B6B7}) (Version: 21.0 - Corel Corporation) Hidden
CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.)
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.11 - Bloodshed Software)
Discord (HKU\S-1-5-21-3915770623-3759347639-1613647934-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Dishonored 2 (HKLM-x32\...\Dishonored 2_is1) (Version: - )
EasyTuneEngineService (HKLM-x32\...\{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.18.0913.1 - GIGABYTE) Hidden
EasyTuneEngineService (HKLM-x32\...\InstallShield_{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.18.0913.1 - GIGABYTE)
Epic Games Launcher (HKLM-x32\...\{9B504F12-DA3B-4CEC-A6FD-B07D6C1FEA26}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Facebook Gameroom 1.21.6907.27509 (HKLM-x32\...\{E34773A0-158F-4322-8849-2C13BBCD6C68}) (Version: 1.21.6907.27509 - Facebook)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM\...\{AA1B5CB3-7646-3858-A35C-158DB3846A9F}) (Version: 76.0.3809.132 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
GService (HKLM-x32\...\{D9CB4282-7B2A-4840-AD1D-9DA72B973DD9}) (Version: 1.16.1202.1 - GIGABYTE)
Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.1.36 - Riot Games, Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Java 8 Update 191 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
K-Lite Codec Pack 14.5.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.5.5 - KLCP)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains)
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Office Profesional Plus 2016 - es-es (HKLM\...\ProPlusRetail - es-es) (Version: 16.0.11929.20254 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3915770623-3759347639-1613647934-1001\...\OneDriveSetup.exe) (Version: 19.152.0801.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3994d355-238a-4612-af93-26d13deddef1}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27012 (HKLM-x32\...\{67f67547-9693-4937-aa13-56e296bd40f6}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{5a7dc0ad-cdb2-43b5-8b82-f81065fe6092}) (Version: 15.0.26717 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{449EFED6-5F86-4428-8EB2-3DA1F6E67CE4}) (Version: 1.20.146.0 - Microsoft)
MSI Afterburner 4.6.0 Beta 9 (HKLM-x32\...\Afterburner) (Version: 4.6.0 Beta 9 - MSI Co., LTD)
MSI DragonEye (HKLM\...\{7116875E-F251-4C33-AB3F-37DE05B15595}_is1) (Version: 0.0.2.6 - MSI)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 6.2.0.49 - MSI)
Mu Colombia (HKLM-x32\...\Mu Colombia ) (Version: - )
Nitro Pro 9 (HKLM\...\{552C86A4-E3F6-4C01-8079-D66E92CF334B}) (Version: 9.5.3.8 - Nitro)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.6 - Notepad++ Team)
Nox APP Player (HKLM-x32\...\Nox) (Version: 6.3.0.7 - Duodian Technology Co. Ltd.)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project)
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20254 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20254 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.11929.20254 - Microsoft Corporation) Hidden
Online Plug-in (HKLM-x32\...\{D7CBCEA9-627F-48B9-AF97-1343926DB458}) (Version: 14.9.1000.17 - Citrix Systems, Inc.) Hidden
osu! (HKLM-x32\...\{37c552c5-327c-4069-bd37-c34ae51a981b}) (Version: latest - ppy Pty Ltd)
PBE (HKLM-x32\...\PBE 1.0) (Version: 1.0 - Riot Games, Inc)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8302 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 7.2.0 Beta 5 (HKLM-x32\...\RTSS) (Version: 7.2.0 Beta 5 - Unwinder)
Self-service Plug-in (HKLM-x32\...\{7DA15361-781B-4FD5-B22E-568F5BB7669A}) (Version: 4.9.1000.14 - Citrix Systems, Inc.) Hidden
SIV (HKLM-x32\...\{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.18.0522.1 - GIGABYTE) Hidden
SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.18.0522.1 - GIGABYTE)
Streamlabs OBS 0.11.8 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.11.8 - General Workings, Inc.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.3399 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation)
USB Disk Security (HKLM-x32\...\USB Disk Security_is1) (Version: - Zbshareware Lab)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version: - VB-Audio Software)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Warframe (HKLM-x32\...\{A8F428B7-E4E4-4BE4-8EDD-806FEDA9D6BC}) (Version: 1.0.0 - Digital Extremes)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
XSplit Broadcaster (HKLM-x32\...\{306BF455-B199-433A-9217-7E80CE1B7683}) (Version: 2.8.1607.1944 - SplitmediaLabs)
Packages:
=========
ACG Player -> C:\Program Files\WindowsApps\41038AXILESOFT.ACGMEDIAPLAYER_1.15.17502.0_x64__wxjjre7dryqb6 [2019-04-25] (Axilesoft) [MS Ad]
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation) [MS Ad]
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.2058.0_x64__rz1tebttyb220 [2019-09-04] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2018-11-16] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x64__8wekyb3d8bbwe [2019-08-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-08-30] (Microsoft Studios) [MS Ad]
MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
MSN Dinero -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.9.0_x64__nfy108tqq3p12 [2018-11-16] (Thumbmunkeys Ltd) [MS Ad]
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2018-11-16] (Plex)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3915770623-3759347639-1613647934-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3915770623-3759347639-1613647934-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3915770623-3759347639-1613647934-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3915770623-3759347639-1613647934-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3915770623-3759347639-1613647934-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3915770623-3759347639-1613647934-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3915770623-3759347639-1613647934-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-584F653B76A1} -> [Creative Cloud Files] => C:\Users\usuario\Creative Cloud Files [2018-12-03 19:18]
CustomCLSID: HKU\S-1-5-21-3915770623-3759347639-1613647934-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-11-12] (Notepad++ -> )
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Nitro\Pro 9\NPShellExtension.dll [2014-08-01] (Nitro PDF Software -> Nitro PDF)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-03-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Citrix Receiver.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=pjifibmneiofdojiaplameloephoakpj
ShortcutWithArgument: C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Citrix Workspace.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=haiffjcadagjlijoggckpgfnoeiflnem
==================== Loaded Modules (Whitelisted) ==============
2017-12-01 13:43 - 2017-12-01 13:43 - 000141824 _____ () [File not signed] C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\ycc.dll
2019-03-26 23:40 - 2019-03-26 23:40 - 000256512 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\WirelessVR-windesktop64.dll
2018-11-16 20:58 - 2015-06-23 16:41 - 000082432 _____ (Fintek) [File not signed] C:\Program Files (x86)\MSI\Gaming APP\Lib\FintekUSBDll.dll
2018-04-20 18:45 - 2018-04-20 18:45 - 000080896 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [File not signed] C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\yccV2.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [474]
AlternateDataStreams: C:\Users\usuario\Datos de programa:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\usuario\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-11 18:38 - 2018-11-25 00:44 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3915770623-3759347639-1613647934-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\usuario\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\Screenshot_2.png
DNS Servers: 190.157.8.42 - 190.157.8.33
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Redirector"
HKLM\...\StartupApproved\Run32: => "ConnectionCenter"
HKU\S-1-5-21-3915770623-3759347639-1613647934-1001\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk"
HKU\S-1-5-21-3915770623-3759347639-1613647934-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3915770623-3759347639-1613647934-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3915770623-3759347639-1613647934-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B4B85F69-BED4-48CC-BC92-25F9D70F9B42}] => (Allow) LPort=9009
FirewallRules: [{84A3A0D4-1789-40B5-94E9-070F7A8A63B4}] => (Allow) LPort=9009
FirewallRules: [{AE619D0B-971C-40EA-B3EF-8E7171823932}] => (Allow) LPort=9009
FirewallRules: [{69F3A1C7-9E7D-4101-8CAE-7E7F7F5A596E}] => (Allow) LPort=9009
FirewallRules: [{8BFFC744-B95D-499C-8E1A-30A96DB36FC4}] => (Allow) LPort=9009
FirewallRules: [{6F6FD1BB-839B-4C3A-956B-7D09337544C3}] => (Allow) LPort=9009
FirewallRules: [{22CBDE22-7EF4-41A1-9ACD-B82083C6AFF4}] => (Allow) LPort=9009
FirewallRules: [{9A1DAF97-FD95-4509-9514-375E0DC411E7}] => (Allow) LPort=9009
FirewallRules: [{5B89AC66-5CC4-4D41-B79B-AFA32C98BF74}] => (Allow) LPort=9009
FirewallRules: [{63F3C03D-AA1A-4963-9652-2BFB63ADDA75}] => (Allow) LPort=9009
FirewallRules: [{46856767-BFA3-46BB-83F7-D69756803D78}] => (Allow) LPort=9009
FirewallRules: [{95D7A05B-F73C-4D5F-A5DE-D33221E912FE}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{06BE85AE-3A91-4D96-BA92-69CF10BF8768}D:\programas\vlc\vlc.exe] => (Allow) D:\programas\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{5A2513B1-FA9D-46DD-B8A0-8D09EEFA2C2C}D:\programas\vlc\vlc.exe] => (Allow) D:\programas\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{341C6FA9-96F7-4B9E-BF68-441FF8253698}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{83C0FCCE-ADA9-456C-A254-240BCF59ADE1}D:\wii usb helper\patched.exe] => (Allow) D:\wii usb helper\patched.exe (Hikari06) [File not signed]
FirewallRules: [TCP Query User{878FA99F-E841-46F8-AECC-78121380AE37}D:\wii usb helper\patched.exe] => (Allow) D:\wii usb helper\patched.exe (Hikari06) [File not signed]
FirewallRules: [UDP Query User{7B9E8C08-414F-4C8C-97E5-F75B471E8B3E}D:\wii usb helper\usbhelperlauncher.exe] => (Allow) D:\wii usb helper\usbhelperlauncher.exe () [File not signed]
FirewallRules: [TCP Query User{576928C7-9B38-4164-BBE1-AD8B5DCC8DA4}D:\wii usb helper\usbhelperlauncher.exe] => (Allow) D:\wii usb helper\usbhelperlauncher.exe () [File not signed]
FirewallRules: [{FA7B7AE0-E4D6-4804-BE68-FE49D1178CA1}] => (Allow) LPort=9009
FirewallRules: [{754E647A-E33F-4F61-80D9-D9BA9AE7F94E}] => (Allow) LPort=9009
FirewallRules: [{F381B2F2-2A8B-45EF-8F0A-0A84CFE1A0C3}] => (Allow) LPort=9009
FirewallRules: [{F77A61EC-0811-4761-8783-377D3CE90EF5}] => (Allow) LPort=9009
FirewallRules: [{EC87204C-08AF-4F56-8FB6-49454F666AA1}] => (Allow) LPort=9009
FirewallRules: [{0CAB4648-702A-4814-AB8D-6CDF58BBD877}] => (Allow) LPort=9009
FirewallRules: [{A732C4D4-97FB-4E00-B86E-1BC4FFF0F72B}] => (Allow) LPort=9009
FirewallRules: [{426D22B1-FA8C-484E-AFB6-4E14FD36C449}] => (Allow) LPort=9009
FirewallRules: [{36B8C8FD-6CD4-4F47-A0BF-96B657C57136}] => (Allow) D:\Juegos\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8FF5C7B8-EA8A-4012-8538-907E6180BBAF}] => (Allow) D:\Juegos\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AFACE379-4A10-45D4-A0F5-B177D85B98B5}] => (Allow) D:\Juegos\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe (Microsoft Corporation -> Ensemble Studios)
FirewallRules: [{37CDBEC5-9EEB-49C6-AC9F-173E849A81DC}] => (Allow) D:\Juegos\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe (Microsoft Corporation -> Ensemble Studios)
FirewallRules: [{596B1B5A-50B2-4A6E-A54E-A773BAFB64B1}] => (Allow) D:\Juegos\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe (Microsoft Corporation -> Ensemble Studios)
FirewallRules: [{7755DE15-6907-4364-80EE-7B868F013F08}] => (Allow) D:\Juegos\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe (Microsoft Corporation -> Ensemble Studios)
FirewallRules: [UDP Query User{49EDF786-EC5A-44A0-8C4E-4C934559BD26}D:\juegos\the.wild.eight.v0.10.159-pivigames.blog\wildeight.exe] => (Allow) D:\juegos\the.wild.eight.v0.10.159-pivigames.blog\wildeight.exe () [File not signed]
FirewallRules: [TCP Query User{A3F0706A-8E38-4BFB-A3FC-C4C9DE790BC6}D:\juegos\the.wild.eight.v0.10.159-pivigames.blog\wildeight.exe] => (Allow) D:\juegos\the.wild.eight.v0.10.159-pivigames.blog\wildeight.exe () [File not signed]
FirewallRules: [{7240203C-82B4-4C8F-B05D-7D50E79EA1C8}] => (Allow) LPort=9009
FirewallRules: [{7D25AAA4-0BDB-4F71-8D3C-65E121D04079}] => (Allow) LPort=9009
FirewallRules: [{E1C253F7-748C-4CF9-99A6-F5024E5E58B4}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{0B0B2255-BBB0-4EDA-976B-2D4B1A5B24FF}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{2C68989B-2075-40AC-AF87-ED2B4C4DA073}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{12FB7505-DB29-40E0-BBD5-093D6045FDC2}] => (Allow) LPort=9009
FirewallRules: [{4D2FBD42-3173-439B-A927-BCED23007DC0}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{F24EE46A-0472-4C59-8B53-3B9309BA4E55}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{6B87A688-B40A-4C4C-8749-39C96CE1C4B0}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{4D62F9B8-4E0F-4BAB-AC6F-0AD943EE51FB}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [UDP Query User{B80B1D2F-32AE-48DD-87DC-3EDA7FBAFEBA}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{708E6C68-F6D6-4963-939F-73C907BA32FC}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{222F95A2-EAE5-42A3-B0B3-73128BA67DB1}] => (Allow) D:\Juegos\Steam\steamapps\common\Portal\hl2.exe (Valve -> )
FirewallRules: [{F7DF8759-36E1-46A3-B2D6-9D193B9490C4}] => (Allow) D:\Juegos\Steam\steamapps\common\Portal\hl2.exe (Valve -> )
FirewallRules: [{8E8591EA-3528-4B5A-95C4-38532057999C}] => (Allow) D:\Juegos\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{D549D0D2-5E2A-49DB-8D89-C06435E38311}] => (Allow) D:\Juegos\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{24A5D010-971B-4E6B-8F14-38BA26871D49}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{FF6A596E-E979-4B54-B0A9-B926325F3A93}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{6966ACAB-BC4D-4C4A-A5F0-4FBE21D18A05}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{11E5042F-6054-4553-AF56-4A5AB262BC4B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{59FCB41F-B718-4375-BE9C-0C3420D2F193}] => (Allow) D:\Juegos\Steam\steamapps\common\Ring of Elysium\SLauncher.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{3F1D657D-49B9-4E88-BC19-335BDACA98B7}] => (Allow) D:\Juegos\Steam\steamapps\common\Ring of Elysium\SLauncher.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{D1459A2B-0F04-45F2-A4AA-0A102DE16E10}] => (Allow) D:\Juegos\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{CF362BF1-DE88-47F1-A1E7-22B207677C2C}] => (Allow) D:\Juegos\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{4DAE6B4E-F86C-4B75-A2B9-C492DAEA91A9}] => (Allow) D:\Juegos\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{50B3E9E0-9F29-4BEC-B545-ED3B25FC1A68}] => (Allow) D:\Juegos\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{01EFCC0A-E012-4094-877D-09378D55D7D4}D:\juegos\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\juegos\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [TCP Query User{4EA9C2B7-DE42-4FE4-85A6-96FE647A210F}D:\juegos\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\juegos\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [{D491CEAF-9216-4313-9090-507DB791D517}] => (Allow) D:\Juegos\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [{C7E2AE82-C458-4E24-B577-1B8A21FEEAB5}] => (Allow) D:\Juegos\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [{7E0BBC6D-BAAE-4B8F-A9B9-61D536404478}] => (Allow) D:\Juegos\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{ECB2A2BC-74B1-4FC0-9EAA-D0AE0C17BA6A}] => (Allow) D:\Juegos\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{12CC3219-4570-4482-9B9C-6F8CB11C0A4E}D:\juegos\fornite\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\juegos\fornite\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{EF9F6DDD-D999-4C04-91C4-B05B952008B1}D:\juegos\fornite\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\juegos\fornite\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{05083298-3B98-4F7F-BBB8-53B77C7943CD}D:\juegos\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\juegos\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{4437683B-5037-4814-8CE5-ED6AAA3EDDE0}D:\juegos\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\juegos\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{0A5FA2D6-8141-4108-98E8-F42FF26C51BB}C:\users\usuario\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\usuario\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{D108AE6D-CD8D-42E8-9ECC-C09E2CBD9226}C:\users\usuario\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\usuario\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{363A5270-147C-4AF3-9A1B-C4467B9D71F1}] => (Allow) LPort=9009
FirewallRules: [{CCF6876B-AC20-456E-AEE0-1705D6BC4794}] => (Allow) LPort=9009
FirewallRules: [{A31F63F5-B848-4E00-ACE1-45B8CB66B5A8}] => (Allow) LPort=9009
FirewallRules: [{DD04014B-5FA9-42E9-8A20-F7A2D5039747}] => (Allow) LPort=9009
FirewallRules: [{4E2498CC-9CEB-4639-88D9-0058E46AEDA6}] => (Allow) LPort=9009
FirewallRules: [{C6C50F16-390B-451F-AD27-FAC9242A8C71}] => (Allow) LPort=9009
FirewallRules: [{0D352839-597B-46FD-807A-29F01F0D0776}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{3D2D8DC5-1C2E-42A9-8AA0-79D7E23A21B4}D:\juegos\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\juegos\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [UDP Query User{3F5F0278-07AD-4E36-BD12-D901654EA4D5}D:\juegos\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\juegos\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)FirewallRules: [{3446BFDF-A7FD-4CD9-A7B8-572BACBF6668}] => (Allow) LPort=9009
FirewallRules: [{9EBBCE04-FD85-40DC-AB26-81A7FF849D71}] => (Allow) LPort=9009
FirewallRules: [{B8265FF0-6876-4966-B01D-B239B57DFA96}] => (Allow) LPort=9009
FirewallRules: [{EFE81504-9654-404E-8F67-9C0E256DA406}] => (Allow) LPort=9009
FirewallRules: [{B7C54696-458A-47D1-B2B0-8F45B2DA8F65}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F008A1B6-C9D4-4079-9855-1A9AFF9EAFBA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DCFF982C-D4CD-4E74-9677-1B2CEEA5D997}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CB7FB04D-486B-45E9-BC11-0F4ED49DEE8C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{803A2C09-5033-408B-8F2F-180EBE2C7817}D:\juegos\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\juegos\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{76ACBEBA-841D-49AA-8FA3-D67CE48B1FFD}D:\juegos\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\juegos\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{437514A7-AE29-4555-93B7-729083604A07}] => (Allow) D:\Juegos\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{C18E431B-6EF6-41FE-832E-90182D8DB293}] => (Allow) D:\Juegos\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{89CC0B14-24F3-482C-B88B-0622ADDE942F}] => (Allow) LPort=9009
FirewallRules: [{A98319C0-69EF-4945-9F56-766316BA6F89}] => (Allow) LPort=9009
FirewallRules: [{C2DC91E7-A787-4B29-9E5F-A89AA58E1E28}] => (Allow) LPort=9009
FirewallRules: [{876E90AE-4D03-4591-8E5B-E68CBE5A0804}] => (Block) d:\Programas\CorelDRAW Graphics Suite 2019\Programs64\CorelDrw.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{59015ED3-15C7-494D-814A-83AB4B11D298}] => (Block) d:\Programas\CorelDRAW Graphics Suite 2019\Programs64\CorelPP.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{72C3D1E0-89DA-4173-83B9-1C388AF19122}] => (Allow) LPort=9009
FirewallRules: [{2CC3C644-4281-4530-862E-44123DF0A794}] => (Allow) LPort=9009
FirewallRules: [{5F3D1501-6C52-4BAD-AA4D-BDDA07A3666B}] => (Allow) LPort=9009
FirewallRules: [{EDB0C459-339E-415C-A076-5CA021F8C465}] => (Allow) LPort=9009
FirewallRules: [{BE96911B-4B50-465A-8749-AE19F12CB565}] => (Allow) LPort=9009
FirewallRules: [{A9C199C8-A344-42FE-8E58-588E907954B3}] => (Allow) LPort=9009
FirewallRules: [{3A5A1FBA-5AA7-4970-8CC6-1A754A264A95}] => (Allow) LPort=9009
FirewallRules: [{7F78652F-CFCA-4A2E-B322-8403623EAE77}] => (Allow) LPort=9009
FirewallRules: [{391D10D1-762A-454D-945F-CC1D25B9136C}] => (Allow) LPort=9009
FirewallRules: [{788248B2-7438-4F99-A83A-23F99F8E2934}] => (Allow) LPort=9009
FirewallRules: [{04EB29CA-457F-4592-B160-264E1178C653}] => (Allow) LPort=9009
FirewallRules: [{FEDF473E-B1C8-4378-9CB7-1FB062EF2B4B}] => (Allow) LPort=9009
FirewallRules: [{88129E1D-9D7D-4253-B184-10A80AECFC67}] => (Allow) LPort=9009
FirewallRules: [{4534B49F-8EDE-44A8-93DE-273D1EFFFB6E}] => (Allow) D:\Juegos\Warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{4EB57244-B5B1-44DE-85D0-BE7CFCF705C3}] => (Allow) D:\Juegos\Warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{C2D30E23-64B8-46F4-9B69-E4900E1F220B}] => (Allow) C:\Users\usuario\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{550AAB78-BA76-4D31-BB5A-9655668C596E}] => (Allow) D:\Juegos\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{569BC253-DE0A-486E-B826-1A10CDB5F967}] => (Allow) D:\Juegos\Warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{575BECCF-7354-469B-9050-013D0DD6F504}] => (Allow) D:\Juegos\Warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{B5B17AE3-FDAA-439E-A791-5211B0B913A0}] => (Allow) C:\Users\usuario\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{A72071DD-FD60-4B44-A099-613CA3942C3A}] => (Allow) D:\Juegos\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{2303FFCE-0AFC-497C-8685-524B62BA5D8C}] => (Allow) LPort=9009
FirewallRules: [{48705B07-7BDF-4FB9-B376-73BBBBCAE8A2}] => (Allow) LPort=9009
FirewallRules: [{539D35BB-00EC-49A0-9044-336A4FEB92E3}] => (Allow) LPort=9009
FirewallRules: [{A2AD0BEC-EA1E-4D1C-AC09-5AC1660F9B1D}] => (Allow) LPort=9009
FirewallRules: [{1B2CCA7A-EF85-4FE9-ADC9-E41BD154F617}] => (Allow) LPort=9009
FirewallRules: [{7F6B3FFE-9F0D-495D-94F6-C98860C12140}] => (Allow) LPort=9009
FirewallRules: [{E38299F2-BF21-4EB2-9F70-4D78A7245975}] => (Allow) LPort=9009
FirewallRules: [{8BB55CA9-8C67-4913-9079-67E94B476A57}] => (Allow) LPort=9009
FirewallRules: [{2F812CB5-3D59-4EDB-9B09-4DB5179F28AA}] => (Allow) LPort=9009
FirewallRules: [{F434EA35-56BA-41E0-A20D-185DA94F5D81}] => (Allow) LPort=9009
FirewallRules: [{0E10D4C2-F459-424F-8A80-7A47A7E338F0}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{36916727-8D3B-45CF-873B-D56838BF3A6E}D:\juegos\league of legends\game\league of legends.exe] => (Allow) D:\juegos\league of legends\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{859A5C98-82EE-40BB-9B1B-561CA8D2C811}D:\juegos\league of legends\game\league of legends.exe] => (Allow) D:\juegos\league of legends\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [{1E0FB363-9B42-49A9-BF92-2608E507868C}] => (Allow) LPort=9009
FirewallRules: [{28A623BC-DDB0-468A-87DB-E4648856440F}] => (Allow) LPort=9009
FirewallRules: [{F75EEAD4-EE17-4316-B452-99A549C8CD2C}] => (Allow) LPort=9009
FirewallRules: [{159775C7-0C1C-4427-8E22-93D744B2334C}] => (Allow) LPort=9009
FirewallRules: [{68DB4709-9FEA-4D10-AB67-46840A6E6ABD}] => (Allow) LPort=9009
FirewallRules: [{86B503F6-1575-4032-ABBC-83024CF7A530}] => (Allow) LPort=9009
FirewallRules: [{92A4DBE0-BE10-4E4F-A8BB-55D82A284022}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{DCBDE927-DABE-4E32-89E0-F25109ACDFF1}] => (Allow) LPort=9009
FirewallRules: [{7FE54ABE-A309-4679-A3C5-FE5180A03F4F}] => (Allow) LPort=9009
FirewallRules: [{9056D906-906C-48EE-956E-13E704CA8AA9}] => (Allow) D:\Juegos\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{26496C0B-6517-4A7E-A580-4BBE0334F667}] => (Allow) D:\Juegos\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{C5EBB963-B976-4EF5-9FD4-EA6D0763DBEB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B45600F5-29B0-4E7A-B48B-86FAC0BB5C9D}] => (Allow) LPort=9009
FirewallRules: [{21FBFD09-2B3E-487F-BDF8-CEFB2DB0C70D}] => (Allow) D:\Juegos\Steam\steamapps\common\Yu-Gi-Oh! Duel Links\dlpc.exe () [File not signed]
FirewallRules: [{9C77D524-2914-45C6-BA2D-2F17C38ED23A}] => (Allow) D:\Juegos\Steam\steamapps\common\Yu-Gi-Oh! Duel Links\dlpc.exe () [File not signed]
FirewallRules: [TCP Query User{B0783BF9-C06A-4146-83EB-FA498460A941}C:\users\usuario\appdata\local\blitz\app-1.2.11\blitz.exe] => (Allow) C:\users\usuario\appdata\local\blitz\app-1.2.11\blitz.exe (Swift Media Entertainment, Inc. -> Blitz Inc.)
FirewallRules: [UDP Query User{9075E9E6-7151-4BAE-94A0-D788FF6F8BD1}C:\users\usuario\appdata\local\blitz\app-1.2.11\blitz.exe] => (Allow) C:\users\usuario\appdata\local\blitz\app-1.2.11\blitz.exe (Swift Media Entertainment, Inc. -> Blitz Inc.)
FirewallRules: [{40DB50BE-EFC9-4665-BC12-0A84BAE0097B}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{0E38C4BC-842D-4F08-84E8-7AD649687E88}C:\users\usuario\appdata\local\blitz\app-1.2.12\blitz.exe] => (Block) C:\users\usuario\appdata\local\blitz\app-1.2.12\blitz.exe (Swift Media Entertainment, Inc. -> Blitz Inc.)
FirewallRules: [UDP Query User{2CB865DC-1511-4067-90CB-9BDFCB16C2BC}C:\users\usuario\appdata\local\blitz\app-1.2.12\blitz.exe] => (Block) C:\users\usuario\appdata\local\blitz\app-1.2.12\blitz.exe (Swift Media Entertainment, Inc. -> Blitz Inc.)
FirewallRules: [{CDBCC4F4-7741-48FF-9AB8-142AAD3DDE34}] => (Allow) D:\Programas\Nox\Nox\bin\Nox.exe (Nox Limited -> Duodian Technology Co. Ltd.)
FirewallRules: [{358567B5-8A78-40B3-9D20-3BA697736972}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe (Nox Limited -> BigNox Corporation)
FirewallRules: [{15A86B32-ED3E-402C-9A0D-E294622176A4}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{D8D6E618-033A-4B3A-B9AF-93FFB5019E82}C:\users\usuario\appdata\local\blitz\current\blitz.exe] => (Allow) C:\users\usuario\appdata\local\blitz\current\blitz.exe (Swift Media Entertainment, Inc. -> Blitz Inc.)
FirewallRules: [UDP Query User{E173415C-D931-4831-A5A5-D63279EEA6DC}C:\users\usuario\appdata\local\blitz\current\blitz.exe] => (Allow) C:\users\usuario\appdata\local\blitz\current\blitz.exe (Swift Media Entertainment, Inc. -> Blitz Inc.)
FirewallRules: [{F3B6A3D8-2E56-4405-9A05-A3DB9A854BD5}] => (Allow) LPort=9009
FirewallRules: [{E5112BDD-DD73-4FFD-8CC8-9D7A7DB88841}] => (Allow) LPort=9009
FirewallRules: [{3C3D6F90-72BC-4DCA-9D94-55ED34E67B15}] => (Allow) LPort=9009
FirewallRules: [{C94B2654-892C-4F69-915E-E8645DE0377C}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{376FF9E8-1154-4020-BB40-1BC791A18EFC}C:\users\usuario\appdata\local\blitz\current\blitz.exe] => (Block) C:\users\usuario\appdata\local\blitz\current\blitz.exe (Swift Media Entertainment, Inc. -> Blitz Inc.)
FirewallRules: [UDP Query User{F8B3AC56-1E46-46C3-AD02-A9C31B2BFF50}C:\users\usuario\appdata\local\blitz\current\blitz.exe] => (Block) C:\users\usuario\appdata\local\blitz\current\blitz.exe (Swift Media Entertainment, Inc. -> Blitz Inc.)
FirewallRules: [{6D3F9357-E8B1-4520-BFC3-5B03AEFD6028}] => (Allow) LPort=9009
FirewallRules: [{EF0F5896-C025-463C-B788-FF86B07A9C63}] => (Allow) LPort=9009
FirewallRules: [{996DE0D3-6E24-4A61-A920-7CD59B51E004}] => (Allow) LPort=9009
FirewallRules: [{C2F106E0-0148-4DEF-834C-C1D00DD91F87}] => (Allow) LPort=9009
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:111.25 GB) (Free:46.14 GB) (41%)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/08/2019 08:54:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa adwcleaner_7.4.1.exe (versión 7.4.1.0) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.
Id. de proceso: 2d00
Hora de Inicio: 01d566b0731f0c65
Hora de finalización: 4294967295
Ruta de la aplicación: C:\Users\usuario\Desktop\adwcleaner_7.4.1.exe
Id. de informe: 0e4444a7-30fb-483b-81c2-05fed16260aa
Nombre completo del paquete con errores:
Id. de la aplicación relativa al paquete con errores:
Tipo de bloqueo: Top level window is idle
Error: (09/08/2019 08:17:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbamtray.exe, versión: 3.1.0.1840, marca de tiempo: 0x5d5c13ae
Nombre del módulo con errores: Qt5Core.dll, versión: 5.11.1.0, marca de tiempo: 0x5cba0161
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0018dc19
Identificador del proceso con errores: 0x285c
Hora de inicio de la aplicación con errores: 0x01d566ac47d62295
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Identificador del informe: 0ce04213-33e6-4f12-9c04-a5e3fd90fd5d
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (09/08/2019 08:05:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: dwm.exe, versión: 10.0.17763.1, marca de tiempo: 0xe52aabf3
Nombre del módulo con errores: dwmcore.dll, versión: 10.0.17763.348, marca de tiempo: 0x2240b8d9
Código de excepción: 0xc00001ad
Desplazamiento de errores: 0x00000000001e8a7e
Identificador del proceso con errores: 0xfac
Hora de inicio de la aplicación con errores: 0x01d566aab612e86c
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\dwm.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\system32\dwmcore.dll
Identificador del informe: 8f6d29e2-e5b0-4432-b7e8-9e271f6b4925
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (09/08/2019 08:05:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: dwm.exe, versión: 10.0.17763.1, marca de tiempo: 0xe52aabf3
Nombre del módulo con errores: dwmcore.dll, versión: 10.0.17763.348, marca de tiempo: 0x2240b8d9
Código de excepción: 0xc00001ad
Desplazamiento de errores: 0x00000000001e8a7e
Identificador del proceso con errores: 0x3c08
Hora de inicio de la aplicación con errores: 0x01d566aab5cc878b
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\dwm.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\system32\dwmcore.dll
Identificador del informe: c2d691e6-7325-4e31-84d2-d8c2dc2ffd90
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (09/08/2019 08:05:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: dwm.exe, versión: 10.0.17763.1, marca de tiempo: 0xe52aabf3
Nombre del módulo con errores: dwmcore.dll, versión: 10.0.17763.348, marca de tiempo: 0x2240b8d9
Código de excepción: 0xc00001ad
Desplazamiento de errores: 0x00000000001e8a7e
Identificador del proceso con errores: 0x3a94
Hora de inicio de la aplicación con errores: 0x01d566aaa816a986
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\dwm.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\system32\dwmcore.dll
Identificador del informe: ac272c96-70d6-49b9-a686-5840a5032889
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (09/08/2019 08:05:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: dwm.exe, versión: 10.0.17763.1, marca de tiempo: 0xe52aabf3
Nombre del módulo con errores: dwmcore.dll, versión: 10.0.17763.348, marca de tiempo: 0x2240b8d9
Código de excepción: 0xc00001ad
Desplazamiento de errores: 0x00000000001e8a7e
Identificador del proceso con errores: 0x2aa8
Hora de inicio de la aplicación con errores: 0x01d566aa9298109b
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\dwm.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\system32\dwmcore.dll
Identificador del informe: f5395b0d-5eba-4d37-9037-5083973e322d
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (09/08/2019 08:04:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: dwm.exe, versión: 10.0.17763.1, marca de tiempo: 0xe52aabf3
Nombre del módulo con errores: dwmcore.dll, versión: 10.0.17763.348, marca de tiempo: 0x2240b8d9
Código de excepción: 0xc00001ad
Desplazamiento de errores: 0x00000000001e8a7e
Identificador del proceso con errores: 0x37f0
Hora de inicio de la aplicación con errores: 0x01d566a8a2884dea
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\dwm.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\system32\dwmcore.dll
Identificador del informe: d62bb9ab-ac9a-47ed-887b-8cf5e1b55e7d
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (09/08/2019 08:04:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: segurazoclient.exe, versión: 1.0.14.9, marca de tiempo: 0x5d67b90f
Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.17763.652, marca de tiempo: 0x598c4711
Código de excepción: 0xc06d007e
Desplazamiento de errores: 0x0000000000039129
Identificador del proceso con errores: 0x328
Hora de inicio de la aplicación con errores: 0x01d566aa7c3df298
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Segurazo\segurazoclient.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\KERNELBASE.dll
Identificador del informe: beb2e07e-eea0-47e6-95bd-21cb3b5c2973
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
System errors:
=============
Error: (09/08/2019 09:08:45 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-CM2QFMQ)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
y APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
al usuario DESKTOP-CM2QFMQ\usuario con SID (S-1-5-21-3915770623-3759347639-1613647934-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (09/08/2019 08:56:15 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-CM2QFMQ)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
y APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
al usuario DESKTOP-CM2QFMQ\usuario con SID (S-1-5-21-3915770623-3759347639-1613647934-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (09/08/2019 08:55:59 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-CM2QFMQ)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
y APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
al usuario DESKTOP-CM2QFMQ\usuario con SID (S-1-5-21-3915770623-3759347639-1613647934-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (09/08/2019 08:55:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID
Windows.SecurityCenter.WscBrokerManager
y APPID
No disponible
al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (09/08/2019 08:55:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID
Windows.SecurityCenter.WscDataProtection
y APPID
No disponible
al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (09/08/2019 08:55:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID
Windows.SecurityCenter.SecurityAppBroker
y APPID
No disponible
al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (09/08/2019 08:54:44 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Error en la llamada ScRegSetValueExW para DeleteFlag con el error siguiente:
Acceso denegado.
Error: (09/08/2019 08:54:43 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Error en la llamada ScRegSetValueExW para DeleteFlag con el error siguiente:
Acceso denegado.
Windows Defender:
===================================
Date: 2019-09-08 21:08:22.887
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {D02C1538-A5B9-4183-B061-2AF10F7CFD9F}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-09-07 22:56:28.402
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Windows\SECOH-QAD.dll; file:_C:\Windows\SECOH-QAD.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Windows\System32\svchost.exe
Versión de firma: AV: 1.301.746.0, AS: 1.301.746.0, NIS: 1.301.746.0
Versión de motor: AM: 1.1.16300.1, NIS: 1.1.16300.1
Date: 2019-09-07 22:56:25.682
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Windows\SECOH-QAD.dll; file:_C:\Windows\SECOH-QAD.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files\KMSpico\Service_KMS.exe
Versión de firma: AV: 1.301.746.0, AS: 1.301.746.0, NIS: 1.301.746.0
Versión de motor: AM: 1.1.16300.1, NIS: 1.1.16300.1
Date: 2019-09-07 22:46:48.151
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Windows\SECOH-QAD.dll; file:_C:\Windows\SECOH-QAD.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de firma: AV: 1.301.746.0, AS: 1.301.746.0, NIS: 1.301.746.0
Versión de motor: AM: 1.1.16300.1, NIS: 1.1.16300.1
Date: 2019-09-07 22:46:48.103
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Windows\SECOH-QAD.dll; file:_C:\Windows\SECOH-QAD.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de firma: AV: 1.301.746.0, AS: 1.301.746.0, NIS: 1.301.746.0
Versión de motor: AM: 1.1.16300.1, NIS: 1.1.16300.1
Date: 2019-09-07 22:46:48.144
Description:
Antivirus de Windows Defender encontró un error crítico al tomar medidas ante malware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Windows\SECOH-QAD.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Windows\System32\svchost.exe
Acción: Cuarentena
Estado de acción: No additional actions required
Código de error: 0x8007001e
Descripción del error: El sistema no puede leer desde el dispositivo especificado.
Versión de firma: AV: 1.301.746.0, AS: 1.301.746.0, NIS: 1.301.746.0
Versión de motor: AM: 1.1.16300.1, NIS: 1.1.16300.1
Date: 2019-09-07 20:49:41.046
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.301.746.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior: 1.1.16300.1
Código de error: 0x80070643
Descripción del error: Error irrecuperable durante la instalación.
Date: 2019-09-07 20:39:26.177
Description:
Antivirus de Windows Defender encontró un error crítico al tomar medidas ante malware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Windows\SECOH-QAD.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Windows\System32\svchost.exe
Acción: Cuarentena
Estado de acción: No additional actions required
Código de error: 0x8007001e
Descripción del error: El sistema no puede leer desde el dispositivo especificado.
Versión de firma: AV: 1.301.746.0, AS: 1.301.746.0, NIS: 1.301.746.0
Versión de motor: AM: 1.1.16300.1, NIS: 1.1.16300.1
Date: 2019-09-07 17:57:44.626
Description:
Antivirus de Windows Defender encontró un error crítico al tomar medidas ante malware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Windows\SECOH-QAD.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Windows\System32\svchost.exe
Acción: Cuarentena
Estado de acción: No additional actions required
Código de error: 0x8007001e
Descripción del error: El sistema no puede leer desde el dispositivo especificado.
Versión de firma: AV: 1.301.746.0, AS: 1.301.746.0, NIS: 1.301.746.0
Versión de motor: AM: 1.1.16300.1, NIS: 1.1.16300.1
Date: 2019-09-04 22:13:38.704
Description:
Antivirus de Windows Defender encontró un error crítico al tomar medidas ante malware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Windows\SECOH-QAD.dll; file:_C:\Windows\SECOH-QAD.exe; process:_pid:8080,ProcessStart:132121267835569972
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Acción: Cuarentena
Estado de acción: No additional actions required
Código de error: 0x8007001e
Descripción del error: El sistema no puede leer desde el dispositivo especificado.
Versión de firma: AV: 1.301.525.0, AS: 1.301.525.0, NIS: 1.301.525.0
Versión de motor: AM: 1.1.16300.1, NIS: 1.1.16300.1
CodeIntegrity:
===================================
Date: 2019-09-08 20:20:50.363
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MbamPt.exe that did not meet the Microsoft signing level requirements.
Date: 2019-09-08 20:19:25.399
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-09-08 20:19:25.394
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-09-08 20:19:25.388
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-09-08 20:19:25.357
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-09-08 20:19:25.352
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-09-08 20:19:25.348
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-09-08 20:17:10.319
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F20 01/31/2018
Motherboard: Gigabyte Technology Co., Ltd. AX370-Gaming 3-CF
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 21%
Total physical RAM: 16335.11 MB
Available physical RAM: 12814.36 MB
Total Virtual: 17359.11 MB
Available Virtual: 11996.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.25 GB) (Free:46.14 GB) NTFS
Drive d: (Disco Local) (Fixed) (Total:931.51 GB) (Free:388.17 GB) NTFS
\\?\Volume{aa1afbd0-0000-0000-0000-100000000000}\ (Reservado para el sistema) (Fixed) (Total:0.54 GB) (Free:0.12 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 3E9A8BC4)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: AA1AFBD0)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================Hola, ya realice todos los pasos y pegue los informes aqui, quedo atento a tus comentarios!,
Saludos!.
Hola.
Veamos… en el informe de Malwaebytes se ve que NO tomaste acciones para la desinfección de lo que se encontró…“Sin acciones por parte del usuario”
Igualmente en el informe de AdwCleaner se ve que omitiste algunas infecciones…“Not Deleted”.
Repite esos dos procesos para asegurarte que se elimine TODO correctamente.
Y después nos pones esos dos nuevos informes que habrás obtenido y nos comentas como sigue el problema que planteaste inicialmente.
Luego podremos seguir dandote más pasos a realizar.
Saludos.
1 me gusta