• Registrarse
  • Iniciar sesión


  • Resultados 1 al 9 de 9

    Problema con Chromesearch.club en Chrome (Solucionado)

    Buenos días Hoy he cometido el error de descargar un crack para un programa y al ejecutarlo también comenzó a instalarse otra aplicación que no recuerdo el nombre ya que lo cerré rápidamente. Tenía abierto ...

          
    1. #1
      Usuario Avatar de Nahuel.E
      Registrado
      dic 2016
      Ubicación
      Argentina
      Mensajes
      9

      Problema con Chromesearch.club en Chrome (Solucionado)

      Buenos días

      Hoy he cometido el error de descargar un crack para un programa y al ejecutarlo también comenzó a instalarse otra aplicación que no recuerdo el nombre ya que lo cerré rápidamente. Tenía abierto Chrome con 4 pestañas, se cerro inmediatamente después de cerrar el programa malicioso y al abrir el navegador otra vez se abrieron las 4 pestañas y el motor de búsqueda predeterminado ahora es ''Chromesearch.club''. No me deja eliminarlo de la lista en los ajustes, he leído un post reciente de un usuario con un problema similar al mio, sin embargo, los pasos para eliminarlo que le sugirieron no me sirvieron. Lo curioso es que aunque eliminé los datos de navegación dentro de Chrome y con Ccleaner al abrir el navegador se abren las mismas 4 pestañas, además cuando abro una nueva pestaña Malwarebytes lanza un cartel que dice ''Sitio web bloqueado'' y con los siguientes detalles:

      Dominio: newtab.review
      Tipo: Saliente

      Tampoco encontré ningún toolbar o algo así en mi lista de programas instalados. Seguí los pasos sugeridos en este post http://www.forospyware.com/t534631.html

      Mi sistema es Windows 10 64 bits, espero que puedan ayudarme, gracias.

    2. #2
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      24.364

      Re: Problema con Chromesearch.club en Chrome

      Hola Nahuel.E

      Pon los reportes de Malwarebytes, AdwCleaner y Jrt para revisarlos.

      Descarga Farbar Recovery Scan Tool segun la arquitectura de tu sistema (32 o 64 bits)

      • La guardas en el escritorio >> Esto es muy importante..
      • Doble clic para ejecutar Frst.exe. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • En la ventana del Disclaimer, presiona Yes.

      • En la nueva ventana que se abre, presiona el botón Scan y espera paciente a que concluya el análisis.
      • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, estos estarán grabados en tu escritorio.

      • Para terminar abres los archivos Frst.txt y Addition.Txt copia y pega todo su contenido en tu próxima respuesta. Utiliza dos mensajes si te dice que es muy largo.


      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de Nahuel.E
      Registrado
      dic 2016
      Ubicación
      Argentina
      Mensajes
      9

      Re: Problema con Chromesearch.club en Chrome

      Malwarebytes
      www.malwarebytes.com

      -Detalles del registro-
      Fecha del análisis: 22/12/17
      Hora del análisis: 22:20
      Archivo de registro: 8233833a-e77f-11e7-8b46-80ee73cb259a.json
      Administrador: Sí

      -Información del software-
      Versión: 3.3.1.2183
      Versión de los componentes: 1.0.262
      Versión del paquete de actualización: 1.0.3545
      Licencia: Prueba

      -Información del sistema-
      SO: Windows 10 (Build 16299.98)
      CPU: x64
      Sistema de archivos: NTFS
      Usuario: DESKTOP-R32H710\Nahuel Correa

      -Resumen del análisis-
      Tipo de análisis: Análisis de amenazas
      Resultado: Completado
      Objetos analizados: 317603
      Amenazas detectadas: 0
      (No hay elementos maliciosos detectados)
      Amenazas en cuarentena: 0
      (No hay elementos maliciosos detectados)
      Tiempo transcurrido: 2 min, 32 seg

      -Opciones de análisis-
      Memoria: Activado
      Inicio: Activado
      Sistema de archivos: Activado
      Archivo: Activado
      Rootkits: Desactivado
      Heurística: Activado
      PUP: Detectar
      PUM: Detectar

      -Detalles del análisis-
      Proceso: 0
      (No hay elementos maliciosos detectados)

      Módulo: 0
      (No hay elementos maliciosos detectados)

      Clave del registro: 0
      (No hay elementos maliciosos detectados)

      Valor del registro: 0
      (No hay elementos maliciosos detectados)

      Datos del registro: 0
      (No hay elementos maliciosos detectados)

      Secuencia de datos: 0
      (No hay elementos maliciosos detectados)

      Carpeta: 0
      (No hay elementos maliciosos detectados)

      Archivo: 0
      (No hay elementos maliciosos detectados)

      Sector físico: 0
      (No hay elementos maliciosos detectados)


      (end)



      # AdwCleaner 7.0.6.0 - Logfile created on Sat Dec 23 01:29:33 2017
      # Updated on 2017/21/12 by Malwarebytes
      # Database: 12-21-2017.1
      # Running on Windows 10 Home Single Language (X64)
      # Mode: scan
      # Support: https://www.malwarebytes.com/support

      ***** [ Services ] *****

      No malicious services found.

      ***** [ Folders ] *****

      No malicious folders found.

      ***** [ Files ] *****

      No malicious files found.

      ***** [ DLL ] *****

      No malicious DLLs found.

      ***** [ WMI ] *****

      No malicious WMI found.

      ***** [ Shortcuts ] *****

      No malicious shortcuts found.

      ***** [ Tasks ] *****

      No malicious tasks found.

      ***** [ Registry ] *****

      No malicious registry entries found.

      ***** [ Firefox (and derivatives) ] *****

      No malicious Firefox entries.

      ***** [ Chromium (and derivatives) ] *****

      No malicious Chromium entries.

      *************************

      C:/AdwCleaner/AdwCleaner[C0].txt - [1670 B] - [2017/12/22 19:48:10]
      C:/AdwCleaner/AdwCleaner[S0].txt - [1597 B] - [2017/12/22 1952]
      C:/AdwCleaner/AdwCleaner[S1].txt - [1098 B] - [2017/12/22 21:33:4]


      ########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt ##########




      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Junkware Removal Tool (JRT) by Malwarebytes
      Version: 8.1.4 (07.09.2017)
      Operating System: Windows 10 Home Single Language x64
      Ran by Nahuel Correa (Administrator) on vie. 22/12/2017 at 22:35:41,46
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




      File System: 1

      Successfully deleted: C:\Users\Nahuel Correa\Documents\add-in express (Folder)



      Registry: 0





      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on vie. 22/12/2017 at 22:56:13,26
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-12-2017
      Ran by Nahuel Correa (administrator) on DESKTOP-R32H710 (22-12-2017 22:58:41)
      Running from C:\Users\Nahuel Correa\Desktop
      Loaded Profiles: Nahuel Correa (Available Profiles: defaultuser0 & Nahuel Correa & N.Correa)
      Platform: Windows 10 Home Single Language Version 1709 16299.98 (X64) Language: Español (México)
      Internet Explorer Version 11 (Default browser: Edge)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

    4. #4
      Usuario Avatar de Nahuel.E
      Registrado
      dic 2016
      Ubicación
      Argentina
      Mensajes
      9

      Re: Problema con Chromesearch.club en Chrome

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
      (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
      (Intel Corporation) C:\Windows\System32\ibtsiva.exe
      (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
      () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
      (Malwarebytes) C:\Users\Nahuel Correa\Downloads\adwcleaner_7.0.6.0.exe
      (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe
      (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\NisSrv.exe
      (Microsoft Corporation) C:\Windows\System32\smartscreen.exe

      ==================== Registry (Whitelisted) ===========================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
      HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3935912 2016-10-03] (Synaptics Incorporated)
      HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16408320 2016-09-29] (Realtek Semiconductor)
      HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
      HKU\S-1-5-21-979463743-2009168747-106137122-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10024624 2017-11-08] (Piriform Ltd)
      HKU\S-1-5-21-979463743-2009168747-106137122-1001\...\Run: [Spotify Web Helper] => C:\Users\Nahuel Correa\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2017-12-20] (Spotify Ltd)
      GroupPolicy: Restriction - Chrome <==== ATTENTION

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
      Tcpip\..\Interfaces\{e24f318f-2a9b-4357-9bd1-c951deb951e4}: [DhcpNameServer] 192.168.1.1
      Tcpip\..\Interfaces\{e7d383b3-9571-4f90-abb2-0a14108c1260}: [DhcpNameServer] 172.16.1.2

      Internet Explorer:
      ==================
      BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-12-15] (Microsoft Corporation)
      Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-15] (Microsoft Corporation)
      Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-15] (Microsoft Corporation)
      Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-15] (Microsoft Corporation)
      Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-15] (Microsoft Corporation)

      FireFox:
      ========
      FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-12-15] (Microsoft Corporation)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-08] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-08] (Google Inc.)

      Chrome:
      =======
      CHR HomePage: Default -> hxxp://www.google.com.ar/
      CHR StartupUrls: Default -> "hxxps://translate.google.com/#en/es/track%20team","hxxps://www.palbin.com/es/blog/p227-como-eliminar-un-secuestrador-de-navegador-en-4-pasos.html","hxxps://losvirus.es/chromesearch-club/","hxxp://google.com.ar/"
      CHR Profile: C:\Users\Nahuel Correa\AppData\Local\Google\Chrome\User Data\Default [2017-12-22]
      CHR Extension: (Documentos) - C:\Users\Nahuel Correa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-08]
      CHR Extension: (Google Drive) - C:\Users\Nahuel Correa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-08]
      CHR Extension: (YouTube) - C:\Users\Nahuel Correa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-08]
      CHR Extension: (Adblock Plus) - C:\Users\Nahuel Correa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-12-08]
      CHR Extension: (Documentos de Google sin conexión) - C:\Users\Nahuel Correa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-08]
      CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Nahuel Correa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-08]
      CHR Extension: (Gmail) - C:\Users\Nahuel Correa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-08]
      CHR Extension: (Chrome Media Router) - C:\Users\Nahuel Correa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-08]
      CHR HKLM-x32\...\Chrome\Extension: [ccjleegmemocfpghkhpjmiccjcacackp] - hxxps://clients2.google.com/service/update2/crx

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7760552 2017-12-07] (Microsoft Corporation)
      R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
      S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
      R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\NisSrv.exe [356176 2017-12-09] (Microsoft Corporation)
      R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MsMpEng.exe [105792 2017-12-09] (Microsoft Corporation)
      R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
      S2 WinZip Compression Smart Monitor Service; "C:\Program Files\WinZip\WinZip Smart Monitor\WinZip Compression Smart Monitor Service.exe" [X]

      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [250624 2016-10-15] (Intel Corporation)
      R3 igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [7402992 2016-11-01] (Intel Corporation)
      R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2017-09-29] (Intel Corporation)
      R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2016-10-03] (Realtek )
      R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [752856 2016-10-03] (Realsil Semiconductor Corporation)
      S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402136 2016-10-03] (Realsil Semiconductor Corporation)
      S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [33448 2016-10-03] (Synaptics Incorporated)
      R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [33960 2016-10-03] (Synaptics Incorporated)
      R2 SoilIO; C:\Windows\System32\Drivers\SoilIO.sys [17912 2010-08-19] ()
      R3 soilkbc; C:\Windows\System32\Drivers\soilkbc.sys [13816 2009-12-03] (Systems Internals)
      R3 SoilMC; C:\Windows\System32\Drivers\SoilMC.sys [13304 2009-12-03] (Systems Internals)
      R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146200 2016-10-03] (Intel Corporation)
      S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2017-12-09] (Microsoft Corporation)
      R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2017-12-09] (Microsoft Corporation)
      R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2017-12-09] (Microsoft Corporation)

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-12-22 22:58 - 2017-12-22 22:59 - 000009380 _____ C:\Users\Nahuel Correa\Desktop\FRST.txt
      2017-12-22 22:57 - 2017-12-22 22:57 - 000000662 _____ C:\Users\Nahuel Correa\Desktop\JTR info.txt
      2017-12-22 22:56 - 2017-12-22 22:56 - 000000662 _____ C:\Users\Nahuel Correa\Desktop\JRT.txt
      2017-12-22 22:35 - 2017-12-22 22:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
      2017-12-22 22:30 - 2017-12-22 22:30 - 000001166 _____ C:\Users\Nahuel Correa\Desktop\Adwcleaner info.txt
      2017-12-22 22:25 - 2017-12-22 22:25 - 008198432 _____ (Malwarebytes) C:\Users\Nahuel Correa\Downloads\adwcleaner_7.0.6.0.exe
      2017-12-22 22:23 - 2017-12-22 22:23 - 000001575 _____ C:\Users\Nahuel Correa\Desktop\Malw info.txt
      2017-12-22 21:12 - 2017-12-22 21:22 - 000000000 ____D C:\Users\Nahuel Correa\AppData\Roaming\ZHP
      2017-12-22 21:12 - 2017-12-22 21:12 - 000000936 _____ C:\Users\Nahuel Correa\Desktop\ZHPCleaner.lnk
      2017-12-22 21:12 - 2017-12-22 21:12 - 000000000 ____D C:\Users\Nahuel Correa\AppData\Local\ZHP
      2017-12-22 21:10 - 2017-12-22 21:11 - 002997120 _____ C:\Users\Nahuel Correa\Downloads\ZHPCleaner.exe
      2017-12-22 20:56 - 2017-12-22 20:57 - 157389946 _____ C:\Users\Nahuel Correa\Downloads\inu11.mp4
      2017-12-22 18:53 - 2017-12-22 18:53 - 000026489 _____ C:\Users\Nahuel Correa\Downloads\Addition.txt
      2017-12-22 18:50 - 2017-12-22 22:58 - 000000000 ____D C:\FRST
      2017-12-22 18:50 - 2017-12-22 18:53 - 000093111 _____ C:\Users\Nahuel Correa\Downloads\FRST.txt
      2017-12-22 18:49 - 2017-12-22 18:49 - 002392064 _____ (Farbar) C:\Users\Nahuel Correa\Desktop\FRST64.exe
      2017-12-22 18:03 - 2017-12-22 18:03 - 001790024 _____ (Malwarebytes) C:\Users\Nahuel Correa\Downloads\JRT.exe
      2017-12-22 15:57 - 2017-12-22 22:29 - 000000000 ____D C:\AdwCleaner
      2017-12-22 15:53 - 2017-12-22 15:56 - 008187336 _____ (Malwarebytes) C:\Users\Nahuel Correa\Downloads\AdwCleaner.exe
      2017-12-22 15:53 - 2017-12-22 15:53 - 000010768 _____ C:\Users\Nahuel Correa\Documents\cc_20171222_155343.reg
      2017-12-22 14:09 - 2017-12-22 14:09 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
      2017-12-22 14:09 - 2017-12-22 14:09 - 000000000 ____D C:\Program Files\Malwarebytes
      2017-12-22 14:09 - 2017-11-29 09:11 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
      2017-12-22 14:05 - 2017-12-22 14:08 - 083316440 _____ (Malwarebytes ) C:\Users\Nahuel Correa\Downloads\mb3-setup-consumer-3.3.1.2183-1.0.262-1.0.3374.exe
      2017-12-22 12:56 - 2017-12-22 12:56 - 000000000 ____D C:\WINDOWS\System32\Tasks\MEGA
      2017-12-22 12:40 - 2017-12-22 14:18 - 000000000 ____D C:\Users\Nahuel Correa\AppData\Roaming\SystemProcess
      2017-12-22 12:38 - 2017-12-22 12:38 - 000571241 _____ ( ) C:\Users\Nahuel Correa\Downloads\WinZip_PRO_s_Only.zip.exe
      2017-12-22 12:09 - 2017-12-22 13:58 - 000000000 ____D C:\Users\Nahuel Correa\Documents\faterealtanua_savedata
      2017-12-22 10:31 - 2017-12-22 10:32 - 000763112 _____ (WinZip Computing, S.L.) C:\Users\Nahuel Correa\Downloads\winzip22_downwz.exe
      2017-12-21 21:39 - 2017-12-21 21:39 - 000000000 ____D C:\Users\Nahuel Correa\Documents\MEGAsync Downloads
      2017-12-21 21:35 - 2017-12-22 17:50 - 000000000 ____D C:\Users\Nahuel Correa\AppData\Roaming\Psiphon3
      2017-12-21 21:34 - 2017-12-22 12:56 - 000000000 ___RD C:\Users\Nahuel Correa\Documents\MEGAsync
      2017-12-21 21:33 - 2017-12-22 17:50 - 000000000 ____D C:\Users\Nahuel Correa\AppData\Local\Mega Limited
      2017-12-21 21:32 - 2017-12-21 21:37 - 006718576 _____ C:\Users\Nahuel Correa\Downloads\psiphon3.exe
      2017-12-21 21:32 - 2017-12-21 21:33 - 005396592 _____ C:\Users\Nahuel Correa\Downloads\psiphon3.exe.orig
      2017-12-21 21:31 - 2017-12-21 21:32 - 013314392 _____ (MEGA Limited) C:\Users\Nahuel Correa\Downloads\MEGAsyncSetup.exe
      2017-12-21 14:28 - 2017-12-22 17:50 - 000000000 ____D C:\Program Files\MegaDownloader
      2017-12-21 14:28 - 2017-12-21 14:28 - 000000932 _____ C:\Users\Public\Desktop\MegaDownloader.lnk
      2017-12-21 14:23 - 2017-12-21 14:23 - 000000000 ____D C:\Users\Nahuel Correa\Downloads\FATE NOVEL
      2017-12-21 14:19 - 2017-12-21 14:19 - 000000000 ____D C:\Users\Nahuel Correa\AppData\Local\MegaDownloader
      2017-12-20 17:49 - 2017-12-22 17:50 - 000000000 ____D C:\Users\Nahuel Correa\AppData\Roaming\Spotify
      2017-12-20 17:48 - 2017-12-20 23:03 - 000000000 ____D C:\Users\Nahuel Correa\AppData\Local\Spotify
      2017-12-18 18:16 - 2017-12-18 18:18 - 025265591 _____ C:\Users\Nahuel Correa\Downloads\LVOC.zip
      2017-12-18 12:02 - 2017-12-18 12:02 - 000005680 _____ C:\Users\Nahuel Correa\Documents\cc_20171218_120249.reg
      2017-12-14 00:32 - 2017-12-14 00:32 - 000001008 _____ C:\Users\Nahuel Correa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\4K Video Downloader.lnk
      2017-12-14 00:32 - 2017-12-14 00:32 - 000000978 _____ C:\Users\Nahuel Correa\Desktop\4K Video Downloader.lnk
      2017-12-14 00:32 - 2017-12-14 00:32 - 000000000 ____D C:\Users\Nahuel Correa\AppData\Local\4kdownload.com
      2017-12-14 00:32 - 2017-12-14 00:32 - 000000000 ____D C:\Program Files (x86)\4KDownload
      2017-12-14 00:31 - 2017-12-14 00:32 - 029274112 _____ C:\Users\Nahuel Correa\Downloads\4kvideodownloader_4.4.0.msi
      2017-12-13 11:19 - 2017-11-21 11:21 - 000149856 _____ C:\Users\Nahuel Correa\Downloads\Instalación ELECTRICA 0.69.dwg
      2017-12-13 11:11 - 2017-11-20 13:53 - 001344608 _____ C:\Users\Nahuel Correa\Downloads\Instalación ELECTRICA 0.35.dwg
      2017-12-12 11:10 - 2017-12-12 11:10 - 000000000 ____D C:\Program Files\Common Files\EPSON
      2017-12-10 02:25 - 2017-12-10 02:25 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
      2017-12-09 10:52 - 2017-12-09 10:37 - 000545440 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
      2017-12-09 10:41 - 2017-12-13 19:22 - 000000000 ____D C:\WINDOWS\system32\MRT
      2017-12-09 10:41 - 2017-12-13 19:19 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
      2017-12-09 10:40 - 2017-12-13 19:19 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
      2017-12-09 10:23 - 2017-12-09 10:23 - 000047578 _____ C:\Users\Nahuel Correa\Documents\cc_20171209_102312.reg
      2017-12-09 10:19 - 2017-12-09 10:19 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
      2017-12-09 10:19 - 2017-12-09 10:19 - 000002886 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
      2017-12-09 10:19 - 2017-12-09 10:19 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
      2017-12-09 10:19 - 2017-12-09 10:19 - 000000000 ____D C:\Program Files\CCleaner
      2017-12-09 10:17 - 2017-12-09 10:18 - 010849904 _____ (Piriform Ltd) C:\Users\Nahuel Correa\Downloads\ccsetup537.exe
      2017-12-09 09:52 - 2017-12-22 17:50 - 000000000 ____D C:\Users\Nahuel Correa\AppData\Roaming\audacity
      2017-12-09 09:52 - 2017-12-09 09:52 - 000000000 ____D C:\Users\Nahuel Correa\AppData\Local\Audacity
      2017-12-09 09:51 - 2017-12-09 09:51 - 000001083 _____ C:\Users\Public\Desktop\Audacity.lnk
      2017-12-09 09:50 - 2017-12-09 09:52 - 000000000 ____D C:\Program Files (x86)\Audacity
      2017-12-09 09:48 - 2017-12-09 09:49 - 024383624 _____ (Audacity Team ) C:\Users\Nahuel Correa\Downloads\audacity-win-2.2.1.exe
      2017-12-08 22:15 - 2017-12-09 00:53 - 000000000 ____D C:\Users\Nahuel Correa\AppData\Local\PlaceholderTileLogoFolder
      2017-12-08 22:11 - 2017-12-08 22:11 - 000082527 _____ C:\Users\Nahuel Correa\Downloads\BlissDarkSMod.zip
      2017-12-08 22:11 - 2017-12-08 22:11 - 000000000 ____D C:\Users\Nahuel Correa\Downloads\BlissDarkSMod
      2017-12-08 22:01 - 2017-12-08 22:01 - 000307377 _____ C:\Users\Nahuel Correa\Downloads\A4.zip
      2017-12-08 22:01 - 2017-12-08 22:01 - 000000000 ____D C:\Users\Nahuel Correa\Downloads\A4
      2017-12-08 21:53 - 2017-12-22 21:12 - 000000000 ____D C:\Users\Nahuel Correa\AppData\Roaming\AIMP
      2017-12-08 21:53 - 2017-12-08 21:53 - 000000971 _____ C:\Users\Public\Desktop\AIMP.lnk
      2017-12-08 21:53 - 2017-12-08 21:53 - 000000000 ____D C:\Program Files (x86)\AIMP
      2017-12-08 21:51 - 2017-12-08 21:52 - 010550992 _____ (AIMP DevTeam) C:\Users\Nahuel Correa\Downloads\aimp_4.50.2048.exe
      2017-12-08 21:16 - 2017-12-08 21:16 - 000000000 ____D C:\WINDOWS\InfusedApps
      2017-12-08 21:15 - 2017-12-14 02:20 - 000000000 ____D C:\Windows.old
      2017-12-08 21:12 - 2017-12-08 18:19 - 000000000 ____D C:\WINDOWS\ServiceProfiles
      2017-12-08 21:07 - 2017-12-08 21:07 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
      2017-12-08 21:05 - 2017-12-08 21:05 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
      2017-12-08 21:05 - 2017-12-08 21:05 - 000000000 ____D C:\Program Files\Synaptics
      2017-12-08 21:02 - 2017-12-08 21:02 - 000000000 ____D C:\WINDOWS\Setup
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\yo-NG
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\wo-SN
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\vi-VN
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\ur-PK
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\ug-CN
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\tt-RU
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\tk-TM
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\ti-ET
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\te-IN
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\ta-IN
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\sw-KE
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\sq-AL
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\si-LK
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\rw-RW
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\quz-PE
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\prs-AF
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\pa-IN
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\or-IN
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\nn-NO
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\ne-NP
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\mt-MT
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\mr-IN
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\mn-MN
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\ml-IN
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\mk-MK
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\lo-LA
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\lb-LU
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\ky-KG
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\kok-IN
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\kn-IN
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\km-KH
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\ka-GE
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\is-IS
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\ig-NG
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\id-ID
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\hy-AM
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\gu-IN
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\gd-GB
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\ga-IE
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\fil-PH
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\fa-IR
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\cy-GB
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\bn-IN
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\bn-BD
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\be-BY
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\as-IN
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\am-ET
      2017-12-08 20:57 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\af-ZA
      2017-12-08 20:57 - 2017-12-08 20:57 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
      2017-12-08 20:57 - 2017-12-08 20:57 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
      2017-12-08 20:57 - 2017-12-08 20:57 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN
      2017-12-08 20:57 - 2017-12-08 20:57 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
      2017-12-08 20:57 - 2017-12-08 20:57 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
      2017-12-08 20:57 - 2017-12-08 20:57 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
      2017-12-08 20:57 - 2017-12-08 20:57 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
      2017-12-08 20:57 - 2017-12-08 20:57 - 000000000 ____D C:\WINDOWS\system32\hi-IN
      2017-12-08 20:57 - 2017-12-08 20:57 - 000000000 ____D C:\WINDOWS\system32\gl-ES
      2017-12-08 20:57 - 2017-12-08 20:57 - 000000000 ____D C:\WINDOWS\system32\eu-ES
      2017-12-08 20:57 - 2017-12-08 20:57 - 000000000 ____D C:\WINDOWS\system32\ca-ES
      2017-12-08 20:57 - 2017-12-08 20:57 - 000000000 ____D C:\Program Files\Reference Assemblies
      2017-12-08 20:57 - 2017-12-08 20:57 - 000000000 ____D C:\Program Files\MSBuild
      2017-12-08 20:57 - 2017-12-08 20:57 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
      2017-12-08 20:57 - 2017-12-08 20:57 - 000000000 ____D C:\Program Files (x86)\MSBuild
      2017-12-08 20:57 - 2017-12-08 18:45 - 000000000 ____D C:\WINDOWS\OCR
      2017-12-08 20:56 - 2017-12-22 18:01 - 000910344 _____ C:\WINDOWS\system32\perfh00A.dat
      2017-12-08 20:56 - 2017-12-22 18:01 - 000185456 _____ C:\WINDOWS\system32\perfc00A.dat
      2017-12-08 20:56 - 2017-12-08 20:55 - 000346834 _____ C:\WINDOWS\system32\perfi00A.dat
      2017-12-08 20:56 - 2017-12-08 20:55 - 000043954 _____ C:\WINDOWS\system32\perfd00A.dat
      2017-12-08 20:55 - 2017-12-08 20:55 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
      2017-12-08 20:55 - 2017-12-08 20:55 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
      2017-12-08 20:55 - 2017-12-08 20:55 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
      2017-12-08 20:55 - 2017-12-08 20:55 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
      2017-12-08 20:55 - 2017-12-08 20:55 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
      2017-12-08 20:55 - 2017-12-08 20:55 - 000000000 ____D C:\WINDOWS\SysWOW64\es
      2017-12-08 20:55 - 2017-12-08 20:55 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
      2017-12-08 20:55 - 2017-12-08 20:55 - 000000000 ____D C:\WINDOWS\system32\winrm
      2017-12-08 20:55 - 2017-12-08 20:55 - 000000000 ____D C:\WINDOWS\system32\WCN
      2017-12-08 20:55 - 2017-12-08 20:55 - 000000000 ____D C:\WINDOWS\system32\slmgr
      2017-12-08 20:55 - 2017-12-08 20:55 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
      2017-12-08 20:55 - 2017-12-08 20:55 - 000000000 ____D C:\WINDOWS\system32\es
      2017-12-08 20:55 - 2017-12-08 20:55 - 000000000 ____D C:\WINDOWS\system32\0409
      2017-12-08 20:55 - 2017-12-08 20:55 - 000000000 ____D C:\WINDOWS\DigitalLocker
      2017-12-08 20:51 - 2017-12-03 19:38 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
      2017-12-08 20:51 - 2017-12-03 19:38 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
      2017-12-08 20:46 - 2017-12-08 20:39 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
      2017-12-08 20:46 - 2017-12-08 20:39 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
      2017-12-08 20:46 - 2017-12-08 20:39 - 000004096 _____ C:\WINDOWS\system32\config\VSMIDK
      2017-12-08 20:46 - 2017-12-08 20:39 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
      2017-12-08 20:46 - 2017-12-08 20:39 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
      2017-12-08 20:45 - 2017-12-22 18:03 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
      2017-12-08 20:45 - 2017-12-22 17:49 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
      2017-12-08 20:45 - 2017-12-22 17:49 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
      2017-12-08 20:45 - 2017-12-22 17:32 - 000000000 ____D C:\WINDOWS\registration
      2017-12-08 20:45 - 2017-12-22 16:05 - 000000000 ___RD C:\Program Files (x86)
      2017-12-08 20:45 - 2017-12-21 10:38 - 000000000 ___HD C:\Program Files\WindowsApps
      2017-12-08 20:45 - 2017-12-21 10:38 - 000000000 ____D C:\WINDOWS\AppReadiness
      2017-12-08 20:45 - 2017-12-18 22:20 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
      2017-12-08 20:45 - 2017-12-18 11:37 - 000000000 ____D C:\WINDOWS\LiveKernelReports
      2017-12-08 20:45 - 2017-12-15 16:00 - 000000000 ____D C:\WINDOWS\rescache
      2017-12-08 20:45 - 2017-12-14 02:19 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
      2017-12-08 20:45 - 2017-12-09 09:33 - 000000000 ____D C:\WINDOWS\appcompat
      2017-12-08 20:45 - 2017-12-08 21:15 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
      2017-12-08 20:45 - 2017-12-08 21:15 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
      2017-12-08 20:45 - 2017-12-08 21:14 - 000000000 __RHD C:\Users\Public\Libraries
      2017-12-08 20:45 - 2017-12-08 21:01 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
      2017-12-08 20:45 - 2017-12-08 21:01 - 000000000 ___SD C:\WINDOWS\system32\F12
      2017-12-08 20:45 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\TextInput
      2017-12-08 20:45 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
      2017-12-08 20:45 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
      2017-12-08 20:45 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
      2017-12-08 20:45 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
      2017-12-08 20:45 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\Dism
      2017-12-08 20:45 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\appraiser
      2017-12-08 20:45 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\ShellExperiences
      2017-12-08 20:45 - 2017-12-08 21:01 - 000000000 ____D C:\WINDOWS\Provisioning
      2017-12-08 20:45 - 2017-12-08 21:01 - 000000000 ____D C:\Program Files\Windows Defender
      2017-12-08 20:45 - 2017-12-08 20:57 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
      2017-12-08 20:45 - 2017-12-08 20:57 - 000000000 ____D C:\WINDOWS\system32\MUI
      2017-12-08 20:45 - 2017-12-08 20:57 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
      2017-12-08 20:45 - 2017-12-08 20:55 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
      2017-12-08 20:45 - 2017-12-08 20:55 - 000000000 ___SD C:\WINDOWS\system32\dsc
      2017-12-08 20:45 - 2017-12-08 20:55 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
      2017-12-08 20:45 - 2017-12-08 20:55 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
      2017-12-08 20:45 - 2017-12-08 20:55 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
      2017-12-08 20:45 - 2017-12-08 20:55 - 000000000 ____D C:\WINDOWS\SysWOW64\com
      2017-12-08 20:45 - 2017-12-08 20:55 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
      2017-12-08 20:45 - 2017-12-08 20:55 - 000000000 ____D C:\WINDOWS\system32\setup
      2017-12-08 20:45 - 2017-12-08 20:55 - 000000000 ____D C:\WINDOWS\system32\migwiz
      2017-12-08 20:45 - 2017-12-08 20:55 - 000000000 ____D C:\WINDOWS\system32\com
      2017-12-08 20:45 - 2017-12-08 20:55 - 000000000 ____D C:\WINDOWS\IME
      2017-12-08 20:45 - 2017-12-08 20:55 - 000000000 ____D C:\WINDOWS\Help
      2017-12-08 20:45 - 2017-12-08 20:55 - 000000000 ____D C:\Program Files\Windows Photo Viewer
      2017-12-08 20:45 - 2017-12-08 20:55 - 000000000 ____D C:\Program Files\Common Files\system
      2017-12-08 20:45 - 2017-12-08 20:55 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
      2017-12-08 20:45 - 2017-12-08 20:55 - 000000000 ____D C:\Program Files (x86)\Windows Defender
      2017-12-08 20:45 - 2017-12-08 20:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
      2017-12-08 20:45 - 2017-12-08 20:46 - 000000000 ___SD C:\WINDOWS\system32\UNP
      2017-12-08 20:45 - 2017-12-08 20:46 - 000000000 ___SD C:\WINDOWS\system32\Nui
      2017-12-08 20:45 - 2017-12-08 20:46 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
      2017-12-08 20:45 - 2017-12-08 20:46 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
      2017-12-08 20:45 - 2017-12-08 20:46 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
      2017-12-08 20:45 - 2017-12-08 20:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
      2017-12-08 20:45 - 2017-12-08 20:46 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
      2017-12-08 20:45 - 2017-12-08 20:46 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
      2017-12-08 20:45 - 2017-12-08 20:46 - 000000000 ____D C:\WINDOWS\system32\MsDtc
      2017-12-08 20:45 - 2017-12-08 20:46 - 000000000 ____D C:\WINDOWS\system32\icsxml
      2017-12-08 20:45 - 2017-12-08 20:46 - 000000000 ____D C:\WINDOWS\system32\ias
      2017-12-08 20:45 - 2017-12-08 20:46 - 000000000 ____D C:\WINDOWS\system32\downlevel
      2017-12-08 20:45 - 2017-12-08 20:46 - 000000000 ____D C:\WINDOWS\system32\DDFs
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 __SHD C:\Program Files\Windows Sidebar
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 __RSD C:\WINDOWS\media
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ___SD C:\WINDOWS\system32\Configuration
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\Web
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\Vss
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\tracing
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\TAPI
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\SystemResources
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\SystemApps
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\system32\winevt
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\system32\ras
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\system32\PointOfService
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\system32\NDF
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\system32\Macromed
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\system32\Ipmi
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\system32\InputMethod
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\system32\inetsrv
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\system32\IME
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\system32\hydrogen
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\system32\config\Journal
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\system32\Bthprops
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\system32\AppLocker
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\System
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\SKB
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\security
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\schemas
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\SchCache
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\Resources
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\PLA
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\Performance
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\ModemLogs
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\L2Schemas
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\InputMethod
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\Globalization
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\Cursors
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\Branding
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\bcastdvr
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\addins
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\Program Files\Windows Security
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\Program Files\Windows Portable Devices
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\Program Files\windows nt
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\Program Files\Common Files\Services
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\Program Files (x86)\windows nt
      2017-12-08 20:45 - 2017-12-08 20:45 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
      2017-12-08 20:45 - 2017-12-08 20:39 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
      2017-12-08 20:45 - 2017-12-08 20:39 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
      2017-12-08 20:45 - 2017-12-08 20:39 - 000017572 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
      2017-12-08 20:45 - 2017-12-08 20:39 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
      2017-12-08 20:45 - 2017-12-08 20:39 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
      2017-12-08 20:45 - 2017-12-08 18:54 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
      2017-12-08 20:45 - 2017-12-08 18:45 - 000000000 ____D C:\WINDOWS\system32\spool
      2017-12-08 20:45 - 2017-12-08 18:45 - 000000000 ____D C:\WINDOWS\system32\oobe
      2017-12-08 20:45 - 2017-12-08 18:36 - 000000000 ____D C:\WINDOWS\system32\Sysprep
      2017-12-08 20:45 - 2017-12-08 18:26 - 000000000 ___RD C:\WINDOWS\PrintDialog
      2017-12-08 20:45 - 2017-12-08 18:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
      2017-12-08 20:45 - 2017-12-08 18:19 - 000000000 ____D C:\WINDOWS\system32\config\TxR
      2017-12-08 20:41 - 2017-12-22 17:49 - 000000000 ____D C:\WINDOWS\INF
      2017-12-08 20:33 - 2017-12-22 17:50 - 000000000 ____D C:\WINDOWS\CbsTemp
      2017-12-08 20:23 - 2017-12-22 17:55 - 087293952 _____ C:\WINDOWS\system32\config\SOFTWARE
      2017-12-08 20:23 - 2017-12-22 17:55 - 019922944 _____ C:\WINDOWS\system32\config\SYSTEM
      2017-12-08 20:23 - 2017-12-22 17:55 - 000786432 _____ C:\WINDOWS\system32\config\DEFAULT
      2017-12-08 20:23 - 2017-12-22 17:55 - 000786432 _____ C:\WINDOWS\system32\config\BBI
      2017-12-08 20:23 - 2017-12-22 17:55 - 000057344 _____ C:\WINDOWS\system32\config\SECURITY
      2017-12-08 20:23 - 2017-12-09 10:22 - 000000000 ____D C:\WINDOWS\Panther
      2017-12-08 20:23 - 2017-12-08 21:15 - 000065536 _____ C:\WINDOWS\system32\config\SAM
      2017-12-08 20:23 - 2017-12-08 20:55 - 000000000 ____D C:\WINDOWS\servicing
      2017-12-08 20:23 - 2017-12-08 20:45 - 000000000 ____D C:\WINDOWS\system32\SMI
      2017-12-08 20:23 - 2017-12-08 19:00 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
      2017-12-08 20:00 - 2017-12-22 21:02 - 000000000 ____D C:\Users\Nahuel Correa\AppData\Roaming\MPC-HC
      2017-12-08 19:50 - 2017-12-08 19:50 - 000003248 _____ C:\WINDOWS\System32\Tasks\klcp_update
      2017-12-08 19:48 - 2017-12-08 19:49 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
      2017-12-08 19:43 - 2017-12-08 19:47 - 048943336 _____ (KLCP ) C:\Users\Nahuel Correa\Downloads\K-Lite_Codec_Pack_1370_Full.exe
      2017-12-08 19:19 - 2017-12-08 19:19 - 000002337 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2017-12-08 19:17 - 2017-12-08 19:17 - 000003618 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
      2017-12-08 19:17 - 2017-12-08 19:17 - 000003494 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
      2017-12-08 19:16 - 2017-12-08 19:39 - 000000000 ____D C:\Users\Nahuel Correa\AppData\Local\Google
      2017-12-08 19:16 - 2017-12-08 19:19 - 000000000 ____D C:\Program Files (x86)\Google
      2017-12-08 19:12 - 2017-12-08 19:12 - 000003390 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone

    5. #5
      Usuario Avatar de Nahuel.E
      Registrado
      dic 2016
      Ubicación
      Argentina
      Mensajes
      9

      Re: Problema con Chromesearch.club en Chrome

      Parte 2

      2017-12-08 19:12 - 2017-12-08 19:12 - 000003390 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-979463743-2009168747-106137122-1001
      2017-12-08 19:10 - 2017-12-08 19:12 - 000002394 _____ C:\Users\Nahuel Correa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
      2017-12-08 19:07 - 2017-12-08 19:07 - 000000000 ____D C:\Users\Nahuel Correa\AppData\Local\Comms
      2017-12-08 19:04 - 2017-12-08 22:44 - 000000000 ____D C:\Users\Nahuel Correa\AppData\Local\Publishers
      2017-12-08 19:04 - 2017-12-08 19:04 - 000000000 ____D C:\Users\Nahuel Correa\AppData\Local\MicrosoftEdge
      2017-12-08 19:03 - 2017-12-14 13:42 - 000000000 ____D C:\Users\Nahuel Correa\AppData\Local\Packages
      2017-12-08 19:03 - 2017-12-08 19:03 - 000000020 ___SH C:\Users\Nahuel Correa\ntuser.ini
      2017-12-08 19:03 - 2017-12-08 19:03 - 000000000 ____D C:\Users\Nahuel Correa\AppData\Roaming\Adobe
      2017-12-08 19:03 - 2017-12-08 19:03 - 000000000 ____D C:\Users\Nahuel Correa\AppData\Local\VirtualStore
      2017-12-08 19:03 - 2017-12-08 19:03 - 000000000 ____D C:\Users\Nahuel Correa\AppData\Local\ConnectedDevicesPlatform
      2017-12-08 19:00 - 2017-12-22 17:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
      2017-12-08 19:00 - 2017-12-08 19:00 - 000002838 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
      2017-12-08 18:57 - 2017-12-22 18:01 - 002026398 _____ C:\WINDOWS\system32\PerfStringBackup.INI
      2017-12-08 18:57 - 2017-12-08 18:57 - 000012814 _____ C:\Users\Nahuel Correa\Desktop\Aplicaciones quitadas.html
      2017-12-08 18:57 - 2017-12-08 18:57 - 000012488 _____ C:\Users\N.Correa\Desktop\Aplicaciones quitadas.html
      2017-12-08 18:57 - 2017-12-08 18:57 - 000012086 _____ C:\Users\defaultuser0\Desktop\Aplicaciones quitadas.html
      2017-12-08 18:54 - 2017-12-08 18:54 - 000023028 _____ C:\WINDOWS\system32\emptyregdb.dat
      2017-12-08 18:50 - 2017-12-11 12:32 - 000000000 ____D C:\Users\N.Correa
      2017-12-08 18:50 - 2017-12-08 19:04 - 000000000 ____D C:\Users\Nahuel Correa
      2017-12-08 18:50 - 2017-12-08 18:56 - 000000000 ____D C:\Users\defaultuser0
      2017-12-08 18:42 - 2017-12-08 18:42 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
      2017-12-08 18:24 - 2017-12-22 17:57 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
      2017-12-08 18:24 - 2017-12-08 18:44 - 000000000 ____D C:\Program Files\Intel
      2017-12-08 18:24 - 2017-12-08 18:24 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
      2017-12-08 18:24 - 2017-12-08 18:24 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
      2017-12-08 18:24 - 2017-12-08 18:24 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
      2017-12-08 18:24 - 2016-11-01 23:05 - 000103952 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
      2017-12-08 18:24 - 2016-11-01 23:05 - 000099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
      2017-12-08 18:23 - 2017-12-08 18:23 - 000000264 _____ C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
      2017-12-08 18:23 - 2017-12-08 18:23 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
      2017-12-08 18:23 - 2017-12-08 18:23 - 000000000 ____D C:\WINDOWS\system32\DAX2
      2017-12-08 18:23 - 2017-12-08 18:23 - 000000000 ____D C:\Program Files\Realtek
      2017-12-08 18:23 - 2017-09-29 10:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
      2017-12-08 18:22 - 2017-12-08 18:22 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
      2017-12-08 18:19 - 2017-12-22 21:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
      2017-12-08 18:19 - 2017-12-08 18:52 - 000223208 _____ C:\WINDOWS\system32\FNTCACHE.DAT
      2017-12-08 16:47 - 2017-12-08 21:17 - 000000000 ___HD C:\$SysReset
      2017-12-08 00:15 - 2017-12-08 00:15 - 025247744 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 023659008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 021754368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 019339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 018915840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 017084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 013655552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 012829696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 012687360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 011923456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 008099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 006466560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 006036480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 004814848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 004742144 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 004648528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 004487968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 003679232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 003484848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
      2017-12-08 00:15 - 2017-12-08 00:15 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 002491112 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 001259344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 001148216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 000769096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 000754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 000661664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
      2017-12-08 00:15 - 2017-12-08 00:15 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 021352136 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 017159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 013703168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
      2017-12-08 00:14 - 2017-12-08 00:14 - 007831248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 007386664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 006483176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 006092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 005906264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 003903272 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
      2017-12-08 00:14 - 2017-12-08 00:14 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 003186688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 003163648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 003010720 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 002783744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
      2017-12-08 00:14 - 2017-12-08 00:14 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 002446744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 002412168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 002339296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 002106880 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 001990160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001667584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001642520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001636376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001615720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001585376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
      2017-12-08 00:14 - 2017-12-08 00:14 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001554216 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001488792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001474680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001463856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001432816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001426160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001413760 ____N (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
      2017-12-08 00:14 - 2017-12-08 00:14 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001323840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001322496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001307136 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 001261864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
      2017-12-08 00:14 - 2017-12-08 00:14 - 001200536 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
      2017-12-08 00:14 - 2017-12-08 00:14 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001145112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001124760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001090440 ____N (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
      2017-12-08 00:14 - 2017-12-08 00:14 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
      2017-12-08 00:14 - 2017-12-08 00:14 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001005568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 001003104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
      2017-12-08 00:14 - 2017-12-08 00:14 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000924136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
      2017-12-08 00:14 - 2017-12-08 00:14 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000891800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
      2017-12-08 00:14 - 2017-12-08 00:14 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000840440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000823808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000791960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
      2017-12-08 00:14 - 2017-12-08 00:14 - 000779440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
      2017-12-08 00:14 - 2017-12-08 00:14 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 000746904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 000710920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000703536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000677280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000654048 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
      2017-12-08 00:14 - 2017-12-08 00:14 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000630752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
      2017-12-08 00:14 - 2017-12-08 00:14 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
      2017-12-08 00:14 - 2017-12-08 00:14 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000592280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000590944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
      2017-12-08 00:14 - 2017-12-08 00:14 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
      2017-12-08 00:14 - 2017-12-08 00:14 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
      2017-12-08 00:14 - 2017-12-08 00:14 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000464408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000418712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
      2017-12-08 00:14 - 2017-12-08 00:14 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
      2017-12-08 00:14 - 2017-12-08 00:14 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000353848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000353688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
      2017-12-08 00:14 - 2017-12-08 00:14 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
      2017-12-08 00:14 - 2017-12-08 00:14 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
      2017-12-08 00:14 - 2017-12-08 00:14 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000230296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
      2017-12-08 00:14 - 2017-12-08 00:14 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000198888 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000166808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
      2017-12-08 00:14 - 2017-12-08 00:14 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
      2017-12-08 00:14 - 2017-12-08 00:14 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000060824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\urscx01000.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadjcsp.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
      2017-12-08 00:14 - 2017-12-08 00:14 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
      2017-12-08 00:14 - 2017-12-08 00:14 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe
      2017-12-08 00:14 - 2017-12-08 00:14 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
      2017-12-08 00:14 - 2017-12-08 00:14 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
      2017-12-08 00:14 - 2017-12-08 00:14 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
      2017-12-07 23:56 - 2017-12-07 23:56 - 001166520 ____N (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
      2017-12-07 23:56 - 2017-12-07 23:56 - 000778936 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
      2017-12-07 23:56 - 2017-12-07 23:56 - 000124624 ____N (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
      2017-12-07 23:56 - 2017-12-07 23:56 - 000103120 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
      2017-12-07 23:56 - 2017-12-07 23:56 - 000035456 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
      2017-12-07 23:56 - 2017-12-07 23:56 - 000035456 ____N (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
      2017-12-07 22:55 - 2017-12-07 22:55 - 000000000 ___HD C:\Users\Nahuel Correa\MicrosoftEdgeBackups
      2017-12-07 22:53 - 2017-12-08 19:04 - 000000000 ___RD C:\Users\Nahuel Correa\3D Objects
      2017-12-06 19:49 - 2016-08-17 19:43 - 1190616106 _____ C:\Users\Nahuel Correa\Downloads\13. DRAGON BALL Z EL ATAQUE DEL DRAGON 1080P.mkv
      2017-12-03 23:44 - 2017-12-03 23:44 - 000641696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140.dll
      2017-12-03 23:44 - 2017-12-03 23:44 - 000389296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vccorlib140.dll
      2017-12-03 23:44 - 2017-12-03 23:44 - 000331432 _____ (Microsoft Corporation) C:\WINDOWS\system32\concrt140.dll
      2017-12-03 23:44 - 2017-12-03 23:44 - 000087728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140.dll
      2017-12-03 23:38 - 2017-12-03 23:38 - 000440128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140.dll
      2017-12-03 23:38 - 2017-12-03 23:38 - 000263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vccorlib140.dll
      2017-12-03 23:38 - 2017-12-03 23:38 - 000242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\concrt140.dll
      2017-12-03 23:38 - 2017-12-03 23:38 - 000083792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140.dll
      2017-12-02 20:42 - 2016-11-07 19:10 - 000000418 _____ C:\Users\Nahuel Correa\Downloads\GOKU LA LEYENDA.txt
      2017-12-02 20:41 - 2016-08-17 18:04 - 1566810606 _____ C:\Users\Nahuel Correa\Downloads\DRAGON BALL Z EL PODER INVENCIBLE 1080P.mkv
      2017-12-02 12:58 - 2017-12-02 12:59 - 566660916 _____ C:\Users\Nahuel Correa\Downloads\Dragon Ball Super - 116 [1080p] [MX-EN-PT] [90AF580A].mkv
      2017-12-01 23:37 - 2017-12-01 23:38 - 014277062 _____ C:\Users\Nahuel Correa\Downloads\QooApp-v219.apk
      2017-12-01 23:19 - 2017-12-01 23:35 - 263944456 _____ (BlueStack Systems Inc.) C:\Users\Nahuel Correa\Downloads\BlueStacks-Installer_BS3_native_9485baf36189dd0ed80b0e1aaa691f41.exe
      2017-12-01 18:41 - 2017-12-01 18:43 - 057696573 _____ C:\Users\Nahuel Correa\Downloads\Fate Grand Order English_v1.8.0_apkpure.com.apk
      2017-12-01 00:43 - 2017-12-01 00:46 - 057662310 _____ C:\Users\Nahuel Correa\Downloads\Fate Grand Order English_v1.7.0_apkpure.com.apk
      2017-11-30 15:12 - 2017-11-30 15:12 - 368024859 _____ C:\Users\Nahuel Correa\Downloads\[NinjinAnime] F4t3 Ap0cryph4 20.mp4
      2017-11-25 09:12 - 2017-11-25 11:06 - 000000000 ____D C:\Users\Nahuel Correa\Downloads\Koe no Katachi 720p

      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-12-22 17:57 - 2017-08-01 19:03 - 000000000 __SHD C:\Users\Nahuel Correa\IntelGraphicsProfiles
      2017-12-22 15:42 - 2017-08-16 00:31 - 000003584 ___SH C:\Users\Nahuel Correa\Desktop\Thumbs.db
      2017-12-21 14:27 - 2017-08-04 22:42 - 000000000 ___HD C:\Users\Nahuel Correa\Downloads\Programas
      2017-12-20 17:48 - 2017-08-11 20:12 - 000002300 _____ C:\Users\Nahuel Correa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
      2017-12-15 09:08 - 2016-10-19 01:36 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
      2017-12-08 22:10 - 2017-08-07 19:30 - 000000000 ___HD C:\Users\Nahuel Correa\Downloads\Música
      2017-12-08 19:12 - 2017-08-01 19:09 - 000000000 ___RD C:\Users\Nahuel Correa\OneDrive
      2017-12-08 19:04 - 2016-10-18 03:02 - 000000000 __RHD C:\Users\Public\AccountPictures
      2017-12-08 18:54 - 2016-07-16 08:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
      2017-12-08 18:45 - 2016-10-18 21:28 - 000000000 ____D C:\Program Files (x86)\OEM
      2017-12-08 18:45 - 2016-10-18 20:55 - 000000000 ____D C:\Program Files (x86)\Realtek
      2017-12-08 18:44 - 2016-10-19 01:35 - 000000000 ____D C:\Program Files\Microsoft Office 15
      2017-12-08 18:44 - 2016-10-18 21:36 - 000000000 ____D C:\Program Files (x86)\Intel
      2017-12-08 18:44 - 2016-10-18 21:26 - 000000000 ____D C:\Program Files\OEM
      2017-12-08 18:44 - 2016-10-18 20:55 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
      2017-12-07 22:15 - 2017-08-20 00:20 - 000000000 ____D C:\Users\Nahuel Correa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam
      2017-12-07 22:15 - 2017-08-16 00:09 - 000000000 ____D C:\Users\Nahuel Correa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Creator
      2017-11-27 11:33 - 2017-08-24 21:36 - 000202240 ___SH C:\Users\Nahuel Correa\Downloads\Thumbs.db
      2017-11-24 14:53 - 2017-08-20 14:42 - 000000000 ___HD C:\Users\Nahuel Correa\Downloads\RAR Y COMPRIMIDOS
      2017-11-22 00:12 - 2017-11-21 12:35 - 000000000 ____D C:\Users\N.Correa\Desktop\PLANO ELECTRICIDAD BETA

      Some files in TEMP:
      ====================
      2017-12-21 21:35 - 2017-12-21 21:41 - 015940712 _____ () C:\Users\Nahuel Correa\AppData\Local\Temp\psiphon-tunnel-core.exe

      ==================== Bamital & volsnap ======================

      (There is no automatic fix for files that do not pass verification.)

      C:\WINDOWS\system32\winlogon.exe => File is digitally signed
      C:\WINDOWS\system32\wininit.exe => File is digitally signed
      C:\WINDOWS\explorer.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
      C:\WINDOWS\system32\svchost.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
      C:\WINDOWS\system32\services.exe => File is digitally signed
      C:\WINDOWS\system32\User32.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
      C:\WINDOWS\system32\userinit.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
      C:\WINDOWS\system32\rpcss.dll => File is digitally signed
      C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
      C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

      LastRegBack: 2017-12-18 22:20

      ==================== End of FRST.txt ============================

    6. #6
      Usuario Avatar de Nahuel.E
      Registrado
      dic 2016
      Ubicación
      Argentina
      Mensajes
      9

      Re: Problema con Chromesearch.club en Chrome

      Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2017
      Ran by Nahuel Correa (22-12-2017 23:01:14)
      Running from C:\Users\Nahuel Correa\Desktop
      Windows 10 Home Single Language Version 1709 16299.98 (X64) (2017-12-08 22:02:18)
      Boot Mode: Normal
      ==========================================================


      ==================== Accounts: =============================

      Administrador (S-1-5-21-979463743-2009168747-106137122-500 - Administrator - Disabled)
      DefaultAccount (S-1-5-21-979463743-2009168747-106137122-503 - Limited - Disabled)
      defaultuser0 (S-1-5-21-979463743-2009168747-106137122-1000 - Limited - Enabled) => C:\Users\defaultuser0
      HomeGroupUser$ (S-1-5-21-979463743-2009168747-106137122-1008 - Limited - Enabled)
      Invitado (S-1-5-21-979463743-2009168747-106137122-501 - Limited - Disabled)
      N.Correa (S-1-5-21-979463743-2009168747-106137122-1004 - Limited - Enabled) => C:\Users\N.Correa
      Nahuel Correa (S-1-5-21-979463743-2009168747-106137122-1001 - Administrator - Enabled) => C:\Users\Nahuel Correa
      WDAGUtilityAccount (S-1-5-21-979463743-2009168747-106137122-504 - Limited - Disabled)

      ==================== Security Center ========================

      (If an entry is included in the fixlist, it will be removed.)

      AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
      AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
      AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

      ==================== Installed Programs ======================

      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

      4K Video Downloader 4.4 (HKLM-x32\...\{F350AF86-CD2C-45DC-9F5E-9C1A6789E537}) (Version: 4.4.0.2235 - Open Media LLC)
      AIMP (HKLM-x32\...\AIMP) (Version: v4.50.2048, 19.11.2017 - AIMP DevTeam)
      Audacity 2.2.1 (HKLM-x32\...\Audacity_is1) (Version: 2.2.1 - Audacity Team)
      CCleaner (HKLM\...\CCleaner) (Version: 5.37 - Piriform)
      Driver 1.3.8 (HKLM\...\{BA56CD60-1D9F-4BE6-AC2F-B7C4A5437C35}) (Version: 1.3.8 - OEM)
      EPSON XP-211 214 216 Series Printer Uninstall (HKLM\...\EPSON XP-211 214 216 Series) (Version: - SEIKO EPSON Corporation)
      ES 1.0.2 (HKLM-x32\...\{AADF4228-0772-4D43-92EB-B245E3A17B00}) (Version: 1.0.2 - OEM)
      Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.)
      Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
      Intel(R) Chipset Device Software (HKLM-x32\...\{d4874f67-8c81-475b-91e0-8de9b2892499}) (Version: 10.1.1.12 - Intel(R) Corporation) Hidden
      Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4320 - Intel Corporation)
      K-Lite Codec Pack 13.7.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.7.0 - KLCP)
      Malwarebytes versión 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
      MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
      Microsoft Office Hogar y Estudiantes 2016 - es-es (HKLM\...\HomeStudentRetail - es-es) (Version: 16.0.8730.2127 - Microsoft Corporation)
      Microsoft OneDrive (HKU\S-1-5-21-979463743-2009168747-106137122-1001\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
      Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8730.2127 - Microsoft Corporation) Hidden
      Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8730.2127 - Microsoft Corporation) Hidden
      Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8730.2127 - Microsoft Corporation) Hidden
      Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.8730.2127 - Microsoft Corporation) Hidden
      OSD 1.16.10 (HKLM\...\{5A9C96FE-1376-45E1-8556-C81255F0B5A7}) (Version: 1.16.10 - OEM)
      Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.92 - Realtek Semiconductor Corp.)
      Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
      Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7695 - Realtek Semiconductor Corp.)
      Spotify (HKU\S-1-5-21-979463743-2009168747-106137122-1001\...\Spotify) (Version: 1.0.70.388.g8e1ed5af - Spotify AB)
      Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.10.0 - Synaptics Incorporated)

      ==================== Custom CLSID (Whitelisted): ==========================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
      ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
      ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
      ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
      ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
      ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
      ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-12-08] (AIMP DevTeam)
      ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
      ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
      ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
      ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
      ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
      ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
      ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-12-08] (AIMP DevTeam)
      ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
      ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
      ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
      ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-01] (Intel Corporation)
      ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)

      ==================== Scheduled Tasks (Whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      Task: {029DD01A-3AB4-4A23-8693-6EE21B7B3962} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-12-07] (Microsoft Corporation)
      Task: {04B08947-96B5-464D-8DA5-115D06D7D84A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-08] (Google Inc.)
      Task: {3EA744D3-3080-43FD-AE8C-4DEF285E2098} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-11-08] (Piriform Ltd)
      Task: {539749B2-AAB3-4A72-A152-715615895B7B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-09] (Microsoft Corporation)
      Task: {541410AC-F8E9-43F8-8658-F41A70F10AAD} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-12-15] (Microsoft Corporation)
      Task: {65D93342-D144-4B6F-BB18-702711547488} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-08] (Google Inc.)
      Task: {86DD3FF3-8F13-42AC-A862-995F4E3DA8E8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-09] (Microsoft Corporation)
      Task: {8F5DD2C8-BA58-4BED-BAF5-E16123612CB2} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Administrador\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
      Task: {B1D5476C-17BB-4F1D-BDD7-AF23464CC368} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-09] (Microsoft Corporation)
      Task: {BED6C0F8-DED0-4230-9DC3-BA24DD62C487} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-12-15] (Microsoft Corporation)
      Task: {D369815A-BCA3-4080-9D7B-9265398FFD4E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-12-07] (Microsoft Corporation)
      Task: {E04A6A8A-1CB3-430A-A2DA-2485453794B9} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-11-08] (Piriform Ltd)
      Task: {E2789EA9-7586-4120-AA00-F9E5B1849E8C} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-12-07] ()
      Task: {ED31E1C7-1DA8-46B4-8B2E-2537C739DAF2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-09] (Microsoft Corporation)

      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

      Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

      ==================== Shortcuts & WMI ========================

      (The entries could be listed to be restored or removed.)


      ==================== Loaded Modules (Whitelisted) ==============

      2017-09-29 10:41 - 2017-09-29 10:41 - 000184432 ____N () C:\WINDOWS\SYSTEM32\inputhost.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
      2017-12-08 00:15 - 2017-12-08 00:15 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
      2017-12-12 10:21 - 2017-12-12 10:23 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe
      2017-12-12 10:21 - 2017-12-12 10:23 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
      2017-12-12 10:21 - 2017-12-12 10:23 - 024735744 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkyWrap.dll
      2017-12-12 10:21 - 2017-12-12 10:23 - 002551808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\skypert.dll

      ==================== Alternate Data Streams (Whitelisted) =========

      (If an entry is included in the fixlist, only the ADS will be removed.)


      ==================== Safe Mode (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

      ==================== Association (Whitelisted) ===============

      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


      ==================== Internet Explorer trusted/restricted ===============

      (If an entry is included in the fixlist, it will be removed from the registry.)


      ==================== Hosts content: ===============================

      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

      2016-07-16 08:47 - 2016-07-16 08:45 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


      ==================== Other Areas ============================

      (Currently there is no automatic fix for this section.)

      HKU\S-1-5-21-979463743-2009168747-106137122-1001\Control Panel\Desktop\\Wallpaper ->
      DNS Servers: 192.168.1.1
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
      Windows Firewall is enabled.

      ==================== MSCONFIG/TASK MANAGER disabled items ==


      ==================== FirewallRules (Whitelisted) ===============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      FirewallRules: [{E86BC312-1E28-494D-8C27-1070EC647BDE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      FirewallRules: [TCP Query User{4EB2B7B2-AF9F-4335-8598-57F7A98C4FDE}C:\windows.old\users\nahuel correa\appdata\roaming\spotify\spotify.exe] => (Allow) C:\windows.old\users\nahuel correa\appdata\roaming\spotify\spotify.exe
      FirewallRules: [UDP Query User{A297DAF7-9287-430F-8569-ED784E57D499}C:\windows.old\users\nahuel correa\appdata\roaming\spotify\spotify.exe] => (Allow) C:\windows.old\users\nahuel correa\appdata\roaming\spotify\spotify.exe
      FirewallRules: [TCP Query User{40D4B676-715B-4278-9DBB-A4B59B8B4C77}C:\users\nahuel correa\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\nahuel correa\appdata\roaming\spotify\spotify.exe
      FirewallRules: [UDP Query User{AE2C4E5A-108D-4743-89E5-F4C53DFAE944}C:\users\nahuel correa\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\nahuel correa\appdata\roaming\spotify\spotify.exe

      ==================== Restore Points =========================

      20-12-2017 16:22:12 Windows Update
      22-12-2017 17:18:08 Operación de restauración
      22-12-2017 18:21:24 JRT Pre-Junkware Removal
      22-12-2017 22:35:42 JRT Pre-Junkware Removal

      ==================== Faulty Device Manager Devices =============


      ==================== Event log errors: =========================

      Application errors:
      ==================
      Error: (12/22/2017 06:35:22 PM) (Source: SideBySide) (EventID: 78) (User: )
      Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Audacity\audacity.exe". Error en el archivo de manifiesto o directiva "" en la línea .
      Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
      Los componentes en conflicto son:.
      Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.98_none_cc930a042215c348.manifest.
      Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.98_none_144040db3691ec4e.manifest.

      Error: (12/22/2017 06:35:01 PM) (Source: SideBySide) (EventID: 78) (User: )
      Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Audacity\audacity.exe". Error en el archivo de manifiesto o directiva "" en la línea .
      Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
      Los componentes en conflicto son:.
      Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.98_none_cc930a042215c348.manifest.
      Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.98_none_144040db3691ec4e.manifest.

      Error: (12/22/2017 05:57:44 PM) (Source: System Restore) (EventID: 8210) (User: )
      Description: Error no especificado durante Restaurar sistema: (Windows Update). Información adicional: 0x80070005.

      Error: (12/22/2017 05:18:02 PM) (Source: SPP) (EventID: 16389) (User: )
      Description: Error que permite reintentar la operación en el lector MSSearch Service Writer durante la creación de instantáneas. Reintentando...

      Más información: .

      Error: (12/22/2017 05:18:02 PM) (Source: SPP) (EventID: 16389) (User: )
      Description: Error que permite reintentar la operación en el lector Registry Writer durante la creación de instantáneas. Reintentando...

      Más información: .

      Error: (12/22/2017 05:18:02 PM) (Source: SPP) (EventID: 16389) (User: )
      Description: Error que permite reintentar la operación en el lector COM+ REGDB Writer durante la creación de instantáneas. Reintentando...

      Más información: .

      Error: (12/22/2017 05:18:02 PM) (Source: SPP) (EventID: 16389) (User: )
      Description: Error que permite reintentar la operación en el lector Shadow Copy Optimization Writer durante la creación de instantáneas. Reintentando...

      Más información: .

      Error: (12/22/2017 05:18:02 PM) (Source: SPP) (EventID: 16389) (User: )
      Description: Error que permite reintentar la operación en el lector WMI Writer durante la creación de instantáneas. Reintentando...

      Más información: .

      Error: (12/22/2017 05:18:02 PM) (Source: SPP) (EventID: 16389) (User: )
      Description: Error que permite reintentar la operación en el lector System Writer durante la creación de instantáneas. Reintentando...

      Más información: .

      Error: (12/22/2017 10:46:16 AM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: wuauclt.exe, versión: 10.0.16299.98, marca de tiempo: 0xefd6d9e3
      Nombre del módulo con errores: combase.dll, versión: 10.0.16299.15, marca de tiempo: 0x3db461b4
      Código de excepción: 0xc0000005
      Desplazamiento de errores: 0x00000000000b67f5
      Identificador del proceso con errores: 0x1af8
      Hora de inicio de la aplicación con errores: 0x01d37ac2f8ee371d
      Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\wuauclt.exe
      Ruta de acceso del módulo con errores: C:\WINDOWS\System32\combase.dll
      Identificador del informe: a2f8215f-2820-40ee-a8f3-85a7f4be2c25
      Nombre completo del paquete con errores:
      Identificador de aplicación relativa del paquete con errores:


      System errors:
      =============
      Error: (12/22/2017 10:05:29 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-R32H710)
      Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
      {D63B10C5-BB46-4990-A94F-E40B9D520160}
      y APPID
      {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
      al usuario DESKTOP-R32H710\Nahuel Correa con SID (S-1-5-21-979463743-2009168747-106137122-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

      Error: (12/22/2017 09:27:59 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-R32H710)
      Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
      {D63B10C5-BB46-4990-A94F-E40B9D520160}
      y APPID
      {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
      al usuario DESKTOP-R32H710\Nahuel Correa con SID (S-1-5-21-979463743-2009168747-106137122-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

      Error: (12/22/2017 07:01:06 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-R32H710)
      Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
      {D63B10C5-BB46-4990-A94F-E40B9D520160}
      y APPID
      {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
      al usuario DESKTOP-R32H710\Nahuel Correa con SID (S-1-5-21-979463743-2009168747-106137122-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

      Error: (12/22/2017 06:59:22 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-R32H710)
      Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
      {D63B10C5-BB46-4990-A94F-E40B9D520160}
      y APPID
      {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
      al usuario DESKTOP-R32H710\Nahuel Correa con SID (S-1-5-21-979463743-2009168747-106137122-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

      Error: (12/22/2017 06:47:46 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-R32H710)
      Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
      {D63B10C5-BB46-4990-A94F-E40B9D520160}
      y APPID
      {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
      al usuario DESKTOP-R32H710\Nahuel Correa con SID (S-1-5-21-979463743-2009168747-106137122-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

      Error: (12/22/2017 06:35:56 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-R32H710)
      Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
      {D63B10C5-BB46-4990-A94F-E40B9D520160}
      y APPID
      {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
      al usuario DESKTOP-R32H710\Nahuel Correa con SID (S-1-5-21-979463743-2009168747-106137122-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

      Error: (12/22/2017 06:12:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
      Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
      {D63B10C5-BB46-4990-A94F-E40B9D520160}
      y APPID
      {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
      al usuario NT AUTHORITY\LOCAL SERVICE con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

      Error: (12/22/2017 05:59:10 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-R32H710)
      Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
      {D63B10C5-BB46-4990-A94F-E40B9D520160}
      y APPID
      {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
      al usuario DESKTOP-R32H710\Nahuel Correa con SID (S-1-5-21-979463743-2009168747-106137122-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

      Error: (12/22/2017 05:59:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
      Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
      {D63B10C5-BB46-4990-A94F-E40B9D520160}
      y APPID
      {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
      al usuario NT AUTHORITY\NETWORK SERVICE con SID (S-1-5-20) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

      Error: (12/22/2017 05:58:47 PM) (Source: ACPI) (EventID: 13) (User: )
      Description: : la controladora integrada (EC) no respondió en el período de tiempo de espera especificado. Puede deberse a un error en el firmware o hardware de EC, o a un acceso incorrecto a la EC por parte del BIOS. Pregunte al fabricante del equipo si dispone de un BIOS actualizado. En algunas situaciones, este error puede provocar el funcionamiento incorrecto del equipo.


      CodeIntegrity:
      ===================================
      Date: 2017-12-22 22:24:56.711
      Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

      Date: 2017-12-22 22:24:53.445
      Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

      Date: 2017-12-22 22:24:29.895
      Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

      Date: 2017-12-22 22:24:28.981
      Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

      Date: 2017-12-22 22:24:17.101
      Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

      Date: 2017-12-22 22:24:16.713
      Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

      Date: 2017-12-22 18:35:45.306
      Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

      Date: 2017-12-22 18:35:44.441
      Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

      Date: 2017-12-22 18:35:31.176
      Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

      Date: 2017-12-22 18:35:30.675
      Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


      ==================== Memory info ===========================

      Processor: Intel(R) Celeron(R) CPU N3060 @ 1.60GHz
      Percentage of memory in use: 37%
      Total physical RAM: 4012.53 MB
      Available physical RAM: 2506.34 MB
      Total Virtual: 4716.53 MB
      Available Virtual: 3165 MB

      ==================== Drives ================================

      Drive c: (Windows) (Fixed) (Total:464.72 GB) (Free:366.13 GB) NTFS

      ==================== MBR & Partition Table ==================

      ========================================================
      Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)

      Partition: GPT.

      ==================== End of Addition.txt ============================

    7. #7
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      24.364

      Re: Problema con Chromesearch.club en Chrome

      Hola

      Sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

      • Para hacerlo descarga >> DelFix en tu escritorio.
        • Doble clic para ejecutarlo.(Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")
        • Marca unicamente la casilla "Create registry backup".
      • Pulsar en Run.

        Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


      A continuación inicia tu equipo desde el >> Modo Seguro de Windows con función de red.

      Si tu SO es Windows 8/8.1/10 usa el 2º MÉTODO: de esta Faq de Windows 8 (aplicable a Windows 10) >> ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.


      Con los demás programas cerrados ve a >> Inicio >> Ejecutar >> y escribe notepad.exe.

      Ahora copia y pega estos archivos dentro del Notepad: (Se excluye la palabra código)

      Código:
      Start
      CreateRestorePoint:
      CloseProcesses:
      
      GroupPolicy: Restriction - Chrome <==== ATTENTION
      CHR StartupUrls: Default -> "hxxps://translate.google.com/#en/es/track%20team","hxxps://www.palbin.com/es/blog/p227-como-eliminar-un-secuestrador-de-navegador-en-4-pasos.html","hxxps://losvirus.es/chromesearch-club/","hxxp://google.com.ar/"
      CHR Extension: (Documentos) - C:\Users\Nahuel Correa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-08]
      CHR Extension: (Documentos de Google sin conexión) - C:\Users\Nahuel Correa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-08]
      CHR Extension: (Chrome Media Router) - C:\Users\Nahuel Correa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-08]
      CHR HKLM-x32\...\Chrome\Extension: [ccjleegmemocfpghkhpjmiccjcacackp] - hxxps://clients2.google.com/service/update2/crx
      R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
      S2 WinZip Compression Smart Monitor Service; "C:\Program Files\WinZip\WinZip Smart Monitor\WinZip Compression Smart Monitor Service.exe" [X]
      2017-12-08 18:24 - 2017-12-22 17:57 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
      2017-12-08 18:24 - 2017-12-08 18:24 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
      ShellIconOverlayIdentifiers: [  MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
      ShellIconOverlayIdentifiers: [  MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
      ShellIconOverlayIdentifiers: [  MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
      ShellIconOverlayIdentifiers-x32: [  MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
      ShellIconOverlayIdentifiers-x32: [  MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
      ShellIconOverlayIdentifiers-x32: [  MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
      ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
      ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
      ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
      ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
      ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File 
      
      CMD: ipconfig /flushdns
      CMD: ipconfig /renew
      CMD: bitsadmin /reset /allusers
      RemoveProxy:
      EmptyTemp:
      Hosts:
      end
      • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

      Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

      ATENCION!!!! El siguiente Script de reparación fue hecho específicamente por un miembro del staff para este usuario, si tiene un problema similar por favor abra su propio tema para recibir ayuda personalizada. Usar Scripts de otros usuarios puede causar daños a su equipo

      • Ejecutas Frst.exe.
      • Presionas el botón Fix y aguardas a que termine.
      • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
      • Lo pegas en tu próxima respuesta.


      Pon el reporte y comenta como sigue el problema.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    8. #8
      Usuario Avatar de Nahuel.E
      Registrado
      dic 2016
      Ubicación
      Argentina
      Mensajes
      9

      Re: Problema con Chromesearch.club en Chrome

      Hola de nuevo.

      He probado reparar las Políticas de Chrome y funcionó. Muchas gracias por tu ayuda, tema solucionado.

    9. #9
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      24.364

      Re: Problema con Chromesearch.club en Chrome

      Hola Nahuel.E

      Sigue estos pasos, para eliminar las herramientas utilizadas:


      • Utiliza de nuevo >> Descarga >> DelFix

        • Doble clic para ejecutarlo.(Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")
        • Marca todas las casillas.

      • Pulsar en Run.

        Se abrirá el informe (DelFix.txt), revisa que se hayan eliminado las herramientas utilizadas.



      Gracias a ti por confiar en ForoSpyware. Ha sido un placer ayudarte

      Nos alegramos que se te haya resuelto Damos el tema por solucionado.


      Si deseas REABRIR ESTE TEMA presiona para reportarlo Como Reportar Mensajes?.

      Como recomendación final, te invitamos a seguirnos en nuestros canales de difusión: Blog, Twitter, Facebook, para estar al tanto de los nuevos malwares y cómo prevenirlos.
      *** Tema solucionado ***


      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.