AnitUsbShortCut


#1

Cada vez que inicio mi ordenador me salen entre 2 a 4 recuadros con el siguiente aviso: “line 0file C:/AntiShortCut/AntiUsbShortCut.zip” He visto en un post anterior 5 pasos a seguir, los estoy ejecutando y voy a copiar los informes esperando puedan ayudarme.

Gracias


#2

Aqui les dejo el reporte de de malewarebyte PARTE 1:


Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 28/2/19
Hora del análisis: 10:24
Archivo de registro: ec98c6e5-3b6c-11e9-a159-101f74cd2a34.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.538
Versión del paquete de actualización: 1.0.9430
Licencia: Gratis

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: ATOM-PC\SAHUA

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 300290
Amenazas detectadas: 714
Amenazas en cuarentena: 704
Tiempo transcurrido: 36 min, 0 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 18
PUP.Optional.SearchManager.BITSRST, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nahhmpbckpgdidfnmfkfgiflpjijilce, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\nahhmpbckpgdidfnmfkfgiflpjijilce, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nahhmpbckpgdidfnmfkfgiflpjijilce, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.InstallCore, HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\CSASTATS\ic, En cuarentena, [421], [586068],1.0.9430
PUP.Optional.WinYahoo, HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}, En cuarentena, [237], [182758],1.0.9430
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}, En cuarentena, [237], [182758],1.0.9430
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}, En cuarentena, [237], [182758],1.0.9430
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2D111805-E0DF-4234-8564-CA7AD0AAAC4D}, En cuarentena, [237], [308968],1.0.9430
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{2D111805-E0DF-4234-8564-CA7AD0AAAC4D}, En cuarentena, [237], [308968],1.0.9430
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Yahoo! Powered micol, En cuarentena, [237], [308968],1.0.9430
PUP.Optional.InstallCore, HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\PRODUCTSETUP, En cuarentena, [421], [481004],1.0.9430
PUP.Optional.WinYahoo, HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En cuarentena, [237], [182758],1.0.9430
PUP.Optional.WinYahoo, HKU\S-1-5-21-3317693104-3463003405-3107741733-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En cuarentena, [237], [182758],1.0.9430
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En cuarentena, [237], [182758],1.0.9430
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, En cuarentena, [237], [182758],1.0.9430

Valor del registro: 13
PUP.Optional.SearchManager.BITSRST, HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|pilplloabdedfmialnfchjomjmpjcoej, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, HKU\S-1-5-21-3317693104-3463003405-3107741733-1035\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|pilplloabdedfmialnfchjomjmpjcoej, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, HKU\S-1-5-21-3317693104-3463003405-3107741733-501\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|pilplloabdedfmialnfchjomjmpjcoej, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|nahhmpbckpgdidfnmfkfgiflpjijilce, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, HKU\S-1-5-21-3317693104-3463003405-3107741733-1035\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|nahhmpbckpgdidfnmfkfgiflpjijilce, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, HKU\S-1-5-21-3317693104-3463003405-3107741733-501\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|nahhmpbckpgdidfnmfkfgiflpjijilce, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}|URL, En cuarentena, [237], [182758],1.0.9430
PUP.Optional.WinYahoo, HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}|URL, En cuarentena, [237], [182757],1.0.9430
PUP.Optional.BrowserProtect, HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TABBEDBROWSING|BPROTECTSHOWTABSWELCOME, En cuarentena, [898], [538248],1.0.9430
PUP.Optional.InstallCore, HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\PRODUCTSETUP|TB, En cuarentena, [421], [481004],1.0.9430
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2D111805-E0DF-4234-8564-CA7AD0AAAC4D}|PATH, En cuarentena, [237], [308967],1.0.9430
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, En cuarentena, [237], [182758],1.0.9430
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}|URL, En cuarentena, [237], [182758],1.0.9430

Datos del registro: 3
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Sustituido, [237], [293461],1.0.9430
PUP.Optional.WinYahoo, HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Sustituido, [237], [293459],1.0.9430
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Sustituido, [237], [293461],1.0.9430

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 76
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\sitesThumbnails, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\converter, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\weather, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\icons, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\films, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\icons, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\tiles, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\maps, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\_locales\pt_BR, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\fonts, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\fonts, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\_locales\en, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\_locales\fr, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\_locales\hi, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\_locales\vi, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\skin\icons, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\skin\icons, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\_metadata, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\_metadata, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\_locales, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\vendor, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\vendor, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\skin, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\skin, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\icons, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\fonts, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\skin\icons, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\_metadata, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\vendor, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\skin, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\USERS\NADIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\sitesThumbnails, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\converter, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\weather, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\films, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\icons, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\tiles, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\maps, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\_locales\pt_BR, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\fonts, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\_locales\en, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\_locales\fr, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\_locales\hi, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\_locales\vi, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\skin\icons, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\_metadata, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\_locales, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\vendor, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\skin, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\USERS\SAHUA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\USERS\INVITADO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\weather, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\icons, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\fonts, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\skin\icons, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\_metadata, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\vendor, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\skin, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\USERS\NADIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\nahhmpbckpgdidfnmfkfgiflpjijilce, En cuarentena, [266], [626739],1.0.9430

Archivo: 604
PUP.Optional.WinYahoo, C:\WINDOWS\TASKS\Yahoo! Powered micol.job, En cuarentena, [237], [308966],1.0.9430
PUP.Optional.SearchManager, C:\USERS\SAHUA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage, En cuarentena, [2050], [453138],1.0.9430
PUP.Optional.SearchManager, C:\USERS\INVITADO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage, En cuarentena, [2050], [453138],1.0.9430
PUP.Optional.SearchManager, C:\USERS\INVITADO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage-journal, En cuarentena, [2050], [453138],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\fonts\HelveticaNeue-Thin.otf, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\fonts\HelveticaNeueLT-Roman.woff, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\fonts\neue-bold.woff, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\fonts\neue.woff, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\icons\128.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\icons\16.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\icons\48.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\icons\close.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\icons\favicon.ico, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\icons\trends.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\01d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\01n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\02d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\02n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\03d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\03n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\04d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\04n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\09d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\09n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\10d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\10n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\11d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\11n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\13d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\13n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\50d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\50n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\hero-bg.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\bing.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\bing_large.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\bluesky-bg.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\brush.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\bt.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\clock.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\cloud.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\cupcake-bg.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\desk-bg.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\doodle.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\down.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\eyeglass.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\google.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\google_large.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\just-the-box-empty.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\just-the-box.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\mountain-bg.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\pointer2.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\radio-selected.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\radio-unselected.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\sea-bg.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\settings.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\star-unselected.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\star.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\toggle-off.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\toggle-on.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\transparent_img.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\yahoo.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\yahoo.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\yahoo_large.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\bundle.v0.0.1.min.css, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\skin\icons\16.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\vendor\md5.min.js, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\vendor\react-dom.min.js, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\vendor\react-with-addons.min.js, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\vendor\underscore-min.js, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\_metadata\verified_contents.json, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\2bfc185be71f44cd73ac81511fc1f5a5.woff, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\b495e340f4ef8924fea0284c1bf9e7ac.woff, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\background.html, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\background.v0.0.1.min.js, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\c5a5cbf4dbcaa7064f2bc77f52101aec.otf, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\client.v0.0.1.min.js, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\common.js, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\e5d3501d500d07b0a1e952b0f8a81d78.woff, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\e_.json, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\index.html, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\manifest.json, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\popupTab2.html, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\popupTab2.js, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\responseConfig.json, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\fonts\HelveticaNeue-Thin.otf, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\fonts\HelveticaNeueLT-Roman.woff, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\fonts\neue-bold.woff, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\fonts\neue.woff, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\converter\close-FF8A5A.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\converter\collection-9B9B9B.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\converter\collection-FF691E.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\converter\doc-icon-FFFFFF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\converter\error-FF691E.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\converter\pdf-2-doc-9B9B9B.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\converter\pdf-2-doc-FFFFFF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\converter\pdf-icon-FFFFFF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\converter\success-FF8A5A.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\converter\tab-arrow-FF691E.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\converter\upload-FF691E.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\films\amazon-FFFFFF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\films\amazon.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\films\close.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\films\enlarge-000000-FFFFFF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\films\enlarge-FFCA00-000000.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\films\hulu-FFFFFF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\films\hulu.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\films\minimize-000000-FFFFFF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\films\netflix-FFFFFF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\films\netflix.svg, En cuarentena, [266], [626738],1.0.9430

#3

Aqui les dejo el reporte de de malewarebyte PARTE 2:


PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\films\refresh-FFFFFF-000000.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\films\shrink-FFCA00-000000.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\films\shuffle-000000.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\films\shuffle-FFFFFF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\films\vudu-FFFFFF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\films\vudu.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\icons\128.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\icons\16.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\icons\48.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\icons\close.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\icons\favicon.ico, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\icons\trends.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\maps\bing-maps-FFFFFF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\maps\from-to-icon-8881FF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\maps\google-maps-FFFFFF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\maps\location-icon-8881FF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\maps\search-4A4A4A.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\maps\search-8881FF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\maps\switch-8881FF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\maps\tab-arrow-8881FF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\maps\whereto-logo-8881FF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\maps\whereto-logo-FFFFFF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\sitesThumbnails\facebook_tile_v2.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\sitesThumbnails\aliexpress.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\sitesThumbnails\aliexpress_tile_v2.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\sitesThumbnails\amazon.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\sitesThumbnails\amazon_tile_v2.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\sitesThumbnails\booking.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\sitesThumbnails\booking_tile_v2.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\sitesThumbnails\ebay.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\sitesThumbnails\ebay_tile_v2.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\sitesThumbnails\expedia.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\sitesThumbnails\expedia_tile_v2.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\sitesThumbnails\facebook.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\sitesThumbnails\gmail.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\sitesThumbnails\gmail_tile_v2.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\sitesThumbnails\google-translate-icon-FFFFFF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\sitesThumbnails\gtranslte.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\sitesThumbnails\pinterest.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\sitesThumbnails\pinterest_tile_v2.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\sitesThumbnails\twitter.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\sitesThumbnails\twitter_tile_v2.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\sitesThumbnails\wix.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\sitesThumbnails\wix_tile_v2.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\sitesThumbnails\yahoo.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\sitesThumbnails\yahoo_tile_v2.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\sitesThumbnails\youtube.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\sitesThumbnails\youtube_tile_v2.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\tiles\DOC-to-PDF.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\tiles\PDF-to-DOC.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\tiles\Translation.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\tiles\View-PDF.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\weather\01d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\weather\01n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\weather\02d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\weather\02n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\weather\03d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\weather\03n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\weather\04d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\weather\04n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\weather\09d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\weather\09n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\weather\10d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\weather\10n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\weather\11d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\weather\11n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\weather\13d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\weather\13n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\weather\50d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\weather\50n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\down.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\alot.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\angle-arrow-down.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\bing.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\bing_large.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\bluesky-bg.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\brush.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\bt.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\clock.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\cloud.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\cupcake-bg.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\desk-bg.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\doodle.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\enhanced_google.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\eyeglass.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\eyeglass_transparent.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\films-bg.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\gmx_large.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\google.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\google_large.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\hero-bg.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\just-the-box-empty.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\just-the-box.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\mountain-bg.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\pointer2.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\radio-selected.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\radio-unselected.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\sea-bg.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\search-D7D7D7.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\search-FFFFFF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\settings.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\smallMagnifier.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\star-unselected.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\star.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\todoc.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\toggle-off.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\toggle-on.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\topdf.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\transparent_img.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\yahoo.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\yahoo.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\yahoo_large.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\yandex.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\_enhanced_google.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\images\_gmx_large.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\content\bundle.v0.0.1.min.css, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\skin\icons\16.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\vendor\md5.min.js, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\vendor\react-dom.min.js, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\vendor\react-with-addons.min.js, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\_locales\en\messages.json, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\_locales\fr\messages.json, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\_locales\hi\messages.json, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\_locales\pt_BR\messages.json, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\_locales\vi\messages.json, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\_metadata\verified_contents.json, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\2bfc185be71f44cd73ac81511fc1f5a5.woff, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\b495e340f4ef8924fea0284c1bf9e7ac.woff, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\background.html, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\background.v0.0.1.min.js, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\c5a5cbf4dbcaa7064f2bc77f52101aec.otf, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\client.v0.0.1.min.js, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\common.js.v0.0.1.min.js, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\e5d3501d500d07b0a1e952b0f8a81d78.woff, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\e_.json, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\index.html, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\manifest.json, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.60_0\responseConfig.json, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\fonts\HelveticaNeue-Thin.otf, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\fonts\HelveticaNeueLT-Roman.woff, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\fonts\neue-bold.woff, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\fonts\neue.woff, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\icons\128.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\icons\16.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\icons\48.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\icons\close.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\icons\favicon.ico, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\icons\trends.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\01d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\01n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\02d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\02n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\03d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\03n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\04d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\04n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\09d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\09n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\10d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\10n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\11d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\11n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\13d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\13n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\50d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\weather\50n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\hero-bg.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\bing.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\bing_large.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\bluesky-bg.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\brush.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\bt.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\clock.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\cloud.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\cupcake-bg.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\desk-bg.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\doodle.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\down.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\eyeglass.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\google.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\google_large.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\just-the-box-empty.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\just-the-box.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\mountain-bg.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\pointer2.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\radio-selected.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\radio-unselected.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\sea-bg.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\settings.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\star-unselected.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\star.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\toggle-off.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\toggle-on.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\transparent_img.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\yahoo.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\yahoo.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\images\yahoo_large.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\content\bundle.v0.0.1.min.css, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\skin\icons\16.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\vendor\md5.min.js, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\vendor\react-dom.min.js, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\vendor\react-with-addons.min.js, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\vendor\underscore-min.js, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\_metadata\verified_contents.json, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\2bfc185be71f44cd73ac81511fc1f5a5.woff, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\b495e340f4ef8924fea0284c1bf9e7ac.woff, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\background.html, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\background.v0.0.1.min.js, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\c5a5cbf4dbcaa7064f2bc77f52101aec.otf, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\client.v0.0.1.min.js, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\common.js, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\e5d3501d500d07b0a1e952b0f8a81d78.woff, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\e_.json, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\index.html, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\manifest.json, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\popupTab2.html, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\popupTab2.js, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.1.52_0\responseConfig.json, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\fonts\HelveticaNeue-Thin.otf, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\fonts\HelveticaNeueLT-Roman.woff, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\fonts\neue-bold.woff, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\fonts\neue.woff, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\converter\close-FF8A5A.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\converter\collection-9B9B9B.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\converter\collection-FF691E.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\converter\doc-icon-FFFFFF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\converter\error-FF691E.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\converter\pdf-2-doc-9B9B9B.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\converter\pdf-2-doc-FFFFFF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\converter\pdf-icon-FFFFFF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\converter\success-FF8A5A.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\converter\tab-arrow-FF691E.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\converter\upload-FF691E.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\films\amazon-FFFFFF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\films\amazon.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\films\close.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\films\enlarge-000000-FFFFFF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\films\enlarge-FFCA00-000000.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\films\hulu-FFFFFF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\films\hulu.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\films\minimize-000000-FFFFFF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\films\netflix-FFFFFF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\films\netflix.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\films\refresh-FFFFFF-000000.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\films\shrink-FFCA00-000000.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\films\shuffle-000000.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\films\shuffle-FFFFFF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\films\vudu-FFFFFF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\films\vudu.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\icons\128.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\icons\16.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\icons\48.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\icons\close.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\icons\favicon.ico, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\icons\trends.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\maps\bing-maps-FFFFFF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\maps\from-to-icon-8881FF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\maps\google-maps-FFFFFF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\maps\location-icon-8881FF.svg, En cuarentena, [266], [626738],1.0.9430

#4

Aqui les dejo el reporte de de malewarebyte PARTE FINAL:


A4A.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\maps\search-8881FF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\maps\switch-8881FF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\maps\tab-arrow-8881FF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\maps\whereto-logo-8881FF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\maps\whereto-logo-FFFFFF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\sitesThumbnails\facebook_tile_v2.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\sitesThumbnails\aliexpress.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\sitesThumbnails\aliexpress_tile_v2.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\sitesThumbnails\amazon.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\sitesThumbnails\amazon_tile_v2.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\sitesThumbnails\booking.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\sitesThumbnails\booking_tile_v2.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\sitesThumbnails\ebay.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\sitesThumbnails\ebay_tile_v2.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\sitesThumbnails\expedia.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\sitesThumbnails\expedia_tile_v2.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\sitesThumbnails\facebook.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\sitesThumbnails\gmail.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\sitesThumbnails\gmail_tile_v2.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\sitesThumbnails\google-translate-icon-FFFFFF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\sitesThumbnails\gtranslte.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\sitesThumbnails\pinterest.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\sitesThumbnails\pinterest_tile_v2.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\sitesThumbnails\twitter.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\sitesThumbnails\twitter_tile_v2.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\sitesThumbnails\wix.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\sitesThumbnails\wix_tile_v2.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\sitesThumbnails\yahoo.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\sitesThumbnails\yahoo_tile_v2.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\sitesThumbnails\youtube.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\sitesThumbnails\youtube_tile_v2.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\tiles\DOC-to-PDF.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\tiles\PDF-to-DOC.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\tiles\Translation.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\tiles\View-PDF.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\weather\01d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\weather\01n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\weather\02d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\weather\02n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\weather\03d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\weather\03n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\weather\04d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\weather\04n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\weather\09d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\weather\09n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\weather\10d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\weather\10n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\weather\11d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\weather\11n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\weather\13d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\weather\13n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\weather\50d.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\weather\50n.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\down.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\alot.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\angle-arrow-down.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\bing.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\bing_large.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\bluesky-bg.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\brush.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\bt.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\clock.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\cloud.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\cupcake-bg.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\desk-bg.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\doodle.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\enhanced_google.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\eyeglass.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\eyeglass_transparent.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\films-bg.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\gmx_large.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\google.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\google_large.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\hero-bg.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\just-the-box-empty.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\just-the-box.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\mountain-bg.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\pointer2.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\radio-selected.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\radio-unselected.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\sea-bg.jpg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\search-D7D7D7.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\search-FFFFFF.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\settings.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\smallMagnifier.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\star-unselected.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\star.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\todoc.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\toggle-off.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\toggle-on.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\topdf.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\transparent_img.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\yahoo.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\yahoo.svg, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\yahoo_large.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\yandex.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\_enhanced_google.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\images\_gmx_large.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\content\bundle.v0.0.1.min.css, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\skin\icons\16.png, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\vendor\md5.min.js, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\vendor\react-dom.min.js, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\vendor\react-with-addons.min.js, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\_locales\en\messages.json, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\_locales\fr\messages.json, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\_locales\hi\messages.json, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\_locales\pt_BR\messages.json, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\_locales\vi\messages.json, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\_metadata\verified_contents.json, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\2bfc185be71f44cd73ac81511fc1f5a5.woff, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\b495e340f4ef8924fea0284c1bf9e7ac.woff, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\background.html, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\background.v0.0.1.min.js, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\c5a5cbf4dbcaa7064f2bc77f52101aec.otf, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\client.v0.0.1.min.js, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\common.js.v0.0.1.min.js, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\e5d3501d500d07b0a1e952b0f8a81d78.woff, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\e_.json, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\index.html, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\manifest.json, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.70_0\responseConfig.json, En cuarentena, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\USERS\INVITADO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Error durante la eliminación, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\USERS\NADIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Error durante la eliminación, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\USERS\SAHUA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Error durante la eliminación, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\USERS\INVITADO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Sustituido, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\USERS\NADIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Sustituido, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\USERS\SAHUA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Sustituido, [266], [626738],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR0.DAT, Se eliminará al reiniciar, [266], [-1],0.0.0
PUP.Optional.SearchManager.BITSRST, C:\PROGRAMDATA\APPLICATION DATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR0.DAT, Se eliminará al reiniciar, [266], [-1],0.0.0
PUP.Optional.SearchManager.BITSRST, C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR1.DAT, Se eliminará al reiniciar, [266], [-1],0.0.0
PUP.Optional.SearchManager.BITSRST, C:\PROGRAMDATA\APPLICATION DATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR1.DAT, Se eliminará al reiniciar, [266], [-1],0.0.0
PUP.Optional.SearchManager.BITSRST, C:\DOCUMENTS AND SETTINGS\ALL USERS\MICROSOFT\NETWORK\DOWNLOADER\QMGR0.DAT, Se eliminará al reiniciar, [266], [-1],0.0.0
PUP.Optional.SearchManager.BITSRST, C:\PROGRAMDATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR0.DAT, Se eliminará al reiniciar, [266], [-1],0.0.0
PUP.Optional.SearchManager.BITSRST, C:\DOCUMENTS AND SETTINGS\ALL USERS\MICROSOFT\NETWORK\DOWNLOADER\QMGR1.DAT, Se eliminará al reiniciar, [266], [-1],0.0.0
PUP.Optional.SearchManager.BITSRST, C:\PROGRAMDATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR1.DAT, Se eliminará al reiniciar, [266], [-1],0.0.0
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\fonts\HelveticaNeue-Thin.otf, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\fonts\neue-bold.woff, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\fonts\neue.woff, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\icons\128.png, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\icons\16.png, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\icons\48.png, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\icons\close.png, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\icons\favicon.ico, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\weather\01d.svg, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\weather\01n.svg, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\weather\02d.svg, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\weather\02n.svg, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\weather\03d.svg, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\weather\03n.svg, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\weather\04d.svg, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\weather\04n.svg, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\weather\09d.svg, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\weather\09n.svg, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\weather\10d.svg, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\weather\10n.svg, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\weather\11d.svg, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\weather\11n.svg, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\weather\13d.svg, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\weather\13n.svg, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\weather\50d.svg, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\weather\50n.svg, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\bing.png, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\bing_large.png, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\bluesky-bg.jpg, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\brush.png, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\bt.png, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\clock.png, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\cloud.png, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\cupcake-bg.jpg, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\desk-bg.jpg, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\doodle.png, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\down.png, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\eyeglass.png, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\google.png, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\google_large.png, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\hero-bg.jpg, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\just-the-box.png, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\mountain-bg.jpg, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\pointer2.png, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\sea-bg.jpg, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\settings.png, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\yahoo.png, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\yahoo.svg, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\images\yahoo_large.png, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\content\bundle.v0.0.1.min.css, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\skin\icons\16.png, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\vendor\md5.min.js, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\vendor\react-dom.min.js, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\vendor\react-with-addons.min.js, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\vendor\underscore-min.js, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\_metadata\verified_contents.json, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\2bfc185be71f44cd73ac81511fc1f5a5.woff, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\b495e340f4ef8924fea0284c1bf9e7ac.woff, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\background.html, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\background.v0.0.1.min.js, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\c5a5cbf4dbcaa7064f2bc77f52101aec.otf, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\client.v0.0.1.min.js, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\common.js, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\e5d3501d500d07b0a1e952b0f8a81d78.woff, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\e_.json, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\index.html, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\manifest.json, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\popupTab2.html, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\popupTab2.js, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\Users\NADIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.0.70_0\responseConfig.json, En cuarentena, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\USERS\INVITADO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Error durante la eliminación, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\USERS\NADIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Error durante la eliminación, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\USERS\SAHUA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Error durante la eliminación, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\USERS\NADIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Sustituido, [266], [626739],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\USERS\INVITADO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [266], [626729],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\USERS\SAHUA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [266], [628563],1.0.9430
PUP.Optional.BuenoSearch, C:\USERS\SAHUA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [282], [455061],1.0.9430
PUP.Optional.BuenoSearch, C:\USERS\SAHUA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [282], [455061],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\USERS\NADIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [266], [628563],1.0.9430
PUP.Optional.BuenoSearch, C:\USERS\SAHUA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [282], [455061],1.0.9430
PUP.Optional.BuenoSearch, C:\USERS\SAHUA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [282], [455061],1.0.9430
PUP.Optional.BuenoSearch, C:\USERS\SAHUA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [282], [455061],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\USERS\INVITADO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [266], [628563],1.0.9430
PUP.Optional.WinYahoo, C:\USERS\SAHUA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [237], [454790],1.0.9430
PUP.Optional.WinYahoo, C:\USERS\SAHUA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Error durante la eliminación, [237], [454790],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\USERS\SAHUA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [266], [626729],1.0.9430
PUP.Optional.BuenoSearch, C:\USERS\SAHUA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [282], [455061],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\USERS\INVITADO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [266], [626729],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\USERS\NADIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [266], [628563],1.0.9430
PUP.Optional.BuenoSearch, C:\USERS\SAHUA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [282], [455061],1.0.9430
PUP.Optional.BuenoSearch, C:\USERS\SAHUA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Error durante la eliminación, [282], [455061],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\USERS\SAHUA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [266], [628563],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\USERS\INVITADO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [266], [628563],1.0.9430
PUP.Optional.WinYahoo, C:\USERS\SAHUA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [237], [454790],1.0.9430
PUP.Optional.WinYahoo, C:\USERS\SAHUA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Error durante la eliminación, [237], [454790],1.0.9430
PUP.Optional.SearchManager.BITSRST, C:\USERS\SAHUA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [266], [626729],1.0.9430
Adware.Elex.ShrtCln, C:\USERS\SAHUA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [272], [454721],1.0.9430
Adware.Elex.ShrtCln, C:\USERS\SAHUA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Error durante la eliminación, [272], [454721],1.0.9430
Adware.Elex.ShrtCln, C:\USERS\SAHUA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [272], [454721],1.0.9430
Adware.Elex.ShrtCln, C:\USERS\SAHUA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [272], [454721],1.0.9430

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

#5

Aqui va el reporte de adwcleaner:


# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build:    01-30-2019
# Database: 2019-01-25.2 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    02-28-2019
# Duration: 00:00:23
# OS:       Windows 7 Ultimate
# Cleaned:  44
# Failed:   11


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Users\SAHUA\AppData\Roaming\0U1E1Q1T2Z1P0S2Z1T1C
Deleted       C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Toolbar4
Deleted       C:\Program Files (x86)\globalUpdate
Deleted       C:\Users\SAHUA\AppData\Local\globalUpdate

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKU\S-1-5-18\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
Deleted       HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
Deleted       HKU\S-1-5-18\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\iWebar
Deleted       HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\iWebar
Deleted       HKCU\Software\drpsu
Deleted       HKLM\Software\Wow6432Node\SimpleFiles
Deleted       HKCU\Software\csastats
Deleted       HKCU\Software\TrustedStart
Deleted       HKU\S-1-5-18\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Object Browser
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Object Browser
Deleted       HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Object Browser
Deleted       HKCU\Software\GlobalUpdate
Deleted       HKCU\Software\Bitberry
Deleted       HKLM\Software\Wow6432Node\Clara
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
Not Deleted   HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}
Not Deleted   HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}
Deleted       HKLM\Software\Classes\Interface\{94952EC4-DB66-3F32-BE4C-F0BB875EA98E}
Deleted       HKLM\Software\Wow6432Node\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Deleted       HKLM\Software\Wow6432Node\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Deleted       HKLM\Software\Wow6432Node\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Deleted       HKLM\Software\Wow6432Node\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}
Deleted       HKLM\Software\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}
Deleted       HKLM\Software\Wow6432Node\Classes\Interface\{A1D87888-DEAA-4971-2222-5D5046F2B3BB}
Deleted       HKLM\Software\Classes\Interface\{A1D87888-DEAA-4971-2222-5D5046F2B3BB}
Deleted       HKLM\Software\Classes\Interface\{A1843388-EFC2-49C9-2222-FC0C403B0EBB}
Deleted       HKLM\Software\Classes\Interface\{0142D788-C4FC-4ED8-2222-D654E27AF7F8}
Deleted       HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3317693104-3463003405-3107741733-1000\Software\SweetIM
Deleted       HKCU\Software\Vittalia
Deleted       HKU\S-1-5-18\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Sense
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Sense
Deleted       HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Sense

***** [ Chromium (and derivatives) ] *****

Not Deleted   SoundCloud Downloader Free
Not Deleted   Search Manager
Not Deleted   Search Manager
Not Deleted   Search Manager
Not Deleted   Search Manager
Not Deleted   Search Manager
Not Deleted   Search Manager

***** [ Chromium URLs ] *****

Deleted       plusnetwork.com
Not Deleted   http://www.buenosearch.com/?babsrc=HP_ss&mntrId=143A60D81965D2A0&affID=128235&tsp=5214
Not Deleted   http://www.oursurfing.com/?type=hp&ts=1443583406&z=946affca9cdb778fb0c7265g7z8zdc4w2b7c5z0e4q&from=amt&uid=wdcxwd5000bpvt-60hxzt3_wd-wxh1a61w8672w8672
Deleted       plusnetwork.com
Deleted       Softonic ES

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [7216 octets] - [28/02/2019 11:24:11]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########


#6

Aqui el informe de JRT:


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Ultimate x64 
Ran by SAHUA (Administrator) on 28/02/2019 at 11:34:37.10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 37 

Successfully deleted: C:\Users\SAHUA\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\[email protected] (File) 
Successfully deleted: C:\Users\SAHUA\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\[email protected] (File) 
Successfully deleted: C:\Program Files (x86)\GUTC20C.tmp (File) 
Successfully deleted: C:\Users\SAHUA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0HI0GDR8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\SAHUA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\SAHUA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0Z5J51X1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\SAHUA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1RQ56D19 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\SAHUA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2IC4CTBR (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\SAHUA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4MHE5J7C (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\SAHUA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\50IM1S3Z (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\SAHUA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\SAHUA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\85N0DQ3P (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\SAHUA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8OGR89VL (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\SAHUA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\SAHUA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEEL3B62 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\SAHUA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J9G7US1S (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\SAHUA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K9LMDK21 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\SAHUA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\SAHUA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S7RQBD4S (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\SAHUA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VR03HGI3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0HI0GDR8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0Z5J51X1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1RQ56D19 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2IC4CTBR (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4MHE5J7C (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\50IM1S3Z (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\85N0DQ3P (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8OGR89VL (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEEL3B62 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J9G7US1S (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K9LMDK21 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S7RQBD4S (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VR03HGI3 (Temporary Internet Files Folder) 



Registry: 1 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value) 




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28/02/2019 at 11:47:15.41
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#7
  • Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.

  • Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits?

  • Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.

  • En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.

  • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.

En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST

Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.


#8

Reporte de FRST PARTE 1:


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.02.2019 01
Ran by SAHUA (administrator) on ATOM-PC (28-02-2019 11:49:53)
Running from C:\Users\SAHUA\Desktop
Loaded Profiles: SAHUA (Available Profiles: SAHUA & NADIA & Invitado)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\71.0.3578.15\remoting_host.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\71.0.3578.15\remoting_host.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [247016 2011-09-09] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2014-07-30] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-18] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\Run: [Facebook Update] => C:\Users\SAHUA\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-05-27] (Facebook, Inc. -> Facebook Inc.)
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19646312 2019-02-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: E - E:\SISetup.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {0a7ecb36-6124-11e4-8eba-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {0a7ecb46-6124-11e4-8eba-101f74cd2a34} - E:\LGAutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {198a96c4-c4bd-11e2-afc0-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {2cd704dc-021f-11e4-8c73-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {2cd70980-021f-11e4-8c73-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {4dd03c4d-b9af-11e2-b341-101f74cd2a34} - F:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {8920cf80-f0a7-11e3-9004-101f74cd2a34} - E:\SISetup.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {8b33d1d5-796b-11e4-be6c-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {971d6ac3-3420-11e3-92e2-101f74cd2a34} - F:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {9947ed22-14a2-11e3-8b0b-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {a0bf5f76-6604-11e4-8b9c-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {a5621601-0e98-11e4-afda-101f74cd2a34} - E:\LGAutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {afc718cd-0629-11e4-be65-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {afc718d8-0629-11e4-be65-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {cd522ec3-a455-11e4-97f2-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {cec3e748-067b-11e6-8e35-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {fb1e79a9-a4e2-11e4-a267-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {fb9255ba-dfb8-11e5-99a6-101f74cd2a34} - E:\AutoRun.exe
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [183808 2010-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.YV12] => C:\Windows\SysWOW64\yv12vfw.dll [237568 2010-11-03] (www.helixcommunity.org) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [151552 2010-01-17] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [839680 2008-09-24] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2009-09-15] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.119\Installer\chrmstp.exe [2019-02-25] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> c:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2011-08-24] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2011-09-09] (CyberLink -> CyberLink)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] -> c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll [2011-08-24] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2011-09-09] (CyberLink -> CyberLink)
Lsa: [Notification Packages] scecli c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AntiShortCutUpdate.lnk [2019-02-13]
ShortcutTarget: AntiShortCutUpdate.lnk -> C:\Windows\System32\cmd.exe (Microsoft Windows -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AntiUsbShortCutUpdate.lnk [2019-02-13]
ShortcutTarget: AntiUsbShortCutUpdate.lnk -> C:\AntiShortCut\AntiUsb.exe (AutoIt Team) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2016-10-03]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
Startup: C:\Users\NADIA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Slack.lnk [2017-03-04]
ShortcutTarget: Slack.lnk -> C:\Users\SAHUA\AppData\Local\slack\slack.exe (No File)
AlternateShell: 
GroupPolicy: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{6ADE4993-FCE0-45B2-8B1E-EF8902D60E38}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7A49B70D-8715-471C-9BD6-AA719E61CAA8}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://pe.msn.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = 
SearchScopes: HKLM-x32 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3317693104-3463003405-3107741733-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = 
SearchScopes: HKU\S-1-5-21-3317693104-3463003405-3107741733-1000 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKU\S-1-5-21-3317693104-3463003405-3107741733-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect1263.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-01-01] (Skype Software Sarl -> Skype Technologies)

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [Legacy] [not signed]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-3317693104-3463003405-3107741733-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\SAHUA\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Software Sarl -> Skype Limited)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com.pe/
CHR StartupUrls: Default -> "hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrId=143A60D81965D2A0&affID=128235&tsp=5214","hxxp://www.google.com.pe/","hxxp://pe.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_33&param1=1&param2=f%3D7%26b%3DChrome%26cc%3Dpe%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyCtD0DzztCzyyCyD0DtB0AtDyCyByByEtN0D0Tzu0StCtAtCzztN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEyCyCtDzz0CtB0DtGtAzyyEyCtGtByC0CtBtGtC0DtAtBtGzzyDtB0BtBzztDyByEzy0D0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtBtDyB0EzyyD0DtGtByE0EzytGyEzyyCyBtG0AyDtBtAtGyC0BtCtB0E0E0BtCyDyDtD0E2QtN0A0LzuyE%26cr%3D1997258894%26a%3Dwncy_ir_15_33%26os%3DWindows%2B7%2BUltimate","hxxp://pe.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_33&param1=1&param2=f%3D7%26b%3DChrome%26cc%3Dpe%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyCtD0DzztCzyyCyD0DtB0AtDyCyByByEtN0D0Tzu0StCtAtCzztN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBzz0FtDtA0BtA0FtGyD0F0DtDtG0FzzyDtDtGyB0FyD0EtG0ByD0FtCtCtBtA0AyDyD0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtBtDyB0EzyyD0DtGtByE0EzytGyEzyyCyBtG0AyDtBtAtGyC0BtCtB0E0E0BtCyDyDtD0E2QtN0A0LzuyE%26cr%3D780167650%26a%3Dwncy_ir_15_33%26os%3DWindows%2B7%2BUltimate","hxxp://www.oursurfing.com/?type=hp&ts=1443583406&z=946affca9cdb778fb0c7265g7z8zdc4w2b7c5z0e4q&from=amt&uid=wdcxwd5000bpvt-60hxzt3_wd-wxh1a61w8672w8672","hxxps://www.google.com.pe/"
CHR Profile: C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default [2019-02-28]
CHR Extension: (Presentaciones) - C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-31]
CHR Extension: (Flash Video Downloader) - C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2019-02-15]
CHR Extension: (Documentos) - C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-27]
CHR Extension: (Google Drive) - C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-08]
CHR Extension: (YouTube) - C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-08]
CHR Extension: (Búsqueda de Google) - C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-08]
CHR Extension: (Hojas de cálculo) - C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-27]
CHR Extension: (Escritorio Remoto de Chrome) - C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2018-10-11]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-04]
CHR Extension: (Bloqueador de anuncios para Youtube ™) - C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\hflefjhkfeiaignkclmphmokmmbhbhik [2019-01-19]
CHR Extension: (SoundCloud Downloader Free) - C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\libedajeiljdoodmokbppgapcfbignci [2018-10-24]
CHR Extension: (Skype) - C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-01-07]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Gmail) - C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-08]
CHR Extension: (Chrome Media Router) - C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-13]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

Opera: 
=======
OPR Extension: (cknpkphhcopjlhdcomncmkpgfbmfaapb) - C:\Users\SAHUA\AppData\Roaming\Opera Software\Opera Stable\Extensions\cknpkphhcopjlhdcomncmkpgfbmfaapb [2015-10-07]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [204288 2011-10-12] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6758976 2019-02-18] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-30] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357304 2019-02-18] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-30] (AVAST Software s.r.o. -> AVAST Software)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\71.0.3578.15\remoting_host.exe [73048 2018-10-18] (Google Inc -> Google Inc.)
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2014-05-15] (Canon Inc. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [314880 2012-03-12] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\Windows\System32\DRIVERS\Accelerometer.sys [43320 2011-05-13] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [10207232 2011-10-12] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [317952 2011-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37104 2019-02-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205400 2019-02-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [225680 2019-02-18] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196072 2019-02-18] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320696 2019-02-18] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [57960 2019-02-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [249672 2019-02-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-02-18] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [167304 2019-02-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112312 2019-02-18] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87944 2019-02-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034432 2019-02-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474456 2019-02-18] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [216784 2019-02-18] (AVAST Software s.r.o. -> AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [53904 2017-02-21] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [379952 2019-02-18] (AVAST Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [108544 2011-09-01] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [133672 2011-08-24] (Broadcom Corporation -> Broadcom Corporation.)
R3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl664.sys [4716608 2010-10-28] (Broadcom Corporation -> Broadcom Corporation)
S3 btwampfl; C:\Windows\system32\drivers\btwampfl.sys [620072 2011-08-24] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwaudio; C:\Windows\System32\drivers\btwaudio.sys [167976 2011-08-24] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwavdt; C:\Windows\System32\DRIVERS\btwavdt.sys [178728 2011-08-24] (Broadcom Corporation -> Broadcom Corporation.)
S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-08-24] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwl2cap; C:\Windows\System32\DRIVERS\btwl2cap.sys [39976 2011-08-24] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwrchid; C:\Windows\System32\DRIVERS\btwrchid.sys [21544 2011-08-24] (Broadcom Corporation -> Broadcom Corporation.)
R3 clwvd; C:\Windows\System32\DRIVERS\clwvd.sys [31216 2011-04-13] (CyberLink -> CyberLink Corporation)
R3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 hpdskflt; C:\Windows\System32\DRIVERS\hpdskflt.sys [30008 2011-05-13] (Hewlett-Packard Company -> Hewlett-Packard Company)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-23] (Huawei Technologies Co., Ltd.) [File not signed]
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-02-28] (Malwarebytes Corporation -> Malwarebytes)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
R3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [536064 2012-03-12] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-02] (AnchorFree Inc -> Anchorfree Inc.)
R0 Tpkd; C:\Windows\System32\Drivers\Tpkd.sys [103272 2009-05-21] (PACE Anti-Piracy, Inc. -> PACE Anti-Piracy, Inc.) [File not signed]
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [23200 2015-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 Huawei; system32\DRIVERS\ewdcsc.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-28 11:49 - 2019-02-28 11:51 - 000030689 _____ C:\Users\SAHUA\Desktop\FRST.txt
2019-02-28 11:49 - 2019-02-28 11:49 - 000000000 ____D C:\FRST
2019-02-28 11:47 - 2019-02-28 11:47 - 000006544 _____ C:\Users\SAHUA\Desktop\JRT.txt
2019-02-28 11:34 - 2019-02-28 11:25 - 000006405 _____ C:\Users\SAHUA\Desktop\AdwCleaner[C00].txt
2019-02-28 11:30 - 2019-02-28 11:30 - 000274416 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-02-28 11:11 - 2019-02-28 11:11 - 000157697 _____ C:\Users\SAHUA\Desktop\Malwarebytes-info.txt
2019-02-28 10:23 - 2019-02-28 10:23 - 000001827 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-02-28 10:23 - 2019-02-28 10:23 - 000000000 ____D C:\Users\SAHUA\AppData\Local\mbamtray
2019-02-28 10:23 - 2019-02-28 10:23 - 000000000 ____D C:\Users\SAHUA\AppData\Local\mbam
2019-02-28 10:23 - 2019-02-28 10:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-02-28 10:22 - 2019-02-28 10:22 - 000000000 ____D C:\Program Files\Malwarebytes
2019-02-28 10:22 - 2019-01-08 15:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-02-28 10:20 - 2019-02-28 10:20 - 000515450 _____ C:\Users\SAHUA\Documents\cc_20190228_101958.reg
2019-02-28 10:13 - 2019-02-28 11:38 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-02-28 10:13 - 2019-02-28 10:13 - 000002806 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-02-28 10:13 - 2019-02-28 10:13 - 000000782 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-02-28 10:13 - 2019-02-28 10:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-02-28 10:10 - 2019-02-28 10:10 - 007316688 _____ (Malwarebytes) C:\Users\SAHUA\Desktop\adwcleaner_7.2.7.0.exe
2019-02-28 10:10 - 2019-02-28 10:10 - 001790024 _____ (Malwarebytes) C:\Users\SAHUA\Desktop\JRT.exe
2019-02-28 10:07 - 2019-02-28 10:09 - 062158736 _____ (Malwarebytes ) C:\Users\SAHUA\Desktop\mb3-setup-consumer-3.7.1.2839-1.0.538-1.0.9430.exe
2019-02-28 10:06 - 2019-02-28 10:06 - 019384632 _____ (Piriform Software Ltd) C:\Users\SAHUA\Desktop\ccsetup553.exe
2019-02-28 09:51 - 2019-02-28 09:51 - 002434048 _____ (Farbar) C:\Users\SAHUA\Desktop\FRST64.exe
2019-02-28 09:40 - 2019-02-28 09:40 - 000000256 _____ C:\Users\SAHUA\Desktop\DelFix.txt
2019-02-28 09:39 - 2019-02-28 09:40 - 000000256 _____ C:\DelFix.txt
2019-02-28 09:39 - 2019-02-28 09:39 - 000000000 ____D C:\Windows\ERUNT
2019-02-28 09:23 - 2019-02-28 09:23 - 000797760 _____ C:\Users\SAHUA\Desktop\delfix.exe
2019-02-27 20:44 - 2019-02-27 20:44 - 079824036 _____ C:\Users\SAHUA\Downloads\IsmaelrsSKVP.7z
2019-02-27 20:44 - 2018-07-14 23:41 - 000000000 ____D C:\Users\SAHUA\Downloads\Sparkol VideoScribe PRO
2019-02-27 19:37 - 2019-02-18 22:27 - 000362888 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-02-21 12:05 - 2019-02-21 12:06 - 098844826 _____ C:\Users\SAHUA\Downloads\HAZLA POR TU PLAYA -  mochila en mano.mp4
2019-02-18 22:35 - 2019-02-18 22:35 - 000000000 ____D C:\Users\SAHUA\AppData\Roaming\AVAST Software
2019-02-18 22:35 - 2019-02-18 22:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-02-18 22:29 - 2019-02-28 11:38 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-02-18 22:29 - 2019-02-18 22:30 - 000474456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-02-18 22:29 - 2019-02-18 22:30 - 000249672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-02-18 22:29 - 2019-02-18 22:27 - 000379952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-02-18 22:29 - 2019-02-18 22:27 - 000216784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-02-18 22:29 - 2019-02-18 22:27 - 000167304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-02-18 22:29 - 2019-02-18 22:27 - 000112312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-02-18 22:29 - 2019-02-18 22:27 - 000087944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-02-18 22:29 - 2019-02-18 22:27 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-02-18 22:29 - 2019-02-18 22:26 - 001034432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-02-18 22:29 - 2019-02-18 22:26 - 000320696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-02-18 22:29 - 2019-02-18 22:26 - 000225680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-02-18 22:29 - 2019-02-18 22:26 - 000205400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-02-18 22:29 - 2019-02-18 22:26 - 000196072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-02-18 22:29 - 2019-02-18 22:26 - 000057960 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-02-18 22:29 - 2019-02-18 22:26 - 000037104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-02-17 14:06 - 2019-02-17 14:06 - 000047688 _____ C:\Users\SAHUA\Downloads\GetFileAttachment.pdf
2019-02-16 20:26 - 2019-02-16 20:26 - 000013467 _____ C:\Users\SAHUA\Desktop\Plan Vacances au Pérou.xlsx
2019-02-14 17:27 - 2019-02-27 20:47 - 000003330 _____ C:\Windows\System32\Tasks\ApowerREC
2019-02-14 17:27 - 2019-02-14 17:27 - 000000000 ____D C:\Users\SAHUA\Documents\Apowersoft
2019-02-14 17:26 - 2019-02-14 17:26 - 000000000 ____D C:\Users\SAHUA\AppData\Roaming\Apowersoft
2019-02-14 17:25 - 2019-02-14 17:25 - 055976416 _____ (Apowersoft LIMITED ) C:\Users\SAHUA\Downloads\apowerrec.exe
2019-02-14 11:31 - 2019-02-14 11:31 - 000001151 _____ C:\Users\Public\Desktop\VideoScribe.lnk
2019-02-14 11:31 - 2019-02-14 11:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoScribe
2019-02-14 11:31 - 2019-02-14 11:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sparkol VideoScribe
2019-02-14 11:31 - 2019-02-14 11:31 - 000000000 ____D C:\ProgramData\com.sparkol.VideoScribeDesktop
2019-02-14 11:31 - 2019-02-14 11:31 - 000000000 ____D C:\Program Files (x86)\Sparkol
2019-02-14 10:22 - 2019-02-14 10:22 - 000000000 ____D C:\Users\SAHUA\AppData\Roaming\VideoScribeDesktop
2019-02-14 10:05 - 2019-02-14 11:31 - 000000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2019-02-14 10:04 - 2019-02-14 10:04 - 056567808 _____ C:\Users\SAHUA\Downloads\VideoScribe64.msi
2019-02-13 12:54 - 2019-02-19 11:54 - 000000000 _RSHD C:\AntiUsbShortCut
2019-02-13 12:51 - 2019-02-19 11:54 - 000000000 _RSHD C:\AntiShortCut
2019-02-12 15:24 - 2019-01-25 20:02 - 025736192 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-02-12 15:24 - 2019-01-25 19:32 - 005778944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-02-12 15:24 - 2019-01-25 19:27 - 020279808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-02-12 15:24 - 2019-01-25 18:46 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-02-12 15:24 - 2019-01-25 18:34 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-02-12 15:24 - 2019-01-25 18:29 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-02-12 15:23 - 2019-01-27 10:23 - 000396888 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-02-12 15:23 - 2019-01-27 09:32 - 000348760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-02-12 15:23 - 2019-01-25 19:50 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-02-12 15:23 - 2019-01-25 19:50 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-02-12 15:23 - 2019-01-25 19:38 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-02-12 15:23 - 2019-01-25 19:37 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-02-12 15:23 - 2019-01-25 19:36 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-02-12 15:23 - 2019-01-25 19:36 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-02-12 15:23 - 2019-01-25 19:36 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-02-12 15:23 - 2019-01-25 19:35 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-02-12 15:23 - 2019-01-25 19:29 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-02-12 15:23 - 2019-01-25 19:28 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-02-12 15:23 - 2019-01-25 19:25 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-02-12 15:23 - 2019-01-25 19:24 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-02-12 15:23 - 2019-01-25 19:24 - 000790016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-02-12 15:23 - 2019-01-25 19:24 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-02-12 15:23 - 2019-01-25 19:24 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-02-12 15:23 - 2019-01-25 19:18 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-02-12 15:23 - 2019-01-25 19:17 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-02-12 15:23 - 2019-01-25 19:14 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-02-12 15:23 - 2019-01-25 19:07 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-02-12 15:23 - 2019-01-25 19:07 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-02-12 15:23 - 2019-01-25 19:06 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-02-12 15:23 - 2019-01-25 19:06 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-02-12 15:23 - 2019-01-25 19:06 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-02-12 15:23 - 2019-01-25 19:06 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-02-12 15:23 - 2019-01-25 19:05 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

#9

Aqui el reporte FRST PARTE FINAL:


2019-02-12 15:23 - 2019-01-25 19:05 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-02-12 15:23 - 2019-01-25 19:03 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-02-12 15:23 - 2019-01-25 19:03 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-02-12 15:23 - 2019-01-25 19:03 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-02-12 15:23 - 2019-01-25 19:01 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-02-12 15:23 - 2019-01-25 19:00 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-02-12 15:23 - 2019-01-25 18:59 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-02-12 15:23 - 2019-01-25 18:59 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-02-12 15:23 - 2019-01-25 18:58 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-02-12 15:23 - 2019-01-25 18:57 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-02-12 15:23 - 2019-01-25 18:56 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-02-12 15:23 - 2019-01-25 18:56 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-02-12 15:23 - 2019-01-25 18:50 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-02-12 15:23 - 2019-01-25 18:48 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-02-12 15:23 - 2019-01-25 18:48 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-02-12 15:23 - 2019-01-25 18:48 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-02-12 15:23 - 2019-01-25 18:46 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-02-12 15:23 - 2019-01-25 18:46 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-02-12 15:23 - 2019-01-25 18:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-02-12 15:23 - 2019-01-25 18:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-02-12 15:23 - 2019-01-25 18:43 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-02-12 15:23 - 2019-01-25 18:40 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-02-12 15:23 - 2019-01-25 18:40 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-02-12 15:23 - 2019-01-25 18:39 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-02-12 15:23 - 2019-01-25 18:37 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-02-12 15:23 - 2019-01-25 18:34 - 004494336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-02-12 15:23 - 2019-01-25 18:32 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-02-12 15:23 - 2019-01-25 18:31 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-02-12 15:23 - 2019-01-25 18:30 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-02-12 15:23 - 2019-01-25 18:29 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-02-12 15:23 - 2019-01-25 18:22 - 001556480 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-02-12 15:23 - 2019-01-25 18:12 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-02-12 15:23 - 2019-01-25 18:11 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-02-12 15:23 - 2019-01-25 18:08 - 001331200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-02-12 15:23 - 2019-01-25 18:06 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-02-12 15:23 - 2019-01-15 02:06 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-02-12 15:23 - 2019-01-15 02:06 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-02-12 15:23 - 2019-01-15 02:03 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-02-12 15:23 - 2019-01-15 02:03 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-02-12 15:23 - 2019-01-15 02:03 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-02-12 15:23 - 2019-01-15 02:03 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-02-12 15:23 - 2019-01-15 02:03 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-02-12 15:23 - 2019-01-15 02:03 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-02-12 15:23 - 2019-01-15 02:03 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-02-12 15:23 - 2019-01-15 02:03 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-02-12 15:23 - 2019-01-15 02:03 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-02-12 15:23 - 2019-01-15 02:03 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-02-12 15:23 - 2019-01-15 02:03 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-02-12 15:23 - 2019-01-15 02:03 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-02-12 15:23 - 2019-01-15 02:03 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-02-12 15:23 - 2019-01-15 02:03 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-02-12 15:23 - 2019-01-15 02:02 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-02-12 15:23 - 2019-01-15 02:02 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-02-12 15:23 - 2019-01-15 02:02 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-02-12 15:23 - 2019-01-15 02:02 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-02-12 15:23 - 2019-01-15 02:02 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-02-12 15:23 - 2019-01-15 01:52 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-02-12 15:23 - 2019-01-15 01:52 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-02-12 15:23 - 2019-01-15 01:52 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-02-12 15:23 - 2019-01-15 01:52 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-02-12 15:23 - 2019-01-15 01:52 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-02-12 15:23 - 2019-01-15 01:52 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-02-12 15:23 - 2019-01-15 01:52 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-02-12 15:23 - 2019-01-15 01:52 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-02-12 15:23 - 2019-01-15 01:52 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-02-12 15:23 - 2019-01-15 01:52 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-02-12 15:23 - 2019-01-15 01:52 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-02-12 15:23 - 2019-01-15 01:52 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-02-12 15:23 - 2019-01-15 01:52 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-02-12 15:23 - 2019-01-15 01:52 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-02-12 15:23 - 2019-01-15 01:51 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-02-12 15:23 - 2019-01-15 01:51 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-02-12 15:23 - 2019-01-15 01:38 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-02-12 15:23 - 2019-01-15 01:33 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-02-12 15:23 - 2019-01-15 01:32 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-02-12 15:23 - 2019-01-15 01:32 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-02-12 15:23 - 2019-01-15 01:32 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-02-12 15:23 - 2019-01-15 01:31 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-02-12 15:23 - 2019-01-15 01:29 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-02-12 15:23 - 2019-01-11 22:08 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-02-12 15:23 - 2019-01-11 22:08 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-02-12 15:23 - 2019-01-11 21:55 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-02-12 15:23 - 2019-01-11 21:55 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2019-02-12 15:23 - 2019-01-11 21:36 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-02-12 15:23 - 2019-01-11 21:36 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-02-12 15:23 - 2019-01-11 21:36 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-02-12 15:23 - 2019-01-08 22:10 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-02-12 15:23 - 2019-01-08 22:09 - 005552360 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-02-12 15:23 - 2019-01-08 22:09 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-02-12 15:23 - 2019-01-08 22:09 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-02-12 15:23 - 2019-01-08 22:08 - 001664352 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-02-12 15:23 - 2019-01-08 22:07 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-02-12 15:23 - 2019-01-08 22:07 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-02-12 15:23 - 2019-01-08 22:07 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-02-12 15:23 - 2019-01-08 22:07 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-02-12 15:23 - 2019-01-08 22:07 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-02-12 15:23 - 2019-01-08 22:07 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-02-12 15:23 - 2019-01-08 22:07 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-02-12 15:23 - 2019-01-08 22:07 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-02-12 15:23 - 2019-01-08 22:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-02-12 15:23 - 2019-01-08 22:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 22:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 21:58 - 004055784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-02-12 15:23 - 2019-01-08 21:58 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-02-12 15:23 - 2019-01-08 21:57 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-02-12 15:23 - 2019-01-08 21:55 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-02-12 15:23 - 2019-01-08 21:55 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-02-12 15:23 - 2019-01-08 21:55 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-02-12 15:23 - 2019-01-08 21:55 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-02-12 15:23 - 2019-01-08 21:55 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-02-12 15:23 - 2019-01-08 21:55 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-02-12 15:23 - 2019-01-08 21:55 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 21:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-02-12 15:23 - 2019-01-08 21:55 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 21:55 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 21:55 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 21:55 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 21:55 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 21:55 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 21:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 21:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 21:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 21:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 21:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 21:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 21:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 21:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 21:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 21:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 21:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 21:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 21:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 21:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 21:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 21:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 21:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 21:45 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2019-02-12 15:23 - 2019-01-08 21:45 - 000033408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-02-12 15:23 - 2019-01-08 21:45 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2019-02-12 15:23 - 2019-01-08 21:41 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-02-12 15:23 - 2019-01-08 21:41 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-02-12 15:23 - 2019-01-08 21:41 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-02-12 15:23 - 2019-01-08 21:38 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-02-12 15:23 - 2019-01-08 21:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-02-12 15:23 - 2019-01-08 21:38 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-02-12 15:23 - 2019-01-08 21:37 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-02-12 15:23 - 2019-01-08 21:35 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-02-12 15:23 - 2019-01-08 21:35 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-02-12 15:23 - 2019-01-08 21:35 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-02-12 15:23 - 2019-01-08 21:34 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-02-12 15:23 - 2019-01-08 21:34 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-02-12 15:23 - 2019-01-08 21:34 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-02-12 15:23 - 2019-01-08 21:34 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-02-12 15:23 - 2019-01-08 21:34 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-02-12 15:23 - 2019-01-08 21:34 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-02-12 15:23 - 2019-01-08 21:34 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-02-12 15:23 - 2019-01-08 21:34 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-02-12 15:23 - 2019-01-08 21:34 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-02-12 15:23 - 2019-01-08 21:33 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 21:33 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 21:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-02-12 15:23 - 2019-01-08 21:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-02-12 15:23 - 2019-01-07 12:19 - 003228160 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-02-12 15:23 - 2019-01-01 11:08 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2019-02-12 15:23 - 2019-01-01 11:05 - 003247104 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-02-12 15:23 - 2019-01-01 11:05 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2019-02-12 15:23 - 2019-01-01 11:05 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2019-02-12 15:23 - 2019-01-01 11:04 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-02-12 15:23 - 2019-01-01 11:04 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2019-02-12 15:23 - 2019-01-01 10:58 - 002368000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-02-12 15:23 - 2019-01-01 10:58 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2019-02-12 15:23 - 2019-01-01 10:58 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2019-02-12 15:23 - 2019-01-01 10:57 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2019-02-12 15:23 - 2019-01-01 10:39 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2019-02-12 15:23 - 2019-01-01 10:39 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2019-02-12 15:23 - 2018-12-28 14:59 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-02-12 15:23 - 2018-12-28 14:59 - 000876032 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-02-12 15:23 - 2018-12-28 14:59 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-02-12 15:23 - 2018-12-28 14:59 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-02-12 15:23 - 2018-12-28 14:59 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-02-12 15:23 - 2018-12-28 14:48 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-02-12 15:23 - 2018-12-28 14:48 - 000582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-02-12 15:23 - 2018-12-28 14:48 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-02-12 15:23 - 2018-12-28 14:32 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-02-12 15:23 - 2018-12-04 11:07 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2019-02-12 15:23 - 2018-12-04 11:07 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2019-02-12 15:23 - 2018-12-04 10:55 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2019-02-12 15:23 - 2018-12-04 10:55 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2019-02-12 15:23 - 2018-12-02 11:06 - 000687616 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000998480 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000918408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000066000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000063936 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000021968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000020944 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000019408 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000017872 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000017856 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000017360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000017352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000016336 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000015824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000015808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000015296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000014312 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000014272 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000013768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000013760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000013760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000013264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000012752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000012736 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000012264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000012232 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000012224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000012224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000011752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000011728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000011728 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000011216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000011216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000011216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2019-02-12 15:23 - 2018-10-12 08:05 - 000011200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2019-02-08 03:44 - 2019-02-08 03:44 - 000077934 _____ C:\Users\SAHUA\Downloads\RÉSUMER.pptx
2019-02-07 21:12 - 2019-02-07 21:12 - 000014807 _____ C:\Users\SAHUA\Downloads\Alejandro Cuadros Prieto (1).xlsx
2019-02-05 12:51 - 2019-02-05 12:51 - 009927199 _____ C:\Users\SAHUA\Downloads\Gestion-des-cas-difficiles-accompagnateurs (1).pdf
2019-02-01 16:58 - 2019-02-01 16:58 - 001365466 _____ C:\Users\SAHUA\Downloads\Verbi Jan 2019.pdf
2019-02-01 16:50 - 2019-02-01 16:50 - 000014807 _____ C:\Users\SAHUA\Downloads\Alejandro Cuadros Prieto.xlsx
2019-01-31 15:57 - 2019-01-31 15:57 - 002695707 _____ C:\Users\SAHUA\Downloads\facebook-album-893182784060117 (3).zip
2019-01-31 15:56 - 2019-01-31 15:56 - 002695707 _____ C:\Users\SAHUA\Downloads\facebook-album-893182784060117 (2).zip
2019-01-31 13:32 - 2019-01-31 13:32 - 002695707 _____ C:\Users\SAHUA\Downloads\facebook-album-893182784060117 (1).zip
2019-01-31 13:26 - 2019-01-31 13:26 - 002695707 _____ C:\Users\SAHUA\Downloads\facebook-album-893182784060117.zip
2019-01-30 20:15 - 2019-01-30 20:16 - 054893122 _____ C:\Users\SAHUA\Downloads\BABY 102 BPM ACAPELLA.wav

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-28 11:30 - 2013-10-15 01:49 - 000000000 ____D C:\Users\SAHUA\Documents\Youcam
2019-02-28 11:29 - 2014-10-26 03:05 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2019-02-28 11:29 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-28 11:24 - 2015-08-28 16:21 - 000000000 ____D C:\AdwCleaner
2019-02-28 11:24 - 2009-07-13 23:45 - 000017904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-02-28 11:24 - 2009-07-13 23:45 - 000017904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-02-28 11:20 - 2017-04-15 13:22 - 000097448 _____ C:\Users\SAHUA\AppData\Local\GDIPFONTCACHEV1.DAT
2019-02-28 11:18 - 2017-04-14 09:51 - 005044480 _____ C:\Windows\system32\FNTCACHE.DAT
2019-02-28 10:23 - 2016-10-02 14:28 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-02-28 10:23 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2019-02-28 10:18 - 2013-08-04 04:43 - 000000000 ____D C:\Users\SAHUA\AppData\Roaming\Media Player Classic
2019-02-28 10:17 - 2013-05-05 20:40 - 000000000 ____D C:\Windows\Minidump
2019-02-28 10:17 - 2013-05-03 10:11 - 000000000 ____D C:\Windows\Panther
2019-02-28 10:13 - 2018-04-07 15:11 - 000000000 ____D C:\Program Files\CCleaner
2019-02-28 09:35 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\tracing
2019-02-28 09:02 - 2013-05-27 23:57 - 000000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3317693104-3463003405-3107741733-1000UA.job
2019-02-28 08:47 - 2013-05-27 23:57 - 000000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3317693104-3463003405-3107741733-1000Core.job
2019-02-27 20:47 - 2019-01-03 17:07 - 000003112 _____ C:\Windows\System32\Tasks\{82CF8C45-9F6F-40CF-A2BE-C02A50446EAB}
2019-02-27 20:47 - 2018-04-07 09:50 - 000003548 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-ATOM-PC-SAHUA
2019-02-27 20:47 - 2017-05-31 12:28 - 000003008 _____ C:\Windows\System32\Tasks\{37A465CB-7F51-4CBD-8525-1F4A502BE713}
2019-02-27 20:47 - 2017-05-31 12:28 - 000003008 _____ C:\Windows\System32\Tasks\{0A32A303-BD86-4FBC-8D98-2B277757A5EF}
2019-02-27 20:47 - 2017-05-21 11:30 - 000003114 _____ C:\Windows\System32\Tasks\{CFDCABCE-DE15-4356-9D97-02C6D4D8295A}
2019-02-27 20:47 - 2017-04-30 19:46 - 000003114 _____ C:\Windows\System32\Tasks\{CB8E5183-1E5F-493A-B29C-586131ECFE98}
2019-02-27 20:47 - 2017-02-21 21:22 - 000003088 _____ C:\Windows\System32\Tasks\{058D4F5E-65C2-411D-A8F3-50B82AF99F4A}
2019-02-27 20:47 - 2017-02-21 11:08 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-02-27 20:47 - 2016-10-02 13:51 - 000003102 _____ C:\Windows\System32\Tasks\{42B7C844-E7AA-4E7B-9E25-A496B7988DC9}
2019-02-27 20:47 - 2015-10-01 10:44 - 000003974 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{7A5EE641-8074-4211-90FB-AEB5C9F04E7C}
2019-02-27 20:47 - 2015-04-22 22:47 - 000002982 _____ C:\Windows\System32\Tasks\{D3ADC03A-48C1-4B79-B994-0B9A6F2B0DA6}
2019-02-27 20:47 - 2015-04-22 22:47 - 000002982 _____ C:\Windows\System32\Tasks\{87FC1977-85AE-45F8-B68D-D0954BAE9A38}
2019-02-27 20:47 - 2015-01-25 18:07 - 000003064 _____ C:\Windows\System32\Tasks\{10C19A0E-A11A-4AB0-9695-80AF70E63B21}
2019-02-27 20:47 - 2014-06-10 14:47 - 000003034 _____ C:\Windows\System32\Tasks\{186C40B6-8279-4C55-94DC-1D2D101119F7}
2019-02-27 20:47 - 2014-05-20 23:18 - 000003202 _____ C:\Windows\System32\Tasks\{1B3C729D-D924-4B84-9DA9-845B29764A58}
2019-02-27 20:47 - 2013-05-27 23:57 - 000003914 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3317693104-3463003405-3107741733-1000UA
2019-02-27 20:47 - 2013-05-27 23:57 - 000003546 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3317693104-3463003405-3107741733-1000Core
2019-02-27 20:47 - 2013-05-03 21:01 - 000003470 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-02-27 20:47 - 2013-05-03 21:01 - 000003342 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-02-27 20:23 - 2013-05-03 19:04 - 000000000 ____D C:\Users\SAHUA\AppData\Roaming\vlc
2019-02-26 13:27 - 2018-06-11 20:10 - 000000000 ____D C:\ProgramData\CanonIJPLM
2019-02-25 21:52 - 2013-05-04 09:18 - 000000000 ____D C:\Users\SAHUA\AppData\Local\ElevatedDiagnostics
2019-02-25 21:52 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\NDF
2019-02-25 16:01 - 2013-05-03 21:03 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-02-25 16:01 - 2013-05-03 21:03 - 000002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-02-20 17:11 - 2018-09-04 09:22 - 000015414 _____ C:\Users\SAHUA\Desktop\COMPTABILITÉ ALEJANDRO.xlsx
2019-02-20 12:54 - 2009-07-14 04:31 - 004160250 _____ C:\Windows\system32\perfh00A.dat
2019-02-20 12:54 - 2009-07-14 04:31 - 001316062 _____ C:\Windows\system32\perfc00A.dat
2019-02-20 12:54 - 2009-07-14 00:13 - 000005200 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-20 12:51 - 2013-05-04 11:31 - 000007664 _____ C:\Users\SAHUA\AppData\Local\resmon.resmoncfg
2019-02-20 12:14 - 2016-10-03 17:41 - 000000000 ____D C:\Windows\pss
2019-02-18 23:37 - 2014-12-05 19:44 - 000000000 ____D C:\Temp
2019-02-18 23:37 - 2013-05-07 09:57 - 000000000 ____D C:\swsetup
2019-02-18 23:35 - 2015-08-27 12:47 - 000000000 ____D C:\savtmp
2019-02-18 23:35 - 2015-01-15 01:38 - 000000000 ____D C:\Presets
2019-02-18 23:34 - 2009-07-13 22:20 - 000000000 ____D C:\PerfLogs
2019-02-18 23:33 - 2013-05-03 16:52 - 000000000 __RHD C:\MSOCache
2019-02-18 23:32 - 2017-05-11 14:48 - 000000000 ____D C:\LJP1100_P1560_P1600_Full_Solution
2019-02-18 23:32 - 2014-10-25 23:31 - 000000000 ____D C:\MSI
2019-02-18 23:32 - 2013-05-03 16:45 - 000000000 ____D C:\Bejeweled 2 Deluxe en Español
2019-02-18 23:31 - 2015-01-15 01:38 - 000000000 ____D C:\Banks
2019-02-18 23:27 - 2015-06-10 06:20 - 000000000 ____D C:\73712decdae59042e3ad5990
2019-02-18 23:25 - 2018-09-12 13:29 - 000000000 ____D C:\972db6410836087b29476ada3d545fdb
2019-02-18 22:35 - 2018-05-30 18:20 - 000000000 ____D C:\Users\SAHUA\AppData\Local\AVAST Software
2019-02-17 12:08 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\rescache
2019-02-14 11:30 - 2019-01-19 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AtomixMP3
2019-02-14 10:16 - 2013-08-14 03:02 - 000000000 ____D C:\Windows\system32\MRT
2019-02-14 10:04 - 2013-08-06 06:06 - 129330784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-02-13 15:26 - 2017-05-31 11:13 - 000000000 ____D C:\Users\SAHUA\AppData\Roaming\Adobe

==================== Files in the root of some directories =======

2012-03-20 10:00 - 2012-03-20 10:00 - 001961984 _____ (Waves Audio Ltd.) C:\Program Files\WaveShell-VST 9.0_x64.dll
2012-03-20 10:00 - 2012-03-20 10:00 - 001482752 _____ (Waves Audio Ltd.) C:\Program Files (x86)\WaveShell-VST 9.0.dll
2018-10-17 17:27 - 2018-10-17 17:27 - 000000033 _____ () C:\Users\SAHUA\AppData\Roaming\AdobeWLCMCache.dat
2015-08-11 06:43 - 2015-08-11 06:43 - 000000041 _____ () C:\Users\SAHUA\AppData\Roaming\WB.CFG
2016-11-19 20:52 - 2016-11-19 20:52 - 000003584 _____ () C:\Users\SAHUA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-30 12:40 - 2018-09-30 12:40 - 000000000 _____ () C:\Users\SAHUA\AppData\Local\oobelibMkey.log
2013-05-04 11:31 - 2019-02-20 12:51 - 000007664 _____ () C:\Users\SAHUA\AppData\Local\resmon.resmoncfg
2017-04-03 15:16 - 2017-04-03 15:16 - 000000170 _____ () C:\Users\SAHUA\AppData\Local\uts.ini

Some files in TEMP:
====================
2015-02-20 17:15 - 2015-02-20 17:15 - 000427001 _____ () C:\Users\Invitado\AppData\Local\Temp\{48416259-16DF-4FD2-9F1C-C576A4BF429C}-40.0.2214.115_40.0.2214.111_chrome_updater.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-02-25 15:56

==================== End of FRST.txt ============================

#10

Este es el reporte de addition parte1:


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.02.2019 01
Ran by SAHUA (28-02-2019 11:52:56)
Running from C:\Users\SAHUA\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2013-05-03 21:30:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-3317693104-3463003405-3107741733-500 - Administrator - Disabled)
fbwuser (S-1-5-21-3317693104-3463003405-3107741733-1032 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3317693104-3463003405-3107741733-1034 - Limited - Enabled)
Invitado (S-1-5-21-3317693104-3463003405-3107741733-501 - Limited - Enabled) => C:\Users\Invitado
NADIA (S-1-5-21-3317693104-3463003405-3107741733-1035 - Administrator - Enabled) => C:\Users\NADIA
SAHUA (S-1-5-21-3317693104-3463003405-3107741733-1000 - Administrator - Enabled) => C:\Users\SAHUA

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe After Effects CC 2018 (HKLM-x32\...\AEFT_15_1) (Version: 15.1.0 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated)
Adobe Audition CC 2018 (HKLM-x32\...\AUDT_11_1) (Version: 11.1.0 - Adobe Systems Incorporated)
Adobe Audition CS6 (HKLM-x32\...\{30FD541D-3C9D-41C4-B240-A994EE4E0231}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CC 2018 (HKLM-x32\...\ILST_22_1) (Version: 22.1 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.0.2 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2018 (HKLM-x32\...\AME_12_1) (Version: 12.1.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_3) (Version: 19.1.3 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_1) (Version: 12.1.0 - Adobe Systems Incorporated)
Antares Auto-Tune Evo VST (HKLM-x32\...\{FFF74EC9-1FF4-4456-99E3-4F05129F4FAB}) (Version: 6.00.0009 - Antares Audio Technologies)
Antares AVOX Bundle VST RTAS v1.1.3 (HKLM-x32\...\Antares AVOX Bundle VST RTAS_is1) (Version:  - Team AiR 2007)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version:  - )
Atom (HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\atom) (Version: 1.12.8 - GitHub Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
Brackets (HKLM-x32\...\{0ED76FF2-9370-4437-8C51-39F27DD0361B}) (Version: 1.8 - brackets.io)
Broadcom Bluetooth Software (HKLM\...\{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}) (Version: 6.5.0.2100 - Broadcom Corporation)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.2100 - Broadcom Corporation)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.3.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.6.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.15.23 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.3.0 - Canon Inc.)
Canon MX490 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX490_series) (Version: 1.02 - Canon Inc.)
Canon MX490 series On-screen Manual (HKLM-x32\...\Canon MX490 series On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon Utilidad de marcación rápida (HKLM-x32\...\Speed Dial Utility) (Version: 1.6.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.53 - Piriform)
Celemony Melodyne v3.0.1.5 Studio Edition (HKLM-x32\...\Celemony Melodyne v3.0.1.5 Studio Edition) (Version:  - )
Chrome Remote Desktop Host (HKLM-x32\...\{F51A03C4-2DD0-43B0-900F-EAD1C45DC542}) (Version: 71.0.3578.15 - Google Inc.)
CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.0909 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
Galería de fotos (HKLM-x32\...\{8F7FECEC-088F-431D-A5FB-2B59E1E69943}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Git version 2.12.0 (HKLM\...\Git_is1) (Version: 2.12.0 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.119 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
hppLaserJetService (HKLM-x32\...\{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}) (Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppP1100P1560P1600SeriesLaserJetService (HKLM-x32\...\{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}) (Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppusgP1100P1560P1600Series (HKLM-x32\...\{853F464A-B2B8-404E-BA3E-B98FF6862C41}) (Version: 1.0.0.1 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6393.0 - IDT)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Interlok driver setup x64 (HKLM\...\{25613C10-27D2-410B-942B-D922D5C3A7BE}) (Version: 5.8.10 - PACE Anti-Piracy)
iZotope iDrum (HKLM-x32\...\iZotope iDrum_is1) (Version: 1.75 - iZotope, Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Junk Mail filter update (HKLM-x32\...\{400C31E4-796F-4E86-8FDC-C3C4FACC6847}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
K-Lite Codec Pack 6.6.6 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.6.6 - )
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0C0A-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{13F3CEA5-9E2C-4C4E-9F0F-D0DB389CF4A9}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Photoshop Cs6 versión Final (HKLM-x32\...\{5CF1F901-ED27-4C34-A9CE-A10E8C1DDDB2}_is1) (Version: Final - Braian Urzagaste)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Sparkol VideoScribe (HKLM-x32\...\{031D2992-63D1-4BE2-841A-32C44849695B}) (Version: 2.3.7006 - Sparkol) Hidden
Sparkol VideoScribe (HKLM-x32\...\Sparkol VideoScribe 2.3.7006) (Version: 2.3.7006 - Sparkol)
Sublime Text Build 3126 (HKLM-x32\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Waves Complete V9r2 (HKLM-x32\...\{90000001-C561-4E32-99EB-3C5AD3683A70}) (Version: 9.0.2 - Waves)
Windows Deployment Tools (HKLM-x32\...\{BFC9778E-9765-C94C-C082-C2514F8DEB9B}) (Version: 8.59.25584 - Microsoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows PE x86 x64 (HKLM-x32\...\{F89D69CA-6EE1-E037-DD3B-08CDDE1BED1C}) (Version: 8.59.25584 - Microsoft)
Windows PE x86 x64 wims (HKLM-x32\...\{85F4ACB1-E7DC-C3C6-F4FD-BB936DF2695E}) (Version: 8.59.25584 - Microsoft)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3317693104-3463003405-3107741733-1000_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
CustomCLSID: HKU\S-1-5-21-3317693104-3463003405-3107741733-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-18] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-18] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-18] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\Winrar\rarext64.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\Winrar\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-18] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\Winrar\rarext64.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\Winrar\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-18] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\Winrar\rarext64.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\Winrar\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3317693104-3463003405-3107741733-1000: [SysMenuExt] -> {020B1D4B-5738-4C77-9E19-4F173DD9B486} =>  -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0196D42A-0C85-4249-B31B-743A7E338293} - System32\Tasks\{CFDCABCE-DE15-4356-9D97-02C6D4D8295A} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.33.0.105/es/go/help.faq.installer?LastError=1603
Task: {04743076-F2E8-4E11-A737-7BCBE7311D69} - System32\Tasks\{0A32A303-BD86-4FBC-8D98-2B277757A5EF} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated -> Adobe Inc.)
Task: {09FCBFEC-F629-4218-A18F-DAF30F9BD975} - System32\Tasks\{10C19A0E-A11A-4AB0-9695-80AF70E63B21} => C:\Windows\system32\pcalua.exe -a E:\Movistar\Setup.exe -d E:\Movistar
Task: {0CC15E4E-7E34-4F3D-A4D7-F988F62A4A1C} - System32\Tasks\{42B7C844-E7AA-4E7B-9E25-A496B7988DC9} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Packet Tracer 5.0\unins000.exe"
Task: {128120EC-4923-4F61-867C-1DB119A93929} - System32\Tasks\AdobeAAMUpdater-1.0-ATOM-PC-SAHUA => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {21A309B8-C7B8-4542-806D-CAA2D74FA469} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {239B54C6-F081-443E-BC55-4E9E946D7B6E} - System32\Tasks\{058D4F5E-65C2-411D-A8F3-50B82AF99F4A} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\AudioShell\unins000.exe"
Task: {281C246F-9E91-4A8D-B26A-C8761D190B64} - System32\Tasks\{D3ADC03A-48C1-4B79-B994-0B9A6F2B0DA6} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {380E8C76-BA7C-4F0C-958C-4B068FB13A69} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_pepper.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {4E1C1719-CB13-4277-92D2-D7BF727AB4ED} - System32\Tasks\ApowerREC => C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe
Task: {5FA272B7-7540-4EDE-9335-E348226554DA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3317693104-3463003405-3107741733-1000Core => C:\Users\SAHUA\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook, Inc. -> Facebook Inc.)
Task: {64B8AD12-DCA9-4307-A6AC-185B282230F6} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {76F6188E-97B9-4D0C-96E7-512D8CD7333E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {76FFC6A7-3CFB-46DC-AF67-2A41A61257D3} - System32\Tasks\AdobeGCInvoker-1.0-ATOM-PC-SAHUA => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {7E938214-2626-4F45-8CBF-99DA1646A136} - System32\Tasks\{28CCAC6A-B50C-423B-8397-173F9AE44283} => C:\Windows\system32\pcalua.exe -a C:\Users\SAHUA\Desktop\Waves.Diamond.Bundle.v5.2-H2O\setup.exe -d C:\Users\SAHUA\Desktop\Waves.Diamond.Bundle.v5.2-H2O
Task: {8203F51F-3220-4472-B6A5-6570839F271F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3317693104-3463003405-3107741733-1000UA => C:\Users\SAHUA\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook, Inc. -> Facebook Inc.)
Task: {8223468E-C2F6-40E3-AFE0-567BA6F9AD4D} - System32\Tasks\{1B3C729D-D924-4B84-9DA9-845B29764A58} => C:\Windows\system32\pcalua.exe -a "D:\Documents\SOFWARE\Audio Shell\Audio Shell i-am_your_father.exe" -d "D:\Documents\SOFWARE\Audio Shell"
Task: {8DBB313B-C781-41FD-9A74-721B198DF10A} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {95D43B57-63EE-4962-B244-9116FC22A7BE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {96E12542-A719-4986-9A51-69C0FB593CB8} - System32\Tasks\{CB8E5183-1E5F-493A-B29C-586131ECFE98} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.33.0.105/es/go/help.faq.installer?LastError=1603
Task: {A05A7356-F89D-4821-BB18-7C6B1B124FEF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {A1567FCB-6B10-445D-B4AB-E23FCDCCBA17} - System32\Tasks\{186C40B6-8279-4C55-94DC-1D2D101119F7} => C:\Windows\system32\pcalua.exe -a E:\SISetup.exe -d E:\
Task: {A40D4B20-D25C-4E41-B371-F17C389A78BD} - System32\Tasks\{D447E46D-3DE6-4C3C-A2AF-351FC7606B45} => C:\Program Files (x86)\Adobe\Adobe Audition CS6\Adobe Audition CS6.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {B4B6863F-C01B-443F-AC3E-992A6850C436} - System32\Tasks\{87FC1977-85AE-45F8-B68D-D0954BAE9A38} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {CE0A5038-CF14-4034-8048-3A744F99629D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {CFAECA73-1146-4D96-AF4A-69DA1B1B6E70} - System32\Tasks\{DF54C570-79F9-4A44-999D-6C30C1EC0B92} => C:\Program Files (x86)\Adobe\Adobe Audition CS6\Adobe Audition CS6.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {D1E497F2-BD97-4566-83D5-3746466379FB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D9F35902-7444-48BE-9D2D-DA51CDEAF1DB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {DFF47EA1-D51D-41C3-86F8-ABC27CCBC362} - System32\Tasks\{17F872F1-4723-4724-BBC0-C8B9C4415EF6} => C:\Program Files (x86)\Adobe\Adobe Audition CS6\Adobe Audition CS6.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {E752E0F6-6BC4-42BB-A29D-A4208974ED37} - System32\Tasks\{37A465CB-7F51-4CBD-8525-1F4A502BE713} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated -> Adobe Inc.)
Task: {E79A0429-D1FD-49B4-B11D-7DBA5127AB10} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {E9E9AB14-F734-4E29-AD21-7EFB859C3343} - System32\Tasks\{82CF8C45-9F6F-40CF-A2BE-C02A50446EAB} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\HP\HP LaserJet P1100 Series\Uninstall.exe"
Task: {F6883BEE-B6DA-4FB3-9580-49259D73792C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {F8A4C293-6E14-41C3-9B21-35FCE213F938} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {FC7DF589-9CA3-4E20-A5A2-69FC9C6FF1D3} - System32\Tasks\{158DD365-0E0A-45EA-8D0C-9FA118321078} => C:\Program Files (x86)\Adobe\Adobe Audition CS6\Adobe Audition CS6.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3317693104-3463003405-3107741733-1000Core.job => C:\Users\SAHUA\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3317693104-3463003405-3107741733-1000UA.job => C:\Users\SAHUA\AppData\Local\Facebook\Update\FacebookUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\SAHUA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Image-Line website.lnk -> hxxp://www.image-line.com
Shortcut: C:\Users\SAHUA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk -> hxxp://www.image-line.com/diagnosti
Shortcut: C:\Users\SAHUA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk -> hxxp://www.deckadance.com
Shortcut: C:\Users\SAHUA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk

ShortcutWithArgument: C:\Users\SAHUA\Desktop\Menú de aplicaciones de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Menú de aplicaciones de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\SAHUA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Menú de aplicaciones de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\SAHUA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\SAHUA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio remoto de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  
ShortcutWithArgument: C:\Users\SAHUA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Menú de aplicaciones de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list

==================== Loaded Modules (Whitelisted) ==============

2009-06-25 09:27 - 2009-06-25 09:27 - 000541184 _____ (Marvell Semiconductor, Inc.) [File not signed] C:\Windows\System32\mvtcpmon.dll
2009-06-25 09:25 - 2009-06-25 09:25 - 000144896 _____ (OpenSLP) [File not signed] C:\Windows\System32\slp64.dll
2018-06-11 20:04 - 2014-08-06 12:25 - 000375296 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMN6PPM.DLL
2015-02-24 20:35 - 2011-04-18 18:03 - 000120320 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\E_YLMI4E.DLL
2016-01-11 19:06 - 2014-03-05 04:06 - 000180224 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\E_YLMBNGE.DLL
2017-05-10 19:21 - 2013-04-16 20:03 - 000179712 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\E_ILMBLDE.DLL
2014-06-10 14:50 - 2012-08-31 15:02 - 000074240 ____N () [File not signed] C:\Windows\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2019-02-28 10:22 - 2019-02-01 09:56 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-02-28 10:22 - 2019-02-01 09:56 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-02-28 10:22 - 2019-02-01 09:55 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-02-28 10:22 - 2019-02-01 09:56 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-02-28 10:22 - 2019-02-01 09:56 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-02-28 10:22 - 2019-02-01 09:56 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-02-28 10:22 - 2019-02-01 09:56 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-02-28 10:22 - 2019-02-01 09:56 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-02-28 10:22 - 2019-02-01 09:56 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-02-28 10:22 - 2019-02-01 09:56 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-02-28 10:22 - 2019-02-01 09:56 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-02-28 10:22 - 2019-02-01 09:56 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-02-28 10:22 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-02-28 10:22 - 2019-02-01 09:56 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-02-28 10:22 - 2019-02-01 09:56 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-02-28 10:22 - 2019-02-01 09:56 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-02-28 10:22 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-02-28 10:22 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-02-28 10:22 - 2019-02-01 09:56 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Microsoft:KQDnIekKyX2mJlADGWzsOpA [2336]
AlternateDataStreams: C:\ProgramData\Microsoft:kXXOrgYQlhPKts7vcxSoHiuvJ [2320]
AlternateDataStreams: C:\ProgramData\Microsoft:LXqHgz38uqWAMnRoL7GnjQfK59 [1996]
AlternateDataStreams: C:\ProgramData\Microsoft:OHjbESuYgCjsWObDHLPKHnuxA4 [1958]
AlternateDataStreams: C:\ProgramData\Microsoft:UFAmfwdPnej4VtseNAlBGLfqp [1856]
AlternateDataStreams: C:\Users\SAHUA\Configuración local:37zERzuizmGXZQ5Z2yC5mujL937XOn [1998]
AlternateDataStreams: C:\Users\SAHUA\Configuración local:YXy5MUUObnCyGwHN014Nu6k [2040]
AlternateDataStreams: C:\Users\SAHUA\Cookies:7KQS71PBg8WQtshYtFypR1Vz8x [552]
AlternateDataStreams: C:\Users\SAHUA\Cookies:hyOHsJVUcyc4haeCmXR0pZwRn [2002]
AlternateDataStreams: C:\Users\SAHUA\AppData\Local:37zERzuizmGXZQ5Z2yC5mujL937XOn [1998]
AlternateDataStreams: C:\Users\SAHUA\AppData\Local:YXy5MUUObnCyGwHN014Nu6k [2040]
AlternateDataStreams: C:\Users\SAHUA\AppData\Local\1N7kyIRjd:zDIvFc3Lbk3Q9pIOkLpde [2016]
AlternateDataStreams: C:\Users\SAHUA\AppData\Local\Datos de programa:37zERzuizmGXZQ5Z2yC5mujL937XOn [1998]
AlternateDataStreams: C:\Users\SAHUA\AppData\Local\Datos de programa:YXy5MUUObnCyGwHN014Nu6k [2040]

==================== Safe Mode (Whitelisted) ===================

#11

Aqui el reporte de addition parte 2:




(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot => "AlternateShell"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\google.com.mx -> hxxps://google.com.mx

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2018-12-31 12:06 - 000000940 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 validation.sls.microsoft.com
127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: %INTEL_DEV_REDIST%redist\intel64\compiler;C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE;C:\PROGRAM FILES (X86)\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE;%SYSTEMROOT%\SYSTEM32;%SYSTEMROOT%;%SYSTEMROOT%\SYSTEM32\WBEM;%SYSTEMROOT%\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES (X86)\WINDOWS LIVE\SHARED;C:\PROGRAM FILES\WIDCOMM\BLUETOOTH SOFTWARE\;C:\PROGRAM FILES\WIDCOMM\BLUETOOTH SOFTWARE\SYSWOW64;C:\PROGRAM FILES\BROADCOM\WHL\;C:\PROGRAM FILES\BROADCOM\WHL\SYSWOW64;C:\PROGRAM FILES\BROADCOM\WHL\SYSWOW64\;C:\PROGRAM FILES\BROADCOM\WHL\SYSWOW64\SYSWOW64;C:\Program Files (x86)\Skype\Phone\;C:\Program Files\Git\cmd;C:\Program Files (x86)\Brackets\command
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\SAHUA\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{1EAA45FD-11F2-4E3C-9D6C-54F9CA9F48D0}E:\utilitarios\wpi\install\winrar 3.93es.exe] => (Allow) E:\utilitarios\wpi\install\winrar 3.93es.exe No File
FirewallRules: [UDP Query User{F9F683E8-A819-4BD2-B57C-7B3FFB1BFA3D}E:\utilitarios\wpi\install\winrar 3.93es.exe] => (Allow) E:\utilitarios\wpi\install\winrar 3.93es.exe No File
FirewallRules: [TCP Query User{E6DEE9AF-09D9-45BE-A1EF-D7A22D09F95F}E:\utilitarios\wpi\install\cyberlink.youcam.2.0.exe] => (Block) E:\utilitarios\wpi\install\cyberlink.youcam.2.0.exe No File
FirewallRules: [UDP Query User{210B9552-47FF-499A-9DD0-550F83BDE794}E:\utilitarios\wpi\install\cyberlink.youcam.2.0.exe] => (Block) E:\utilitarios\wpi\install\cyberlink.youcam.2.0.exe No File
FirewallRules: [TCP Query User{1F17A429-38DA-4938-8852-68846EBBFE61}E:\utilitarios\wpi\wpi.exe] => (Block) E:\utilitarios\wpi\wpi.exe No File
FirewallRules: [UDP Query User{ECF17FDF-4C25-499F-9826-D4FE41D0E2C7}E:\utilitarios\wpi\wpi.exe] => (Block) E:\utilitarios\wpi\wpi.exe No File
FirewallRules: [TCP Query User{B6F027EF-3A34-4EF3-A692-239FC9A383A1}C:\program files (x86)\cyberlink\youcam\muitransfer\muistartmenu.exe] => (Block) C:\program files (x86)\cyberlink\youcam\muitransfer\muistartmenu.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [UDP Query User{5AE0659A-9C9E-4966-8730-CFA7247F7EC0}C:\program files (x86)\cyberlink\youcam\muitransfer\muistartmenu.exe] => (Block) C:\program files (x86)\cyberlink\youcam\muitransfer\muistartmenu.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{2FCFD968-5A11-441B-9545-97643C67D586}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F96AF627-50CB-486E-9FA3-66930905B983}] => (Allow) LPort=2869
FirewallRules: [{8E6E676E-8BE9-4B52-984B-A4CBAE4C4B03}] => (Allow) LPort=1900
FirewallRules: [{49AA27D3-EF13-4AE9-9529-94B5FCEF9D01}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{22538074-ABD1-4A4B-A9D4-716DA0075EA4}] => (Allow) C:\Users\SAHUA\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Software Sarl -> Skype Limited)
FirewallRules: [{69A3B864-2164-4B63-AF92-F24762E76FE4}] => (Allow) LPort=9100
FirewallRules: [{EE38308A-0A81-4EF8-8C5A-8B1CDB811F16}] => (Allow) LPort=427
FirewallRules: [{52A71D31-05F3-48B8-AE39-BD1A54CB790B}] => (Allow) LPort=161
FirewallRules: [{14CBBBF2-BCEB-49E0-BA19-EC91A7AA8A78}] => (Allow) C:\LJP1100_P1560_P1600_Full_Solution\ProductInst64.exe (Hewlett-Packard Company -> HP)
FirewallRules: [{36795C09-E425-4BA4-838F-FF1A373C84CC}] => (Allow) C:\LJP1100_P1560_P1600_Full_Solution\ProductInst64.exe (Hewlett-Packard Company -> HP)
FirewallRules: [{80057318-3A39-4C55-AA77-7AF41AFAD2A2}] => (Allow) LPort=9100
FirewallRules: [{9DEAA54B-71D5-4F7B-AF5D-0458F7821829}] => (Allow) LPort=427
FirewallRules: [{60AA7948-37FD-4070-BBDA-6BBDACE98BC1}] => (Allow) LPort=161
FirewallRules: [{61840E1F-E5F2-4FF6-ADA3-6EA17B3EBC27}] => (Allow) LPort=427
FirewallRules: [{CE3B9CC5-E954-447A-BEEF-A0154937BA61}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{4A6B8F18-471E-4E1B-8F4E-3E55EC997492}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{BF9D9AD0-064A-4585-8445-94BCD9B5D7A1}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\71.0.3578.15\remoting_host.exe (Google Inc -> Google Inc.)
FirewallRules: [{CB477FDA-9B5A-4C9B-B1B8-466F900A8BF8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{6CDA6302-2F29-4C91-834B-6C13BBC72F03}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{7CE770D7-6909-4990-873F-EA3C68C8C633}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

03-02-2019 11:39:48 Punto de control programado
11-02-2019 11:44:06 Punto de control programado
13-02-2019 11:34:18 Windows Update
14-02-2019 10:00:38 Windows Update
14-02-2019 11:28:20 Removed Sparkol VideoScribe
14-02-2019 11:30:34 Installed Sparkol VideoScribe
19-02-2019 01:04:53 Removed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
27-02-2019 15:16:15 Punto de control programado
28-02-2019 09:23:12 Windows Update
28-02-2019 11:34:46 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

Name: MTP
Description: MTP
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Controlador de volumen FileSytem de WPD
Description: Controlador de volumen FileSytem de WPD
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Microsoft
Service: WUDFRd
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de tunelización Teredo de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/28/2019 11:29:10 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x00000000.

Error: (02/28/2019 11:29:10 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
0x800401F9

Error: (02/28/2019 11:18:22 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x00000000.

Error: (02/28/2019 11:18:22 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
0x800401F9

Error: (02/28/2019 10:16:47 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: El servicio Windows Search no pudo procesar la lista de ubicaciones incluidas y excluidas. Error: <30, 0x80040d07, "iehistory://{S-1-5-21-3317693104-3463003405-3107741733-1000}/">.

Error: (02/28/2019 10:00:22 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x00000000.

Error: (02/28/2019 10:00:22 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
0x800401F9

Error: (02/28/2019 09:50:20 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "C:\Windows\System32\systemcpl.dll".
No se encontró el ensamblado dependiente Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="&#x2a;",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0".
Use sxstrace.exe para obtener un diagnóstico detallado.


System errors:
=============
Error: (02/28/2019 11:31:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio %1!s! Update Servicio (avast) no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (02/28/2019 11:31:25 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio 30000!s! Update Servicio (avast).

Error: (02/28/2019 11:29:23 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
cdrom

Error: (02/28/2019 11:25:22 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\Windows\System32\bcmihvsrv64.dll

Error: (02/28/2019 11:25:22 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\Windows\System32\bcmihvsrv64.dll

Error: (02/28/2019 11:25:16 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\Windows\System32\bcmihvsrv64.dll

Error: (02/28/2019 11:25:16 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: El servidor {752073A1-23F2-4396-85F0-8FDB879ED0ED} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (02/28/2019 11:24:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Protección de software terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.


Windows Defender:
===================================
Date: 2019-02-06 09:59:16.986
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{C184B1F1-787A-4FE7-BB51-9CD947DF452D}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen completo
Usuario:NT AUTHORITY\Servicio de red

Date: 2019-01-28 09:50:27.130
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{0D62D235-2AA7-44F7-92E2-FDE8C581C5CE}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen completo
Usuario:NT AUTHORITY\Servicio de red

Date: 2019-01-25 15:24:29.551
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{5C83ADEB-1674-4691-ADB1-BB1EB320586A}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen completo
Usuario:NT AUTHORITY\Servicio de red

Date: 2019-01-17 08:13:57.341
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{AE72FEC3-C1A7-4E52-BA27-8D922BBF5A7D}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen completo
Usuario:NT AUTHORITY\Servicio de red

Date: 2019-01-11 11:48:26.990
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{29F6332E-ABF5-4B03-A668-0AA9FABC4542}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen completo
Usuario:NT AUTHORITY\Servicio de red

Date: 2015-12-03 00:50:35.900
Description: 
Windows Defender encontró un error al tomar medidas ante spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/SupTab&threatid=214126
Usuario:NT AUTHORITY\Servicio de red
Nombre:BrowserModifier:Win32/SupTab
Id.:214126
Gravedad:Alta
Categoría:Modificador de explorador
Ruta de acceso:
Acción:Quitar
Código de error:0x80508023
Descripción de error:El programa no encontró spyware ni cualquier otro software potencialmente no deseado en este equipo. 
Estado:

Date: 2015-04-22 21:54:33.579
Description: 
Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
Firmas intentadas:Actual
Código de error:0x80070002
Descripción de error:El sistema no puede encontrar el archivo especificado. 
Versión de firma:0.0.0.0
Versión de motor:0.0.0.0

Date: 2014-01-16 13:11:33.022
Description: 
Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
Firmas intentadas:Actual
Código de error:0x80070002
Descripción de error:El sistema no puede encontrar el archivo especificado. 
Versión de firma:0.0.0.0
Versión de motor:0.0.0.0

CodeIntegrity:
===================================

Date: 2018-04-07 17:13:48.030
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-04-07 16:55:19.591
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-04-07 16:47:07.098
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-04-07 16:35:33.990
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-04-07 16:20:13.372
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-04-07 16:12:02.324
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-04-07 15:38:16.933
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-04-07 15:28:39.849
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

==================== Memory info =========================== 

Processor: AMD E-450 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 60%
Total physical RAM: 5738.91 MB
Available physical RAM: 2283.05 MB
Total Virtual: 14344.05 MB
Available Virtual: 11054.32 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:224.78 GB) (Free:100.27 GB) NTFS
Drive d: (Nuevo vol) (Fixed) (Total:240.88 GB) (Free:64.28 GB) NTFS
Drive g: () (Removable) (Total:1.87 GB) (Free:1.87 GB) FAT

\\?\Volume{0fd28260-b436-11e2-a96b-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 1A767B47)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=224.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=240.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Protective MBR) (Size: 1.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

#12

Tienes el pc echo un desastre de infecciones, por lo que ya puedes mirar lo que haces con el

Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

  • Para hacerlo descarga Delfix en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:


Start
CreateRestorePoint:
CloseProcesses:

HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: E - E:\SISetup.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {0a7ecb36-6124-11e4-8eba-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {0a7ecb46-6124-11e4-8eba-101f74cd2a34} - E:\LGAutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {198a96c4-c4bd-11e2-afc0-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {2cd704dc-021f-11e4-8c73-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {2cd70980-021f-11e4-8c73-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {4dd03c4d-b9af-11e2-b341-101f74cd2a34} - F:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {8920cf80-f0a7-11e3-9004-101f74cd2a34} - E:\SISetup.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {8b33d1d5-796b-11e4-be6c-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {971d6ac3-3420-11e3-92e2-101f74cd2a34} - F:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {9947ed22-14a2-11e3-8b0b-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {a0bf5f76-6604-11e4-8b9c-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {a5621601-0e98-11e4-afda-101f74cd2a34} - E:\LGAutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {afc718cd-0629-11e4-be65-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {afc718d8-0629-11e4-be65-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {cd522ec3-a455-11e4-97f2-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {cec3e748-067b-11e6-8e35-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {fb1e79a9-a4e2-11e4-a267-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {fb9255ba-dfb8-11e5-99a6-101f74cd2a34} - E:\AutoRun.exe
ShortcutTarget: AntiShortCutUpdate.lnk -> C:\Windows\System32\cmd.exe (Microsoft Windows -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AntiUsbShortCutUpdate.lnk [2019-02-13]
ShortcutTarget: AntiUsbShortCutUpdate.lnk -> C:\AntiShortCut\AntiUsb.exe (AutoIt Team) [File not signed]
C:\AntiShortCut
GroupPolicy: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = 
SearchScopes: HKU\S-1-5-21-3317693104-3463003405-3107741733-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = 
Toolbar: HKU\S-1-5-21-3317693104-3463003405-3107741733-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
CHR StartupUrls: Default -> "hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrId=143A60D81965D2A0&affID=128235&tsp=5214","hxxp://www.google.com.pe/","hxxp://pe.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_33&param1=1&param2=f%3D7%26b%3DChrome%26cc%3Dpe%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyCtD0DzztCzyyCyD0DtB0AtDyCyByByEtN0D0Tzu0StCtAtCzztN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEyCyCtDzz0CtB0DtGtAzyyEyCtGtByC0CtBtGtC0DtAtBtGzzyDtB0BtBzztDyByEzy0D0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtBtDyB0EzyyD0DtGtByE0EzytGyEzyyCyBtG0AyDtBtAtGyC0BtCtB0E0E0BtCyDyDtD0E2QtN0A0LzuyE%26cr%3D1997258894%26a%3Dwncy_ir_15_33%26os%3DWindows%2B7%2BUltimate","hxxp://pe.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_33&param1=1&param2=f%3D7%26b%3DChrome%26cc%3Dpe%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyCtD0DzztCzyyCyD0DtB0AtDyCyByByEtN0D0Tzu0StCtAtCzztN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBzz0FtDtA0BtA0FtGyD0F0DtDtG0FzzyDtDtGyB0FyD0EtG0ByD0FtCtCtBtA0AyDyD0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtBtDyB0EzyyD0DtGtByE0EzytGyEzyyCyBtG0AyDtBtAtGyC0BtCtB0E0E0BtCyDyDtD0E2QtN0A0LzuyE%26cr%3D780167650%26a%3Dwncy_ir_15_33%26os%3DWindows%2B7%2BUltimate","hxxp://www.oursurfing.com/?type=hp&ts=1443583406&z=946affca9cdb778fb0c7265g7z8zdc4w2b7c5z0e4q&from=amt&uid=wdcxwd5000bpvt-60hxzt3_wd-wxh1a61w8672w8672","hxxps://www.google.com.pe/"
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 Huawei; system32\DRIVERS\ewdcsc.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2019-02-13 12:54 - 2019-02-19 11:54 - 000000000 _RSHD C:\AntiUsbShortCut
2019-02-13 12:51 - 2019-02-19 11:54 - 000000000 _RSHD C:\AntiShortCut
2019-02-18 23:27 - 2015-06-10 06:20 - 000000000 ____D C:\73712decdae59042e3ad5990
2019-02-18 23:25 - 2018-09-12 13:29 - 000000000 ____D C:\972db6410836087b29476ada3d545fdb
2015-02-20 17:15 - 2015-02-20 17:15 - 000427001 _____ () C:\Users\Invitado\AppData\Local\Temp\{48416259-16DF-4FD2-9F1C-C576A4BF429C}-40.0.2214.115_40.0.2214.111_chrome_updater.exe
ContextMenuHandlers1_S-1-5-21-3317693104-3463003405-3107741733-1000: [SysMenuExt] -> {020B1D4B-5738-4C77-9E19-4F173DD9B486} =>  -> No File
Shortcut: C:\Users\SAHUA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Image-Line website.lnk -> hxxp://www.image-line.com
Shortcut: C:\Users\SAHUA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk -> hxxp://www.image-line.com/diagnosti
Shortcut: C:\Users\SAHUA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk -> hxxp://www.deckadance.com
Shortcut: C:\Users\SAHUA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk
ShortcutWithArgument: C:\Users\SAHUA\Desktop\Menú de aplicaciones de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Menú de aplicaciones de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\SAHUA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Menú de aplicaciones de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\SAHUA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\SAHUA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio remoto de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  
ShortcutWithArgument: C:\Users\SAHUA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Menú de aplicaciones de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
AlternateDataStreams: C:\ProgramData\Microsoft:KQDnIekKyX2mJlADGWzsOpA [2336]
AlternateDataStreams: C:\ProgramData\Microsoft:kXXOrgYQlhPKts7vcxSoHiuvJ [2320]
AlternateDataStreams: C:\ProgramData\Microsoft:LXqHgz38uqWAMnRoL7GnjQfK59 [1996]
AlternateDataStreams: C:\ProgramData\Microsoft:OHjbESuYgCjsWObDHLPKHnuxA4 [1958]
AlternateDataStreams: C:\ProgramData\Microsoft:UFAmfwdPnej4VtseNAlBGLfqp [1856]
AlternateDataStreams: C:\Users\SAHUA\Configuración local:37zERzuizmGXZQ5Z2yC5mujL937XOn [1998]
AlternateDataStreams: C:\Users\SAHUA\Configuración local:YXy5MUUObnCyGwHN014Nu6k [2040]
AlternateDataStreams: C:\Users\SAHUA\Cookies:7KQS71PBg8WQtshYtFypR1Vz8x [552]
AlternateDataStreams: C:\Users\SAHUA\Cookies:hyOHsJVUcyc4haeCmXR0pZwRn [2002]
AlternateDataStreams: C:\Users\SAHUA\AppData\Local:37zERzuizmGXZQ5Z2yC5mujL937XOn [1998]
AlternateDataStreams: C:\Users\SAHUA\AppData\Local:YXy5MUUObnCyGwHN014Nu6k [2040]
AlternateDataStreams: C:\Users\SAHUA\AppData\Local\1N7kyIRjd:zDIvFc3Lbk3Q9pIOkLpde [2016]
AlternateDataStreams: C:\Users\SAHUA\AppData\Local\Datos de programa:37zERzuizmGXZQ5Z2yC5mujL937XOn [1998]
AlternateDataStreams: C:\Users\SAHUA\AppData\Local\Datos de programa:YXy5MUUObnCyGwHN014Nu6k [2040]


HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

  • Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro?, para trabajar desde ese modo de windows.

  • Ejecutas Frst.exe.

  • Presionas el botón Fix y aguardas a que termine.

  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, comentado como va el pc


#13

El problema se detuvo, ya no sale el aviso :smiley: este es el reporte que me dió el FRST:


Fix result of Farbar Recovery Scan Tool (x64) Version: 27.02.2019 01
Ran by SAHUA (28-02-2019 15:15:41) Run:1
Running from C:\Users\SAHUA\Desktop
Loaded Profiles: SAHUA (Available Profiles: SAHUA & NADIA & Invitado)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:

HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: E - E:\SISetup.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {0a7ecb36-6124-11e4-8eba-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {0a7ecb46-6124-11e4-8eba-101f74cd2a34} - E:\LGAutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {198a96c4-c4bd-11e2-afc0-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {2cd704dc-021f-11e4-8c73-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {2cd70980-021f-11e4-8c73-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {4dd03c4d-b9af-11e2-b341-101f74cd2a34} - F:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {8920cf80-f0a7-11e3-9004-101f74cd2a34} - E:\SISetup.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {8b33d1d5-796b-11e4-be6c-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {971d6ac3-3420-11e3-92e2-101f74cd2a34} - F:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {9947ed22-14a2-11e3-8b0b-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {a0bf5f76-6604-11e4-8b9c-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {a5621601-0e98-11e4-afda-101f74cd2a34} - E:\LGAutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {afc718cd-0629-11e4-be65-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {afc718d8-0629-11e4-be65-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {cd522ec3-a455-11e4-97f2-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {cec3e748-067b-11e6-8e35-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {fb1e79a9-a4e2-11e4-a267-101f74cd2a34} - E:\AutoRun.exe
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\...\MountPoints2: {fb9255ba-dfb8-11e5-99a6-101f74cd2a34} - E:\AutoRun.exe
ShortcutTarget: AntiShortCutUpdate.lnk -> C:\Windows\System32\cmd.exe (Microsoft Windows -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AntiUsbShortCutUpdate.lnk [2019-02-13]
ShortcutTarget: AntiUsbShortCutUpdate.lnk -> C:\AntiShortCut\AntiUsb.exe (AutoIt Team) [File not signed]
C:\AntiShortCut
GroupPolicy: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = 
SearchScopes: HKU\S-1-5-21-3317693104-3463003405-3107741733-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = 
Toolbar: HKU\S-1-5-21-3317693104-3463003405-3107741733-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
CHR StartupUrls: Default -> "hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrId=143A60D81965D2A0&affID=128235&tsp=5214","hxxp://www.google.com.pe/","hxxp://pe.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_33&param1=1&param2=f%3D7%26b%3DChrome%26cc%3Dpe%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyCtD0DzztCzyyCyD0DtB0AtDyCyByByEtN0D0Tzu0StCtAtCzztN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEyCyCtDzz0CtB0DtGtAzyyEyCtGtByC0CtBtGtC0DtAtBtGzzyDtB0BtBzztDyByEzy0D0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtBtDyB0EzyyD0DtGtByE0EzytGyEzyyCyBtG0AyDtBtAtGyC0BtCtB0E0E0BtCyDyDtD0E2QtN0A0LzuyE%26cr%3D1997258894%26a%3Dwncy_ir_15_33%26os%3DWindows%2B7%2BUltimate","hxxp://pe.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_33&param1=1&param2=f%3D7%26b%3DChrome%26cc%3Dpe%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyCtD0DzztCzyyCyD0DtB0AtDyCyByByEtN0D0Tzu0StCtAtCzztN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBzz0FtDtA0BtA0FtGyD0F0DtDtG0FzzyDtDtGyB0FyD0EtG0ByD0FtCtCtBtA0AyDyD0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtBtDyB0EzyyD0DtGtByE0EzytGyEzyyCyBtG0AyDtBtAtGyC0BtCtB0E0E0BtCyDyDtD0E2QtN0A0LzuyE%26cr%3D780167650%26a%3Dwncy_ir_15_33%26os%3DWindows%2B7%2BUltimate","hxxp://www.oursurfing.com/?type=hp&ts=1443583406&z=946affca9cdb778fb0c7265g7z8zdc4w2b7c5z0e4q&from=amt&uid=wdcxwd5000bpvt-60hxzt3_wd-wxh1a61w8672w8672","hxxps://www.google.com.pe/"
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 Huawei; system32\DRIVERS\ewdcsc.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2019-02-13 12:54 - 2019-02-19 11:54 - 000000000 _RSHD C:\AntiUsbShortCut
2019-02-13 12:51 - 2019-02-19 11:54 - 000000000 _RSHD C:\AntiShortCut
2019-02-18 23:27 - 2015-06-10 06:20 - 000000000 ____D C:\73712decdae59042e3ad5990
2019-02-18 23:25 - 2018-09-12 13:29 - 000000000 ____D C:\972db6410836087b29476ada3d545fdb
2015-02-20 17:15 - 2015-02-20 17:15 - 000427001 _____ () C:\Users\Invitado\AppData\Local\Temp\{48416259-16DF-4FD2-9F1C-C576A4BF429C}-40.0.2214.115_40.0.2214.111_chrome_updater.exe
ContextMenuHandlers1_S-1-5-21-3317693104-3463003405-3107741733-1000: [SysMenuExt] -> {020B1D4B-5738-4C77-9E19-4F173DD9B486} =>  -> No File
Shortcut: C:\Users\SAHUA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Image-Line website.lnk -> hxxp://www.image-line.com
Shortcut: C:\Users\SAHUA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk -> hxxp://www.image-line.com/diagnosti
Shortcut: C:\Users\SAHUA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk -> hxxp://www.deckadance.com
Shortcut: C:\Users\SAHUA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk
ShortcutWithArgument: C:\Users\SAHUA\Desktop\Men� de aplicaciones de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Men� de aplicaciones de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\SAHUA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Men� de aplicaciones de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\SAHUA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\SAHUA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio remoto de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  
ShortcutWithArgument: C:\Users\SAHUA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Men� de aplicaciones de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
AlternateDataStreams: C:\ProgramData\Microsoft:KQDnIekKyX2mJlADGWzsOpA [2336]
AlternateDataStreams: C:\ProgramData\Microsoft:kXXOrgYQlhPKts7vcxSoHiuvJ [2320]
AlternateDataStreams: C:\ProgramData\Microsoft:LXqHgz38uqWAMnRoL7GnjQfK59 [1996]
AlternateDataStreams: C:\ProgramData\Microsoft:OHjbESuYgCjsWObDHLPKHnuxA4 [1958]
AlternateDataStreams: C:\ProgramData\Microsoft:UFAmfwdPnej4VtseNAlBGLfqp [1856]
AlternateDataStreams: C:\Users\SAHUA\Configuraci�n local:37zERzuizmGXZQ5Z2yC5mujL937XOn [1998]
AlternateDataStreams: C:\Users\SAHUA\Configuraci�n local:YXy5MUUObnCyGwHN014Nu6k [2040]
AlternateDataStreams: C:\Users\SAHUA\Cookies:7KQS71PBg8WQtshYtFypR1Vz8x [552]
AlternateDataStreams: C:\Users\SAHUA\Cookies:hyOHsJVUcyc4haeCmXR0pZwRn [2002]
AlternateDataStreams: C:\Users\SAHUA\AppData\Local:37zERzuizmGXZQ5Z2yC5mujL937XOn [1998]
AlternateDataStreams: C:\Users\SAHUA\AppData\Local:YXy5MUUObnCyGwHN014Nu6k [2040]
AlternateDataStreams: C:\Users\SAHUA\AppData\Local\1N7kyIRjd:zDIvFc3Lbk3Q9pIOkLpde [2016]
AlternateDataStreams: C:\Users\SAHUA\AppData\Local\Datos de programa:37zERzuizmGXZQ5Z2yC5mujL937XOn [1998]
AlternateDataStreams: C:\Users\SAHUA\AppData\Local\Datos de programa:YXy5MUUObnCyGwHN014Nu6k [2040]


HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E => removed successfully
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0a7ecb36-6124-11e4-8eba-101f74cd2a34} => removed successfully
HKLM\Software\Classes\CLSID\{0a7ecb36-6124-11e4-8eba-101f74cd2a34} => not found
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0a7ecb46-6124-11e4-8eba-101f74cd2a34} => removed successfully
HKLM\Software\Classes\CLSID\{0a7ecb46-6124-11e4-8eba-101f74cd2a34} => not found
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{198a96c4-c4bd-11e2-afc0-101f74cd2a34} => removed successfully
HKLM\Software\Classes\CLSID\{198a96c4-c4bd-11e2-afc0-101f74cd2a34} => not found
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2cd704dc-021f-11e4-8c73-101f74cd2a34} => removed successfully
HKLM\Software\Classes\CLSID\{2cd704dc-021f-11e4-8c73-101f74cd2a34} => not found
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2cd70980-021f-11e4-8c73-101f74cd2a34} => removed successfully
HKLM\Software\Classes\CLSID\{2cd70980-021f-11e4-8c73-101f74cd2a34} => not found
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4dd03c4d-b9af-11e2-b341-101f74cd2a34} => removed successfully
HKLM\Software\Classes\CLSID\{4dd03c4d-b9af-11e2-b341-101f74cd2a34} => not found
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8920cf80-f0a7-11e3-9004-101f74cd2a34} => removed successfully
HKLM\Software\Classes\CLSID\{8920cf80-f0a7-11e3-9004-101f74cd2a34} => not found
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8b33d1d5-796b-11e4-be6c-101f74cd2a34} => removed successfully
HKLM\Software\Classes\CLSID\{8b33d1d5-796b-11e4-be6c-101f74cd2a34} => not found
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{971d6ac3-3420-11e3-92e2-101f74cd2a34} => removed successfully
HKLM\Software\Classes\CLSID\{971d6ac3-3420-11e3-92e2-101f74cd2a34} => not found
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9947ed22-14a2-11e3-8b0b-101f74cd2a34} => removed successfully
HKLM\Software\Classes\CLSID\{9947ed22-14a2-11e3-8b0b-101f74cd2a34} => not found
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a0bf5f76-6604-11e4-8b9c-101f74cd2a34} => removed successfully
HKLM\Software\Classes\CLSID\{a0bf5f76-6604-11e4-8b9c-101f74cd2a34} => not found
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a5621601-0e98-11e4-afda-101f74cd2a34} => removed successfully
HKLM\Software\Classes\CLSID\{a5621601-0e98-11e4-afda-101f74cd2a34} => not found
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{afc718cd-0629-11e4-be65-101f74cd2a34} => removed successfully
HKLM\Software\Classes\CLSID\{afc718cd-0629-11e4-be65-101f74cd2a34} => not found
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{afc718d8-0629-11e4-be65-101f74cd2a34} => removed successfully
HKLM\Software\Classes\CLSID\{afc718d8-0629-11e4-be65-101f74cd2a34} => not found
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cd522ec3-a455-11e4-97f2-101f74cd2a34} => removed successfully
HKLM\Software\Classes\CLSID\{cd522ec3-a455-11e4-97f2-101f74cd2a34} => not found
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cec3e748-067b-11e6-8e35-101f74cd2a34} => removed successfully
HKLM\Software\Classes\CLSID\{cec3e748-067b-11e6-8e35-101f74cd2a34} => not found
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fb1e79a9-a4e2-11e4-a267-101f74cd2a34} => removed successfully
HKLM\Software\Classes\CLSID\{fb1e79a9-a4e2-11e4-a267-101f74cd2a34} => not found
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fb9255ba-dfb8-11e5-99a6-101f74cd2a34} => removed successfully
HKLM\Software\Classes\CLSID\{fb9255ba-dfb8-11e5-99a6-101f74cd2a34} => not found
C:\Windows\System32\cmd.exe => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AntiUsbShortCutUpdate.lnk => moved successfully
C:\AntiShortCut\AntiUsb.exe => moved successfully
C:\AntiShortCut => moved successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => not found
"Chrome StartupUrls" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => removed successfully
HKLM\System\CurrentControlSet\Services\ewusbmbb => removed successfully
ewusbmbb => service removed successfully
HKLM\System\CurrentControlSet\Services\ew_hwusbdev => removed successfully
ew_hwusbdev => service removed successfully
HKLM\System\CurrentControlSet\Services\ew_usbenumfilter => removed successfully
ew_usbenumfilter => service removed successfully
HKLM\System\CurrentControlSet\Services\Huawei => removed successfully
Huawei => service removed successfully
HKLM\System\CurrentControlSet\Services\huawei_cdcacm => removed successfully
huawei_cdcacm => service removed successfully
HKLM\System\CurrentControlSet\Services\huawei_enumerator => removed successfully
huawei_enumerator => service removed successfully
HKLM\System\CurrentControlSet\Services\huawei_ext_ctrl => removed successfully
huawei_ext_ctrl => service removed successfully
HKLM\System\CurrentControlSet\Services\huawei_wwanecm => removed successfully
huawei_wwanecm => service removed successfully
HKLM\System\CurrentControlSet\Services\hwdatacard => removed successfully
hwdatacard => service removed successfully
HKLM\System\CurrentControlSet\Services\pccsmcfd => removed successfully
pccsmcfd => service removed successfully
HKLM\System\CurrentControlSet\Services\Synth3dVsc => removed successfully
Synth3dVsc => service removed successfully
HKLM\System\CurrentControlSet\Services\tsusbhub => removed successfully
tsusbhub => service removed successfully
HKLM\System\CurrentControlSet\Services\VGPU => removed successfully
VGPU => service removed successfully
C:\AntiUsbShortCut => moved successfully
"C:\AntiShortCut" => not found
C:\73712decdae59042e3ad5990 => moved successfully
C:\972db6410836087b29476ada3d545fdb => moved successfully
C:\Users\Invitado\AppData\Local\Temp\{48416259-16DF-4FD2-9F1C-C576A4BF429C}-40.0.2214.115_40.0.2214.111_chrome_updater.exe => moved successfully
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\Software\Classes\*\ShellEx\ContextMenuHandlers\SysMenuExt => removed successfully
HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486} => not found
C:\Users\SAHUA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Image-Line website.lnk => moved successfully
C:\Users\SAHUA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk => moved successfully
C:\Users\SAHUA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk => moved successfully
C:\Users\SAHUA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk => moved successfully
"C:\Users\SAHUA\Desktop\Men� de aplicaciones de Chrome.lnk" => not found
"C:\Users\SAHUA\AppData\Local\Google\Chrome\User Data\Men� de aplicaciones de Chrome.lnk" => not found
"C:\Users\SAHUA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Men� de aplicaciones de Chrome.lnk" => not found
C:\Users\SAHUA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome (1).lnk => Shortcut argument removed successfully
C:\Users\SAHUA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio remoto de Chrome.lnk => Shortcut argument removed successfully
"C:\Users\SAHUA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Men� de aplicaciones de Chrome.lnk" => not found
C:\ProgramData\Microsoft => ":KQDnIekKyX2mJlADGWzsOpA" ADS removed successfully
C:\ProgramData\Microsoft => ":kXXOrgYQlhPKts7vcxSoHiuvJ" ADS removed successfully
C:\ProgramData\Microsoft => ":LXqHgz38uqWAMnRoL7GnjQfK59" ADS removed successfully
C:\ProgramData\Microsoft => ":OHjbESuYgCjsWObDHLPKHnuxA4" ADS removed successfully
C:\ProgramData\Microsoft => ":UFAmfwdPnej4VtseNAlBGLfqp" ADS removed successfully
"C:\Users\SAHUA\Configuraci�n local" => ":37zERzuizmGXZQ5Z2yC5mujL937XOn" ADS not found.
"C:\Users\SAHUA\Configuraci�n local" => ":YXy5MUUObnCyGwHN014Nu6k" ADS not found.
C:\Users\SAHUA\Cookies => ":7KQS71PBg8WQtshYtFypR1Vz8x" ADS removed successfully
C:\Users\SAHUA\Cookies => ":hyOHsJVUcyc4haeCmXR0pZwRn" ADS removed successfully
C:\Users\SAHUA\AppData\Local => ":37zERzuizmGXZQ5Z2yC5mujL937XOn" ADS removed successfully
C:\Users\SAHUA\AppData\Local => ":YXy5MUUObnCyGwHN014Nu6k" ADS removed successfully
C:\Users\SAHUA\AppData\Local\1N7kyIRjd => ":zDIvFc3Lbk3Q9pIOkLpde" ADS removed successfully
"C:\Users\SAHUA\AppData\Local\Datos de programa" => ":37zERzuizmGXZQ5Z2yC5mujL937XOn" ADS not found.
"C:\Users\SAHUA\AppData\Local\Datos de programa" => ":YXy5MUUObnCyGwHN014Nu6k" ADS not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3317693104-3463003405-3107741733-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


========= End of CMD: =========


========= ipconfig /renew =========


========= End of CMD: =========


========= ipconfig /flushdns =========


========= End of CMD: =========


========= bitsadmin /reset /allusers =========


========= End of CMD: =========


========= netsh advfirewall reset =========


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========


========= End of CMD: =========


========= netsh int ipv4 reset =========


========= End of CMD: =========


========= netsh int ipv6 reset =========


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 27450744 B
Java, Flash, Steam htmlcache => 1275 B
Windows/system/drivers => 6066292 B
Edge => 0 B
Chrome => 39791197 B
Firefox => 0 B
Opera => 134144 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 88699103 B
systemprofile32 => 66088 B
LocalService => 0 B
NetworkService => 0 B
SAHUA => 48734053 B
NADIA => 248907987 B
Invitado => 287010693 B

RecycleBin => 800 B
EmptyTemp: => 712.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:23:13 ====

#14

@Miguelgrado Muchas gracias!


#15

Para eliminar las herramientas usadas en la desinfección, realizas:

  • Descargas y Ejecutas >> Delfix, en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7 /8 /10,presiona clic derecho y selecciona >>;Ejecutar como Administrador.)

  • Marca solamente la casilla Remove disinfection tools

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Si queda alguna herramienta, la desinstalas desde panel de Windows y aquellas que no estén listadas, se eliminan directamente.


Me alegro de haberte podido ayudar! :+1:


TEMA SOLUCIONADO


cerrado #16

Este tema se cerró automáticamente 2 días después del último post. No se permiten nuevas respuestas.