Ayuda con PUP.Optional.MindSpark.Generic,

Ya he seguido todos los pasos de la Guía para eliminar Malware, me descargué los programas y seguí las instrucciones pero he vuelto a pasar el programa de Malware para ver si el ordenador está limpio y me siguen saliendo las amenazas.¿Qué puedo hacer?

Realiza los siguientes pasos, , aunque ya hayas echo alguno, sin cambiar el orden

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware,

Manual Malwarebytes, para que sepas usarlo y configurarlo.

  • Realiza un Análisis Personalizado,marcando Todas las casillas de la derecha y de la Izquierda actualizando si te lo pide.
  • Pulsar en “Eliminar Seleccionados” para enviarlo a la cuarentena y Reinicias el sistema.
  • Para acceder posteriormente al informe del análisis : Informes >> Registro de análisis >> Pulsar en >> Exportar >> Copiar al Portapapeles, y lo pegas en tu respuesta

2) Descarga Adwcleaner en el escritorio.

  • Desactiva tu antivirus :arrow_forward:Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad.

  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Pulsar en el botón Analizar Ahora, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Iniciar Reparacion.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • Si no encuentra nada, pulsamos “Omitir Reparación

  • El log lo encontramos en la pestaña “Informes”, volviendo a abrir el programa, si es necesario o en"C:\AdwCleaner\Logs\AdwCleaner[C0].txt"

Puedes mirar su manual >> Manual de Adwcleaner

3) Descarga Ccleaner

Instalalo y ejecútalo. En la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine > clic en ejecutar limpiador. Clic en la pestaña Registro > clic en buscar problemas esperas que termine > clic en Reparar Seleccionadas y haces una copia de seguridad.

Pega los reportes de Malwarebytes, AdwCleaner y comentas como va el problema.


Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 18/5/19
Hora del análisis: 19:50
Archivo de registro: 670e77a0-7995-11e9-9bf5-2c56dc0465fe.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.586
Versión del paquete de actualización: 1.0.10658
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.765)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-R3F2LF4\Libelula

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 310801
Amenazas detectadas: 79
Amenazas en cuarentena: 79
Tiempo transcurrido: 9 min, 21 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 1
PUP.Optional.MindSpark.Generic, HKU\S-1-5-21-3456141109-2991592538-2196831460-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|ekamneaohnpkfjaffmimdhgbpdablhbn, En cuarentena, [1756], [443121],1.0.10658

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 19
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\es_419, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\pt_BR, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\pt_PT, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\ar, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\de, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\en, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\es, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\fr, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\it, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\ja, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\ko, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\nl, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_metadata, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\config, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\icons, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\USERS\LIBELULA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\EKAMNEAOHNPKFJAFFMIMDHGBPDABLHBN, En cuarentena, [1756], [443121],1.0.10658

Archivo: 59
PUP.Optional.MindSpark.Generic, C:\USERS\LIBELULA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\USERS\LIBELULA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Sustituido, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\USERS\LIBELULA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\EKAMNEAOHNPKFJAFFMIMDHGBPDABLHBN\13.870.15.8251_0\MANIFEST.JSON, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\config\config.json, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\icons\icon128.png, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\icons\icon16.png, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\icons\icon19disabled.png, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\icons\icon19on.png, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\icons\icon48.png, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\meta.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\ajax.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\babAPI.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\babClickHandler.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\babContentScript.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\babContentScriptAPI.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\background.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\browserUtils.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\chrome.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\contentScriptConnectionManager.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\dateTimeUtils.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\dlp.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\dlpHelper.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\extensionDetect.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\index.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\localStorageContentScript.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\logger.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\offerService.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\pageUtils.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\PartnerId.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\polyfill.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\product.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\remoteConfigLoader.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\splashPageLocalStorageSetter.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\splashPageRedirectHandler.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\storageUtils.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\TemplateParser.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\ul.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\urlFragmentActions.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\urlUtils.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\util.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\webtooltabAPI.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\webTooltabAPIProxy.js, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\ar\messages.json, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\de\messages.json, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\en\messages.json, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\es\messages.json, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\es_419\messages.json, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\fr\messages.json, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\it\messages.json, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\ja\messages.json, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\ko\messages.json, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\nl\messages.json, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\pt_BR\messages.json, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\pt_PT\messages.json, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_metadata\verified_contents.json, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\newtabpage.html, En cuarentena, [1756], [443121],1.0.10658
PUP.Optional.DefaultSearch.ShrtCln, C:\USERS\LIBELULA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [298], [455072],1.0.10658
PUP.Optional.DefaultSearch.ShrtCln, C:\USERS\LIBELULA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [298], [455072],1.0.10658
PUP.Optional.DefaultSearch.ShrtCln, C:\USERS\LIBELULA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [298], [455072],1.0.10658

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build:    04-04-2019
# Database: 2019-04-29.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    05-18-2019
# Duration: 00:00:13
# OS:       Windows 10 Home
# Scanned:  27335
# Detected: 32


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.DriverDoc          C:\Windows\Installer\{4D0A0750-B034-4DF8-97DE-26F1212AC2FF}
PUP.Optional.Legacy             C:\Program Files\Hola
PUP.Optional.Legacy             C:\Users\Libelula\AppData\Roaming\Hola
PUP.Optional.WebCompanion       C:\Program Files (x86)\Lavasoft\Web Companion
PUP.Optional.WebCompanion       C:\ProgramData\Application Data\Lavasoft\Web Companion
PUP.Optional.WebCompanion       C:\ProgramData\Lavasoft\Web Companion
PUP.Optional.WebCompanion       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
PUP.Optional.WebCompanion       C:\Users\Libelula\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
PUP.Optional.WebCompanion       C:\Users\Libelula\AppData\Roaming\Lavasoft\Web Companion

***** [ Files ] *****

PUP.Optional.Legacy             C:\Users\Libelula\AppData\Roaming\Mozilla\Firefox\Profiles\ywldv6is.default\invalidprefs.js

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org
PUP.Optional.Legacy             HKLM\Software\Hola
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|TrailerTime
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|hola
PUP.Optional.Legacy             HKU\.DEFAULT\Software\Hola
PUP.Optional.Legacy             HKU\S-1-5-18\Software\Hola
PUP.Optional.Solvusoft          HKLM\SOFTWARE\Classes\Applications\DriverDocSetup.exe
PUP.Optional.WebCompanion       HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion       HKLM\Software\Wow6432Node\Lavasoft\Web Companion
PUP.Optional.WebCompanion       HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion       HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

Adware.Mindspark                EasyPDFCombine
PUP.Optional.Legacy             MSN Homepage & Bing Search Engine

***** [ Chromium URLs ] *****

PUP.Optional.DefaultSearch.ShrtCln http://www.default-search.net?sid=476&aid=125&itype=a&ver=12627&tm=312&src=hmp
PUP.Optional.DefaultSearch.ShrtCln http://www.default-search.net?sid=476&aid=125&itype=a&ver=13277&tm=312&src=hmp
PUP.Optional.DefaultSearch.ShrtCln http://www.default-search.net?sid=476&aid=125&itype=n&ver=12302&tm=312&src=hmp
PUP.Optional.Legacy             http://www.default-search.net?sid=476&aid=125&itype=a&ver=12627&tm=312&src=hmp
PUP.Optional.Legacy             http://www.default-search.net?sid=476&aid=125&itype=a&ver=13277&tm=312&src=hmp
PUP.Optional.Legacy             http://www.default-search.net?sid=476&aid=125&itype=n&ver=12302&tm=312&src=hmp
PUP.Optional.Legacy             so-v

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
# -------------------------------
    # Malwarebytes AdwCleaner 7.3.0.0
    # -------------------------------
    # Build:    04-04-2019
    # Database: 2019-04-29.1 (Cloud)
    # Support:  https://www.malwarebytes.com/support
    #
    # -------------------------------
    # Mode: Clean
    # -------------------------------
    # Start:    05-18-2019
    # Duration: 00:00:05
    # OS:       Windows 10 Home
    # Cleaned:  32
    # Failed:   0


    ***** [ Services ] *****

    No malicious services cleaned.

    ***** [ Folders ] *****

    Deleted       C:\Program Files (x86)\Lavasoft\Web Companion
    Deleted       C:\Program Files\Hola
    Deleted       C:\ProgramData\Application Data\Lavasoft\Web Companion
    Deleted       C:\ProgramData\Lavasoft\Web Companion
    Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
    Deleted       C:\Users\Libelula\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
    Deleted       C:\Users\Libelula\AppData\Roaming\Hola
    Deleted       C:\Users\Libelula\AppData\Roaming\Lavasoft\Web Companion
    Deleted       C:\Windows\Installer\{4D0A0750-B034-4DF8-97DE-26F1212AC2FF}

    ***** [ Files ] *****

    Deleted       C:\Users\Libelula\AppData\Roaming\Mozilla\Firefox\Profiles\ywldv6is.default\invalidprefs.js

    ***** [ DLL ] *****

    No malicious DLLs cleaned.

    ***** [ WMI ] *****

    No malicious WMI cleaned.

    ***** [ Shortcuts ] *****

    No malicious shortcuts cleaned.

    ***** [ Tasks ] *****

    No malicious tasks cleaned.

    ***** [ Registry ] *****

    Deleted       HKCU\Software\Lavasoft\Web Companion
    Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
    Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org
    Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
    Deleted       HKLM\SOFTWARE\Classes\Applications\DriverDocSetup.exe
    Deleted       HKLM\Software\Hola
    Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|TrailerTime
    Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|hola
    Deleted       HKLM\Software\Wow6432Node\Lavasoft\Web Companion
    Deleted       HKU\.DEFAULT\Software\Hola
    Deleted       HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
    Deleted       HKU\S-1-5-18\Software\Hola
    Deleted       HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

    ***** [ Chromium (and derivatives) ] *****

    Deleted       EasyPDFCombine
    Deleted       MSN Homepage & Bing Search Engine

    ***** [ Chromium URLs ] *****

    Deleted       http://www.default-search.net?sid=476&aid=125&itype=a&ver=12627&tm=312&src=hmp
    Deleted       http://www.default-search.net?sid=476&aid=125&itype=a&ver=12627&tm=312&src=hmp
    Deleted       http://www.default-search.net?sid=476&aid=125&itype=a&ver=13277&tm=312&src=hmp
    Deleted       http://www.default-search.net?sid=476&aid=125&itype=a&ver=13277&tm=312&src=hmp
    Deleted       http://www.default-search.net?sid=476&aid=125&itype=n&ver=12302&tm=312&src=hmp
    Deleted       http://www.default-search.net?sid=476&aid=125&itype=n&ver=12302&tm=312&src=hmp
    Deleted       so-v

    ***** [ Firefox (and derivatives) ] *****

    No malicious Firefox entries cleaned.

    ***** [ Firefox URLs ] *****

    No malicious Firefox URLs cleaned.


    *************************

    [+] Delete Tracing Keys
    [+] Reset Winsock

    *************************

    AdwCleaner[S00].txt - [4130 octets] - [18/05/2019 20:54:06]

    ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Ahora repite el análisis con Malwarebytes, pero por favor, lee mis indicaciones y realizarlo como había indicado ( mira como había puesto que se realizara el análisis) …y me pegas el log, para ver como va el problema planteado y poder realizar mas pasos si es necesario

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 18/5/19
Hora del análisis: 21:32
Archivo de registro: a5ef847e-79a3-11e9-8d0d-2c56dc0465fe.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.586
Versión del paquete de actualización: 1.0.10658
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.765)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-R3F2LF4\Libelula

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 517556
Amenazas detectadas: 83
Amenazas en cuarentena: 83
Tiempo transcurrido: 9 hr, 38 min, 52 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 1
PUP.Optional.MindSpark.Generic, HKU\S-1-5-21-3456141109-2991592538-2196831460-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|ekamneaohnpkfjaffmimdhgbpdablhbn, En cuarentena, [1756], [456842],1.0.10658

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 19
PUP.Optional.MindSpark.Generic, C:\USERS\LIBELULA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\es_419, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\pt_BR, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\pt_PT, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\ar, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\de, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\en, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\es, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\fr, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\it, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\ja, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\ko, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\nl, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_metadata, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\config, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\icons, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\USERS\LIBELULA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\EKAMNEAOHNPKFJAFFMIMDHGBPDABLHBN\13.870.15.8251_0, En cuarentena, [1756], [456842],1.0.10658

Archivo: 63
Adware.Elex, C:\ADWCLEANER\QUARANTINE\C\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\GOOGLE CHROME.LNK.VIR, En cuarentena, [495], [674076],1.0.10658
Adware.Elex, C:\ADWCLEANER\QUARANTINE\C\USERS\LIBELULA\APPDATA\ROAMING\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\USER PINNED\TASKBAR\GOOGLE CHROME.LNK.VIR, En cuarentena, [495], [674076],1.0.10658
Adware.Elex, C:\ADWCLEANER\QUARANTINE\C\USERS\LIBELULA\APPDATA\ROAMING\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\GOOGLE CHROME.LNK.VIR, En cuarentena, [495], [674076],1.0.10658
Adware.Elex, C:\ADWCLEANER\QUARANTINE\C\USERS\PUBLIC\DESKTOP\GOOGLE CHROME.LNK.VIR, En cuarentena, [495], [674076],1.0.10658
Adware.Elex, C:\ADWCLEANER\QUARANTINE\C\USERS\PUBLIC\DESKTOP\WPS OFFICE.LNK.VIR, En cuarentena, [495], [674076],1.0.10658
PUP.Optional.TrailerTime, C:\ADWCLEANER\QUARANTINE\C\USERS\LIBELULA\APPDATA\ROAMING\TRAILERTIME\UNINSTALL.EXE.VIR, En cuarentena, [4349], [99368],1.0.10658
PUP.Optional.Komodia, C:\ADWCLEANER\QUARANTINE\C\WINDOWS\SYSNATIVE\DRIVERS\ZCWFP64.SYS.VIR, En cuarentena, [540], [97912],1.0.10658
PUP.Optional.MindSpark.Generic, C:\USERS\LIBELULA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\USERS\LIBELULA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Sustituido, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\USERS\LIBELULA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\EKAMNEAOHNPKFJAFFMIMDHGBPDABLHBN\13.870.15.8251_0\CONFIG\CONFIG.JSON, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\icons\icon128.png, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\icons\icon16.png, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\icons\icon19disabled.png, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\icons\icon19on.png, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\icons\icon48.png, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\meta.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\ajax.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\babAPI.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\babClickHandler.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\babContentScript.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\babContentScriptAPI.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\background.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\browserUtils.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\chrome.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\contentScriptConnectionManager.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\dateTimeUtils.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\dlp.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\dlpHelper.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\extensionDetect.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\index.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\localStorageContentScript.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\logger.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\offerService.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\pageUtils.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\PartnerId.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\polyfill.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\product.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\remoteConfigLoader.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\splashPageLocalStorageSetter.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\splashPageRedirectHandler.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\storageUtils.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\TemplateParser.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\ul.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\urlFragmentActions.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\urlUtils.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\util.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\webtooltabAPI.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\webTooltabAPIProxy.js, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\ar\messages.json, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\de\messages.json, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\en\messages.json, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\es\messages.json, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\es_419\messages.json, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\fr\messages.json, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\it\messages.json, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\ja\messages.json, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\ko\messages.json, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\nl\messages.json, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\pt_BR\messages.json, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\pt_PT\messages.json, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_metadata\verified_contents.json, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\manifest.json, En cuarentena, [1756], [456842],1.0.10658
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\newtabpage.html, En cuarentena, [1756], [456842],1.0.10658

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Realiza lo siguiente:

  • Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.

  • Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits?

  • Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.

  • En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.

  • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.

En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST

Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-05.2019
Ran by Libelula (administrator) on DESKTOP-R3F2LF4 (ASUSTeK COMPUTER INC. X555LJ) (19-05-2019 10:45:35)
Running from C:\Users\Libelula\Desktop
Loaded Profiles: Libelula (Available Profiles: Libelula)
Platform: Windows 10 Home Version 1803 17134.765 (X64) Language: Español (España, internacional)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1903.21.0_x64__8wekyb3d8bbwe\Calculator.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUS) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AVAST Software a.s. -> ) C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(AVAST Software a.s. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\secureline.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Logitech, Inc. -> ) C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Logitech, Inc. -> Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261000 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.3.2.601\ASUSWSLoader.exe [63928 2018-04-20] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5537600 2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech, Inc. -> Logitech Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3456141109-2991592538-2196831460-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53646696 2019-05-09] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-3456141109-2991592538-2196831460-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22588760 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3456141109-2991592538-2196831460-1001\...\Run: [Google Update] => C:\Users\Libelula\AppData\Local\Google\Update\1.3.34.11\GoogleUpdateCore.exe [410920 2019-05-15] (Google Inc -> Google LLC)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [MSVideo] => C:\Windows\system32\vfwwdm32.dll [67072 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.157\Installer\chrmstp.exe [2019-05-17] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\73.0.1258.86\Installer\chrmstp.exe [2019-04-12] (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2015-10-20]
ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software a.s. -> AVAST Software)
GroupPolicy: Restriction - Chrome <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04963765-52A6-4CA0-A4B6-A30851F5C148} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {2C1D8F02-01A7-49F0-AE62-5A7BEC0AD973} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2925960 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
Task: {303B5F8A-0786-43F9-A542-38691D0C8D0D} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-28] (AVAST Software s.r.o. -> AVAST Software)
Task: {323EE82F-5D9A-41FC-96F7-3D568279D68D} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {388CC2AB-C6DC-4D5C-B668-ADB0E1DC78CC} - System32\Tasks\Opera scheduled assistant Autoupdate 1556136511 => C:\Users\Libelula\AppData\Local\Programs\Opera\launcher.exe
Task: {3ABD08C2-06C4-4205-BF51-BC7C18961012} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {453697D3-9CE3-4CAF-A596-A1FDD52CFE7C} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1618080 2015-05-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]
Task: {49305ECC-DECE-40AD-B840-17C15F3079D6} - System32\Tasks\WpsKtpcntrQingTask_Libelula => C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5657\office6\ktpcntr.exe
Task: {4C0FFA15-13E0-4DE6-A3AA-7D96A49F729F} - System32\Tasks\Opera scheduled Autoupdate 1556136501 => C:\Users\Libelula\AppData\Local\Programs\Opera\launcher.exe
Task: {519B1615-F859-41EB-ACBA-AE97B75A2AB3} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [55296 2015-08-25] (ASUS) [File not signed]
Task: {59CED1C4-01DB-4F07-ACAA-DCE7798F7CF1} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2380088 2019-04-07] (AVAST Software s.r.o. -> AVAST Software)
Task: {5B06E646-550A-41A9-B76B-159A61E6134B} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19782224 2015-05-25] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {6791F37F-5043-4060-8FFF-BB88293A5318} - System32\Tasks\{22BA72B9-F01C-472D-A054-6702F3094914} => C:\Windows\system32\pcalua.exe -a C:\Users\Libelula\AppData\Roaming\yoursearching\UninstallManager.exe -c  -ptid=brd
Task: {6924C8F5-E355-4A94-A5AC-659575C155C4} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16165632 2015-07-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {6FAAAFD3-190B-46FB-9FF2-5536DACE1DFD} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18416 2015-12-14] (ASUSTeK Computer Inc. -> AsusTek)
Task: {8847CE4F-6636-4A16-9F7D-2D831270B1C9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {91BE0969-A1CB-4BEB-B33A-5125EEADBDFF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9882E207-0CB7-4156-815B-E2DF7795B5C3} - System32\Tasks\WpsExternal_Libelula_20170914120250 => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe [1257600 2018-04-18] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {A1A4C3DC-DC3E-4471-BFB3-E9FCEECA65F5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-01-14] (Google Inc -> Google Inc.)
Task: {A3721FA9-0B3C-41C2-A5F8-278A1AE64EF5} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [863040 2016-05-11] (AVAST Software a.s. -> AVAST Software)
Task: {A5A378CE-1D2A-486B-92F1-04E5E7AF6360} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16571320 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B7175ED2-0DD7-4E14-87C7-C7255B99AC01} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3456141109-2991592538-2196831460-1001UA => C:\Users\Libelula\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2016-10-27] (Google Inc -> Google Inc.)
Task: {BD04BE05-66A8-4F54-AE67-B8FD83797CF4} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-07-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {BE9C8645-F639-4BC2-BB37-0E45B4C53D2D} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
Task: {C82F5FC2-259F-452A-A544-387E8D2013F6} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1955440 2019-04-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {CA76D50B-DEE0-4E49-9364-906A86017435} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1955440 2019-04-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {D395305C-C2DD-4314-A5D0-7EAE84CAA4C6} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {D5B14A23-819A-4DC3-B031-2B65996DDDF1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3456141109-2991592538-2196831460-1001Core => C:\Users\Libelula\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2016-10-27] (Google Inc -> Google Inc.)
Task: {D83BFD6C-3185-4C1C-8D35-356C10ABD313} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {DF9FD0E7-53A4-4938-905A-47160FA034D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-01-14] (Google Inc -> Google Inc.)
Task: {EFF773A9-BC9A-4D8B-9F77-70EB13FBCB95} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F76D17F2-3C06-49D0-B747-F1771A2A56CD} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-28] (AVAST Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\WpsKtpcntrQingTask_Libelula.job => C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5657\office6\ktpcntr.exeÃqing 10.1.0.5657 xxx server_url=hxxp:/kdl1.cache.wps.com/ksodl/wpscfg/client/____client____html____service____bubble.html ic_server_url=hxxp:/info.kingsoftstore.com/wpsv6internet/infos.ads

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{05e348c2-7f96-4194-b6a4-6123f65bdc56}: [DhcpNameServer] 192.168.40.1
Tcpip\..\Interfaces\{7e8461a1-d0c0-4f12-aeaa-7cc1b1e866c7}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3456141109-2991592538-2196831460-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://es.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10454__190424__yaie
HKU\S-1-5-21-3456141109-2991592538-2196831460-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3456141109-2991592538-2196831460-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-04-24] (McAfee, Inc. -> McAfee, Inc.)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-04-24] (McAfee, Inc. -> McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Libelula\AppData\Roaming\Mozilla\Firefox\Profiles\ywldv6is.default [2019-05-19]
FF Homepage: Mozilla\Firefox\Profiles\ywldv6is.default -> hxxp://www.google.es/
FF Extension: (Avast SafePrice) - C:\Users\Libelula\AppData\Roaming\Mozilla\Firefox\Profiles\ywldv6is.default\Extensions\[email protected] [2018-04-16] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/sp/update.json]
FF Extension: (Avast Online Security) - C:\Users\Libelula\AppData\Roaming\Mozilla\Firefox\Profiles\ywldv6is.default\Extensions\[email protected] [2018-07-20]
FF Extension: (Telemetry coverage) - C:\Users\Libelula\AppData\Roaming\Mozilla\Firefox\Profiles\ywldv6is.default\features\{dc0dd033-fdf5-437d-9c02-b45596aecbce}\[email protected] [2018-09-19] [Legacy]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-04-24]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3456141109-2991592538-2196831460-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Libelula\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2017-02-06] (Citrix Online -> Citrix Online)
FF Plugin HKU\S-1-5-21-3456141109-2991592538-2196831460-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Libelula\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google Inc -> Google)
FF Plugin HKU\S-1-5-21-3456141109-2991592538-2196831460-1001: @talk.google.com/O1DPlugin -> C:\Users\Libelula\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google Inc -> Google)
FF Plugin HKU\S-1-5-21-3456141109-2991592538-2196831460-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Libelula\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-3456141109-2991592538-2196831460-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Libelula\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-3456141109-2991592538-2196831460-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Libelula\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2018-12-05] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-3456141109-2991592538-2196831460-1001: sightcall.com/RTCCplugin -> C:\Users\Libelula\AppData\Roaming\npRTCCplugin\npRTCCplugin.dll [2017-11-06] (Sightcall Inc -> SightCall, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Libelula\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2016-10-27]
FF Plugin ProgramFiles/Appdata: C:\Users\Libelula\AppData\Roaming\mozilla\plugins\npo1d.dll [2016-10-27]

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> msn.com
CHR StartupUrls: Default -> "hxxp://www.google.es/","hxxp://es.msn.com/?pc=UP97&ocid=UP97DHP","hxxp://www.amazon.es/gp/bit/amazonserp/ref=bit_bds-p23_serp_cr_es_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_a1e55e444fb94d97be8b32b738aab4be_39_1006_20140204_ES_cr_sp_es79ros","hxxp://www.default-search.net?sid=476&aid=125&itype=n&ver=12302&tm=312&src=hmp","hxxp://www.default-search.net?sid=476&aid=125&itype=a&ver=12627&tm=312&src=hmp","hxxp://www.default-search.net?sid=476&aid=125&itype=a&ver=13277&tm=312&src=hmp","hxxps://www.google.com/"
CHR Profile: C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default [2019-05-19]
CHR Extension: (Presentaciones) - C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Documentos) - C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-14]
CHR Extension: (Verbling Screensharing Extension) - C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\binpgcmihdhgkgopkgfbmpladkgkdanl [2018-03-27]
CHR Extension: (YouTube) - C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-14]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-21]
CHR Extension: (Ecosia Omnibar Redirect (Legacy)) - C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\clellnciejhoedgepbdilbkdkaoecgpc [2017-05-12]
CHR Extension: (Búsqueda de Google) - C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-14]
CHR Extension: (Adobe Acrobat) - C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-05-08]
CHR Extension: (EasyPDFCombine) - C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn [2019-05-19]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-02-06]
CHR Extension: (SightCall Chrome Extension) - C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\eohghiagfdiblfddjokjelgpkmokpoal [2018-04-17]
CHR Extension: (Facebook Pixel Helper) - C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2019-02-18]
CHR Extension: (Hojas de cálculo) - C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-04-24]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-14]
CHR Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2019-05-18]
CHR Extension: (Avast Online Security) - C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-04-29]
CHR Extension: (Kismuta : les stations balnéaires en France ) - C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\hadgegoephebigapgojneglmdfllbkag [2018-03-01]
CHR Extension: (Grammarly for Chrome) - C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-05-18]
CHR Extension: (Tag Assistant (by Google)) - C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2018-11-19]
CHR Extension: (Dibujos de Google) - C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaakpdehdafacodkgkpghoibnmamcme [2018-10-16]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-02]
CHR Extension: (Convertir audio) - C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojfphighcpfimfhblaigjckljcoeipga [2018-08-12]
CHR Extension: (Gmail) - C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-08]
CHR Profile: C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-05-19]
CHR Profile: C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\System Profile [2019-05-19]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3456141109-2991592538-2196831460-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6660888 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R2 AtherosSvc; C:\WINDOWS\system32\DRIVERS\AdminService.exe [415992 2019-01-30] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-28] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [362488 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-28] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-11] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-11] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1385640 2015-08-17] (Intel(R) Software -> Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel(R) pGFX -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [899640 2019-04-24] (McAfee, Inc. -> McAfee, Inc.)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2016-05-24] (AVAST Software a.s. -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
S3 wpscloudsvr; C:\Program Files (x86)\Kingsoft\WPS Office\wpscloudsvr.exe [220288 2018-04-18] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [18048 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [254128 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196000 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320624 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57888 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-10] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [257832 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [166848 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112520 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88160 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1031000 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [476776 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [220640 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [385848 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2018-04-12] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [101368 2015-12-14] (ASUSTeK Computer Inc. -> ASUS Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [53752 2015-08-17] (Intel(R) Software -> Intel Corporation)
R3 dptf_pch; C:\WINDOWS\System32\drivers\dptf_pch.sys [50696 2015-08-17] (Intel(R) Software -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [261624 2015-08-17] (Intel(R) Software -> Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [19976 2015-05-13] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-26] (Intel(R) Software -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-05-18] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [127136 2019-05-19] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73912 2019-05-19] (Malwarebytes Corporation -> Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-05-18] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [117344 2019-05-19] (Malwarebytes Corporation -> Malwarebytes)
S3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [543488 2016-02-10] (McAfee, Inc. -> McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [109480 2016-02-10] (McAfee, Inc. -> McAfee, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvlddmkm.sys [17003280 2017-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek Semiconductor Corp -> Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [428032 2017-02-16] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2017-10-10] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2016-12-06] (AnchorFree Inc -> Anchorfree Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-19 10:45 - 2019-05-19 10:47 - 000040775 _____ C:\Users\Libelula\Desktop\FRST.txt
2019-05-19 10:44 - 2019-05-19 10:45 - 000000000 ____D C:\FRST
2019-05-19 10:44 - 2019-05-19 10:44 - 002435072 _____ (Farbar) C:\Users\Libelula\Desktop\FRST64.exe
2019-05-19 10:43 - 2019-05-19 10:44 - 002435072 _____ (Farbar) C:\Users\Libelula\Downloads\FRST64.exe
2019-05-19 08:31 - 2019-05-19 08:31 - 000127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-05-19 08:31 - 2019-05-19 08:31 - 000117344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-05-19 08:31 - 2019-05-19 08:31 - 000073912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-05-18 21:11 - 2019-05-18 21:11 - 000006564 _____ C:\Users\Libelula\Desktop\cc_20190518_211137.reg
2019-05-18 20:58 - 2019-05-18 20:58 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-05-18 20:48 - 2019-05-18 20:48 - 007025360 _____ (Malwarebytes) C:\Users\Libelula\Downloads\adwcleaner_7.3.exe
2019-05-18 18:23 - 2019-05-18 18:23 - 000000000 ____D C:\Users\Libelula\AppData\Local\ESET
2019-05-18 18:22 - 2019-05-18 18:22 - 007665272 _____ (ESET spol. s r.o.) C:\Users\Libelula\Downloads\esetonlinescanner_esn.exe
2019-05-18 18:22 - 2019-02-13 07:47 - 001909560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-05-18 17:52 - 2019-05-18 17:52 - 000000000 ____D C:\Users\Libelula\AppData\Local\mbam
2019-05-18 17:51 - 2019-05-18 17:51 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-05-18 17:51 - 2019-05-18 17:51 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-05-18 17:51 - 2019-05-18 17:51 - 000000000 ____D C:\Users\Libelula\AppData\Local\mbamtray
2019-05-18 17:51 - 2019-05-18 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-05-18 17:51 - 2019-05-18 17:51 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-05-18 17:51 - 2019-05-18 17:51 - 000000000 ____D C:\Program Files\Malwarebytes
2019-05-18 17:51 - 2019-02-01 12:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-05-18 17:51 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-05-18 17:48 - 2019-05-18 17:48 - 063423552 _____ (Malwarebytes ) C:\Users\Libelula\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.586-1.0.10640.exe
2019-05-18 17:48 - 2019-05-18 17:48 - 001780224 _____ (Bleeping Computer, LLC) C:\Users\Libelula\Downloads\rkill-unsigned.exe
2019-05-17 08:50 - 2019-05-17 13:33 - 000000000 ____D C:\Users\Libelula\Desktop\VIAJAR
2019-05-16 09:54 - 2019-05-03 13:51 - 003613696 _____ (Microsoft Corporation)
C:\WINDOWS\system32\win32kfull.sys
    2019-05-16 09:54 - 2019-05-03 08:33 - 005625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
    2019-05-16 09:54 - 2019-05-03 08:31 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2019-05-16 09:54 - 2019-05-03 08:31 - 007519888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
    2019-05-16 09:54 - 2019-05-03 08:31 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2019-05-16 09:54 - 2019-05-03 08:19 - 006043712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2019-05-16 09:54 - 2019-05-03 08:18 - 006569344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2019-05-16 09:54 - 2019-05-03 08:12 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2019-05-16 09:54 - 2019-05-03 08:10 - 022017024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2019-05-16 09:54 - 2019-05-03 08:05 - 022716416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2019-05-16 09:54 - 2019-05-03 08:02 - 019401216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2019-05-16 09:54 - 2019-05-03 08:01 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
    2019-05-16 09:54 - 2019-05-03 07:59 - 007593472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2019-05-16 09:54 - 2019-05-03 07:59 - 005788672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2019-05-16 09:54 - 2019-05-03 07:56 - 005350912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2019-05-16 09:54 - 2019-05-03 07:54 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2019-05-16 09:54 - 2019-04-19 12:39 - 012754944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2019-05-16 09:54 - 2019-04-19 11:28 - 011940864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2019-05-16 09:53 - 2019-05-03 14:14 - 000790208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
    2019-05-16 09:53 - 2019-05-03 14:13 - 001376472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
    2019-05-16 09:53 - 2019-05-03 14:13 - 000396088 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
    2019-05-16 09:53 - 2019-05-03 13:55 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
    2019-05-16 09:53 - 2019-05-03 13:54 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
    2019-05-16 09:53 - 2019-05-03 13:52 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
    2019-05-16 09:53 - 2019-05-03 13:51 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
    2019-05-16 09:53 - 2019-05-03 13:50 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
    2019-05-16 09:53 - 2019-05-03 13:50 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
    2019-05-16 09:53 - 2019-05-03 13:49 - 001288704 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
    2019-05-16 09:53 - 2019-05-03 13:49 - 000488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
    2019-05-16 09:53 - 2019-05-03 13:49 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
    2019-05-16 09:53 - 2019-05-03 13:43 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
    2019-05-16 09:53 - 2019-05-03 13:43 - 000662328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
    2019-05-16 09:53 - 2019-05-03 13:30 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
    2019-05-16 09:53 - 2019-05-03 13:30 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
    2019-05-16 09:53 - 2019-05-03 13:28 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2019-05-16 09:53 - 2019-05-03 13:28 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
    2019-05-16 09:53 - 2019-05-03 13:27 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
    2019-05-16 09:53 - 2019-05-03 13:26 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
    2019-05-16 09:53 - 2019-05-03 13:25 - 004055040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
    2019-05-16 09:53 - 2019-05-03 13:25 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
    2019-05-16 09:53 - 2019-05-03 08:43 - 000177128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
    2019-05-16 09:53 - 2019-05-03 08:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
    2019-05-16 09:53 - 2019-05-03 08:34 - 000159864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
    2019-05-16 09:53 - 2019-05-03 08:33 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2019-05-16 09:53 - 2019-05-03 08:33 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2019-05-16 09:53 - 2019-05-03 08:33 - 000709720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2019-05-16 09:53 - 2019-05-03 08:33 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
    2019-05-16 09:53 - 2019-05-03 08:33 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
    2019-05-16 09:53 - 2019-05-03 08:33 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
    2019-05-16 09:53 - 2019-05-03 08:33 - 000063072 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
    2019-05-16 09:53 - 2019-05-03 08:32 - 000793640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2019-05-16 09:53 - 2019-05-03 08:32 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
    2019-05-16 09:53 - 2019-05-03 08:32 - 000493880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
    2019-05-16 09:53 - 2019-05-03 08:32 - 000438984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
    2019-05-16 09:53 - 2019-05-03 08:32 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
    2019-05-16 09:53 - 2019-05-03 08:32 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
    2019-05-16 09:53 - 2019-05-03 08:32 - 000164664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
    2019-05-16 09:53 - 2019-05-03 08:31 - 002811192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2019-05-16 09:53 - 2019-05-03 08:31 - 002771256 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2019-05-16 09:53 - 2019-05-03 08:31 - 001459328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2019-05-16 09:53 - 2019-05-03 08:31 - 001260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2019-05-16 09:53 - 2019-05-03 08:31 - 001141224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2019-05-16 09:53 - 2019-05-03 08:31 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
    2019-05-16 09:53 - 2019-05-03 08:31 - 000983632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2019-05-16 09:53 - 2019-05-03 08:31 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
    2019-05-16 09:53 - 2019-05-03 08:31 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
    2019-05-16 09:53 - 2019-05-03 08:31 - 000115728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
    2019-05-16 09:53 - 2019-05-03 08:20 - 000434704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
    2019-05-16 09:53 - 2019-05-03 08:20 - 000384976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
    2019-05-16 09:53 - 2019-05-03 08:20 - 000192016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
    2019-05-16 09:53 - 2019-05-03 08:20 - 000146920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
    2019-05-16 09:53 - 2019-05-03 08:19 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
    2019-05-16 09:53 - 2019-05-03 08:19 - 000056288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
    2019-05-16 09:53 - 2019-05-03 08:18 - 002258640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2019-05-16 09:53 - 2019-05-03 08:18 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
    2019-05-16 09:53 - 2019-05-03 08:02 - 004866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2019-05-16 09:53 - 2019-05-03 08:00 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
    2019-05-16 09:53 - 2019-05-03 08:00 - 003400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2019-05-16 09:53 - 2019-05-03 08:00 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
    2019-05-16 09:53 - 2019-05-03 08:00 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
    2019-05-16 09:53 - 2019-05-03 07:59 - 003710976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2019-05-16 09:53 - 2019-05-03 07:59 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
    2019-05-16 09:53 - 2019-05-03 07:59 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
    2019-05-16 09:53 - 2019-05-03 07:59 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
    2019-05-16 09:53 - 2019-05-03 07:59 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
    2019-05-16 09:53 - 2019-05-03 07:59 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2019-05-16 09:53 - 2019-05-03 07:58 - 002175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
    2019-05-16 09:53 - 2019-05-03 07:58 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
    2019-05-16 09:53 - 2019-05-03 07:58 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
    2019-05-16 09:53 - 2019-05-03 07:58 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
    2019-05-16 09:53 - 2019-05-03 07:58 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
    2019-05-16 09:53 - 2019-05-03 07:58 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
    2019-05-16 09:53 - 2019-05-03 07:58 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
    2019-05-16 09:53 - 2019-05-03 07:57 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
    2019-05-16 09:53 - 2019-05-03 07:57 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
    2019-05-16 09:53 - 2019-05-03 07:57 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2019-05-16 09:53 - 2019-05-03 07:57 - 001295872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
    2019-05-16 09:53 - 2019-05-03 07:57 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
    2019-05-16 09:53 - 2019-05-03 07:57 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
    2019-05-16 09:53 - 2019-05-03 07:57 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
    2019-05-16 09:53 - 2019-05-03 07:56 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2019-05-16 09:53 - 2019-05-03 07:56 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
    2019-05-16 09:53 - 2019-05-03 07:56 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
    2019-05-16 09:53 - 2019-05-03 07:56 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
    2019-05-16 09:53 - 2019-05-03 07:55 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
    2019-05-16 09:53 - 2019-05-03 07:55 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2019-05-16 09:53 - 2019-05-03 07:55 - 000659968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
    2019-05-16 09:53 - 2019-05-03 07:54 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2019-05-16 09:53 - 2019-05-03 07:54 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
    2019-05-16 09:53 - 2019-05-03 07:54 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
    2019-05-16 09:53 - 2019-05-03 07:54 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
    2019-05-16 09:53 - 2019-05-03 07:54 - 000778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
    2019-05-16 09:53 - 2019-05-03 07:54 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2019-05-16 09:53 - 2019-05-03 07:54 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2019-05-16 09:53 - 2019-05-03 07:54 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
    2019-05-16 09:53 - 2019-05-03 07:54 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2019-05-16 09:53 - 2019-05-03 07:54 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2019-05-16 09:53 - 2019-05-03 07:54 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
    2019-05-16 09:53 - 2019-05-03 07:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
    2019-05-16 09:53 - 2019-05-03 07:53 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
    2019-05-16 09:53 - 2019-05-03 07:53 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
    2019-05-16 09:53 - 2019-05-03 07:53 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
    2019-05-16 09:53 - 2019-05-03 07:53 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
    2019-05-16 09:53 - 2019-05-03 06:38 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
    2019-05-16 09:53 - 2019-04-23 09:13 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
    2019-05-16 09:53 - 2019-04-23 08:14 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
    2019-05-16 09:53 - 2019-04-19 12:55 - 001634920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
    2019-05-16 09:53 - 2019-04-19 12:54 - 000720200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
    2019-05-16 09:53 - 2019-04-19 12:40 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
    2019-05-16 09:53 - 2019-04-19 12:38 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
    2019-05-16 09:53 - 2019-04-19 12:38 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
    2019-05-16 09:53 - 2019-04-19 12:36 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
    2019-05-16 09:53 - 2019-04-19 12:34 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
    2019-05-16 09:53 - 2019-04-19 11:44 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
    2019-05-16 09:53 - 2019-04-19 11:37 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
    2019-05-16 09:53 - 2019-04-19 11:30 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
    2019-05-16 09:53 - 2019-04-19 11:26 - 002405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
    2019-05-16 09:53 - 2019-04-19 11:25 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
    2019-05-16 09:53 - 2019-04-19 07:07 - 000985400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
    2019-05-16 09:53 - 2019-04-19 07:06 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
    2019-05-16 09:53 - 2019-04-19 07:06 - 000798520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
    2019-05-16 09:53 - 2019-04-19 07:06 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
    2019-05-16 09:53 - 2019-04-19 07:06 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
    2019-05-16 09:53 - 2019-04-19 07:06 - 000274232 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
    2019-05-16 09:53 - 2019-04-19 07:02 - 000831800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
    2019-05-16 09:53 - 2019-04-19 07:01 - 001982008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
    2019-05-16 09:53 - 2019-04-19 07:01 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
    2019-05-16 09:53 - 2019-04-19 07:01 - 000576016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
    2019-05-16 09:53 - 2019-04-19 07:01 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
    2019-05-16 09:53 - 2019-04-19 06:43 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
    2019-05-16 09:53 - 2019-04-19 06:42 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
    2019-05-16 09:53 - 2019-04-19 06:41 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
    2019-05-16 09:53 - 2019-04-19 06:41 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\EduPrintProv.exe
    2019-05-16 09:53 - 2019-04-19 06:40 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
    2019-05-16 09:53 - 2019-04-19 06:40 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
    2019-05-16 09:53 - 2019-04-19 06:40 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
    2019-05-16 09:53 - 2019-04-19 06:40 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
    2019-05-16 09:53 - 2019-04-19 06:40 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
    2019-05-16 09:53 - 2019-04-19 06:39 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
    2019-05-16 09:53 - 2019-04-19 06:39 - 000567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
    2019-05-16 09:53 - 2019-04-19 06:39 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
    2019-05-16 09:53 - 2019-04-19 06:39 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
    2019-05-16 09:53 - 2019-04-19 06:39 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
    2019-05-16 09:53 - 2019-04-19 06:39 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
    2019-05-16 09:53 - 2019-04-19 06:38 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
    2019-05-16 09:53 - 2019-04-19 06:38 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
    2019-05-16 09:53 - 2019-04-19 06:38 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
    2019-05-16 09:53 - 2019-04-19 06:38 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
    2019-05-16 09:53 - 2019-04-19 06:38 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
    2019-05-16 09:53 - 2019-04-19 06:38 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
    2019-05-16 09:53 - 2019-04-19 06:37 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
    2019-05-16 09:53 - 2019-04-19 06:37 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
    2019-05-16 09:53 - 2019-04-19 06:37 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
    2019-05-16 09:53 - 2019-04-19 06:37 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
    2019-05-16 09:53 - 2019-04-19 06:37 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
    2019-05-16 09:53 - 2019-04-19 06:37 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
    2019-05-16 09:53 - 2019-04-19 06:37 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
    2019-05-16 09:53 - 2019-04-19 06:36 - 002909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2019-05-16 09:53 - 2019-04-19 06:36 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
    2019-05-16 09:53 - 2019-04-19 06:36 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
    2019-05-16 09:53 - 2019-04-19 06:36 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
    2019-05-16 09:53 - 2019-04-19 06:36 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
    2019-05-16 09:53 - 2019-04-19 06:36 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
    2019-05-16 09:53 - 2019-04-19 06:36 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
    2019-05-16 09:53 - 2019-04-19 06:35 - 001938944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
    2019-05-16 09:53 - 2019-04-19 06:35 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
    2019-05-16 09:53 - 2019-04-19 06:35 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
    2019-05-16 09:53 - 2019-04-19 06:35 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
    2019-05-16 09:53 - 2019-04-19 06:35 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
    2019-05-16 09:53 - 2019-04-19 06:35 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
    2019-05-16 09:53 - 2019-04-19 06:35 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
    2019-05-16 09:53 - 2019-04-19 06:35 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
    2019-05-16 09:53 - 2019-04-19 06:35 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
    2019-05-16 09:53 - 2019-04-19 06:34 - 000935936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
    2019-05-16 09:53 - 2019-04-19 06:34 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
    2019-05-16 09:53 - 2019-04-19 06:34 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
    2019-05-16 09:53 - 2019-04-19 06:34 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
    2019-05-16 09:53 - 2019-04-19 06:34 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
    2019-05-16 09:53 - 2019-04-19 05:18 - 000806360 _____ C:\WINDOWS\SysWOW64\locale.nls
    2019-05-16 09:53 - 2019-04-19 05:18 - 000806360 _____ C:\WINDOWS\system32\locale.nls
    2019-05-16 09:53 - 2019-04-09 03:48 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
    2019-05-16 09:53 - 2019-04-09 03:48 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
    2019-05-16 09:53 - 2019-04-09 03:48 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
    2019-05-16 09:53 - 2019-04-09 03:48 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
    2019-05-16 09:53 - 2019-04-09 03:48 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
    2019-05-14 18:13 - 2019-05-14 18:13 - 002588160 _____ C:\Users\Libelula\Downloads\ppt_diptongacion_en_presente.ppt
    2019-05-13 18:01 - 2019-05-13 18:01 - 000048793 _____ C:\Users\Libelula\Documents\Slide03.jpeg
    2019-05-09 08:40 - 2019-05-09 08:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
    2019-05-07 21:51 - 2019-05-07 21:51 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
    2019-05-07 21:51 - 2019-05-07 21:51 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
    2019-05-07 21:51 - 2019-05-07 21:51 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
    2019-05-07 21:51 - 2019-05-07 21:51 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
    2019-04-29 16:30 - 2019-04-29 16:37 - 000000000 ____D C:\Users\Libelula\Desktop\Musica
    2019-04-25 14:01 - 2019-04-25 14:00 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
    2019-04-24 22:13 - 2019-05-18 20:54 - 000000000 ____D C:\Users\Libelula\AppData\Roaming\Lavasoft
    2019-04-24 22:13 - 2019-05-18 20:54 - 000000000 ____D C:\Users\Libelula\AppData\Local\Lavasoft
    2019-04-24 22:13 - 2019-05-18 20:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
    2019-04-24 22:13 - 2019-05-18 20:54 - 000000000 ____D C:\ProgramData\Lavasoft
    2019-04-24 22:13 - 2019-05-18 20:54 - 000000000 ____D C:\Program Files (x86)\Lavasoft
    2019-04-24 22:13 - 2019-05-14 23:08 - 000000000 ____D C:\Users\Libelula\AppData\Roaming\uTorrent
    2019-04-24 22:13 - 2019-04-24 22:13 - 000000901 _____ C:\Users\Libelula\Desktop\µTorrent.lnk
    2019-04-24 22:13 - 2019-04-24 22:13 - 000000881 _____ C:\Users\Libelula\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
    2019-04-24 22:08 - 2019-05-17 15:34 - 000003882 _____ C:\WINDOWS\System32\Tasks\Opera scheduled assistant Autoupdate 1556136511
    2019-04-24 22:08 - 2019-05-17 15:34 - 000003630 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1556136501
    2019-04-24 22:08 - 2019-04-24 22:08 - 000000000 ____D C:\Users\Libelula\AppData\Local\Opera Software
    2019-04-24 22:07 - 2019-04-24 22:07 - 000001882 _____ C:\Users\Libelula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk
    2019-04-24 22:07 - 2019-04-24 22:07 - 000000000 ____D C:\Users\Libelula\AppData\Roaming\Opera Software
    2019-04-24 22:07 - 2019-04-24 22:07 - 000000000 ____D C:\Program Files\McAfee

    ==================== One month (modified) ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2019-05-19 10:37 - 2018-05-27 18:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2019-05-19 10:37 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2019-05-19 10:37 - 2015-10-20 18:45 - 000000165 _____ C:\Users\Libelula\AppData\Roaming\sp_data.sys
    2019-05-19 08:32 - 2016-02-22 02:06 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
    2019-05-19 08:32 - 2015-10-20 18:45 - 000000000 __SHD C:\Users\Libelula\IntelGraphicsProfiles
    2019-05-19 08:31 - 2019-01-14 11:51 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
    2019-05-19 08:30 - 2018-05-27 18:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2019-05-19 08:30 - 2017-08-16 20:53 - 000000000 ____D C:\ProgramData\NVIDIA
    2019-05-19 07:11 - 2018-05-27 18:56 - 000004226 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{42C42AA0-806D-4410-87B2-628C4FA4BF78}
    2019-05-18 21:10 - 2018-07-24 09:47 - 000000000 ____D C:\Users\Libelula\AppData\Local\CrashDumps
    2019-05-18 20:55 - 2018-04-11 23:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI
    2019-05-18 20:54 - 2016-02-09 17:37 - 000000000 ____D C:\AdwCleaner
    2019-05-18 20:01 - 2018-05-27 18:29 - 000000000 ____D C:\Users\Libelula
    2019-05-18 19:31 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
    2019-05-18 19:18 - 2018-05-27 18:44 - 001768608 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2019-05-18 19:18 - 2018-04-12 18:18 - 000789180 _____ C:\WINDOWS\system32\perfh00A.dat
    2019-05-18 19:18 - 2018-04-12 18:18 - 000155760 _____ C:\WINDOWS\system32\perfc00A.dat
    2019-05-18 18:22 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
    2019-05-18 18:08 - 2016-10-11 22:08 - 000001028 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
    2019-05-18 18:08 - 2016-10-11 22:08 - 000001024 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
    2019-05-18 18:08 - 2016-08-07 11:20 - 000000732 _____ C:\WINDOWS\Tasks\WpsKtpcntrQingTask_Libelula.job
    2019-05-18 17:51 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
    2019-05-18 17:43 - 2018-04-04 19:44 - 000045087 _____ C:\Users\Libelula\Desktop\AMSPANISH CUENTAS.ods
    2019-05-18 17:39 - 2018-11-16 10:53 - 000000000 ____D C:\Program Files\rempl
    2019-05-17 15:34 - 2018-05-27 18:56 - 000003732 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3456141109-2991592538-2196831460-1001UA
    2019-05-17 15:34 - 2018-05-27 18:56 - 000003548 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
    2019-05-17 15:34 - 2018-05-27 18:56 - 000003542 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
    2019-05-17 15:34 - 2018-05-27 18:56 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
    2019-05-17 15:34 - 2018-05-27 18:56 - 000003464 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3456141109-2991592538-2196831460-1001Core
    2019-05-17 15:34 - 2018-05-27 18:56 - 000003324 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2019-05-17 15:34 - 2018-05-27 18:56 - 000003318 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
    2019-05-17 15:34 - 2018-05-27 18:56 - 000003162 _____ C:\WINDOWS\System32\Tasks\WpsKtpcntrQingTask_Libelula
    2019-05-17 15:34 - 2018-05-27 18:56 - 000002988 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
    2019-05-17 15:34 - 2018-05-27 18:56 - 000002954 _____ C:\WINDOWS\System32\Tasks\WpsExternal_Libelula_20170914120250
    2019-05-17 15:34 - 2018-05-27 18:56 - 000002924 _____ C:\WINDOWS\System32\Tasks\ATK Package 36D18D69AFC3
    2019-05-17 15:34 - 2018-05-27 18:56 - 000002862 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3456141109-2991592538-2196831460-1001
    2019-05-17 15:34 - 2018-05-27 18:56 - 000002862 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher
    2019-05-17 15:34 - 2018-05-27 18:56 - 000002346 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_ListenToDevice
    2019-05-17 15:34 - 2018-05-27 18:56 - 000002340 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
    2019-05-17 15:34 - 2018-05-27 18:56 - 000002308 _____ C:\WINDOWS\System32\Tasks\{22BA72B9-F01C-472D-A054-6702F3094914}
    2019-05-17 15:34 - 2018-05-27 18:56 - 000002280 _____ C:\WINDOWS\System32\Tasks\RTKCPL
    2019-05-17 15:34 - 2018-05-27 18:56 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
    2019-05-17 15:34 - 2018-05-27 18:56 - 000002214 _____ C:\WINDOWS\System32\Tasks\ATK Package A22126881260
    2019-05-17 15:34 - 2018-05-27 18:56 - 000002214 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON
    2019-05-17 15:34 - 2018-05-27 18:56 - 000002172 _____ C:\WINDOWS\System32\Tasks\DropboxOEM
    2019-05-17 15:34 - 2018-05-27 18:56 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
    2019-05-17 08:51 - 2016-01-14 14:06 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2019-05-16 17:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
    2019-05-16 17:47 - 2018-05-27 18:22 - 000269168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2019-05-16 17:43 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
    2019-05-16 17:43 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
    2019-05-16 17:43 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
    2019-05-16 17:42 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
    2019-05-16 14:19 - 2018-05-27 18:56 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
    2019-05-16 11:11 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
    2019-05-16 09:52 - 2016-01-12 22:31 - 000000000 ____D C:\WINDOWS\system32\MRT
    2019-05-16 09:45 - 2016-01-12 22:31 - 132445408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2019-05-16 09:31 - 2016-01-14 17:24 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2019-05-15 18:37 - 2019-01-29 11:46 - 000001385 _____ C:\Users\Public\Desktop\Skype.lnk
    2019-05-15 18:37 - 2019-01-29 11:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    2019-05-14 23:05 - 2017-10-07 23:43 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
    2019-05-14 23:05 - 2017-10-07 23:42 - 000000000 ____D C:\Program Files\CCleaner
    2019-05-13 14:09 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
    2019-05-12 20:35 - 2018-05-27 18:29 - 000002412 _____ C:\Users\Libelula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2019-05-12 20:35 - 2015-10-20 18:48 - 000000000 ___RD C:\Users\Libelula\OneDrive
    2019-05-09 08:42 - 2016-10-11 22:08 - 000000000 ____D C:\Program Files (x86)\Dropbox
    2019-05-07 23:20 - 2017-12-01 20:19 - 000000000 ____D C:\Users\Libelula\AppData\Local\Packages
    2019-05-04 01:53 - 2018-04-12 01:41 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2019-05-04 01:53 - 2018-04-12 01:41 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2019-04-29 14:47 - 2016-04-07 10:14 - 000000000 ____D C:\Users\Libelula\AppData\Local\ElevatedDiagnostics
    2019-04-25 14:03 - 2019-04-13 13:55 - 000000077 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum
    2019-04-25 14:03 - 2017-12-01 14:25 - 000476776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
    2019-04-25 14:03 - 2017-12-01 14:25 - 000385848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
    2019-04-25 14:00 - 2019-02-25 20:06 - 000257832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
    2019-04-25 14:00 - 2019-01-14 15:38 - 000254128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
    2019-04-25 14:00 - 2019-01-10 11:36 - 000320624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
    2019-04-25 14:00 - 2019-01-10 11:36 - 000196000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
    2019-04-25 14:00 - 2019-01-10 11:36 - 000057888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
    2019-04-25 14:00 - 2019-01-10 11:36 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
    2019-04-25 14:00 - 2018-10-29 15:52 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
    2019-04-25 14:00 - 2017-12-01 14:25 - 001031000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
    2019-04-25 14:00 - 2017-12-01 14:25 - 000220640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
    2019-04-25 14:00 - 2017-12-01 14:25 - 000205400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
    2019-04-25 14:00 - 2017-12-01 14:25 - 000166848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
    2019-04-25 14:00 - 2017-12-01 14:25 - 000112520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
    2019-04-25 14:00 - 2017-12-01 14:25 - 000088160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
    2019-04-24 22:09 - 2018-05-27 20:58 - 000000000 ____D C:\Users\Libelula\AppData\Local\PlaceholderTileLogoFolder
    2019-04-24 22:07 - 2015-10-20 18:04 - 000000000 ____D C:\ProgramData\McAfee

    ==================== Files in the root of some directories =======

    2015-10-20 18:45 - 2019-05-19 10:37 - 000000165 _____ () C:\Users\Libelula\AppData\Roaming\sp_data.sys
    2017-02-06 15:22 - 2017-02-06 15:22 - 000003584 _____ () C:\Users\Libelula\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2017-03-02 11:16 - 2017-03-02 11:16 - 000000218 _____ () C:\Users\Libelula\AppData\Local\recently-used.xbel

    ==================== SigCheck ===============================

    (There is no automatic fix for files that do not pass verification.)

    ==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-05.2019
Ran by Libelula (19-05-2019 10:47:38)
Running from C:\Users\Libelula\Desktop
Windows 10 Home Version 1803 17134.765 (X64) (2018-05-27 16:57:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-3456141109-2991592538-2196831460-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3456141109-2991592538-2196831460-503 - Limited - Disabled)
Invitado (S-1-5-21-3456141109-2991592538-2196831460-501 - Limited - Disabled)
Libelula (S-1-5-21-3456141109-2991592538-2196831460-1001 - Administrator - Enabled) => C:\Users\Libelula
WDAGUtilityAccount (S-1-5-21-3456141109-2991592538-2196831460-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3456141109-2991592538-2196831460-1001\...\uTorrent) (Version: 3.5.5.45225 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-3456141109-2991592538-2196831460-1001\...\Amazon Kindle) (Version: 1.21.0.48017 - Amazon)
Apache HTTP Server 1.3.29 (HKLM-x32\...\{5D29A4EF-A57F-4F47-89F8-4EB3C5302A53}) (Version: 1.3.29 - Apache Software Foundation)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.13.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0040 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.95 - ICEpower a/s)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.4.2374 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 73.0.1258.86 - Los creadores de Avast Secure Browser)
Avast SecureLine for Asustek (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.3 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
Callnote versión 4.4.0.0 (HKU\S-1-5-21-3456141109-2991592538-2196831460-1001\...\{048CD767-219E-4F04-AA84-3128F6A35948}_is1) (Version: 4.4.0.0 - Kanda Software)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.57 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{48947098-A67C-46D4-90C5-9F2F6F0F96FE}) (Version: 1.0.449 - Citrix)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 72.4.136 - Dropbox, Inc.)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
Epic Games Launcher (HKLM-x32\...\{8B0EE26B-3CDC-4EF1-9002-F2C8EC767635}) (Version: 1.1.163.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Gaming Assistant (HKLM-x32\...\{C27B0A7C-BD18-46EF-984A-CCD2799F4CD4}) (Version: 1.0.2 - ASUS)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.157 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kingsoft PDF to Word SDK (2.0.1) (HKLM\...\{F0915BBA-A86F-4672-807D-30F38DFC2B44}) (Version: 2.0.1 - Zhuhai Kingsoft Office Software Co.,Ltd)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.36 - McAfee, Inc.)
Microsoft OneDrive (HKU\S-1-5-21-3456141109-2991592538-2196831460-1001\...\OneDriveSetup.exe) (Version: 19.062.0331.0006 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MySQL Server 4.1 (HKLM-x32\...\{FF2705ED-8734-417D-A854-4EA3F679CCC5}) (Version: 4.1.22 - MySQL AB)
npRTCCplugin (HKLM-x32\...\{91CA1DC1-A190-4B34-A0BA-410FDDF31656}) (Version: 1.3.0.0 - SightCall, Inc.)
NVIDIA Controlador de gráficos 388.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.57 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{EFC97BC6-345A-4861-ACD5-0D3181252924}) (Version: 4.11.9775 - Apache Software Foundation)
Panel de control de NVIDIA 388.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.57 - NVIDIA Corporation) Hidden
Paquete de controladores de Windows - ASUS (ATP) Mouse  (11/11/2015 1.0.0.262) (HKLM\...\A044C5901003C24E6891688653ABA1068D04A1A0) (Version: 11/11/2015 1.0.0.262 - ASUS)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.2 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31233 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Skype versión 8.45 (HKLM-x32\...\Skype_is1) (Version: 8.45 - Skype Technologies S.A.)
Software de cámara Web Logitech (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Web Companion (HKLM-x32\...\{6913fe21-e519-4db8-b10b-cef0127b1687}) (Version: 4.7.1987.3881 - Lavasoft)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.3.2.601 - ASUS Cloud Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
Wondershare Filmora(Build 8.5.1) (HKLM\...\Wondershare Filmora_is1) (Version:  - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
WPS Office (HKLM-x32\...\Kingsoft Office) (Version: 10.2.0.6020 - Kingsoft Corp.)
Zoom (HKU\S-1-5-21-3456141109-2991592538-2196831460-1001\...\ZoomUMX) (Version: 4.1 - Zoom Video Communications, Inc.)

Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2811.0_x64__343d40qqvtj1t [2018-06-28] (Amazon.com)
ARTE TV -> C:\Program Files\WindowsApps\ARTE.ARTETV_2.3.2.0_x64__m1e0m10bvmah6 [2018-05-14] (ARTE)
ASUS Welcome -> C:\Program Files\WindowsApps\B9ECED6F.ASUSWelcome_1.0.1.0_x64__qmba6cd70vzyy [2016-03-13] (ASUSTeK COMPUTER INC.)
Complemento de teléfono de Microsoft -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-13] (Microsoft Corporation)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2191.46880.0_x86__8xx8rvfyw5nnt [2019-03-27] (Facebook Inc)
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2017-07-15] (Flipboard)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.375.0_x64__mcm4njqhnhss8 [2019-02-20] (Netflix, Inc.)
Photo Editor -> C:\Program Files\WindowsApps\57AB5DD0.PhotoEditor_2.0.0.3_x86__6hb943tstq5q8 [2016-01-14] (Aviary, Inc.)
Teléfono Microsoft -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2018-09-09] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3456141109-2991592538-2196831460-1001_Classes\CLSID\{70239788-4DAE-49B8-9270-5D8614384B49}\InprocServer32 -> C:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.6020\office6\addons\kpdf2wordshellext\kpdf2wordshellext64.dll (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-3456141109-2991592538-2196831460-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Libelula\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3456141109-2991592538-2196831460-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Libelula\Dropbox [2016-10-11 21:34]
CustomCLSID: HKU\S-1-5-21-3456141109-2991592538-2196831460-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Libelula\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll (Google Inc -> Google LLC)
ShellIconOverlayIdentifiers: [     !AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.3.2.601\ASUSWSShellExt64.dll [2017-04-21] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [     !AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.3.2.601\ASUSWSShellExt64.dll [2017-04-21] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [     !AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.3.2.601\ASUSWSShellExt64.dll [2017-04-21] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Program Files (x86)\Common Files\AWS\2.3.2.601\ASUSWSContextMenu.dll [2018-04-20] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers1_S-1-5-21-3456141109-2991592538-2196831460-1001: [kpdf2wordshellext] -> {70239788-4DAE-49B8-9270-5D8614384B49} => C:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.6020\office6\addons\kpdf2wordshellext\kpdf2wordshellext64.dll [2018-04-18] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Libelula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache HTTP Server\Apache Docs Online.lnk -> hxxp://httpd.apache.org/docs

==================== Loaded Modules (Whitelisted) ==============

2015-08-25 10:40 - 2015-08-25 10:40 - 000124928 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2015-08-25 10:40 - 2015-08-25 10:40 - 000027648 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2018-01-20 15:33 - 2016-07-21 11:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2018-01-20 15:33 - 2017-09-12 11:34 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2014-08-13 10:27 - 2014-08-13 10:27 - 000853504 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll
2017-04-21 05:06 - 2017-04-21 05:06 - 001504768 _____ (ASUS Cloud Corporation.) [File not signed] C:\Program Files (x86)\Common Files\AWS\2.3.2.601\ASUSWSShellExt64.dll
2015-08-25 10:40 - 2015-08-25 10:40 - 001680384 _____ (ASUS TeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ApplyLUT.dll
2015-08-25 10:40 - 2015-08-25 10:40 - 000178688 _____ (ASUS TeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\GenLUT.dll
2015-08-25 10:40 - 2015-08-25 10:40 - 000055296 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
2015-08-25 10:40 - 2015-08-25 10:40 - 000164864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ColorU.dll
2015-05-19 10:11 - 2015-05-19 10:11 - 000335872 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
2018-01-20 15:33 - 2017-09-12 11:36 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3456141109-2991592538-2196831460-1001\...\localhost -> localhost

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2019-01-04 10:34 - 000000972 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1       down.baidu2016.com
127.0.0.1       123.sogou.com
127.0.0.1       www.czzsyzgm.com
127.0.0.1       www.czzsyzxl.com

2017-09-19 17:25 - 2017-09-19 17:26 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3456141109-2991592538-2196831460-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run32: => "WebStorage"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-3456141109-2991592538-2196831460-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3456141109-2991592538-2196831460-1001\...\StartupApproved\Run: => "EpicGamesLauncher"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{583C30D0-7096-46F3-B746-7B784E2AE900}] => (Allow) C:\Users\Libelula\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{ABE0980C-5D4B-478B-AA1D-0C4CDD78504E}C:\program files (x86)\callnote\jre\launch4j-tmp\callnote.exe] => (Allow) C:\program files (x86)\callnote\jre\launch4j-tmp\callnote.exe (Kanda Software) [File not signed]
FirewallRules: [TCP Query User{1239A8BB-6547-44EC-84FB-9660620431F0}C:\program files (x86)\callnote\jre\launch4j-tmp\callnote.exe] => (Allow) C:\program files (x86)\callnote\jre\launch4j-tmp\callnote.exe (Kanda Software) [File not signed]
FirewallRules: [{AE6A435F-7038-4A46-A0B1-2BA5525E5DF5}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ADA4C51B-1030-4550-96EE-E3A4696661AD}] => (Allow) LPort=1900
FirewallRules: [{BECCBA65-28BF-4325-94D9-31EF74EF0C5D}] => (Allow) LPort=2869
FirewallRules: [{A3C7A73B-C94C-4B45-9BF4-5DC03290AB21}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A4758575-364D-4824-9101-108AA5E20EF2}] => (Allow) C:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.6020\office6\wpscloudsvr.exe (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
FirewallRules: [{79E6B17E-C08A-490E-B4BC-694BF6D5FEF9}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C98BBD26-89CE-4B84-BA88-35A7459338B5}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{90DFC427-0CDE-4CE7-AEA8-1A9041AA2D51}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{FD84C0AA-EBC4-4DDB-A902-CC90A4A7655E}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{D005071F-9A61-4A78-8C1D-1040C05164D6}C:\program files (x86)\callnote\jre\launch4j-tmp\callnote.exe] => (Allow) C:\program files (x86)\callnote\jre\launch4j-tmp\callnote.exe (Kanda Software) [File not signed]
FirewallRules: [UDP Query User{17103EBC-7ABC-45AA-86F8-8EB4546084DC}C:\program files (x86)\callnote\jre\launch4j-tmp\callnote.exe] => (Allow) C:\program files (x86)\callnote\jre\launch4j-tmp\callnote.exe (Kanda Software) [File not signed]
FirewallRules: [TCP Query User{CEE40354-B12A-4DED-97BD-7F39D15D1585}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{94787638-C0CB-4592-B192-EE1FEA3E602F}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{978A430B-EF73-498D-8A2B-309577A8DA5A}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{32248D01-4440-4DA1-AF0D-D310183ABBBF}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{A359D3EC-1E9D-4C83-A848-90639BE5394E}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{965720C5-06CE-4812-B0B3-B3D043DC9DA6}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{B9C0B243-2266-417F-A859-EBAB046C7C72}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{9931E553-625B-473C-A145-DAEB34DC7314}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{714C1071-E852-4BCE-A3B6-4F5962BEC13A}C:\program files (x86)\microsoft\skype for desktop\skype.exe] => (Allow) C:\program files (x86)\microsoft\skype for desktop\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{4E83C1CD-9A5E-4BAA-A1D3-C98A4E3D4F96}C:\program files (x86)\microsoft\skype for desktop\skype.exe] => (Allow) C:\program files (x86)\microsoft\skype for desktop\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AC499F72-EBEB-4E07-95BD-B8E30A37162A}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{135F06E4-F193-4785-899B-E4D447862116}] => (Allow) C:\Users\Libelula\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6A435654-7763-4992-BEDF-E8CFEA0995C5}] => (Allow) C:\Users\Libelula\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{477C0FCC-5B41-4C6C-A528-7426CDE8500B}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{FC2EACEC-A1E7-43A5-9401-89B561E0B8C5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D7F1D0DB-4496-416D-8BB2-DC1C6D954458}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{70430270-1106-4DA8-85C6-2E5D218FDE1C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
StandardProfile\GloballyOpenPorts: [80:TCP] => Enabled:Orion PLUS

==================== Restore Points =========================

25-04-2019 16:12:25 Punto de control programado
02-05-2019 17:04:11 Punto de control programado
13-05-2019 11:13:08 Punto de control programado
18-05-2019 17:37:15 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/18/2019 09:06:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa Skype.exe, versión 8.45.0.41, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, comprueba el historial de problemas en la sección Seguridad y mantenimiento del Panel de control.

Identificador de proceso: 2168

Hora de inicio: 01d50daca5275ca3

Hora de finalización: 1407

Ruta de la aplicación: C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe

Identificador de informe: 164657a7-7451-4813-8f1a-8564e1bb484a

Nombre completo de paquete con errores: 

Identificador de aplicación relativa del paquete con errores:

Error: (05/18/2019 09:05:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: Explorer.EXE, versión: 10.0.17134.677, marca de tiempo: 0xb4a88dff
Nombre del módulo con errores: ntdll.dll, versión: 10.0.17134.556, marca de tiempo: 0x74bed8b0
Código de excepción: 0xc0000374
Desplazamiento de errores: 0x00000000000f479b
Identificador del proceso con errores: 0x126c
Hora de inicio de la aplicación con errores: 0x01d50dac929061e9
Ruta de acceso de la aplicación con errores: C:\WINDOWS\Explorer.EXE
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: c5b4ae99-b86b-433c-8b29-697475ddc258
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (05/18/2019 07:40:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: SystemSettings.exe, versión: 10.0.17134.112, marca de tiempo: 0x2a3c4e62
Nombre del módulo con errores: msxml6.dll, versión: 6.30.17134.706, marca de tiempo: 0x89769e02
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00000000000a728c
Identificador del proceso con errores: 0x3084
Hora de inicio de la aplicación con errores: 0x01d50da0b3862970
Ruta de acceso de la aplicación con errores: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\msxml6.dll
Identificador del informe: 49b86d5a-9d94-4a66-ba9d-6d19ba96b9c1
Nombre completo del paquete con errores: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
Identificador de aplicación relativa del paquete con errores: microsoft.windows.immersivecontrolpanel

Error: (05/18/2019 06:21:52 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-R3F2LF4)
Description: httphttp-2147467263

Error: (05/18/2019 06:19:40 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-R3F2LF4)
Description: httphttp-2147467263

Error: (05/17/2019 04:47:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa Music.UI.exe, versión 10.19031.1141.0, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, comprueba el historial de problemas en la sección Seguridad y mantenimiento del Panel de control.

Identificador de proceso: 299c

Hora de inicio: 01d50cbd09b5b867

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19031.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe

Identificador de informe: 5c671def-8bbb-4746-b265-ffd342a40f0c

Nombre completo de paquete con errores: Microsoft.ZuneMusic_10.19031.11411.0_x64__8wekyb3d8bbwe

Identificador de aplicación relativa del paquete con errores: Microsoft.ZuneMusic

Error: (05/16/2019 08:09:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa SkypeApp.exe, versión 8.44.0.40, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, comprueba el historial de problemas en la sección Seguridad y mantenimiento del Panel de control.

Identificador de proceso: 232c

Hora de inicio: 01d50bff3697eeb3

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeApp.exe

Identificador de informe: 7f517990-1dcc-4aad-979f-e7d438770fed

Nombre completo de paquete con errores: Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c

Identificador de aplicación relativa del paquete con errores: App

Error: (05/16/2019 08:08:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa Video.UI.exe, versión 10.19031.1141.0, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, comprueba el historial de problemas en la sección Seguridad y mantenimiento del Panel de control.

Identificador de proceso: 2428

Hora de inicio: 01d50bff3cb021e7

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe

Identificador de informe: 0bd8873e-cad5-42e6-90de-6b5dca1cbe0c

Nombre completo de paquete con errores: Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe

Identificador de aplicación relativa del paquete con errores: Microsoft.ZuneVideo


System errors:
=============
Error: (05/19/2019 10:37:57 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-R3F2LF4)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-R3F2LF4\Libelula con SID (S-1-5-21-3456141109-2991592538-2196831460-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (05/19/2019 09:36:06 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-R3F2LF4)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 y APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 al usuario DESKTOP-R3F2LF4\Libelula con SID (S-1-5-21-3456141109-2991592538-2196831460-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (05/19/2019 09:36:05 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-R3F2LF4)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 y APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 al usuario DESKTOP-R3F2LF4\Libelula con SID (S-1-5-21-3456141109-2991592538-2196831460-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (05/19/2019 09:28:51 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-R3F2LF4)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-R3F2LF4\Libelula con SID (S-1-5-21-3456141109-2991592538-2196831460-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (05/19/2019 09:19:27 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (05/19/2019 08:46:26 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-R3F2LF4)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-R3F2LF4\Libelula con SID (S-1-5-21-3456141109-2991592538-2196831460-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (05/19/2019 08:37:09 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-R3F2LF4)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-R3F2LF4\Libelula con SID (S-1-5-21-3456141109-2991592538-2196831460-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (05/19/2019 08:34:52 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Administrador de mapas descargados no respondió después de iniciar.


CodeIntegrity:
===================================

Date: 2019-05-19 10:40:37.723
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-05-19 10:40:02.178
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-05-19 10:40:01.943
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-05-19 08:31:02.593
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-05-19 08:30:42.126
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-05-19 08:30:41.884
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-05-19 00:55:12.202
Description: 
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2019-05-19 00:55:12.173
Description: 
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. X555LJ.504 08/04/2015
Motherboard: ASUSTeK COMPUTER INC. X555LJ
Processor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 51%
Total physical RAM: 8094.36 MB
Available physical RAM: 3962.47 MB
Total Virtual: 9374.36 MB
Available Virtual: 5146.93 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:371.43 GB) (Free:303.25 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:558.91 GB) (Free:552.28 GB) NTFS

\\?\Volume{615d1704-851a-4174-a6e2-cf4dc7f86573}\ () (Fixed) (Total:0.9 GB) (Free:0.45 GB) NTFS
\\?\Volume{ec36b3e4-5e05-49b0-b569-7c590067a51e}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 2D9811C6)

Partition: GPT.

==================== End of Addition.txt ============================

Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

  • Para hacerlo descarga Delfix en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:


Start
CreateRestorePoint:
CloseProcesses:

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
GroupPolicy: Restriction - Chrome <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3456141109-2991592538-2196831460-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
CHR Extension: (EasyPDFCombine) - C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn [2019-05-19]
C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3456141109-2991592538-2196831460-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
Shortcut: C:\Users\Libelula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache HTTP Server\Apache Docs Online.lnk -> hxxp://httpd.apache.org/docs


HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

  • Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro (Aplicable a Windows 10)?, para trabajar desde ese modo de windows. (Usa el Metodo 1 y si no puedes, usa el Metodo 2)

  • Ejecutas Frst.exe.

  • Presionas el botón Fix y aguardas a que termine.

  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, comentado como va el problema, y para ello realizas un nuevo analisi con Malwarebytes (análisis de amenazas) y me pegas el log

Start
CreateRestorePoint:
CloseProcesses:

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
GroupPolicy: Restriction - Chrome <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3456141109-2991592538-2196831460-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
CHR Extension: (EasyPDFCombine) - C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn [2019-05-19]
C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3456141109-2991592538-2196831460-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
Shortcut: C:\Users\Libelula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache HTTP Server\Apache Docs Online.lnk -> hxxp://httpd.apache.org/docs


HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END`Texto preformateado`
Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 19/5/19
Hora del análisis: 21:23
Archivo de registro: 9947eb76-7a6b-11e9-917e-2c56dc0465fe.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.586
Versión del paquete de actualización: 1.0.10668
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.765)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-R3F2LF4\Libelula

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 521810
Amenazas detectadas: 76
Amenazas en cuarentena: 0
Tiempo transcurrido: 9 hr, 55 min, 34 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 1
PUP.Optional.MindSpark.Generic, HKU\S-1-5-21-3456141109-2991592538-2196831460-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|ekamneaohnpkfjaffmimdhgbpdablhbn, Sin acciones por parte del usuario, [1756], [456842],1.0.10668

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 19
PUP.Optional.MindSpark.Generic, C:\USERS\LIBELULA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\es_419, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\pt_BR, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\pt_PT, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\ar, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\de, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\en, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\es, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\fr, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\it, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\ja, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\ko, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\nl, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_metadata, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\config, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\icons, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\USERS\LIBELULA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\EKAMNEAOHNPKFJAFFMIMDHGBPDABLHBN\13.870.15.8251_0, Sin acciones por parte del usuario, [1756], [456842],1.0.10668

Archivo: 56
PUP.Optional.MindSpark.Generic, C:\USERS\LIBELULA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\USERS\LIBELULA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\USERS\LIBELULA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\EKAMNEAOHNPKFJAFFMIMDHGBPDABLHBN\13.870.15.8251_0\CONFIG\CONFIG.JSON, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\icons\icon128.png, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\icons\icon16.png, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\icons\icon19disabled.png, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\icons\icon19on.png, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\icons\icon48.png, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\meta.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\ajax.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\babAPI.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\babClickHandler.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\babContentScript.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\babContentScriptAPI.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\background.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\browserUtils.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\chrome.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\contentScriptConnectionManager.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\dateTimeUtils.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\dlp.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\dlpHelper.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\extensionDetect.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\index.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\localStorageContentScript.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\logger.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\offerService.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\pageUtils.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\PartnerId.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\polyfill.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\product.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\remoteConfigLoader.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\splashPageLocalStorageSetter.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\splashPageRedirectHandler.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\storageUtils.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\TemplateParser.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\ul.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\urlFragmentActions.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\urlUtils.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\util.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\webtooltabAPI.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\js\webTooltabAPIProxy.js, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\ar\messages.json, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\de\messages.json, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\en\messages.json, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\es\messages.json, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\es_419\messages.json, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\fr\messages.json, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\it\messages.json, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\ja\messages.json, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\ko\messages.json, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\nl\messages.json, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\pt_BR\messages.json, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_locales\pt_PT\messages.json, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\_metadata\verified_contents.json, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\manifest.json, Sin acciones por parte del usuario, [1756], [456842],1.0.10668
PUP.Optional.MindSpark.Generic, C:\Users\Libelula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekamneaohnpkfjaffmimdhgbpdablhbn\13.870.15.8251_0\newtabpage.html, Sin acciones por parte del usuario, [1756], [456842],1.0.10668

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
  • Realiza copia marcadores (exportar marcadores),de Chrome >> https://support.google.com/chrome/answer/96816?hl=es

  • Desinstalas Chrome con Revo.

  • Descarga e instalas >> Revo Uninstaller | InfoSpyware

  • Luego, segun Indico, desinstalas el / los programas indicados, seleccionando cuando lo indique Revo, el Modo Avanzado

  • Marcas NOMBRE PROGRAMA y pulsas desinstalar en el menu de Revo, en Modo Avanzado

  • Cuando lo hagas, se iniciara el desinstalador de NOMBRE DE PROGRAMA y al finalizar (si alguno te pide reiniciar, pulsas en NO o Cancelar y continuas con Revo), realizas:

  1. Pulsas Analizar en Revo, para que analice los restos del programa

  2. Pulsas seleccionar todo, para eliminar restos del registro

  3. Pulsas borrar todo

  4. Pulsas siguiente

  5. Pulsas seleccionar todo, para eliminar, si hay, carpetas

  6. Pulsas borrar todo

  7. Pulsas finalizar

Eliminas estas carpetas si estan:

  1. C:\ProgramData\Google/Chrome

  2. C:\Users\All Users\Google\Chrome

  3. C:\Users\TU NOMBRE DE USUARIO\AppData\Local\Google\Chrome

  4. C:\Users\TU NOMBRE DE USUARIO\AppData\Roaming\Google\Chrome

Reinstalas >> https://www.google.es/chrome/browser/desktop/ y vuelve a analizar con Malwarebytes

code Malwarebytes

-Detalles del registro-
Fecha del análisis: 20/5/19
Hora del análisis: 10:53
Archivo de registro: c3aefbc2-7adc-11e9-828e-2c56dc0465fe.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.586
Versión del paquete de actualización: 1.0.10674
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.765)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-R3F2LF4\Libelula

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 494189
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 9 hr, 47 min, 0 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
(/code)

Ya está solucionado. Muchísimas gracias :wink: ¿alguna recomendación para mantener el portatil limpio?

Aparte de tener el antivirus activo y actualizado, tener cuidado con lo que se descarga, y para ello mira aqui.

Para eliminar las herramientas usadas en la desinfección, realizas:

  • Descargas y Ejecutas >> Delfix, en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7 /8 /10,presiona clic derecho y selecciona >>;Ejecutar como Administrador.)

  • Marca solamente la casilla Remove disinfection tools

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Si queda alguna herramienta, la desinstalas desde panel de Windows y aquellas que no estén listadas, se eliminan directamente.


Me alegro de haberte podido ayudar! :+1:


TEMA SOLUCIONADO

Este tema se cerró automáticamente 2 días después del último post. No se permiten nuevas respuestas.