Chrome, Opera y otros no me abren algunas paginas

Buenas noches!!, acabo de hacer una limpieza con ccleaner y luego con malwarebytes en modo seguro y me dectecto muchas amenazas, y las puso en cuarentena. eso esta bien por un lado. Ahora tanto chrome como opera o el navegador de avast no me deja entrar a ciertas paginas como a la de malwarebytes o a la descarga de programas de esta pagina forospyware. Que programas deberia descargar y de que manera porque no me deja, para efectuar una limpieza de los navegadores. Quedo atento a sus consejos muchas gracias. mi sistema operativo es W10 64 bits, tengo el avast free instalado y el malwarebytes

Hola @Elvio_Bottazzi

Bienvenido a esta nueva etapa de InfoSpyware!!!

Pega en tu próxima respuesta el reporte de Malwarebytes.

Te dejo su Manual para que sepas recuperarlo, revisa en Informe de Análisis

Salu2

Hola SanMar, muchas gracias por atenderme. Aqui te dejo el reporte que hice con el malwarebytes. Habia muchas cosas…

Malwarebytes
    www.malwarebytes.com

    -Detalles del registro-
    Fecha del análisis: 4/7/19
    Hora del análisis: 19:30
    Archivo de registro: 4e1867ad-9eab-11e9-85c9-94de80c5ff1a.json

    -Información del software-
    Versión: 3.7.1.2839
    Versión de los componentes: 1.0.586
    Versión del paquete de actualización: 1.0.11354
    Licencia: Gratis

    -Información del sistema-
    SO: Windows 10 (Build 17134.829)
    CPU: x64
    Sistema de archivos: NTFS
    Usuario: DESKTOP-N04D4TT\Fabri

    -Resumen del análisis-
    Tipo de análisis: Análisis de amenazas
    Análisis iniciado por:: Manual
    Resultado: Completado
    Objetos analizados: 343392
    Amenazas detectadas: 550
    Amenazas en cuarentena: 550
    Tiempo transcurrido: 11 min, 18 seg

    -Opciones de análisis-
    Memoria: Activado
    Inicio: Activado
    Sistema de archivos: Activado
    Archivo: Activado
    Rootkits: Desactivado
    Heurística: Activado
    PUP: Detectar
    PUM: Detectar

    -Detalles del análisis-
    Proceso: 0
    (No hay elementos maliciosos detectados)

    Módulo: 0
    (No hay elementos maliciosos detectados)

    Clave del registro: 29
    PUP.Optional.MailRu, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\MailRuUpdater, En cuarentena, [254], [403909],1.0.11354
    PUP.Optional.MailRu, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B6DA07BA-DB91-4566-99CE-35E684E62C6A}, En cuarentena, [254], [403909],1.0.11354
    PUP.Optional.MailRu, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{B6DA07BA-DB91-4566-99CE-35E684E62C6A}, En cuarentena, [254], [403909],1.0.11354
    PUP.Optional.InstallCore, HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\CSASTATS\ic, En cuarentena, [446], [586068],1.0.11354
    PUP.Optional.MailRu, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Updater.Mail.Ru, En cuarentena, [254], [384138],1.0.11354
    PUP.Optional.MailRu, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\mrupdsrv, En cuarentena, [254], [384138],1.0.11354
    PUP.Optional.WinYahoo, HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}, En cuarentena, [240], [254682],1.0.11354
    PUP.Optional.MailRu, HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}, En cuarentena, [254], [382913],1.0.11354
    PUP.Optional.MailRu, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\IEPOEGKAOELJNBHAGABAKJODGPFNIIMO, En cuarentena, [254], [695277],1.0.11354
    PUP.Optional.MailRu, HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\iepoegkaoeljnbhagabakjodgpfniimo, En cuarentena, [254], [695277],1.0.11354
    PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\NAHHMPBCKPGDIDFNMFKFGIFLPJIJILCE, En cuarentena, [2078], [440037],1.0.11354
    PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\NAHHMPBCKPGDIDFNMFKFGIFLPJIJILCE, En cuarentena, [2078], [440037],1.0.11354
    PUP.Optional.SearchManager, HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nahhmpbckpgdidfnmfkfgiflpjijilce, En cuarentena, [2078], [440037],1.0.11354
    PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.MailRu, HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\GOOGLE\CHROME\NATIVEMESSAGINGHOSTS\ru.mail.go.ext_info_host, En cuarentena, [254], [485554],1.0.11354
    PUP.Optional.MailRu, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68AE298D-7E8A-4F53-BE55-15D2B065F6C0}, En cuarentena, [254], [471429],1.0.11354
    Trojan.FakeMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\System\SYSTEMCHECK, En cuarentena, [754], [414093],1.0.11354
    Trojan.FakeMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D2169C86-FE93-4A51-A439-CEB01E4BA9FE}, En cuarentena, [754], [414093],1.0.11354
    Trojan.FakeMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{D2169C86-FE93-4A51-A439-CEB01E4BA9FE}, En cuarentena, [754], [414093],1.0.11354
    PUP.Optional.MailRu, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\beliehdniadoecbonbhlcgbdldccfigp, En cuarentena, [254], [678405],1.0.11354
    PUP.Optional.MailRu, HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\beliehdniadoecbonbhlcgbdldccfigp, En cuarentena, [254], [678405],1.0.11354
    PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, En cuarentena, [7081], [252393],1.0.11354
    Trojan.CrthRazy, HKLM\SOFTWARE\WOW6432NODE\Machiner, En cuarentena, [3137], [676882],1.0.11354
    PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, En cuarentena, [7081], [252393],1.0.11354
    PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\IESearchPlugin.MailRuBHO, En cuarentena, [326], [351113],1.0.11354
    PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\IESearchPlugin.MailRuBHO.1, En cuarentena, [326], [351113],1.0.11354
    PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{8E8F97CD-60B5-456F-A201-73065652D099}, En cuarentena, [326], [351113],1.0.11354

    Valor del registro: 17
    PUP.Optional.WinYahoo, HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}|URL, En cuarentena, [240], [254682],1.0.11354
    PUP.Optional.MailRu, HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}|URL, En cuarentena, [254], [382913],1.0.11354
    PUP.Optional.MailRu, HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}|FAVICONURLFALLBACK, En cuarentena, [254], [382913],1.0.11354
    PUP.Optional.MailRu, HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}|SUGGESTIONSURL, En cuarentena, [254], [382913],1.0.11354
    PUP.Optional.MailRu, HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Profile 1\extensions.settings|IEPOEGKAOELJNBHAGABAKJODGPFNIIMO, En cuarentena, [254], [695277],1.0.11354
    PUP.Optional.SearchManager, HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Profile 1\extensions.settings|NAHHMPBCKPGDIDFNMFKFGIFLPJIJILCE, En cuarentena, [2078], [440037],1.0.11354
    PUP.Optional.SearchManager, HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Profile 1\extensions.settings|PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.MailRu, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68AE298D-7E8A-4F53-BE55-15D2B065F6C0}|APPPATH, En cuarentena, [254], [471429],1.0.11354
    PUP.Optional.MailRu, HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Profile 1\extensions.settings|beliehdniadoecbonbhlcgbdldccfigp, En cuarentena, [254], [678405],1.0.11354
    PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DISABLEAUTOUPDATECHECKSCHECKBOXVALUE, En cuarentena, [7081], [252393],1.0.11354
    PUP.Optional.MailRu, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B6DA07BA-DB91-4566-99CE-35E684E62C6A}|PATH, En cuarentena, [254], [403907],1.0.11354
    Trojan.FakeMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D2169C86-FE93-4A51-A439-CEB01E4BA9FE}|PATH, En cuarentena, [754], [461394],1.0.11354
    PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DISABLEAUTOUPDATECHECKSCHECKBOXVALUE, En cuarentena, [7081], [252393],1.0.11354
    Adware.MailRu.BatBitRst, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MRUPDSRV|IMAGEPATH, En cuarentena, [337], [481469],1.0.11354
    Trojan.CrthRazy.Generic, HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|dpacanjfikmhoddligfbehkpomnbgblf, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Profile 1\extensions.settings|dpacanjfikmhoddligfbehkpomnbgblf, En cuarentena, [14648], [676732],1.0.11354
    PUP.Optional.MindSpark.Generic, HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Profile 1\extensions.settings|lbijecpdngjgndgelnoknlmeiikfcjjh, En cuarentena, [1761], [456842],1.0.11354

    Datos del registro: 0
    (No hay elementos maliciosos detectados)

    Secuencia de datos: 0
    (No hay elementos maliciosos detectados)

    Carpeta: 92
    PUP.Optional.MailRu, C:\Program Files (x86)\Mail.Ru\Update Service, En cuarentena, [254], [384138],1.0.11354
    PUP.Optional.MailRu, C:\Program Files (x86)\Mail.Ru\MailRuUpdater, En cuarentena, [254], [384138],1.0.11354
    PUP.Optional.MailRu, C:\PROGRAM FILES (X86)\MAIL.RU, En cuarentena, [254], [384138],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iepoegkaoeljnbhagabakjodgpfniimo\15.1.4.3_0\_metadata, En cuarentena, [254], [695277],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iepoegkaoeljnbhagabakjodgpfniimo\15.1.4.3_0\icons, En cuarentena, [254], [695277],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iepoegkaoeljnbhagabakjodgpfniimo\15.1.4.3_0, En cuarentena, [254], [695277],1.0.11354
    PUP.Optional.MailRu, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Extensions\IEPOEGKAOELJNBHAGABAKJODGPFNIIMO, En cuarentena, [254], [695277],1.0.11354
    PUP.Optional.MailRu, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Local Extension Settings\IEPOEGKAOELJNBHAGABAKJODGPFNIIMO, En cuarentena, [254], [695277],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\sitesThumbnails, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\converter, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\weather, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\films, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\icons, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\tiles, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\maps, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\_locales\pt_BR, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\fonts, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\_locales\en, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\_locales\fr, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\_locales\hi, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\_locales\vi, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\skin\icons, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\_metadata, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\_locales, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\vendor, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\skin, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Extensions\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, En cuarentena, [2078], [183362],1.0.11354
    Trojan.CrthRazy, C:\PROGRAM FILES (X86)\MACHINERDATA, En cuarentena, [3137], [676766],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action, En cuarentena, [254], [678405],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\resources, En cuarentena, [254], [678405],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_locales\en, En cuarentena, [254], [678405],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_locales\ru, En cuarentena, [254], [678405],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\img, En cuarentena, [254], [678405],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\icons, En cuarentena, [254], [678405],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_metadata, En cuarentena, [254], [678405],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_locales, En cuarentena, [254], [678405],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets, En cuarentena, [254], [678405],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img, En cuarentena, [254], [678405],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0, En cuarentena, [254], [678405],1.0.11354
    PUP.Optional.MailRu, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Local Extension Settings\beliehdniadoecbonbhlcgbdldccfigp, En cuarentena, [254], [678405],1.0.11354
    PUP.Optional.MailRu, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\EXTENSIONS\beliehdniadoecbonbhlcgbdldccfigp, En cuarentena, [254], [678405],1.0.11354
    Trojan.CrthRazy.Generic, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Local Extension Settings\dpacanjfikmhoddligfbehkpomnbgblf, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Extension Settings\dpacanjfikmhoddligfbehkpomnbgblf, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\_locales\pt_BR, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\_locales\de, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\_locales\en, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\_locales\fr, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\_locales\ru, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\js\content, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\src\vendor, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\src\popup, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\_metadata, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\_locales, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\src\bg, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\icons, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\img, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\src, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\js, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Local Extension Settings\dpacanjfikmhoddligfbehkpomnbgblf, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Sync Extension Settings\dpacanjfikmhoddligfbehkpomnbgblf, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\_locales\pt_BR, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\_locales\de, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\_locales\en, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\_locales\fr, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\_locales\ru, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\js\content, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\src\vendor, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\src\popup, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\_metadata, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\_locales, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\src\bg, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\icons, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\img, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\src, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\js, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\DPACANJFIKMHODDLIGFBEHKPOMNBGBLF, En cuarentena, [14648], [676732],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\_locales\en, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\_metadata, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\_locales, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\config, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\icons, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\EXTENSIONS\LBIJECPDNGJGNDGELNOKNLMEIIKFCJJH\13.894.15.54872_0, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.WinYahoo.TskLnk, C:\Users\Fabri\AppData\Local\{4D6A7B36-69C2-178E-045A-32662032CEFE}\HowToRemove, En cuarentena, [800], [542290],1.0.11354
    PUP.Optional.WinYahoo.TskLnk, C:\USERS\FABRI\APPDATA\LOCAL\{4D6A7B36-69C2-178E-045A-32662032CEFE}, En cuarentena, [800], [542290],1.0.11354

    Archivo: 412
    PUP.Optional.MailRu, C:\WINDOWS\SYSTEM32\TASKS\MailRuUpdater, En cuarentena, [254], [403909],1.0.11354
    PUP.Optional.MailRu.Generic, C:\USERS\FABRI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CANLEOQO.DEFAULT\EXTENSIONS\[email protected], En cuarentena, [4614], [462926],1.0.11354
    PUP.Optional.MailRu.Generic, C:\USERS\FABRI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CANLEOQO.DEFAULT\EXTENSIONS\[email protected], En cuarentena, [4614], [462926],1.0.11354
    PUP.Optional.SearchManager, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage, En cuarentena, [2078], [453138],1.0.11354
    PUP.Optional.SearchManager, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\LOCAL STORAGE\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage, En cuarentena, [2078], [453138],1.0.11354
    PUP.Optional.MailRu, C:\USERS\FABRI\FAVORITES\Mail.Ru.url, En cuarentena, [254], [471428],1.0.11354
    PUP.Optional.MailRu, C:\USERS\FABRI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CANLEOQO.DEFAULT\EXTENSIONS\{A38384B3-2D1D-4F36-BC22-0F7AE402BCD7}.XPI, En cuarentena, [254], [458842],1.0.11354
    PUP.Optional.MailRu, C:\Program Files (x86)\Mail.Ru\MailRuUpdater\MailRuUpdater.exe, En cuarentena, [254], [384138],1.0.11354
    PUP.Optional.MailRu, C:\Program Files (x86)\Mail.Ru\Update Service\mrupdsrv.exe, En cuarentena, [254], [384138],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iepoegkaoeljnbhagabakjodgpfniimo\15.1.4.3_0\icons\128.png, En cuarentena, [254], [695277],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iepoegkaoeljnbhagabakjodgpfniimo\15.1.4.3_0\icons\16.png, En cuarentena, [254], [695277],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iepoegkaoeljnbhagabakjodgpfniimo\15.1.4.3_0\icons\32.png, En cuarentena, [254], [695277],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iepoegkaoeljnbhagabakjodgpfniimo\15.1.4.3_0\icons\48.png, En cuarentena, [254], [695277],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iepoegkaoeljnbhagabakjodgpfniimo\15.1.4.3_0\_metadata\computed_hashes.json, En cuarentena, [254], [695277],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iepoegkaoeljnbhagabakjodgpfniimo\15.1.4.3_0\_metadata\verified_contents.json, En cuarentena, [254], [695277],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iepoegkaoeljnbhagabakjodgpfniimo\15.1.4.3_0\background.js, En cuarentena, [254], [695277],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iepoegkaoeljnbhagabakjodgpfniimo\15.1.4.3_0\manifest.json, En cuarentena, [254], [695277],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\iepoegkaoeljnbhagabakjodgpfniimo\000003.log, En cuarentena, [254], [695277],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\iepoegkaoeljnbhagabakjodgpfniimo\CURRENT, En cuarentena, [254], [695277],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\iepoegkaoeljnbhagabakjodgpfniimo\LOCK, En cuarentena, [254], [695277],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\iepoegkaoeljnbhagabakjodgpfniimo\LOG, En cuarentena, [254], [695277],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\iepoegkaoeljnbhagabakjodgpfniimo\LOG.old, En cuarentena, [254], [695277],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\iepoegkaoeljnbhagabakjodgpfniimo\MANIFEST-000001, En cuarentena, [254], [695277],1.0.11354
    PUP.Optional.MailRu, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Sustituido, [254], [695277],1.0.11354
    PUP.Optional.MailRu, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Preferences, Sustituido, [254], [695277],1.0.11354
    PUP.Optional.SearchManager, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Sustituido, [2078], [440037],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\fonts\HelveticaNeue-Thin.otf, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\fonts\HelveticaNeueLT-Roman.woff, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\fonts\neue-bold.woff, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\fonts\neue.woff, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\converter\close-FF8A5A.svg, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\converter\collection-9B9B9B.svg, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\converter\collection-FF691E.svg, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\converter\doc-icon-FFFFFF.svg, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\converter\error-FF691E.svg, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\converter\pdf-2-doc-9B9B9B.svg, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\converter\pdf-2-doc-FFFFFF.svg, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\converter\pdf-icon-FFFFFF.svg, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\converter\success-FF8A5A.svg, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\converter\tab-arrow-FF691E.svg, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\converter\upload-FF691E.svg, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\films\amazon-FFFFFF.svg, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\films\amazon.svg, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\films\close.svg, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\films\enlarge-000000-FFFFFF.svg, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\films\enlarge-FFCA00-000000.svg, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\films\hulu-FFFFFF.svg, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\films\hulu.svg, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\films\minimize-000000-FFFFFF.svg, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\films\netflix-FFFFFF.svg, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\films\netflix.svg, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\films\refresh-FFFFFF-000000.svg, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\films\shrink-FFCA00-000000.svg, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\films\shuffle-000000.svg, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\films\shuffle-FFFFFF.svg, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\films\vudu-FFFFFF.svg, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\films\vudu.svg, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\icons\128.png, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\icons\16.png, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\icons\48.png, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\icons\close.png, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\icons\favicon.ico, En cuarentena, [2078], [183362],1.0.11354
    PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile
1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\icons\trends.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\maps\bing-maps-FFFFFF.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\maps\from-to-icon-8881FF.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\maps\google-maps-FFFFFF.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\maps\location-icon-8881FF.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\maps\search-4A4A4A.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\maps\search-8881FF.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\maps\switch-8881FF.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\maps\tab-arrow-8881FF.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\maps\whereto-logo-8881FF.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\maps\whereto-logo-FFFFFF.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\sitesThumbnails\facebook_tile_v2.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\sitesThumbnails\aliexpress.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\sitesThumbnails\aliexpress_tile_v2.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\sitesThumbnails\amazon.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\sitesThumbnails\amazon_tile_v2.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\sitesThumbnails\booking.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\sitesThumbnails\booking_tile_v2.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\sitesThumbnails\ebay.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\sitesThumbnails\ebay_tile_v2.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\sitesThumbnails\expedia.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\sitesThumbnails\expedia_tile_v2.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\sitesThumbnails\facebook.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\sitesThumbnails\gmail.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\sitesThumbnails\gmail_tile_v2.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\sitesThumbnails\google-translate-icon-FFFFFF.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\sitesThumbnails\gtranslte.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\sitesThumbnails\pinterest.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\sitesThumbnails\pinterest_tile_v2.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\sitesThumbnails\twitter.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\sitesThumbnails\twitter_tile_v2.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\sitesThumbnails\wix.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\sitesThumbnails\wix_tile_v2.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\sitesThumbnails\yahoo.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\sitesThumbnails\yahoo_tile_v2.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\sitesThumbnails\youtube.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\sitesThumbnails\youtube_tile_v2.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\tiles\DOC-to-PDF.jpg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\tiles\PDF-to-DOC.jpg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\tiles\Translation.jpg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\tiles\View-PDF.jpg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\weather\01d.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\weather\01n.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\weather\02d.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\weather\02n.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\weather\03d.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\weather\03n.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\weather\04d.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\weather\04n.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\weather\09d.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\weather\09n.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\weather\10d.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\weather\10n.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\weather\11d.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\weather\11n.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\weather\13d.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\weather\13n.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\weather\50d.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\weather\50n.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\down.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\alot.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\angle-arrow-down.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\bing.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\bing_large.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\bluesky-bg.jpg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\brush.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\bt.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\clock.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\cloud.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\cupcake-bg.jpg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\desk-bg.jpg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\doodle.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\enhanced_google.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\eyeglass.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\eyeglass_transparent.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\films-bg.jpg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\gmx_large.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\google.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\google_large.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\hero-bg.jpg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\just-the-box-empty.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\just-the-box.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\mountain-bg.jpg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\pointer2.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\radio-selected.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\radio-unselected.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\sea-bg.jpg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\search-D7D7D7.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\search-FFFFFF.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\settings.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\smallMagnifier.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\star-unselected.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\star.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\todoc.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\toggle-off.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\toggle-on.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\topdf.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\transparent_img.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\yahoo.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\yahoo.svg, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\yahoo_large.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\yandex.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\_enhanced_google.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\images\_gmx_large.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\content\bundle.v0.0.1.min.css, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\skin\icons\16.png, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\vendor\md5.min.js, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\vendor\react-dom.min.js, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\vendor\react-with-addons.min.js, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\_locales\en\messages.json, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\_locales\fr\messages.json, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\_locales\hi\messages.json, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\_locales\pt_BR\messages.json, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\_locales\vi\messages.json, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\_metadata\verified_contents.json, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\2bfc185be71f44cd73ac81511fc1f5a5.woff, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\AmpSearchServiceLocalList.json, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\b495e340f4ef8924fea0284c1bf9e7ac.woff, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\background.html, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\background.v0.0.1.min.js, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\c5a5cbf4dbcaa7064f2bc77f52101aec.otf, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\client.v0.0.1.min.js, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\common.js.v0.0.1.min.js, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\e5d3501d500d07b0a1e952b0f8a81d78.woff, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\e_.json, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\index.html, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\manifest.json, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.91_0\responseConfig.json, En cuarentena, [2078], [183362],1.0.11354
PUP.Optional.SearchManager, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Sustituido, [2078], [183362],1.0.11354 
PUP.Optional.SearchManager, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Preferences, Sustituido, [2078], [183362],1.0.11354  Trojan.FakeMS, C:\WINDOWS\SYSTEM32\TASKS\SYSTEM\SYSTEMCHECK, En cuarentena, [754], [414093],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\img\loaded-empty.png, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\resources\currency-arrow-dark-up.png, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\resources\currency-arrow-light-down.png, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\resources\currency-arrow-light-up.png, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\resources\drag-arrows.png, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\resources\search-cancel-button.png, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\add-128.png, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\add-16.png, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\add-32.png, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\add-48.png, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\added-128.png, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\added-16.png, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\added-32.png, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\added-48.png, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\disabled-128.png, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\disabled-16.png, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\disabled-32.png, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\disabled-48.png, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\icons\icon-128.png, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\icons\icon-16.png, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\icons\icon-32.png, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\icons\icon-48.png, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\black-cross.png, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\spinner.png, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\trash.png, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\white-cross.png, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_locales\en\messages.json, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_locales\ru\messages.json, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_metadata\computed_hashes.json, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_metadata\verified_contents.json, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\page-script.js, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\app.bundle.css, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\app.bundle.js, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\background.bundle.css, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\background.bundle.js, En cuarentena, [254], [678405],1.0.11354
PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\background.html, En cuarentena, [254], [678405],1.0.11354
  PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\context_mailru-plugin.js, En cuarentena, [254], [678405],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\manifest.json, En cuarentena, [254], [678405],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\page-script.css, En cuarentena, [254], [678405],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\prerender.js, En cuarentena, [254], [678405],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\vendors~app.bundle.css, En cuarentena, [254], [678405],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\vendors~app.bundle.js, En cuarentena, [254], [678405],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\vendors~app.bundle~background.bundle.css, En cuarentena, [254], [678405],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\vendors~app.bundle~background.bundle.js, En cuarentena, [254], [678405],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\vendors~background.bundle.js, En cuarentena, [254], [678405],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\visual-bookmarks.html, En cuarentena, [254], [678405],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\beliehdniadoecbonbhlcgbdldccfigp\000003.log, En cuarentena, [254], [678405],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\beliehdniadoecbonbhlcgbdldccfigp\CURRENT, En cuarentena, [254], [678405],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\beliehdniadoecbonbhlcgbdldccfigp\LOCK, En cuarentena, [254], [678405],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\beliehdniadoecbonbhlcgbdldccfigp\LOG, En cuarentena, [254], [678405],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\beliehdniadoecbonbhlcgbdldccfigp\LOG.old, En cuarentena, [254], [678405],1.0.11354
    PUP.Optional.MailRu, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\beliehdniadoecbonbhlcgbdldccfigp\MANIFEST-000001, En cuarentena, [254], [678405],1.0.11354
    PUP.Optional.MailRu, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Sustituido, [254], [678405],1.0.11354
    PUP.Optional.MailRu, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Preferences, Sustituido, [254], [678405],1.0.11354
    PUP.Optional.SearchModule, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\chrome-extension_nahhmpbckpgdidfnmfkfgiflpjijilce_0.localstorage, En cuarentena, [281], [453492],1.0.11354
    PUP.Optional.MailRu, C:\USERS\FABRI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CANLEOQO.DEFAULT\PREFS.JS, Sustituido, [254], [702573],1.0.11354
    Adware.MailRu.BatBitRst, C:\USERS\FABRI\FAVORITES\Искать в Интернете.URL, En cuarentena, [337], [648495],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dpacanjfikmhoddligfbehkpomnbgblf\000003.log, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dpacanjfikmhoddligfbehkpomnbgblf\CURRENT, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dpacanjfikmhoddligfbehkpomnbgblf\LOCK, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dpacanjfikmhoddligfbehkpomnbgblf\LOG, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dpacanjfikmhoddligfbehkpomnbgblf\LOG.old, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dpacanjfikmhoddligfbehkpomnbgblf\MANIFEST-000001, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\dpacanjfikmhoddligfbehkpomnbgblf\000003.log, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\dpacanjfikmhoddligfbehkpomnbgblf\CURRENT, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\dpacanjfikmhoddligfbehkpomnbgblf\LOCK, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\dpacanjfikmhoddligfbehkpomnbgblf\LOG, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\dpacanjfikmhoddligfbehkpomnbgblf\LOG.old, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\dpacanjfikmhoddligfbehkpomnbgblf\MANIFEST-000001, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\icons\icon.png, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\img\deezer.ico, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\img\donation.png, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\img\donation1.png, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\img\powered_by_acrcloud.png, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\img\powered_by_acrcloud_1.png, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\img\recycle.png, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\img\searching.gif, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\img\search_btn.png, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\img\spotify.ico, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\img\spotify.png, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\img\youtube.ico, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\js\content\content.js, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\src\bg\background.js, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\src\popup\popup.css, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\src\popup\popup.html, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\src\popup\popup.js, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\src\vendor\handlebars-v4.0.10.js, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\src\vendor\jquery.min.js, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\_locales\de\messages.json, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\_locales\en\messages.json, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\_locales\fr\messages.json, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\_locales\pt_BR\messages.json, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\_locales\ru\messages.json, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\_metadata\computed_hashes.json, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\_metadata\verified_contents.json, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\manifest.json, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\dpacanjfikmhoddligfbehkpomnbgblf\000003.log, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\dpacanjfikmhoddligfbehkpomnbgblf\CURRENT, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\dpacanjfikmhoddligfbehkpomnbgblf\LOCK, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\dpacanjfikmhoddligfbehkpomnbgblf\LOG, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\dpacanjfikmhoddligfbehkpomnbgblf\LOG.old, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\dpacanjfikmhoddligfbehkpomnbgblf\MANIFEST-000001, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Extension Settings\dpacanjfikmhoddligfbehkpomnbgblf\000003.log, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Extension Settings\dpacanjfikmhoddligfbehkpomnbgblf\CURRENT, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Extension Settings\dpacanjfikmhoddligfbehkpomnbgblf\LOCK, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Extension Settings\dpacanjfikmhoddligfbehkpomnbgblf\LOG, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Extension Settings\dpacanjfikmhoddligfbehkpomnbgblf\LOG.old, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Extension Settings\dpacanjfikmhoddligfbehkpomnbgblf\MANIFEST-000001, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Sustituido, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Sustituido, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Preferences, Sustituido, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\DPACANJFIKMHODDLIGFBEHKPOMNBGBLF\0.1.2_0\MVA0A0AGGG.JS, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\icons\icon.png, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\img\deezer.ico, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\img\donation.png, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\img\donation1.png, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\img\powered_by_acrcloud.png, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\img\powered_by_acrcloud_1.png, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\img\recycle.png, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\img\searching.gif, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\img\search_btn.png, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\img\spotify.ico, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\img\spotify.png, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\img\youtube.ico, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\js\content\content.js, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\src\bg\background.js, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\src\popup\popup.css, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\src\popup\popup.html, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\src\popup\popup.js, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\src\vendor\handlebars-v4.0.10.js, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\src\vendor\jquery.min.js, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\_locales\de\messages.json, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\_locales\en\messages.json, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\_locales\fr\messages.json, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\_locales\pt_BR\messages.json, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\_locales\ru\messages.json, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\_metadata\computed_hashes.json, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\_metadata\verified_contents.json, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\0X34URYBM2.js, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\4I9FYYBU8E.js, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\manifest.json, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\MQB3F773V4.js, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\SQCC1OMO57.js, En cuarentena, [14648], [676732],1.0.11354
    Trojan.CrthRazy.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\0.1.2_0\WQ6F4MXV2Z.js, En cuarentena, [14648], [676732],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Sustituido, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Preferences, Sustituido, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\EXTENSIONS\LBIJECPDNGJGNDGELNOKNLMEIIKFCJJH\13.894.15.54872_0\CONFIG\CONFIG.JSON, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\icons\icon128.png, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\icons\icon16.png, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\icons\icon19disabled.png, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\icons\icon19on.png, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\icons\icon48.png, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\localStorageContentScript.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\ajax.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\babAPI.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\babClickHandler.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\babContentScript.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\babContentScriptAPI.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\background.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\browserUtils.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\chrome.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\contentScriptConnectionManager.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\dateTimeUtils.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\dlp.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\dlpHelper.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\extensionDetect.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\index.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\logger.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\meta.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\offerService.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\pageUtils.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\PartnerId.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\polyfill.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\product.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\remoteConfigLoader.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\splashPageRedirectHandler.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\storageUtils.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\TemplateParser.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\ul.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\urlFragmentActions.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\urlUtils.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\util.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\webtooltabAPI.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\webTooltabAPIProxy.js, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\_locales\en\messages.json, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\_metadata\verified_contents.json, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\manifest.json, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\ntpnew.html, En cuarentena, [1761], [456842],1.0.11354
    PUP.Optional.WinYahoo.TskLnk, C:\USERS\FABRI\APPDATA\LOCAL\{4D6A7B36-69C2-178E-045A-32662032CEFE}\HOWTOREMOVE\HOWTOREMOVE.HTML, En cuarentena, [800], [542290],1.0.11354
    PUP.Optional.WinYahoo.TskLnk, C:\Users\Fabri\AppData\Local\{4D6A7B36-69C2-178E-045A-32662032CEFE}\HowToRemove\chromium-min.jpg, En cuarentena, [800], [542290],1.0.11354
    PUP.Optional.WinYahoo.TskLnk, C:\Users\Fabri\AppData\Local\{4D6A7B36-69C2-178E-045A-32662032CEFE}\HowToRemove\control panel-min-min.JPG, En cuarentena, [800], [542290],1.0.11354
    PUP.Optional.WinYahoo.TskLnk, C:\Users\Fabri\AppData\Local\{4D6A7B36-69C2-178E-045A-32662032CEFE}\HowToRemove\down.png, En cuarentena, [800], [542290],1.0.11354
    PUP.Optional.WinYahoo.TskLnk, C:\Users\Fabri\AppData\Local\{4D6A7B36-69C2-178E-045A-32662032CEFE}\HowToRemove\ff menu.JPG, En cuarentena, [800], [542290],1.0.11354
    PUP.Optional.WinYahoo.TskLnk, C:\Users\Fabri\AppData\Local\{4D6A7B36-69C2-178E-045A-32662032CEFE}\HowToRemove\ff search engine-min.png, En cuarentena, [800], [542290],1.0.11354
    PUP.Optional.WinYahoo.TskLnk, C:\Users\Fabri\AppData\Local\{4D6A7B36-69C2-178E-045A-32662032CEFE}\HowToRemove\hp-min ff.png, En cuarentena, [800], [542290],1.0.11354
    PUP.Optional.WinYahoo.TskLnk, C:\Users\Fabri\AppData\Local\{4D6A7B36-69C2-178E-045A-32662032CEFE}\HowToRemove\hp-min ie.png, En cuarentena, [800], [542290],1.0.11354
    PUP.Optional.WinYahoo.TskLnk, C:\Users\Fabri\AppData\Local\{4D6A7B36-69C2-178E-045A-32662032CEFE}\HowToRemove\search engine.gif, En cuarentena, [800], [542290],1.0.11354
    PUP.Optional.WinYahoo.TskLnk, C:\Users\Fabri\AppData\Local\{4D6A7B36-69C2-178E-045A-32662032CEFE}\HowToRemove\setup pages.gif, En cuarentena, [800], [542290],1.0.11354
    PUP.Optional.WinYahoo.TskLnk, C:\Users\Fabri\AppData\Local\{4D6A7B36-69C2-178E-045A-32662032CEFE}\HowToRemove\sp-min.png, En cuarentena, [800], [542290],1.0.11354
    PUP.Optional.WinYahoo.TskLnk, C:\Users\Fabri\AppData\Local\{4D6A7B36-69C2-178E-045A-32662032CEFE}\HowToRemove\start-min.jpg, En cuarentena, [800], [542290],1.0.11354
    PUP.Optional.WinYahoo.TskLnk, C:\Users\Fabri\AppData\Local\{4D6A7B36-69C2-178E-045A-32662032CEFE}\HowToRemove\up.png, En cuarentena, [800], [542290],1.0.11354
    PUP.Optional.WinYahoo.TskLnk, C:\Users\Fabri\AppData\Local\{4D6A7B36-69C2-178E-045A-32662032CEFE}\cetolifit, En cuarentena, [800], [542290],1.0.11354
    PUP.Optional.WinYahoo.TskLnk, C:\Users\Fabri\AppData\Local\{4D6A7B36-69C2-178E-045A-32662032CEFE}\nonidona, En cuarentena, [800], [542290],1.0.11354
    PUP.Optional.WinYahoo.TskLnk, C:\Users\Fabri\AppData\Local\{4D6A7B36-69C2-178E-045A-32662032CEFE}\uninst.exe, En cuarentena, [800], [542290],1.0.11354
    PUP.Optional.WinYahoo.TskLnk, C:\Users\Fabri\AppData\Local\{4D6A7B36-69C2-178E-045A-32662032CEFE}\uninstp.dat, En cuarentena, [800], [542290],1.0.11354
    Trojan.BitCoinMiner, C:\USERS\FABRI\APPDATA\ROAMING\1337\32323.EXE, En cuarentena, [630], [702348],1.0.11354
    MachineLearning/Anomalous.94%, C:\PROGRAM FILES (X86)\BOTBEETLE\1234.SFX.EXE, En cuarentena, [0], [392687],1.0.11354
    PUP.Optional.GameHack, C:\PROGRAM FILES\CHEAT ENGINE 6.8.3\STANDALONEPHASE1.DAT, En cuarentena, [7981], [393793],1.0.11354
    MachineLearning/Anomalous.94%, C:\PROGRAM FILES (X86)\BOTBEETLE\1234.EXE, En cuarentena, [0], [392687],1.0.11354
    Generic.Malware/Suspicious, C:\USERS\FABRI\DOWNLOADS\KITSERVER BY TU PLAY CHANNEL RESUBIDO.RAR, En cuarentena, [0], [392686],1.0.11354
    PUP.Optional.SearchManager.BITSRST, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Sustituido, [271], [628563],1.0.11354
    PUP.Optional.InstallCore.Generic, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\aTube Catcher.lnk, En cuarentena, [564], [621110],1.0.11354
    PUP.Optional.InstallCore.Generic, C:\USERS\PUBLIC\Desktop\aTube Catcher.lnk, En cuarentena, [564], [621110],1.0.11354
    PUP.Optional.InstallCore.Generic, C:\PROGRAM FILES (X86)\DSNET CORP\ATUBE CATCHER 2.0\YCT.EXE, En cuarentena, [564], [621110],1.0.11354
    PUP.Optional.MailRu, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Sustituido, [254], [454830],1.0.11354
    Adware.MailRu.BatBitRst, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Sustituido, [337], [481467],1.0.11354
    PUP.Optional.SearchManager.BITSRST, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Sustituido, [271], [626729],1.0.11354
    PUP.Optional.MailRu, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Sustituido, [254], [454830],1.0.11354

    Sector físico: 0
    (No hay elementos maliciosos detectados)

    WMI: 0
    (No hay elementos maliciosos detectados)


    (end)

Hola @Elvio_Bottazzi

Si que en ese reporte se ven Adwares…:stuck_out_tongue_winking_eye:

Realiza lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga, instala y/o actualiza a las siguientes herramientas:

3.- Ejecutas respetando el orden los pasos:

CCleaner

Usando su opción Limpiador de acuerdo su Manual:

  • Para borrar Cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.

  • NO necesitamos este reporte

AdwCleaner

Lo ejecutas.

  • Pulsa en el botón Escanear y espera a que se realice el proceso. Luego pulsa sobre el botón Limpiar.
  • Espera a que se complete. Si te pidiera reiniciar el sistema Aceptas.
  • Guarda el reporte que le aparecerá para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también puede encontrarse en “C:\AdwCleaner\AdwCleaner.txt”

ZHPCleaner

  • Siguiendo su manual, lo instalas y ejecutas. Cuando termine, elimina todo lo que encuentre.

Al finalizar, reinicias y luego:

4.- Desactiva temporalmente tu antivirus nuevamente y cualquier programa de seguridad.

5.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. >> Como saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

6.- En tu próxima respuesta, pega los reportes generados.

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Nos comentas.

Salu2

Buenas noches SanMar!, tanto tiempo. Primero disculpas por no responder antes, pero estuve de viaje y no pude realizar antes lo pedido. Te paso a comentar, realice los pasos como me pediste.

  1. la limpieza con ccleaner realizada ok 2)el adwcleaner no lo pude descargar, de ninguna manera, cada vez que intentaba acceder a la pagina de descarga no se abria la pagina y me daba un mensaje como diciendo que tenia problemas de conexion. lo intente con todos los exploradores de internet. Por lo tanto segui con el siguiente paso
  2. descargue y ejecute el ZHPCleaner. Te pego el reporte mas abajo
  3. descargue y ejecute el FRST. Te pego los dos reportes

REPORTE ZHPCLEANER

~ ZHPCleaner v2019.7.19.103 by Nicolas Coolman (2019/07/19)
~ Run by Fabri (Administrator)  (21/07/2019 00:24:50)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Reparar
~ Report : C:\Users\Fabri\Desktop\ZHPCleaner (R).txt
~ Quarantine : C:\Users\Fabri\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point : OK
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit  (Build 17134)


---\\  Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Servicios (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Navegadores de Internet (1)
BORRADOS dados: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\webcompanion.com\\http [Bad : Sensitive Websites]  =>PUP.Optional.LavasoftWebCompanion


---\\  Hosts carpeta (2)
REEMPLAZO: 	::1             localhost
Número de redirecciones encontrados 1/26


---\\  Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Explorador ( Archivos, Carpetas ) (35)
MOVIDO carpeta: C:\Users\Fabri\AppData\Roaming\Mozilla\Firefox\Profiles\canleoqo.default\invalidprefs.js    =>PUP.Optional.Legacy
MOVIDO carpeta: C:\Users\Fabri\Desktop\µTorrent.lnk  [Bad : C:\Users\Fabri\AppData\Roaming\uTorrent\uTorrent.exe](.BitTorrent Inc..)  =>BitTorrent (P2P)
MOVIDO carpeta: C:\Windows\Installer\wix{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVIDO carpeta: C:\Windows\Installer\wix{9CBA860F-7437-4A75-941C-8EF559F2D145}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVIDO carpeta: C:\Windows\Installer\wix{B2E25355-C24E-4E7D-8AD3-455D59810838}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVIDO carpeta: C:\Windows\Installer\wix{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVIDO carpeta: C:\Windows\Installer\wix{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVIDO carpeta: C:\Windows\Installer\wix{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVIDO carpeta: C:\Windows\Installer\wix{F14FB68A-9188-4036-AD0D-D054BC9C9291}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVIDO carpeta: C:\Windows\Installer\wix{F814D094-197F-43C8-87FA-3210BB780486}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVIDO carpeta: C:\Windows\Installer\wix{FBA3961B-D1DF-493C-BC1F-E67D3B832895}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVIDO carpeta: C:\Users\Fabri\AppData\Local\Temp\aria-debug-3184.log    =>.SUP.Temporary.OneDrive
MOVIDO carpeta: C:\Users\Fabri\AppData\Local\Temp\CUsersFabriAppDataLocalProgramsOpera62.0.3331.72opera_autoupdate.download.lock    =>.SUP.Temporary.Opera
MOVIDO carpeta: C:\Users\Fabri\AppData\Local\Temp\CUsersFabriAppDataLocalProgramsOpera62.0.3331.72opera_autoupdate.metrics.lock    =>.SUP.Temporary.Opera
MOVIDO carpeta: C:\Users\Fabri\AppData\Local\Temp\mat-debug-12088.log    =>.SUP.Temporary.Empty
MOVIDO archivo: C:\ProgramData\ByteFence  =>.SUP.ByteFence
MOVIDO archivo: C:\Program Files (x86)\QuickTime  =>Riskware.QuickTime
MOVIDO archivo: C:\ProgramData\Application Data\lavasoft\web companion  =>PUP.Optional.LavasoftWebCompanion
MOVIDO archivo: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime  =>Riskware.QuickTime
MOVIDO archivo: C:\Windows\Installer\MSI14BF.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSI182E.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSI1967.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSI1A62.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSI1B19.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSI1BAD.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSI1CE7.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSI1DC3.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSI3404.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSI4BA3.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSI5E7B.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSI929B.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSI9655.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Windows\Installer\MSI9B5.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Users\Fabri\AppData\LocalLow\Adobe  =>.SUP.Empty
MOVIDO archivo: C:\Users\Fabri\AppData\LocalLow\Apple Computer  =>.SUP.Empty


---\\  Registro ( Claves, Valores, Datos) (64)
BORRADOS clave: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9} [http://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10454__181118&q={search[...]] [Ad-Aware SecureSearch]  =>PUP.Optional.LavasoftSecureSearch
BORRADOS clave**: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9} [http://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10454__181118&q={searchTerms}]  =>PUP.Optional.LavasoftSecureSearch
BORRADOS clave*: HKEY_USERS\.DEFAULT\Software\ByteFence []  =>.SUP.ByteFence
BORRADOS clave*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent [BitTorrent Inc.]  =>BitTorrent (P2P)
BORRADOS clave*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\ByteFenceService_RASAPI32 []  =>.SUP.ByteFence
BORRADOS clave*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\ByteFenceService_RASMANCS []  =>.SUP.ByteFence
BORRADOS clave*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASAPI32 []  =>.SUP.ByteFence
BORRADOS clave*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASMANCS []  =>.SUP.ByteFence
BORRADOS valor: HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\\C:\Program Files (x86)\Cheat Engine 6.7\Cheat Engine.exe [Binary Data]  =>.SUP.Orphan.Compatibility
BORRADOS valor: HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\\C:\Program Files (x86)\Cheat Engine 6.7\unins000.exe [Binary Data]  =>.SUP.Orphan.Compatibility
BORRADOS valor: HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\\C:\Program Files (x86)\Cheat Engine 6.7\cheatengine-x86_64.exe [Binary Data]  =>.SUP.Orphan.Compatibility
BORRADOS valor: HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\\C:\Program Files (x86)\Cheat Engine 6.7\iaminfected-x69_64.exe [Binary Data]  =>.SUP.Orphan.Compatibility
BORRADOS valor: HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\\C:\Program Files (x86)\Cheat Engine 6.7\cheatengine-i386.exe [Binary Data]  =>.SUP.Orphan.Compatibility
BORRADOS valor: HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\\C:\Users\Fabri\AppData\Local\{4D6A7B36-69C2-178E-045A-32662032CEFE}\uninst.exe [Binary Data]  =>.SUP.Orphan.Compatibility
BORRADOS valor: HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\\C:\Users\Fabri\Downloads\NFS Underground 2 -LarkDV\NFS Underground 2 -LarkDV\setup.exe [Binary Data]  =>.SUP.Orphan.Compatibility
BORRADOS valor: HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\\C:\Users\Fabri\Downloads\NFS Underground 2 -LarkDV\NFS Underground 2 -LarkDV\Crack,serial,actualizacion\Crack y Serial(keyGen)\KeyGen.exe [Binary Data]  =>.SUP.Orphan.Compatibility
BORRADOS valor: HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\\C:\Users\Fabri\Downloads\NeedForSpeedUnderground2MegaTrainer-LoRdXaMuU\NFSU2MegaTrain.exe [Binary Data]  =>.SUP.Orphan.Compatibility
BORRADOS valor: HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\\C:\Users\Fabri\Downloads\ab9146b656d8fc23dbc5\NFSU2-Wiccaan.exe [Binary Data]  =>.SUP.Orphan.Compatibility
BORRADOS valor: HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\\C:\Users\Fabri\Downloads\MOD NFSU2\MOD NFSU2\nfsu2-tr.exe [Binary Data]  =>.SUP.Orphan.Compatibility
BORRADOS valor: HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\\C:\Users\Fabri\Downloads\Universe.Sandbox.2.Alpha.19.7.1\LAUNCHER.exe [Binary Data]  =>.SUP.Orphan.Compatibility
BORRADOS valor: HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\\C:\Users\Fabri\Downloads\teclado mecanico por obelixYT\Teclado mecanico by obelix\Jingle Keyboard setup.exe [Binary Data]  =>.SUP.Orphan.Compatibility
BORRADOS valor: HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\\C:\Users\Fabri\Desktop\Adobe CS6\After Effects\Adobe After Effects CS6\Set-up.exe [Binary Data]  =>.SUP.Orphan.Compatibility
BORRADOS valor: HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\\C:\Users\Fabri\AppData\Local\Temp\IXP894.TMP\QuickTimeInstallerAdmin.exe [Binary Data]  =>.SUP.Orphan.Compatibility
BORRADOS valor: HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\\C:\Users\Fabri\Downloads\aTube_Catcher.exe [Binary Data]  =>.SUP.Orphan.Compatibility
BORRADOS valor: HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\\C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe [Binary Data]  =>.SUP.Orphan.Compatibility
BORRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Rockstar Games\GTA San Andreas\gta_sa.exe.FriendlyAppName [gta_sa]  =>.SUP.Orphan.MUICache
BORRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Rockstar Games\GTA San Andreas\GTA San Andreas Windows 10.bat.FriendlyAppName [GTA San Andreas Windows 10]  =>.SUP.Orphan.MUICache
BORRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Next season patch 2019\Selector.exe.FriendlyAppName [WindowsApplication1]  =>.SUP.Orphan.MUICache
BORRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\el mejor pes de la historia\pes2013.exe.FriendlyAppName [Pro Evolution Soccer 2013]  =>.SUP.Orphan.MUICache
BORRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\el mejor pes de la historia\pes2013.exe.ApplicationCompany [Konami Digital Entertainment Co., Ltd.]  =>.SUP.Orphan.MUICache
BORRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Cheat Engine 6.7\iaminfected-x69_64.exe.FriendlyAppName [iaminfected-x69_64]  =>.SUP.Orphan.MUICache
BORRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\EL MEJOR PES DE LA HISTORIA\PESEDIT.exe.FriendlyAppName [PESEDIT Selector]  =>.SUP.Orphan.MUICache
BORRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\effects difinitivo\Adobe After Effects CS6\Support Files\AfterFX.exe.FriendlyAppName [Adobe After Effects CS6]  =>.SUP.Orphan.MUICache
BORRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\effects difinitivo\Adobe After Effects CS6\Support Files\AfterFX.exe.ApplicationCompany [Adobe Systems Incorporated]  =>.SUP.Orphan.MUICache
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\D:\maquina\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\D:\maquina\UnattendedTemplates\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\D:\maquina\platforms\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\D:\maquina\drivers\vboxdrv\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\D:\maquina\drivers\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\D:\maquina\drivers\network\netadp6\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\D:\maquina\drivers\network\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\D:\maquina\drivers\network\netlwf\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\D:\maquina\drivers\USB\device\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\D:\maquina\drivers\USB\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\D:\maquina\drivers\USB\filter\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\D:\maquina\sdk\install\vboxapi\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\D:\maquina\sdk\install\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\D:\maquina\sdk\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\D:\maquina\x86\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\D:\maquina\doc\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\D:\maquina\nls\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve\Half-Life 2\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\D:\BEST CALL OF DUTY 2\main\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\D:\BEST CALL OF DUTY 2\miles\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\D:\Pro Evolution Soccer 2013\img\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\D:\Pro Evolution Soccer 2013\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\D:\EL MEJOR PRO 2013\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\D:\KONAMI\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\D:\Next season patch 2019\img\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\D:\Next season patch 2019\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\D:\EL MEJOR PES DE LA HISTORIA\img\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\D:\EL MEJOR PES DE LA HISTORIA\ [No Folder]  =>.SUP.Obsolete.NoFolder


---\\  Resumen de elementos en su estación de trabajo (13)
https://nicolascoolman.eu/2017/03/12/superfluous-lavasoftwebcompanion/  =>PUP.Optional.LavasoftWebCompanion
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>PUP.Optional.Legacy
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>BitTorrent (P2P)
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Empty
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.OneDrive
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.Opera
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.Empty
https://nicolascoolman.eu/2017/03/13/superfluous-bytefence/  =>.SUP.ByteFence
https://nicolascoolman.eu/2017/01/15/riskware-quicktime/  =>Riskware.QuickTime
https://www.nicolascoolman.com/fr/pup-lavasoftsecuresearch/  =>PUP.Optional.LavasoftSecureSearch
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Orphan.Compatibility
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Orphan.MUICache
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Obsolete.NoFolder


---\\ Limpieza adicional. (55)
~ Clave de registro Tracing borrados (55)
~ Quitar los antiguos informes de ZHPCleaner. (0)


---\\ Resultado de la reparación.
~ Reparación llevada a cabo con éxito


---\\ STATISTIQUES
~ Items escaneado : 2469
~ Items encontrado : 0
~ artículos cancelados : 0
~ Items opciones : 13/13
~ Ahorro de espacio (bytes) : 1806


~ End of clean in 00h00mn33s

---\\  Reporte (2)
ZHPCleaner-[S]-21072019-00_22_44.txt
ZHPCleaner-[R]-21072019-00_25_23.txt

REPORTE DEL FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01
Ran by Fabri (administrator) on DESKTOP-N04D4TT (Gigabyte Technology Co., Ltd. To be filled by O.E.M.) (21-07-2019 00:41:41)
Running from C:\Users\Fabri\Downloads
Loaded Profiles: Fabri &  (Available Profiles: Fabri & Fabrizio)
Platform: Windows 10 Pro Version 1803 17134.829 (X64) Language: Español (España, internacional)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_1.16.1012.0_x64__8wekyb3d8bbwe\GameBar.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVAST Software s.r.o. -> ) C:\Program Files\AVAST Software\Avast\AvastNM.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.5.245.0\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.5.245.0\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\OpenWith.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\PeopleExperienceHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16735744 2018-11-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [269192 2019-07-04] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601928 2018-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\Run: [Opera Browser Assistant] => C:\Users\Fabri\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [2299928 2019-07-11] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22695280 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\MountPoints2: H - "H:\setup.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\MountPoints2: {62947e0d-ecf0-11e8-909b-94de80c5ff1a} - "K:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\MountPoints2: {77d876e1-8df9-11e9-9101-94de80c5ff1a} - "G:\autorun.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\MountPoints2: {82554cf9-f507-11e8-90a0-94de80c5ff1a} - "I:\setup.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\MountPoints2: {a05e8d26-2a0d-11e9-90bf-94de80c5ff1a} - "G:\setup.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\MountPoints2: {a7e91ee8-f34a-11e8-909f-94de80c5ff1a} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\MountPoints2: {aabe15d8-1c33-11e9-90b3-94de80c5ff1a} - "G:\setup.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\MountPoints2: {e3927cc1-1907-11e9-90b0-94de80c5ff1a} - "H:\RunGame.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\MountPoints2: {fc608a8d-264e-11e9-90b4-94de80c5ff1a} - "J:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\Run: [Opera Browser Assistant] => C:\Users\Fabri\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [2299928 2019-07-11] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22695280 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\ASUS\GPU TweakII\Monitor.exe [2701264 2017-04-12] (ASUSTeK Computer Inc. -> TODO: <Company name>)
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [6662608 2017-04-12] (ASUSTeK Computer Inc. -> TODO: <Company name>)
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: H - "H:\setup.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {62947e0d-ecf0-11e8-909b-94de80c5ff1a} - "K:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {77d876e1-8df9-11e9-9101-94de80c5ff1a} - "G:\autorun.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {82554cf9-f507-11e8-90a0-94de80c5ff1a} - "I:\setup.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {a05e8d26-2a0d-11e9-90bf-94de80c5ff1a} - "G:\setup.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {a7e91ee8-f34a-11e8-909f-94de80c5ff1a} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {aabe15d8-1c33-11e9-90b3-94de80c5ff1a} - "G:\setup.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {e3927cc1-1907-11e9-90b0-94de80c5ff1a} - "H:\RunGame.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {fc608a8d-264e-11e9-90b4-94de80c5ff1a} - "J:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234604214\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIN2E.EXE [298560 2014-03-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\system32\ficvdec_x64.dll [652288 2013-05-28] () [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-10-19] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-10-19] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\SysWOW64\ficvdec_x86.dll [641024 2013-05-28] () [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-18] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> 
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\75.0.1447.81\Installer\chrmstp.exe [2019-07-04] (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\Users\Fabri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2019-04-07]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Fabri\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {045C4434-9D0E-412F-A6F0-27F01EAAAA13} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-10] (Google Inc -> Google Inc.)
Task: {07341CBF-C455-4AE9-9290-BBC44CE29901} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601928 2018-12-15] (Oracle America, Inc. -> Oracle Corporation)
Task: {2784185C-10AF-4E18-95D9-7CB8B0B7717F} - System32\Tasks\ExclusiveTool => D:\Input Mapper\ExclusiveModeTool.exe [19968 2016-10-04] (InputMapper) [File not signed]
Task: {29A3F9DE-D496-4FFD-9A5A-77CD5E50CC19} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {319CE439-65A5-4775-BD09-E2CE53832CFB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208400 2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {39DC634D-A5CD-405F-8936-FB822716D160} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1552544 2015-05-18] (ASUSTeK Computer Inc. -> ) [File not signed]
Task: {3AAD1CE6-496C-49C5-A0E9-6EFACDAB94E6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-10] (Google Inc -> Google Inc.)
Task: {47E9967E-24B3-48DA-AD1E-73E7A19699E0} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950664 2018-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4F61F25E-5FD5-4021-939D-E2800890CE66} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [995208 2018-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {516730CC-0166-4123-BD05-954721891AFF} - System32\Tasks\Opera scheduled Autoupdate 1550343673 => C:\Users\Fabri\AppData\Local\Programs\Opera\launcher.exe [1519640 2019-07-11] (Opera Software AS -> Opera Software)
Task: {53A85CB5-01A6-4947-9AFA-DADA75586A51} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-07-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {560B5307-E83B-4A9B-A112-11F112FB6CC0} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950664 2018-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7A7C9303-72A7-431B-B0CC-80A1E2675B62} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [696200 2018-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7F3AF6A6-F312-4EEE-AAE1-3CA2B74BAF51} - System32\Tasks\GPU Tweak II => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [6662608 2017-04-12] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {837980DA-538A-4A3F-940E-DB69249153D9} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-07-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {860C6102-029E-4A9A-9CF4-DF2C9595A102} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {8AACA6C8-A3BF-4187-95B9-B5BAD77A332B} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950664 2018-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8CAC28F8-0F99-449D-9F98-AAA891988B84} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16667424 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {92C91D9F-CC21-4D87-985A-5FC4A8C76B91} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1808504 2019-06-11] (AVAST Software s.r.o. -> AVAST Software)
Task: {979F438D-8C06-4363-B4F1-4FD6640488E5} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950664 2018-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A3D3D72E-5003-4C95-93A0-DAB9F4476680} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1808504 2019-06-11] (AVAST Software s.r.o. -> AVAST Software)
Task: {A4399EA2-7C3D-47F0-AD5A-50E87BF847C0} - System32\Tasks\EPSON L220 Series Update {AD782571-07B2-4C31-97EF-5C10F0ECD0A5} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSN2E.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {ABD1A15F-360E-4908-A208-4925C8B0EE31} - System32\Tasks\Opera scheduled assistant Autoupdate 1552157179 => C:\Users\Fabri\AppData\Local\Programs\Opera\launcher.exe [1519640 2019-07-11] (Opera Software AS -> Opera Software)
Task: {AD97146C-8935-4B6F-A674-BC12F6B54875} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {B2A29CFE-90DF-4E63-80F1-CA127A733CAA} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773512 2018-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B4677CA2-4C66-4D74-AA4A-95FB88C97DD2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855944 2018-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B6E18279-78E5-4504-AC59-42FD1EF309BD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [152104 2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {B7915CAD-E8E8-4CB7-9B2C-1F143D34AA7A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {BEC01B20-168C-4FE3-8479-8075F93BA1B7} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3487624 2018-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CD9A589B-5318-4B12-8A46-4C5CB3FCCB63} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855944 2018-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E4DB72D1-0043-49EB-B31E-DA94CE43B7CE} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [152104 2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {F1F7A8C7-C854-46C5-97D4-1C75491820F6} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208400 2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {F245775F-6F8B-47B0-925B-4955D2563BD4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3940232 2019-07-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {F57D2B0A-DA17-482A-812E-EEBFB54B61DA} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773512 2018-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FDD1B207-3AD1-4AF3-A72A-EF49D930A22B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\Windows\Tasks\EPSON L220 Series Update {AD782571-07B2-4C31-97EF-5C10F0ECD0A5}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSN2E.EXE:/EXE:{AD782571-07B2-4C31-97EF-5C10F0ECD0A5} /F:UpdateWORKGROUP\DESKTOP-N04D4TT$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5465d4c7-b0c3-4387-81f8-1bf5ee7de78a}: [NameServer] 45.86.180.227,185.162.93.213,185.4.65.4,116.203.6.218,185.130.104.222,
Tcpip\..\Interfaces\{8ed3a0e4-0889-498b-a181-2b683b5b3714}: [NameServer] 45.86.180.227,185.162.93.213,185.4.65.4,116.203.6.218,185.130.104.222,
Tcpip\..\Interfaces\{8ed3a0e4-0889-498b-a181-2b683b5b3714}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-259461801-381198537-3780377535-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKU\S-1-5-21-259461801-381198537-3780377535-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-259461801-381198537-3780377535-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-259461801-381198537-3780377535-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10454__181118&q={searchTerms}
SearchScopes: HKU\S-1-5-21-259461801-381198537-3780377535-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10454__181118&q={searchTerms}
SearchScopes: HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-06-30] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-06-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-04-03] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - TextAloud Toolbar - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - D:\TextAloud\TAForIE64.dll [2017-07-24] (NEXTUP TECHNOLOGIES, LLC -> NextUp.com)
Toolbar: HKLM-x32 - TextAloud Toolbar - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - D:\TextAloud\TAForIE.dll [2017-07-24] (NEXTUP TECHNOLOGIES, LLC -> NextUp.com)
DPF: HKLM-x32 {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} hxxp://download.gigabyte.com.tw/object/Dldrv.ocx
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-06-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-06-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-06-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-06-14] (Microsoft Corporation -> Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-259461801-381198537-3780377535-1001 -> hxxp://www.google.com

FireFox:
========
FF DefaultProfile: canleoqo.default
FF ProfilePath: C:\Users\Fabri\AppData\Roaming\Mozilla\Firefox\Profiles\canleoqo.default [2019-07-21]
FF user.js: detected! => C:\Users\Fabri\AppData\Roaming\Mozilla\Firefox\Profiles\canleoqo.default\user.js [2019-07-05]
FF Extension: (hotfix-update-xpi-intermediate) - C:\Users\Fabri\AppData\Roaming\Mozilla\Firefox\Profiles\canleoqo.default\Extensions\[email protected] [2019-05-11]
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Fabri\AppData\Roaming\Mozilla\Firefox\Profiles\canleoqo.default\Extensions\[email protected] [2019-03-26]
FF Extension: (Avast Online Security) - C:\Users\Fabri\AppData\Roaming\Mozilla\Firefox\Profiles\canleoqo.default\Extensions\[email protected] [2018-11-17]
FF HKLM\...\Firefox\Extensions: [{5e1bc830-4746-11e5-b970-0800200c9a66}] - D:\TextAloud\TAForFirefox.xpi
FF Extension: (TextAloud for Firefox) - D:\TextAloud\TAForFirefox.xpi [2019-02-11]
FF HKLM-x32\...\Firefox\Extensions: [{5e1bc830-4746-11e5-b970-0800200c9a66}] - D:\TextAloud\TAForFirefox.xpi
FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-06-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-06-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-04-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxps://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxp://www.google.com.ar/","hxxps://mail.ru/cnt/10445?gp=811570","hxxps://www.google.com/"
CHR Profile: C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default [2019-07-21]
CHR Extension: (Presentaciones) - C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-10]
CHR Extension: (Documentos) - C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-10]
CHR Extension: (Google Drive) - C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-10]
CHR Extension: (YouTube) - C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-10]
CHR Extension: (Hojas de cálculo) - C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-10]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-05-11]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-10]
CHR Extension: (Avast Online Security) - C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-04-29]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-10]
CHR Extension: (Gmail) - C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-24]
CHR Profile: C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-07-21]
CHR Profile: C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-07-21]
CHR Extension: (Presentaciones) - C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-12]
CHR Extension: (Documentos) - C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-12]
CHR Extension: (Google Drive) - C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-05-12]
CHR Extension: (YouTube) - C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-12]
CHR Extension: (Tags for YouTube™) - C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dggphokdgjikekfiakjcpidcclbmkfga [2019-05-12]
CHR Extension: (AHA Music - Music Identifier) - C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf [2019-07-17]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-06]
CHR Extension: (Hojas de cálculo) - C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-12]
CHR Extension: (GetThemAll) - C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fhkjfciooifcflkailbnchdaihccdebf [2019-05-12]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-05-12]
CHR Extension: (FromDocToPDF) - C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh [2019-07-21]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-05-12]
CHR Extension: (TextAloud for Chrome) - C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\obcnimnkkpdkbfnnoagjogdollcfnidj [2019-05-12]
CHR Extension: (Lookbox.net) - C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pficdneiegbhgiokmojdaicecljcfehl [2019-05-12]
CHR Extension: (Gmail) - C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-12]
CHR Extension: (Chrome Media Router) - C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-06]
CHR Profile: C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\System Profile [2019-07-21]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [obcnimnkkpdkbfnnoagjogdollcfnidj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6797008 2019-07-04] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-07-04] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [414976 2019-07-04] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-07-04] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\75.0.1447.81\elevation_service.exe [978720 2019-06-11] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-07-04] (AVAST Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-02-19] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11413600 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2018-12-08] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773512 2018-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773512 2018-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074120 2019-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2019-01-17] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2019-01-17] (Microsoft Corporation -> Microsoft Corporation)
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37320 2019-07-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [209256 2019-07-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [263224 2019-07-04] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206056 2019-07-04] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61688 2019-07-04] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [15488 2019-01-06] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279336 2019-07-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42504 2019-07-04] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [169112 2019-07-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-07-04] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88160 2019-07-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030992 2019-07-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477288 2019-07-04] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225816 2019-07-04] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [387392 2019-07-04] (AVAST Software s.r.o. -> AVAST Software)
S3 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [313112 2019-03-14] (Bluestack Systems, Inc. -> Bluestack System Inc. )
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30352 2018-12-01] (Disc Soft Ltd -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
S3 gdrv; C:\Windows\gdrv.sys [25640 2018-11-10] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [35352 2017-01-11] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [199768 2019-07-20] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [224408 2019-07-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73584 2019-07-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-07-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [116112 2019-07-20] (Malwarebytes Corporation -> Malwarebytes)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-08-21] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69544 2018-06-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [604160 2018-04-11] (Microsoft Windows -> Realtek )
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S2 SecDrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [163644 2018-12-12] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [213216 2018-11-08] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46680 2019-01-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [330936 2019-01-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [62136 2019-01-17] (Microsoft Windows -> Microsoft Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [310536 2019-03-20] (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation)
U4 napagent; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-21 00:41 - 2019-07-21 00:43 - 000046903 _____ C:\Users\Fabri\Downloads\FRST.txt
2019-07-21 00:41 - 2019-07-21 00:41 - 000000000 ____D C:\FRST
2019-07-21 00:39 - 2019-07-21 00:39 - 002095104 _____ (Farbar) C:\Users\Fabri\Downloads\FRST64.exe
2019-07-21 00:25 - 2019-07-21 00:25 - 000018060 _____ C:\Users\Fabri\Desktop\ZHPCleaner (R).txt
2019-07-21 00:22 - 2019-07-21 00:22 - 000018263 _____ C:\Users\Fabri\Desktop\ZHPCleaner (S).txt
2019-07-21 00:13 - 2019-07-21 00:31 - 000000000 ____D C:\Users\Fabri\AppData\Roaming\ZHP
2019-07-21 00:13 - 2019-07-21 00:13 - 000000920 _____ C:\Users\Fabri\Desktop\ZHPCleaner.lnk
2019-07-21 00:13 - 2019-07-21 00:13 - 000000000 ____D C:\Users\Fabri\AppData\Local\ZHP
2019-07-21 00:07 - 2019-07-21 00:07 - 003069824 _____ (Nicolas Coolman) C:\Users\Fabri\Downloads\ZHPCleaner.exe
2019-07-20 23:48 - 2019-07-20 23:48 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-07-20 23:48 - 2019-07-20 23:48 - 000224408 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-07-20 23:48 - 2019-07-20 23:48 - 000199768 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-07-20 23:48 - 2019-07-20 23:48 - 000116112 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-07-20 23:48 - 2019-07-20 23:48 - 000073584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-07-20 23:47 - 2019-07-20 23:47 - 000000000 ____D C:\Windows\%LOCALAPPDATA%
2019-07-20 19:34 - 2019-07-20 19:34 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-07-20 19:34 - 2019-07-20 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-20 19:34 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2019-07-20 19:34 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-07-20 19:05 - 2019-07-20 19:05 - 000002051 _____ C:\Users\Fabrizio\Desktop\Registro de productos ASUS.lnk
2019-07-19 23:42 - 2019-07-19 23:42 - 000000000 ____D C:\Users\Fabrizio\Documents\Electronic Arts
2019-07-19 23:42 - 2019-07-19 23:42 - 000000000 ____D C:\Users\Fabrizio\AppData\Local\Origin
2019-07-19 23:25 - 2019-07-19 23:25 - 000083257 _____ C:\Users\Fabrizio\Downloads\cine.pdf
2019-07-19 21:40 - 2019-07-19 21:40 - 000000000 ____D C:\Users\Fabrizio\AppData\Roaming\Sun
2019-07-19 21:27 - 2019-07-19 21:27 - 000000000 ____D C:\Users\Fabrizio\AppData\Roaming\Apple Computer
2019-07-19 21:27 - 2019-07-19 21:27 - 000000000 ____D C:\Users\Fabrizio\AppData\Local\Adobe
2019-07-19 21:26 - 2019-07-19 21:26 - 000000000 ____D C:\Users\Fabrizio\AppData\Local\AVAST Software
2019-07-13 14:10 - 2019-07-13 14:10 - 000000000 ____D C:\Users\Fabri\Downloads\Sound_Fixes_Pack_v19.16_-_Extract_this
2019-07-13 14:05 - 2019-07-13 14:09 - 415255074 _____ C:\Users\Fabri\Downloads\Sound_Fixes_Pack_v19.16_-_Extract_this.7z
2019-07-11 23:09 - 2019-07-11 23:09 - 000000000 _____ C:\Users\Fabri\Desktop\fsdf.txt
2019-07-11 23:07 - 2019-07-11 23:54 - 000000000 ____D C:\Users\Fabri\Documents\ETS2MP
2019-07-11 23:05 - 2019-07-12 21:29 - 000001111 _____ C:\Users\Public\Desktop\TruckersMP.lnk
2019-07-11 23:05 - 2019-07-11 23:05 - 000000000 ____D C:\ProgramData\TruckersMP
2019-07-11 23:05 - 2019-07-11 23:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TruckersMP Launcher

segunda parte del fsrt

2019-07-11 23:05 - 2019-07-11 23:05 - 000000000 ____D C:\Program Files\TruckersMP Launcher
2019-07-11 23:00 - 2019-07-11 23:02 - 000000000 ____D C:\Users\Fabri\Downloads\launcher_1004
2019-07-11 23:00 - 2019-07-11 23:00 - 000667351 _____ C:\Users\Fabri\Downloads\launcher_1004.zip
2019-07-11 12:55 - 2019-07-11 12:55 - 000000000 ____D C:\Users\Fabri\AppData\Local\Origin
2019-07-11 00:43 - 2019-07-11 00:43 - 000000000 ____D C:\Users\Fabri\Downloads\Mercedes-Benz_o403_Arac_v2
2019-07-11 00:28 - 2019-07-11 00:36 - 218509236 _____ C:\Users\Fabri\Downloads\Mercedes-Benz_o403_Arac_v2.zip
2019-07-10 23:58 - 2019-07-10 23:58 - 003283457 _____ C:\Users\Fabri\Downloads\Realistic_Open_Pipe_v_1.6_For_All_SCS_Trucks.scs
2019-07-10 23:14 - 2019-07-10 23:14 - 000000222 _____ C:\Users\Fabri\Desktop\Euro Truck Simulator 2.url
2019-07-10 23:14 - 2019-07-10 23:14 - 000000000 ____D C:\Users\Fabri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-07-10 22:59 - 2019-07-20 19:27 - 000000000 ____D C:\Program Files (x86)\Steam
2019-07-10 22:59 - 2019-07-10 22:59 - 000001032 _____ C:\Users\Public\Desktop\Steam.lnk
2019-07-10 22:59 - 2019-07-10 22:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2019-07-10 22:58 - 2019-07-10 22:58 - 001573568 _____ C:\Users\Fabri\Downloads\SteamSetup.exe
2019-07-10 10:31 - 2019-07-10 10:31 - 000023001 _____ C:\Users\Fabri\Downloads\ResumenNaranja_vto_10_07_19 (1).pdf
2019-07-06 14:16 - 2019-07-06 14:16 - 000022471 _____ C:\Users\Fabri\Downloads\ResumenNaranja_vto_10_07_19.pdf
2019-07-04 20:17 - 2019-07-04 20:17 - 000003856 _____ C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-07-04 20:17 - 2019-07-04 20:17 - 000003272 _____ C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-07-04 20:17 - 2019-07-04 20:17 - 000002568 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-07-04 20:17 - 2019-07-04 20:17 - 000002533 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2019-07-04 20:15 - 2019-07-04 20:16 - 000003656 _____ C:\Windows\System32\Tasks\AvastUpdateTaskMachineUA
2019-07-04 20:15 - 2019-07-04 20:16 - 000003532 _____ C:\Windows\System32\Tasks\AvastUpdateTaskMachineCore
2019-07-04 20:15 - 2019-07-04 20:15 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2019-07-04 20:08 - 2019-07-04 20:08 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-07-04 20:08 - 2019-07-04 20:08 - 000225816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-07-04 20:08 - 2019-07-04 20:08 - 000169112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-07-04 19:22 - 2019-07-04 19:22 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2019-07-04 13:23 - 2019-07-04 13:23 - 241730447 _____ C:\Users\Fabri\Downloads\TP final (BOTTAZZI, BELÉN- GUTIERREZ NUÑEZ, DELFINA) (1).rar
2019-07-04 13:13 - 2019-07-04 13:13 - 241730447 _____ C:\Users\Fabri\Downloads\TP final (BOTTAZZI, BELÉN- GUTIERREZ NUÑEZ, DELFINA).rar
2019-07-03 19:24 - 2019-07-03 19:24 - 000148367 _____ C:\Users\Fabri\Downloads\Programa 2016_ Introduccion_IMA.pdf
2019-07-03 19:24 - 2019-07-03 19:24 - 000148367 _____ C:\Users\Fabri\Downloads\Programa 2016_ Introduccion_IMA (1).pdf
2019-07-03 17:57 - 2019-07-03 17:57 - 000392658 _____ C:\Users\Fabri\Downloads\TP Edad Media y Renacimiento.pdf
2019-07-02 18:21 - 2019-07-03 18:04 - 000000000 ____D C:\Users\Fabri\Documents\Audacity
2019-07-01 21:46 - 2019-07-01 21:46 - 000090694 _____ C:\Users\Fabri\Downloads\Modelo de Parcial 1 - Audioperceptiva I 2019 ok.pdf
2019-07-01 17:20 - 2017-07-08 07:33 - 000000000 ____D C:\Users\Fabri\Downloads\TS3 DTG
2019-06-30 22:09 - 2019-06-30 22:09 - 000000000 ____D C:\Users\Fabri\AppData\Local\Spoon
2019-06-30 22:08 - 2019-06-30 22:08 - 000000000 ____D C:\Users\Fabri\Downloads\GTA V 1.2
2019-06-30 22:01 - 2019-06-30 22:01 - 000000000 ____D C:\Users\Fabri\AppData\Roaming\Sun
2019-06-30 21:45 - 2019-07-04 19:54 - 000000000 ____D C:\Users\Fabri\AppData\Roaming\1337
2019-06-30 21:45 - 2019-07-04 19:54 - 000000000 ____D C:\Program Files (x86)\Botbeetle
2019-06-30 21:45 - 2019-07-04 19:53 - 000000000 ____D C:\Windows\System32\Tasks\System
2019-06-30 21:45 - 2019-06-30 21:47 - 000000000 ____D C:\ProgramData\yh3qzJxj2eMjMapu
2019-06-30 21:45 - 2019-06-30 21:45 - 000000000 ____D C:\ProgramData\Padur
2019-06-30 21:45 - 2019-06-30 21:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Botbeetle
2019-06-30 21:44 - 2019-07-20 23:42 - 000000000 ____D C:\Users\Fabri\AppData\Roaming\prunld8365
2019-06-30 21:43 - 2019-06-30 21:45 - 000000000 ____D C:\Users\Fabri\AppData\Local\Mail.Ru
2019-06-30 21:43 - 2019-06-30 21:45 - 000000000 ____D C:\ProgramData\Mail.Ru
2019-06-30 21:42 - 2019-06-30 21:42 - 006717440 _____ C:\Users\Fabri\Downloads\save_wizard_crack_license_key___activat_78f9fe2274859682f-74512-5ad0a114.iso
2019-06-30 21:34 - 2019-06-30 21:34 - 000002141 _____ C:\Users\Fabri\Desktop\Save Wizard for PS4 MAX.lnk
2019-06-30 21:34 - 2019-06-30 21:34 - 000000000 ____D C:\Users\Fabri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DataPower
2019-06-30 21:34 - 2019-06-30 21:34 - 000000000 ____D C:\Program Files (x86)\DataPower
2019-06-30 21:33 - 2019-06-30 21:34 - 009204850 _____ C:\Users\Fabri\Downloads\GTA V 1.2.rar
2019-06-30 21:33 - 2019-06-30 21:33 - 000000000 ____D C:\Users\Fabri\Downloads\swps4max
2019-06-30 21:31 - 2019-06-30 21:31 - 003526641 _____ C:\Users\Fabri\Downloads\swps4max.zip
2019-06-27 12:00 - 2019-06-27 12:00 - 009898428 _____ C:\Users\Fabri\Downloads\Matisse Reik - Eres Tú (Lyric Video).mp4
2019-06-27 11:45 - 2019-07-21 00:05 - 000002278 _____ C:\Windows\System32\Tasks\GPU Tweak II
2019-06-26 21:43 - 2019-06-26 21:43 - 000290946 _____ C:\Users\Fabri\Downloads\CUIDADO DE LA VOZ.jpeg
2019-06-26 20:58 - 2019-06-26 20:58 - 002465066 _____ C:\Users\Fabri\Downloads\Instructivo-Inscripción-Junta-Inicial-y-Primaria (2).pdf
2019-06-26 20:54 - 2019-06-26 20:54 - 000096366 _____ C:\Users\Fabri\Downloads\Escuelas-Bases-Capital-ÔÇô-Nivel-Primario.pdf
2019-06-26 20:53 - 2019-06-26 20:53 - 000305115 _____ C:\Users\Fabri\Downloads\Formulario-Inscripcion-Traslado-Comun-Inicial.pdf
2019-06-26 20:53 - 2019-06-26 20:53 - 000146267 _____ C:\Users\Fabri\Downloads\Cuadro-Resumen-de-Escuelas-Bases-Inicial-y-Primario.pdf
2019-06-26 20:24 - 2019-06-26 20:24 - 000181147 _____ C:\Users\Fabri\Downloads\2-Armado-de-carpeta-para-Inscripci¦n-y-documentaci¦n-para-Reinscripci¦n.pdf
2019-06-26 20:20 - 2019-06-26 20:20 - 000154323 _____ C:\Users\Fabri\Downloads\00000000000003387074240MGNVRZVU8VAW8N1D6.pdf
2019-06-26 20:12 - 2019-06-26 20:12 - 002465066 _____ C:\Users\Fabri\Downloads\Instructivo-Inscripción-Junta-Inicial-y-Primaria (1).pdf
2019-06-25 21:05 - 2019-06-25 21:05 - 002465066 _____ C:\Users\Fabri\Downloads\Instructivo-Inscripción-Junta-Inicial-y-Primaria.pdf
2019-06-24 22:27 - 2019-06-24 22:28 - 000089736 _____ C:\Users\Fabri\Downloads\Hoja Modelo Evaluaciones - AUDIOPERCEPTIVA I 2019 - UNC OK.pdf
2019-06-24 20:09 - 2019-06-24 20:09 - 000548775 _____ C:\Users\Fabri\Downloads\PES 6 INFINITTY - Copa América Online.rar
2019-06-24 20:09 - 2019-06-24 20:09 - 000000000 ____D C:\Users\Fabri\Downloads\PES 6 INFINITTY - Copa América Online
2019-06-24 20:02 - 2019-06-24 20:16 - 000000000 ____D C:\Users\Fabri\Downloads\2 Estadios IPP6, Premier y Superliga
2019-06-24 19:29 - 2019-06-24 20:01 - 1360814330 _____ C:\Users\Fabri\Downloads\2 Estadios IPP6, Premier y Superliga.zip
2019-06-24 19:27 - 2019-06-24 19:27 - 000000000 ____D C:\Users\Fabri\Downloads\PES 6 INFINITTY - Estadios Copa América Brasil 2019
2019-06-24 19:13 - 2019-06-24 19:14 - 000000000 ____D C:\Users\Fabri\Downloads\IPP6 Copa América 2019 - Ejecutables, Option file
2019-06-24 19:12 - 2019-06-24 19:12 - 000000000 ____D C:\Users\Fabri\Downloads\PES 6 INFINITTY -  Kitserver - Copa América Brasil 2019
2019-06-24 19:09 - 2019-06-24 19:09 - 000000000 ____D C:\Users\Fabri\Downloads\PES 6 INFINITTY - DAT- Copa América Brasil 2019
2019-06-24 19:08 - 2019-06-24 19:13 - 154208584 _____ C:\Users\Fabri\Downloads\PES 6 INFINITTY - Estadios Copa América Brasil 2019.rar
2019-06-24 19:06 - 2019-06-24 19:06 - 028302330 _____ C:\Users\Fabri\Downloads\IPP6 Copa América 2019 - Ejecutables, Option file.rar
2019-06-24 18:25 - 2019-06-24 19:08 - 1743375554 _____ C:\Users\Fabri\Downloads\PES 6 INFINITTY -  Kitserver - Copa América Brasil 2019.rar
2019-06-24 17:35 - 2019-06-24 18:27 - 2100023881 _____ C:\Users\Fabri\Downloads\PES 6 INFINITTY - DAT- Copa América Brasil 2019.zip
2019-06-24 17:34 - 2019-06-24 17:34 - 000005372 _____ C:\Users\Fabri\Downloads\PES 6 INFINITTY - Copa América.txt
2019-06-24 17:32 - 2019-06-24 17:32 - 000000000 ____D C:\Users\Fabri\Downloads\kitserver by tu play channel resubido
2019-06-24 17:28 - 2019-06-24 17:28 - 000000467 _____ C:\Users\Fabri\Desktop\Pro Evolution Soccer 6.lnk
2019-06-24 17:28 - 2019-06-24 17:28 - 000000000 ____D C:\Users\Fabri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KONAMI
2019-06-24 00:50 - 2019-06-24 00:50 - 000468606 _____ C:\Users\Fabri\Downloads\CalentamientoVocal2019- Clase (1).pdf
2019-06-24 00:05 - 2019-06-24 00:05 - 002571589 _____ C:\Users\Fabri\Downloads\TPN°1 Corregidos.rar
2019-06-23 16:53 - 2019-06-23 16:53 - 000468606 _____ C:\Users\Fabri\Downloads\CalentamientoVocal2019- Clase.pdf
2019-06-23 16:53 - 2019-06-23 16:53 - 000186636 _____ C:\Users\Fabri\Downloads\Warm-ups-.pdf
2019-06-23 16:52 - 2019-06-23 16:53 - 000090483 _____ C:\Users\Fabri\Downloads\Calentamiento-Guzmán.pdf
2019-06-21 14:25 - 2019-06-21 14:25 - 000000000 ____D C:\Users\Fabri\Downloads\PES_2013_Editor_v2.0
2019-06-21 14:24 - 2019-06-21 14:24 - 021671764 _____ C:\Users\Fabri\Downloads\PES_2013_Editor_v2.0.rar

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-21 00:30 - 2018-04-11 20:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-21 00:25 - 2018-12-08 22:18 - 000000000 ____D C:\Program Files (x86)\QuickTime
2019-07-21 00:10 - 2019-02-18 12:21 - 000004264 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-07-21 00:09 - 2018-11-30 22:30 - 000001044 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-07-21 00:05 - 2019-06-18 23:56 - 000003026 _____ C:\Windows\System32\Tasks\Java Update Scheduler
2019-07-21 00:05 - 2019-05-25 21:14 - 000002854 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-259461801-381198537-3780377535-1006
2019-07-21 00:05 - 2019-05-25 20:34 - 000002854 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-259461801-381198537-3780377535-1005
2019-07-21 00:05 - 2019-04-21 14:14 - 000003518 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1550343673
2019-07-21 00:05 - 2019-03-22 18:48 - 000002962 _____ C:\Windows\System32\Tasks\BlueStacksHelper
2019-07-21 00:05 - 2019-03-09 15:46 - 000003764 _____ C:\Windows\System32\Tasks\Opera scheduled assistant Autoupdate 1552157179
2019-07-21 00:05 - 2018-11-30 22:30 - 000003194 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-07-21 00:05 - 2018-11-30 22:30 - 000002234 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-07-21 00:05 - 2018-11-17 23:20 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-07-21 00:05 - 2018-11-10 01:17 - 000003484 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-07-21 00:05 - 2018-11-10 01:17 - 000003260 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-07-20 23:48 - 2019-06-08 16:03 - 000000000 ____D C:\Users\Fabri\Downloads\opera autoupdate
2019-07-20 23:43 - 2018-11-10 01:10 - 000000000 ____D C:\ProgramData\NVIDIA
2019-07-20 23:43 - 2018-11-10 00:51 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-20 23:43 - 2018-11-10 00:51 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-07-20 23:41 - 2018-04-11 18:04 - 000786432 _____ C:\Windows\system32\config\BBI
2019-07-20 19:34 - 2018-04-11 20:38 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-07-20 19:27 - 2018-11-10 14:38 - 000000000 ____D C:\Users\Fabri\AppData\Local\CrashDumps
2019-07-20 19:27 - 2018-04-11 20:36 - 000000000 ____D C:\Windows\INF
2019-07-19 23:30 - 2018-04-11 20:38 - 000000000 ____D C:\Windows\AppReadiness
2019-07-19 21:28 - 2019-05-25 21:14 - 000000000 ___RD C:\Users\Fabrizio\OneDrive
2019-07-19 21:28 - 2019-05-25 21:08 - 000002451 _____ C:\Users\Fabrizio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-19 21:26 - 2019-05-25 21:09 - 000000000 ___RD C:\Users\Fabrizio\3D Objects
2019-07-19 21:26 - 2018-11-10 01:07 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-17 15:26 - 2019-02-16 16:01 - 000001472 _____ C:\Users\Fabri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2019-07-13 02:01 - 2018-11-14 12:41 - 000000000 ____D C:\Users\Fabri\Documents\Euro Truck Simulator 2
2019-07-12 15:30 - 2019-05-31 20:26 - 000000000 ____D C:\Program Files\Cheat Engine 6.8.3
2019-07-11 00:52 - 2018-04-11 20:38 - 000000000 ____D C:\Windows\LiveKernelReports
2019-07-04 20:15 - 2018-11-17 23:21 - 000000000 ____D C:\Users\Fabri\AppData\Local\AVAST Software
2019-07-04 20:08 - 2019-02-18 12:21 - 001030992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-07-04 20:08 - 2019-02-18 12:21 - 000477288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-07-04 20:08 - 2019-02-18 12:21 - 000387392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-07-04 20:08 - 2019-02-18 12:21 - 000279336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-07-04 20:08 - 2019-02-18 12:21 - 000263224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-07-04 20:08 - 2019-02-18 12:21 - 000209256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-07-04 20:08 - 2019-02-18 12:21 - 000206056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-07-04 20:08 - 2019-02-18 12:21 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-07-04 20:08 - 2019-02-18 12:21 - 000088160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-07-04 20:08 - 2019-02-18 12:21 - 000061688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-07-04 20:08 - 2019-02-18 12:21 - 000042504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-07-04 20:08 - 2019-02-18 12:21 - 000037320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-07-04 20:03 - 2018-04-11 20:38 - 000000000 ____D C:\Windows\system32\NDF
2019-07-04 14:23 - 2019-03-08 18:33 - 000000000 ____D C:\Users\Fabri\AppData\Roaming\audacity
2019-07-03 18:24 - 2018-04-11 20:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-07-02 20:06 - 2018-12-11 13:45 - 000000000 ____D C:\Users\Fabri\AppData\Local\ElevatedDiagnostics
2019-07-01 21:38 - 2018-12-01 17:47 - 000000000 ____D C:\Users\Fabri\AppData\Roaming\DAEMON Tools Lite
2019-07-01 14:30 - 2018-11-14 16:26 - 000000000 ____D C:\Users\Fabri\Documents\Electronic Arts
2019-07-01 13:30 - 2018-11-10 02:05 - 000000000 ___RD C:\Users\Fabri\Desktop\Juegos
2019-07-01 11:25 - 2018-11-10 13:48 - 000000000 ____D C:\Program Files\WinRAR
2019-07-01 11:25 - 2018-11-10 00:51 - 005066472 _____ C:\Windows\system32\FNTCACHE.DAT
2019-06-30 22:01 - 2019-03-10 15:13 - 000110968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2019-06-30 22:01 - 2019-03-10 15:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-06-30 22:00 - 2019-03-10 15:12 - 000000000 ____D C:\Program Files\Java
2019-06-30 21:51 - 2018-11-10 13:48 - 000000000 ____D C:\Users\Fabri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-06-30 21:51 - 2018-11-10 13:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-06-30 21:44 - 2018-04-11 20:38 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-06-30 21:44 - 2018-04-11 20:38 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2019-06-29 20:08 - 2018-11-11 19:46 - 000000000 ____D C:\Program Files\Microsoft Office
2019-06-26 17:48 - 2018-04-11 20:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-06-26 12:24 - 2018-11-10 01:07 - 000000000 ____D C:\Users\Fabri\AppData\Local\Packages
2019-06-24 19:14 - 2019-06-15 22:05 - 000000000 ____D C:\Users\Fabri\Documents\KONAMI
2019-06-24 17:30 - 2018-11-10 01:13 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-06-21 14:15 - 2019-04-19 18:55 - 000000000 ____D C:\Users\Fabri\Desktop\Guardado

==================== Files in the root of some directories ================

2018-12-25 13:36 - 2018-12-26 00:12 - 000000036 _____ () C:\Users\Fabri\AppData\Roaming\WB.CFG
2018-12-08 22:58 - 2018-12-08 22:58 - 000003584 _____ () C:\Users\Fabri\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-12-01 19:06 - 2018-12-01 19:06 - 000000000 ___SH () C:\Users\Fabri\AppData\Local\LumaEmu
2019-01-15 21:44 - 2019-01-15 21:44 - 000002860 _____ () C:\Users\Fabri\AppData\Local\{CE2B0F99-D521-47D9-9A8B-38F3C43389C9}

==================== FLock ================

2018-11-10 01:02 C:\Windows\CSC

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Hola @Elvio_Bottazzi

Faltaría el reporte de Addition.txt que debes tener en tu escritorio.

Para que te sea mas fácil pegarlo utiliza el 4 Método de la Guía:

Salu2

perdon, si tienes razon aca va:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by Fabri (21-07-2019 00:43:44)
Running from C:\Users\Fabri\Downloads
Windows 10 Pro Version 1803 17134.829 (X64) (2018-11-10 04:01:05)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-259461801-381198537-3780377535-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-259461801-381198537-3780377535-503 - Limited - Disabled)
elvio (S-1-5-21-259461801-381198537-3780377535-1002 - Limited - Disabled)
Fabri (S-1-5-21-259461801-381198537-3780377535-1001 - Administrator - Enabled) => C:\Users\Fabri
Fabrizio (S-1-5-21-259461801-381198537-3780377535-1006 - Limited - Enabled) => C:\Users\Fabrizio
Invitado (S-1-5-21-259461801-381198537-3780377535-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-259461801-381198537-3780377535-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\uTorrent) (Version: 3.5.5.45231 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\uTorrent) (Version: 3.5.5.45231 - BitTorrent Inc.)
Actualización de NVIDIA 33.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 33.2.0.0 - NVIDIA Corporation) Hidden
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.0.2 - Electronic Arts, Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach)
ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.4.5.2 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.4.5.2 - ASUSTek COMPUTER INC.)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.031 - ASUSTek Computer Inc.)
aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.3.1 (HKLM-x32\...\Audacity_is1) (Version: 2.3.1 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.6.2383 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 75.0.1447.81 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.5.245.0 - AVAST Software) Hidden
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandicam.com)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.60.3.1001 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Botbeetle version 5.36 (HKLM-x32\...\{4F9797DC-EAC9-4263-88E5-8E680394D94D}_is1) (Version: 5.36 - Octagon Trade)
Call of Duty(R) 2 (HKLM-x32\...\{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision)
Camtasia Studio 8 (HKLM-x32\...\{BFA04EE0-8240-4667-8D53-45496A901C33}) (Version: 8.1.2.1327 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.59 - Piriform)
Cheat Engine 6.8.3 (HKLM\...\Cheat Engine 6.8.3_is1) (Version:  - Cheat Engine)
Cities Skylines Industries (HKLM-x32\...\Cities Skylines Industries_is1) (Version:  - )
CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
Compatibilidad con Aplicaciones de Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
CpuCoreParking (HKLM-x32\...\{0984C56D-2985-4786-AB62-39AB985E269C}) (Version: 2.1.2.0 - CpuCoreParking)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
Desinstalar impresora EPSON L220 Series (HKLM\...\EPSON L220 Series) (Version:  - SEIKO EPSON Corporation)
Discord (HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Discord (HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\Discord) (Version: 0.0.305 - Discord Inc.)
DiskProtect12588 version 13.88 (HKLM-x32\...\{DB6D6FDD-2A25-4775-A388-DA3BD623BDD3}_is1) (Version: 13.88 - )
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.8.0.0 - Electronic Arts)
Epic Games Launcher (HKLM-x32\...\{3EB077E6-4FDC-4E90-8BCA-FD19BB7624BF}) (Version: 1.1.183.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Facebook (HKLM-x32\...\Facebook) (Version:  - )
FIFA 19 - CM Cheat Table (HKLM\...\{95933331-8877-4F13-8CA6-A9B564CC3793}) (Version: 1.3.1 - Aranaktu)
FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.58.64628 - Electronic Arts)
Geometry Dash v2.11 (HKLM-x32\...\vsetop.com Geometry Dash v2.11_is1) (Version: 2.11 - VseTop.Com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Half-Life Episode Two 1.0 (HKLM-x32\...\{73B7FFA7-3A2E-4493-8775-BE1E73E0937D}_is1) (Version:  - Evoshare)
Half-Life(R) 2 (HKLM-x32\...\{D45EC259-4A19-4656-B588-C2C360DD18EA}) (Version: 1.0.0.0 - Valve)
InputMapper (HKLM-x32\...\{026D2025-A7FA-4F5C-AF8C-A6F7A9B917FC}) (Version: 1.6.10.19991 - DSDCS)
Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Jingle Keyboard (HKLM-x32\...\Jingle Keyboard_is1) (Version: 2.4 - www.JingleKeys.com)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Los Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Main service (HKLM-x32\...\{EF758C50-5FA2-4B0A-86D3-8B65B176BC53}) (Version:  - )
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft Office Profesional 2016 - es-es (HKLM\...\ProfessionalRetail - es-es) (Version: 16.0.11727.20230 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110C0A-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-259461801-381198537-3780377535-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234604214\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{2D1ED4EA-B59D-4665-ACB3-9325872A300D}) (Version: 1.0.4.0 - Mojang)
Minecraft Launcher (HKLM-x32\...\{E154B2C8-2F3E-4763-B3D5-E7D34AE39C6B}) (Version: 1.0.0.0 - Mojang)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version:  - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: 5.2.0.2770 - Native Instruments)
Native Instruments Guitar Rig Mobile IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Mobile IO Driver) (Version:  - Native Instruments)
Native Instruments Guitar Rig Session IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Session IO Driver) (Version:  - Native Instruments)
Native Instruments Rig Kontrol 3 Driver (HKLM-x32\...\Native Instruments Rig Kontrol 3 Driver) (Version:  - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.4.4.1428 - Native Instruments)
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version:  - )
Need for Speed™ Most Wanted (HKLM-x32\...\{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}) (Version:  - )
Nox APP Player (HKLM-x32\...\Nox) (Version: 6.2.7.1 - Duodian Technology Co. Ltd.)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden
NVIDIA Controlador de audio HD 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.15.0.186 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.186 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.1.0 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Opera Stable 62.0.3331.72 (HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\Opera 62.0.3331.72) (Version: 62.0.3331.72 - Opera Software)
Opera Stable 62.0.3331.72 (HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\Opera 62.0.3331.72) (Version: 62.0.3331.72 - Opera Software)
Oracle VM VirtualBox 5.2.22 (HKLM\...\{85307853-1C18-4D00-AA0B-B561502BD7C0}) (Version: 5.2.22 - Oracle Corporation)
Photoshop CS6 versión CS6 (HKLM-x32\...\{1DA2D31E-B99C-49CF-86D1-C6378F49A523}_is1) (Version: CS6 - Developer Todo Facil)
Photoshop Cs6 versión Final (HKLM-x32\...\{5CF1F901-ED27-4C34-A9CE-A10E8C1DDDB2}_is1) (Version: Final - Braian Urzagaste)
Pro Evolution Soccer 2013 (HKLM-x32\...\{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}) (Version: 1.00.0000 - KONAMI)
Pro Evolution Soccer 6 (HKLM-x32\...\{EBB794ED-D282-4334-92FB-254481EFF514}) (Version: 1.00.0000 - KONAMI) Hidden
Pro Evolution Soccer 6 (HKLM-x32\...\InstallShield_{EBB794ED-D282-4334-92FB-254481EFF514}) (Version: 1.00.0000 - KONAMI)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7989 - Realtek Semiconductor Corp.)
Save Wizard for PS4 MAX  (HKLM-x32\...\{5DF30E22-0D6B-4E56-B777-2E4B1178BC4F}) (Version: 1.1.0.0 - DataPower)
SimCity 4 (HKLM-x32\...\{01339AE5-04D4-43F8-008E-13AD788DC4F7}) (Version:  - )
Software para dispositivos de chipset Intel® (HKLM-x32\...\{a2167b7c-e567-4ae5-9c88-8e1349a01363}) (Version: 10.1.1.45 - Intel(R) Corporation) Hidden
Startup Sound Changer (HKLM-x32\...\Startup Sound Changer) (Version: 1.0 - hxxp://winreview.ru/)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TextAloud 4.0 (HKLM-x32\...\{2d52d1c9-9281-4e32-8bfb-018332abcba7}_is1) (Version: 4.0.28.0 - NextUp.com)
The Sims 2 Ultimate Collection versión 1.17.0.66 (HKLM-x32\...\The Sims 2 Ultimate Collection_is1) (Version: 1.17.0.66 - EA Games)
The Sims 3 Complete Collection version 1.67.2 (HKLM-x32\...\The Sims 3 Complete Collection_is1) (Version: 1.67.2 - Mr DJ)
The Sims 4 Digital Deluxe Edition MULTi17 - ElAmigos versión 1.47.49 (HKLM-x32\...\{27B947C0-320C-4997-9681-1E7010A15896}_is1) (Version: 1.47.49 - EA Games)
The Sims Complete Collection v1.91 (HKLM-x32\...\The Sims Complete Collection_is1) (Version:  - )
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Uso a distancia de tu PS4 (HKLM-x32\...\{2571934F-1135-4D9F-996A-332AEE68593A}) (Version: 2.8.0.03041 - Sony Interactive Entertainment Inc.)
WhatsApp (HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\WhatsApp) (Version: 0.3.2848 - WhatsApp)
WhatsApp (HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\WhatsApp) (Version: 0.3.2848 - WhatsApp)
Windows 7 Games for Windows 10 and 8 (HKLM\...\Win7Games) (Version: 2.0 - hxxp://winaero.com)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Wondershare Filmora9(Build 9.0.7) (HKLM\...\Wondershare Filmora9_is1) (Version:  - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
XSplit Gamecaster (HKLM-x32\...\{8915913F-E4AF-46C5-B4EF-3535D83BFFDE}) (Version: 2.5.1507.3018 - SplitmediaLabs)
Служба автоматического обновления программ (HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\MailRuUpdater) (Version:  - Mail.Ru) <==== ATTENTION
Служба автоматического обновления программ (HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MailRuUpdater) (Version:  - Mail.Ru) <==== ATTENTION

Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.15.13.0_x86__kgqvnymyfvs32 [2019-06-26] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1541.3.0_x86__kgqvnymyfvs32 [2019-07-03] (king.com)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-31] (Microsoft Corporation) [MS Ad]
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.520.0_x64__rz1tebttyb220 [2019-03-12] (Dolby Laboratories)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa [2019-05-29] (Apple Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Noticias -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11723.0_x64__8wekyb3d8bbwe [2019-06-26] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-16] (Microsoft Studios) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
MuseScore 3 -> C:\Program Files\WindowsApps\64051MuseScoreBVBA.MuseScoreNotationSoftware_3.0.5.0_x64__pz631wrhsw9tj [2019-05-27] (MuseScore BVBA)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.478.0_x64__mcm4njqhnhss8 [2019-06-26] (Netflix, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-259461801-381198537-3780377535-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-259461801-381198537-3780377535-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-259461801-381198537-3780377535-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-259461801-381198537-3780377535-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-259461801-381198537-3780377535-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-259461801-381198537-3780377535-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Fabri\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-07] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Fabri\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-07] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Fabri\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-07] (Mega Limited -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-04] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Fabri\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-07] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Fabri\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-07] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Fabri\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-07] (Mega Limited -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-04] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Fabri\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-07] (Mega Limited -> )
ContextMenuHandlers1: [TextAloud] -> {BF31B0FB-AE0E-488F-BFD6-416FA2F9915F} => D:\TextAloud\TAContextMenu64.dll [2017-03-31] (NEXTUP TECHNOLOGIES, LLC -> NextUp.com)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Fabri\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-07] (Mega Limited -> )
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-04] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Fabri\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-07] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Fabri\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-07] (Mega Limited -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-04] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Fabri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DataPower\Save Wizard for PS4 MAX\Manual - Save Wizard for PS4 MAX.lnk -> hxxp://www.savewizard.net/manuals/swps4m

ShortcutWithArgument: C:\Users\Fabri\Desktop\Facebook.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --app=hxxps://www.facebook.com/campaign/landing.php?campaign_id=572665646222743&keyword=zg7ycoJT0gqDV9V6%2FSGnDopU1X%2BdFPI7hlWmfoJXp3%2BNV6R%2FiFagd4tSsCDdAfM9hiH3LN4F%2BSDQOMEq2QbmP50E5CyIVat%2Bi1emeYlTpn6D%2FlEAAAC7Z5ZP&extra_2=AR&placement=100&creative=O
ShortcutWithArgument: C:\Users\Fabri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook\Facebook.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --app=hxxps://www.facebook.com/campaign/landing.php?campaign_id=572665646222743&keyword=zg7ycoJT0gqDV9V6%2FSGnDopU1X%2BdFPI7hlWmfoJXp3%2BNV6R%2FiFagd4tSsCDdAfM9hiH3LN4F%2BSDQOMEq2QbmP50E5CyIVat%2Bi1emeYlTpn6D%2FlEAAAC7Z5ZP&extra_2=AR&placement=100&creative=O
ShortcutWithArgument: C:\Users\Fabri\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\facebook.lnk -> C:\Users\Fabri\AppData\Local\Programs\Opera\launcher.exe (Opera Software) -> www.facebook.com
ShortcutWithArgument: C:\Users\Fabri\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\ByAngel - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) ==============


==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [119]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-259461801-381198537-3780377535-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice => regfile
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice => regfile

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-11 20:38 - 2019-07-21 00:24 - 000000959 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1       localhost
77.72.169.211 we9stun.winning-eleven.net          # Stunserver	
80.211.157.169 pes6gate-ec.winning-eleven.net    #Pes6Stars Server

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\QuickTime\QTSystem\
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234559964\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-259461801-381198537-3780377535-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Fabri\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\Control Panel\Desktop\\Wallpaper -> C:\Users\Fabri\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-259461801-381198537-3780377535-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234604214\Control Panel\Desktop\\Wallpaper -> C:\Users\Fabrizio\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 45.86.180.227 - 185.162.93.213
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "RazerCortex"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\StartupApproved\Run: => "electron.app.Filesafer"
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\StartupApproved\Run: => "electron.app.Filesafer"
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\StartupApproved\Run: => "Opera Browser Assistant"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A803C822-2CDF-4048-B0EC-B05327733C89}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7E035A32-1680-45B8-A6B5-0796DB118EB2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E20055B1-A10D-43D8-A13A-DF698852767D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C868237F-9091-4147-8630-9518CB0E14AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{79EC9D8E-DD25-43EB-A22A-74A49CEDF2A5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{54250153-DD07-455A-93AA-22B3898E3A39}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{F05B5A53-FF6E-4EEA-9D90-522D1B7C9836}D:\instalacion juegos\half life 2 by luis93mk\hl2.exe] => (Allow) D:\instalacion juegos\half life 2 by luis93mk\hl2.exe No File
FirewallRules: [UDP Query User{18D3DDA2-9C6C-462E-80E4-E3A950604589}D:\instalacion juegos\half life 2 by luis93mk\hl2.exe] => (Allow) D:\instalacion juegos\half life 2 by luis93mk\hl2.exe No File
FirewallRules: [TCP Query User{275964EB-0F84-4FCB-B393-DAF5B7D5D35B}C:\users\fabri\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\fabri\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{D9B36201-2106-4CDD-AE4A-BACE943F8E3D}C:\users\fabri\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\fabri\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{FD3B6135-8439-4CB2-860F-5D44E20234C0}C:\users\fabri\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\fabri\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{80055B4A-872A-4FF6-A5AD-D52C533B4BE5}C:\users\fabri\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\fabri\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{53D1254F-F685-42FD-9418-02220B7EAEF0}D:\instalacion juegos\half life 2 by luis93mk\hl2.exe] => (Block) D:\instalacion juegos\half life 2 by luis93mk\hl2.exe No File
FirewallRules: [UDP Query User{8CC56BF3-52F0-4698-B15E-C5BE6C53CFAA}D:\instalacion juegos\half life 2 by luis93mk\hl2.exe] => (Block) D:\instalacion juegos\half life 2 by luis93mk\hl2.exe No File
FirewallRules: [{3C88C497-E295-4F38-B50E-2A1F5EBF70C4}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D3545924-5715-4BA2-903B-8C54511B170E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{8B1A8674-BEAE-44BE-966C-918DFA4441FA}D:\instalacion juegos\carshow\carshow\rfactor.exe] => (Allow) D:\instalacion juegos\carshow\carshow\rfactor.exe No File
FirewallRules: [UDP Query User{0AB554F7-4042-4546-B474-D41BCCBD4A41}D:\instalacion juegos\carshow\carshow\rfactor.exe] => (Allow) D:\instalacion juegos\carshow\carshow\rfactor.exe No File
FirewallRules: [TCP Query User{568CC517-B89B-46CF-9CCE-C22026693149}D:\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\the sims 4\game\bin\ts4_x64.exe No File
FirewallRules: [UDP Query User{527E5FC8-4BFE-430D-8D58-6394ED27C25D}D:\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\the sims 4\game\bin\ts4_x64.exe No File
FirewallRules: [{054419D0-9A76-4514-8424-16E60E980AE1}] => (Allow) D:\FIFA 19\FIFASetup\fifaconfig.exe No File
FirewallRules: [{C67D17C7-9F70-4AAA-ADEA-23965253C1FB}] => (Allow) D:\FIFA 19\FIFASetup\fifaconfig.exe No File
FirewallRules: [TCP Query User{7A2F5C3A-F440-49BF-87CD-54DB23816720}D:\fifa 19\fifa19.exe] => (Block) D:\fifa 19\fifa19.exe No File
FirewallRules: [UDP Query User{1C48D45E-33C1-4749-9771-215161CF4AB8}D:\fifa 19\fifa19.exe] => (Block) D:\fifa 19\fifa19.exe No File
FirewallRules: [TCP Query User{7AC62451-DB1A-4EA1-ACB7-5A1CAAC77786}D:\instalacion juegos\maxis\simcity 3000 world edition\apps\updater\updater.exe] => (Allow) D:\instalacion juegos\maxis\simcity 3000 world edition\apps\updater\updater.exe No File
FirewallRules: [UDP Query User{070F9E64-6AE0-412D-B54D-34E3762D51C0}D:\instalacion juegos\maxis\simcity 3000 world edition\apps\updater\updater.exe] => (Allow) D:\instalacion juegos\maxis\simcity 3000 world edition\apps\updater\updater.exe No File
FirewallRules: [TCP Query User{1FB0DC29-F883-47DA-B0D6-42B0DE803C40}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{FD518173-1748-4F5D-B49D-4DE19CD43340}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{4006C5D0-F6DB-482E-91FF-DBBC623B7CD9}D:\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{B8F78F5B-67AC-47E4-BC89-F11414274BB0}D:\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{49C0E1B0-DEAC-4DB9-AB82-358B5BE1AB1D}] => (Allow) D:\Program Files\Nox\bin\Nox.exe (Nox Limited -> Duodian Technology Co. Ltd.)
FirewallRules: [{4385C767-06F0-425E-B4F3-61E9268E722D}] => (Allow) C:\Program Files (x86)\\Bignox\\BigNoxVM\\RT\NoxVMHandle.exe (Nox Limited -> BigNox Corporation)
FirewallRules: [{0B4EC57B-883D-45AC-8FA8-9798541EDEA9}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{42228C7A-20D0-4CD6-B52B-CBA013E530C3}] => (Allow) C:\Program Files (x86)\Sony\PS4 Remote Play\RemotePlay.exe (Sony Interactive Entertainment Inc. -> Sony Interactive Entertainment Inc.)
FirewallRules: [{65E6C506-5EAC-4895-BDCC-AA135D36652C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4C145954-B3B8-4B32-9E31-382F328CD796}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{81915ECA-AC18-4E96-ABA2-EC8E42E952AA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{16344E04-669F-4363-8738-5E898F43A39A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{36AA6C77-E0BE-43BC-B149-D32C6DBBFE55}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{954EF085-55DD-40C1-A0C4-827A7BC0D1D7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E8F9E813-236E-49B2-8930-4920517B58C1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{366B542C-4EE6-4374-A5FD-944901042B7E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D6161B48-0E7B-4E28-923B-1D625A917843}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4BE1E54E-EB25-448A-B4BF-74B1C84A4C45}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5CF45265-9F5F-45F2-8459-55556442C7B9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E3F0CA01-541E-442B-B21A-EF9D91C7F32A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{80A6F373-FF03-4D3F-A5EC-F2A78B245821}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{01A53E27-BF76-419B-8F51-9C5C655A9757}] => (Allow) D:\EL MEJOR PES DE LA HISTORIA\pes2013.exe No File
FirewallRules: [{91E83087-D630-4366-A77B-7DA408287624}] => (Allow) D:\EL MEJOR PES DE LA HISTORIA\pes2013.exe No File
FirewallRules: [{0057A6DC-D32B-4EB4-912A-A09EEE72B731}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EEFAA767-1206-4318-B08A-3B72AE6A83E1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{7B68E750-30BE-46B6-8BFD-0D9201560DFC}D:\juegos\half life 2 by luis93mk\hl2.exe] => (Allow) D:\juegos\half life 2 by luis93mk\hl2.exe () [File not signed]
FirewallRules: [UDP Query User{91BC6CD2-677C-40A7-9F49-B5E3BBABC340}D:\juegos\half life 2 by luis93mk\hl2.exe] => (Allow) D:\juegos\half life 2 by luis93mk\hl2.exe () [File not signed]
FirewallRules: [TCP Query User{DF9C077D-D3D6-4855-83C5-236C67F1D8C3}D:\juegos\fifa 19\fifa19.exe] => (Allow) D:\juegos\fifa 19\fifa19.exe (Electronic Arts) [File not signed]
FirewallRules: [UDP Query User{87FFA47A-74F9-473F-8293-89F368ABC848}D:\juegos\fifa 19\fifa19.exe] => (Allow) D:\juegos\fifa 19\fifa19.exe (Electronic Arts) [File not signed]
FirewallRules: [TCP Query User{60EDBE06-A134-49BF-A1B6-CFE104D524BB}D:\juegos\pes 6\pes6.exe] => (Allow) D:\juegos\pes 6\pes6.exe (IPP6-tongaesbolso) [File not signed]
FirewallRules: [UDP Query User{370837DE-46C6-4B6B-800C-E2E596DCCF7B}D:\juegos\pes 6\pes6.exe] => (Allow) D:\juegos\pes 6\pes6.exe (IPP6-tongaesbolso) [File not signed]
FirewallRules: [{074E0497-7E56-4EA8-89A3-BE0A76A533C6}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{6EA54008-FB81-4C30-9D16-C37893AE7881}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E5B22B91-52CF-44DC-8B6D-EAD5168414F9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{9DF6C1A8-BF46-4F56-B8CE-56B06500EA28}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D6DAD4DB-5959-4D9C-A0DF-1D3111C2A95C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{19535B6F-42DD-4E00-8D4B-2B6215092104}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{03804712-763E-4D5B-863F-2F35CAEDA0C0}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{D494E04A-6211-40EF-9D78-4B5038719AEA}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{35ADFC90-0979-45DD-8B9B-925166681D77}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [TCP Query User{2CB7051D-8E0D-4EE7-95CA-727EEE5BADA4}D:\juegos\the sims 4\game\bin\ts4_x64.exe] => (Allow) D:\juegos\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{5AAD6160-FF53-47E4-8B12-E1ACF39789B6}D:\juegos\the sims 4\game\bin\ts4_x64.exe] => (Allow) D:\juegos\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]

==================== Restore Points =========================

21-07-2019 00:24:02 ZHPcleaner

==================== Faulty Device Manager Devices =============

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/20/2019 11:47:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbamservice.exe, versión: 3.2.0.845, marca de tiempo: 0x5d10ed55
Nombre del módulo con errores: RTPControllerImpl.dll, versión: 3.2.0.478, marca de tiempo: 0x5cf954aa
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00000000000ad4e5
Identificador del proceso con errores: 0xe5c
Hora de inicio de la aplicación con errores: 0x01d53f6e0b110372
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Ruta de acceso del módulo con errores: C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\RTPControllerImpl.dll
Identificador del informe: 95935fd0-2636-4685-8250-d5fb75066def
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (07/20/2019 04:19:20 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows no puede cargar el archivo DLL del contador extensible rdyboost. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error de Windows.

Error: (07/20/2019 04:19:20 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Error del procedimiento de apertura para el servicio "BITS" en el archivo DLL "C:\Windows\System32\bitsperf.dll". Los datos de rendimiento para este servicio no estarán disponibles. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error.

Error: (07/20/2019 04:19:17 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows no puede cargar el archivo DLL del contador extensible rdyboost. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error de Windows.

Error: (07/19/2019 04:17:24 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows no puede cargar el archivo DLL del contador extensible rdyboost. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error de Windows.

Error: (07/19/2019 04:17:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Error del procedimiento de apertura para el servicio "BITS" en el archivo DLL "C:\Windows\System32\bitsperf.dll". Los datos de rendimiento para este servicio no estarán disponibles. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error.

Error: (07/18/2019 08:05:26 PM) (Source: COM) (EventID: 10031) (User: )
Description: Se realizó una comprobación de directiva de anulación de serialización al anular la serialización de un objeto con serialización personalizada; se rechazó la clase {41FD88F7-F295-4D39-91AC-A85F3149A05B}

Error: (07/18/2019 08:05:26 PM) (Source: COM) (EventID: 10031) (User: )
Description: Se realizó una comprobación de directiva de anulación de serialización al anular la serialización de un objeto con serialización personalizada; se rechazó la clase {95CABCC9-BC57-4C12-B8DF-BA193232AA01}


System errors:
=============
Error: (07/21/2019 12:30:06 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N04D4TT)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-N04D4TT\Fabri con SID (S-1-5-21-259461801-381198537-3780377535-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (07/21/2019 12:23:27 AM) (Source: Schannel) (EventID: 4114) (User: NT AUTHORITY)
Description: El certificado recibido del servidor remoto lo emitió una entidad de certificación que no es de confianza. Por esta causa, no se puede validar ninguno de los datos contenidos en el certificado. Error de la solicitud de conexión TLS. Los datos adjuntos contienen el certificado del servidor.

Error: (07/21/2019 12:23:24 AM) (Source: Schannel) (EventID: 4114) (User: NT AUTHORITY)
Description: El certificado recibido del servidor remoto lo emitió una entidad de certificación que no es de confianza. Por esta causa, no se puede validar ninguno de los datos contenidos en el certificado. Error de la solicitud de conexión TLS. Los datos adjuntos contienen el certificado del servidor.

Error: (07/21/2019 12:22:22 AM) (Source: Schannel) (EventID: 4114) (User: NT AUTHORITY)
Description: El certificado recibido del servidor remoto lo emitió una entidad de certificación que no es de confianza. Por esta causa, no se puede validar ninguno de los datos contenidos en el certificado. Error de la solicitud de conexión TLS. Los datos adjuntos contienen el certificado del servidor.

Error: (07/21/2019 12:04:39 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N04D4TT)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-N04D4TT\Fabri con SID (S-1-5-21-259461801-381198537-3780377535-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (07/20/2019 11:59:59 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N04D4TT)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-N04D4TT\Fabri con SID (S-1-5-21-259461801-381198537-3780377535-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (07/20/2019 11:50:25 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N04D4TT)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-N04D4TT\Fabri con SID (S-1-5-21-259461801-381198537-3780377535-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (07/20/2019 11:47:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Malwarebytes Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 5000 milisegundos: Reiniciar el servicio.


Windows Defender:
===================================
Date: 2019-02-17 23:03:05.558
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {D0B2D6A0-3A03-41DC-BDB5-9C0E9643B568}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-02-17 22:12:30.471
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {94945A62-9249-46EB-B60F-40F8BDAC2926}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-02-17 20:48:21.014
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {378C016E-542A-47C1-901B-A635A5CE0BF0}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-02-17 18:56:56.352
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {67B79B20-ED8B-4C94-B15E-3AB9A0D06047}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-02-15 11:34:30.501
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {6EA4FE92-0B36-4C5B-AD6A-A72894E99E8E}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-02-22 00:00:37.016
Description: 
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Supervisión de comportamiento
Código de error: 0x80508023
Descripción del error: El programa no encontró malware ni otro software potencialmente no deseado en este dispositivo. 
Motivo: La protección antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2019-02-14 21:27:37.816
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.285.1563.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15700.8
Código de error: 0x80240016
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2019-02-11 12:28:07.886
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.285.1306.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15600.4
Código de error: 0x80240022
Descripción del error: El programa no puede buscar actualizaciones de definiciones. 

Date: 2019-02-06 01:58:17.108
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.285.956.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15600.4
Código de error: 0x80240016
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2019-02-05 21:22:28.420
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.285.880.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15600.4
Código de error: 0x8024001e
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

CodeIntegrity:
===================================

Date: 2019-07-21 00:44:40.483
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-07-21 00:44:36.768
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-07-21 00:44:35.622
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-07-21 00:44:30.248
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-07-21 00:44:30.244
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-07-21 00:44:30.223
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-07-21 00:41:21.310
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-07-21 00:41:06.430
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. F14 04/17/2013
Motherboard: Gigabyte Technology Co., Ltd. B75M-D3H
Processor: Intel(R) Core(TM) i3-3240 CPU @ 3.40GHz
Percentage of memory in use: 43%
Total physical RAM: 8137.73 MB
Available physical RAM: 4605.76 MB
Total Virtual: 9417.73 MB
Available Virtual: 5653.92 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:116.41 GB) (Free:36.47 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Datos ) (Fixed) (Total:814.32 GB) (Free:535.03 GB) NTFS

\\?\Volume{220d220c-0000-0000-0000-001a1d000000}\ () (Fixed) (Total:0.78 GB) (Free:0.15 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 220D220C)
Partition 1: (Active) - (Size=116.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=801 MB) - (Type=27)
Partition 3: (Not Active) - (Size=814.3 GB) - (Type=0F Extended)

==================== End of Addition.txt ============================

Hola @Elvio_Bottazzi

Ejecutaste FRST desde un ligar incorrecto:

  • Running from C:\Users\Fabri\Downloads

Corta el ejecutable y pegalo en tu escritorio <<< Esto es Muy Importante.


Luego sigue estos pasos:

1.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

2.- Desactiva Temporalmente tu antivirus.

3.- Abre un nuevo archivo Notepad y copia y pega este contenido:


Start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\MountPoints2: H - "H:\setup.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\MountPoints2: {62947e0d-ecf0-11e8-909b-94de80c5ff1a} - "K:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\MountPoints2: {77d876e1-8df9-11e9-9101-94de80c5ff1a} - "G:\autorun.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\MountPoints2: {82554cf9-f507-11e8-90a0-94de80c5ff1a} - "I:\setup.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\MountPoints2: {a05e8d26-2a0d-11e9-90bf-94de80c5ff1a} - "G:\setup.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\MountPoints2: {a7e91ee8-f34a-11e8-909f-94de80c5ff1a} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\MountPoints2: {aabe15d8-1c33-11e9-90b3-94de80c5ff1a} - "G:\setup.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\MountPoints2: {e3927cc1-1907-11e9-90b0-94de80c5ff1a} - "H:\RunGame.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\MountPoints2: {fc608a8d-264e-11e9-90b4-94de80c5ff1a} - "J:\HiSuiteDownLoader.exe" 
BF15-2C2B11260CE4}-07202019234601011\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: H - "H:\setup.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {62947e0d-ecf0-11e8-909b-94de80c5ff1a} - "K:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {77d876e1-8df9-11e9-9101-94de80c5ff1a} - "G:\autorun.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {82554cf9-f507-11e8-90a0-94de80c5ff1a} - "I:\setup.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {a05e8d26-2a0d-11e9-90bf-94de80c5ff1a} - "G:\setup.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {a7e91ee8-f34a-11e8-909f-94de80c5ff1a} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {aabe15d8-1c33-11e9-90b3-94de80c5ff1a} - "G:\setup.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {e3927cc1-1907-11e9-90b0-94de80c5ff1a} - "H:\RunGame.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {fc608a8d-264e-11e9-90b4-94de80c5ff1a} - "J:\HiSuiteDownLoader.exe" 
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Tcpip\..\Interfaces\{5465d4c7-b0c3-4387-81f8-1bf5ee7de78a}: [NameServer] 45.86.180.227,185.162.93.213,185.4.65.4,116.203.6.218,185.130.104.222,
Tcpip\..\Interfaces\{8ed3a0e4-0889-498b-a181-2b683b5b3714}: [NameServer] 45.86.180.227,185.162.93.213,185.4.65.4,116.203.6.218,185.130.104.222,
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKU\S-1-5-21-259461801-381198537-3780377535-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKU\S-1-5-21-259461801-381198537-3780377535-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-259461801-381198537-3780377535-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-259461801-381198537-3780377535-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10454__181118&q={searchTerms}
SearchScopes: HKU\S-1-5-21-259461801-381198537-3780377535-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10454__181118&q={searchTerms}
SearchScopes: HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
CHR StartupUrls: Profile 1 -> "hxxp://www.google.com.ar/","hxxps://mail.ru/cnt/10445?gp=811570","hxxps://www.google.com/"
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [obcnimnkkpdkbfnnoagjogdollcfnidj] - hxxps://clients2.google.com/service/update2/crx
U4 napagent; no ImagePath
2019-06-30 21:45 - 2019-06-30 21:47 - 000000000 ____D C:\ProgramData\yh3qzJxj2eMjMapu
2019-06-30 21:45 - 2019-06-30 21:45 - 000000000 ____D C:\ProgramData\Padur
2019-06-30 21:44 - 2019-07-20 23:42 - 000000000 ____D C:\Users\Fabri\AppData\Roaming\prunld8365
2019-06-30 21:43 - 2019-06-30 21:45 - 000000000 ____D C:\Users\Fabri\AppData\Local\Mail.Ru
2019-06-30 21:43 - 2019-06-30 21:45 - 000000000 ____D C:\ProgramData\Mail.Ru
Служба автоматического обновления программ (HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\MailRuUpdater) (Version:  - Mail.Ru) <==== ATTENTION
Служба автоматического обновления программ (HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MailRuUpdater) (Version:  - Mail.Ru) <==== ATTENTION
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [119]
FirewallRules: [TCP Query User{F05B5A53-FF6E-4EEA-9D90-522D1B7C9836}D:\instalacion juegos\half life 2 by luis93mk\hl2.exe] => (Allow) D:\instalacion juegos\half life 2 by luis93mk\hl2.exe No File
FirewallRules: [UDP Query User{18D3DDA2-9C6C-462E-80E4-E3A950604589}D:\instalacion juegos\half life 2 by luis93mk\hl2.exe] => (Allow) D:\instalacion juegos\half life 2 by luis93mk\hl2.exe No File
FirewallRules: [TCP Query User{53D1254F-F685-42FD-9418-02220B7EAEF0}D:\instalacion juegos\half life 2 by luis93mk\hl2.exe] => (Block) D:\instalacion juegos\half life 2 by luis93mk\hl2.exe No File
FirewallRules: [UDP Query User{8CC56BF3-52F0-4698-B15E-C5BE6C53CFAA}D:\instalacion juegos\half life 2 by luis93mk\hl2.exe] => (Block) D:\instalacion juegos\half life 2 by luis93mk\hl2.exe No File
FirewallRules: [TCP Query User{8B1A8674-BEAE-44BE-966C-918DFA4441FA}D:\instalacion juegos\carshow\carshow\rfactor.exe] => (Allow) D:\instalacion juegos\carshow\carshow\rfactor.exe No File
FirewallRules: [UDP Query User{0AB554F7-4042-4546-B474-D41BCCBD4A41}D:\instalacion juegos\carshow\carshow\rfactor.exe] => (Allow) D:\instalacion juegos\carshow\carshow\rfactor.exe No File
FirewallRules: [TCP Query User{568CC517-B89B-46CF-9CCE-C22026693149}D:\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\the sims 4\game\bin\ts4_x64.exe No File
FirewallRules: [UDP Query User{527E5FC8-4BFE-430D-8D58-6394ED27C25D}D:\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\the sims 4\game\bin\ts4_x64.exe No File
FirewallRules: [{054419D0-9A76-4514-8424-16E60E980AE1}] => (Allow) D:\FIFA 19\FIFASetup\fifaconfig.exe No File
FirewallRules: [{C67D17C7-9F70-4AAA-ADEA-23965253C1FB}] => (Allow) D:\FIFA 19\FIFASetup\fifaconfig.exe No File
FirewallRules: [TCP Query User{7A2F5C3A-F440-49BF-87CD-54DB23816720}D:\fifa 19\fifa19.exe] => (Block) D:\fifa 19\fifa19.exe No File
FirewallRules: [UDP Query User{1C48D45E-33C1-4749-9771-215161CF4AB8}D:\fifa 19\fifa19.exe] => (Block) D:\fifa 19\fifa19.exe No File
FirewallRules: [TCP Query User{7AC62451-DB1A-4EA1-ACB7-5A1CAAC77786}D:\instalacion juegos\maxis\simcity 3000 world edition\apps\updater\updater.exe] => (Allow) D:\instalacion juegos\maxis\simcity 3000 world edition\apps\updater\updater.exe No File
FirewallRules: [UDP Query User{070F9E64-6AE0-412D-B54D-34E3762D51C0}D:\instalacion juegos\maxis\simcity 3000 world edition\apps\updater\updater.exe] => (Allow) D:\instalacion juegos\maxis\simcity 3000 world edition\apps\updater\updater.exe No File
FirewallRules: [{01A53E27-BF76-419B-8F51-9C5C655A9757}] => (Allow) D:\EL MEJOR PES DE LA HISTORIA\pes2013.exe No File
FirewallRules: [{91E83087-D630-4366-A77B-7DA408287624}] => (Allow) D:\EL MEJOR PES DE LA HISTORIA\pes2013.exe No File

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

Luego de reiniciar:

Actualizas Malwarebytes y vuelves a realizar un Análisis de la siguiente manera:

  • No olvides actualizarlo.
  • Lee detenidamente su Manual
  • Realiza un Análisis Personalizado marcando todas las unidades
  • Pulsa en “Eliminar Seleccionados” para enviar lo encontrado a la cuarentena.
  • Reinicias el Sistema.
  • En el apartado del manual “Historial” >> Registros de Aplicación >> Scan Log/Registro de Análisis encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta.

4.- Nota Importante:

En tu próxima respuesta debes pegar ambos reportes.

Guía: ¿Como Pegar reportes en el Foro?

Nos comentas.

Salu2.

Buenas noches San Mar. Te paso lod dos reportes solicitados

FIXLOG
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by Fabri (24-07-2019 19:22:31) Run:1
Running from C:\Users\Fabri\Desktop
Loaded Profiles: Fabri (Available Profiles: Fabri)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\MountPoints2: H - "H:\setup.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\MountPoints2: {62947e0d-ecf0-11e8-909b-94de80c5ff1a} - "K:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\MountPoints2: {77d876e1-8df9-11e9-9101-94de80c5ff1a} - "G:\autorun.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\MountPoints2: {82554cf9-f507-11e8-90a0-94de80c5ff1a} - "I:\setup.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\MountPoints2: {a05e8d26-2a0d-11e9-90bf-94de80c5ff1a} - "G:\setup.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\MountPoints2: {a7e91ee8-f34a-11e8-909f-94de80c5ff1a} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\MountPoints2: {aabe15d8-1c33-11e9-90b3-94de80c5ff1a} - "G:\setup.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\MountPoints2: {e3927cc1-1907-11e9-90b0-94de80c5ff1a} - "H:\RunGame.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\MountPoints2: {fc608a8d-264e-11e9-90b4-94de80c5ff1a} - "J:\HiSuiteDownLoader.exe" 
BF15-2C2B11260CE4}-07202019234601011\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: H - "H:\setup.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {62947e0d-ecf0-11e8-909b-94de80c5ff1a} - "K:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {77d876e1-8df9-11e9-9101-94de80c5ff1a} - "G:\autorun.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {82554cf9-f507-11e8-90a0-94de80c5ff1a} - "I:\setup.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {a05e8d26-2a0d-11e9-90bf-94de80c5ff1a} - "G:\setup.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {a7e91ee8-f34a-11e8-909f-94de80c5ff1a} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {aabe15d8-1c33-11e9-90b3-94de80c5ff1a} - "G:\setup.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {e3927cc1-1907-11e9-90b0-94de80c5ff1a} - "H:\RunGame.exe" 
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {fc608a8d-264e-11e9-90b4-94de80c5ff1a} - "J:\HiSuiteDownLoader.exe" 
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Tcpip\..\Interfaces\{5465d4c7-b0c3-4387-81f8-1bf5ee7de78a}: [NameServer] 45.86.180.227,185.162.93.213,185.4.65.4,116.203.6.218,185.130.104.222,
Tcpip\..\Interfaces\{8ed3a0e4-0889-498b-a181-2b683b5b3714}: [NameServer] 45.86.180.227,185.162.93.213,185.4.65.4,116.203.6.218,185.130.104.222,
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKU\S-1-5-21-259461801-381198537-3780377535-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKU\S-1-5-21-259461801-381198537-3780377535-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-259461801-381198537-3780377535-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-259461801-381198537-3780377535-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10454__181118&q={searchTerms}
SearchScopes: HKU\S-1-5-21-259461801-381198537-3780377535-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10454__181118&q={searchTerms}
SearchScopes: HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
CHR StartupUrls: Profile 1 -> "hxxp://www.google.com.ar/","hxxps://mail.ru/cnt/10445?gp=811570","hxxps://www.google.com/"
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [obcnimnkkpdkbfnnoagjogdollcfnidj] - hxxps://clients2.google.com/service/update2/crx
U4 napagent; no ImagePath
2019-06-30 21:45 - 2019-06-30 21:47 - 000000000 ____D C:\ProgramData\yh3qzJxj2eMjMapu
2019-06-30 21:45 - 2019-06-30 21:45 - 000000000 ____D C:\ProgramData\Padur
2019-06-30 21:44 - 2019-07-20 23:42 - 000000000 ____D C:\Users\Fabri\AppData\Roaming\prunld8365
2019-06-30 21:43 - 2019-06-30 21:45 - 000000000 ____D C:\Users\Fabri\AppData\Local\Mail.Ru
2019-06-30 21:43 - 2019-06-30 21:45 - 000000000 ____D C:\ProgramData\Mail.Ru
Служба автоматического обновления программ (HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\MailRuUpdater) (Version:  - Mail.Ru) <==== ATTENTION
Служба автоматического обновления программ (HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MailRuUpdater) (Version:  - Mail.Ru) <==== ATTENTION
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [119]
FirewallRules: [TCP Query User{F05B5A53-FF6E-4EEA-9D90-522D1B7C9836}D:\instalacion juegos\half life 2 by luis93mk\hl2.exe] => (Allow) D:\instalacion juegos\half life 2 by luis93mk\hl2.exe No File
FirewallRules: [UDP Query User{18D3DDA2-9C6C-462E-80E4-E3A950604589}D:\instalacion juegos\half life 2 by luis93mk\hl2.exe] => (Allow) D:\instalacion juegos\half life 2 by luis93mk\hl2.exe No File
FirewallRules: [TCP Query User{53D1254F-F685-42FD-9418-02220B7EAEF0}D:\instalacion juegos\half life 2 by luis93mk\hl2.exe] => (Block) D:\instalacion juegos\half life 2 by luis93mk\hl2.exe No File
FirewallRules: [UDP Query User{8CC56BF3-52F0-4698-B15E-C5BE6C53CFAA}D:\instalacion juegos\half life 2 by luis93mk\hl2.exe] => (Block) D:\instalacion juegos\half life 2 by luis93mk\hl2.exe No File
FirewallRules: [TCP Query User{8B1A8674-BEAE-44BE-966C-918DFA4441FA}D:\instalacion juegos\carshow\carshow\rfactor.exe] => (Allow) D:\instalacion juegos\carshow\carshow\rfactor.exe No File
FirewallRules: [UDP Query User{0AB554F7-4042-4546-B474-D41BCCBD4A41}D:\instalacion juegos\carshow\carshow\rfactor.exe] => (Allow) D:\instalacion juegos\carshow\carshow\rfactor.exe No File
FirewallRules: [TCP Query User{568CC517-B89B-46CF-9CCE-C22026693149}D:\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\the sims 4\game\bin\ts4_x64.exe No File
FirewallRules: [UDP Query User{527E5FC8-4BFE-430D-8D58-6394ED27C25D}D:\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\the sims 4\game\bin\ts4_x64.exe No File
FirewallRules: [{054419D0-9A76-4514-8424-16E60E980AE1}] => (Allow) D:\FIFA 19\FIFASetup\fifaconfig.exe No File
FirewallRules: [{C67D17C7-9F70-4AAA-ADEA-23965253C1FB}] => (Allow) D:\FIFA 19\FIFASetup\fifaconfig.exe No File
FirewallRules: [TCP Query User{7A2F5C3A-F440-49BF-87CD-54DB23816720}D:\fifa 19\fifa19.exe] => (Block) D:\fifa 19\fifa19.exe No File
FirewallRules: [UDP Query User{1C48D45E-33C1-4749-9771-215161CF4AB8}D:\fifa 19\fifa19.exe] => (Block) D:\fifa 19\fifa19.exe No File
FirewallRules: [TCP Query User{7AC62451-DB1A-4EA1-ACB7-5A1CAAC77786}D:\instalacion juegos\maxis\simcity 3000 world edition\apps\updater\updater.exe] => (Allow) D:\instalacion juegos\maxis\simcity 3000 world edition\apps\updater\updater.exe No File
FirewallRules: [UDP Query User{070F9E64-6AE0-412D-B54D-34E3762D51C0}D:\instalacion juegos\maxis\simcity 3000 world edition\apps\updater\updater.exe] => (Allow) D:\instalacion juegos\maxis\simcity 3000 world edition\apps\updater\updater.exe No File
FirewallRules: [{01A53E27-BF76-419B-8F51-9C5C655A9757}] => (Allow) D:\EL MEJOR PES DE LA HISTORIA\pes2013.exe No File
FirewallRules: [{91E83087-D630-4366-A77B-7DA408287624}] => (Allow) D:\EL MEJOR PES DE LA HISTORIA\pes2013.exe No File

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Processes closed successfully.
Restore point was successfully created.
"HKU\S-1-5-21-259461801-381198537-3780377535-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks" => removed successfully
HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H => removed successfully
HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{62947e0d-ecf0-11e8-909b-94de80c5ff1a} => removed successfully
HKLM\Software\Classes\CLSID\{62947e0d-ecf0-11e8-909b-94de80c5ff1a} => not found
HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{77d876e1-8df9-11e9-9101-94de80c5ff1a} => removed successfully
HKLM\Software\Classes\CLSID\{77d876e1-8df9-11e9-9101-94de80c5ff1a} => not found
HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{82554cf9-f507-11e8-90a0-94de80c5ff1a} => removed successfully
HKLM\Software\Classes\CLSID\{82554cf9-f507-11e8-90a0-94de80c5ff1a} => not found
HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a05e8d26-2a0d-11e9-90bf-94de80c5ff1a} => removed successfully
HKLM\Software\Classes\CLSID\{a05e8d26-2a0d-11e9-90bf-94de80c5ff1a} => not found
HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a7e91ee8-f34a-11e8-909f-94de80c5ff1a} => removed successfully
HKLM\Software\Classes\CLSID\{a7e91ee8-f34a-11e8-909f-94de80c5ff1a} => not found
HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aabe15d8-1c33-11e9-90b3-94de80c5ff1a} => removed successfully
HKLM\Software\Classes\CLSID\{aabe15d8-1c33-11e9-90b3-94de80c5ff1a} => not found
HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e3927cc1-1907-11e9-90b0-94de80c5ff1a} => removed successfully
HKLM\Software\Classes\CLSID\{e3927cc1-1907-11e9-90b0-94de80c5ff1a} => not found
HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc608a8d-264e-11e9-90b4-94de80c5ff1a} => removed successfully
HKLM\Software\Classes\CLSID\{fc608a8d-264e-11e9-90b4-94de80c5ff1a} => not found
BF15-2C2B11260CE4}-07202019234601011\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 => Error: No automatic fix found for this entry.
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: H - "H:\setup.exe" => Error: No automatic fix found for this entry.
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {62947e0d-ecf0-11e8-909b-94de80c5ff1a} - "K:\HiSuiteDownLoader.exe" => Error: No automatic fix found for this entry.
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {77d876e1-8df9-11e9-9101-94de80c5ff1a} - "G:\autorun.exe" => Error: No automatic fix found for this entry.
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {82554cf9-f507-11e8-90a0-94de80c5ff1a} - "I:\setup.exe" => Error: No automatic fix found for this entry.
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {a05e8d26-2a0d-11e9-90bf-94de80c5ff1a} - "G:\setup.exe" => Error: No automatic fix found for this entry.
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {a7e91ee8-f34a-11e8-909f-94de80c5ff1a} - "G:\HiSuiteDownLoader.exe" => Error: No automatic fix found for this entry.
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {aabe15d8-1c33-11e9-90b3-94de80c5ff1a} - "G:\setup.exe" => Error: No automatic fix found for this entry.
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {e3927cc1-1907-11e9-90b0-94de80c5ff1a} - "H:\RunGame.exe" => Error: No automatic fix found for this entry.
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MountPoints2: {fc608a8d-264e-11e9-90b4-94de80c5ff1a} - "J:\HiSuiteDownLoader.exe" => Error: No automatic fix found for this entry.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\Windows\system32\GroupPolicy\User => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => moved successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5465d4c7-b0c3-4387-81f8-1bf5ee7de78a}\\NameServer" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8ed3a0e4-0889-498b-a181-2b683b5b3714}\\NameServer" => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-259461801-381198537-3780377535-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-259461801-381198537-3780377535-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms} => Error: No automatic fix found for this entry.
HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006 => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => not found
"HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9} => removed successfully
HKLM\Software\Classes\CLSID\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9} => not found
HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => removed successfully
HKLM\Software\Classes\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => not found
SearchScopes: HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms} => Error: No automatic fix found for this entry.
SearchScopes: HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10454__181118&q={searchTerms} => Error: No automatic fix found for this entry.
SearchScopes: HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms} => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => value restored successfully
"Chrome StartupUrls" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\obcnimnkkpdkbfnnoagjogdollcfnidj => removed successfully
"HKLM\System\CurrentControlSet\Services\napagent" => removed successfully
napagent => service removed successfully
C:\ProgramData\yh3qzJxj2eMjMapu => moved successfully
C:\ProgramData\Padur => moved successfully
C:\Users\Fabri\AppData\Roaming\prunld8365 => moved successfully
C:\Users\Fabri\AppData\Local\Mail.Ru => moved successfully
C:\ProgramData\Mail.Ru => moved successfully
Служба автоматического обновления программ (HKU\S-1-5-21-259461801-381198537-3780377535-1001\...\MailRuUpdater) (Version:  - Mail.Ru) <==== ATTENTION => Error: No automatic fix found for this entry.
Служба автоматического обновления программ (HKU\S-1-5-21-259461801-381198537-3780377535-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07202019234601011\...\MailRuUpdater) (Version:  - Mail.Ru) <==== ATTENTION => Error: No automatic fix found for this entry.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F05B5A53-FF6E-4EEA-9D90-522D1B7C9836}D:\instalacion juegos\half life 2 by luis93mk\hl2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{18D3DDA2-9C6C-462E-80E4-E3A950604589}D:\instalacion juegos\half life 2 by luis93mk\hl2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{53D1254F-F685-42FD-9418-02220B7EAEF0}D:\instalacion juegos\half life 2 by luis93mk\hl2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8CC56BF3-52F0-4698-B15E-C5BE6C53CFAA}D:\instalacion juegos\half life 2 by luis93mk\hl2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8B1A8674-BEAE-44BE-966C-918DFA4441FA}D:\instalacion juegos\carshow\carshow\rfactor.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0AB554F7-4042-4546-B474-D41BCCBD4A41}D:\instalacion juegos\carshow\carshow\rfactor.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{568CC517-B89B-46CF-9CCE-C22026693149}D:\the sims 4\game\bin\ts4_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{527E5FC8-4BFE-430D-8D58-6394ED27C25D}D:\the sims 4\game\bin\ts4_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{054419D0-9A76-4514-8424-16E60E980AE1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C67D17C7-9F70-4AAA-ADEA-23965253C1FB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7A2F5C3A-F440-49BF-87CD-54DB23816720}D:\fifa 19\fifa19.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1C48D45E-33C1-4749-9771-215161CF4AB8}D:\fifa 19\fifa19.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7AC62451-DB1A-4EA1-ACB7-5A1CAAC77786}D:\instalacion juegos\maxis\simcity 3000 world edition\apps\updater\updater.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{070F9E64-6AE0-412D-B54D-34E3762D51C0}D:\instalacion juegos\maxis\simcity 3000 world edition\apps\updater\updater.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{01A53E27-BF76-419B-8F51-9C5C655A9757}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{91E83087-D630-4366-A77B-7DA408287624}" => removed successfully

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


Adaptador de Ethernet Ethernet:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.7
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to cancel {8179EC1B-61C0-4AC1-8000-906A74636529}.
Unable to cancel {9C652A6A-4505-4831-B2A7-825F0EFB10CA}.
Unable to cancel {BDC38766-6706-47A4-BF7A-12663BD5CD67}.
Unable to cancel {3D414AB1-DD50-4558-B01C-7B998CCAF829}.
0 out of 4 jobs canceled.

========= End of CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 167795779 B
Java, Flash, Steam htmlcache => 182375424 B
Windows/system/drivers => 3319700 B
Edge => 3938 B
Chrome => 30898814 B
Firefox => 16276790 B
Opera => 559798 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 11552432 B
NetworkService => 0 B
Fabri => 18366358 B

RecycleBin => 0 B
EmptyTemp: => 421.4 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:24:26 ====

y aqui el reporte del Malwarebytes

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 24/7/19
Hora del análisis: 19:38
Archivo de registro: d45aae84-ae63-11e9-ae93-94de80c5ff1a.json

-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.613
Versión del paquete de actualización: 1.0.11704
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.829)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-N04D4TT\Fabri

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 835722
Amenazas detectadas: 79
Amenazas en cuarentena: 79
Tiempo transcurrido: 5 hr, 25 min, 53 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 15
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\TYPELIB\{B0407D14-269B-4E52-893C-440DA17813C3}, En cuarentena, [563], [621110],1.0.11704
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{21A9C99D-CCD8-42BD-AFC9-B074ABCA319F}, En cuarentena, [563], [621110],1.0.11704
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{40BD26C6-3139-47F3-84E6-E33B002ED5DE}, En cuarentena, [563], [621110],1.0.11704
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{70AF754A-8580-4C00-B2BA-857037BE831F}, En cuarentena, [563], [621110],1.0.11704
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{963D710B-65FA-4C8F-A0F8-D1D6D7E39037}, En cuarentena, [563], [621110],1.0.11704
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{21A9C99D-CCD8-42BD-AFC9-B074ABCA319F}, En cuarentena, [563], [621110],1.0.11704
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{40BD26C6-3139-47F3-84E6-E33B002ED5DE}, En cuarentena, [563], [621110],1.0.11704
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{70AF754A-8580-4C00-B2BA-857037BE831F}, En cuarentena, [563], [621110],1.0.11704
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{963D710B-65FA-4C8F-A0F8-D1D6D7E39037}, En cuarentena, [563], [621110],1.0.11704
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{21A9C99D-CCD8-42BD-AFC9-B074ABCA319F}, En cuarentena, [563], [621110],1.0.11704
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{40BD26C6-3139-47F3-84E6-E33B002ED5DE}, En cuarentena, [563], [621110],1.0.11704
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{70AF754A-8580-4C00-B2BA-857037BE831F}, En cuarentena, [563], [621110],1.0.11704
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{963D710B-65FA-4C8F-A0F8-D1D6D7E39037}, En cuarentena, [563], [621110],1.0.11704
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{B0407D14-269B-4E52-893C-440DA17813C3}, En cuarentena, [563], [621110],1.0.11704
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{B0407D14-269B-4E52-893C-440DA17813C3}, En cuarentena, [563], [621110],1.0.11704

Valor del registro: 1
PUP.Optional.MindSpark.Generic, HKU\S-1-5-21-259461801-381198537-3780377535-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Profile 1\extensions.settings|lbijecpdngjgndgelnoknlmeiikfcjjh, En cuarentena, [1764], [456842],1.0.11704

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 8
PUP.Optional.MindSpark.Generic, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\_locales\en, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\_metadata, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\_locales, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\config, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\icons, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\EXTENSIONS\LBIJECPDNGJGNDGELNOKNLMEIIKFCJJH\13.894.15.54872_0, En cuarentena, [1764], [456842],1.0.11704

Archivo: 55
PUP.Optional.InstallCore.Generic, C:\PROGRAM FILES (X86)\DSNET CORP\ATUBE CATCHER 2.0\EWORKER.EXE, En cuarentena, [563], [621110],1.0.11704
PUP.Optional.MindSpark.Generic, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Sustituido, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\USERS\FABRI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\EXTENSIONS\LBIJECPDNGJGNDGELNOKNLMEIIKFCJJH\13.894.15.54872_0\CONFIG\CONFIG.JSON, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\icons\icon128.png, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\icons\icon16.png, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\icons\icon19disabled.png, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\icons\icon19on.png, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\icons\icon48.png, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\localStorageContentScript.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\ajax.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\babAPI.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\babClickHandler.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\babContentScript.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\babContentScriptAPI.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\background.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\browserUtils.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\chrome.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\contentScriptConnectionManager.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\dateTimeUtils.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\dlp.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\dlpHelper.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\extensionDetect.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\index.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\logger.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\meta.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\offerService.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\pageUtils.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\PartnerId.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\polyfill.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\product.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\remoteConfigLoader.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\splashPageRedirectHandler.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\storageUtils.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\TemplateParser.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\ul.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\urlFragmentActions.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\urlUtils.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\util.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\webtooltabAPI.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\js\webTooltabAPIProxy.js, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\_locales\en\messages.json, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\_metadata\verified_contents.json, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\manifest.json, En cuarentena, [1764], [456842],1.0.11704
PUP.Optional.MindSpark.Generic, C:\Users\Fabri\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbijecpdngjgndgelnoknlmeiikfcjjh\13.894.15.54872_0\ntpnew.html, En cuarentena, [1764], [456842],1.0.11704
RiskWare.GameHack, C:\USERS\FABRI\DOCUMENTS\MEGASYNC DOWNLOADS\PES 2013 NEXT SEASON PATCH 2019 UPDATE V5.0 AIO\PES 2013 NEXT SEASON PATCH 2019 UPDATE V5.0 AIO\THE PATCH\RLD.DLL, En cuarentena, [7522], [352892],1.0.11704
Generic.Malware/Suspicious, C:\USERS\FABRI\DOCUMENTS\MEGASYNC DOWNLOADS\NOCLIP 2.13.EXE, En cuarentena, [0], [392686],1.0.11704
Generic.Malware/Suspicious, C:\USERS\FABRI\DOWNLOADS\KITSERVER BY TU PLAY CHANNEL RESUBIDO\KITSERVER\KEYBIND.EXE, En cuarentena, [0], [392686],1.0.11704
Generic.Malware/Suspicious, D:\DESCARGAS UTORRENT\INSTALACION DE PRO EVOLUTION SOCCER 6\CRACK\PES6-KEYGEN.EXE, En cuarentena, [0], [392686],1.0.11704
RiskWare.GameHack, D:\DESCARGAS UTORRENT\PES 2013 NEXT SEASON PATCH 2019\PES 2013 NEXT SEASON 2019\PES 2013 NEXT SEASON 2019\THE PATCH\RLD.DLL, En cuarentena, [7522], [352892],1.0.11704
RiskWare.GameHack, D:\DESCARGAS UTORRENT\PRO EVOLUTION SOCCER 2013 [MULTI2][PCDVD][ESPECIAL VIRTUARED][WWW.GAMESTORRENTS.COM]\P2P-PES13VRED\PARCHE 1.03\CRACK\RLD.DLL, En cuarentena, [7522], [352892],1.0.11704
RiskWare.GameHack, D:\DESCARGAS UTORRENT\PRO EVOLUTION SOCCER 2013 [MULTI2][PCDVD][ESPECIAL VIRTUARED][WWW.GAMESTORRENTS.COM]\P2P-PES13VRED\PARCHE 1.02\CRACK\RLD.DLL, En cuarentena, [7522], [352892],1.0.11704
RiskWare.GameHack, D:\DESCARGAS UTORRENT\PRO EVOLUTION SOCCER 2013 [MULTI2][PCDVD][ESPECIAL VIRTUARED][WWW.GAMESTORRENTS.COM]\P2P-PES13VRED\PARCHE 1.04\CRACK\RLD.DLL, En cuarentena, [7522], [352892],1.0.11704
RiskWare.GameHack, D:\JUEGOS\EL MEJOR PES DE LA HISTORIA\RLD.DLL, En cuarentena, [7522], [352892],1.0.11704
RiskWare.Tool.CK, D:\JUEGOS\NFS UNDERGROUND 2\KEYGEN.EXE, En cuarentena, [7528], [294249],1.0.11704
Generic.Malware/Suspicious, D:\JUEGOS\PES 6\PES6-KEYGEN.EXE, En cuarentena, [0], [392686],1.0.11704

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Hola @Elvio_Bottazzi

Aun hay mucha basura que no se termina de eliminar de tu equipo.

Realiza lo siguiente, respetando el orden de los pasos, y una vez que descargues las herramientas, cierra todos los programas incluso navegadores.


1.- Descargua tu escritorio y ejecuta la utilidad:

(Renombrada bajo el nombre de “iExplore.exe”) para evitar el bloqueo de los malwares. Una vez que esta fue ejecutada, es importante no reiniciar el sistema hasta que se le solicite.

2.- Recién aquí vuelves a intentar descargar:

Lo ejecutas.

  • Pulsa en el botón Escanear y espera a que se realice el proceso. Luego pulsa sobre el botón Limpiar.
  • Espera a que se complete. Si te pidiera reiniciar el sistema Aceptas.
  • Guarda el reporte que le aparecerá para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también puede encontrarse en “C:\AdwCleaner\AdwCleaner.txt”

3.- Luego de haber reiniciado, ejecutas nuevamente Malwarebytes tal como ya lo has hecho.

  • No olvides actualizarlo.
  • Lee detenidamente su Manual
  • Realiza un Análisis Personalizado. Seleccionas "Todas las Unidades"
  • Pulsa en “Eliminar Seleccionados” para enviar lo encontrado a la cuarentena.
  • Reinicias el Sistema.
  • En el apartado del manual “Historial” >> Registros de Aplicación >> Scan Log/Registro de Análisis encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta.

4.- Nuevamente luego de reiniciar, ejecutas FRST tal como lo hiciste la primera vez y nos tras los reportes frescos incluido el Addition.txt.

Salu2