PC lento con 324 amenazas


#1

Buenas noches.

Les escribo desde una nueva cuenta que me he tenido que crear, mi antigua cuenta ha desaparecido. :disappointed_relieved:

Desde hace aproximadamente una semana noto que el PC va lento cuando vuelve de la suspensi贸n, tarda en encenderse la pantalla e incluso se queda congelado dos o tres segundos. Tambi茅n lo noto lento cuando pongo alg煤n video, el reproductor tarda mucho en iniciar el video y el mouse va a saltos.

Le pas茅 el Malwarebytes y me encontr贸 300 y pico amenazas, las borr茅 y ahora lo he vuelto a pasar y me ha vuelto a encontrar 324, iguales a las que ya elimin茅. Dejo el log que he sacado.

PD: He intentado pegarlo con el c贸digo 鈥渃ode鈥 pero no me deja por el l铆mite de caracteres. Lo adjunto en .txt, si hay otra forma de ponerlo me lo dec铆s. log malwarebytes.txt (69,0 KB)

Gracias. Saludos.


#2

Hola @PepePalote:

Malwarebytes dice:

Sin acciones por parte del usuario

Debes ejecutarlo de acuerdo a su Manual y eliminar todo lo que detecte.

Luego de reiniciar nos traes su reporte.

Salu2.


#3

Perd贸n, me equivoqu茅 de log, ese es uno que saqu茅 antes de eliminar las amenazas.

Dejo el que saqu茅 ayer en el mismo an谩lisis despu茅s de eliminar las amenazas. He vuelto a escanear antes de escribir y no ha encontrado nada, pero como coment茅 en mi primer post, ya me paso eso y a los pocos d铆as volvieron a salir las amezanas.

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del an谩lisis: 18/2/19
Hora del an谩lisis: 21:22
Archivo de registro: e42b295c-33ba-11e9-8931-902b34ad66f3.json
Administrador: S铆

-Informaci贸n del software-
Versi贸n: 3.5.1.2522
Versi贸n de los componentes: 1.0.365
Versi贸n del paquete de actualizaci贸n: 1.0.9320
Licencia: Gratis

-Informaci贸n del sistema-
SO: Windows 10 (Build 17763.316)
CPU: x64
Sistema de archivos: NTFS
Usuario: MASU-PC\masu1

-Resumen del an谩lisis-
Tipo de an谩lisis: An谩lisis de amenazas
An谩lisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 362782
Amenazas detectadas: 324
Amenazas en cuarentena: 323
Tiempo transcurrido: 3 min, 17 seg

-Opciones de an谩lisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heur铆stica: Activado
PUP: Detectar
PUM: Detectar

-Detalles del an谩lisis-
Proceso: 0
(No hay elementos maliciosos detectados)

M贸dulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 28
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\zh_CN, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\ar, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\bg, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\bn, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\da, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\de, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\en, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\es, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\fi, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\fr, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\he, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\it, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\jp, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\nl, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\no, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\pl, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\ru, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\ta, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\uk, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\vi, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_metadata, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\css, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\js, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\USERS\MASU1\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\coahpcpgfnnaddeelpphpifmgfobflog, En cuarentena, [313], [480148],1.0.9320

Archivo: 296
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\css\popup.css, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\css\popup.css.map, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\css\popup.scss, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\css\setting.css, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\AD.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\AE.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\AF.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\AG.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\AI.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\AL.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\AM.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\AN.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\AO.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\AQ.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\AR.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\AS.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\AT.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\AU.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\AW.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\AX.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\AZ.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\BA.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\BB.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\BD.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\LU.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\LV.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\LY.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\MA.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\MC.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\MD.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\ME.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\MF.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\MG.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\MH.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\MK.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\ML.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\MM.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\MN.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\MO.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\MP.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\MQ.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\MR.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\MS.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\MT.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\MU.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\MV.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\MW.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\MX.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\MY.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\MZ.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\NA.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\NC.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\NE.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\NF.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\NG.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\NI.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\NL.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\NO.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\NP.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\NR.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\NU.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\NZ.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\CK.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\CL.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\CM.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\CN.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\CO.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\CR.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\CU.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\CV.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\CW.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\CX.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\CY.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\CZ.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\DE.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\DJ.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\DK.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\DM.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\DO.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\DZ.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\EC.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\EE.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\EG.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\EH.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\OM.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\PA.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\PE.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\PF.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\PG.png, En cuarentena, [313], [480148],1.0.9320

#4

Continua:

PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\PH.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\PK.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\PL.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\PN.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\PR.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\PS.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\PT.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\PW.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\PY.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\QA.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\RO.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\RS.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\RU.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\RW.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\SA.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\SB.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\SC.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\SD.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\SE.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\SG.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\SH.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\SI.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\SK.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\SL.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\SM.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\SN.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\SO.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\SR.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\GS.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\GT.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\GU.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\GW.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\GY.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\HK.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\HN.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\HR.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\HT.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\HU.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\IC.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\ID.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\IE.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\IL.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\IM.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\IN.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\IQ.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\IR.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\IS.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\IT.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\ST.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\SV.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\SY.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\SZ.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\TC.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\TD.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\TF.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\TG.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\TH.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\TJ.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\TK.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\TL.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\TM.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\TN.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\TO.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\TR.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\TT.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\TV.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\TW.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\TZ.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\UA.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\JM.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\JO.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\JP.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\KE.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\KG.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\KH.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\KI.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\KM.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\KN.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\KP.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\KR.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\KW.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\KY.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\KZ.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\LA.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\LB.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\LC.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\LI.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\LK.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\LR.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\LS.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\BE.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\CI.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\ER.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\GR.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\JE.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\LT.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\OFF.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\SS.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\UG.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\ES.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\ET.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\EU.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\FI.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\FJ.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\FK.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\FM.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\FO.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\FR.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\GA.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\GB.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\GD.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\GE.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\GG.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\GH.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\GI.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\GL.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\GM.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\GN.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\GQ.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\BF.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\BG.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\BH.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\BI.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\BJ.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\BL.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\BM.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\BN.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\BO.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\BR.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\BS.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\BT.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\BW.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\BY.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\BZ.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\CA.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\CC.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\CD.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\CF.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\CG.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\CH.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\UM.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\US.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\UW.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\UY.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\UZ.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\VA.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\VC.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\VE.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\VG.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\VI.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\VN.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\VU.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\WF.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\WS.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\XX.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\YE.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\YT.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\ZA.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\ZM.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\ZW.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\flags\_unknown.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\128.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\32.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\64.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\arrow.svg, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\info.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\left-arrow.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\loader_btn.gif, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\logo.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\settings.png, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\img\unblock.ico, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\js\analytics.js, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\js\app.js, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\js\chrome.js, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\js\jquery.min.js, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\js\message.js, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\js\popup.js, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\js\settings.js, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\js\stat.js, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\js\storage.js, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\js\x-select.js, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\ar\messages.json, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\bg\messages.json, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\bn\messages.json, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\da\messages.json, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\de\messages.json, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\en\messages.json, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\es\messages.json, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\fi\messages.json, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\fr\messages.json, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\he\messages.json, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\it\messages.json, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\jp\messages.json, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\nl\messages.json, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\no\messages.json, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\pl\messages.json, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\ru\messages.json, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\ta\messages.json, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\uk\messages.json, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\vi\messages.json, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_locales\zh_CN\messages.json, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\_metadata\verified_contents.json, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\manifest.json, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.4.5_0\popup.html, En cuarentena, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\USERS\MASU1\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\USERS\MASU1\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Sustituido, [313], [480148],1.0.9320
PUP.Optional.RussAd, C:\USERS\MASU1\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Error durante la eliminaci贸n, [313], [480148],1.0.9320

Sector f铆sico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

#5

Hola @PepePalote

Se ve que instalaste una extensi贸n no santa en tu Google Chrome.

Restaura la configuraci貌n de tu navegador de acuerdo a lo mencionado en el siguiente enlace:

PUP/Adware en: Google Chrome

Luego para completar una buena limpieza:

Realiza lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga, instala y/o actualiza a las siguientes herramientas:

3.- Ejecutas respetando el orden los pasos:

CCleaner

Usando su opci贸n Limpiador de acuerdo su Manual:

  • Para borrar Cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.

  • NO necesitamos este reporte

AdwCleaner

Lo ejecutas.

  • Pulsa en el bot贸n Escanear y espera a que se realice el proceso. Luego pulsa sobre el bot贸n Limpiar.
  • Espera a que se complete. Si te pidiera reiniciar el sistema Aceptas.
  • Guarda el reporte que le aparecer谩 para copiarlo y pegarlo en tu pr贸xima respuesta.
  • El informe tambi茅n puede encontrarse en 鈥淐:\AdwCleaner\AdwCleaner.txt鈥

ZHPCleaner

  • Siguiendo su manual, lo instalas y ejecutas. Cuando termine, elimina todo lo que encuentre.

Malwarebytes

  • No olvides actualizarlo.
  • Lee detenidamente su Manual
  • Realiza un An谩lisis Completo.
  • Pulsa en 鈥淓liminar Seleccionados鈥 para enviar lo encontrado a la cuarentena.
  • Reinicias el Sistema.
  • En el apartado del manual 鈥淗istorial鈥 >> Registros de Aplicaci贸n >> Scan Log/Registro de An谩lisis encontrar谩s el informe del MBAM, que debes copiar y pegar en tu pr贸xima respuesta.

4.- Nota Importante:

En tu pr贸xima respuesta debes pegar los reportes de AdwCleaner , ZHPCleaner y Malwarebytes.

Gu铆a: 驴Como Pegar reportes en el Foro?

Nos comentas.

Salu2


#6

Buenas.

Aqu铆 dejo los reportes. Por lo que he visto por encima, el ZHPCleaner me ha detectado como amenaza los drivers del rat贸n. :roll_eyes:

AdwCleaner:

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build:    01-30-2019
# Database: 2019-02-19.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    02-20-2019
# Duration: 00:00:01
# OS:       Windows 10 Pro
# Cleaned:  6
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Users\masu1\AppData\Roaming\Hola

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|hola
Deleted       HKCU\Software\Hola
Deleted       HKLM\Software\Wow6432Node\Hola
Deleted       HKLM\Software\Hola
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1656 octets] - [20/02/2019 21:14:39]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

ZHPCleaner:

~ ZHPCleaner v2019.2.19.22 by Nicolas Coolman (2019/02/19)
~ Run by masu1 (Administrator)  (20/02/2019 21:29:35)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Reparar
~ Report : C:\Users\masu1\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\masu1\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit  (Build 17763)


---\\  Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios art铆culos encontrados.


---\\  Servicios (0)
~ No malintencionados o innecesarios art铆culos encontrados.


---\\  Navegadores de Internet (0)
~ No malintencionados o innecesarios art铆culos encontrados.


---\\  Hosts carpeta (1)
~ El archivo hosts es leg铆timo (21)


---\\  Tareas autom谩ticas programadas. (0)
~ No malintencionados o innecesarios art铆culos encontrados.


---\\  Explorador ( Archivos, Carpetas ) (15)
MOVIDO carpeta: C:\Program Files (x86)\Trust GXT 155 Gaming Mouse\GXT155mon.exe    =>Heuristic.Salus
MOVIDO carpeta: C:\Windows\Installer\wix{15D9C344-45B3-4780-B2BF-554D1E2FF300}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVIDO carpeta: C:\Windows\Installer\wix{4A8B062E-AFF0-44B4-9CF8-590BFF5D9AA9}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVIDO carpeta: C:\Windows\Installer\wix{81B13AD7-E284-4E48-A356-38418676244F}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVIDO carpeta: C:\Windows\Installer\wix{9CBA860F-7437-4A75-941C-8EF559F2D145}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVIDO carpeta: C:\Windows\Installer\wix{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVIDO carpeta: C:\Windows\Installer\MSI2AB1.tmp    =>.SUP.MSIInstaller
MOVIDO carpeta: C:\Windows\Installer\MSI2AC1.tmp    =>.SUP.MSIInstaller
MOVIDO carpeta: C:\Windows\Installer\MSI5916.tmp    =>.SUP.MSIInstaller
MOVIDO carpeta: C:\Windows\Installer\MSIBF8C.tmp    =>.SUP.MSIInstaller
MOVIDO carpeta: C:\Windows\Installer\MSIBF8D.tmp    =>.SUP.MSIInstaller
MOVIDO carpeta: C:\Users\masu1\AppData\Local\Temp\lastChanceDst15506927528267456758367942097269.jar    =>.SUP.Temporary.Empty
MOVIDO archivo: C:\WINDOWS\Installer\MSIE0D7.tmp-  =>.SUP.Empty
MOVIDO archivo: C:\Users\masu1\AppData\LocalLow\Adobe  =>.SUP.Empty
MOVIDO archivo: C:\Users\masu1\AppData\LocalLow\AMD  =>.SUP.Empty


---\\  Registro ( Claves, Valores, Datos) (7)
BORRADOS dados: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{08a93d5a-193a-42a4-ba86-316ec1db6f85}\\NameServer [Bad : 1.1.1.1,1.0.0.1]  =>Hijacker.Browser
BORRADOS clave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\01C2B9A91E15D745790BEBE82E5351AC [C:\Program Files\Autodesk\3ds Max 2017\UI_ln\Resources\Dark\Icons\Main\Gravity Space Warp - Gravity_Objects Space Warps - 16.png]  =>PUP.Optional.GravitySpace
BORRADOS valor: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\GXT155gmmouseRun [C:\Program Files (x86)\Trust GXT 155 Gaming Mouse\GXT155mon.exe]  =>Heuristic.Salus
BORRADOS valor: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Akamai NetSession Interface [0x03000000482063000546D401]  =>.SUP.AkamaiHD
BORRADOS valor: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\GoogleChromeAutoLaunch_6EE2BE9CFE5F39A47627CF797E6F3B77 [0x03000000C325726F970CD401]  =>Heuristic.Suspect
BORRADOS valor: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\AvastBrowserAutoLaunch_D9EA7E6DC50670EC4DFE133A427F58D7 [0x020000000000000000000000]  =>Heuristic.Suspect
BORRADOS valor: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\DAEMON Tools Lite Automount [0x030000000B36A05B970CD401]  =>Heuristic.Suspect


---\\  Resumen de elementos en su estaci贸n de trabajo (8)
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>Heuristic.Salus
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Empty
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.MSIInstaller
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.Empty
https://nicolascoolman.eu/2017/11/10/hijacker-browser-3/  =>Hijacker.Browser
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>PUP.Optional.GravitySpace
https://nicolascoolman.eu/2017/12/26/sup-akamaihd/  =>.SUP.AkamaiHD
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/  =>Heuristic.Suspect


---\\ Limpieza adicional. (5)
~ Clave de registro Tracing borrados (5)
~ Quitar los antiguos informes de ZHPCleaner. (0)


---\\ Resultado de la reparaci贸n.
~ Reparaci贸n llevada a cabo con 茅xito
~ falta este navegador! (Mozilla Firefox)
~ falta este navegador! (Opera Software)


---\\ STATISTIQUES
~ Items escaneado : 627
~ Items encontrado : 0
~ art铆culos cancelados : 0
~ Items opciones : 12/12
~ Ahorro de espacio (bytes) : 0


~ End of clean in 00h00mn13s

---\\  Reporte (2)
ZHPCleaner-[S]-20022019-21_26_55.txt
ZHPCleaner-[R]-20022019-21_29_48.txt

Malwarebytes:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del an谩lisis: 20/2/19
Hora del an谩lisis: 21:31
Archivo de registro: 7bb1ef10-354e-11e9-82dc-902b34ad66f3.json
Administrador: S铆

-Informaci贸n del software-
Versi贸n: 3.5.1.2522
Versi贸n de los componentes: 1.0.365
Versi贸n del paquete de actualizaci贸n: 1.0.9360
Licencia: Gratis

-Informaci贸n del sistema-
SO: Windows 10 (Build 17763.316)
CPU: x64
Sistema de archivos: NTFS
Usuario: MASU-PC\masu1

-Resumen del an谩lisis-
Tipo de an谩lisis: An谩lisis de amenazas
An谩lisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 361759
Amenazas detectadas: 0
(No hay elementos maliciosos detectados)
Amenazas en cuarentena: 0
(No hay elementos maliciosos detectados)
Tiempo transcurrido: 1 min, 43 seg

-Opciones de an谩lisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heur铆stica: Activado
PUP: Detectar
PUM: Detectar

-Detalles del an谩lisis-
Proceso: 0
(No hay elementos maliciosos detectados)

M贸dulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector f铆sico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Un Saludo.


#7

Hola:

Pudiste realizar los pasos para restaurar la configuraci贸n de Google Chrome?

Realiza lo siguiente:

1.- Desactiva temporalmente su antivirus y cualquier programa de seguridad.

2.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versi贸n adecuada para la arquitectura (32 o 64bits) de su equipo. >> Como saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el bot贸n Scan y esperamos a que concluya el proceso.
  • Se abriran dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Gu铆a: Como Ejecutar FRST

3.- En tu pr贸xima respuesta, pega los reportes generados.

Gu铆a : 驴Como Pegar reportes en el Foro?

Esperamos esos reporte.

Revisa el Manual que te deje en donde dice Cuarentena para restaurar solo el driver del rat贸n.

Salu2


#8

Hola.

Si, pude restaurar la configuraci贸n de Chrome correctamente. Dejo los reportes.

FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.02.2019
Ran by masu1 (administrator) on MASU-PC (20-02-2019 22:38:13)
Running from C:\Users\masu1\Desktop
Loaded Profiles: masu1 (Available Profiles: masu1)
Platform: Windows 10 Pro Version 1809 17763.316 (X64) Language: Espa帽ol (Espa帽a, internacional)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\DriverStore\FileRepository\c0338124.inf_amd64_923c69fb6002c3cc\B337967\atiesrxx.exe
(AMD) C:\Windows\System32\DriverStore\FileRepository\c0338124.inf_amd64_923c69fb6002c3cc\B337967\atieclxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
() C:\Program Files (x86)\Trust GXT 155 Gaming Mouse\ETGMSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
() C:\Program Files (x86)\Trust GXT 155 Gaming Mouse\GXT155mon.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe
(Plex) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1811.3241.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

...\Run: [SecurityHealth] => C:\WINDOWS\system32\SecurityHealthSystray.exe [83968 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [123488 2017-11-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
...\Run: [pac] => C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe [339464 2016-02-10] (Autodesk, Inc. -> Autodesk, Inc.)
...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [700328 2017-01-06] (Autodesk, Inc -> Autodesk, Inc.)
...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle America, Inc. -> Oracle Corporation)
...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
...\Run: [GXT155gmmouseRun] => C:\Program Files (x86)\Trust GXT 155 Gaming Mouse\GXT155mon.exe [3310080 2015-05-28] () [File not signed]
HKU\S-1-5-21-1222199915-4118299630-1394755374-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [729704 2018-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1222199915-4118299630-1394755374-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3133216 2019-01-05] (Valve -> Valve Corporation)
HKU\S-1-5-21-1222199915-4118299630-1394755374-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [18398696 2018-07-18] (Plex, Inc -> Plex, Inc.)
HKU\S-1-5-21-1222199915-4118299630-1394755374-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19646312 2019-02-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1222199915-4118299630-1394755374-1001\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\utorrent.exe [399224 2018-07-19] (BitTorrent Inc -> BitTorrent, Inc.)
HKU\S-1-5-21-1222199915-4118299630-1394755374-1001\...\Policies\Explorer: [] 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.109\Installer\chrmstp.exe [2019-02-15] (Google LLC -> Google Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e1f9ddd3-1488-4598-8560-4943451c423a}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-1222199915-4118299630-1394755374-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.es/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-01-07] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-12-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-07-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-07-21] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-04] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-07-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-07-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-01-07] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.es/
CHR StartupUrls: Default -> "hxxp://www.google.es/","hxxps://www.google.com/"
CHR NewTab: Default ->  Active:"chrome-extension://oogmkbpkoblajkomflhkkdmbfggdmefd/inicio.html"
CHR Profile: C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default [2019-02-20]
CHR Extension: (Presentaciones) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-20]
CHR Extension: (Documentos) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-20]
CHR Extension: (Google Drive) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-20]
CHR Extension: (YouTube) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-20]
CHR Extension: (Anonymous Proxy Browser) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjnfcmkfdcoeckplikldabeggcohmbmj [2018-06-21]
CHR Extension: (uBlock Origin) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-02-15]
CHR Extension: (Hojas de c谩lculo) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-20]
CHR Extension: (Documentos de Google sin conexi贸n) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (SearchPreview) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo [2018-11-05]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-20]
CHR Extension: (Context Menu Search) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocpcmghnefmdhljkoiapafejjohldoga [2018-06-21]
CHR Extension: (nueva metroTab) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\oogmkbpkoblajkomflhkkdmbfggdmefd [2018-06-21]
CHR Extension: (uBlock Origin Extra) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgdnlhfefecpicbbihgmbmffkjpaplco [2019-01-15]
CHR Extension: (X-notifier Neo) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pheccebhjjlenlidbnddkjgpgfhokmio [2019-02-03]
CHR Extension: (Gmail) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-06-20]
CHR Extension: (Chrome Media Router) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-15]
CHR Extension: (RSS Feed Reader) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2019-01-31]
CHR Profile: C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-02-20]
CHR Profile: C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-02-20]
CHR Extension: (Presentaciones) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-22]
CHR Extension: (Documentos) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-25]
CHR Extension: (Google Drive) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-25]
CHR Extension: (YouTube) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-25]
CHR Extension: (X-notifier (for Gmail鈩,Hotmail,Yahoo,AOL...)) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cdfjbkbddpfnoplfhceolpopfoepleco [2019-02-04]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-01-23]
CHR Extension: (uBlock Origin) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-02-12]
CHR Extension: (Hojas de c谩lculo) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-22]
CHR Extension: (Documentos de Google sin conexi贸n) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22]
CHR Extension: (SearchPreview) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo [2018-11-07]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-22]
CHR Extension: (nueva metroTab) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oogmkbpkoblajkomflhkkdmbfggdmefd [2018-06-22]
CHR Extension: (Gmail) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-06-25]
CHR Extension: (Chrome Media Router) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-15]
CHR Extension: (RSS Feed Reader) - C:\Users\masu1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2019-01-31]
CHR Profile: C:\Users\masu1\AppData\Local\Google\Chrome\User Data\System Profile [2019-02-20]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1290744 2017-01-06] (Autodesk, Inc -> Autodesk Inc.)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0338124.inf_amd64_923c69fb6002c3cc\B337967\atiesrxx.exe [507904 2019-01-17] (Advanced Micro Devices, Inc. -> AMD)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6758976 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357304 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11013280 2019-02-07] (Microsoft Corporation -> Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3606632 2018-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 ETGMGlcsSrv; C:\Program Files (x86)\Trust GXT 155 Gaming Mouse\ETGMSrv.exe [1181544 2012-04-24] (Eastern Times Technology Co.,Ltd -> )
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2232296 2018-07-18] (Plex, Inc -> Plex, Inc.)
R2 SamsungRapidSvc; C:\WINDOWS\System32\RAPID\SamsungRapidSvc.exe [28768 2017-11-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5381128 2019-01-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3830488 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [655552 2015-07-14] (Wacom Technology Corp. -> Wacom Technology, Corp.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0338124.inf_amd64_923c69fb6002c3cc\B337967\atikmdag.sys [52792320 2019-01-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0338124.inf_amd64_923c69fb6002c3cc\B337967\atikmpag.sys [589824 2019-01-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [225680 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196072 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320696 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57960 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-22] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249672 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167304 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034432 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474456 2019-02-15] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216784 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [379952 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [107400 2018-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-06-21] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-06-21] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EnigmaFileMonDriver; C:\Windows\system32\Drivers\EnigmaFileMonDriver.sys [61624 2018-09-02] (EnigmaSoft Limited -> EnigmaSoft Limited)
S1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [53360 2015-07-14] (ESET, spol. s r.o. -> ESET)
S3 hidkmdf; C:\WINDOWS\System32\drivers\hidkmdf.sys [14104 2015-04-28] (Wacom Technology Corp. -> Windows (R) Win 7 DDK provider)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [605696 2018-09-15] (Microsoft Windows -> Realtek )
R0 SamsungRapidDiskFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidDiskFltr.sys [287360 2017-11-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidFSFltr.sys [119424 2017-11-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 usbglcs1100302; C:\WINDOWS\system32\drivers\usbglcs1100302.sys [25600 2014-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [47616 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-20 22:38 - 2019-02-20 22:38 - 000022646 _____ C:\Users\masu1\Desktop\FRST.txt
2019-02-20 22:38 - 2019-02-20 22:38 - 000000000 ____D C:\FRST
2019-02-20 22:10 - 2019-02-20 22:37 - 002435072 _____ (Farbar) C:\Users\masu1\Desktop\FRST64.exe
2019-02-20 21:33 - 2019-02-20 21:33 - 000001644 _____ C:\Users\masu1\Desktop\malwarebytes.txt
2019-02-20 21:29 - 2019-02-20 21:30 - 000000000 ____D C:\Users\masu1\AppData\LocalLow\AMD
2019-02-20 21:26 - 2019-02-20 21:29 - 000005242 _____ C:\Users\masu1\Desktop\ZHPCleaner.txt
2019-02-20 21:16 - 2019-02-20 21:16 - 000001730 _____ C:\Users\masu1\Desktop\AdwCleaner[C00].txt
2019-02-20 21:14 - 2019-02-20 21:14 - 000000000 ____D C:\AdwCleaner
2019-02-17 20:22 - 2019-02-17 20:22 - 000002580 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Empresarial.lnk
2019-02-17 20:22 - 2019-02-17 20:22 - 000002531 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-02-17 20:22 - 2019-02-17 20:22 - 000002512 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-02-17 20:22 - 2019-02-17 20:22 - 000002494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-02-17 20:22 - 2019-02-17 20:22 - 000002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-02-17 20:22 - 2019-02-17 20:22 - 000002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-02-17 20:22 - 2019-02-17 20:22 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-02-17 20:22 - 2019-02-17 20:22 - 000002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-02-17 20:22 - 2019-02-17 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office
2019-02-14 21:53 - 2019-02-20 21:15 - 000003096 _____ C:\WINDOWS\System32\Tasks\AMDLinkUpdate
2019-02-14 21:53 - 2019-02-18 21:18 - 000002392 _____ C:\WINDOWS\System32\Tasks\ModifyLinkUpdate
2019-02-14 21:53 - 2019-02-14 21:53 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2019-02-14 21:53 - 2019-02-14 21:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2019-02-14 21:53 - 2019-02-14 21:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\##ID_STRING16##
2019-02-13 16:53 - 2019-02-13 16:53 - 026807296 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 023439360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 020812288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 019023872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 009683984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-02-13 16:53 - 2019-02-13 16:53 - 007883776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 007645600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 006540424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 006070272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 004885504 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 004688896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 004627456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 003922944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 003743744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 003662336 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-02-13 16:53 - 2019-02-13 16:53 - 002927120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-02-13 16:53 - 2019-02-13 16:53 - 002721280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-02-13 16:53 - 2019-02-13 16:53 - 002626592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-02-13 16:53 - 2019-02-13 16:53 - 002469648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 002437552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 002021584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 001969680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-02-13 16:53 - 2019-02-13 16:53 - 001700864 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 001671864 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 001467560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 001255736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-02-13 16:53 - 2019-02-13 16:53 - 001050936 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-02-13 16:53 - 2019-02-13 16:53 - 001050624 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 000982576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 000982032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-02-13 16:53 - 2019-02-13 16:53 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-02-13 16:53 - 2019-02-13 16:53 - 000765960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 000577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-02-13 16:53 - 2019-02-13 16:53 - 000475152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-02-13 16:53 - 2019-02-13 16:53 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 000421904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 000419128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-02-13 16:53 - 2019-02-13 16:53 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-02-13 16:53 - 2019-02-13 16:53 - 000387384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-02-13 16:53 - 2019-02-13 16:53 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-02-13 16:53 - 2019-02-13 16:53 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-02-13 16:53 - 2019-02-13 16:53 - 000090424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 000047136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-02-13 16:53 - 2019-02-13 16:53 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-02-13 16:53 - 2019-02-13 16:53 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 000039304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 000033056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2019-02-13 16:53 - 2019-02-13 16:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-02-13 16:53 - 2019-02-13 16:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-02-13 16:53 - 2019-02-13 16:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-02-13 16:53 - 2019-02-13 16:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-02-13 16:53 - 2019-02-13 16:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-02-13 16:53 - 2019-02-13 16:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-02-13 16:53 - 2019-02-13 16:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-02-13 16:53 - 2019-02-13 16:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-02-13 16:53 - 2019-02-13 16:53 - 000000072 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2019-02-13 10:33 - 2019-02-13 10:33 - 000249672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-02-11 21:21 - 2019-02-11 21:20 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-02-06 22:04 - 2019-02-06 22:04 - 022111856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 019284480 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 017520640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 015224832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 008875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 007897088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 007724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 005584864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 005565952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 005561856 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 005527552 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 005440008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 005205464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 005112792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 004991096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 004702704 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-02-06 22:04 - 2019-02-06 22:04 - 004526080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 004298752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 004019200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 003982848 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 003556352 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 003386368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 002992640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 002942464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 002776920 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 002766136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 002702528 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 002689024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 002618880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 002488320 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-02-06 22:04 - 2019-02-06 22:04 - 002466304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 002392576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 002298880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 002278448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 002275888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 002187264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 002149368 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 002085376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 002072728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001994768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001720936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001715712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001700880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001696936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-02-06 22:04 - 2019-02-06 22:04 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001641400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001604096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001533440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001467384 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-02-06 22:04 - 2019-02-06 22:04 - 001462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001446400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001341584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-02-06 22:04 - 2019-02-06 22:04 - 001331744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001309184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001289192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001282640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001271608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001259024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-02-06 22:04 - 2019-02-06 22:04 - 001258512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-02-06 22:04 - 2019-02-06 22:04 - 001254912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001221120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-02-06 22:04 - 2019-02-06 22:04 - 001209360 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001200920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001178344 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-02-06 22:04 - 2019-02-06 22:04 - 001168384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001054200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-02-06 22:04 - 2019-02-06 22:04 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2019-02-06 22:04 - 2019-02-06 22:04 - 000970256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\assignedaccessmanagersvc.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000901632 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000887808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000865784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000864056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2019-02-06 22:04 - 2019-02-06 22:04 - 000850968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000822448 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000806560 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-02-06 22:04 - 2019-02-06 22:04 - 000806560 _____ C:\WINDOWS\system32\locale.nls
2019-02-06 22:04 - 2019-02-06 22:04 - 000800256 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000799568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000794112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000762272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000752136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-02-06 22:04 - 2019-02-06 22:04 - 000744960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000741888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000726208 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000652320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000651792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-02-06 22:04 - 2019-02-06 22:04 - 000651304 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-02-06 22:04 - 2019-02-06 22:04 - 000649272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000629576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000622592 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000612368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-02-06 22:04 - 2019-02-06 22:04 - 000604552 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-02-06 22:04 - 2019-02-06 22:04 - 000588304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-02-06 22:04 - 2019-02-06 22:04 - 000580024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000535048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-02-06 22:04 - 2019-02-06 22:04 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-02-06 22:04 - 2019-02-06 22:04 - 000522312 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-02-06 22:04 - 2019-02-06 22:04 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000506408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000496872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2019-02-06 22:04 - 2019-02-06 22:04 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000430904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2019-02-06 22:04 - 2019-02-06 22:04 - 000429056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000408800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-02-06 22:04 - 2019-02-06 22:04 - 000375544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-02-06 22:04 - 2019-02-06 22:04 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000353488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasppp.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000298296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2019-02-06 22:04 - 2019-02-06 22:04 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasppp.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000277536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000276488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTF.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000263360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000262672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-02-06 22:04 - 2019-02-06 22:04 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000203280 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MTF.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000195896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-02-06 22:04 - 2019-02-06 22:04 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000193032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2019-02-06 22:04 - 2019-02-06 22:04 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSrv.exe
2019-02-06 22:04 - 2019-02-06 22:04 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\spopk.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000157192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2019-02-06 22:04 - 2019-02-06 22:04 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000148480 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2019-02-06 22:04 - 2019-02-06 22:04 - 000146888 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2019-02-06 22:04 - 2019-02-06 22:04 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2019-02-06 22:04 - 2019-02-06 22:04 - 000132104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-02-06 22:04 - 2019-02-06 22:04 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spopk.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000121872 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2019-02-06 22:04 - 2019-02-06 22:04 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcln.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000114856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcln.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000097592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2019-02-06 22:04 - 2019-02-06 22:04 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlahc.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\PktMon.exe
2019-02-06 22:04 - 2019-02-06 22:04 - 000091424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\nslookup.exe
2019-02-06 22:04 - 2019-02-06 22:04 - 000080400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2019-02-06 22:04 - 2019-02-06 22:04 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nslookup.exe
2019-02-06 22:04 - 2019-02-06 22:04 - 000074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
2019-02-06 22:04 - 2019-02-06 22:04 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo-overrides.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpkinstall.exe
2019-02-06 20:20 - 2019-02-06 20:20 - 000001296 _____ C:\Users\masu1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\utorrent.lnk
2019-02-05 20:59 - 2019-02-20 21:08 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-02-05 20:59 - 2019-02-18 21:18 - 000002238 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-02-05 20:59 - 2019-02-06 22:06 - 000000000 ____D C:\Program Files\CCleaner
2019-02-05 20:59 - 2019-02-05 20:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-02-05 20:56 - 2019-02-11 21:20 - 000225680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-02-04 14:56 - 2019-02-04 15:40 - 000000000 ____D C:\Users\masu1\Desktop\sol
2019-01-26 12:56 - 2019-01-26 13:09 - 000000000 ____D C:\Users\masu1\AppData\Roaming\renault
2019-01-26 12:56 - 2019-01-26 12:56 - 000000000 ____D C:\Users\masu1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Renault Media Nav
2019-01-26 12:56 - 2019-01-26 12:56 - 000000000 ____D C:\Program Files (x86)\Renault Media Nav
2019-01-22 19:29 - 2019-02-11 21:20 - 000320696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-01-22 19:29 - 2019-02-11 21:20 - 000196072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-01-22 19:29 - 2019-02-11 21:20 - 000057960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-01-22 19:29 - 2019-02-11 21:20 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-01-22 19:10 - 2019-01-29 11:14 - 000000000 ____D C:\Users\masu1\Desktop\u帽as

#9

Contin煤a


==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-20 22:35 - 2019-01-13 14:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-02-20 21:51 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-02-20 21:30 - 2018-07-19 21:54 - 000000000 ____D C:\Program Files (x86)\Trust GXT 155 Gaming Mouse
2019-02-20 21:19 - 2019-01-13 14:57 - 001773362 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-02-20 21:19 - 2018-09-15 17:37 - 000788392 _____ C:\WINDOWS\system32\perfh00A.dat
2019-02-20 21:19 - 2018-09-15 17:37 - 000155682 _____ C:\WINDOWS\system32\perfc00A.dat
2019-02-20 21:19 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2019-02-20 21:16 - 2018-07-19 21:11 - 000000000 ____D C:\Users\masu1\AppData\Roaming\uTorrent
2019-02-20 21:16 - 2018-07-17 19:37 - 000000000 ____D C:\Users\masu1\AppData\Local\CrashDumps
2019-02-20 21:15 - 2019-01-13 14:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-02-20 21:15 - 2018-09-15 07:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-02-20 21:15 - 2018-06-21 22:02 - 000000638 _____ C:\WINDOWS\Tasks\TrackerAutoUpdate.job
2019-02-20 21:15 - 2018-06-20 21:12 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-02-20 21:13 - 2018-06-21 20:49 - 000000000 ____D C:\Program Files\JDownloader
2019-02-20 21:10 - 2018-06-27 17:05 - 000000000 ____D C:\Users\masu1\AppData\Roaming\MPC-HC
2019-02-20 21:09 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-02-20 12:19 - 2018-06-21 18:45 - 000000000 ____D C:\Users\masu1\AppData\Roaming\AIMP
2019-02-20 12:04 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-02-20 12:03 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-02-20 12:03 - 2018-06-21 16:11 - 000000000 ____D C:\Users\masu1\AppData\Local\D3DSCache
2019-02-19 13:36 - 2019-01-09 13:59 - 000000000 ____D C:\Users\masu1\Desktop\Nueva carpeta
2019-02-19 12:23 - 2018-07-06 14:42 - 000000033 _____ C:\Users\masu1\AppData\Roaming\AdobeWLCMCache.dat
2019-02-18 21:18 - 2019-01-13 14:55 - 000003548 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-02-18 21:18 - 2019-01-13 14:55 - 000003324 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-02-18 21:18 - 2019-01-13 14:55 - 000002882 _____ C:\WINDOWS\System32\Tasks\TrackerAutoUpdate
2019-02-18 21:18 - 2019-01-13 14:55 - 000002534 _____ C:\WINDOWS\System32\Tasks\SamsungMagician
2019-02-18 21:18 - 2019-01-13 14:55 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-02-18 15:39 - 2018-06-21 18:14 - 000000000 ____D C:\Users\masu1\AppData\Local\ElevatedDiagnostics
2019-02-17 20:21 - 2018-06-21 17:39 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-02-15 14:06 - 2018-10-15 17:50 - 000474456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-02-15 10:07 - 2018-06-20 21:36 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-02-14 21:54 - 2018-06-20 21:24 - 000000000 ____D C:\Users\masu1\AppData\Local\AMD
2019-02-14 21:53 - 2018-06-20 21:12 - 000000000 ____D C:\Program Files\AMD
2019-02-14 21:52 - 2018-06-27 18:58 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2019-02-14 21:44 - 2019-01-13 14:48 - 000545008 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-02-14 21:43 - 2018-06-21 16:30 - 000000000 ____D C:\Program Files (x86)\AMD
2019-02-14 21:41 - 2018-12-07 09:53 - 000000000 ____D C:\AMD
2019-02-14 21:41 - 2018-07-19 16:47 - 000000060 _____ C:\ProgramData\SoftwareUpdateTemp.xml
2019-02-13 19:54 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-02-13 19:54 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-13 16:54 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-02-13 16:51 - 2018-06-21 16:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-02-13 16:49 - 2018-06-21 16:41 - 129330784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-02-12 14:34 - 2019-01-13 14:55 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-02-11 21:21 - 2018-09-15 08:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-02-11 21:20 - 2018-10-15 17:50 - 001034432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-02-11 21:20 - 2018-10-15 17:50 - 000379952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-02-11 21:20 - 2018-10-15 17:50 - 000216784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-02-11 21:20 - 2018-10-15 17:50 - 000205400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-02-11 21:20 - 2018-10-15 17:50 - 000167304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-02-11 21:20 - 2018-10-15 17:50 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-02-11 21:20 - 2018-10-15 17:50 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-02-11 21:20 - 2018-10-15 17:50 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-02-08 16:38 - 2018-07-12 16:50 - 000000000 ____D C:\ProgramData\Packages
2019-02-07 15:12 - 2018-07-23 09:41 - 000000000 ____D C:\3D CASA AYUDA
2019-02-07 12:48 - 2018-06-21 19:38 - 000000000 ____D C:\Users\masu1\AppData\Roaming\MiniLyrics
2019-02-06 22:06 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\TextInput
2019-02-06 22:06 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-02-06 22:06 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-02-06 22:06 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-02-06 22:06 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-02-06 22:06 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-02-06 22:06 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-02-06 22:06 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-02-06 22:06 - 2018-06-20 21:24 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-02-06 22:06 - 2018-06-20 21:24 - 000000000 ___RD C:\Users\masu1\3D Objects
2019-02-06 22:05 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\servicing
2019-02-06 20:11 - 2018-07-19 21:11 - 000000000 ____D C:\Program Files (x86)\uTorrent
2019-02-06 19:14 - 2018-08-23 18:09 - 000000000 ____D C:\Users\masu1\AppData\Local\ESET
2019-02-05 21:04 - 2018-06-20 21:24 - 000000000 ____D C:\Users\masu1\AppData\Local\Packages
2019-02-05 21:00 - 2019-01-11 17:53 - 000000000 ___DC C:\WINDOWS\Panther
2019-02-04 21:58 - 2019-01-11 16:25 - 000000000 ____D C:\Users\masu1\AppData\Roaming\discord
2019-02-04 18:48 - 2019-01-11 16:25 - 000002237 _____ C:\Users\masu1\Desktop\Discord.lnk
2019-02-04 18:48 - 2019-01-11 16:25 - 000000000 ____D C:\Users\masu1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2019-02-04 18:48 - 2019-01-11 16:25 - 000000000 ____D C:\Users\masu1\AppData\Local\Discord
2019-02-03 19:39 - 2018-06-20 21:13 - 000000000 ____D C:\ProgramData\Package Cache
2019-02-01 23:31 - 2018-09-15 08:36 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-02-01 23:31 - 2018-09-15 08:36 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-24 21:28 - 2018-06-25 18:02 - 000000000 ____D C:\Program Files (x86)\Steam
2019-01-22 23:14 - 2019-01-13 14:50 - 000000000 ____D C:\Users\masu1
2019-01-22 19:29 - 2018-10-15 17:50 - 000015488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2019-01-22 19:26 - 2019-01-18 19:02 - 000000000 ____D C:\Users\masu1\AppData\Roaming\WTablet

==================== Files in the root of some directories =======

2018-07-06 14:42 - 2019-02-19 12:23 - 000000033 _____ () C:\Users\masu1\AppData\Roaming\AdobeWLCMCache.dat

Some files in TEMP:
====================
2019-02-20 21:12 - 2019-02-20 21:12 - 000043520 ____N () C:\Users\masu1\AppData\Local\Temp\proxy_vole5702089277304327879.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

#10

Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.02.2019
Ran by masu1 (20-02-2019 22:39:05)
Running from C:\Users\masu1\Desktop
Windows 10 Pro Version 1809 17763.316 (X64) (2019-01-13 13:55:54)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1222199915-4118299630-1394755374-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1222199915-4118299630-1394755374-503 - Limited - Disabled)
Invitado (S-1-5-21-1222199915-4118299630-1394755374-501 - Limited - Disabled)
masu1 (S-1-5-21-1222199915-4118299630-1394755374-1001 - Administrator - Enabled) => C:\Users\masu1
WDAGUtilityAccount (S-1-5-21-1222199915-4118299630-1394755374-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

碌Torrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
ACA & MEP 2018 Object Enabler (HKLM\...\{28B89EEF-1004-0000-5102-CF3F3A09B77D}) (Version: 8.0.40.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-1001-0000-3102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Adobe Illustrator CC 2018 (HKLM-x32\...\ILST_22_0_0) (Version: 22.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0) (Version: 19.0 - Adobe Systems Incorporated)
AIMP (HKLM-x32\...\AIMP) (Version: v4.51.2084, 01.12.2018 - AIMP DevTeam)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.1.1 - Advanced Micro Devices, Inc.)
Aplicaci贸n de escritorio de Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.4.332 - Autodesk)
AutoCAD 2018 - Espa帽ol (Spanish) (HKLM\...\{28B89EEF-1001-040A-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD 2018  Language Pack - Espa帽ol (Spanish) (HKLM\...\{28B89EEF-1001-040A-1102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD 2018 (HKLM\...\{28B89EEF-1001-0000-0102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Autodesk 3ds Max 2017 (HKLM\...\{52B37EC7-D836-0410-0664-3C24BCED2010}) (Version: 19.0.1072.0 - Autodesk) Hidden
Autodesk 3ds Max 2017 (HKLM\...\Autodesk 3ds Max 2017) (Version: 19.0.1072.0 - Autodesk)
Autodesk 3ds Max 2017 Populate Data (HKLM\...\{2B07E17E-A072-43BD-9DCC-369B56C16698}) (Version: 19.0.0.0 - Autodesk)
Autodesk A360 Collaboration for Revit 2017 (HKLM\...\{AA384BE4-1700-0010-0000-97E7D7D00B17}) (Version: 17.0.416.0 - Autodesk) Hidden
Autodesk A360 Collaboration for Revit 2017 (HKLM\...\Autodesk A360 Collaboration for Revit 2017) (Version: 17.0.416.0 - Autodesk)
Autodesk Advanced Material Library Image Library 2017 (HKLM-x32\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk AutoCAD 2018 - Espa帽ol (Spanish) (HKLM\...\AutoCAD 2018 - Espa帽ol (Spanish)) (Version: 22.0.49.0 - Autodesk)
Autodesk Backburner 2017.0 (HKLM-x32\...\{0038F5AA-8482-4BB2-8A28-3FEA1D58D780}) (Version: 17.0.0.0 - Autodesk)
Autodesk BIM 360 Revit 2017 Add-in 64 bit (HKLM\...\{A26EBAD5-9591-407F-9D6C-C7A4F3DFE506}) (Version: 4.37.6853 - Autodesk)
Autodesk Civil View for 3ds Max 2017 64-bit (HKLM\...\{1C4FFAF0-7DBB-4F7A-A386-46747D060826}) (Version: 19.0.0.0 - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2017 (HKLM\...\{9167CA34-4E68-49E3-8892-3C439739D2D3}) (Version: 19.0 - Autodesk)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk License Service (x64) - 5.1.4 (HKLM\...\{3609A8D9-FC0C-4C9B-9F58-0B1D1A4FE556}) (Version: 5.1.4.0 - Autodesk)
Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2017 (HKLM-x32\...\{360AC116-6CD4-4E7D-8174-28D47B05E898}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2017 (HKLM-x32\...\{CB6E007E-701D-42CD-AF0E-4BE9C36C7F7C}) (Version: 15.11.3.0 - Autodesk)
Autodesk Revit 2017 (HKLM\...\Autodesk Revit 2017) (Version: 17.0.416.0 - Autodesk)
Autodesk Revit 2017 (HKLM\...\Revit 2017) (Version:  - )
Autodesk Revit Content Libraries 2017 - Espa帽ol (Spanish) (HKLM\...\Autodesk Revit Content Libraries 2017 - Espa帽ol (Spanish)) (Version: 17.0.416.0 - Autodesk)
Autodesk Revit Content Libraries 2017 - Espa帽ol (Spanish) (HKLM\...\Revit Content Libraries 2017 - Espa帽ol (Spanish)) (Version:  - )
Autodesk Revit Interoperability for 3ds Max 2017 (HKLM\...\{0BB716E0-1700-0610-0000-097DC2F354DF}) (Version: 17.0.411.0 - Autodesk) Hidden
Autodesk Revit Interoperability for 3ds Max 2017 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2017) (Version: 17.0.411.0 - Autodesk)
Autodesk Revit MEP Imperial Content v2.0 (HKLM\...\{F2538944-3E07-4E97-B41A-FC48AB53EE9D}) (Version: 2.0 - Autodesk)
Autodesk Revit MEP Metric Content v2.0 (HKLM\...\{DEF775C7-84BF-4730-976A-FE3747F1757C}) (Version: 2.0 - Autodesk)
Autodesk Workflows 2017 (HKLM\...\{23A13F78-5B67-441A-ABF9-48BE8B5455DB}) (Version: 15.11.13.0 - Autodesk, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{A16E186C-58C4-3BDC-5CCE-714EFEF5F27F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{E42911E5-48F8-8557-ED20-D72AD1907D25}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B4C30EF4-B2C5-1395-B534-7B63BCB6E8E4}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{62098A5F-E03B-31A3-5F9C-51A7F7D25744}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{1757AD9B-0E3C-05F9-FE43-4343BED7DA85}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{66B06F29-EE4F-9130-D96A-754826093FEA}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{821D0A0E-F246-BE40-0D68-93883C14C410}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{88BD74C4-23AB-4554-915C-6E1F0C81F6CD}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A48E2AB0-0866-7783-9657-E1709EB18D02}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{E61CEF9A-BAC3-EAEE-F735-E257D2354DF2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{DA0326BB-657D-AAFC-752C-363E8FA33755}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{B873A1FB-5EA0-EE5F-A861-1E38880AD08E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{EC9DF9FF-9D75-4CDD-1D58-A2E887B0A42E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{7ABACA7E-6E59-0EF9-8FA3-6B32E5F58127}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3E196AAF-F81C-B384-E2AB-28EE2398FE5F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DAEFFE0C-CD05-1355-6AFC-7B3D4106A820}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{E392A425-53A7-DF90-96A0-E287A75DD3B2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{D6F47BB4-700A-F612-0671-5F69EA311BB7}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{01FD9A26-3F61-9236-B360-BE5D043D82C0}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{64D4CCC3-63DF-252D-D29D-03491670225D}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{8DF90937-B869-9F76-5D45-5A8BDA0A33B6}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.53 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.8.0.0466 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-1222199915-4118299630-1394755374-1001\...\Discord) (Version: 0.0.304 - Discord Inc.)
Dynamo 0.9.1 (HKLM\...\{85626FB3-CAF9-49C1-AA28-E3C75164BD6F}) (Version: 0.9.1.4062 - Autodesk)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{B55DB65D-EF6E-4E04-89D5-B03603BF681B}) (Version: 4.4.5 - SEIKO EPSON CORPORATION)
EPSON SX420W Series Printer Uninstall (HKLM\...\EPSON SX420W Series) (Version:  - SEIKO EPSON Corporation)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FileBot (HKLM\...\{3AE33F8A-E542-4B5E-B7D9-BFC9061CB58E}) (Version: 4.7.9 - Reinhard Pointner)
FormIt 360 Converter For Revit 2017 (HKLM\...\{637211B6-D2E9-474A-BF06-4F61F1254104}) (Version: 1.9.0.0 - Autodesk)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.109 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
K-Lite Codec Pack 14.2.5 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.2.5 - KLCP)
Malwarebytes versi贸n 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft Office Profesional Plus 2016 - es-es (HKLM\...\ProPlusRetail - es-es) (Version: 16.0.11231.20174 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
MiniLyrics (HKLM-x32\...\MiniLyrics) (Version: 7.7.49 - Crintsoft)
Mp3tag v2.89a (HKLM-x32\...\Mp3tag) (Version: 2.89a - Florian Heidenreich)
Naviextras Toolbox Prerequesities (HKLM-x32\...\{537575D6-3B96-474C-BD8F-DFF667363DBD}) (Version: 1.0.0 - NNG Llc.)
NVIDIA mental ray and IRay feature plugins for 3ds Max 2017 (HKLM\...\{6ABEC32F-B90F-4499-B3A3-FF8A00948178}) (Version: 19.0.0.0 - Autodesk)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.322.8 - Tracker Software Products Ltd)
Personal Accelerator for Revit (HKLM\...\{7C317DB0-F31F-4024-A289-92CF4B6FB256}) (Version: 16.0.1109.0 - Autodesk) Hidden
Personal Accelerator for Revit (HKLM\...\Personal Accelerator for Revit) (Version: 16.0.1109.0 - Autodesk)
Plex Media Server (HKLM-x32\...\{4A8B062E-AFF0-44B4-9CF8-590BFF5D9AA9}) (Version: 1.13.4271 - Plex, Inc.) Hidden
Plex Media Server (HKLM-x32\...\{73860e66-ed20-44ee-8936-9678b8ec42b0}) (Version: 1.13.4.5271 - Plex, Inc.)
Presto 8.8 (HKLM-x32\...\{099EA4F2-0BE8-443B-B6EE-2B8FDF035DC0}) (Version:  - )
RAPID Mode (HKLM\...\{AE75272A-6421-4A65-80F8-31568BCF6E75}) (Version: 1.0.0.101 - Samsung Electronics Co., Ltd.) Hidden
Renault Media Nav Toolbox (HKLM-x32\...\Renault Media Nav Toolbox) (Version: 3.18.5.740218 - NNG Llc.)
Revit 2017 (HKLM\...\{7346B4A0-1700-0510-0000-705C0D862004}) (Version: 17.0.416.0 - Autodesk) Hidden
Revit Content Libraries 2017 - Espa帽ol (Spanish) (HKLM\...\{941030D0-1700-0410-0000-818BB38A95FC}) (Version: 17.0.416.0 - Autodesk) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.2.1.1780 - Samsung Electronics)
SketchUp 2017 (HKLM\...\{0917C390-BE6D-4B90-9C8B-FF11BA43933A}) (Version: 17.0.18899 - Trimble Navigation Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stopping Plex (HKLM-x32\...\{518CF8EA-ACF3-418F-90DB-AD4309C66917}) (Version: 1.13.4271 - Plex, Inc.) Hidden
Tableta Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.3.13-3 - Wacom Technology Corp.)
Trust GXT 155 Gaming Mouse version 1.2 (HKLM-x32\...\{1B4DB788-BBB5-4F7C-B184-1CBF2865B989}_is1) (Version: 1.2 - TRUST)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
V-Ray 3.4 for SketchUp (HKLM\...\V-Ray 3.4 for SketchUp) (Version: 3.40.04 - Chaos Software Ltd)
V-Ray for 3dsmax 2017 for x64 (HKLM\...\V-Ray for 3dsmax 2017 for x64) (Version: 3.40.01 - Chaos Software Ltd)
V-Ray Online License Server (HKLM\...\V-Ray Online License Server) (Version: 4.4.1 - Chaos Software Ltd)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0-2) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1222199915-4118299630-1394755374-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1222199915-4118299630-1394755374-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1222199915-4118299630-1394755374-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2018\es-ES\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2018-12-07] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2018-12-07] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03695603-0529-413A-9F3C-DE3600352134} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {074A15C7-FBED-442C-BA48-C51943DADF1A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {0B74E373-AE51-44B8-8D01-209118EDB8A4} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {1B7C828F-9CE7-4E19-954E-3783F777AF2C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {3192A595-F45D-4572-AB9F-54E2E3541483} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {347D4696-1C98-4438-9CE6-9FA5C53B06F5} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Task: {3F07C8C6-56E1-42BC-94C4-6CE7867D9C06} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {51215B78-14A8-4CEC-83C8-639B22EB9E68} - System32\Tasks\S-1-5-21-1222199915-4118299630-1394755374-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe (Microsoft Windows -> Microsoft Corporation)
Task: {63C3C1B6-4F37-474A-98C1-C0C90D1910EF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {674BF446-83FB-4C54-B4A0-AA6B880421E3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8A1E640D-FDFE-4F51-8E80-3753663279BC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {8EE12E41-3DEE-4F66-ACB7-01712751DAB1} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe (Advanced Micro Devices, Inc.) [File not signed]
Task: {B641A19E-EB56-423A-BB9B-8C3079752DB3} - no filepath
Task: {B8C9448D-9B7D-4861-8794-A55048B3C895} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C575ED1E-4587-49BB-9877-77CDE44DE741} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {C6F41DEB-A415-49CC-B8F2-375BD42E8A1E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {D4763110-9F7A-4179-B45C-9FDB39DBF237} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {DC9364F7-8540-47F7-8DA0-A8B735BCC198} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {DDD343FC-ACD3-4249-AED6-B6FE17B15822} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe (Advanced Micro Devices, Inc.) [File not signed]
Task: {E8DC41FB-3224-4EA8-A6F1-C6BB9EAC66A2} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\masu1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Loth - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"

#11

Contin煤a


==================== Loaded Modules (Whitelisted) ==============

2018-07-19 21:54 - 2012-04-24 17:42 - 001181544 _____ () C:\Program Files (x86)\Trust GXT 155 Gaming Mouse\ETGMSrv.exe
2018-09-15 08:28 - 2018-09-15 08:28 - 000834088 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 000474624 _____ () C:\Windows\ShellExperiences\TileControl.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 002801152 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-01-18 19:02 - 2015-07-14 11:01 - 001347264 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2019-02-06 22:04 - 2019-02-06 22:04 - 001740800 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2019-02-08 16:38 - 2019-02-08 16:39 - 028028416 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Video.UI.exe
2019-02-08 16:38 - 2019-02-08 16:38 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-04-12 17:29 - 2018-04-12 17:29 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-28 19:45 - 2018-11-28 19:45 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-02-08 16:38 - 2019-02-08 16:38 - 006033408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-02-08 16:38 - 2019-02-08 16:38 - 009338368 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\EntPlat.dll
2019-01-22 19:29 - 2019-01-22 19:29 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-02-11 21:20 - 2019-02-11 21:20 - 000321928 _____ () C:\Program Files\AVAST Software\Avast\serialization.dll
2019-02-11 21:20 - 2019-02-11 21:20 - 000654216 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-07-19 21:54 - 2015-05-28 23:08 - 003310080 _____ () C:\Program Files (x86)\Trust GXT 155 Gaming Mouse\GXT155mon.exe
2019-01-31 18:45 - 2019-01-31 18:46 - 000282624 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-11-06 16:18 - 2018-11-06 16:18 - 002538056 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-31 18:45 - 2019-01-31 18:45 - 001757696 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2018-12-06 22:44 - 2018-12-06 22:44 - 004220928 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1811.3241.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-12-06 22:44 - 2018-12-06 22:44 - 004380232 _____ () C:\Program Files\WindowsApps\Microsoft.UI.Xaml.2.0_2.1810.18004.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-31 18:45 - 2019-01-31 18:47 - 000481280 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-01-31 18:45 - 2019-01-31 18:47 - 080636416 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-06-21 16:21 - 2018-06-21 16:22 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2019-01-31 18:45 - 2019-01-31 18:46 - 003824640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2019-01-17 13:53 - 2019-01-17 13:54 - 000012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2019-01-31 18:45 - 2019-01-31 18:47 - 014225408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2019-01-31 18:45 - 2019-01-31 18:46 - 002871296 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-08-30 19:23 - 2018-08-30 19:24 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-26 20:03 - 2018-07-26 20:04 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-31 18:45 - 2019-01-31 18:47 - 000146432 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\SKU.dll
2018-06-27 17:24 - 2017-01-06 06:53 - 000110584 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson0.dll
2018-06-27 17:24 - 2017-01-06 06:53 - 000061944 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_Service-head.dll
2018-07-18 19:01 - 2018-07-18 19:01 - 000083432 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll
2018-07-18 19:01 - 2018-07-18 19:01 - 000203240 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll
2018-07-18 19:01 - 2018-07-18 19:01 - 001083368 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll
2018-07-18 19:01 - 2018-07-18 19:01 - 000115688 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll
2018-07-18 19:01 - 2018-07-18 19:01 - 000059880 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll
2018-07-18 19:01 - 2018-07-18 19:01 - 000772072 _____ () C:\Program Files (x86)\Plex\Plex Media Server\tag.dll
2018-07-18 19:01 - 2018-07-18 19:01 - 001741288 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_imgproc2411.dll
2018-07-18 19:01 - 2018-07-18 19:01 - 001962984 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_core2411.dll
2018-07-18 19:01 - 2018-07-18 19:01 - 000025576 _____ () C:\Program Files (x86)\Plex\Plex Media Server\lyric_lite.dll
2018-07-18 19:01 - 2018-07-18 19:01 - 001549104 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libstdc++-6.dll
2018-07-18 19:01 - 2018-07-18 19:01 - 000127136 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libgcc_s_dw2-1.dll
2018-07-18 19:01 - 2018-07-18 19:01 - 000050152 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd
2018-07-18 19:01 - 2018-07-18 19:01 - 000071656 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd
2018-07-18 19:01 - 2018-07-18 19:01 - 000024552 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd
2018-07-18 19:01 - 2018-07-18 19:01 - 000041448 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd
2018-07-18 19:01 - 2018-07-18 19:01 - 000930280 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd
2018-07-18 19:01 - 2018-07-18 19:01 - 000074728 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll
2018-07-18 19:01 - 2018-07-18 19:01 - 000190952 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll
2018-07-18 19:01 - 2018-07-18 19:01 - 000218088 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd
2018-07-18 19:01 - 2018-07-18 19:01 - 000018920 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd
2018-07-18 19:01 - 2018-07-18 19:01 - 000095720 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd
2018-07-18 19:01 - 2018-07-18 19:01 - 000143336 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd
2018-07-18 19:01 - 2018-07-18 19:01 - 000694248 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd
2018-07-18 19:01 - 2018-07-18 19:01 - 000064488 _____ () C:\Program Files (x86)\Plex\Plex Media Server\TeVii.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1222199915-4118299630-1394755374-1001\Software\Classes\.scr: AutoCADScriptFile => 

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 00:38 - 2019-01-07 19:27 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\FileBot\;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files (x86)\Autodesk\Backburner\
HKU\S-1-5-21-1222199915-4118299630-1394755374-1001\Control Panel\Desktop\\Wallpaper -> D:\Masu\Im谩genes\Wallpaper\Horizon Zero Dawn.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "pac"
HKLM\...\StartupApproved\Run: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1222199915-4118299630-1394755374-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1222199915-4118299630-1394755374-1001\...\StartupApproved\Run: => "EPSON28AC37 (Epson Stylus SX420W)"
HKU\S-1-5-21-1222199915-4118299630-1394755374-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1222199915-4118299630-1394755374-1001\...\StartupApproved\Run: => "ebf35e66"
HKU\S-1-5-21-1222199915-4118299630-1394755374-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1222199915-4118299630-1394755374-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_6EE2BE9CFE5F39A47627CF797E6F3B77"
HKU\S-1-5-21-1222199915-4118299630-1394755374-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1222199915-4118299630-1394755374-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F825FE9A-D64C-4066-AA2D-EC08593FA12D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{91123385-2283-4E35-910A-3413C507D78C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{27E35420-9C37-481C-BEE1-27A5A5C7D12F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{29110413-4613-4BF0-A78E-079492A9FACD}] => (Allow) LPort=5000
FirewallRules: [{C075A6C3-F2B9-4CD6-AF32-D4C46C51C3E8}] => (Allow) LPort=56597
FirewallRules: [UDP Query User{696C579D-0A48-4989-8E92-710F6499FBE3}C:\program files\sketchup\sketchup 2017\sketchup.exe] => (Allow) C:\program files\sketchup\sketchup 2017\sketchup.exe (Trimble Navigation -> Trimble Navigation Limited)
FirewallRules: [TCP Query User{32DE1CDF-2ABE-48FD-A0E8-3CE5EAD45D9D}C:\program files\sketchup\sketchup 2017\sketchup.exe] => (Allow) C:\program files\sketchup\sketchup 2017\sketchup.exe (Trimble Navigation -> Trimble Navigation Limited)
FirewallRules: [{FB37E05E-A78B-4E91-8320-E0D3E300F7EC}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe (Plex, Inc -> Plex)
FirewallRules: [{4202907E-6CF2-4FED-A957-DA6F28BD4B28}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe (Plex, Inc -> Plex, Inc.)
FirewallRules: [{284B5DEA-9AB7-4E2F-83B5-D0A561CDFE95}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Plex, Inc -> Python Software Foundation)
FirewallRules: [{1EE20F5E-ECF0-45D2-8422-1E83F9D0ACDC}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc -> Plex, Inc.)
FirewallRules: [{42C9026B-6F87-4807-ABA1-6F9E1E67F360}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{D0F845B0-C5ED-47D6-93E6-BC8E2E5F42AB}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{E4E18A62-3CC4-4D29-87AA-D978E4A7355B}] => (Allow) C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe (Chaos Software Ltd.)
FirewallRules: [{D193D820-5E63-4BF4-959B-D8A12AEB1065}] => (Allow) C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe (Chaos Software Ltd.)
FirewallRules: [{93986272-4344-478C-BA6A-C25631824BF8}] => (Allow) C:\Program Files\Chaos Group\V-Ray\V-Ray 3.4 for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe (Chaos Software, Ltd)
FirewallRules: [{DC415020-C809-4AF5-9910-DAB0057335D4}] => (Allow) C:\Program Files\Chaos Group\V-Ray\V-Ray 3.4 for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe (Chaos Software, Ltd)
FirewallRules: [{AF219F22-A3DC-4020-B87D-EEBFDA6E1E3A}] => (Allow) C:\Program Files\Guild Wars 2\Gw2-64.exe (ArenaNet LLC -> ArenaNet)
FirewallRules: [{B89F85A1-F269-4C14-825F-114A7EA40743}] => (Allow) C:\Program Files\Guild Wars 2\Gw2-64.exe (ArenaNet LLC -> ArenaNet)
FirewallRules: [{220584B2-0A60-43CF-8201-C794CDCDE4EC}] => (Allow) C:\Program Files\Guild Wars 2\Gw2-64.exe (ArenaNet LLC -> ArenaNet)
FirewallRules: [{3FEAE281-335A-40A2-9E70-4F4C387B816C}] => (Allow) C:\Program Files\Guild Wars 2\Gw2-64.exe (ArenaNet LLC -> ArenaNet)
FirewallRules: [{2AE66911-B79F-43E9-9F43-C759F44281AF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{DF77D3F3-8369-42CE-87F9-29AE57CBCF3D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E936ED6C-8520-4342-ADA0-D102D02361DC}] => (Allow) C:\Users\masu1\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{27404684-CCB5-4A91-AF1D-B6777B34DA5D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{10522182-2BEC-4343-8136-E02F6148D609}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{06FF53D5-E095-4AC1-A8D2-4CED0994311E}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{64557A06-FDD3-49F8-A033-1F1E0B515DC1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{0FC773AF-91A8-4BAB-80B2-6040BB866A1A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{1FFA1727-443D-4DC1-9212-D73CD4A30CDC}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{8B864D2D-51D3-431A-8F4C-638AEC8D4380}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{6AE93953-563D-4106-8ED9-818AA143E16E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{86E4E185-6B38-4AC1-B889-CE95A8674A01}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{367C4E27-2E01-4168-AF58-CF29032432AA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

13-02-2019 12:09:48 Punto de control programado
14-02-2019 21:42:49 AMDCleanupUtility Restore Point

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/20/2019 09:16:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicaci贸n con errores: utorrent.exe, versi贸n: 2.2.1.25110, marca de tiempo: 0x4d78393f
Nombre del m贸dulo con errores: GDI32.dll, versi贸n: 10.0.17763.1, marca de tiempo: 0x1c1f7575
C贸digo de excepci贸n: 0xc000041d
Desplazamiento de errores: 0x000060d7
Identificador del proceso con errores: 0x18b0
Hora de inicio de la aplicaci贸n con errores: 0x01d4c9591a4c9326
Ruta de acceso de la aplicaci贸n con errores: C:\Program Files (x86)\uTorrent\utorrent.exe
Ruta de acceso del m贸dulo con errores: C:\WINDOWS\System32\GDI32.dll
Identificador del informe: 522a9a3c-26fd-42ca-a695-5727da7c2757
Nombre completo del paquete con errores: 
Identificador de aplicaci贸n relativa del paquete con errores:

Error: (02/20/2019 09:07:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicaci贸n con errores: utorrent.exe, versi贸n: 2.2.1.25110, marca de tiempo: 0x4d78393f
Nombre del m贸dulo con errores: GDI32.dll, versi贸n: 10.0.17763.1, marca de tiempo: 0x1c1f7575
C贸digo de excepci贸n: 0xc000041d
Desplazamiento de errores: 0x000060d7
Identificador del proceso con errores: 0xba8
Hora de inicio de la aplicaci贸n con errores: 0x01d4c9006f2eccc4
Ruta de acceso de la aplicaci贸n con errores: C:\Program Files (x86)\uTorrent\utorrent.exe
Ruta de acceso del m贸dulo con errores: C:\WINDOWS\System32\GDI32.dll
Identificador del informe: a0c2e935-68dd-4e73-a200-4b66bd2bef16
Nombre completo del paquete con errores: 
Identificador de aplicaci贸n relativa del paquete con errores:

Error: (02/18/2019 04:09:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicaci贸n con errores: Explorer.EXE, versi贸n: 10.0.17763.107, marca de tiempo: 0x695ecd5a
Nombre del m贸dulo con errores: unknown, versi贸n: 0.0.0.0, marca de tiempo: 0x00000000
C贸digo de excepci贸n: 0xc0000005
Desplazamiento de errores: 0x0000000013930fae
Identificador del proceso con errores: 0x1564
Hora de inicio de la aplicaci贸n con errores: 0x01d4c7753e1973e2
Ruta de acceso de la aplicaci贸n con errores: C:\WINDOWS\Explorer.EXE
Ruta de acceso del m贸dulo con errores: unknown
Identificador del informe: 2346fe88-c313-4789-afaf-eee47b82cd6d
Nombre completo del paquete con errores: 
Identificador de aplicaci贸n relativa del paquete con errores:

Error: (02/17/2019 09:53:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicaci贸n con errores: utorrent.exe, versi贸n: 2.2.1.25110, marca de tiempo: 0x4d78393f
Nombre del m贸dulo con errores: GDI32.dll, versi贸n: 10.0.17763.1, marca de tiempo: 0x1c1f7575
C贸digo de excepci贸n: 0xc000041d
Desplazamiento de errores: 0x000060d7
Identificador del proceso con errores: 0x9a4
Hora de inicio de la aplicaci贸n con errores: 0x01d4c6f5016be410
Ruta de acceso de la aplicaci贸n con errores: C:\Program Files (x86)\uTorrent\utorrent.exe
Ruta de acceso del m贸dulo con errores: C:\WINDOWS\System32\GDI32.dll
Identificador del informe: 48d9e8ca-1bae-470b-bddd-4a4bfc174b92
Nombre completo del paquete con errores: 
Identificador de aplicaci贸n relativa del paquete con errores:

Error: (02/17/2019 08:22:50 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Error al generar el contexto de activaci贸n para "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Error en el archivo de manifiesto o directiva "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" en la l铆nea 1.
La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado.
La referencia es UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
La definici贸n es UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Use sxstrace.exe para obtener un diagn贸stico detallado.

Error: (02/14/2019 09:39:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicaci贸n con errores: utorrent.exe, versi贸n: 2.2.1.25110, marca de tiempo: 0x4d78393f
Nombre del m贸dulo con errores: GDI32.dll, versi贸n: 10.0.17763.1, marca de tiempo: 0x1c1f7575
C贸digo de excepci贸n: 0xc000041d
Desplazamiento de errores: 0x000060d7
Identificador del proceso con errores: 0x1d08
Hora de inicio de la aplicaci贸n con errores: 0x01d4c4957214ac4a
Ruta de acceso de la aplicaci贸n con errores: C:\Program Files (x86)\uTorrent\utorrent.exe
Ruta de acceso del m贸dulo con errores: C:\WINDOWS\System32\GDI32.dll
Identificador del informe: e3f8148e-d943-4c49-bad1-83953ecbc4c6
Nombre completo del paquete con errores: 
Identificador de aplicaci贸n relativa del paquete con errores:

Error: (02/13/2019 07:57:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicaci贸n con errores: utorrent.exe, versi贸n: 2.2.1.25110, marca de tiempo: 0x4d78393f
Nombre del m贸dulo con errores: GDI32.dll, versi贸n: 10.0.17763.1, marca de tiempo: 0x1c1f7575
C贸digo de excepci贸n: 0xc000041d
Desplazamiento de errores: 0x000060d7
Identificador del proceso con errores: 0x2308
Hora de inicio de la aplicaci贸n con errores: 0x01d4c3cdafa205cf
Ruta de acceso de la aplicaci贸n con errores: C:\Program Files (x86)\uTorrent\utorrent.exe
Ruta de acceso del m贸dulo con errores: C:\WINDOWS\System32\GDI32.dll
Identificador del informe: 60ce61ed-3094-40ac-aa33-258ebfee6d6f
Nombre completo del paquete con errores: 
Identificador de aplicaci贸n relativa del paquete con errores:

Error: (02/13/2019 07:55:10 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: El sub谩rbol del usuario se carga mediante otro proceso (bloqueo del registro) nombre del proceso: C:\Windows\System32\svchost.exe, PID: 1532, ProfSvc PID: 1568.


System errors:
=============
Error: (02/20/2019 10:07:11 PM) (Source: DCOM) (EventID: 10016) (User: MASU-PC)
Description: La configuraci贸n de permisos espec铆fico de la aplicaci贸n no concede el permiso Activaci贸n Local para la aplicaci贸n de servidor COM con CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 y APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 al usuario MASU-PC\masu1 con SID (S-1-5-21-1222199915-4118299630-1394755374-1001) en la direcci贸n LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (02/20/2019 09:43:27 PM) (Source: DCOM) (EventID: 10016) (User: MASU-PC)
Description: La configuraci贸n de permisos espec铆fico de la aplicaci贸n no concede el permiso Activaci贸n Local para la aplicaci贸n de servidor COM con CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 y APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 al usuario MASU-PC\masu1 con SID (S-1-5-21-1222199915-4118299630-1394755374-1001) en la direcci贸n LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (02/20/2019 09:33:54 PM) (Source: DCOM) (EventID: 10016) (User: MASU-PC)
Description: La configuraci贸n de permisos espec铆fico de la aplicaci贸n no concede el permiso Activaci贸n Local para la aplicaci贸n de servidor COM con CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 y APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 al usuario MASU-PC\masu1 con SID (S-1-5-21-1222199915-4118299630-1394755374-1001) en la direcci贸n LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (02/20/2019 09:30:47 PM) (Source: DCOM) (EventID: 10016) (User: MASU-PC)
Description: La configuraci贸n de permisos espec铆fico de la aplicaci贸n no concede el permiso Activaci贸n Local para la aplicaci贸n de servidor COM con CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 y APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 al usuario MASU-PC\masu1 con SID (S-1-5-21-1222199915-4118299630-1394755374-1001) en la direcci贸n LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (02/20/2019 09:29:53 PM) (Source: DCOM) (EventID: 10016) (User: MASU-PC)
Description: La configuraci贸n de permisos espec铆fico de la aplicaci贸n no concede el permiso Activaci贸n Local para la aplicaci贸n de servidor COM con CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 y APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 al usuario MASU-PC\masu1 con SID (S-1-5-21-1222199915-4118299630-1394755374-1001) en la direcci贸n LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (02/20/2019 09:27:18 PM) (Source: DCOM) (EventID: 10016) (User: MASU-PC)
Description: La configuraci贸n de permisos espec铆fico de la aplicaci贸n no concede el permiso Activaci贸n Local para la aplicaci贸n de servidor COM con CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 y APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 al usuario MASU-PC\masu1 con SID (S-1-5-21-1222199915-4118299630-1394755374-1001) en la direcci贸n LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (02/20/2019 09:16:37 PM) (Source: DCOM) (EventID: 10016) (User: MASU-PC)
Description: La configuraci贸n de permisos espec铆fico de la aplicaci贸n no concede el permiso Activaci贸n Local para la aplicaci贸n de servidor COM con CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 y APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 al usuario MASU-PC\masu1 con SID (S-1-5-21-1222199915-4118299630-1394755374-1001) en la direcci贸n LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (02/20/2019 09:15:02 PM) (Source: DCOM) (EventID: 10010) (User: MASU-PC)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registr贸 con DCOM dentro del tiempo de espera requerido.


CodeIntegrity:
===================================

Date: 2019-02-20 21:15:42.606
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-20 21:15:42.604
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-20 21:15:42.598
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-20 21:15:42.595
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-14 23:39:33.967
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-14 23:39:33.965
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-14 23:39:33.957
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-14 23:39:33.955
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info =========================== 

Processor: AMD Phenom(tm) II X4 965 Processor
Percentage of memory in use: 45%
Total physical RAM: 8189.38 MB
Available physical RAM: 4452.88 MB
Total Virtual: 12029.38 MB
Available Virtual: 8176.1 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:209.06 GB) (Free:88.93 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:211.95 GB) NTFS

\\?\Volume{08db0214-0000-0000-0000-100000000000}\ (Reservado para el sistema) (Fixed) (Total:0.54 GB) (Free:0.12 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2AAD8291)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#12

Hola:

Mientras analizo los reportes, comenta como va el equipo.

Salu2.


#13

Parece que va mucho mejor.

Al volver de la suspensi贸n la pantalla enciende al momento y sin congelarse y al abrir un v铆deo carga bien y sin cortes.


#14

Hola:

Sigue estos pasos:

1.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, 鈥淓jecutar como Administrador鈥.
  • En la ventana principal, marca solamente la casilla 鈥淐reate Registry Backup鈥.
  • Clic en Run.

Al terminar se abrir谩 un reporte llamado DelFix.txt, gu谩rdelo por si fuera necesario y cierre la herramienta鈥

2.- Desactiva Temporalmente tu antivirus.

3.- Abre un nuevo archivo Notepad y copia y pega este contenido:


Start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-1222199915-4118299630-1394755374-1001\...\Policies\Explorer: []
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
2019-02-20 21:12 - 2019-02-20 21:12 - 000043520 ____N () C:\Users\masu1\AppData\Local\Temp\proxy_vole5702089277304327879.dll
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
Task: {B641A19E-EB56-423A-BB9B-8C3079752DB3} - no filepath
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicaci贸n (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el bot贸n Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu pr贸xima respuesta.

Nos comentas .

Salu2.


#15

Buenas.

Despu茅s de hacer todos los pasos, dejo el reporte:

Fix result of Farbar Recovery Scan Tool (x64) Version: 20.02.2019
Ran by masu1 (21-02-2019 15:55:25) Run:2
Running from C:\Users\masu1\Desktop
Loaded Profiles: masu1 (Available Profiles: masu1)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-1222199915-4118299630-1394755374-1001\...\Policies\Explorer: []
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
2019-02-20 21:12 - 2019-02-20 21:12 - 000043520 ____N () C:\Users\masu1\AppData\Local\Temp\proxy_vole5702089277304327879.dll
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
Task: {B641A19E-EB56-423A-BB9B-8C3079752DB3} - no filepath
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Processes closed successfully.
Restore point was successfully created.
"HKU\S-1-5-21-1222199915-4118299630-1394755374-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\wacom.com/WacomTabletPlugin => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => removed successfully
C:\Users\masu1\AppData\Local\Temp\proxy_vole5702089277304327879.dll => moved successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B641A19E-EB56-423A-BB9B-8C3079752DB3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B641A19E-EB56-423A-BB9B-8C3079752DB3}" => removed successfully
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`28hfm" ADS removed successfully
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`29hfm" ADS removed successfully

========= ipconfig /flushdns =========


Configuraci垄n IP de Windows

Se vaci垄 correctamente la cach鈥 de resoluci垄n de DNS.

========= End of CMD: =========


========= ipconfig /renew =========


Configuraci垄n IP de Windows


Adaptador de Ethernet Ethernet:

   Sufijo DNS espec隆fico para la conexi垄n. . : 
   V隆nculo: direcci垄n IPv6 local. . . : fe80::d8d1:1a0e:be10:e3a2%17
   Direcci垄n IPv4. . . . . . . . . . . . . . : 192.168.0.89
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.0.1

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

{11516F34-F3AD-49FB-9EDB-3786F07C3CD6} canceled.
1 out of 1 jobs canceled.

========= End of CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci垄 correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv隆o de compartimiento se restableci垄 correctamente.
Compartimiento se restableci垄 correctamente.
Protocolo de control se restableci垄 correctamente.
Solicitud de secuencia eco se restableci垄 correctamente.
Global se restableci垄 correctamente.
Interfaz se restableci垄 correctamente.
Direcci垄n de difusi垄n por proximidad (a se restableci垄 correctamente.
Direcciones de multidifusi垄n se restableci垄 correctamente.
Direcci垄n de unidifusi垄n se restableci垄 correctamente.
Vecino se restableci垄 correctamente.
Ruta de acceso se restableci垄 correctamente.
Posible se restableci垄 correctamente.
Directiva de prefijo se restableci垄 correctamente.
Vecino de proxy se restableci垄 correctamente.
Ruta se restableci垄 correctamente.
Prefijo de sitio se restableci垄 correctamente.
Subinterfaz se restableci垄 correctamente.
Patr垄n de reactivaci垄n se restableci垄 correctamente.
Resolver vecino se restableci垄 correctamente.
 se restableci垄 correctamente.
 se restableci垄 correctamente.
 se restableci垄 correctamente.
 se restableci垄 correctamente.
Error al restablecer .
Acceso denegado.

 se restableci垄 correctamente.
 se restableci垄 correctamente.
 se restableci垄 correctamente.
 se restableci垄 correctamente.
 se restableci垄 correctamente.
 se restableci垄 correctamente.
 se restableci垄 correctamente.
Reinicie el equipo para completar esta acci垄n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv隆o de compartimiento se restableci垄 correctamente.
Compartimiento se restableci垄 correctamente.
Protocolo de control se restableci垄 correctamente.
Solicitud de secuencia eco se restableci垄 correctamente.
Global se restableci垄 correctamente.
Interfaz se restableci垄 correctamente.
Direcci垄n de difusi垄n por proximidad (a se restableci垄 correctamente.
Direcciones de multidifusi垄n se restableci垄 correctamente.
Direcci垄n de unidifusi垄n se restableci垄 correctamente.
Vecino se restableci垄 correctamente.
Ruta de acceso se restableci垄 correctamente.
Posible se restableci垄 correctamente.
Directiva de prefijo se restableci垄 correctamente.
Vecino de proxy se restableci垄 correctamente.
Ruta se restableci垄 correctamente.
Prefijo de sitio se restableci垄 correctamente.
Subinterfaz se restableci垄 correctamente.
Patr垄n de reactivaci垄n se restableci垄 correctamente.
Resolver vecino se restableci垄 correctamente.
 se restableci垄 correctamente.
 se restableci垄 correctamente.
 se restableci垄 correctamente.
 se restableci垄 correctamente.
Error al restablecer .
Acceso denegado.

 se restableci垄 correctamente.
 se restableci垄 correctamente.
 se restableci垄 correctamente.
 se restableci垄 correctamente.
 se restableci垄 correctamente.
 se restableci垄 correctamente.
 se restableci垄 correctamente.
Reinicie el equipo para completar esta acci垄n.


========= End of CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-1222199915-4118299630-1394755374-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-1222199915-4118299630-1394755374-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 60262014 B
Java, Flash, Steam htmlcache => 57122345 B
Windows/system/drivers => 1025808 B
Edge => 77312 B
Chrome => 469441098 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 76400194 B
systemprofile32 => 0 B
LocalService => 1822 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
masu1 => 9151981 B

RecycleBin => 2435509 B
EmptyTemp: => 654.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:56:14 ====

#16

Hola:

Prueba el equipo y si todo est谩 en orden lo comentas para ir dando por resuelto el tema.

Salu2


#17

He estado navegando un rato y probando varias cosas y lo noto todo m谩s fluido que antes. Parece que est谩 todo en orden.

Muchas gracias por toda tu ayuda.

Un Saludo.


#18

Hola @PepePalote:

Para eliminar las herramientas utilizadas:

Ejecutas nuevamente >> Delfix, desde tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7 /8 /10,presiona clic derecho y selecciona >> 鈥淓jecutar como Administrador鈥)
  • Marca las casilla Remove disinfection tools y Purgue Sistem Restore
  • Pulsar en Run.

Se abrir谩 el informe (DelFix.txt), gu谩rdalo por si fuera necesario y cierra la herramienta.

Para otros problemas, ya sabes donde encontrarnos鈥!!! :+1:

Tema Solucionado


cerrado #19