Problema con chromium

#1

Hola estoy necesitando ayuda. Resulta que no se como se instaló un programa CRHOMIUM en mi PC de dudosa procedencia:roll_eyes:, que no puedo desintalar y aparecen ventanas molestas que no me dejan trabajar tranquilo en la PC :expressionless:.

Desde ya muchas gracias.

Saludo muy cordialmente

#2

Hola @MAHenchoz [email protected] al nuevo ForoSpyware :handshake:

Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.

  • Realiza un Análisis de amenazas, actualizando si te lo pide.
  • Pulsar en “Cuarentena seleccionado” para enviarlo a la cuarentena y Reinicias el sistema.
  • En el apartado del manual Informes >> Informe de análisis encontrarás el reporte de MBAM, clic en Exportar >> Copiar al portapapeles.

2) Descarga AdwCleaner | InfoSpyware en el escritorio.

  • Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
  • Cierra también todos los programas que tengas abiertos.
  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
  • Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
  • Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt

3) Descarga CCleaner

  • Instala Ccleaner
  • Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine >> clic en ejecutar limpiador
  • Clic en la pestaña Registro >> clic en buscar problemas esperas que termine >> clic en Reparar Seleccionadas y haces una copia de seguridad
  • Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.

Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.

¿Cómo pegar reportes en el foro?

Un saludo

1 me gusta
#3

Aquí pego reporte de Malwarebytes 1ra parte:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 12/3/19
Hora del análisis: 11:47
Archivo de registro: c6a7e77c-44d5-11e9-bcd0-7a799b046b70.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.538
Versión del paquete de actualización: 1.0.9650
Licencia: Prueba

-Información del sistema-
SO: Windows 7
CPU: x64
Sistema de archivos: NTFS
Usuario: MASFDE\Arturo H

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 308579
Amenazas detectadas: 338
Amenazas en cuarentena: 338
Tiempo transcurrido: 9 min, 45 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 17
PUP.Optional.WinYahoo.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\{524A4054-2696-AE1A-65DC-18D0350BB78D}\ProductUpdt, Se eliminará al reiniciar, [762], [448849],1.0.9650
PUP.Optional.WinYahoo.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{CEB6122C-1E43-434F-B59E-E728DEB0E02A}, Se eliminará al reiniciar, [762], [448849],1.0.9650
PUP.Optional.WinYahoo.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{CEB6122C-1E43-434F-B59E-E728DEB0E02A}, Se eliminará al reiniciar, [762], [448849],1.0.9650
PUP.Optional.WinYahoo.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{524A4054-2696-AE1A-65DC-18D0350BB78D}\ProductUpdt, Se eliminará al reiniciar, [762], [-1],0.0.0
PUP.Optional.WinYahoo.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEB6122C-1E43-434F-B59E-E728DEB0E02A}, Se eliminará al reiniciar, [762], [-1],0.0.0
PUP.Optional.WinYahoo.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CEB6122C-1E43-434F-B59E-E728DEB0E02A}, Se eliminará al reiniciar, [762], [-1],0.0.0
PUP.Optional.InstallCore, HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\SOFTWARE\CSASTATS\ic, Se eliminará al reiniciar, [422], [586068],1.0.9650
PUP.Optional.SecuredSearch, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pdpcpceofkopegffcdnffeenbfdldock, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pdpcpceofkopegffcdnffeenbfdldock, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pdpcpceofkopegffcdnffeenbfdldock, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SearchManager.BITSRST, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nahhmpbckpgdidfnmfkfgiflpjijilce, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\nahhmpbckpgdidfnmfkfgiflpjijilce, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nahhmpbckpgdidfnmfkfgiflpjijilce, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Se eliminará al reiniciar, [237], [182757],1.0.9650
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Se eliminará al reiniciar, [237], [182757],1.0.9650
PUP.Optional.WinYahoo, HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Se eliminará al reiniciar, [237], [182757],1.0.9650
PUP.Optional.WinYahoo.TskLnk, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{896561A5-D9E5-B025-6865-C0A5B8E51325}, Se eliminará al reiniciar, [762], [542290],1.0.9650

Valor del registro: 9
PUP.Optional.SecuredSearch, HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Profile 1\extensions.settings|pdpcpceofkopegffcdnffeenbfdldock, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SearchManager.BITSRST, HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Profile 1\extensions.settings|nahhmpbckpgdidfnmfkfgiflpjijilce, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.NotChromeRun, HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|GOOGLECHROMEAUTOLAUNCH_C7E2FF17AF198129FFB9BFAB09075822, Se eliminará al reiniciar, [6813], [241243],1.0.9650
PUP.Optional.WinYahoo, HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|TABS, Se eliminará al reiniciar, [237], [261450],1.0.9650
PUP.Optional.WinYahoo, HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, Se eliminará al reiniciar, [237], [182757],1.0.9650
PUP.Optional.Kuaizip, HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\FILEEXTS\.BIN\OPENWITHPROGIDS|KUAIZIPMOUNT.BIN, Se eliminará al reiniciar, [1161], [392706],1.0.9650
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, Se eliminará al reiniciar, [237], [182758],1.0.9650
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, Se eliminará al reiniciar, [237], [182758],1.0.9650
PUP.Optional.SearchManager.BITSRST, HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Profile 1\extensions.settings|pilplloabdedfmialnfchjomjmpjcoej, Se eliminará al reiniciar, [266], [626729],1.0.9650

Datos del registro: 5
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|TABS, Se reemplazará al reiniciar, [237], [293460],1.0.9650
PUP.Optional.WinYahoo, HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Se reemplazará al reiniciar, [237], [293459],1.0.9650
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|TABS, Se reemplazará al reiniciar, [237], [293460],1.0.9650
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Se reemplazará al reiniciar, [237], [293461],1.0.9650
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Se reemplazará al reiniciar, [237], [293461],1.0.9650

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 40
PUP.Optional.WinYahoo.TskLnk, C:\USERS\ARTURO H\APPDATA\LOCAL\Cefecodebo, Se eliminará al reiniciar, [762], [448849],1.0.9650
Adware.OnlineIO, C:\WINDOWS\INSTALLER\{52F7BE5C-2C3B-4C7B-A96D-F19B9EC1992D}, Se eliminará al reiniciar, [1196], [414815],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\fonts\websafe-awesome, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\images\bsb\icons, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\images\icons, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\images\bsb, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\scripts, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\images, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\fonts, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\skin\icons, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\_metadata, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\vendor, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\skin, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\USERS\ARTURO H\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\EXTENSIONS\pdpcpceofkopegffcdnffeenbfdldock, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\sitesThumbnails, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\converter, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\weather, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\films, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\icons, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\tiles, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\maps, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\_locales\pt_BR, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\fonts, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\_locales\en, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\_locales\fr, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\_locales\hi, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\_locales\vi, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\skin\icons, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\_metadata, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\_locales, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\vendor, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\skin, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\USERS\ARTURO H\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\EXTENSIONS\nahhmpbckpgdidfnmfkfgiflpjijilce, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.WinYahoo.TskLnk, C:\Users\Arturo H\AppData\Local\{3DF00BAC-1958-6714-74C0-42FC50A8BE64}\HowToRemove, Se eliminará al reiniciar, [762], [542290],1.0.9650
PUP.Optional.WinYahoo.TskLnk, C:\USERS\ARTURO H\APPDATA\LOCAL\{3DF00BAC-1958-6714-74C0-42FC50A8BE64}, Se eliminará al reiniciar, [762], [542290],1.0.9650

Archivo: 267
PUP.Optional.SearchManager, C:\USERS\ARTURO H\APPDATA\LOCAL\CHROMIUM\USER DATA\DEFAULT\LOCAL STORAGE\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage, Se eliminará al reiniciar, [2055], [260989],1.0.9650
PUP.Optional.WinYahoo.TskLnk, C:\WINDOWS\SYSTEM32\TASKS\{524A4054-2696-AE1A-65DC-18D0350BB78D}\ProductUpdt, Se eliminará al reiniciar, [762], [448849],1.0.9650
PUP.Optional.WinYahoo.TskLnk, C:\USERS\ARTURO H\APPDATA\LOCAL\Cefecodebo\ProductUpdt.exe, Se eliminará al reiniciar, [762], [448849],1.0.9650
PUP.Optional.WinYahoo.TskLnk, C:\Users\Arturo H\AppData\Local\Cefecodebo\num.txt, Se eliminará al reiniciar, [762], [448849],1.0.9650
PUP.Optional.WinYahoo.TskLnk, C:\Users\Arturo H\AppData\Local\Cefecodebo\ridesegaro, Se eliminará al reiniciar, [762], [448849],1.0.9650
PUP.Optional.WinYahoo.TskLnk, C:\WINDOWS\SYSTEM32\TASKS\{524A4054-2696-AE1A-65DC-18D0350BB78D}\ProductUpdt, Se eliminará al reiniciar, [762], [-1],0.0.0
Adware.OnlineIO, C:\Windows\Installer\{52F7BE5C-2C3B-4C7B-A96D-F19B9EC1992D}\online.exe, Se eliminará al reiniciar, [1196], [414815],1.0.9650
Adware.OnlineIO, C:\Windows\Installer\{52F7BE5C-2C3B-4C7B-A96D-F19B9EC1992D}\SystemFoldermsiexec.exe, Se eliminará al reiniciar, [1196], [414815],1.0.9650
PUP.Optional.SearchManager, C:\USERS\ARTURO H\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\LOCAL STORAGE\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage, Se eliminará al reiniciar, [2055], [453138],1.0.9650
PUP.Optional.SearchModule, C:\USERS\ARTURO H\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\LOCAL STORAGE\chrome-extension_nahhmpbckpgdidfnmfkfgiflpjijilce_0.localstorage, Se eliminará al reiniciar, [275], [453492],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\fonts\websafe-awesome\websafe-awesome.css, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\fonts\websafe-awesome\websafe-awesome.woff2, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\fonts\HelveticaNeue-Thin.otf, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\fonts\HelveticaNeueLT-Roman.woff, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\fonts\neue-bold.woff, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\fonts\neue.woff, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\images\bsb\icons\icon-red.svg, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\images\bsb\icons\red-favicon.ico, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\images\bsb\bad.png, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\images\bsb\bytefence-logo-transparent.svg, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\images\bsb\close.png, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\images\bsb\logo-small.svg, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\images\bsb\logo.svg, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\images\bsb\ok.png, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\images\bsb\search-icon.png, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\images\icons\128.png, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\images\icons\16.png, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\images\icons\19.png, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\images\icons\32.png, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\images\icons\38.png, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\images\icons\48.png, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\images\icons\favicon.ico, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\images\radio-selected.svg, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\images\radio-unselected.svg, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\images\star-unselected.svg, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\images\star.svg, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\scripts\search.css, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\scripts\search.js, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\content\bundle.v0.0.1.min.css, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\skin\icons\16.png, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\vendor\md5.min.js, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\vendor\react-dom.min.js, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\vendor\react-with-addons.min.js, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\_metadata\verified_contents.json, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\2bfc185be71f44cd73ac81511fc1f5a5.woff, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\b495e340f4ef8924fea0284c1bf9e7ac.woff, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\background.html, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\background.v0.0.1.min.js, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\c5a5cbf4dbcaa7064f2bc77f52101aec.otf, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\client.v0.0.1.min.js, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\common.js.v0.0.1.min.js, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\e5d3501d500d07b0a1e952b0f8a81d78.woff, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\e_.json, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\index.html, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\manifest.json, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdpcpceofkopegffcdnffeenbfdldock\10.1.3.121_0\responseConfig.json, Se eliminará al reiniciar, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\USERS\ARTURO H\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Sustituido, [234], [586065],1.0.9650
PUP.Optional.SecuredSearch, C:\USERS\ARTURO H\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Preferences, Sustituido, [234], [586065],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\fonts\HelveticaNeue-Thin.otf, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\fonts\HelveticaNeueLT-Roman.woff, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\fonts\neue-bold.woff, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\fonts\neue.woff, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\converter\close-FF8A5A.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\converter\collection-9B9B9B.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\converter\collection-FF691E.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\converter\doc-icon-FFFFFF.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\converter\error-FF691E.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\converter\pdf-2-doc-9B9B9B.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\converter\pdf-2-doc-FFFFFF.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\converter\pdf-icon-FFFFFF.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\converter\success-FF8A5A.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\converter\tab-arrow-FF691E.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\converter\upload-FF691E.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\films\amazon-FFFFFF.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\films\amazon.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\films\close.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\films\enlarge-000000-FFFFFF.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\films\enlarge-FFCA00-000000.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\films\hulu-FFFFFF.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\films\hulu.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\films\minimize-000000-FFFFFF.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\films\netflix-FFFFFF.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\films\netflix.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\films\refresh-FFFFFF-000000.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\films\shrink-FFCA00-000000.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\films\shuffle-000000.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\films\shuffle-FFFFFF.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\films\vudu-FFFFFF.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\films\vudu.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\icons\128.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\icons\16.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\icons\48.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\icons\close.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\icons\favicon.ico, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\icons\trends.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\maps\bing-maps-FFFFFF.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\maps\from-to-icon-8881FF.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\maps\google-maps-FFFFFF.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\maps\location-icon-8881FF.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\maps\search-4A4A4A.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\maps\search-8881FF.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\maps\switch-8881FF.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\maps\tab-arrow-8881FF.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\maps\whereto-logo-8881FF.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\maps\whereto-logo-FFFFFF.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\sitesThumbnails\facebook_tile_v2.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\sitesThumbnails\aliexpress.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\sitesThumbnails\aliexpress_tile_v2.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\sitesThumbnails\amazon.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\sitesThumbnails\amazon_tile_v2.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\sitesThumbnails\booking.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\sitesThumbnails\booking_tile_v2.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\sitesThumbnails\ebay.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\sitesThumbnails\ebay_tile_v2.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\sitesThumbnails\expedia.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\sitesThumbnails\expedia_tile_v2.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\sitesThumbnails\facebook.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\sitesThumbnails\gmail.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\sitesThumbnails\gmail_tile_v2.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\sitesThumbnails\google-translate-icon-FFFFFF.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\sitesThumbnails\gtranslte.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\sitesThumbnails\pinterest.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\sitesThumbnails\pinterest_tile_v2.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\sitesThumbnails\twitter.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\sitesThumbnails\twitter_tile_v2.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\sitesThumbnails\wix.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\sitesThumbnails\wix_tile_v2.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\sitesThumbnails\yahoo.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\sitesThumbnails\yahoo_tile_v2.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\sitesThumbnails\youtube.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\sitesThumbnails\youtube_tile_v2.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\tiles\DOC-to-PDF.jpg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\tiles\PDF-to-DOC.jpg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\tiles\Translation.jpg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\tiles\View-PDF.jpg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\weather\01d.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\weather\01n.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\weather\02d.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\weather\02n.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\weather\03d.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\weather\03n.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\weather\04d.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\weather\04n.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\weather\09d.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\weather\09n.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\weather\10d.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\weather\10n.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\weather\11d.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\weather\11n.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
#4

INFORME Malwarwbytes 2da parte:

PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\weather\13d.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\weather\13n.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\weather\50d.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\weather\50n.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\down.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\alot.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\angle-arrow-down.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\bing.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\bing_large.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\bluesky-bg.jpg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\brush.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\bt.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\clock.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\cloud.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\cupcake-bg.jpg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\desk-bg.jpg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\doodle.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\enhanced_google.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\eyeglass.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\eyeglass_transparent.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\films-bg.jpg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\gmx_large.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\google.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\google_large.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\hero-bg.jpg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\just-the-box-empty.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\just-the-box.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\mountain-bg.jpg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\pointer2.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\radio-selected.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\radio-unselected.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\sea-bg.jpg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\search-D7D7D7.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\search-FFFFFF.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\settings.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\smallMagnifier.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\star-unselected.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\star.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\todoc.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\toggle-off.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\toggle-on.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\topdf.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\transparent_img.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\yahoo.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\yahoo.svg, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\yahoo_large.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\yandex.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\_enhanced_google.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\images\_gmx_large.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\content\bundle.v0.0.1.min.css, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\skin\icons\16.png, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\vendor\md5.min.js, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\vendor\react-dom.min.js, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\vendor\react-with-addons.min.js, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\_locales\en\messages.json, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\_locales\fr\messages.json, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\_locales\hi\messages.json, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\_locales\pt_BR\messages.json, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\_locales\vi\messages.json, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\_metadata\verified_contents.json, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\2bfc185be71f44cd73ac81511fc1f5a5.woff, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\AmpSearchServiceLocalList.json, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\b495e340f4ef8924fea0284c1bf9e7ac.woff, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\background.html, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\background.v0.0.1.min.js, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\c5a5cbf4dbcaa7064f2bc77f52101aec.otf, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\client.v0.0.1.min.js, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\common.js.v0.0.1.min.js, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\e5d3501d500d07b0a1e952b0f8a81d78.woff, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\e_.json, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\index.html, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\manifest.json, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.3.71_0\responseConfig.json, Se eliminará al reiniciar, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\USERS\ARTURO H\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Sustituido, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\USERS\ARTURO H\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Preferences, Sustituido, [266], [626739],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR0.DAT, Se eliminará al reiniciar, [266], [-1],0.0.0
PUP.Optional.SearchManager.BITSRST, C:\PROGRAMDATA\APPLICATION DATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR0.DAT, Se eliminará al reiniciar, [266], [-1],0.0.0
PUP.Optional.SearchManager.BITSRST, C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR1.DAT, Se eliminará al reiniciar, [266], [-1],0.0.0
PUP.Optional.SearchManager.BITSRST, C:\PROGRAMDATA\APPLICATION DATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR1.DAT, Se eliminará al reiniciar, [266], [-1],0.0.0
PUP.Optional.SearchManager.BITSRST, C:\DOCUMENTS AND SETTINGS\ALL USERS\MICROSOFT\NETWORK\DOWNLOADER\QMGR0.DAT, Se eliminará al reiniciar, [266], [-1],0.0.0
PUP.Optional.SearchManager.BITSRST, C:\PROGRAMDATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR0.DAT, Se eliminará al reiniciar, [266], [-1],0.0.0
PUP.Optional.SearchManager.BITSRST, C:\DOCUMENTS AND SETTINGS\ALL USERS\MICROSOFT\NETWORK\DOWNLOADER\QMGR1.DAT, Se eliminará al reiniciar, [266], [-1],0.0.0
PUP.Optional.SearchManager.BITSRST, C:\PROGRAMDATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR1.DAT, Se eliminará al reiniciar, [266], [-1],0.0.0
PUP.Optional.WinYahoo, C:\USERS\ARTURO H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VHPWRMFA.DEFAULT\SEARCHPLUGINS\YAHOO! POWERED.XML, Se eliminará al reiniciar, [237], [302726],1.0.9650
PUP.Optional.WinYahoo.Generic, C:\USERS\ARTURO H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VHPWRMFA.DEFAULT\SEARCHPLUGINS\FICILO.XML, Se eliminará al reiniciar, [224], [643052],1.0.9650
PUP.Optional.WinYahoo, C:\USERS\ARTURO H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VHPWRMFA.DEFAULT\PREFS.JS, Sustituido, [237], [303324],1.0.9650
PUP.Optional.WinYahoo.TskLnk, C:\USERS\ARTURO H\APPDATA\ROAMING\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk, Se eliminará al reiniciar, [762], [542290],1.0.9650
PUP.Optional.WinYahoo.TskLnk, C:\USERS\ARTURO H\APPDATA\LOCAL\{3DF00BAC-1958-6714-74C0-42FC50A8BE64}\HOWTOREMOVE\HOWTOREMOVE.HTML, Se eliminará al reiniciar, [762], [542290],1.0.9650
PUP.Optional.WinYahoo.TskLnk, C:\Users\Arturo H\AppData\Local\{3DF00BAC-1958-6714-74C0-42FC50A8BE64}\HowToRemove\chromium-min.jpg, Se eliminará al reiniciar, [762], [542290],1.0.9650
PUP.Optional.WinYahoo.TskLnk, C:\Users\Arturo H\AppData\Local\{3DF00BAC-1958-6714-74C0-42FC50A8BE64}\HowToRemove\control panel-min-min.JPG, Se eliminará al reiniciar, [762], [542290],1.0.9650
PUP.Optional.WinYahoo.TskLnk, C:\Users\Arturo H\AppData\Local\{3DF00BAC-1958-6714-74C0-42FC50A8BE64}\HowToRemove\down.png, Se eliminará al reiniciar, [762], [542290],1.0.9650
PUP.Optional.WinYahoo.TskLnk, C:\Users\Arturo H\AppData\Local\{3DF00BAC-1958-6714-74C0-42FC50A8BE64}\HowToRemove\ff menu.JPG, Se eliminará al reiniciar, [762], [542290],1.0.9650
PUP.Optional.WinYahoo.TskLnk, C:\Users\Arturo H\AppData\Local\{3DF00BAC-1958-6714-74C0-42FC50A8BE64}\HowToRemove\ff search engine-min.png, Se eliminará al reiniciar, [762], [542290],1.0.9650
PUP.Optional.WinYahoo.TskLnk, C:\Users\Arturo H\AppData\Local\{3DF00BAC-1958-6714-74C0-42FC50A8BE64}\HowToRemove\hp-min ff.png, Se eliminará al reiniciar, [762], [542290],1.0.9650
PUP.Optional.WinYahoo.TskLnk, C:\Users\Arturo H\AppData\Local\{3DF00BAC-1958-6714-74C0-42FC50A8BE64}\HowToRemove\hp-min ie.png, Se eliminará al reiniciar, [762], [542290],1.0.9650
PUP.Optional.WinYahoo.TskLnk, C:\Users\Arturo H\AppData\Local\{3DF00BAC-1958-6714-74C0-42FC50A8BE64}\HowToRemove\search engine.gif, Se eliminará al reiniciar, [762], [542290],1.0.9650
PUP.Optional.WinYahoo.TskLnk, C:\Users\Arturo H\AppData\Local\{3DF00BAC-1958-6714-74C0-42FC50A8BE64}\HowToRemove\setup pages.gif, Se eliminará al reiniciar, [762], [542290],1.0.9650
PUP.Optional.WinYahoo.TskLnk, C:\Users\Arturo H\AppData\Local\{3DF00BAC-1958-6714-74C0-42FC50A8BE64}\HowToRemove\sp-min.png, Se eliminará al reiniciar, [762], [542290],1.0.9650
PUP.Optional.WinYahoo.TskLnk, C:\Users\Arturo H\AppData\Local\{3DF00BAC-1958-6714-74C0-42FC50A8BE64}\HowToRemove\start-min.jpg, Se eliminará al reiniciar, [762], [542290],1.0.9650
PUP.Optional.WinYahoo.TskLnk, C:\Users\Arturo H\AppData\Local\{3DF00BAC-1958-6714-74C0-42FC50A8BE64}\HowToRemove\up.png, Se eliminará al reiniciar, [762], [542290],1.0.9650
PUP.Optional.WinYahoo.TskLnk, C:\Users\Arturo H\AppData\Local\{3DF00BAC-1958-6714-74C0-42FC50A8BE64}\latafor, Se eliminará al reiniciar, [762], [542290],1.0.9650
PUP.Optional.WinYahoo.TskLnk, C:\Users\Arturo H\AppData\Local\{3DF00BAC-1958-6714-74C0-42FC50A8BE64}\tineti, Se eliminará al reiniciar, [762], [542290],1.0.9650
PUP.Optional.WinYahoo.TskLnk, C:\Users\Arturo H\AppData\Local\{3DF00BAC-1958-6714-74C0-42FC50A8BE64}\uninst.exe, Se eliminará al reiniciar, [762], [542290],1.0.9650
PUP.Optional.WinYahoo.TskLnk, C:\Users\Arturo H\AppData\Local\{3DF00BAC-1958-6714-74C0-42FC50A8BE64}\uninstp.dat, Se eliminará al reiniciar, [762], [542290],1.0.9650
PUP.Optional.ByteFence, C:\USERS\ARTURO H\APPDATA\LOCAL\TEMP\TMPSEC7558111\BYTEFENCE-INSTALLER-5.4.1.17.EXE, Se eliminará al reiniciar, [5929], [389016],1.0.9650
PUP.Optional.InstallCore.Generic, C:\USERS\ARTURO H\DOWNLOADS\79750-698982-ATUBE-CATCHER.EXE, Se eliminará al reiniciar, [541], [621110],1.0.9650
Generic.Malware/Suspicious, C:\USERS\ARTURO H\APPDATA\LOCAL\ARES\SETUP.EXE, Se eliminará al reiniciar, [0], [392686],1.0.9650
PUP.Optional.SecuredSearch, C:\USERS\ARTURO H\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Sustituido, [234], [551753],1.0.9650
Adware.SearchEngineHijack, C:\USERS\ARTURO H\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Sustituido, [353], [462944],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\USERS\ARTURO H\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Sustituido, [266], [626729],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\USERS\ARTURO H\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Sustituido, [266], [626729],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\USERS\ARTURO H\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Sustituido, [266], [628563],1.0.9650
PUP.Optional.SearchManager.BITSRST, C:\USERS\ARTURO H\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Sustituido, [266], [626729],1.0.9650
PUP.Optional.InstallCore.Generic, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\aTube Catcher.lnk, Se eliminará al reiniciar, [541], [621110],1.0.9650
PUP.Optional.InstallCore.Generic, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\Music Search MP3.lnk, Se eliminará al reiniciar, [541], [621110],1.0.9650
PUP.Optional.InstallCore.Generic, C:\USERS\PUBLIC\Desktop\aTube Catcher.lnk, Se eliminará al reiniciar, [541], [621110],1.0.9650
PUP.Optional.InstallCore.Generic, C:\USERS\PUBLIC\Desktop\Music Search MP3.lnk, Se eliminará al reiniciar, [541], [621110],1.0.9650
PUP.Optional.InstallCore.Generic, D:\PROGRAM FILES (X86)\DSNET CORP\ATUBE CATCHER 2.0\YCT.EXE, Se eliminará al reiniciar, [541], [621110],1.0.9650

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
#5

Aqui reporte de AdwCleaner:

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build:    01-30-2019
# Database: 2019-03-11.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    03-12-2019
# Duration: 00:00:03
# OS:       Windows 7 Ultimate
# Cleaned:  15
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\ProgramData\ByteFence
Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Deleted       C:\Users\Arturo H\AppData\Roaming\RPEng
Deleted       C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar
Deleted       C:\Program Files\Hola
Deleted       C:\Users\Arturo H\AppData\Local\Hola
Deleted       C:\Users\Arturo H\Start Menu\Programs\SpyHunter

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\csastats
Deleted       HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\AlcoholAutomount
Deleted       HKLM\Software\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
Deleted       HKCU\Software\PRODUCTSETUP
Deleted       HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
Deleted       HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
Deleted       HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\SpyHunter4.exe

***** [ Chromium (and derivatives) ] *****

Deleted       Touch VPN

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2374 octets] - [12/03/2019 13:22:05]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
#6

Hola quería comentar que el problemas persiste aún después de seguir los tres pasos arriba descriptos. Al encender o reiniciar el PC la pagina Chromium se ejecuto por si sola. La cierro y al cabo de un tiempo se vuelve a aparecer la página. Era para comentar eso nada mas.

Desde ya muchas gracias por su atención.

Saludo muy cordialmente! :wave:.

#7

Hola

Descarga Farbar Recovery Scan Tool.en el escritorio, seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Pon los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Un saludo

1 me gusta
#8
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13.03.2019 01
Ran by Arturo H (administrator) on MASFDE (15-03-2019 13:50:28)
Running from C:\Users\Arturo H\Desktop
Loaded Profiles: Arturo H (Available Profiles: Arturo H)
Platform: Windows 7 Ultimate (X64) Language: Español (España, internacional)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Ryan Conrad) [File not signed] C:\Program Files\Droid Explorer\DroidExplorer.Service.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Samsung Electronics CO., LTD. -> Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Google Inc -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIIFA.EXE
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIIBE.EXE
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(The Chromium Authors) [File not signed] C:\Users\Arturo H\AppData\Local\chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Users\Arturo H\AppData\Local\chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Users\Arturo H\AppData\Local\chromium\Application\chrome.exe
(Google Inc -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(DT Soft Ltd -> DT Soft Ltd) D:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
() [File not signed] C:\Program Files\Droid Explorer\SDK\tools\adb.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\SysWOW64\ENAgent.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Rocket Division Software) [File not signed] D:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(uvnc bvba -> UltraVNC) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe
(Wondershare Technology Co.,Ltd -> Wondershare) D:\Program Files (x86)\Wondershare\dr.fone\Library\DriverInstaller\DriverInstall.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(The Chromium Authors) [File not signed] C:\Users\Arturo H\AppData\Local\chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Users\Arturo H\AppData\Local\chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Users\Arturo H\AppData\Local\chromium\Application\chrome.exe
(uvnc bvba -> UltraVNC) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Microsoft Corporation -> Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601928 2018-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-02-11] (LogMeIn, Inc. -> LogMeIn Inc.)
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1023664 2016-08-25] (Samsung Electronics CO., LTD. -> Samsung)
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) [File not signed]
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46504696 2018-12-07] (Google Inc -> )
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\Run: [DAEMON Tools Pro Agent] => D:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [1163072 2012-04-12] (DT Soft Ltd) [File not signed]
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\Run: [EPLTarget\P0000000000000002] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIIFA.EXE [278112 2011-11-02] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIIBE.EXE [283232 2012-02-29] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35258768 2019-03-12] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\Run: [Chromium] => c:\users\arturo h\appdata\local\chromium\application\chrome.exe [4195328 2017-10-06] (The Chromium Authors) [File not signed]
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\Run: [GoogleChromeAutoLaunch_C7E2FF17AF198129FFB9BFAB09075822] => C:\Users\Arturo H\AppData\Local\chromium\Application\chrome.exe [4195328 2017-10-06] (The Chromium Authors) [File not signed]
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19646312 2019-02-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\system32\bdmpega64.acm [70712 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\system32\bdmjpeg64.dll [25640 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\system32\bdmpegv64.dll [70200 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [66104 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [23080 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [66104 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe [2019-03-05] (Google LLC -> Google Inc.)
AppInit_DLLs: acaptuser64.dll => C:\Windows\system32\acaptuser64.dll [119160 2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6B719D3C-9AC4-418C-8DC0-A20A659D4C47}: [DhcpNameServer] 192.168.1.1
HKLM\System\...\Parameters\PersistentRoutes: [0.0.0.0,0.0.0.0,25.0.0.1,-1]

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-ar/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3204163558-1490578659-2835150725-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3204163558-1490578659-2835150725-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-01-25] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-25] (Oracle America, Inc. -> Oracle Corporation)
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Windows -> Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: vhpwrmfa.default
FF ProfilePath: C:\Users\Arturo H\AppData\Roaming\Mozilla\Firefox\Profiles\vhpwrmfa.default [2019-03-12]
FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> D:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-18] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-18] (Google Inc -> Google Inc.)
FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\Arturo H\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [No File]
FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\Arturo H\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [No File]
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR StartupUrls: Profile 1 -> "hxxps://www.google.com/"
CHR Profile: C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Default [2019-03-12]
CHR Profile: C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-03-15]
CHR Extension: (Documentos) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-31]
CHR Extension: (Google Drive) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-31]
CHR Extension: (YouTube) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-31]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-03-13]
CHR Extension: (vidIQ for Chrome) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cppnjmdljhemhdachecffocboniemifa [2018-03-31]
CHR Extension: (Facebook Flat Extension for Chrome) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\egmhbmppadogikmfeagdgopjmmcnbelb [2018-03-31]
CHR Extension: (Floating for YouTube™ Extension) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\egncdnniomonjgpjbapalkckojhkfddk [2018-03-31]
CHR Extension: (EditThisCookie) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2018-12-01]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
CHR Extension: (AdBlock) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-03-01]
CHR Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2019-03-11]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-10-22]
CHR Extension: (Video Downloader GetThemAll) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nbkekaeindpfpcoldfckljplboolgkfm [2018-03-31]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-31]
CHR Extension: (Chrome Media Router) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-12]
CHR Profile: C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\System Profile [2018-03-31]
CHR HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\ARTURO~1\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2018-10-22]
CHR HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2018-01-20] (BattlEye Innovations e.K. -> )
R2 DroidExplorerService; C:\Program Files\Droid Explorer\DroidExplorer.Service.exe [253952 2011-05-17] (Ryan Conrad) [File not signed]
R2 ENAgent; C:\Windows\SysWOW64\ENAgent.exe [4209856 2012-07-05] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2015-11-03] (Macrovision Corporation -> Macrovision Europe Ltd.) [File not signed]
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-02-11] (LogMeIn, Inc. -> LogMeIn Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation - pGFX -> Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
S4 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG -> Nero AG)
S3 Origin Client Service; D:\Program Files 2(x86)\Origin\OriginClientService.exe [2117128 2016-11-11] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; D:\Program Files 2(x86)\Origin\OriginWebHelperService.exe [2178576 2016-11-11] (Electronic Arts, Inc. -> Electronic Arts)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 StarWindServiceAE; d:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [File not signed]
R2 uvnc_service; C:\Program Files\uvnc bvba\UltraVNC\WinVNC.exe [2175792 2016-10-26] (uvnc bvba -> UltraVNC)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-11] (VIA Technologies Inc. -> VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe [495840 2018-01-26] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsDrvInst; D:\Program Files (x86)\Wondershare\dr.fone\Library\DriverInstaller\DriverInstall.exe [120096 2018-01-16] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2755584 2011-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 CH341_A64; C:\Windows\System32\Drivers\CH341W64.SYS [31232 2009-06-12] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 DLPortIO; C:\Windows\SysWOW64\DRIVERS\DLPortIO.SYS [3584 2000-06-29] () [File not signed]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2018-12-18] (DT Soft Ltd -> DT Soft Ltd)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-05-28] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [179456 2015-08-31] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [164992 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [688648 2014-05-28] (VIA Technologies Inc. -> VIA Technologies, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-15 13:50 - 2019-03-15 13:51 - 000023683 _____ C:\Users\Arturo H\Desktop\FRST.txt
2019-03-15 13:49 - 2019-03-15 13:49 - 002433536 _____ (Farbar) C:\Users\Arturo H\Desktop\FRST64.exe
2019-03-13 09:26 - 2019-03-14 11:27 - 000000000 ____D C:\Users\Arturo H\Desktop\Nueva carpeta (2)
2019-03-12 19:30 - 2019-03-12 19:30 - 000000000 ____D C:\Users\Arturo H\AppData\Local\ElevatedDiagnostics
2019-03-12 13:38 - 2019-03-12 13:38 - 000002490 _____ C:\Users\Arturo H\Documents\cc_20190312_133812.reg
2019-03-12 13:36 - 2019-03-15 13:38 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-03-12 13:36 - 2019-03-12 13:36 - 000002810 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-03-12 12:36 - 2019-03-12 12:37 - 000000000 ____D C:\Users\Arturo H\Desktop\ARCHIVOS INFORMES PARA FOROSPYWARE
2019-03-12 11:47 - 2019-03-12 11:47 - 000000000 ____D C:\Users\Arturo H\AppData\Local\mbam
2019-03-12 11:46 - 2019-03-12 11:46 - 000000000 ____D C:\Users\Arturo H\AppData\Local\mbamtray
2019-03-10 00:25 - 2019-03-11 09:25 - 000000065 _____ C:\Users\Arturo H\AppData\Roaming\WB.CFG
2019-03-10 00:24 - 2019-03-10 00:25 - 000000000 ____D C:\Users\Arturo H\AppData\Local\{D78EE1D2-F326-8D6A-9EBE-A882BAD6541A}
2019-03-09 13:40 - 2019-03-09 13:40 - 000000699 _____ C:\Users\Public\Desktop\Convert MP4 to MP3.lnk
2019-03-09 13:40 - 2019-03-09 13:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Convert MP4 to MP3
2019-03-09 13:26 - 2019-03-09 13:26 - 000002274 _____ C:\Users\Arturo H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2019-03-09 13:26 - 2019-03-09 13:26 - 000000000 ____D C:\Users\Arturo H\AppData\Local\chromium
2019-03-09 13:25 - 2019-03-12 12:19 - 000000000 ____D C:\Windows\System32\Tasks\{524A4054-2696-AE1A-65DC-18D0350BB78D}
2019-03-09 13:24 - 2008-08-18 18:18 - 000077824 _____ (Fox Magic Software) C:\Windows\SysWOW64\fmcodec.DLL
2019-03-09 11:23 - 2019-03-09 11:23 - 000036129 _____ C:\Users\Arturo H\Documents\reporte.pdf
2019-03-07 07:01 - 2019-03-12 13:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2019-03-07 07:01 - 2017-11-09 12:58 - 000440320 _____ (Dart Communications) C:\Windows\SysWOW64\DartSock.dll
2019-03-07 07:01 - 2017-11-09 12:58 - 000401408 _____ (Dart Communications) C:\Windows\SysWOW64\DartSecure2.dll
2019-03-07 07:01 - 2017-11-09 12:58 - 000249856 _____ (Dart Communications) C:\Windows\SysWOW64\DartCertificate.dll
2019-03-06 23:23 - 2019-03-06 23:23 - 000000810 _____ C:\Users\Arturo H\Desktop\Youtube Downloader HD (2).lnk
2019-03-06 23:13 - 2019-03-06 23:13 - 000000810 _____ C:\Users\Arturo H\Desktop\Youtube Downloader HD.lnk
2019-03-02 19:05 - 2019-03-02 19:05 - 000001304 _____ C:\Users\Arturo H\Desktop\Notepad.lnk
2019-03-01 20:17 - 2019-03-01 20:17 - 000036129 _____ C:\Users\Arturo H\Documents\reporte (1).pdf
2019-02-14 18:41 - 2019-02-14 18:41 - 000001894 _____ C:\Users\Arturo H\Desktop\01 PLANILLA CONTROL DE INSPECCIONES.xls - Acceso directo (2).lnk
2019-02-13 21:47 - 2019-02-13 21:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2019-02-13 21:47 - 2019-02-13 21:47 - 000000000 ____D C:\Program Files (x86)\LogMeIn Hamachi

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-15 13:50 - 2017-03-20 12:58 - 000000000 ____D C:\FRST
2019-03-15 13:44 - 2017-06-03 12:56 - 000000000 ____D C:\Users\Arturo H\AppData\LocalLow\Mozilla
2019-03-15 11:15 - 2009-07-14 01:45 - 000019568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-03-15 11:15 - 2009-07-14 01:45 - 000019568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-03-15 11:13 - 2009-07-14 06:31 - 000750590 _____ C:\Windows\system32\perfh00A.dat
2019-03-15 11:13 - 2009-07-14 06:31 - 000159632 _____ C:\Windows\system32\perfc00A.dat
2019-03-15 11:13 - 2009-07-14 02:13 - 001684836 _____ C:\Windows\system32\PerfStringBackup.INI
2019-03-15 11:13 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
2019-03-15 11:10 - 2018-03-08 23:49 - 000000000 ____D C:\Users\Arturo H\AppData\Local\LogMeIn Hamachi
2019-03-15 11:08 - 2018-10-22 21:29 - 000000000 ___RD C:\Users\Arturo H\Google Drive
2019-03-15 11:08 - 2015-10-23 00:43 - 000000000 __SHD C:\Users\Arturo H\IntelGraphicsProfiles
2019-03-15 11:07 - 2018-12-11 17:18 - 000008695 _____ C:\Windows\SysWOW64\‰š‹œž‘’“”•–—˜™š›œžÿ ¡¢£¤¥¦§¨©ª«¬­®¯°±²³´µ¶·¸¹º»¼½¾¿àáâãäåæçèéêëìíîïðñòóôõö×øùúûüýþßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿ1
2019-03-15 11:07 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-03-15 00:46 - 2015-10-24 16:35 - 000000000 ____D C:\Users\Arturo H\AppData\Roaming\VSO
2019-03-14 19:41 - 2018-05-09 12:13 - 000059702 _____ C:\Users\Arturo H\Desktop\ACTA CONTROL  INGRESOS RETIROS Y REPARACIONES.xlsx
2019-03-14 17:10 - 2018-04-01 20:24 - 000000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2019-03-14 15:41 - 2009-07-14 02:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2019-03-13 15:50 - 2018-11-15 19:30 - 000005590 _____ C:\Users\Arturo H\Desktop\03 granizo.txt
2019-03-13 09:27 - 2015-10-23 00:51 - 000000866 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-03-12 19:38 - 2017-03-16 23:18 - 000000000 ____D C:\Users\Arturo H\Desktop\00 - ELECTRÓNICA MARIO
2019-03-12 13:40 - 2017-03-17 13:34 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-03-12 13:37 - 2015-10-23 15:55 - 000000000 ____D C:\Users\Arturo H\AppData\Roaming\MPC-HC
2019-03-12 13:37 - 2015-10-23 00:48 - 000000000 ____D C:\Users\Arturo H\AppData\Roaming\AIMP3
2019-03-12 13:36 - 2015-10-23 00:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-03-12 13:36 - 2015-10-23 00:51 - 000000000 ____D C:\Program Files\CCleaner
2019-03-12 13:22 - 2017-03-19 16:16 - 000000000 ____D C:\AdwCleaner
2019-03-12 12:19 - 2015-10-23 00:48 - 000000000 ____D C:\Users\Arturo H\AppData\Local\Ares
2019-03-10 13:44 - 2018-01-05 01:38 - 000000000 ____D C:\Users\Arturo H\AppData\Roaming\.minecraft
2019-03-10 00:24 - 2019-01-07 15:45 - 000001319 _____ C:\Users\Arturo H\Desktop\Roblox Player.lnk
2019-03-10 00:24 - 2018-08-31 21:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox
2019-03-06 23:13 - 2016-08-06 15:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube Downloader HD
2019-03-06 21:41 - 2009-07-14 02:08 - 000032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-03-05 18:43 - 2015-11-03 16:19 - 000000000 ____D C:\Users\Arturo H\AppData\Local\CutePDF Writer
2019-03-05 18:04 - 2015-10-23 00:57 - 000002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-03-05 12:56 - 2019-02-05 16:35 - 000000000 ____D C:\Users\Arturo H\Desktop\Nueva carpeta
2019-02-14 23:22 - 2018-11-05 14:46 - 000017203 _____ C:\Users\Arturo H\Desktop\LISTADO DE TALLERES ENTRE RIOS.xlsx
2019-02-14 20:58 - 2018-11-15 14:24 - 000039345 _____ C:\Users\Arturo H\Desktop\02 - INSP STRO Nº-POL-Gravedad del Stro.xlsx
2019-02-14 00:59 - 2018-03-31 01:24 - 000000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2019-02-14 00:59 - 2018-03-31 01:24 - 000000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi

==================== Files in the root of some directories =======

2013-05-01 23:55 - 2013-05-01 23:55 - 000064108 _____ () C:\Users\Arturo H\AppData\Roaming\Hebefitor
2018-02-26 22:23 - 2018-02-26 22:23 - 000001167 _____ () C:\Users\Arturo H\AppData\Roaming\trace_FilterInstaller.1.txt
2018-02-26 22:23 - 2018-02-27 13:48 - 000000905 _____ () C:\Users\Arturo H\AppData\Roaming\trace_FilterInstaller.txt
2018-02-26 22:23 - 2018-02-27 13:48 - 000000000 _____ () C:\Users\Arturo H\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2019-03-10 00:25 - 2019-03-11 09:25 - 000000065 _____ () C:\Users\Arturo H\AppData\Roaming\WB.CFG

Some files in TEMP:
====================
2019-03-10 13:29 - 2019-03-10 13:29 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Arturo H\AppData\Local\Temp\jansi-64-128068614218391114.dll
2019-03-10 13:31 - 2019-03-10 13:31 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Arturo H\AppData\Local\Temp\jansi-64-2795035964099251045.dll
2019-03-10 13:43 - 2019-03-10 13:43 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Arturo H\AppData\Local\Temp\jansi-64-3752066670183872873.dll

Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\lastpass_1337.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-03-14 10:24

==================== End of FRST.txt ============================
#9
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13.03.2019 01
Ran by Arturo H (15-03-2019 13:51:21)
Running from C:\Users\Arturo H\Desktop
Windows 7 Ultimate (X64) (2018-03-31 04:40:18)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-3204163558-1490578659-2835150725-500 - Administrator - Disabled)
Arturo H (S-1-5-21-3204163558-1490578659-2835150725-1000 - Administrator - Enabled) => C:\Users\Arturo H
HomeGroupUser$ (S-1-5-21-3204163558-1490578659-2835150725-1005 - Limited - Enabled)
Invitado (S-1-5-21-3204163558-1490578659-2835150725-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
Adobe Acrobat 9 Pro Extended - Italiano, Español, Nederlands, Português (HKLM-x32\...\{AC76BA86-1040-7D70-7761-000000000004}{AC76BA86-1040-7D70-7761-000000000004}) (Version: 9.0.0 - Adobe Systems)
Adobe Acrobat 9 Pro Extended 64-bit Add-On (HKLM\...\{AC76BA86-1033-0000-0064-0003D0000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
AGC 2010 ERP Server (HKLM-x32\...\{9BB06997-4DC0-4BE6-A475-315A596AC536}) (Version: 2.8.08.03.0501 - Master ISI)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.60.1503, 26.09.2015 - AIMP DevTeam)
Ares (HKLM-x32\...\Ares) (Version: 2.4.3-Build#3067 - AresGalaxy)
aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Backup and Sync from Google (HKLM\...\{693CADB0-962B-4AC1-A939-9524B258C997}) (Version: 3.43.2448.9071 - Google, Inc.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 3.0.1.1003 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
Bonjour (HKLM-x32\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
Boost mode manager (HKLM-x32\...\{17154B8D-5829-4ED5-A120-2E03DC6FB0C6}) (Version: 1.0.0.1 - RSUPPORT)
CBR (HKLM\...\{36C9AF28-B599-42EC-8F13-F2998CE64AA6}) (Version: 0.8 - G.Waser)
CCleaner (HKLM\...\CCleaner) (Version: 5.53 - Piriform)
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version:  - dvd8n)
Colin McRae Rally Remastered (HKLM-x32\...\Colin McRae Rally Remastered_is1) (Version:  - )
Convert MP4 to MP3 (HKLM-x32\...\{5067397A-2935-4290-AE14-1BE2863B00A3}_is1) (Version:  - ConvertMP4toMP3.com)
CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version:  - )
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.0.0316.0317 - DT Soft Ltd)
DC Universe Online (HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\DGC-DC Universe Online) (Version: 1.0.3.192 - Daybreak Game Company)
DC Universe Online Live (HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\DG0-DC Universe Online Live) (Version:  - Sony Online Entertainment)
Desinstalar impresora EPSON XP-201 204 208 Series (HKLM\...\EPSON XP-201 204 208 Series) (Version:  - SEIKO EPSON Corporation)
Desinstalar impresora EPSON XP-400 Series (HKLM\...\EPSON XP-400 Series) (Version:  - SEIKO EPSON Corporation)
Download Navigator (HKLM-x32\...\{E728441A-7820-4B1C-87C9-DE7BE37B2953}) (Version: 1.1.0 - SEIKO EPSON CORPORATION)
dr.fone (Version 9.1.0) (HKLM-x32\...\{E8F86DA8-B8E4-42C7-AFD4-EBB692AC43FD}_is1) (Version: 9.1.0.7 - Wondershare Technology Co.,Ltd.)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.13263.0 - Electronic Arts)
Droid Explorer 0.8.8.2 (x64) (HKLM\...\{09AD6FBB-2843-4644-B669-DEC30A75E8A3}) (Version: 0.8.8.2 - Ryan Conrad)
Epic Games Launcher (HKLM-x32\...\{9B504F12-DA3B-4CEC-A6FD-B07D6C1FEA26}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EPSON Connect versión 1.0 (HKLM-x32\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}) (Version: 3.01.0000 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
FACTUSOL (HKLM-x32\...\{1D100E38-FA60-4729-9F7D-4F1F5644DC9D}) (Version: 1.02.000015 - Software del Sol, S.A.)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.7.143.923 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.8.1216 - Foxit Software Inc.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Gameforge Live 2.0.12 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.12 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.121 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.3.1 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.33 - Intel Corporation)
Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
K-Lite Codec Pack 10.3.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.3.0 - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\{1945856D-A68E-43D3-846D-F8DFDE4A69F7}) (Version: 2.2.0.630 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.630 - LogMeIn, Inc.)
Marvel(TM) - Ultimate Alliance (HKLM-x32\...\{932FB3F3-594D-4600-ABFA-F2DE80A14214}) (Version: 1.00.0000 - Activision) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}) (Version:  - )
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mine-imator version 1.0.6 (HKLM-x32\...\{EF61A1AA-5F85-4E94-ACC6-D5650A312AE6}}_is1) (Version: 1.0.6 - David Norgren)
Mozilla Firefox 41.0.2 (x86 es-AR) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 es-AR)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.7.0.6655 - Mozilla)
Mozilla Thunderbird 52.7.0 (x86 es-ES) (HKLM-x32\...\Mozilla Thunderbird 52.7.0 (x86 es-ES)) (Version: 52.7.0 - Mozilla)
MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM-x32\...\{CF097717-F174-4144-954A-FBC4BF301033}) (Version: 7.02.9753 - Nero AG)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.2.2.60207 - Electronic Arts, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) Hidden
PonyProg2000 v2.06f (HKLM-x32\...\PonyProg2000_is1) (Version: 2.06f - LancOS)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.85.423.2014 - Realtek)
RivaTuner Statistics Server 6.5.0 (HKLM-x32\...\RTSS) (Version: 6.5.0 - Unwinder)
Roblox Player (HKLM-x32\...\roblox-player) (Version:  - Roblox Corporation)
Roblox Studio for Arturo H (HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - Roblox Corporation)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16084.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16084.2 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Shredder Classic 4 (HKLM-x32\...\{C0FA6973-0ED6-4523-9593-BE50927A28BB}_is1) (Version:  - Stefan Meyer-Kahlen)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.104 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 5.21.5126.1 - Hi-Rez Studios)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{d370215a-d003-43ae-a3b6-1028af64d5a1}) (Version: 10.0.20 - Intel(R) Corporation) Hidden
Software Updater (HKLM-x32\...\{6DFBE8A2-CDBF-453E-B34C-32F202FCEE4C}) (Version: 4.2.1 - SEIKO EPSON CORPORATION)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
Spider-Man(TM) - El Reino de las Sombras 1.1 Patch (HKLM-x32\...\InstallShield_{9208F706-6528-4591-A997-F41395FBD8A7}) (Version:  - ) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StockBase POS 2033 (HKLM-x32\...\{2CEF2427-9703-4176-87F9-052A30974D19}) (Version: 2033.790 - EGA Futura) Hidden
StockBase POS 2033 (HKLM-x32\...\StockBase POS 2033) (Version: 2033.790 - EGA Futura)
TPVSOL (HKLM-x32\...\{91B5CD52-3C44-45AD-99E9-BA2DCD763FAD}) (Version: 1.02.00009 - Software del Sol, S.A.)
Twin USB Vibration Gamepad (HKLM-x32\...\{1BBDD6C0-ED6F-43C3-8A9C-84E3249A5615}) (Version: 2007.01.01 - )
UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.2.1.2 - uvnc bvba)
USB Game Controller (HKLM-x32\...\{D3DF3D05-DE2A-476A-A384-08FCD58D9FE7}) (Version: 2007.01.01 - )
USB GAMEPAD (HKLM-x32\...\{02D51AB0-0D1B-42D0-9453-D66B18F86A3F}) (Version: 1.00.0000 - GASIA)
USB Network Joystick (BM) (HKLM-x32\...\{2D8DCCA2-2339-4155-A29B-46041362DFDD}) (Version: 1.00.0000 - )
Vegas Pro 13.0 (64-bit) (HKLM\...\{3934F12E-091D-11E4-A0AD-F04DA23A5C58}) (Version: 13.0.373 - Sony)
VIA Administrador de dispositivos de plataforma (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VSO Image Resizer 2.1.2 (HKLM-x32\...\{3EE51BAD-9916-49C7-90BA-3D500B031E0C}_is1) (Version: 2.1.2 - VSO-Software)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
YACReader 8.5.0 (HKLM-x32\...\YACReader_is1) (Version:  - )
Youtube Downloader HD v. 2.9.9.50 (HKLM-x32\...\Youtube Downloader HD_is1) (Version:  - YoutubeDownloaderHD.com)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\ChromeHTML: ->  <==== ATTENTION
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-12-07] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-12-07] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-12-07] (Google Inc -> Google)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-12-07] (Google Inc -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => d:\Program Files (x86)\Alcohol Soft\Alcohol 120\AXShlEx.dll [2009-04-24] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => d:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2009-02-09] (Alcohol Soft Development Team) [File not signed]
ContextMenuHandlers3: [ImageResizer] -> [CC]{C6193976-9333-4e73-96BA-7B21CA942187} =>  -> No File
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-12-07] (Google Inc -> Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\Windows\system32\igfxOSP.dll [2015-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A4EAAC2-210A-4F14-AAE4-A56F625EC891} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {68D141FA-0F64-4531-A55B-B3F486D01F40} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {75FBDB07-B24E-402A-AD44-3998C60AB02C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E0C63DB5-366D-40E2-9A5B-30EA8AE592C3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->\\.\root\subscription:ActiveScriptEventConsumer.Name=\"ASEC\"",Filter="\\.\root\subscription:__EventFilter.Name=\"EventFilter sethomePage2\":: <==== ATTENTION
WMI:subscription\__TimerInstruction->SethomePage Interval Timer:: <==== ATTENTION
WMI:subscription\__IntervalTimerInstruction->SethomePage Interval Timer:: <==== ATTENTION
WMI:subscription\__EventFilter->EventFilter sethomePage2::[Query => Select * From __timerevent Where TimerId = "SethomePage Interval Timer"] <==== ATTENTION

ShortcutWithArgument: C:\Users\Arturo H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Facebook Flat Extension for Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 1" --app-id=egmhbmppadogikmfeagdgopjmmcnbelb

==================== Loaded Modules (Whitelisted) ==============

2018-05-24 18:08 - 2011-08-30 13:38 - 000558080 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\enppmon.dll
2018-05-24 18:08 - 2011-08-01 18:24 - 000252416 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\enpres.dll
2019-01-21 10:27 - 2006-12-19 17:23 - 000094208 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
2011-05-17 13:03 - 2011-05-17 13:03 - 000253952 _____ (Ryan Conrad) [File not signed] C:\Program Files\Droid Explorer\DroidExplorer.Service.exe
2011-05-17 13:03 - 2011-05-17 13:03 - 000117760 _____ (Ryan Conrad) [File not signed] C:\Program Files\Droid Explorer\DroidExplorer.Core.dll
2011-04-20 08:56 - 2011-04-20 08:56 - 000270336 _____ (The Apache Software Foundation) [File not signed] C:\Program Files\Droid Explorer\log4net.dll
2011-05-17 13:03 - 2011-05-17 13:03 - 000046080 _____ (Ryan Conrad) [File not signed] C:\Program Files\Droid Explorer\DroidExplorer.Configuration.dll
2019-02-07 17:33 - 2019-02-07 17:33 - 000547840 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll
2019-02-07 17:33 - 2019-02-07 17:34 - 098275328 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2019-02-07 17:34 - 2019-02-07 17:34 - 003922432 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2019-02-07 17:34 - 2019-02-07 17:34 - 000092672 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2019-03-09 13:26 - 2017-10-06 22:01 - 004195328 _____ (The Chromium Authors) [File not signed] C:\Users\Arturo H\AppData\Local\chromium\Application\chrome.exe
2019-03-15 11:07 - 2019-03-15 11:07 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\python27.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 000113664 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_ctypes.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000080896 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\bz2.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 001792512 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_hashlib.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000128512 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32api.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000137728 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\pywintypes27.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 000548864 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\pythoncom27.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 000689664 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\unicodedata.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000438784 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32com.shell.shell.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 001489408 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._core_.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxbase30u_vc90_x64.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxbase30u_net_vc90_x64.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxmsw30u_core_vc90_x64.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxmsw30u_adv_vc90_x64.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 001007104 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._gdi_.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 001039872 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._windows_.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxmsw30u_html_vc90_x64.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 001325056 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._controls_.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000916992 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._misc_.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 001084416 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\pysqlite2._sqlite.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000149504 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32file.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000136192 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32security.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000007680 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\hashobjs_ext.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000020992 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\thumbnails_ext.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000118784 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\usb_ext.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000047616 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_socket.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 002224640 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_ssl.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000014848 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\common.time34.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000023040 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32event.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000034304 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\windows.conditional.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000020480 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\windows.winwrap.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000110080 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\windows.volumes.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000223232 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32gui.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000173568 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_elementtree.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000169472 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\pyexpat.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000048128 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32inet.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000103424 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._html2.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxmsw30u_webview_vc90_x64.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 000046080 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_psutil_windows.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000011776 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32crypt.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000301568 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\PIL._imaging.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000032256 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_multiprocessing.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 005752320 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\cello.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000026112 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_yappi.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000044032 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32process.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000027648 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32pipe.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000010752 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\select.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000029696 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32pdh.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000038400 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\windows.connectivity.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000073216 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\windows.device_monitor.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000020480 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32profile.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000026624 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32ts.pyd
2015-12-15 01:46 - 2015-12-15 01:46 - 000578611 _____ () [File not signed] C:\Program Files\Droid Explorer\SDK\tools\adb.exe
2007-05-28 13:57 - 2007-05-28 13:57 - 000275968 _____ (Rocket Division Software) [File not signed] d:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
2018-10-10 20:55 - 2018-01-26 17:08 - 000200192 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppCommon.dll
2018-10-10 20:55 - 2017-09-27 17:30 - 000489984 _____ (Newtonsoft) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\Newtonsoft.Json.dll
2018-10-10 20:55 - 2018-01-26 17:08 - 000088064 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppCollect.dll
2019-01-21 10:27 - 2007-09-10 14:32 - 000135168 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBRSVC.dll
2019-01-21 10:27 - 2007-09-10 14:03 - 000110592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBLPBidiDev.dll
2019-01-21 10:27 - 2007-09-18 15:44 - 000421888 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBIPDev.dll
2019-01-21 10:27 - 2004-11-17 15:56 - 000286720 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBNWDev.dll
2019-01-21 10:27 - 2006-12-26 13:58 - 000233544 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBMSDev.dll
2019-01-21 10:27 - 2006-08-30 00:02 - 000106496 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\epLocalBidi.dll
2016-06-09 12:40 - 2016-06-09 12:40 - 000197120 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\BaseUI.dll
2019-03-09 13:26 - 2017-10-06 22:01 - 000427520 _____ (The Chromium Authors) [File not signed] C:\Users\Arturo H\AppData\Local\chromium\Application\63.0.3235.0\chrome_elf.dll
2019-03-09 13:26 - 2017-10-06 22:01 - 036970496 _____ (The Chromium Authors) [File not signed] C:\Users\Arturo H\AppData\Local\chromium\Application\63.0.3235.0\chrome.dll
2008-12-12 11:11 - 2008-12-12 11:11 - 000147456 _____ (Apple Inc.) [File not signed] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
2018-03-31 01:29 - 2018-03-31 01:29 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.DLL
2015-12-15 01:46 - 2015-12-15 01:46 - 000096256 _____ (Google, inc) [File not signed] C:\Program Files\Droid Explorer\SDK\tools\AdbWinApi.dll
2015-12-15 01:46 - 2015-12-15 01:46 - 000060928 _____ (Google, inc) [File not signed] C:\Program Files\Droid Explorer\SDK\tools\AdbWinUsbApi.dll
2019-03-09 13:26 - 2017-10-06 22:01 - 049748480 _____ (The Chromium Authors) [File not signed] C:\Users\Arturo H\AppData\Local\chromium\Application\63.0.3235.0\chrome_child.dll
2019-03-09 13:26 - 2017-10-06 22:01 - 003148800 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\chromium\Application\63.0.3235.0\libglesv2.dll
2019-03-09 13:26 - 2017-10-06 22:01 - 000078848 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\chromium\Application\63.0.3235.0\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:34 - 2019-03-10 16:13 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts


2018-04-01 20:24 - 2019-03-14 17:10 - 000000374 _____ C:\Windows\system32\drivers\etc\hosts.ics


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\Master ISI
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Arturo H\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: FoxitCloudUpdateService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MDM => 2
MSCONFIG\Services: Microsoft Office Groove Audit Service => 3
MSCONFIG\Services: NBService => 3
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: odserv => 3
MSCONFIG\Services: ose => 3
MSCONFIG\Services: wscsvc => 2
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "D:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "D:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "D:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: KiesPDLR.exe => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Malwarebytes TrayApp => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FC121E35-EC8E-4B2D-85AA-5C0A1C7BD919}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{4AB7E13C-D9E8-4717-8F83-36E7F2890002}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{CD1F2ED3-1376-4B32-9D0C-4EA02E265853}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{34D2D782-FFDB-490D-8391-39D47A0CFCF0}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{B1098C48-A880-4206-9398-B0027B3B19F3}] => (Allow) LPort=5800
FirewallRules: [{9243AD44-DEF3-4C44-89C8-8321DD1D802E}] => (Allow) LPort=5900
FirewallRules: [{C75DDE82-A300-441F-A19E-FB19A3009494}] => (Allow) LPort=5800
FirewallRules: [{476FA948-3983-4896-BBB3-BB9A72643458}] => (Allow) LPort=5900
FirewallRules: [{84E9863C-2228-4D20-AFCE-0C6B68A951A5}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{24527998-FF25-4EFB-ABA2-4E9C6421843C}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{F316DAEB-83B7-43EB-A1C9-87D7173F5C17}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Minecraft Story Mode - A Telltale Game Series\MinecraftStoryMode.exe (Telltale Games) [File not signed]
FirewallRules: [{6D8CD6E6-1999-47E6-A53D-146728E7F9C6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Minecraft Story Mode - A Telltale Game Series\MinecraftStoryMode.exe (Telltale Games) [File not signed]
FirewallRules: [{7FBBC96C-18CA-4071-BA3E-85292981402D}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{42808209-30B0-4DF5-8973-AC26AA403AFF}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6EE35D9A-2EBC-485A-AE25-440F174389C1}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [{EAFAFCA1-DB0C-4BB6-A427-DB04238CD8C2}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [{87DDB2BD-F1D4-4040-BBCD-96E615A34607}] => (Allow) D:\Program Files (x86)\GameforgeLive\gfl_client.exe (Gameforge 4D GmbH -> )
FirewallRules: [{09F55159-AB2B-4F91-B656-F20ED0302C35}] => (Allow) D:\Program Files (x86)\Origin Games\Dragon Age\bin_ship\daorigins.exe (Electronic Arts -> BioWare)
FirewallRules: [{AE40DD3E-8E0A-4887-B27A-0AB7354D5D32}] => (Allow) D:\Program Files (x86)\Origin Games\Dragon Age\bin_ship\daorigins.exe (Electronic Arts -> BioWare)
FirewallRules: [{53094107-AFF5-4991-B087-1993E2EFEBB1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{D08C28EE-59B7-41F8-8E3C-A10CA8330B53}D:\users\public\daybreak game company\installed games\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) D:\users\public\daybreak game company\installed games\dc universe online\unreal3\binaries\win32\dcgame.exe (Sony Online Entertainment) [File not signed]
FirewallRules: [TCP Query User{10F5AA3F-6238-4308-8BCD-C4816BD2E4F4}D:\users\public\daybreak game company\installed games\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) D:\users\public\daybreak game company\installed games\dc universe online\unreal3\binaries\win32\dcgame.exe (Sony Online Entertainment) [File not signed]
FirewallRules: [UDP Query User{BCBD63A0-66AD-4680-A3BC-C7A1CDFD5C48}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [TCP Query User{BA64D22E-0E7B-4B98-84CE-D010C75BE5C4}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{77917BB1-C1C3-4F08-B3D4-0448D2A16EA0}D:\program files (x86)\juegoslevelup\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) D:\program files (x86)\juegoslevelup\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe (Hi-Rez Studios, Inc. -> Hirez Studios, Inc.)
FirewallRules: [TCP Query User{862B152F-CABC-4D2D-903B-52420C4A1A7B}D:\program files (x86)\juegoslevelup\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) D:\program files (x86)\juegoslevelup\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe (Hi-Rez Studios, Inc. -> Hirez Studios, Inc.)
FirewallRules: [UDP Query User{7AA907FE-7EBE-4288-9CD5-6F982B768838}D:\program files (x86)\toy soldiers war chest\game.exe] => (Allow) D:\program files (x86)\toy soldiers war chest\game.exe (Signal Studios) [File not signed]
FirewallRules: [TCP Query User{FD837B23-5451-4F18-923F-3EA8882AB92D}D:\program files (x86)\toy soldiers war chest\game.exe] => (Allow) D:\program files (x86)\toy soldiers war chest\game.exe (Signal Studios) [File not signed]
FirewallRules: [UDP Query User{E8CD4611-700F-4F20-A867-F855C0E9A44D}C:\users\arturo h\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\arturo h\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{85FB273E-ABA5-4854-A71F-2650766F444B}C:\users\arturo h\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\arturo h\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{FB70D042-3946-40BE-B887-3D808F9A8589}C:\users\arturo h\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\arturo h\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{6880EA9B-13F8-449F-A717-656DF0D1E52C}C:\users\arturo h\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\arturo h\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{A78DDB23-770C-44E7-A83C-218F8ABD651D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{8ABD5F90-0C3F-4975-B1F7-37759A9B694A}] => (Allow) C:\Users\Arturo H\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) [File not signed]

==================== Restore Points =========================

28-02-2019 23:26:33 Punto de control programado
08-03-2019 16:30:46 Punto de control programado

==================== Faulty Device Manager Devices =============

Name: Hamachi Network Interface #3
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (03/15/2019 11:18:41 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
.

Error: (03/14/2019 10:36:20 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows no puede tener acceso al archivo  por alguna de las siguientes razones:
Hay un problema con la conexión de red, con el disco donde se almacena este archivo o con los controladores
de almacenamiento instalados en este equipo; o bien no se encuentra el disco.
Windows cerró el programa Proceso host para los servicios de Windows por este error.

Programa: Proceso host para los servicios de Windows
Archivo: 

El valor del error se muestra en la sección Datos adicionales.
Acción del usuario
1. Abra el archivo de nuevo.
Podría ser sólo un problema temporal que se corrige al ejecutar el programa de nuevo.
2.
Si todavía no se puede tener acceso al archivo y 
	- Está en la red,
el administrador de red debe comprobar que no exista ningún problema con la red y que es posible ponerse en contacto con el servidor.
	- Está en un disco extraíble, como un disquete o un CD-ROM, compruebe que el disco esté insertado en el equipo.
3. Compruebe y repare el sistema de archivos ejecutando CHKDSK. Para ejecutar CHKDSK, haga clic en Inicio y después en Ejecutar; escriba CMD y después haga clic en Aceptar. En el símbolo del sistema, escriba CHKDSK /F y después presione Entrar.
4. Si el problema continúa, restaure el archivo a partir de una copia de seguridad.
5. Compruebe si se pueden abrir otros archivos en el mismo disco. Si no se pueden abrir, el disco podría estar dañado. Si se trata de un disco duro, póngase en contacto con el administrador o con el fabricante del hardware del equipo
para obtener ayuda adicional.

Datos adicionales
Valor del error:00000000
Tipo de disco: 0

Error: (03/14/2019 10:36:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_AudioSrv, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc3c1
Nombre del módulo con errores: VIASysFx.dll, versión: 1.0.0.0, marca de tiempo: 0x530d5a61
Código de excepción: 0xc000001d
Desplazamiento de errores: 0x0000000000034d70
Id. del proceso con errores: 0x8a8
Hora de inicio de la aplicación con errores: 0x01d4dacf1e1d3ccd
Ruta de acceso de la aplicación con errores: C:\Windows\system32\svchost.exe
Ruta de acceso del módulo con errores: C:\Windows\system32\VIASysFx.dll
Id. del informe: bba842b2-46c2-11e9-9b2c-c4e98461dd4e

Error: (03/14/2019 10:35:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
.

Error: (03/14/2019 05:20:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
.

Error: (03/14/2019 09:16:09 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
.

Error: (03/13/2019 10:24:51 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
.

Error: (03/13/2019 09:31:51 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
.


System errors:
=============
Error: (03/15/2019 11:39:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Audio de Windows se terminó de manera inesperada. Esto ha sucedido 12 veces.

Error: (03/15/2019 11:30:40 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Audio de Windows se terminó de manera inesperada. Esto ha sucedido 11 veces.

Error: (03/15/2019 11:30:20 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Audio de Windows se terminó de manera inesperada. Esto ha sucedido 10 veces.

Error: (03/15/2019 11:29:56 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Audio de Windows se terminó de manera inesperada. Esto ha sucedido 9 veces.

Error: (03/15/2019 11:29:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Audio de Windows se terminó de manera inesperada. Esto ha sucedido 8 veces.

Error: (03/15/2019 11:29:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Centro de seguridad se terminó de manera inesperada. Esto ha sucedido 3 veces.

Error: (03/15/2019 11:29:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Proveedor de Grupo Hogar se terminó de manera inesperada. Esto ha sucedido 3 veces.

Error: (03/15/2019 11:29:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Audio de Windows se terminó de manera inesperada. Esto ha sucedido 7 veces.


Windows Defender:
===================================
Date: 2017-03-13 13:53:48.017
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Heazycrome&threatid=234061
Nombre:BrowserModifier:Win32/Heazycrome
Id.:234061
Gravedad:Alta
Categoría:Modificador de explorador
Ruta de acceso encontrada:containerfile:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\content_script.js;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\close_white.png;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\content_script - ¸±±¾.js;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\content_script.js;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\content_script.js->(UTF-8);file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\icon.png;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\jquery-1.8.3.min.js;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\jquery.js;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\manifest.json;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\popup.html;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\popup.js;file:C:\Users\Arturo H\AppData\Local\Temp\00008909\hp.exe;folder:C:
Tipo de detección:Concreto
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\SYSTEM
Nombre de proceso:

Date: 2017-03-13 13:43:37.553
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Heazycrome&threatid=234061
Nombre:BrowserModifier:Win32/Heazycrome
Id.:234061
Gravedad:Alta
Categoría:Modificador de explorador
Ruta de acceso encontrada:file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\close_white.png;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\content_script - ¸±±¾.js;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\content_script.js;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\icon.png;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\jquery-1.8.3.min.js;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\jquery.js;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\manifest.json;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\popup.html;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\popup.js;file:C:\Users\Arturo H\AppData\Local\Temp\00008909\hp.exe;folder:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\
Tipo de detección:Concreto
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\SYSTEM
Nombre de proceso:

Date: 2017-03-13 13:43:37.553
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=SoftwareBundler:Win32/Prepscram&threatid=226289
Nombre:SoftwareBundler:Win32/Prepscram
Id.:226289
Gravedad:Alta
Categoría:Software que instala varios programas
Ruta de acceso encontrada:file:C:\Users\Arturo H\AppData\Local\Temp\18971406\ic-0.c2de21c5634788.exe
Tipo de detección:Concreto
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\SYSTEM
Nombre de proceso:

Date: 2017-03-13 13:35:56.889
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Heazycrome&threatid=234061
Nombre:BrowserModifier:Win32/Heazycrome
Id.:234061
Gravedad:Alta
Categoría:Modificador de explorador
Ruta de acceso encontrada:file:C:\Users\Arturo H\AppData\Local\Temp\00008909\hp.exe
Tipo de detección:Concreto
Origen de detección:Protección en tiempo real
Estado:Desconocido
Usuario:\
Nombre de proceso:

Date: 2017-03-13 13:35:45.643
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=SoftwareBundler:Win32/Prepscram&threatid=226289
Nombre:SoftwareBundler:Win32/Prepscram
Id.:226289
Gravedad:Alta
Categoría:Software que instala varios programas
Ruta de acceso encontrada:file:C:\Users\Arturo H\AppData\Local\Temp\18971406\ic-0.c2de21c5634788.exe
Tipo de detección:Concreto
Origen de detección:Protección en tiempo real
Estado:Desconocido
Usuario:\
Nombre de proceso:

CodeIntegrity:
===================================

Date: 2018-11-27 09:02:49.070
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-11-27 09:02:49.070
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-11-27 09:02:49.070
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-11-27 09:02:49.070
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-11-27 09:02:49.070
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-11-27 09:02:49.070
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-11-26 17:03:44.961
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-11-26 17:03:44.961
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 67%
Total physical RAM: 8061.82 MB
Available physical RAM: 2599.16 MB
Total Virtual: 16121.8 MB
Available Virtual: 10224.96 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.56 GB) (Free:6.21 GB) NTFS
Drive d: () (Fixed) (Total:833.85 GB) (Free:88.83 GB) NTFS
Drive g: (SAMSUNG) (Fixed) (Total:698.64 GB) (Free:10.87 GB) NTFS

\\?\Volume{f78e67ad-7925-11e5-b408-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 21380840)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=833.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 698.6 GB) (Disk ID: 077B1F2A)
Partition 1: (Active) - (Size=698.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
#10

Espero haberlo hecho bien. Saludos

#11

Hola

:arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe( en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

A continuación inicia tu equipo desde el Modo Seguro de Windows con función de red

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601928 2018-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) [File not signed]
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\Run: [DAEMON Tools Pro Agent] => D:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [1163072 2012-04-12] (DT Soft Ltd) [File not signed]
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\Run: [Chromium] => c:\users\arturo h\appdata\local\chromium\application\chrome.exe [4195328 2017-10-06] (The Chromium Authors) [File not signed]
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\Run: [GoogleChromeAutoLaunch_C7E2FF17AF198129FFB9BFAB09075822] => C:\Users\Arturo H\AppData\Local\chromium\Application\chrome.exe [4195328 2017-10-06] (The Chromium Authors) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3204163558-1490578659-2835150725-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\Arturo H\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [No File]
FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\Arturo H\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [No File]
CHR Extension: (Chrome Media Router) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-12]
CHR HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
2019-03-10 00:24 - 2019-03-10 00:25 - 000000000 ____D C:\Users\Arturo H\AppData\Local\{D78EE1D2-F326-8D6A-9EBE-A882BAD6541A}
2019-03-09 13:26 - 2019-03-09 13:26 - 000002274 _____ C:\Users\Arturo H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2019-03-09 13:26 - 2019-03-09 13:26 - 000000000 ____D C:\Users\Arturo H\AppData\Local\chromium
2019-03-09 13:25 - 2019-03-12 12:19 - 000000000 ____D C:\Windows\System32\Tasks\{524A4054-2696-AE1A-65DC-18D0350BB78D}
2019-03-15 11:07 - 2018-12-11 17:18 - 000008695 _____ C:\Windows\SysWOW64\‰š‹œž‘’“”•–—˜™š›œžÿ ¡¢£¤¥¦§¨©ª«¬¬®¯°±²³´µ¶•¸¹º»¼½¾¿àáâãäåæçèéêëìíîïðñòóôõö×øùúûüýþßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿ1
2019-03-10 13:29 - 2019-03-10 13:29 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Arturo H\AppData\Local\Temp\jansi-64-128068614218391114.dll
2019-03-10 13:31 - 2019-03-10 13:31 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Arturo H\AppData\Local\Temp\jansi-64-2795035964099251045.dll
2019-03-10 13:43 - 2019-03-10 13:43 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Arturo H\AppData\Local\Temp\jansi-64-3752066670183872873.dll
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\ChromeHTML: ->  <==== ATTENTION
ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => d:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2009-02-09] (Alcohol Soft Development Team) [File not signed]
ContextMenuHandlers3: [ImageResizer] -> [CC]{C6193976-9333-4e73-96BA-7B21CA942187} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
WMI:subscription\__FilterToConsumerBinding->\\.\root\subscription:ActiveScriptEventConsumer.Name=\"ASEC\"",Filter="\\.\root\subscription:__EventFilter.Name=\"EventFilter sethomePage2\":: <==== ATTENTION
WMI:subscription\__TimerInstruction->SethomePage Interval Timer:: <==== ATTENTION
WMI:subscription\__IntervalTimerInstruction->SethomePage Interval Timer:: <==== ATTENTION
WMI:subscription\__EventFilter->EventFilter sethomePage2::[Query => Select * From __timerevent Where TimerId = "SethomePage Interval Timer"] <==== ATTENTION
ShortcutWithArgument: C:\Users\Arturo H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Facebook Flat Extension for Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 1" --app-id=egmhbmppadogikmfeagdgopjmmcnbelb
2019-02-07 17:33 - 2019-02-07 17:33 - 000547840 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll
2019-03-09 13:26 - 2017-10-06 22:01 - 004195328 _____ (The Chromium Authors) [File not signed] C:\Users\Arturo H\AppData\Local\chromium\Application\chrome.exe
2019-03-15 11:07 - 2019-03-15 11:07 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\python27.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 000113664 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_ctypes.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000080896 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\bz2.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 001792512 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_hashlib.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000128512 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32api.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000137728 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\pywintypes27.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 000548864 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\pythoncom27.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 000689664 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\unicodedata.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000438784 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32com.shell.shell.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 001489408 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._core_.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxbase30u_vc90_x64.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxbase30u_net_vc90_x64.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxmsw30u_core_vc90_x64.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxmsw30u_adv_vc90_x64.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 001007104 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._gdi_.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 001039872 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._windows_.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxmsw30u_html_vc90_x64.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 001325056 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._controls_.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000916992 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._misc_.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 001084416 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\pysqlite2._sqlite.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000149504 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32file.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000136192 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32security.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000007680 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\hashobjs_ext.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000020992 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\thumbnails_ext.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000118784 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\usb_ext.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000047616 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_socket.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 002224640 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_ssl.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000014848 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\common.time34.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000023040 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32event.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000034304 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\windows.conditional.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000020480 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\windows.winwrap.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000110080 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\windows.volumes.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000223232 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32gui.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000173568 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_elementtree.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000169472 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\pyexpat.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000048128 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32inet.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000103424 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._html2.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxmsw30u_webview_vc90_x64.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 000046080 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_psutil_windows.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000011776 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32crypt.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000301568 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\PIL._imaging.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000032256 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_multiprocessing.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 005752320 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\cello.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000026112 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_yappi.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000044032 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32process.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000027648 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32pipe.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000010752 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\select.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000029696 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32pdh.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000038400 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\windows.connectivity.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000073216 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\windows.device_monitor.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000020480 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32profile.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000026624 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32ts.pyd
2019-03-09 13:26 - 2017-10-06 22:01 - 000427520 _____ (The Chromium Authors) [File not signed] C:\Users\Arturo H\AppData\Local\chromium\Application\63.0.3235.0\chrome_elf.dll
2019-03-09 13:26 - 2017-10-06 22:01 - 036970496 _____ (The Chromium Authors) [File not signed] C:\Users\Arturo H\AppData\Local\chromium\Application\63.0.3235.0\chrome.dll
2019-03-09 13:26 - 2017-10-06 22:01 - 049748480 _____ (The Chromium Authors) [File not signed] C:\Users\Arturo H\AppData\Local\chromium\Application\63.0.3235.0\chrome_child.dll
2019-03-09 13:26 - 2017-10-06 22:01 - 003148800 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\chromium\Application\63.0.3235.0\libglesv2.dll
2019-03-09 13:26 - 2017-10-06 22:01 - 000078848 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\chromium\Application\63.0.3235.0\libegl.dll
FirewallRules: [{F316DAEB-83B7-43EB-A1C9-87D7173F5C17}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Minecraft Story Mode - A Telltale Game Series\MinecraftStoryMode.exe (Telltale Games) [File not signed]
FirewallRules: [{6D8CD6E6-1999-47E6-A53D-146728E7F9C6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Minecraft Story Mode - A Telltale Game Series\MinecraftStoryMode.exe (Telltale Games) [File not signed]
FirewallRules: [{6EE35D9A-2EBC-485A-AE25-440F174389C1}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [{EAFAFCA1-DB0C-4BB6-A427-DB04238CD8C2}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [UDP Query User{D08C28EE-59B7-41F8-8E3C-A10CA8330B53}D:\users\public\daybreak game company\installed games\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) D:\users\public\daybreak game company\installed games\dc universe online\unreal3\binaries\win32\dcgame.exe (Sony Online Entertainment) [File not signed]
FirewallRules: [TCP Query User{10F5AA3F-6238-4308-8BCD-C4816BD2E4F4}D:\users\public\daybreak game company\installed games\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) D:\users\public\daybreak game company\installed games\dc universe online\unreal3\binaries\win32\dcgame.exe (Sony Online Entertainment) [File not signed]
FirewallRules: [UDP Query User{7AA907FE-7EBE-4288-9CD5-6F982B768838}D:\program files (x86)\toy soldiers war chest\game.exe] => (Allow) D:\program files (x86)\toy soldiers war chest\game.exe (Signal Studios) [File not signed]
FirewallRules: [TCP Query User{FD837B23-5451-4F18-923F-3EA8882AB92D}D:\program files (x86)\toy soldiers war chest\game.exe] => (Allow) D:\program files (x86)\toy soldiers war chest\game.exe (Signal Studios) [File not signed]
FirewallRules: [{8ABD5F90-0C3F-4975-B1F7-37759A9B694A}] => (Allow) C:\Users\Arturo H\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) [File not signed]

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.


  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
  • Presionar el botón FIX y aguardar a que termine.
  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo

1 me gusta
#12

Fix result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Arturo H (17-03-2019 21:56:56) Run:1
Running from C:\Users\Arturo H\Desktop
Loaded Profiles: Arturo H (Available Profiles: Arturo H)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601928 2018-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) [File not signed]
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\Run: [DAEMON Tools Pro Agent] => D:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [1163072 2012-04-12] (DT Soft Ltd) [File not signed]
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\Run: [Chromium] => c:\users\arturo h\appdata\local\chromium\application\chrome.exe [4195328 2017-10-06] (The Chromium Authors) [File not signed]
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\Run: [GoogleChromeAutoLaunch_C7E2FF17AF198129FFB9BFAB09075822] => C:\Users\Arturo H\AppData\Local\chromium\Application\chrome.exe [4195328 2017-10-06] (The Chromium Authors) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3204163558-1490578659-2835150725-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\Arturo H\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [No File]
FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\Arturo H\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [No File]
CHR Extension: (Chrome Media Router) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-12]
CHR HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
2019-03-10 00:24 - 2019-03-10 00:25 - 000000000 ____D C:\Users\Arturo H\AppData\Local\{D78EE1D2-F326-8D6A-9EBE-A882BAD6541A}
2019-03-09 13:26 - 2019-03-09 13:26 - 000002274 _____ C:\Users\Arturo H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2019-03-09 13:26 - 2019-03-09 13:26 - 000000000 ____D C:\Users\Arturo H\AppData\Local\chromium
2019-03-09 13:25 - 2019-03-12 12:19 - 000000000 ____D C:\Windows\System32\Tasks\{524A4054-2696-AE1A-65DC-18D0350BB78D}
2019-03-15 11:07 - 2018-12-11 17:18 - 000008695 _____ C:\Windows\SysWOW64\����������������������� �����������������������������������������������������������������������������������������������1
2019-03-10 13:29 - 2019-03-10 13:29 - 000019968 ____N (Red Hat�, Inc.) C:\Users\Arturo H\AppData\Local\Temp\jansi-64-128068614218391114.dll
2019-03-10 13:31 - 2019-03-10 13:31 - 000019968 ____N (Red Hat�, Inc.) C:\Users\Arturo H\AppData\Local\Temp\jansi-64-2795035964099251045.dll
2019-03-10 13:43 - 2019-03-10 13:43 - 000019968 ____N (Red Hat�, Inc.) C:\Users\Arturo H\AppData\Local\Temp\jansi-64-3752066670183872873.dll
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\ChromeHTML: ->  <==== ATTENTION
ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => d:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2009-02-09] (Alcohol Soft Development Team) [File not signed]
ContextMenuHandlers3: [ImageResizer] -> [CC]{C6193976-9333-4e73-96BA-7B21CA942187} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
WMI:subscription\__FilterToConsumerBinding->\\.\root\subscription:ActiveScriptEventConsumer.Name=\"ASEC\"",Filter="\\.\root\subscription:__EventFilter.Name=\"EventFilter sethomePage2\":: <==== ATTENTION
WMI:subscription\__TimerInstruction->SethomePage Interval Timer:: <==== ATTENTION
WMI:subscription\__IntervalTimerInstruction->SethomePage Interval Timer:: <==== ATTENTION
WMI:subscription\__EventFilter->EventFilter sethomePage2::[Query => Select * From __timerevent Where TimerId = "SethomePage Interval Timer"] <==== ATTENTION
ShortcutWithArgument: C:\Users\Arturo H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Facebook Flat Extension for Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 1" --app-id=egmhbmppadogikmfeagdgopjmmcnbelb
2019-02-07 17:33 - 2019-02-07 17:33 - 000547840 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll
2019-03-09 13:26 - 2017-10-06 22:01 - 004195328 _____ (The Chromium Authors) [File not signed] C:\Users\Arturo H\AppData\Local\chromium\Application\chrome.exe
2019-03-15 11:07 - 2019-03-15 11:07 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\python27.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 000113664 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_ctypes.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000080896 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\bz2.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 001792512 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_hashlib.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000128512 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32api.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000137728 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\pywintypes27.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 000548864 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\pythoncom27.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 000689664 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\unicodedata.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000438784 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32com.shell.shell.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 001489408 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._core_.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxbase30u_vc90_x64.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxbase30u_net_vc90_x64.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxmsw30u_core_vc90_x64.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxmsw30u_adv_vc90_x64.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 001007104 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._gdi_.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 001039872 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._windows_.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxmsw30u_html_vc90_x64.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 001325056 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._controls_.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000916992 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._misc_.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 001084416 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\pysqlite2._sqlite.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000149504 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32file.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000136192 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32security.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000007680 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\hashobjs_ext.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000020992 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\thumbnails_ext.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000118784 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\usb_ext.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000047616 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_socket.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 002224640 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_ssl.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000014848 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\common.time34.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000023040 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32event.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000034304 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\windows.conditional.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000020480 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\windows.winwrap.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000110080 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\windows.volumes.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000223232 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32gui.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000173568 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_elementtree.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000169472 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\pyexpat.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000048128 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32inet.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000103424 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._html2.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxmsw30u_webview_vc90_x64.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 000046080 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_psutil_windows.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000011776 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32crypt.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000301568 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\PIL._imaging.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000032256 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_multiprocessing.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 005752320 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\cello.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000026112 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_yappi.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000044032 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32process.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000027648 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32pipe.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000010752 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\select.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000029696 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32pdh.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000038400 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\windows.connectivity.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000073216 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\windows.device_monitor.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000020480 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32profile.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000026624 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32ts.pyd
2019-03-09 13:26 - 2017-10-06 22:01 - 000427520 _____ (The Chromium Authors) [File not signed] C:\Users\Arturo H\AppData\Local\chromium\Application\63.0.3235.0\chrome_elf.dll
2019-03-09 13:26 - 2017-10-06 22:01 - 036970496 _____ (The Chromium Authors) [File not signed] C:\Users\Arturo H\AppData\Local\chromium\Application\63.0.3235.0\chrome.dll
2019-03-09 13:26 - 2017-10-06 22:01 - 049748480 _____ (The Chromium Authors) [File not signed] C:\Users\Arturo H\AppData\Local\chromium\Application\63.0.3235.0\chrome_child.dll
2019-03-09 13:26 - 2017-10-06 22:01 - 003148800 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\chromium\Application\63.0.3235.0\libglesv2.dll
2019-03-09 13:26 - 2017-10-06 22:01 - 000078848 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\chromium\Application\63.0.3235.0\libegl.dll
FirewallRules: [{F316DAEB-83B7-43EB-A1C9-87D7173F5C17}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Minecraft Story Mode - A Telltale Game Series\MinecraftStoryMode.exe (Telltale Games) [File not signed]
FirewallRules: [{6D8CD6E6-1999-47E6-A53D-146728E7F9C6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Minecraft Story Mode - A Telltale Game Series\MinecraftStoryMode.exe (Telltale Games) [File not signed]
FirewallRules: [{6EE35D9A-2EBC-485A-AE25-440F174389C1}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [{EAFAFCA1-DB0C-4BB6-A427-DB04238CD8C2}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [UDP Query User{D08C28EE-59B7-41F8-8E3C-A10CA8330B53}D:\users\public\daybreak game company\installed games\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) D:\users\public\daybreak game company\installed games\dc universe online\unreal3\binaries\win32\dcgame.exe (Sony Online Entertainment) [File not signed]
FirewallRules: [TCP Query User{10F5AA3F-6238-4308-8BCD-C4816BD2E4F4}D:\users\public\daybreak game company\installed games\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) D:\users\public\daybreak game company\installed games\dc universe online\unreal3\binaries\win32\dcgame.exe (Sony Online Entertainment) [File not signed]
FirewallRules: [UDP Query User{7AA907FE-7EBE-4288-9CD5-6F982B768838}D:\program files (x86)\toy soldiers war chest\game.exe] => (Allow) D:\program files (x86)\toy soldiers war chest\game.exe (Signal Studios) [File not signed]
FirewallRules: [TCP Query User{FD837B23-5451-4F18-923F-3EA8882AB92D}D:\program files (x86)\toy soldiers war chest\game.exe] => (Allow) D:\program files (x86)\toy soldiers war chest\game.exe (Signal Studios) [File not signed]
FirewallRules: [{8ABD5F90-0C3F-4975-B1F7-37759A9B694A}] => (Allow) C:\Users\Arturo H\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) [File not signed]

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotPostWindows10UpgradeReInstall" => removed successfully
"HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Pro Agent" => removed successfully
"HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Chromium" => removed successfully
"HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_C7E2FF17AF198129FFB9BFAB09075822" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.FPS1" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.RTV1" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.FPS1" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.RTV1" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.FMVC" => not found
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} => removed successfully
HKLM\Software\Classes\CLSID\{2f23ab71-4ac6-41f2-a955-ea576e553146} => not found
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} => removed successfully
HKLM\Software\Classes\CLSID\{2f23ab71-4ac6-41f2-a955-ea576e553146} => not found
HKLM\Software\Classes\PROTOCOLS\Handler\gopher => removed successfully
HKLM\Software\Classes\CLSID\{79eac9e4-baf9-11ce-8c82-00aa004ba90b} => not found
HKU\.DEFAULT\Software\MozillaPlugins\@hola.org/FlashPlayer => removed successfully
"C:\Users\Arturo H\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll" => not found
HKU\.DEFAULT\Software\MozillaPlugins\@hola.org/vlc => removed successfully
"C:\Users\Arturo H\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll" => not found
CHR Extension: (Chrome Media Router) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-12] => Error: No automatic fix found for this entry.
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh => removed successfully
C:\Users\Arturo H\AppData\Local\{D78EE1D2-F326-8D6A-9EBE-A882BAD6541A} => moved successfully
C:\Users\Arturo H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk => moved successfully
C:\Users\Arturo H\AppData\Local\chromium => moved successfully
C:\Windows\System32\Tasks\{524A4054-2696-AE1A-65DC-18D0350BB78D} => moved successfully
"C:\Windows\SysWOW64\����������������������� �����������������������������������������������������������������������������������������������1" => not found
C:\Users\Arturo H\AppData\Local\Temp\jansi-64-128068614218391114.dll => moved successfully
C:\Users\Arturo H\AppData\Local\Temp\jansi-64-2795035964099251045.dll => moved successfully
C:\Users\Arturo H\AppData\Local\Temp\jansi-64-3752066670183872873.dll => moved successfully
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000_Classes\ChromeHTML => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\AlcoholShellEx64 => removed successfully
HKLM\Software\Classes\CLSID\{AF67B665-D752-424E-9A03-C7C218F2844F} => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\ImageResizer => removed successfully
HKLM\Software\Classes\CLSID\[CC]{C6193976-9333-4e73-96BA-7B21CA942187} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
\\.\root\subscription:ActiveScriptEventConsumer.Name=\"ASEC\"",Filter="\\.\root\subscription:__EventFilter.Name=\"EventFilter sethomePage2\" => Error deleting product . Error: -2147352567
"SethomePage Interval Timer" => removed successfully
"SethomePage Interval Timer" => not found
"EventFilter sethomePage2" => removed successfully
C:\Users\Arturo H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Facebook Flat Extension for Chrome.lnk => Shortcut argument removed successfully
C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll => moved successfully
"C:\Users\Arturo H\AppData\Local\chromium\Application\chrome.exe" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\python27.dll" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_ctypes.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\bz2.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_hashlib.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32api.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\pywintypes27.dll" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\pythoncom27.dll" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\unicodedata.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32com.shell.shell.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._core_.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxbase30u_vc90_x64.dll" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxbase30u_net_vc90_x64.dll" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxmsw30u_core_vc90_x64.dll" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxmsw30u_adv_vc90_x64.dll" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._gdi_.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._windows_.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxmsw30u_html_vc90_x64.dll" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._controls_.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._misc_.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\pysqlite2._sqlite.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32file.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32security.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\hashobjs_ext.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\thumbnails_ext.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\usb_ext.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_socket.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_ssl.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\common.time34.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32event.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\windows.conditional.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\windows.winwrap.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\windows.volumes.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32gui.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_elementtree.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\pyexpat.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32inet.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._html2.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxmsw30u_webview_vc90_x64.dll" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_psutil_windows.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32crypt.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\PIL._imaging.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_multiprocessing.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\cello.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_yappi.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32process.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32pipe.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\select.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32pdh.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\windows.connectivity.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\windows.device_monitor.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32profile.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32ts.pyd" => not found
"C:\Users\Arturo H\AppData\Local\chromium\Application\63.0.3235.0\chrome_elf.dll" => not found
"C:\Users\Arturo H\AppData\Local\chromium\Application\63.0.3235.0\chrome.dll" => not found
"C:\Users\Arturo H\AppData\Local\chromium\Application\63.0.3235.0\chrome_child.dll" => not found
"C:\Users\Arturo H\AppData\Local\chromium\Application\63.0.3235.0\libglesv2.dll" => not found
"C:\Users\Arturo H\AppData\Local\chromium\Application\63.0.3235.0\libegl.dll" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F316DAEB-83B7-43EB-A1C9-87D7173F5C17}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6D8CD6E6-1999-47E6-A53D-146728E7F9C6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6EE35D9A-2EBC-485A-AE25-440F174389C1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EAFAFCA1-DB0C-4BB6-A427-DB04238CD8C2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D08C28EE-59B7-41F8-8E3C-A10CA8330B53}D:\users\public\daybreak game company\installed games\dc universe online\unreal3\binaries\win32\dcgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{10F5AA3F-6238-4308-8BCD-C4816BD2E4F4}D:\users\public\daybreak game company\installed games\dc universe online\unreal3\binaries\win32\dcgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7AA907FE-7EBE-4288-9CD5-6F982B768838}D:\program files (x86)\toy soldiers war chest\game.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FD837B23-5451-4F18-923F-3EA8882AB92D}D:\program files (x86)\toy soldiers war chest\game.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8ABD5F90-0C3F-4975-B1F7-37759A9B694A}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

Error al renovar la interfaz Conexi¢n de  rea local 3: no se puede establecer contacto con el
servidor DHCP. La solicitud super¢ el tiempo de espera.
Error al renovar la interfaz Conexi¢n de  rea local 2: no se puede establecer contacto con el
servidor DHCP. La solicitud super¢ el tiempo de espera.
No se puede realizar ninguna operaci¢n en Conexi¢n de red inal mbrica 2 mientras los medios
est‚n desconectados.
Error al renovar la interfaz Conexi¢n de red inal mbrica: no se puede establecer contacto con el
servidor DHCP. La solicitud super¢ el tiempo de espera.

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c

========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 61338232 B
Java, Flash, Steam htmlcache => 7418241 B
Windows/system/drivers => 7503598 B
Edge => 0 B
Chrome => 250304094 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 65960 B
Public => 0 B
ProgramData => 0 B
systemprofile => 83597 B
systemprofile32 => 364290 B
LocalService => 132244 B
NetworkService => 66228 B
Arturo H => 718199954 B

RecycleBin => 34151 B
EmptyTemp: => 997.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:02:37 ====
#13

Hola

Como sigue el problema.

Un saludo

1 me gusta
#14

El problema se solucionó. Muchísimas gracias por su ayuda. El único problema que apareció es que cuando inicio Google Chrome, en vez de aparecer su ícono característico aparece este otro que muestro en la figura. Corresponde a una extensión de Facebook Flat que desintalé. Pero el ícono aparece en vez del de Chrome. Al parecer es la única secuela, todo lo demás en correcto funcionamiento.-

Besos

#15

Hola

Vuelve a ejecutar FRST como te indiqué la primera vez y traes los reportes, por vamos a ver si queda algo.

Un saludo

1 me gusta
#16
Fix result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Arturo H (25-03-2019 14:31:20) Run:2
Running from C:\Users\Arturo H\Desktop
Loaded Profiles: Arturo H (Available Profiles: Arturo H)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601928 2018-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) [File not signed]
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\Run: [DAEMON Tools Pro Agent] => D:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [1163072 2012-04-12] (DT Soft Ltd) [File not signed]
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\Run: [Chromium] => c:\users\arturo h\appdata\local\chromium\application\chrome.exe [4195328 2017-10-06] (The Chromium Authors) [File not signed]
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\Run: [GoogleChromeAutoLaunch_C7E2FF17AF198129FFB9BFAB09075822] => C:\Users\Arturo H\AppData\Local\chromium\Application\chrome.exe [4195328 2017-10-06] (The Chromium Authors) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3204163558-1490578659-2835150725-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\Arturo H\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [No File]
FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\Arturo H\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [No File]
CHR Extension: (Chrome Media Router) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-12]
CHR HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
2019-03-10 00:24 - 2019-03-10 00:25 - 000000000 ____D C:\Users\Arturo H\AppData\Local\{D78EE1D2-F326-8D6A-9EBE-A882BAD6541A}
2019-03-09 13:26 - 2019-03-09 13:26 - 000002274 _____ C:\Users\Arturo H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2019-03-09 13:26 - 2019-03-09 13:26 - 000000000 ____D C:\Users\Arturo H\AppData\Local\chromium
2019-03-09 13:25 - 2019-03-12 12:19 - 000000000 ____D C:\Windows\System32\Tasks\{524A4054-2696-AE1A-65DC-18D0350BB78D}
2019-03-15 11:07 - 2018-12-11 17:18 - 000008695 _____ C:\Windows\SysWOW64\����������������������� �����������������������������������������������������������������������������������������������1
2019-03-10 13:29 - 2019-03-10 13:29 - 000019968 ____N (Red Hat�, Inc.) C:\Users\Arturo H\AppData\Local\Temp\jansi-64-128068614218391114.dll
2019-03-10 13:31 - 2019-03-10 13:31 - 000019968 ____N (Red Hat�, Inc.) C:\Users\Arturo H\AppData\Local\Temp\jansi-64-2795035964099251045.dll
2019-03-10 13:43 - 2019-03-10 13:43 - 000019968 ____N (Red Hat�, Inc.) C:\Users\Arturo H\AppData\Local\Temp\jansi-64-3752066670183872873.dll
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\ChromeHTML: ->  <==== ATTENTION
ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => d:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2009-02-09] (Alcohol Soft Development Team) [File not signed]
ContextMenuHandlers3: [ImageResizer] -> [CC]{C6193976-9333-4e73-96BA-7B21CA942187} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
WMI:subscription\__FilterToConsumerBinding->\\.\root\subscription:ActiveScriptEventConsumer.Name=\"ASEC\"",Filter="\\.\root\subscription:__EventFilter.Name=\"EventFilter sethomePage2\":: <==== ATTENTION
WMI:subscription\__TimerInstruction->SethomePage Interval Timer:: <==== ATTENTION
WMI:subscription\__IntervalTimerInstruction->SethomePage Interval Timer:: <==== ATTENTION
WMI:subscription\__EventFilter->EventFilter sethomePage2::[Query => Select * From __timerevent Where TimerId = "SethomePage Interval Timer"] <==== ATTENTION
ShortcutWithArgument: C:\Users\Arturo H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Facebook Flat Extension for Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 1" --app-id=egmhbmppadogikmfeagdgopjmmcnbelb
2019-02-07 17:33 - 2019-02-07 17:33 - 000547840 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll
2019-03-09 13:26 - 2017-10-06 22:01 - 004195328 _____ (The Chromium Authors) [File not signed] C:\Users\Arturo H\AppData\Local\chromium\Application\chrome.exe
2019-03-15 11:07 - 2019-03-15 11:07 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\python27.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 000113664 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_ctypes.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000080896 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\bz2.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 001792512 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_hashlib.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000128512 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32api.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000137728 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\pywintypes27.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 000548864 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\pythoncom27.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 000689664 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\unicodedata.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000438784 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32com.shell.shell.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 001489408 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._core_.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxbase30u_vc90_x64.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxbase30u_net_vc90_x64.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxmsw30u_core_vc90_x64.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxmsw30u_adv_vc90_x64.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 001007104 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._gdi_.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 001039872 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._windows_.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxmsw30u_html_vc90_x64.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 001325056 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._controls_.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000916992 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._misc_.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 001084416 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\pysqlite2._sqlite.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000149504 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32file.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000136192 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32security.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000007680 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\hashobjs_ext.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000020992 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\thumbnails_ext.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000118784 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\usb_ext.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000047616 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_socket.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 002224640 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_ssl.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000014848 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\common.time34.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000023040 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32event.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000034304 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\windows.conditional.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000020480 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\windows.winwrap.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000110080 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\windows.volumes.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000223232 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32gui.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000173568 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_elementtree.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000169472 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\pyexpat.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000048128 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32inet.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000103424 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._html2.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxmsw30u_webview_vc90_x64.dll
2019-03-15 11:07 - 2019-03-15 11:07 - 000046080 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_psutil_windows.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000011776 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32crypt.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000301568 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\PIL._imaging.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000032256 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_multiprocessing.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 005752320 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\cello.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000026112 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_yappi.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000044032 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32process.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000027648 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32pipe.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000010752 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\select.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000029696 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32pdh.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000038400 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\windows.connectivity.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000073216 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\windows.device_monitor.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000020480 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32profile.pyd
2019-03-15 11:07 - 2019-03-15 11:07 - 000026624 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32ts.pyd
2019-03-09 13:26 - 2017-10-06 22:01 - 000427520 _____ (The Chromium Authors) [File not signed] C:\Users\Arturo H\AppData\Local\chromium\Application\63.0.3235.0\chrome_elf.dll
2019-03-09 13:26 - 2017-10-06 22:01 - 036970496 _____ (The Chromium Authors) [File not signed] C:\Users\Arturo H\AppData\Local\chromium\Application\63.0.3235.0\chrome.dll
2019-03-09 13:26 - 2017-10-06 22:01 - 049748480 _____ (The Chromium Authors) [File not signed] C:\Users\Arturo H\AppData\Local\chromium\Application\63.0.3235.0\chrome_child.dll
2019-03-09 13:26 - 2017-10-06 22:01 - 003148800 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\chromium\Application\63.0.3235.0\libglesv2.dll
2019-03-09 13:26 - 2017-10-06 22:01 - 000078848 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\chromium\Application\63.0.3235.0\libegl.dll
FirewallRules: [{F316DAEB-83B7-43EB-A1C9-87D7173F5C17}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Minecraft Story Mode - A Telltale Game Series\MinecraftStoryMode.exe (Telltale Games) [File not signed]
FirewallRules: [{6D8CD6E6-1999-47E6-A53D-146728E7F9C6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Minecraft Story Mode - A Telltale Game Series\MinecraftStoryMode.exe (Telltale Games) [File not signed]
FirewallRules: [{6EE35D9A-2EBC-485A-AE25-440F174389C1}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [{EAFAFCA1-DB0C-4BB6-A427-DB04238CD8C2}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [UDP Query User{D08C28EE-59B7-41F8-8E3C-A10CA8330B53}D:\users\public\daybreak game company\installed games\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) D:\users\public\daybreak game company\installed games\dc universe online\unreal3\binaries\win32\dcgame.exe (Sony Online Entertainment) [File not signed]
FirewallRules: [TCP Query User{10F5AA3F-6238-4308-8BCD-C4816BD2E4F4}D:\users\public\daybreak game company\installed games\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) D:\users\public\daybreak game company\installed games\dc universe online\unreal3\binaries\win32\dcgame.exe (Sony Online Entertainment) [File not signed]
FirewallRules: [UDP Query User{7AA907FE-7EBE-4288-9CD5-6F982B768838}D:\program files (x86)\toy soldiers war chest\game.exe] => (Allow) D:\program files (x86)\toy soldiers war chest\game.exe (Signal Studios) [File not signed]
FirewallRules: [TCP Query User{FD837B23-5451-4F18-923F-3EA8882AB92D}D:\program files (x86)\toy soldiers war chest\game.exe] => (Allow) D:\program files (x86)\toy soldiers war chest\game.exe (Signal Studios) [File not signed]
FirewallRules: [{8ABD5F90-0C3F-4975-B1F7-37759A9B694A}] => (Allow) C:\Users\Arturo H\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) [File not signed]

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => not found
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => not found
"HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotPostWindows10UpgradeReInstall" => not found
"HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Pro Agent" => not found
"HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Chromium" => not found
"HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_C7E2FF17AF198129FFB9BFAB09075822" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.FPS1" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.RTV1" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.FPS1" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.RTV1" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.FMVC" => not found
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} => not found
HKLM\Software\Classes\CLSID\{2f23ab71-4ac6-41f2-a955-ea576e553146} => not found
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} => not found
HKLM\Software\Classes\CLSID\{2f23ab71-4ac6-41f2-a955-ea576e553146} => not found
HKLM\Software\Classes\PROTOCOLS\Handler\gopher => not found
HKLM\Software\Classes\CLSID\{79eac9e4-baf9-11ce-8c82-00aa004ba90b} => not found
HKU\.DEFAULT\Software\MozillaPlugins\@hola.org/FlashPlayer => not found
"C:\Users\Arturo H\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll" => not found
HKU\.DEFAULT\Software\MozillaPlugins\@hola.org/vlc => not found
"C:\Users\Arturo H\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll" => not found
CHR Extension: (Chrome Media Router) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-12] => Error: No automatic fix found for this entry.
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh => removed successfully
"C:\Users\Arturo H\AppData\Local\{D78EE1D2-F326-8D6A-9EBE-A882BAD6541A}" => not found
"C:\Users\Arturo H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk" => not found
"C:\Users\Arturo H\AppData\Local\chromium" => not found
"C:\Windows\System32\Tasks\{524A4054-2696-AE1A-65DC-18D0350BB78D}" => not found
"C:\Windows\SysWOW64\����������������������� �����������������������������������������������������������������������������������������������1" => not found
"C:\Users\Arturo H\AppData\Local\Temp\jansi-64-128068614218391114.dll" => not found
"C:\Users\Arturo H\AppData\Local\Temp\jansi-64-2795035964099251045.dll" => not found
"C:\Users\Arturo H\AppData\Local\Temp\jansi-64-3752066670183872873.dll" => not found
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000_Classes\ChromeHTML => not found
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\AlcoholShellEx64 => not found
HKLM\Software\Classes\CLSID\{AF67B665-D752-424E-9A03-C7C218F2844F} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\ImageResizer => not found
HKLM\Software\Classes\CLSID\[CC]{C6193976-9333-4e73-96BA-7B21CA942187} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => not found
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
\\.\root\subscription:ActiveScriptEventConsumer.Name=\"ASEC\"",Filter="\\.\root\subscription:__EventFilter.Name=\"EventFilter sethomePage2\" => Error deleting product . Error: -2147352567
"SethomePage Interval Timer" => not found
"SethomePage Interval Timer" => not found
"EventFilter sethomePage2" => not found
C:\Users\Arturo H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Facebook Flat Extension for Chrome.lnk => Shortcut argument removed successfully
"C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll" => not found
"C:\Users\Arturo H\AppData\Local\chromium\Application\chrome.exe" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\python27.dll" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_ctypes.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\bz2.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_hashlib.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32api.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\pywintypes27.dll" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\pythoncom27.dll" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\unicodedata.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32com.shell.shell.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._core_.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxbase30u_vc90_x64.dll" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxbase30u_net_vc90_x64.dll" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxmsw30u_core_vc90_x64.dll" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxmsw30u_adv_vc90_x64.dll" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._gdi_.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._windows_.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxmsw30u_html_vc90_x64.dll" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._controls_.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._misc_.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\pysqlite2._sqlite.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32file.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32security.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\hashobjs_ext.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\thumbnails_ext.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\usb_ext.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_socket.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_ssl.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\common.time34.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32event.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\windows.conditional.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\windows.winwrap.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\windows.volumes.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32gui.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_elementtree.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\pyexpat.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32inet.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wx._html2.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\wxmsw30u_webview_vc90_x64.dll" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_psutil_windows.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32crypt.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\PIL._imaging.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_multiprocessing.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\cello.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\_yappi.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32process.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32pipe.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\select.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32pdh.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\windows.connectivity.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\windows.device_monitor.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32profile.pyd" => not found
"C:\Users\Arturo H\AppData\Local\Temp\_MEI20762\win32ts.pyd" => not found
"C:\Users\Arturo H\AppData\Local\chromium\Application\63.0.3235.0\chrome_elf.dll" => not found
"C:\Users\Arturo H\AppData\Local\chromium\Application\63.0.3235.0\chrome.dll" => not found
"C:\Users\Arturo H\AppData\Local\chromium\Application\63.0.3235.0\chrome_child.dll" => not found
"C:\Users\Arturo H\AppData\Local\chromium\Application\63.0.3235.0\libglesv2.dll" => not found
"C:\Users\Arturo H\AppData\Local\chromium\Application\63.0.3235.0\libegl.dll" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F316DAEB-83B7-43EB-A1C9-87D7173F5C17}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6D8CD6E6-1999-47E6-A53D-146728E7F9C6}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6EE35D9A-2EBC-485A-AE25-440F174389C1}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EAFAFCA1-DB0C-4BB6-A427-DB04238CD8C2}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D08C28EE-59B7-41F8-8E3C-A10CA8330B53}D:\users\public\daybreak game company\installed games\dc universe online\unreal3\binaries\win32\dcgame.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{10F5AA3F-6238-4308-8BCD-C4816BD2E4F4}D:\users\public\daybreak game company\installed games\dc universe online\unreal3\binaries\win32\dcgame.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7AA907FE-7EBE-4288-9CD5-6F982B768838}D:\program files (x86)\toy soldiers war chest\game.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FD837B23-5451-4F18-923F-3EA8882AB92D}D:\program files (x86)\toy soldiers war chest\game.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8ABD5F90-0C3F-4975-B1F7-37759A9B694A}" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

Error al renovar la interfaz Conexi¢n de  rea local 3: no se puede establecer contacto con el
servidor DHCP. La solicitud super¢ el tiempo de espera.
Error al renovar la interfaz Conexi¢n de  rea local 2: no se puede establecer contacto con el
servidor DHCP. La solicitud super¢ el tiempo de espera.
No se puede realizar ninguna operaci¢n en Conexi¢n de red inal mbrica 2 mientras los medios
est‚n desconectados.

Adaptador de Ethernet Conexi¢n de  rea local 3:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::4989:f914:354f:a21b%19
   Direcci¢n IPv4 de configuraci¢n autom tica: 169.254.162.27
   M scara de subred . . . . . . . . . . . . : 255.255.0.0
   Puerta de enlace predeterminada . . . . . : 

Adaptador de Ethernet Conexi¢n de  rea local 2:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::70a2:1895:3190:9eca%18
   Direcci¢n IPv4 de configuraci¢n autom tica: 169.254.158.202
   M scara de subred . . . . . . . . . . . . : 255.255.0.0
   Puerta de enlace predeterminada . . . . . : 

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica 2:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::fd39:5950:2aba:ea6b%11
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.9
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

Adaptador de t£nel Teredo Tunneling Pseudo-Interface:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel Conexi¢n de  rea local* 17:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.{46CA83F7-924B-43B0-BD7D-8440C90B3E94}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.{75EEB273-3446-419A-B47A-220AFBE4ACD2}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.{6B719D3C-9AC4-418C-8DC0-A20A659D4C47}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c

========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 71657409 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 304001 B
Edge => 0 B
Chrome => 234724181 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66228 B
systemprofile32 => 96725 B
LocalService => 132244 B
NetworkService => 66228 B
Arturo H => 53353984 B

RecycleBin => 9627677 B
EmptyTemp: => 352.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:35:54 ====
#17

Hola

Este reporte es del Fix, lo que necesito es que vuelvas a analizar como te indiqué aquí >> FRST

Un saludo

1 me gusta
#18

:man_facepalming: Ahí va…

#19

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by Arturo H (administrator) on MASFDE (26-03-2019 14:09:06)
Running from C:\Users\Arturo H\Desktop
Loaded Profiles: Arturo H (Available Profiles: Arturo H)
Platform: Windows 7 Ultimate (X64) Language: Español (España, internacional)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(Microsoft Corporation -> Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.EXE
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Ryan Conrad) [File not signed] C:\Program Files\Droid Explorer\DroidExplorer.Service.exe
(Samsung Electronics CO., LTD. -> Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Google Inc -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIIFA.EXE
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIIBE.EXE
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(DT Soft Ltd -> DT Soft Ltd) D:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
() [File not signed] C:\Program Files\Droid Explorer\SDK\tools\adb.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\SysWOW64\ENAgent.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Google Inc -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Rocket Division Software) [File not signed] D:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(uvnc bvba -> UltraVNC) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe
(Wondershare Technology Co.,Ltd -> Wondershare) D:\Program Files (x86)\Wondershare\dr.fone\Library\DriverInstaller\DriverInstall.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(uvnc bvba -> UltraVNC) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-02-11] (LogMeIn, Inc. -> LogMeIn Inc.)
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1023664 2016-08-25] (Samsung Electronics CO., LTD. -> Samsung)
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46504696 2018-12-07] (Google Inc -> )
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\Run: [EPLTarget\P0000000000000002] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIIFA.EXE [278112 2011-11-02] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIIBE.EXE [283232 2012-02-29] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\Run: [EpicGamesLauncher] => "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19646312 2019-02-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\system32\bdmpega64.acm [70712 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\system32\bdmjpeg64.dll [25640 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\system32\bdmpegv64.dll [70200 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [66104 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [23080 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [66104 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.86\Installer\chrmstp.exe [2019-03-25] (Google LLC -> Google Inc.)
AppInit_DLLs: acaptuser64.dll => C:\Windows\system32\acaptuser64.dll [119160 2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6B719D3C-9AC4-418C-8DC0-A20A659D4C47}: [DhcpNameServer] 192.168.1.1
HKLM\System\...\Parameters\PersistentRoutes: [0.0.0.0,0.0.0.0,25.0.0.1,-1]

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-ar/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3204163558-1490578659-2835150725-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-01-25] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-25] (Oracle America, Inc. -> Oracle Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Windows -> Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: vhpwrmfa.default
FF ProfilePath: C:\Users\Arturo H\AppData\Roaming\Mozilla\Firefox\Profiles\vhpwrmfa.default [2019-03-12]
FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> D:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-18] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-18] (Google Inc -> Google Inc.)
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR StartupUrls: Profile 1 -> "hxxps://www.google.com/"
CHR Profile: C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Default [2019-03-12]
CHR Profile: C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-03-26]
CHR Extension: (Documentos) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-31]
CHR Extension: (Google Drive) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-31]
CHR Extension: (YouTube) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-31]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-03-13]
CHR Extension: (vidIQ for Chrome) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cppnjmdljhemhdachecffocboniemifa [2018-03-31]
CHR Extension: (Floating for YouTube™ Extension) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\egncdnniomonjgpjbapalkckojhkfddk [2018-03-31]
CHR Extension: (EditThisCookie) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2018-12-01]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
CHR Extension: (AdBlock) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-03-23]
CHR Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2019-03-18]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-10-22]
CHR Extension: (Video Downloader GetThemAll) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nbkekaeindpfpcoldfckljplboolgkfm [2018-03-31]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-31]
CHR Extension: (Chrome Media Router) - C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-26]
CHR Profile: C:\Users\Arturo H\AppData\Local\Google\Chrome\User Data\System Profile [2018-03-31]
CHR HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\ARTURO~1\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2018-10-22]
CHR HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2018-01-20] (BattlEye Innovations e.K. -> )
R2 DroidExplorerService; C:\Program Files\Droid Explorer\DroidExplorer.Service.exe [253952 2011-05-17] (Ryan Conrad) [File not signed]
R2 ENAgent; C:\Windows\SysWOW64\ENAgent.exe [4209856 2012-07-05] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2015-11-03] (Macrovision Corporation -> Macrovision Europe Ltd.) [File not signed]
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-02-11] (LogMeIn, Inc. -> LogMeIn Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation - pGFX -> Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
S4 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG -> Nero AG)
S3 Origin Client Service; D:\Program Files 2(x86)\Origin\OriginClientService.exe [2117128 2016-11-11] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; D:\Program Files 2(x86)\Origin\OriginWebHelperService.exe [2178576 2016-11-11] (Electronic Arts, Inc. -> Electronic Arts)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 StarWindServiceAE; d:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [File not signed]
R2 uvnc_service; C:\Program Files\uvnc bvba\UltraVNC\WinVNC.exe [2175792 2016-10-26] (uvnc bvba -> UltraVNC)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-11] (VIA Technologies Inc. -> VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe [495840 2018-01-26] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsDrvInst; D:\Program Files (x86)\Wondershare\dr.fone\Library\DriverInstaller\DriverInstall.exe [120096 2018-01-16] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2755584 2011-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 CH341_A64; C:\Windows\System32\Drivers\CH341W64.SYS [31232 2009-06-12] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 DLPortIO; C:\Windows\SysWOW64\DRIVERS\DLPortIO.SYS [3584 2000-06-29] () [File not signed]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2018-12-18] (DT Soft Ltd -> DT Soft Ltd)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-05-28] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [179456 2015-08-31] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [164992 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [688648 2014-05-28] (VIA Technologies Inc. -> VIA Technologies, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-26 14:09 - 2019-03-26 14:10 - 000020511 _____ C:\Users\Arturo H\Desktop\FRST.txt
2019-03-26 14:07 - 2019-03-26 14:07 - 002434048 _____ (Farbar) C:\Users\Arturo H\Desktop\FRST64.exe
2019-03-18 22:57 - 2019-03-18 22:59 - 000002200 _____ C:\Users\Arturo H\Desktop\Google Chrome (2).lnk
2019-03-17 22:11 - 2019-03-17 22:11 - 000000000 ____D C:\Users\Arturo H\AppData\Local\CrashReportClient
2019-03-17 21:56 - 2019-03-25 14:35 - 000033499 _____ C:\Users\Arturo H\Desktop\Fixlog.txt
2019-03-17 21:56 - 2019-03-17 21:56 - 000000000 ____D C:\Users\Arturo H\Desktop\FRST-OlderVersion
2019-03-17 21:46 - 2019-03-25 14:27 - 000126416 _____ C:\Windows\ntbtlog.txt
2019-03-17 21:44 - 2019-03-26 11:48 - 000000000 ____D C:\Users\Arturo H\Desktop\Nueva carpeta (3)
2019-03-17 21:42 - 2019-03-17 21:42 - 000797760 _____ C:\Users\Arturo H\Desktop\delfix.exe
2019-03-13 09:26 - 2019-03-14 11:27 - 000000000 ____D C:\Users\Arturo H\Desktop\Nueva carpeta (2)
2019-03-12 19:30 - 2019-03-12 19:30 - 000000000 ____D C:\Users\Arturo H\AppData\Local\ElevatedDiagnostics
2019-03-12 13:38 - 2019-03-12 13:38 - 000002490 _____ C:\Users\Arturo H\Documents\cc_20190312_133812.reg
2019-03-12 13:36 - 2019-03-19 13:38 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-03-12 13:36 - 2019-03-12 13:36 - 000002810 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-03-12 12:36 - 2019-03-12 12:37 - 000000000 ____D C:\Users\Arturo H\Desktop\ARCHIVOS INFORMES PARA FOROSPYWARE
2019-03-12 11:47 - 2019-03-12 11:47 - 000000000 ____D C:\Users\Arturo H\AppData\Local\mbam
2019-03-12 11:46 - 2019-03-12 11:46 - 000000000 ____D C:\Users\Arturo H\AppData\Local\mbamtray
2019-03-10 00:25 - 2019-03-11 09:25 - 000000065 _____ C:\Users\Arturo H\AppData\Roaming\WB.CFG
2019-03-09 13:40 - 2019-03-09 13:40 - 000000699 _____ C:\Users\Public\Desktop\Convert MP4 to MP3.lnk
2019-03-09 13:40 - 2019-03-09 13:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Convert MP4 to MP3
2019-03-09 13:24 - 2008-08-18 18:18 - 000077824 _____ (Fox Magic Software) C:\Windows\SysWOW64\fmcodec.DLL
2019-03-09 11:23 - 2019-03-09 11:23 - 000036129 _____ C:\Users\Arturo H\Documents\reporte.pdf
2019-03-07 07:01 - 2019-03-12 13:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2019-03-07 07:01 - 2017-11-09 12:58 - 000440320 _____ (Dart Communications) C:\Windows\SysWOW64\DartSock.dll
2019-03-07 07:01 - 2017-11-09 12:58 - 000401408 _____ (Dart Communications) C:\Windows\SysWOW64\DartSecure2.dll
2019-03-07 07:01 - 2017-11-09 12:58 - 000249856 _____ (Dart Communications) C:\Windows\SysWOW64\DartCertificate.dll
2019-03-06 23:23 - 2019-03-06 23:23 - 000000810 _____ C:\Users\Arturo H\Desktop\Youtube Downloader HD (2).lnk
2019-03-06 23:13 - 2019-03-06 23:13 - 000000810 _____ C:\Users\Arturo H\Desktop\Youtube Downloader HD.lnk
2019-03-02 19:05 - 2019-03-02 19:05 - 000001304 _____ C:\Users\Arturo H\Desktop\Notepad.lnk
2019-03-01 20:17 - 2019-03-01 20:17 - 000036129 _____ C:\Users\Arturo H\Documents\reporte (1).pdf

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-26 14:09 - 2017-03-20 12:58 - 000000000 ____D C:\FRST
2019-03-26 14:08 - 2009-07-14 06:31 - 000750590 _____ C:\Windows\system32\perfh00A.dat
2019-03-26 14:08 - 2009-07-14 06:31 - 000159632 _____ C:\Windows\system32\perfc00A.dat
2019-03-26 14:08 - 2009-07-14 02:13 - 001684836 _____ C:\Windows\system32\PerfStringBackup.INI
2019-03-26 14:08 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
2019-03-26 14:05 - 2018-03-08 23:49 - 000000000 ____D C:\Users\Arturo H\AppData\Local\LogMeIn Hamachi
2019-03-26 14:04 - 2018-10-22 21:29 - 000000000 ___RD C:\Users\Arturo H\Google Drive
2019-03-26 14:03 - 2018-04-01 20:24 - 000000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2019-03-26 14:03 - 2015-10-23 00:43 - 000000000 __SHD C:\Users\Arturo H\IntelGraphicsProfiles
2019-03-26 14:02 - 2018-12-11 17:18 - 000010058 _____ C:\Windows\SysWOW64\‰š‹œž‘’“”•–—˜™š›œžÿ ¡¢£¤¥¦§¨©ª«¬­®¯°±²³´µ¶·¸¹º»¼½¾¿àáâãäåæçèéêëìíîïðñòóôõö×øùúûüýþßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿ1
2019-03-26 14:02 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-03-26 14:01 - 2017-06-03 12:56 - 000000000 ____D C:\Users\Arturo H\AppData\LocalLow\Mozilla
2019-03-26 10:09 - 2009-07-14 01:45 - 000019568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-03-26 10:09 - 2009-07-14 01:45 - 000019568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-03-25 22:04 - 2015-10-23 00:57 - 000002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-03-25 19:42 - 2018-05-09 12:13 - 000060207 _____ C:\Users\Arturo H\Desktop\ACTA CONTROL  INGRESOS RETIROS Y REPARACIONES.xlsx
2019-03-25 19:41 - 2017-03-16 23:18 - 000000000 ____D C:\Users\Arturo H\Desktop\00 - ELECTRÓNICA MARIO
2019-03-25 16:42 - 2009-07-14 02:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2019-03-25 14:31 - 2017-03-15 19:09 - 000000000 ____D C:\Users\Arturo H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
2019-03-25 14:18 - 2017-03-20 16:26 - 000000244 _____ C:\DelFix.txt
2019-03-22 22:23 - 2015-11-03 16:19 - 000000000 ____D C:\Users\Arturo H\AppData\Local\CutePDF Writer
2019-03-21 03:30 - 2015-10-24 16:35 - 000000000 ____D C:\Users\Arturo H\AppData\Roaming\VSO
2019-03-18 23:01 - 2019-02-07 17:32 - 000000000 ____D C:\ProgramData\Epic
2019-03-13 15:50 - 2018-11-15 19:30 - 000005590 _____ C:\Users\Arturo H\Desktop\03 granizo.txt
2019-03-13 09:27 - 2015-10-23 00:51 - 000000866 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-03-12 13:40 - 2017-03-17 13:34 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-03-12 13:37 - 2015-10-23 15:55 - 000000000 ____D C:\Users\Arturo H\AppData\Roaming\MPC-HC
2019-03-12 13:37 - 2015-10-23 00:48 - 000000000 ____D C:\Users\Arturo H\AppData\Roaming\AIMP3
2019-03-12 13:36 - 2015-10-23 00:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-03-12 13:36 - 2015-10-23 00:51 - 000000000 ____D C:\Program Files\CCleaner
2019-03-12 13:22 - 2017-03-19 16:16 - 000000000 ____D C:\AdwCleaner
2019-03-12 12:19 - 2015-10-23 00:48 - 000000000 ____D C:\Users\Arturo H\AppData\Local\Ares
2019-03-10 13:44 - 2018-01-05 01:38 - 000000000 ____D C:\Users\Arturo H\AppData\Roaming\.minecraft
2019-03-10 00:24 - 2019-01-07 15:45 - 000001319 _____ C:\Users\Arturo H\Desktop\Roblox Player.lnk
2019-03-10 00:24 - 2018-08-31 21:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox
2019-03-06 23:13 - 2016-08-06 15:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube Downloader HD
2019-03-06 21:41 - 2009-07-14 02:08 - 000032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-03-05 12:56 - 2019-02-05 16:35 - 000000000 ____D C:\Users\Arturo H\Desktop\Nueva carpeta

==================== Files in the root of some directories =======

2013-05-01 23:55 - 2013-05-01 23:55 - 000064108 _____ () C:\Users\Arturo H\AppData\Roaming\Hebefitor
2018-02-26 22:23 - 2018-02-26 22:23 - 000001167 _____ () C:\Users\Arturo H\AppData\Roaming\trace_FilterInstaller.1.txt
2018-02-26 22:23 - 2018-02-27 13:48 - 000000905 _____ () C:\Users\Arturo H\AppData\Roaming\trace_FilterInstaller.txt
2018-02-26 22:23 - 2018-02-27 13:48 - 000000000 _____ () C:\Users\Arturo H\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2019-03-10 00:25 - 2019-03-11 09:25 - 000000065 _____ () C:\Users\Arturo H\AppData\Roaming\WB.CFG

Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\lastpass_1337.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-03-24 17:59

==================== End of FRST.txt ============================
#20

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Arturo H (26-03-2019 14:10:17)
Running from C:\Users\Arturo H\Desktop
Windows 7 Ultimate (X64) (2018-03-31 04:40:18)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-3204163558-1490578659-2835150725-500 - Administrator - Disabled)
Arturo H (S-1-5-21-3204163558-1490578659-2835150725-1000 - Administrator - Enabled) => C:\Users\Arturo H
HomeGroupUser$ (S-1-5-21-3204163558-1490578659-2835150725-1005 - Limited - Enabled)
Invitado (S-1-5-21-3204163558-1490578659-2835150725-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
Adobe Acrobat 9 Pro Extended - Italiano, Español, Nederlands, Português (HKLM-x32\...\{AC76BA86-1040-7D70-7761-000000000004}{AC76BA86-1040-7D70-7761-000000000004}) (Version: 9.0.0 - Adobe Systems)
Adobe Acrobat 9 Pro Extended 64-bit Add-On (HKLM\...\{AC76BA86-1033-0000-0064-0003D0000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
AGC 2010 ERP Server (HKLM-x32\...\{9BB06997-4DC0-4BE6-A475-315A596AC536}) (Version: 2.8.08.03.0501 - Master ISI)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.60.1503, 26.09.2015 - AIMP DevTeam)
Ares (HKLM-x32\...\Ares) (Version: 2.4.3-Build#3067 - AresGalaxy)
aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Backup and Sync from Google (HKLM\...\{693CADB0-962B-4AC1-A939-9524B258C997}) (Version: 3.43.2448.9071 - Google, Inc.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 3.0.1.1003 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
Bonjour (HKLM-x32\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
Boost mode manager (HKLM-x32\...\{17154B8D-5829-4ED5-A120-2E03DC6FB0C6}) (Version: 1.0.0.1 - RSUPPORT)
CBR (HKLM\...\{36C9AF28-B599-42EC-8F13-F2998CE64AA6}) (Version: 0.8 - G.Waser)
CCleaner (HKLM\...\CCleaner) (Version: 5.53 - Piriform)
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version:  - dvd8n)
Colin McRae Rally Remastered (HKLM-x32\...\Colin McRae Rally Remastered_is1) (Version:  - )
Convert MP4 to MP3 (HKLM-x32\...\{5067397A-2935-4290-AE14-1BE2863B00A3}_is1) (Version:  - ConvertMP4toMP3.com)
CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version:  - )
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.0.0316.0317 - DT Soft Ltd)
DC Universe Online (HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\DGC-DC Universe Online) (Version: 1.0.3.192 - Daybreak Game Company)
DC Universe Online Live (HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\DG0-DC Universe Online Live) (Version:  - Sony Online Entertainment)
Desinstalar impresora EPSON XP-201 204 208 Series (HKLM\...\EPSON XP-201 204 208 Series) (Version:  - SEIKO EPSON Corporation)
Desinstalar impresora EPSON XP-400 Series (HKLM\...\EPSON XP-400 Series) (Version:  - SEIKO EPSON Corporation)
Download Navigator (HKLM-x32\...\{E728441A-7820-4B1C-87C9-DE7BE37B2953}) (Version: 1.1.0 - SEIKO EPSON CORPORATION)
dr.fone (Version 9.1.0) (HKLM-x32\...\{E8F86DA8-B8E4-42C7-AFD4-EBB692AC43FD}_is1) (Version: 9.1.0.7 - Wondershare Technology Co.,Ltd.)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.13263.0 - Electronic Arts)
Droid Explorer 0.8.8.2 (x64) (HKLM\...\{09AD6FBB-2843-4644-B669-DEC30A75E8A3}) (Version: 0.8.8.2 - Ryan Conrad)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EPSON Connect versión 1.0 (HKLM-x32\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}) (Version: 3.01.0000 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
FACTUSOL (HKLM-x32\...\{1D100E38-FA60-4729-9F7D-4F1F5644DC9D}) (Version: 1.02.000015 - Software del Sol, S.A.)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.7.143.923 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.8.1216 - Foxit Software Inc.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Gameforge Live 2.0.12 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.12 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.86 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.3.1 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.33 - Intel Corporation)
Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
K-Lite Codec Pack 10.3.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.3.0 - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\{1945856D-A68E-43D3-846D-F8DFDE4A69F7}) (Version: 2.2.0.630 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.630 - LogMeIn, Inc.)
Marvel(TM) - Ultimate Alliance (HKLM-x32\...\{932FB3F3-594D-4600-ABFA-F2DE80A14214}) (Version: 1.00.0000 - Activision) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}) (Version:  - )
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mine-imator version 1.0.6 (HKLM-x32\...\{EF61A1AA-5F85-4E94-ACC6-D5650A312AE6}}_is1) (Version: 1.0.6 - David Norgren)
Mozilla Firefox 41.0.2 (x86 es-AR) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 es-AR)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.7.0.6655 - Mozilla)
Mozilla Thunderbird 52.7.0 (x86 es-ES) (HKLM-x32\...\Mozilla Thunderbird 52.7.0 (x86 es-ES)) (Version: 52.7.0 - Mozilla)
MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM-x32\...\{CF097717-F174-4144-954A-FBC4BF301033}) (Version: 7.02.9753 - Nero AG)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.2.2.60207 - Electronic Arts, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) Hidden
PonyProg2000 v2.06f (HKLM-x32\...\PonyProg2000_is1) (Version: 2.06f - LancOS)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.85.423.2014 - Realtek)
RivaTuner Statistics Server 6.5.0 (HKLM-x32\...\RTSS) (Version: 6.5.0 - Unwinder)
Roblox Player (HKLM-x32\...\roblox-player) (Version:  - Roblox Corporation)
Roblox Studio for Arturo H (HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - Roblox Corporation)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16084.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16084.2 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Shredder Classic 4 (HKLM-x32\...\{C0FA6973-0ED6-4523-9593-BE50927A28BB}_is1) (Version:  - Stefan Meyer-Kahlen)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.104 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 5.21.5126.1 - Hi-Rez Studios)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{d370215a-d003-43ae-a3b6-1028af64d5a1}) (Version: 10.0.20 - Intel(R) Corporation) Hidden
Software Updater (HKLM-x32\...\{6DFBE8A2-CDBF-453E-B34C-32F202FCEE4C}) (Version: 4.2.1 - SEIKO EPSON CORPORATION)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
Spider-Man(TM) - El Reino de las Sombras 1.1 Patch (HKLM-x32\...\InstallShield_{9208F706-6528-4591-A997-F41395FBD8A7}) (Version:  - ) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StockBase POS 2033 (HKLM-x32\...\{2CEF2427-9703-4176-87F9-052A30974D19}) (Version: 2033.790 - EGA Futura) Hidden
StockBase POS 2033 (HKLM-x32\...\StockBase POS 2033) (Version: 2033.790 - EGA Futura)
TPVSOL (HKLM-x32\...\{91B5CD52-3C44-45AD-99E9-BA2DCD763FAD}) (Version: 1.02.00009 - Software del Sol, S.A.)
Twin USB Vibration Gamepad (HKLM-x32\...\{1BBDD6C0-ED6F-43C3-8A9C-84E3249A5615}) (Version: 2007.01.01 - )
UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.2.1.2 - uvnc bvba)
USB Game Controller (HKLM-x32\...\{D3DF3D05-DE2A-476A-A384-08FCD58D9FE7}) (Version: 2007.01.01 - )
USB GAMEPAD (HKLM-x32\...\{02D51AB0-0D1B-42D0-9453-D66B18F86A3F}) (Version: 1.00.0000 - GASIA)
USB Network Joystick (BM) (HKLM-x32\...\{2D8DCCA2-2339-4155-A29B-46041362DFDD}) (Version: 1.00.0000 - )
Vegas Pro 13.0 (64-bit) (HKLM\...\{3934F12E-091D-11E4-A0AD-F04DA23A5C58}) (Version: 13.0.373 - Sony)
VIA Administrador de dispositivos de plataforma (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VSO Image Resizer 2.1.2 (HKLM-x32\...\{3EE51BAD-9916-49C7-90BA-3D500B031E0C}_is1) (Version: 2.1.2 - VSO-Software)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
YACReader 8.5.0 (HKLM-x32\...\YACReader_is1) (Version:  - )
Youtube Downloader HD v. 2.9.9.50 (HKLM-x32\...\Youtube Downloader HD_is1) (Version:  - YoutubeDownloaderHD.com)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-12-07] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-12-07] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-12-07] (Google Inc -> Google)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-12-07] (Google Inc -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => d:\Program Files (x86)\Alcohol Soft\Alcohol 120\AXShlEx.dll [2009-04-24] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-12-07] (Google Inc -> Google)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\Windows\system32\igfxOSP.dll [2015-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A4EAAC2-210A-4F14-AAE4-A56F625EC891} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {68D141FA-0F64-4531-A55B-B3F486D01F40} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {75FBDB07-B24E-402A-AD44-3998C60AB02C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E0C63DB5-366D-40E2-9A5B-30EA8AE592C3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->\\.\root\subscription:ActiveScriptEventConsumer.Name=\"ASEC\"",Filter="\\.\root\subscription:__EventFilter.Name=\"EventFilter sethomePage2\":: <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2018-05-24 18:08 - 2011-08-30 13:38 - 000558080 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\enppmon.dll
2018-05-24 18:08 - 2011-08-01 18:24 - 000252416 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\enpres.dll
2019-01-21 10:27 - 2006-12-19 17:23 - 000094208 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
2011-05-17 13:03 - 2011-05-17 13:03 - 000253952 _____ (Ryan Conrad) [File not signed] C:\Program Files\Droid Explorer\DroidExplorer.Service.exe
2011-05-17 13:03 - 2011-05-17 13:03 - 000117760 _____ (Ryan Conrad) [File not signed] C:\Program Files\Droid Explorer\DroidExplorer.Core.dll
2011-04-20 08:56 - 2011-04-20 08:56 - 000270336 _____ (The Apache Software Foundation) [File not signed] C:\Program Files\Droid Explorer\log4net.dll
2011-05-17 13:03 - 2011-05-17 13:03 - 000046080 _____ (Ryan Conrad) [File not signed] C:\Program Files\Droid Explorer\DroidExplorer.Configuration.dll
2015-12-15 01:46 - 2015-12-15 01:46 - 000578611 _____ () [File not signed] C:\Program Files\Droid Explorer\SDK\tools\adb.exe
2019-03-26 14:02 - 2019-03-26 14:02 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\python27.dll
2019-03-26 14:02 - 2019-03-26 14:02 - 000113664 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\_ctypes.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000080896 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\bz2.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 001792512 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\_hashlib.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000128512 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\win32api.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000137728 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\pywintypes27.dll
2019-03-26 14:02 - 2019-03-26 14:02 - 000548864 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\pythoncom27.dll
2019-03-26 14:02 - 2019-03-26 14:02 - 000689664 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\unicodedata.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000438784 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\win32com.shell.shell.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 001489408 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\wx._core_.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\wxbase30u_vc90_x64.dll
2019-03-26 14:02 - 2019-03-26 14:02 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\wxbase30u_net_vc90_x64.dll
2019-03-26 14:02 - 2019-03-26 14:02 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\wxmsw30u_core_vc90_x64.dll
2019-03-26 14:02 - 2019-03-26 14:02 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\wxmsw30u_adv_vc90_x64.dll
2019-03-26 14:02 - 2019-03-26 14:02 - 001007104 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\wx._gdi_.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 001039872 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\wx._windows_.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\wxmsw30u_html_vc90_x64.dll
2019-03-26 14:02 - 2019-03-26 14:02 - 001325056 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\wx._controls_.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000916992 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\wx._misc_.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 001084416 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\pysqlite2._sqlite.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000149504 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\win32file.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000136192 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\win32security.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000007680 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\hashobjs_ext.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000020992 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\thumbnails_ext.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000118784 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\usb_ext.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000047616 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\_socket.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 002224640 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\_ssl.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000014848 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\common.time34.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000023040 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\win32event.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000034304 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\windows.conditional.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000020480 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\windows.winwrap.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000110080 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\windows.volumes.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000223232 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\win32gui.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000173568 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\_elementtree.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000169472 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\pyexpat.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000048128 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\win32inet.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000103424 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\wx._html2.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\wxmsw30u_webview_vc90_x64.dll
2019-03-26 14:02 - 2019-03-26 14:02 - 000046080 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\_psutil_windows.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000011776 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\win32crypt.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000301568 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\PIL._imaging.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000032256 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\_multiprocessing.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 005752320 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\cello.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000026112 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\_yappi.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000044032 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\win32process.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000027648 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\win32pipe.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000010752 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\select.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000029696 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\win32pdh.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000038400 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\windows.connectivity.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000073216 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\windows.device_monitor.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000020480 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\win32profile.pyd
2019-03-26 14:02 - 2019-03-26 14:02 - 000026624 _____ () [File not signed] C:\Users\Arturo H\AppData\Local\Temp\_MEI17922\win32ts.pyd
2007-05-28 13:57 - 2007-05-28 13:57 - 000275968 _____ (Rocket Division Software) [File not signed] d:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
2018-10-10 20:55 - 2018-01-26 17:08 - 000200192 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppCommon.dll
2018-10-10 20:55 - 2017-09-27 17:30 - 000489984 _____ (Newtonsoft) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\Newtonsoft.Json.dll
2018-10-10 20:55 - 2018-01-26 17:08 - 000088064 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppCollect.dll
2019-01-21 10:27 - 2007-09-10 14:32 - 000135168 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBRSVC.dll
2019-01-21 10:27 - 2007-09-10 14:03 - 000110592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBLPBidiDev.dll
2019-01-21 10:27 - 2007-09-18 15:44 - 000421888 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBIPDev.dll
2019-01-21 10:27 - 2004-11-17 15:56 - 000286720 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBNWDev.dll
2019-01-21 10:27 - 2006-12-26 13:58 - 000233544 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBMSDev.dll
2019-01-21 10:27 - 2006-08-30 00:02 - 000106496 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\epLocalBidi.dll
2008-12-12 11:11 - 2008-12-12 11:11 - 000147456 _____ (Apple Inc.) [File not signed] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
2016-06-09 12:40 - 2016-06-09 12:40 - 000197120 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\BaseUI.dll
2015-12-15 01:46 - 2015-12-15 01:46 - 000096256 _____ (Google, inc) [File not signed] C:\Program Files\Droid Explorer\SDK\tools\AdbWinApi.dll
2015-12-15 01:46 - 2015-12-15 01:46 - 000060928 _____ (Google, inc) [File not signed] C:\Program Files\Droid Explorer\SDK\tools\AdbWinUsbApi.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:34 - 2019-03-25 14:31 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts


2018-04-01 20:24 - 2019-03-26 14:03 - 000000374 _____ C:\Windows\system32\drivers\etc\hosts.ics


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\Master ISI
HKU\S-1-5-21-3204163558-1490578659-2835150725-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Arturo H\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: FoxitCloudUpdateService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MDM => 2
MSCONFIG\Services: Microsoft Office Groove Audit Service => 3
MSCONFIG\Services: NBService => 3
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: odserv => 3
MSCONFIG\Services: ose => 3
MSCONFIG\Services: wscsvc => 2
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "D:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "D:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "D:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: KiesPDLR.exe => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Malwarebytes TrayApp => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{45B451A8-C0CE-49D9-9AD6-8AC3A7BC5418}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

24-03-2019 18:06:55 Punto de control programado

==================== Faulty Device Manager Devices =============

Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Hamachi Network Interface #3
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/26/2019 10:13:10 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
.

Error: (03/26/2019 12:04:46 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
.

Error: (03/25/2019 06:08:55 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
.

Error: (03/25/2019 02:53:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
.

Error: (03/25/2019 11:35:03 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
.

Error: (03/24/2019 04:54:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
.

Error: (03/24/2019 04:30:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
.

Error: (03/23/2019 07:14:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
.


System errors:
=============
Error: (03/26/2019 02:08:48 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: El Administrador de control de servicios intentó realizar una acción correctora (Reiniciar el servicio) después de la terminación inesperada del servicio Proveedor de Grupo Hogar, pero ocurrió el siguiente error: 
Ya se está ejecutando una instancia de este servicio.

Error: (03/26/2019 02:07:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Centro de seguridad terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.

Error: (03/26/2019 02:07:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Aplicación auxiliar de NetBIOS sobre TCP/IP terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 100 milisegundos: Reiniciar el servicio.

Error: (03/26/2019 02:07:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Proveedor de Grupo Hogar terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 60000 milisegundos: Reiniciar el servicio.

Error: (03/26/2019 02:07:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Registro de eventos de Windows terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 60000 milisegundos: Reiniciar el servicio.

Error: (03/26/2019 02:07:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Cliente DHCP terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.

Error: (03/26/2019 02:07:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Audio de Windows terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 60000 milisegundos: Reiniciar el servicio.

Error: (03/26/2019 02:03:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Origin Web Helper Service no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.


Windows Defender:
===================================
Date: 2017-03-13 13:53:48.017
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Heazycrome&threatid=234061
Nombre:BrowserModifier:Win32/Heazycrome
Id.:234061
Gravedad:Alta
Categoría:Modificador de explorador
Ruta de acceso encontrada:containerfile:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\content_script.js;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\close_white.png;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\content_script - ¸±±¾.js;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\content_script.js;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\content_script.js->(UTF-8);file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\icon.png;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\jquery-1.8.3.min.js;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\jquery.js;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\manifest.json;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\popup.html;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\popup.js;file:C:\Users\Arturo H\AppData\Local\Temp\00008909\hp.exe;folder:C:
Tipo de detección:Concreto
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\SYSTEM
Nombre de proceso:

Date: 2017-03-13 13:43:37.553
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Heazycrome&threatid=234061
Nombre:BrowserModifier:Win32/Heazycrome
Id.:234061
Gravedad:Alta
Categoría:Modificador de explorador
Ruta de acceso encontrada:file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\close_white.png;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\content_script - ¸±±¾.js;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\content_script.js;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\icon.png;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\jquery-1.8.3.min.js;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\jquery.js;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\manifest.json;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\popup.html;file:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\popup.js;file:C:\Users\Arturo H\AppData\Local\Temp\00008909\hp.exe;folder:C:\Users\Arturo H\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\
Tipo de detección:Concreto
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\SYSTEM
Nombre de proceso:

Date: 2017-03-13 13:43:37.553
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=SoftwareBundler:Win32/Prepscram&threatid=226289
Nombre:SoftwareBundler:Win32/Prepscram
Id.:226289
Gravedad:Alta
Categoría:Software que instala varios programas
Ruta de acceso encontrada:file:C:\Users\Arturo H\AppData\Local\Temp\18971406\ic-0.c2de21c5634788.exe
Tipo de detección:Concreto
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\SYSTEM
Nombre de proceso:

Date: 2017-03-13 13:35:56.889
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Heazycrome&threatid=234061
Nombre:BrowserModifier:Win32/Heazycrome
Id.:234061
Gravedad:Alta
Categoría:Modificador de explorador
Ruta de acceso encontrada:file:C:\Users\Arturo H\AppData\Local\Temp\00008909\hp.exe
Tipo de detección:Concreto
Origen de detección:Protección en tiempo real
Estado:Desconocido
Usuario:\
Nombre de proceso:

Date: 2017-03-13 13:35:45.643
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=SoftwareBundler:Win32/Prepscram&threatid=226289
Nombre:SoftwareBundler:Win32/Prepscram
Id.:226289
Gravedad:Alta
Categoría:Software que instala varios programas
Ruta de acceso encontrada:file:C:\Users\Arturo H\AppData\Local\Temp\18971406\ic-0.c2de21c5634788.exe
Tipo de detección:Concreto
Origen de detección:Protección en tiempo real
Estado:Desconocido
Usuario:\
Nombre de proceso:

CodeIntegrity:
===================================

Date: 2018-11-27 09:02:49.070
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-11-27 09:02:49.070
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-11-27 09:02:49.070
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-11-27 09:02:49.070
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-11-27 09:02:49.070
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-11-27 09:02:49.070
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-11-26 17:03:44.961
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-11-26 17:03:44.961
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 65%
Total physical RAM: 8061.82 MB
Available physical RAM: 2752.55 MB
Total Virtual: 16121.8 MB
Available Virtual: 10574.23 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.56 GB) (Free:10.63 GB) NTFS
Drive d: () (Fixed) (Total:833.85 GB) (Free:89.6 GB) NTFS
Drive g: (SAMSUNG) (Fixed) (Total:698.64 GB) (Free:10.43 GB) NTFS

\\?\Volume{f78e67ad-7925-11e5-b408-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 21380840)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=833.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 698.6 GB) (Disk ID: 077B1F2A)
Partition 1: (Active) - (Size=698.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================