[code] HitmanPro 3.8.15.306 www.hitmanpro.com Computer name . . . . : SERVERCODISER Windows . . . . . . . : 6.1.1.7601.X64/4 User name . . . . . . : SERVERCODISER\Administrador UAC . . . . . . . . . : Disabled License . . . . . . . : Paid (255 days left) Scan date . . . . . . : 2019-12-06 02:54:16 Scan mode . . . . . . : Normal Scan duration . . . . : 4m 14s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 0 Traces . . . . . . . : 19 Objects scanned . . . : 2,474,380 Files scanned . . . . : 18,806 Remnants scanned . . : 586,751 files / 1,868,823 keys Suspicious files ____________________________________________________________ C:\Users\Administrador\Desktop\Limpieza virus y troyanos\FRST64.exe Size . . . . . . . : 2,263,552 bytes Age . . . . . . . : 0.0 days (2019-12-06 02:40:25) Entropy . . . . . : 7.6 SHA-256 . . . . . : E7977CF2832623ED8E3A413D15EC0892874B5979528C4DC964F60547C267D2CD Needs elevation . : Yes Fuzzy . . . . . . : 24.0 Program has no publisher information but prompts the user for permission elevation. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Time indicates that the file appeared recently on this computer. References HKU\S-1-5-21-1290145888-3760638704-4044190752-500\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Users\Administrador\Desktop\Limpieza virus y troyanos\FRST64.exe Cookies _____________________________________________________________________ C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Cookies:adnxs.com C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Cookies:adsrvr.org C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Cookies:agkn.com C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Cookies:crwdcntrl.net C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Cookies:demdex.net C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Cookies:dpm.demdex.net C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Cookies:everesttech.net C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Cookies:flashtalking.com C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Cookies:mathtag.com C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Cookies:owneriq.net C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Cookies:pubmatic.com C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Cookies:rfihub.com C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Cookies:rlcdn.com C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Cookies:rubiconproject.com C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Cookies:taboola.com [/code]