Ayuda para limpiar a fondo mi pc


#1

Hola mi pc esta muuuy lenta, podrian indicarme los pasos a aseguir ¿? Gracias


#2

Hola adm77

Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.

  • Realiza un Análisis de amenazas, actualizando si te lo pide.
  • Pulsar en “Cuarentena seleccionado” para enviarlo a la cuarentena y Reinicias el sistema.
  • En el apartado del manual Informes :arrow_forward: Informe de análisis encontrarás el reporte de MBAM, clic en Exportar :arrow_forward: Copiar al portapapeles.

2) Descarga AdwCleaner | InfoSpyware en el escritorio.

  • Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus.
  • Cierra también todos los programas que tengas abiertos.
  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
  • Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
  • Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt

3) Descarga CCleaner

  • Instala Ccleaner
  • Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine :arrow_forward: clic en ejecutar limpiador
  • Clic en la pestaña Registro :arrow_forward: clic en buscar problemas esperas que termine :arrow_forward: clic en Reparar Seleccionadas y haces una copia de seguridad
  • Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.

Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.

Un saludo


#3

GRACIAS, me pondré en ello y te comento.Por otro lado conoces algún sitio o link donde pueda chequear si las paginas de internet que visito con frecuencia estan minando o no ¿? Saludos


#4

Hola

Puedes analizar en VirusTotal.

Cuando tengas los reportes, los pones aquí para revisarlos y comentas :+1:

Un saludo


#5
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 28/10/18
Hora del análisis: 14:01
Archivo de registro: 13639b6e-dad3-11e8-9798-e0cb4ee62916.json

-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.482
Versión del paquete de actualización: 1.0.7581
Licencia: Prueba

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x86
Sistema de archivos: NTFS
Usuario: Diego-PC\Diego

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 212396
Amenazas detectadas: 211
Amenazas en cuarentena: 211
Tiempo transcurrido: 17 min, 47 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 1
PUP.Optional.Trustnav, HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|hgjdbeiflalimgifllheflljdconlbig, En cuarentena, [369], [569615],1.0.7581

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 49
PUP.Optional.Trustnav, C:\USERS\DIEGO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Extension Settings\hgjdbeiflalimgifllheflljdconlbig, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\new_notifications\alert_adblock\css, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\new_notifications\alert_adblock\img, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\new_notifications\alert_adblock, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\content_scripts\notifications, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\content_scripts\search_engine, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\fonts\Montserrat, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\chrome_can_block\img, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\chrome_can_block\css, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\chrome_can_block\js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\notifications\img, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\notifications\css, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\new_notifications, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\general\img\icons, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\notifications\js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\chrome_can_block, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\notifications, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\translations\assets, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\general\img, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\fonts, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\common\img, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\newtab\css, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\newtab\img, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\css, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\content_scripts, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\newtab\js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\img, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\_locales\pt_BR, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\_locales\pt_PT, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\general, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\background\js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\newtab, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\common, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\translations, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\_locales\en, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\_locales\es, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\_locales\fr, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\background, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\_metadata, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\_locales, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\vendors, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\config, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\utils, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\USERS\DIEGO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\HGJDBEIFLALIMGIFLLHEFLLJDCONLBIG, En cuarentena, [369], [569615],1.0.7581

Archivo: 161
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\hgjdbeiflalimgifllheflljdconlbig\000003.log, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\hgjdbeiflalimgifllheflljdconlbig\CURRENT, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\hgjdbeiflalimgifllheflljdconlbig\LOCK, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\hgjdbeiflalimgifllheflljdconlbig\LOG, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\hgjdbeiflalimgifllheflljdconlbig\LOG.old, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\hgjdbeiflalimgifllheflljdconlbig\MANIFEST-000001, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\USERS\DIEGO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\USERS\DIEGO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Sustituido, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\USERS\DIEGO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\HGJDBEIFLALIMGIFLLHEFLLJDCONLBIG\4.2_0\MANIFEST.JSON, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\background\js\app.js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\background\js\background.js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\background\js\crons.js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\background\js\events.js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\background\js\helper.js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\background\js\initialize.js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\background\js\logger.js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\background\js\messages.js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\background\js\tracking.js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\background\js\webService.js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\background\background.html, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\config\config.js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\content_scripts\notifications\notifications.js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\content_scripts\notifications\update-notifications.js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\content_scripts\search_engine\search.js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\content_scripts\search_engine\search_tracker.js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\content_scripts\iframeInjector.js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Unknown32.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Safe-Disable-Not64.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Safe-Disable128.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Safe-Disable16.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Safe-Disable32.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Safe-Disable48.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Safe-Disable64.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Safe-Disable80.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Safe-Not64.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Unknown48.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Unknown64.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Unknown80.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Unsafe-Disable-Not64.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Unsafe-Disable128.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Unsafe-Disable16.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Unsafe-Disable32.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Unsafe-Disable48.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Unsafe-Disable64.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Unsafe-Disable80.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Unsafe-Not64.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Unsafe128.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Unsafe16.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Unsafe32.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Unsafe48.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Unsafe64.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Unsafe80.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Safe128.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Safe16.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Safe32.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Safe48.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Safe64.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Safe80.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Unknown-Disable-Not64.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Unknown-Disable128.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Unknown-Disable16.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Unknown-Disable32.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Unknown-Disable48.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Unknown-Disable64.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Unknown-Disable80.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Unknown-Not64.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Unknown128.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\icons\Unknown16.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\translations\assets\en.json, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\translations\assets\es.json, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\translations\translate.js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\utils\utils.js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\vendors\isSdk.js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\vendors\jquery.min.js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\vendors\moment.min.js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\chrome_can_block\css\normalize.css, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\chrome_can_block\css\styles.css, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\chrome_can_block\img\ads-bar.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\chrome_can_block\img\arrow.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\chrome_can_block\img\close.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\chrome_can_block\img\square-1.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\chrome_can_block\img\square-2.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\chrome_can_block\img\trustnav-head.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\chrome_can_block\img\unlimited-ads-bar.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\chrome_can_block\js\app.js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\chrome_can_block\index.html, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\common\img\logo.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\general\img\icons\green.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\newtab\css\newtab.css, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\newtab\img\amazon.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\newtab\img\ask.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\newtab\img\bing.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\newtab\img\duck.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\newtab\img\facebook.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\newtab\img\google.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\newtab\img\linkedin.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\newtab\img\norton.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\newtab\img\other.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\newtab\img\trustnav.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\newtab\img\twitter.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\newtab\img\yahoo.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\newtab\img\youtube.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\newtab\js\app.js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\newtab\js\newtab.js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\newtab\index.html, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\newtab\newtab.html, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\new_notifications\alert_adblock\css\styles.css, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\new_notifications\alert_adblock\img\calendar.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\new_notifications\alert_adblock\index.html, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\notifications\css\font.css, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\notifications\img\alert-head.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\notifications\img\arrow-right.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\notifications\img\logo.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\notifications\js\notification-iframe.js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\notifications\js\update-iframe.js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\notifications\notifications.html, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\notifications\update.html, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\css\Montserrat.css, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\css\styles.css, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\fonts\Montserrat\Montserrat-Bold.ttf, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\fonts\Montserrat\Montserrat-Medium.ttf, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\fonts\Montserrat\Montserrat-Regular.ttf, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\fonts\Montserrat\Montserrat-SemiBold.ttf, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\img\adblocker-logo.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\img\adblocker.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\img\alert-octagon.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\img\alert-triangle.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\img\antivirus.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\img\arrow-left.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\img\check-logo.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\img\close-.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\img\close.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\img\field.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\img\heart.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\img\help-circle.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\img\loading.gif, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\img\prower.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\img\safesearch.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\img\settings-with-dot.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\img\settings.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\img\shape-red.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\img\shape-up-green.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\img\shape-up.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\img\shape.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\img\share.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\img\trustnav-head.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\img\trustnav-head.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\img\undue.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\img\vpn.png, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\img\vpn.svg, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\js\popup.js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\js\settings.js, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\bocetos.html, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\views\popup\popup.html, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\_locales\en\messages.json, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\_locales\es\messages.json, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\_locales\fr\messages.json, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\_locales\pt_BR\messages.json, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\_locales\pt_PT\messages.json, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig\4.2_0\_metadata\verified_contents.json, En cuarentena, [369], [569615],1.0.7581
PUP.Optional.Trustnav, C:\USERS\DIEGO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [369], [569609],1.0.7581

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)^

#6
# AdwCleaner 7.0.1.0 - Logfile created on Wed Dec 13 14:54:18 2017
# Updated on 2017/05/08 by Malwarebytes 
# Database: 07-31-2017.1
# Running on Windows 7 Ultimate (X86)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries.

*************************



########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########

#7

te iba adjuntar un archivo una imagen para q veas un error de pantalla azul pero no me dejo


#8

Hola

Tienes una versión antigua de AdwCleaner, desnstalalo y descarga la última versión.

Cómo insertar una imagen

Un saludo


#9

ok el primer analisis me salio como 200 archivos a cuarentena, es muy malo ¿?

# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build:    09-25-2018
# Database: 2018-10-23.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    10-29-2018
# Duration: 00:00:35
# OS:       Windows 7 Ultimate
# Scanned:  32011
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [1245 octets] - [12/06/2018 01:35:40]
AdwCleaner[C00].txt - [1431 octets] - [12/06/2018 01:36:56]
AdwCleaner[S01].txt - [1375 octets] - [28/10/2018 14:43:32]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########

#10

con respecto a la imagen q te queria mostrar me sale esto … Lo sentimos, no puedes poner imágenes en una publicación


#11

hola ¿? alguna respuesta ¿?


#12

Hola

Descarga Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Pon los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Un saludo


#15

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24.10.2018
Ran by Diego (administrator) on DIEGO-PC (03-11-2018 15:04:08)
Running from C:\Users\Diego\AppData\Local\Temp\scoped_dir1752_996
Loaded Profiles: Diego & Invitado (Available Profiles: Diego & Invitado)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Zbshareware Lab) C:\Program Files\USB Disk Security\USBGuard.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
() C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Glarysoft Ltd) C:\Program Files\Glary Utilities 5\Integrator.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Opera Software) C:\Program Files\Opera\56.0.3051.52\opera.exe
(Opera Software) C:\Program Files\Opera\56.0.3051.52\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\56.0.3051.52\opera.exe
(Opera Software) C:\Program Files\Opera\56.0.3051.52\opera.exe
(Opera Software) C:\Program Files\Opera\56.0.3051.52\opera.exe
(Opera Software) C:\Program Files\Opera\56.0.3051.52\opera.exe
(Opera Software) C:\Program Files\Opera\56.0.3051.52\opera.exe
(Opera Software) C:\Program Files\Opera\56.0.3051.52\opera.exe
(Opera Software) C:\Program Files\Opera\56.0.3051.52\opera.exe
(Opera Software) C:\Program Files\Opera\56.0.3051.52\opera.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Opera Software) C:\Program Files\Opera\56.0.3051.52\opera.exe
(Opera Software) C:\Program Files\Opera\56.0.3051.52\opera.exe
(Opera Software) C:\Program Files\Opera\56.0.3051.52\opera.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-10-19] (AVAST Software)
HKLM\...\Run: [USB Security] => C:\Program Files\USB Disk Security\USBGuard.exe [695528 2015-01-31] (Zbshareware Lab)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [219888 2018-06-14] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [43984 2018-06-04] (Glarysoft Ltd)
HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [13769584 2018-09-19] (Piriform Ltd)
HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-4176836711-1023169650-3318900086-501\...\Run: [Vivaldi Update Notifier] => C:\Users\Invitado\AppData\Local\Vivaldi\Application\update_notifier.exe [1506888 2018-10-24] (Vivaldi Technologies AS)
HKU\S-1-5-21-4176836711-1023169650-3318900086-501\...\Run: [GoogleChromeAutoLaunch_51775B9A31A4C18DD37CA59D0EDEF002] => C:\Program Files\Google\Chrome\Application\chrome.exe [1426264 2018-10-23] (Google Inc.)
HKU\S-1-5-21-4176836711-1023169650-3318900086-501\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [13769584 2018-09-19] (Piriform Ltd)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [10240 2009-07-13] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2016-02-14]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
BootExecute: autocheck autochk *  

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 200.42.4.204 200.49.130.40
Tcpip\..\Interfaces\{6A6FDA11-B2D0-4DB3-9EE9-BB1555253726}: [NameServer] 77.234.40.79
Tcpip\..\Interfaces\{A38C42F4-2C47-484E-976E-4962A945F520}: [DhcpNameServer] 200.42.4.204 200.49.130.40
Tcpip\..\Interfaces\{AF6D671A-777B-4CBF-BE5B-5187FDE44BFE}: [DhcpNameServer] 200.49.130.47 200.42.4.210

Internet Explorer:
==================
HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-ar/?ocid=iehp
HKU\S-1-5-21-4176836711-1023169650-3318900086-501\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-ar/?ocid=iehp
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-01-19] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-19] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\l8ga9exw.default-1477268946708 [2018-11-03]
FF Session Restore: Mozilla\Firefox\Profiles\l8ga9exw.default-1477268946708 -> is enabled.
FF Extension: (IBM Security Rapport) - C:\Users\Diego\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] [2017-11-06]
FF Extension: (Al Traductor de Google) - C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\l8ga9exw.default-1477268946708\Extensions\[email protected] [2018-06-07]
FF Extension: (uBlock Origin) - C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\l8ga9exw.default-1477268946708\Extensions\[email protected] [2018-06-16]
FF Extension: (Avast Online Security) - C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\l8ga9exw.default-1477268946708\Extensions\[email protected] [2018-06-16]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-10-09] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-19] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4176836711-1023169650-3318900086-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Diego\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-03-23] (Citrix Online)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default [2018-10-30]
CHR Extension: (Presentaciones) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-18]
CHR Extension: (Anti Miner - No 1 Coin Minerblock) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\abgnbkcdbiafipllamhhmikhgjolhdaf [2017-12-28]
CHR Extension: (Documentos) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-18]
CHR Extension: (Google Drive) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-18]
CHR Extension: (IBM Security Rapport) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2018-08-29]
CHR Extension: (YouTube) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-18]
CHR Extension: (Adblock Plus) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-09-12]
CHR Extension: (Hojas de cálculo) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-18]
CHR Extension: (Authy Chrome Extension) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhgenkpocbhhddlgkjnfghpjanffonno [2018-05-21]
CHR Extension: (Authy) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaedmjdfmmahhbjefcbgaolhhanlaolb [2018-05-26]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-12]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-18]
CHR Extension: (Chrome Media Router) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-30]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4176836711-1023169650-3318900086-501\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4176836711-1023169650-3318900086-501\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

Opera: 
=======
OPR Extension: (Super Auto Refresh) - C:\Users\Diego\AppData\Roaming\Opera Software\Opera Stable\Extensions\ghjaeanhfafkigkehjgapnlobfhefkme [2018-02-06]
OPR Extension: (Traductor de Google) - C:\Users\Diego\AppData\Roaming\Opera Software\Opera Stable\Extensions\mchdgimobfnilobnllpdnompfjkkfdmi [2018-10-02]
OPR Extension: (Mining Blocker) - C:\Users\Diego\AppData\Roaming\Opera Software\Opera Stable\Extensions\nbpfigdgbjgoejmnffbpgmbcnppjjokp [2018-09-21]
OPR Extension: (Adblock Plus) - C:\Users\Diego\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2018-10-31]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6800144 2018-10-19] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-10-19] (AVAST Software)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [1189832 2018-06-14] (AVG Technologies CZ, s.r.o.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5073376 2018-09-19] (Malwarebytes)
S2 RapportMgmtService; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [2350064 2017-09-28] (IBM Corp.)
S3 Themes; C:\Windows\system32\themeservice.dll [37376 2009-07-13] (Microsoft Corporation) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [5229408 2018-10-10] (AVG Technologies CZ, s.r.o.)
S3 UxTuneUp; C:\Windows\System32\uxtuneup.dll [38752 2018-10-10] (AVG Technologies CZ, s.r.o.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167648 2018-10-19] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [188952 2018-10-19] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [165552 2018-10-19] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [284424 2018-10-19] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [58072 2018-10-19] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [139008 2018-10-19] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42912 2018-10-19] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40864 2018-10-19] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [135368 2018-10-19] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [101152 2018-10-19] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72968 2018-10-19] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [784728 2018-10-19] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [397136 2018-10-19] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [157112 2018-10-19] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [48152 2017-03-02] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310880 2018-10-19] (AVAST Software)
R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1570304 2011-04-20] (Atheros Communications, Inc.)
R3 debutfilter; C:\Windows\System32\DRIVERS\debutfilterx86.sys [44752 2016-04-03] ()
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [129248 2018-10-18] (Malwarebytes)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [25744 2018-06-11] (Glarysoft Ltd)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [173496 2018-11-03] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [101216 2018-11-03] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [56552 2018-11-03] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [229568 2018-11-03] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [82112 2018-11-03] (Malwarebytes)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [461824 2009-04-28] (PixArt Imaging Inc.)
R1 RapportAegle; C:\Program Files\Trusteer\Rapport\bin\RapportAegle.sys [204632 2017-09-28] (IBM Corp.)
R1 RapportCerberus_1804077; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_1804077.sys [848024 2017-10-02] (IBM Corp.)
R1 RapportEI; C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [336504 2017-09-28] (IBM Corp.)
R0 RapportHades; C:\Windows\System32\Drivers\RapportHades.sys [103616 2017-09-28] (IBM Corp.)
S3 RapportKELL; C:\Windows\System32\Drivers\RapportKELL.sys [265304 2017-09-28] (IBM Corp.)
R1 RapportPG; C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [415992 2017-09-28] (IBM Corp.)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [23040 2016-04-21] (The OpenVPN Project)
R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [31792 2017-11-15] (AVG Netherlands B.V.)
U1 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-03 15:03 - 2018-11-03 15:03 - 001774592 _____ (Farbar) C:\Users\Diego\Escritorio\FRST.exe
2018-11-03 14:47 - 2018-11-03 14:47 - 000003288 ____N C:\bootsqm.dat
2018-11-03 14:00 - 2018-11-03 14:00 - 000000000 ____D C:\Users\Default\AppData\Local\Google
2018-11-03 14:00 - 2018-11-03 14:00 - 000000000 ____D C:\Users\Default User\AppData\Local\Google
2018-11-03 13:45 - 2018-11-03 13:45 - 000056552 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-11-03 13:41 - 2018-11-03 15:02 - 000082112 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-11-03 13:41 - 2018-11-03 13:41 - 000101216 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-11-03 13:40 - 2018-11-03 14:50 - 000229568 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-11-02 12:11 - 2018-11-02 12:11 - 190971552 _____ C:\Windows\MEMORY.DMP
2018-11-02 12:11 - 2018-11-02 12:11 - 000145664 _____ C:\Windows\Minidump\110218-22635-01.dmp
2018-11-01 23:46 - 2018-10-15 22:52 - 000018331 _____ C:\Users\Invitado\Documents\epec4rwservlet.pdf
2018-11-01 23:46 - 2018-10-15 22:51 - 000018442 _____ C:\Users\Invitado\Documents\epec3rwservlet.pdf
2018-11-01 18:23 - 2018-11-01 18:23 - 000148351 _____ C:\Users\Diego\Downloads\9202-18981818 (1).pdf
2018-11-01 18:21 - 2018-11-01 18:21 - 000149054 _____ C:\Users\Diego\Downloads\9203-19106951 (2).pdf
2018-11-01 18:19 - 2018-11-01 18:19 - 000148130 _____ C:\Users\Diego\Downloads\9205-18348516 (1).pdf
2018-10-31 19:58 - 2018-10-31 19:58 - 000000000 ____D C:\Users\Invitado\AppData\Roaming\WinRAR
2018-10-30 17:16 - 2018-10-30 17:16 - 000034962 _____ C:\Users\Invitado\Downloads\ESP_Hoja_de_reclamación_v09.pdf
2018-10-30 17:16 - 2018-10-30 17:16 - 000034962 _____ C:\Users\Invitado\Downloads\ESP_Hoja_de_reclamación_v09 (1).pdf
2018-10-28 18:37 - 2018-10-28 18:37 - 000000000 ____D C:\Users\Invitado\AppData\Local\mbamtray
2018-10-28 18:32 - 2018-11-03 15:02 - 000437044 _____ C:\Windows\ntbtlog.txt
2018-10-28 14:50 - 2018-10-28 14:54 - 016796856 _____ (Piriform Ltd) C:\Users\Diego\Escritorio\ccsetup547.exe
2018-10-28 14:35 - 2018-10-28 14:38 - 007592144 _____ (Malwarebytes) C:\Users\Diego\Escritorio\adwcleaner_7.2.4.0.exe
2018-10-28 13:58 - 2018-10-28 13:58 - 000000000 ____D C:\Users\Diego\AppData\Local\mbam
2018-10-28 13:50 - 2018-10-28 13:50 - 000000000 ____D C:\Users\Diego\AppData\Local\mbamtray
2018-10-28 13:49 - 2018-11-03 14:43 - 000173496 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-10-28 13:47 - 2018-10-28 13:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-10-28 13:47 - 2018-10-18 09:44 - 000129248 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2018-10-28 13:46 - 2018-10-28 13:46 - 000000000 ____D C:\Program Files\Malwarebytes
2018-10-28 13:43 - 2018-10-28 13:46 - 078473304 _____ (Malwarebytes ) C:\Users\Diego\Escritorio\mb3-setup-consumer-3.6.1.2711-1.0.482-1.0.7565.exe
2018-10-25 10:42 - 2018-10-25 10:42 - 000000000 ____D C:\Users\Invitado\AppData\Local\CrashDumps
2018-10-22 13:00 - 2018-10-22 13:00 - 000093274 _____ C:\Users\Invitado\Documents\caucariodownload.pdf
2018-10-19 10:52 - 2018-10-19 10:49 - 000323288 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-10-19 10:52 - 2018-10-19 10:49 - 000040864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2018-10-15 19:30 - 2018-10-15 19:30 - 000106396 _____ C:\Users\Invitado\Documents\paypalDownload.PDF
2018-10-13 14:02 - 2018-10-13 14:02 - 000149054 _____ C:\Users\Diego\Downloads\9203-19106951 (1).pdf
2018-10-13 14:00 - 2018-10-13 14:00 - 000148130 _____ C:\Users\Diego\Downloads\9205-18348516.pdf
2018-10-11 13:19 - 2018-10-11 13:19 - 000149054 _____ C:\Users\Diego\Downloads\9203-19106951.pdf
2018-10-11 10:41 - 2018-10-10 08:53 - 000032096 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\authuitu.dll
2018-10-11 10:40 - 2018-10-10 08:53 - 000038752 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\uxtuneup.dll
2018-10-07 12:00 - 2018-10-07 12:00 - 000156651 _____ C:\Users\Diego\Downloads\statements (15).pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-03 15:04 - 2017-11-29 16:47 - 000000000 ____D C:\FRST
2018-11-03 15:03 - 2016-02-14 13:54 - 000000000 ___RD C:\Users\Diego\Escritorio
2018-11-03 14:56 - 2017-12-08 00:31 - 000000000 ___RD C:\Users\Diego\Escritorio\pc
2018-11-03 14:56 - 2009-07-14 01:34 - 000026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-11-03 14:56 - 2009-07-14 01:34 - 000026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-11-03 14:51 - 2017-12-01 21:42 - 000000000 ____D C:\Program Files\Glary Utilities 5
2018-11-03 14:50 - 2018-07-17 14:33 - 000000000 ____D C:\Users\Diego\AppData\Local\AVAST Software
2018-11-03 14:48 - 2009-07-14 01:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-03 14:00 - 2018-10-02 01:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2018-11-03 13:40 - 2018-03-21 23:11 - 000000000 ____D C:\Users\Invitado\AppData\Local\AVAST Software
2018-11-02 12:11 - 2017-03-20 11:08 - 000000000 ____D C:\Windows\Minidump
2018-11-02 12:07 - 2010-11-20 21:30 - 000751318 _____ C:\Windows\system32\perfh00A.dat
2018-11-02 12:07 - 2010-11-20 21:30 - 000160360 _____ C:\Windows\system32\perfc00A.dat
2018-11-02 12:07 - 2010-11-20 18:01 - 001686888 _____ C:\Windows\system32\PerfStringBackup.INI
2018-11-02 12:07 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\inf
2018-11-01 20:17 - 2016-11-12 03:35 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-11-01 20:17 - 2016-02-14 15:19 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2018-11-01 14:22 - 2018-04-09 14:37 - 000000000 ____D C:\Users\Invitado\AppData\LocalLow\Mozilla
2018-10-31 18:33 - 2018-04-16 14:43 - 000002234 _____ C:\Users\Invitado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
2018-10-28 15:00 - 2016-07-11 22:35 - 000000000 ____D C:\Users\Diego\AppData\Local\CrashDumps
2018-10-28 13:46 - 2017-11-29 02:28 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-10-28 02:28 - 2018-04-16 14:39 - 000000000 ____D C:\Users\Invitado\AppData\Local\Vivaldi
2018-10-27 20:17 - 2009-07-14 01:53 - 000032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-10-27 01:18 - 2017-05-21 17:21 - 000000000 _____ C:\Windows\system32\last.dump
2018-10-25 10:42 - 2017-12-18 21:30 - 000002028 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-24 12:05 - 2018-08-10 16:40 - 000000000 ____D C:\Users\Invitado\AppData\Roaming\Skype
2018-10-22 21:06 - 2017-09-01 20:24 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-19 10:51 - 2017-11-16 15:26 - 000167648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-10-19 10:51 - 2016-02-14 14:00 - 000397136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-10-19 10:51 - 2016-02-14 14:00 - 000310880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-10-19 10:51 - 2016-02-14 14:00 - 000157112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-10-19 10:51 - 2016-02-14 14:00 - 000135368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-10-19 10:51 - 2016-02-14 14:00 - 000101152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-10-19 10:51 - 2016-02-14 14:00 - 000072968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-10-19 10:51 - 2016-02-14 14:00 - 000042912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-10-19 10:46 - 2016-02-14 14:00 - 000784728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-10-19 10:44 - 2017-10-20 14:25 - 000139008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-10-19 10:44 - 2017-03-02 00:32 - 000284424 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblogx.sys
2018-10-19 10:44 - 2017-03-02 00:32 - 000188952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriverx.sys
2018-10-19 10:44 - 2017-03-02 00:32 - 000165552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidshx.sys
2018-10-19 10:44 - 2017-03-02 00:32 - 000058072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbunivx.sys
2018-10-18 18:27 - 2017-05-12 23:19 - 000000000 ____D C:\Program Files\Opera
2018-10-11 10:40 - 2018-01-19 03:39 - 000002319 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2018-10-10 08:57 - 2018-01-19 03:39 - 000039776 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\TURegOpt.exe
2018-10-09 23:51 - 2016-02-14 14:45 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2018-10-09 23:51 - 2016-02-14 14:45 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2018-10-09 23:51 - 2016-02-14 14:45 - 000000000 ____D C:\Windows\system32\Macromed

==================== Files in the root of some directories =======

2017-10-25 23:14 - 2017-10-25 23:14 - 000021368 _____ (Schneider Electric) C:\Users\Diego\en_res.dll
2017-10-25 23:14 - 2017-10-25 23:14 - 000021368 _____ (Schneider Electric) C:\Users\Diego\es_res.dll
2017-10-25 23:14 - 2017-10-25 23:14 - 000021880 _____ (Schneider Electric) C:\Users\Diego\fr_res.dll
2017-10-25 23:14 - 2017-10-25 23:14 - 000021880 _____ (Schneider Electric) C:\Users\Diego\grm_res.dll
2017-10-25 23:14 - 2017-10-25 23:14 - 000021368 _____ (Schneider Electric) C:\Users\Diego\it_res.dll
2017-10-25 23:14 - 2017-10-25 23:14 - 000020344 _____ (Schneider Electric) C:\Users\Diego\jp_res.dll
2017-10-25 23:14 - 2017-10-25 23:14 - 001079808 _____ (Microsoft Corporation) C:\Users\Diego\mfc80u.dll
2017-10-25 23:14 - 2017-10-25 23:14 - 000626688 _____ (Microsoft Corporation) C:\Users\Diego\msvcr80.dll
2017-10-25 23:14 - 2017-10-25 23:14 - 013923704 _____ (Schneider Electric) C:\Users\Diego\PCPE Setup.exe
2017-10-25 23:14 - 2017-10-25 23:14 - 000021368 _____ (Schneider Electric) C:\Users\Diego\pt_res.dll
2017-10-25 23:14 - 2017-10-25 23:14 - 000018808 _____ () C:\Users\Diego\ResourceReader.dll
2017-10-25 23:14 - 2017-10-25 23:14 - 000020856 _____ (Schneider Electric) C:\Users\Diego\ru_res.dll
2017-10-25 23:14 - 2017-10-25 23:14 - 000019832 _____ (Schneider Electric) C:\Users\Diego\zh_res.dll
2018-11-01 17:27 - 2018-11-01 17:27 - 000000000 _____ () C:\Users\Diego\AppData\Local\oobelibMkey.log
2017-11-29 02:26 - 2017-11-29 02:26 - 000000017 _____ () C:\Users\Diego\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
2018-04-12 13:29 - 2018-04-12 13:29 - 001876480 _____ (Opera Software) C:\Users\Invitado\AppData\Local\Temp\Opera_installer_180412162957905.dll
2018-04-12 13:30 - 2018-04-12 13:30 - 001876480 _____ (Opera Software) C:\Users\Invitado\AppData\Local\Temp\Opera_installer_180412163000118.dll
2018-04-12 13:30 - 2018-04-12 13:30 - 001876480 _____ (Opera Software) C:\Users\Invitado\AppData\Local\Temp\Opera_installer_180412163018687.dll
2018-04-12 13:30 - 2018-04-12 13:30 - 001876480 _____ (Opera Software) C:\Users\Invitado\AppData\Local\Temp\Opera_installer_180412163018867.dll
2018-04-12 13:30 - 2018-04-12 13:30 - 001876480 _____ (Opera Software) C:\Users\Invitado\AppData\Local\Temp\Opera_installer_180412163019843.dll
2018-04-12 13:30 - 2018-04-12 13:30 - 001876480 _____ (Opera Software) C:\Users\Invitado\AppData\Local\Temp\Opera_installer_180412163026213.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-10-25 11:39

==================== End of FRST.txt ============================ 

#16

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24.10.2018
Ran by Diego (03-11-2018 15:05:16)
Running from C:\Users\Diego\AppData\Local\Temp\scoped_dir1752_996
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) (2016-02-14 16:54:57)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-4176836711-1023169650-3318900086-500 - Administrator - Disabled)
Diego (S-1-5-21-4176836711-1023169650-3318900086-1000 - Administrator - Enabled) => C:\Users\Diego
HomeGroupUser$ (S-1-5-21-4176836711-1023169650-3318900086-1010 - Limited - Enabled)
Invitado (S-1-5-21-4176836711-1023169650-3318900086-501 - Limited - Enabled) => C:\Users\Invitado

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
Apowersoft Online Launcher versión 1.3.6 (HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.3.6 - APOWERSOFT LIMITED)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Argente - Registry Cleaner 3.1.1.0 (HKLM\...\Argente - Registry Cleaner_is1) (Version: 3.1.1.0 - Raúl Argente)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.7.2354 - AVAST Software)
AVG (HKLM\...\{E139344F-BAD1-4394-BEBC-9A215F146A37}) (Version: 1.231.3 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM\...\{AE6EF87B-C5FF-4C07-AAB4-D8FA97AD1CAA}) (Version: 16.79.1 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM\...\AVG PC TuneUp) (Version: 16.79.3.36215 - AVG Technologies)
Backup and Sync from Google (HKLM\...\{36F77FB6-DB7A-4293-ADF6-D8B081F27DD6}) (Version: 3.43.1584.4446 - Google, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.47 - Piriform)
Citrix Online Launcher (HKLM\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
Compatibilidad con Aplicaciones de Apple (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Debut, captura de vídeo (HKLM\...\Debut) (Version: 2.15 - NCH Software)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
DriversCloud.com (HKLM\...\{80D96881-C431-4441-8A61-0D8C825B970D}) (Version: 8.0.3.1 - Cybelsoft)
Eye 312 (HKLM\...\{74F923F2-2B11-4E2E-B638-A1772A9F7B7B}) (Version: 1.0.0.28 - KYE SYSTEMS CORP.)
FMW 1 (HKLM\...\{C22DCE85-A6B0-4D3D-81AC-460D7726CCA5}) (Version: 1.227.45 - AVG Technologies) Hidden
Glary Utilities 5.99 (HKLM\...\Glary Utilities 5) (Version: 5.99.0.121 - Glarysoft Ltd)
Google Chrome (HKLM\...\Google Chrome) (Version: 70.0.3538.77 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.4.0 - LIGHTNING UK!)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version:  - Intel Corporation)
Java 8 Update 161 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java SE Development Kit 8 Update 73 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0180730}) (Version: 8.0.730.2 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM\...\{90120000-0016-0C0A-0000-0000000FF1CE}_PROPLUS_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version:  - Microsoft)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM\...\{90120000-001A-0C0A-0000-0000000FF1CE}_PROPLUS_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version:  - Microsoft)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM\...\{90120000-0018-0C0A-0000-0000000FF1CE}_PROPLUS_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version:  - Microsoft)
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM\...\{90120000-001B-0C0A-0000-0000000FF1CE}_PROPLUS_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version:  - Microsoft)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 59.0.2 (x86 es-AR) (HKU\S-1-5-21-4176836711-1023169650-3318900086-501\...\Mozilla Firefox 59.0.2 (x86 es-AR)) (Version: 59.0.2 - Mozilla)
Mozilla Firefox 62.0.3 (x86 es-ES) (HKLM\...\Mozilla Firefox 62.0.3 (x86 es-ES)) (Version: 62.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0.3.6848 - Mozilla)
Opera Stable 55.0.2994.61 (HKU\S-1-5-21-4176836711-1023169650-3318900086-501\...\Opera 55.0.2994.61) (Version: 55.0.2994.61 - Opera Software)
Opera Stable 56.0.3051.52 (HKLM\...\Opera 56.0.3051.52) (Version: 56.0.3051.52 - Opera Software)
Prism, convertidor de vídeos (HKLM\...\Prism) (Version: 2.44 - NCH Software)
Puffin Browser version 7.7.0.305 (HKLM\...\Puffin Browser_is1) (Version: 7.7.0.305 - CloudMosa, Inc.)
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Rapport (HKLM\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1804.161 - Trusteer) Hidden
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.97.1001.2015 - Realtek)
Revo Uninstaller 2.0.4 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.4 - VS Revo Group, Ltd.)
Skype™ 7.40 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.1 - Krzysztof Kowalczyk)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TL-WN721N/TL-WN722N Driver (HKLM\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.0.0 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.0.0 - TP-LINK)
Trusteer Seguridad Terminal (HKLM\...\Rapport_msi) (Version: 3.5.1804.161 - Trusteer)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
USB Disk Security (HKLM\...\USB Disk Security_is1) (Version:  - Zbshareware Lab)
Vivaldi (HKU\S-1-5-21-4176836711-1023169650-3318900086-501\...\Vivaldi) (Version: 2.1.1337.36 - Vivaldi) <==== ATTENTION
WinRAR 5.50 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-10-19] (AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-10-19] (AVAST Software)
ContextMenuHandlers1: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files\AVG\AVG PC TuneUp\SDShelEx-win32.dll [2018-10-10] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-10-04] (Google)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2018-03-02] (Glarysoft Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2018-03-02] (Glarysoft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-10-19] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files\AVG\AVG PC TuneUp\DseShExt-x86.dll [2018-10-10] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files\AVG\AVG PC TuneUp\SDShelEx-win32.dll [2018-10-10] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-10-04] (Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-23] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-10-19] (AVAST Software)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2018-03-02] (Glarysoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {16ABBBC0-2682-42AD-A7F7-408AC1DA4CA3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-12-18] (Google Inc.)
Task: {1A206802-D45E-4D69-AD25-D456FB52A9FB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-19] (Piriform Ltd)
Task: {1BB45BCD-3264-45E3-AF94-57C7C2A02505} - System32\Tasks\AdobeGCInvoker-1.0-Diego-PC-Diego => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated)
Task: {298BB984-8AF8-497C-93C6-C44A5C61D91A} - System32\Tasks\Opera scheduled Autoupdate 1514437664 => C:\Program Files\Opera\launcher.exe [2018-10-17] (Opera Software)
Task: {2A50F7CF-ED61-4A97-8FBD-09F42D46D908} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-10-28] (AVAST Software)
Task: {331047EB-0D0C-492C-8392-916E555D7591} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-10-19] (AVAST Software)
Task: {4172B620-83CD-42C9-A4F3-6BC73BCBA7F3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-09] (Adobe Systems Incorporated)
Task: {5270165E-0336-43D2-9990-E8D21E352627} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {56FCA812-80EB-476A-94C3-7E461BDDBD7F} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files\AVG\AVG PC TuneUp\tuscanx.exe [2018-10-10] (AVG Technologies CZ, s.r.o.)
Task: {676713BD-75BC-4B2A-8157-9CA061DFC8C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-12-18] (Google Inc.)
Task: {78370DCE-7583-4A8C-AF8E-8994C0BD99F5} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {91403318-5A73-41A7-8218-DCEEAF4B280A} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_31_0_0_122_pepper.exe [2018-10-09] (Adobe Systems Incorporated)
Task: {A2495820-B78B-4782-B081-62D79F148075} - System32\Tasks\GlaryInitialize 5 => C:\Program Files\Glary Utilities 5\Initialize.exe [2018-06-04] (Glarysoft Ltd)
Task: {A6394592-54CE-4E93-8D64-1A068F462632} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => C:\Windows\System32\wsqmcons.exe
Task: {C87533A4-2F95-4178-8443-306E0D212C1B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_31_0_0_122_Plugin.exe [2018-10-09] (Adobe Systems Incorporated)
Task: {CF9AE76A-ED85-48BA-A484-52ED6A31640A} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2017-12-19] (Oracle Corporation)
Task: {D4584E80-0B54-4D76-B3D7-EC41C1653D36} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {E1FE6947-4E0B-42F4-816C-DB99D857EBAC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E3878157-0ACA-4216-857F-B1551A889B15} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-19] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Diego\Links\Chrome.lnk -> C:\Users\Diego\Escritorio\pc\Chrome.search-ms ()

ShortcutWithArgument: C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Authy.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gaedmjdfmmahhbjefcbgaolhhanlaolb

==================== Loaded Modules (Whitelisted) ==============

2009-07-13 20:35 - 2011-08-03 11:34 - 000036352 _____ () C:\Windows\system32\slc.dll
2018-10-19 10:47 - 2018-10-19 10:47 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-10-19 10:49 - 2018-10-19 10:49 - 000598232 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-11-03 13:48 - 2018-11-03 13:48 - 005713040 _____ () C:\Program Files\AVAST Software\Avast\defs\18110302\algo.dll
2018-10-19 10:46 - 2018-10-19 10:46 - 000496856 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-10-19 10:44 - 2018-10-19 10:44 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-10-19 10:46 - 2018-10-19 10:46 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2016-02-14 14:46 - 2013-06-25 11:03 - 000036864 _____ () C:\Program Files\USB Disk Security\locales\spanish.dll
2018-03-10 15:28 - 2018-03-10 15:29 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-01-19 03:22 - 2018-01-19 03:21 - 048920064 _____ () C:\Program Files\AVG\UiDll\2623\libcef.dll
2016-02-14 14:19 - 2011-11-18 17:14 - 000788992 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
2016-02-14 14:19 - 2011-08-25 14:02 - 001425920 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
2016-02-14 14:19 - 2011-03-31 15:36 - 000167424 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
2016-02-14 14:19 - 2011-03-31 15:36 - 000128000 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF.dll
2016-02-14 14:19 - 2011-03-31 15:36 - 000111616 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF_WPS_WIN7.DLL
2018-10-28 13:47 - 2018-10-18 09:44 - 002225368 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-10-28 13:47 - 2018-10-18 09:44 - 002312648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-06-04 03:15 - 2018-06-04 03:15 - 000086992 _____ () C:\Program Files\Glary Utilities 5\zlib1.dll
2018-10-18 18:27 - 2018-10-18 18:27 - 088670296 _____ () C:\Program Files\Opera\56.0.3051.52\opera_browser.dll
2018-10-18 18:27 - 2018-10-18 18:27 - 002254424 _____ () C:\Program Files\Opera\56.0.3051.52\swiftshader\libglesv2.dll
2018-10-18 18:27 - 2018-10-18 18:27 - 000124504 _____ () C:\Program Files\Opera\56.0.3051.52\swiftshader\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:04 - 2018-10-29 00:54 - 000000039 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-4176836711-1023169650-3318900086-501\Control Panel\Desktop\\Wallpaper -> C:\Users\Invitado\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 200.42.4.204 - 200.49.130.40
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ArgenteRC => "C:\Program Files\Argente - Registry Cleaner\ArgenteRC.exe" /AutoClean
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files\Glary Utilities 5\StartupManager.exe" -delayrun
MSCONFIG\startupreg: PAC7302_Monitor => C:\Windows\PixArt\PAC7302\Monitor.exe
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: WinZip FAH => C:\Program Files\WinZip\FAHConsole.exe
MSCONFIG\startupreg: WinZip PreLoader => C:\Program Files\WinZip\WzPreloader.exe
MSCONFIG\startupreg: WinZip UN => C:\Program Files\WinZip\WZUpdateNotifier.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F44B1240-3637-417A-B97B-A8B4F70C0B18}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{EDF56B49-C84E-4C43-9310-3542A03DA6D4}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{192E7506-9B0D-4FC0-B4C2-82849039831C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D45B7235-7D87-467B-BAA1-439890F587AF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{F9C602EF-914F-4A98-A62D-D1683907B53F}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{B55B6D67-3986-4264-B2D0-2C921637C1D5}] => (Allow) C:\Program Files\DriversCloud.com\MCDetection.exe
FirewallRules: [{3F422D1E-CE31-4690-A54E-434C58D04A02}] => (Allow) C:\Program Files\DriversCloud.com\MCDetection.exe
FirewallRules: [{AA7A3373-2FA5-4F8A-8A33-44D81B9D4D5E}] => (Allow) C:\Users\Diego\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe
FirewallRules: [{2E0FB8DE-11C0-461F-9C24-28E3D45F05F0}] => (Allow) C:\Users\Diego\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe
FirewallRules: [TCP Query User{67780535-3AA6-4A32-A5E4-5CF8D83E413A}C:\users\invitado\appdata\local\vivaldi\application\vivaldi.exe] => (Block) C:\users\invitado\appdata\local\vivaldi\application\vivaldi.exe
FirewallRules: [UDP Query User{34153A5B-E324-40A8-BE8F-90AFC7DF80C5}C:\users\invitado\appdata\local\vivaldi\application\vivaldi.exe] => (Block) C:\users\invitado\appdata\local\vivaldi\application\vivaldi.exe
FirewallRules: [TCP Query User{835D7989-47EE-41BD-B0ED-27C52404C5E0}C:\users\invitado\appdata\local\vivaldi\application\vivaldi.exe] => (Block) C:\users\invitado\appdata\local\vivaldi\application\vivaldi.exe
FirewallRules: [UDP Query User{375F32C6-6790-4A8D-A93F-42C9B8112BFA}C:\users\invitado\appdata\local\vivaldi\application\vivaldi.exe] => (Block) C:\users\invitado\appdata\local\vivaldi\application\vivaldi.exe
FirewallRules: [TCP Query User{F6B43E04-9ADA-4C2B-A7E5-897F064D997C}C:\users\invitado\appdata\local\programs\opera\55.0.2994.61\opera.exe] => (Block) C:\users\invitado\appdata\local\programs\opera\55.0.2994.61\opera.exe
FirewallRules: [UDP Query User{AD1A492E-0505-4CA9-AB2D-89B2A7BF6B76}C:\users\invitado\appdata\local\programs\opera\55.0.2994.61\opera.exe] => (Block) C:\users\invitado\appdata\local\programs\opera\55.0.2994.61\opera.exe
FirewallRules: [{6632CAEA-758B-466C-9D44-2B50A72F0444}] => (Allow) C:\Program Files\Opera\56.0.3051.43\opera.exe
FirewallRules: [{2EEA348E-75A7-46B8-9110-8070B249E443}] => (Allow) C:\Program Files\Opera\56.0.3051.52\opera.exe
FirewallRules: [{3C2CCA0E-CD58-49EE-BF48-865891193AF7}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{9B51AAD6-8576-4FF0-9EA6-C07C173F3980}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{CAF50FB9-14D9-4052-85D5-DA31BD771C47}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{01AB9E67-E591-4229-9D3D-E39DB5E5EDB0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{BE52830B-5EFD-4B72-BC87-9E14D4DF3C37}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled
Check "winmgmt" service or repair WMI.


==================== Faulty Device Manager Devices =============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/03/2018 02:49:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (11/03/2018 02:44:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (11/03/2018 01:49:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbamservice.exe, versión: 3.2.0.704, marca de tiempo: 0x5b9acc47
Nombre del módulo con errores: MwacLib.dll, versión: 3.1.0.487, marca de tiempo: 0x5bbe3c28
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00013009
Id. del proceso con errores: 0x4fc
Hora de inicio de la aplicación con errores: 0x01d47393999baef7
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Ruta de acceso del módulo con errores: C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
Id. del informe: 7f4ec712-df88-11e8-afca-e0cb4ee62916

Error: (11/03/2018 01:39:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (11/02/2018 09:21:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (11/02/2018 08:08:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (11/02/2018 05:57:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (11/02/2018 12:19:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.


System errors:
=============
Error: (11/03/2018 02:50:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Rapport Management Service no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (11/03/2018 02:50:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Rapport Management Service.

Error: (11/03/2018 02:44:59 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: El servidor {3EB3C877-1F16-487C-9050-104DBCD66683} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (11/03/2018 02:43:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio MBAMChameleon no pudo iniciarse debido al siguiente error: 
El controlador no se cargó porque el sistema se está arrancando en modo a prueba de errores.

Error: (11/03/2018 02:43:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (11/03/2018 02:43:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (11/03/2018 02:43:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (11/03/2018 02:43:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.


CodeIntegrity:
===================================

Date: 2018-10-21 13:39:49.009
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-10-21 13:39:48.351
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-10-16 19:43:13.060
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-10-16 19:43:12.601
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-10-11 10:59:31.159
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-10-11 10:59:31.049
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-10-11 10:59:30.974
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-10-11 10:59:30.888
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

==================== Memory info =========================== 

Processor: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz
Percentage of memory in use: 79%
Total physical RAM: 2038.18 MB
Available physical RAM: 419.27 MB
Total Virtual: 4076.36 MB
Available Virtual: 2383.66 MB

==================== Drives ================================

Drive a: (Datos) (Fixed) (Total:150 GB) (Free:112.13 GB) NTFS
Drive c: () (Fixed) (Total:147.99 GB) (Free:112.87 GB) NTFS

\\?\Volume{a9572656-d319-11e5-b7dc-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 328F328F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=148 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=150 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================ 

#17

ufff ahi termine, entonces me comentas ¿? gracias


#18

Hola

No descargaste y ejecutaste FRST desde el escritorio como te indiqué, muevelo al escritorio para realizar el siguiente paso, si no no funcionará.

:arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe( en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
Tcpip\..\Interfaces\{6A6FDA11-B2D0-4DB3-9EE9-BB1555253726}: [NameServer] 77.234.40.79
CHR Extension: (Anti Miner - No 1 Coin Minerblock) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\abgnbkcdbiafipllamhhmikhgjolhdaf [2017-12-28]
CHR Extension: (Chrome Media Router) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-30]
U1 aswbdisk; no ImagePath
2018-04-12 13:29 - 2018-04-12 13:29 - 001876480 _____ (Opera Software) C:\Users\Invitado\AppData\Local\Temp\Opera_installer_180412162957905.dll
2018-04-12 13:30 - 2018-04-12 13:30 - 001876480 _____ (Opera Software) C:\Users\Invitado\AppData\Local\Temp\Opera_installer_180412163000118.dll
2018-04-12 13:30 - 2018-04-12 13:30 - 001876480 _____ (Opera Software) C:\Users\Invitado\AppData\Local\Temp\Opera_installer_180412163018687.dll
2018-04-12 13:30 - 2018-04-12 13:30 - 001876480 _____ (Opera Software) C:\Users\Invitado\AppData\Local\Temp\Opera_installer_180412163018867.dll
2018-04-12 13:30 - 2018-04-12 13:30 - 001876480 _____ (Opera Software) C:\Users\Invitado\AppData\Local\Temp\Opera_installer_180412163019843.dll
2018-04-12 13:30 - 2018-04-12 13:30 - 001876480 _____ (Opera Software) C:\Users\Invitado\AppData\Local\Temp\Opera_installer_180412163026213.dll
ShortcutWithArgument: C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Authy.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gaedmjdfmmahhbjefcbgaolhhanlaolb

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
  • Presionar el botón FIX y aguardar a que termine.
  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo


#19

Sabes una cosa, que si lo hice desde el escritorio al FRST, lo vuelvo a hacer a ver si cometi algun error.


#20

Hola

En el reporte no dice que lo hayas utilizado desde el escritorio, esa es la ruta desde la que lo hiciste :roll_eyes:

No vuelvas a analizar, solo muévelo (NO copiar y pegar) al escritorio y realizas el paso que te indiqué en el post anterior.

Un saludo


#21

ok si te lo mencionaba porque me parecio haberlo hecho asi, en fin. copio el codigo sin esto…START CREATERESTOREPOINT: CLOSEPROCESSES:

ya hice lo de notepad, tuve q poner clave de nuevo al ingresar aqui.

por cierto ya puse el programa frst.exe en escritorio de nuevo pues lo habia mandado a una carpeta, pense q no se usaba mas, y aparte tengo otro frst.exe en C:\Users\Diego\Escritorio\pc\FRST-OlderVersion…aviso por las dudas


#22

Fix result of Farbar Recovery Scan Tool (x86) Version: 24.10.2018
Ran by Diego (06-11-2018 01:17:16) Run:1
Running from C:\Users\Diego\Escritorio
Loaded Profiles: Diego & Invitado (Available Profiles: Diego & Invitado)
Boot Mode: Normal

==============================================

fixlist content:
*****************
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
Tcpip\..\Interfaces\{6A6FDA11-B2D0-4DB3-9EE9-BB1555253726}: [NameServer] 77.234.40.79
CHR Extension: (Anti Miner - No 1 Coin Minerblock) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\abgnbkcdbiafipllamhhmikhgjolhdaf [2017-12-28]
CHR Extension: (Chrome Media Router) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-30]
U1 aswbdisk; no ImagePath
2018-04-12 13:29 - 2018-04-12 13:29 - 001876480 _____ (Opera Software) C:\Users\Invitado\AppData\Local\Temp\Opera_installer_180412162957905.dll
2018-04-12 13:30 - 2018-04-12 13:30 - 001876480 _____ (Opera Software) C:\Users\Invitado\AppData\Local\Temp\Opera_installer_180412163000118.dll
2018-04-12 13:30 - 2018-04-12 13:30 - 001876480 _____ (Opera Software) C:\Users\Invitado\AppData\Local\Temp\Opera_installer_180412163018687.dll
2018-04-12 13:30 - 2018-04-12 13:30 - 001876480 _____ (Opera Software) C:\Users\Invitado\AppData\Local\Temp\Opera_installer_180412163018867.dll
2018-04-12 13:30 - 2018-04-12 13:30 - 001876480 _____ (Opera Software) C:\Users\Invitado\AppData\Local\Temp\Opera_installer_180412163019843.dll
2018-04-12 13:30 - 2018-04-12 13:30 - 001876480 _____ (Opera Software) C:\Users\Invitado\AppData\Local\Temp\Opera_installer_180412163026213.dll
ShortcutWithArgument: C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Authy.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gaedmjdfmmahhbjefcbgaolhhanlaolb

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully.
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{6A6FDA11-B2D0-4DB3-9EE9-BB1555253726}\\NameServer" => removed successfully.
CHR Extension: (Anti Miner - No 1 Coin Minerblock) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\abgnbkcdbiafipllamhhmikhgjolhdaf [2017-12-28] => Error: No automatic fix found for this entry.
CHR Extension: (Chrome Media Router) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-30] => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
C:\Users\Invitado\AppData\Local\Temp\Opera_installer_180412162957905.dll => moved successfully
C:\Users\Invitado\AppData\Local\Temp\Opera_installer_180412163000118.dll => moved successfully
C:\Users\Invitado\AppData\Local\Temp\Opera_installer_180412163018687.dll => moved successfully
C:\Users\Invitado\AppData\Local\Temp\Opera_installer_180412163018867.dll => moved successfully
C:\Users\Invitado\AppData\Local\Temp\Opera_installer_180412163019843.dll => moved successfully
C:\Users\Invitado\AppData\Local\Temp\Opera_installer_180412163026213.dll => moved successfully
C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Authy.lnk => Shortcut argument removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.
"HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.
"HKU\S-1-5-21-4176836711-1023169650-3318900086-501\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-4176836711-1023169650-3318900086-501\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local mientras los medios
est‚n desconectados.

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica:

   Sufijo DNS espec¡fico para la conexi¢n. . : fibertel.com.ar
   V¡nculo: direcci¢n IPv6 local. . . : fe80::cdbb:6138:c49c:d473%12
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.6
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.0.1

Adaptador de Ethernet Conexi¢n de  rea local:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.{AF6D671A-777B-4CBF-BE5B-5187FDE44BFE}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.fibertel.com.ar:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel Reusable ISATAP Interface {9F640117-3CE4-4BDA-9DB4-DAFAC1065747}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel Reusable ISATAP Interface {A12879F6-117A-4DB4-AC0C-5E72B725C5A8}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel Reusable ISATAP Interface {165E55EA-4C1E-40CA-83DA-5444EEF15360}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : fibertel.com.ar

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8500296 B
Java, Flash, Steam htmlcache => 1184 B
Windows/system/drivers => 13911989 B
Edge => 0 B
Chrome => 16562262 B
Firefox => 14153464 B
Opera => 256724415 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
LocalService => 0 B
NetworkService => 75960232 B
Diego => 86496371 B
Invitado => 512100316 B

RecycleBin => 441470 B
EmptyTemp: => 947.2 MB temporary data Removed.

================================