Ayuda para limpiar a fondo mi pc

#77

Hola

Realiza los pasos que se indica en este enlace >> Aparece el mensaje de error “Error en el inicio de sesión del servicio de perfil de usuario”

Un saludo

#78

ok me pongo a ello, muchas gracias

#79

Hola

De acuerdo, por aquí estaremos esperando comentarios :+1:

Un saludo

#80
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24.10.2018
Ran by Diego (24-02-2019 13:39:00)
Running from C:\Users\Diego\Escritorio
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) (2016-02-14 16:54:57)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-4176836711-1023169650-3318900086-500 - Administrator - Disabled)
Diego (S-1-5-21-4176836711-1023169650-3318900086-1000 - Administrator - Enabled) => C:\Users\Diego
HomeGroupUser$ (S-1-5-21-4176836711-1023169650-3318900086-1010 - Limited - Enabled)
I2 (S-1-5-21-4176836711-1023169650-3318900086-1012 - Limited - Enabled) => C:\Users\I2
Invitado (S-1-5-21-4176836711-1023169650-3318900086-501 - Limited - Enabled) => C:\Users\TEMP

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
Apowersoft Online Launcher versión 1.3.6 (HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.3.6 - APOWERSOFT LIMITED)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Argente - Registry Cleaner 3.1.2.0 (HKLM\...\Argente - Registry Cleaner_is1) (Version: 3.1.2.0 - Raúl Argente)
Backup and Sync from Google (HKLM\...\{1D233C1C-E94D-4802-B431-C0D64FFEAD13}) (Version: 3.43.2448.9071 - Google, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.47 - Piriform)
Citrix Online Launcher (HKLM\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
Compatibilidad con Aplicaciones de Apple (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Debloater (HKLM\...\{2045C97A-8D9A-47E2-A76A-E6A69CB7030B}) (Version: 3.90 - Gatesjunior Developer)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
DriversCloud.com (HKLM\...\{80D96881-C431-4441-8A61-0D8C825B970D}) (Version: 8.0.3.1 - Cybelsoft)
Eye 312 (HKLM\...\{74F923F2-2B11-4E2E-B638-A1772A9F7B7B}) (Version: 1.0.0.28 - KYE SYSTEMS CORP.)
Glary Utilities 5.99 (HKLM\...\Glary Utilities 5) (Version: 5.99.0.121 - Glarysoft Ltd)
Google Chrome (HKLM\...\Google Chrome) (Version: 72.0.3626.109 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version:  - Intel Corporation)
Java 8 Update 161 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java SE Development Kit 8 Update 73 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0180730}) (Version: 8.0.730.2 - Oracle Corporation)
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM\...\{90120000-0016-0C0A-0000-0000000FF1CE}_PROPLUS_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version:  - Microsoft)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM\...\{90120000-001A-0C0A-0000-0000000FF1CE}_PROPLUS_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version:  - Microsoft)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM\...\{90120000-0018-0C0A-0000-0000000FF1CE}_PROPLUS_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version:  - Microsoft)
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM\...\{90120000-001B-0C0A-0000-0000000FF1CE}_PROPLUS_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version:  - Microsoft)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 64.0 (x86 es-ES) (HKLM\...\Mozilla Firefox 64.0 (x86 es-ES)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0.0.6914 - Mozilla)
Opera Stable 58.0.3135.68 (HKLM\...\Opera 58.0.3135.68) (Version: 58.0.3135.68 - Opera Software)
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Rapport (HKLM\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1804.161 - Trusteer) Hidden
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.97.1001.2015 - Realtek)
Revo Uninstaller 2.0.4 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.4 - VS Revo Group, Ltd.)
Skype versión 8.37 (HKLM\...\Skype_is1) (Version: 8.37 - Skype Technologies S.A.)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.1 - Krzysztof Kowalczyk)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TL-WN721N/TL-WN722N Driver (HKLM\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.0.0 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.0.0 - TP-LINK)
Trusteer Seguridad Terminal (HKLM\...\Rapport_msi) (Version: 3.5.1804.161 - Trusteer)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
USB Disk Security (HKLM\...\USB Disk Security_is1) (Version:  - Zbshareware Lab)
WinRAR 5.50 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-12-07] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-12-07] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-12-07] (Google)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-12-07] (Google)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2018-03-02] (Glarysoft Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2018-03-02] (Glarysoft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-12-07] (Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-23] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2018-03-02] (Glarysoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {16ABBBC0-2682-42AD-A7F7-408AC1DA4CA3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-12-18] (Google Inc.)
Task: {1A206802-D45E-4D69-AD25-D456FB52A9FB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-19] (Piriform Ltd)
Task: {2A50F7CF-ED61-4A97-8FBD-09F42D46D908} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
Task: {37F17089-1D79-44D4-89E0-27E90ED96E6B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-12-16] (Adobe Systems Incorporated)
Task: {4172B620-83CD-42C9-A4F3-6BC73BCBA7F3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2019-02-12] (Adobe Systems Incorporated)
Task: {433D2CAE-D11B-4BE5-94EE-2CCBF97016FA} - System32\Tasks\Opera scheduled Autoupdate 1514437664 => C:\Program Files\Opera\launcher.exe [2019-02-18] (Opera Software)
Task: {44495661-1558-4FB8-9C3D-D1F25AE3D023} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {5488D5A4-02BA-42EE-B3B6-1AB16E07C69D} - System32\Tasks\AdobeGCInvoker-1.0-Diego-PC-Diego => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-12-13] (Adobe Systems, Incorporated)
Task: {56FCA812-80EB-476A-94C3-7E461BDDBD7F} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files\AVG\AVG PC TuneUp\tuscanx.exe
Task: {676713BD-75BC-4B2A-8157-9CA061DFC8C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-12-18] (Google Inc.)
Task: {78370DCE-7583-4A8C-AF8E-8994C0BD99F5} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {91403318-5A73-41A7-8218-DCEEAF4B280A} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_142_pepper.exe [2019-02-12] (Adobe Systems Incorporated)
Task: {A2495820-B78B-4782-B081-62D79F148075} - System32\Tasks\GlaryInitialize 5 => C:\Program Files\Glary Utilities 5\Initialize.exe [2018-06-04] (Glarysoft Ltd)
Task: {A6394592-54CE-4E93-8D64-1A068F462632} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => C:\Windows\System32\wsqmcons.exe
Task: {C87533A4-2F95-4178-8443-306E0D212C1B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_142_Plugin.exe [2019-02-12] (Adobe Systems Incorporated)
Task: {CF9AE76A-ED85-48BA-A484-52ED6A31640A} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2017-12-19] (Oracle Corporation)
Task: {E1FE6947-4E0B-42F4-816C-DB99D857EBAC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E3878157-0ACA-4216-857F-B1551A889B15} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-02-04] (Piriform Software Ltd)
Task: {EE005747-52A6-430E-9B01-B87F2CF126FA} - System32\Tasks\AdobeGCInvoker-1.0-Diego-PC-I2 => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-12-13] (Adobe Systems, Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Diego\Links\Chrome.lnk -> C:\Users\Diego\Escritorio\pc\Chrome.search-ms ()

==================== Loaded Modules (Whitelisted) ==============

2009-07-13 20:35 - 2011-08-03 11:34 - 000036352 _____ () C:\Windows\system32\slc.dll
2018-11-17 16:31 - 2019-01-25 10:10 - 002234688 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2016-02-14 14:46 - 2013-06-25 11:03 - 000036864 _____ () C:\Program Files\USB Disk Security\locales\spanish.dll
2016-02-14 14:19 - 2011-11-18 17:14 - 000788992 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
2016-02-14 14:19 - 2011-08-25 14:02 - 001425920 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
2016-02-14 14:19 - 2011-03-31 15:36 - 000167424 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
2016-02-14 14:19 - 2011-03-31 15:36 - 000128000 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF.dll
2016-02-14 14:19 - 2011-03-31 15:36 - 000111616 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF_WPS_WIN7.DLL
2019-02-22 08:08 - 2019-02-22 08:08 - 000596056 _____ () C:\Program Files\Opera\58.0.3135.68\opera_elf.dll
2019-02-22 08:08 - 2019-02-22 08:08 - 092928600 _____ () C:\Program Files\Opera\58.0.3135.68\opera_browser.dll
2019-02-22 08:08 - 2019-02-22 08:08 - 002257496 _____ () C:\Program Files\Opera\58.0.3135.68\swiftshader\libglesv2.dll
2019-02-22 08:08 - 2019-02-22 08:08 - 000128600 _____ () C:\Program Files\Opera\58.0.3135.68\swiftshader\libegl.dll
2018-06-04 03:15 - 2018-06-04 03:15 - 000086992 _____ () C:\Program Files\Glary Utilities 5\zlib1.dll
2015-06-02 15:51 - 2015-06-02 15:51 - 000545792 _____ () C:\Program Files\Trusteer\Rapport\bin\js32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:04 - 2019-01-04 11:15 - 000000029 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 200.42.4.198 - 200.49.130.51
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ArgenteRC => "C:\Program Files\Argente - Registry Cleaner\ArgenteRC.exe" /AutoClean
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files\Glary Utilities 5\StartupManager.exe" -delayrun
MSCONFIG\startupreg: PAC7302_Monitor => C:\Windows\PixArt\PAC7302\Monitor.exe
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{D33B93B6-5200-4120-AC1E-46CC68B7267E}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{C5ED140D-6263-4265-91DA-7BDEFFBAA5DC}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{83492266-43F8-456C-B251-48B569DBD136}C:\users\invitado\appdata\local\vivaldi\application\vivaldi.exe] => (Block) C:\users\invitado\appdata\local\vivaldi\application\vivaldi.exe
FirewallRules: [UDP Query User{4A06AF82-C463-4460-BA0E-186FCAED807E}C:\users\invitado\appdata\local\vivaldi\application\vivaldi.exe] => (Block) C:\users\invitado\appdata\local\vivaldi\application\vivaldi.exe
FirewallRules: [{59FACD2A-FECF-40CF-BBE4-546A706FA40B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C6175BF2-EA32-40F7-BD13-B569431C656C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0EB4A5D5-DEDD-4630-9E33-4CC875215AEF}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{27F1440B-5D5E-4C77-8880-9575A1992C5E}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{43BCCD80-CD6D-4055-A207-433519F2AA80}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{99E5A4EB-AA8B-459D-84B0-8B6EB3B52C1F}] => (Allow) C:\Program Files\Opera\58.0.3135.65\opera.exe
FirewallRules: [{7D05DC14-B04E-42B2-98AA-AF973A01161B}] => (Allow) C:\Program Files\Opera\58.0.3135.68\opera.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled
Check "winmgmt" service or repair WMI.


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/24/2019 01:26:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (02/24/2019 01:26:24 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: El servicio Windows Search no pudo procesar la lista de ubicaciones incluidas y excluidas. Error: <30, 0x80040d07, "file:///A:\Documentos\">.

Error: (02/24/2019 01:25:33 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: El servicio Windows Search se está deteniendo porque hay un problema con el indizador: The catalog is corrupt.

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/24/2019 01:25:33 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: No se puede inicializar el índice.

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/24/2019 01:25:33 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: No se puede inicializar la aplicación.

Contexto: aplicación Windows

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/24/2019 01:25:33 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: No se puede inicializar el objeto Recopilador.

Contexto: aplicación Windows, catálogo SystemIndex

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/24/2019 01:25:33 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: No se puede inicializar el complemento <Search.TripoliIndexer>.

Contexto: aplicación Windows, catálogo SystemIndex

Detalles:
	No se ha encontrado el elemento.  (HRESULT : 0x80070490) (0x80070490)

Error: (02/24/2019 01:25:32 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: No se puede inicializar el complemento <Search.JetPropStore>.

Contexto: aplicación Windows, catálogo SystemIndex

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (02/24/2019 01:27:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio wscsvc no pudo iniciarse debido al siguiente error: 
Este servicio se configuró para ejecutarse en un programa ejecutable, pero el programa no implementa el servicio.

Error: (02/24/2019 01:25:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Search terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

Error: (02/24/2019 01:25:33 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: El servicio Windows Search se cerró con el error específico de servicio %%-1073473535.

Error: (02/24/2019 01:24:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio WinDefend no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (02/24/2019 01:24:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio WinDefend.

Error: (02/24/2019 01:17:24 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "" para ejecutar el servidor:
{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (02/24/2019 01:17:24 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "" para ejecutar el servidor:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (02/24/2019 01:17:23 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Error de DCOM "1084" al intentar iniciar el servicio EventSystem con argumentos "" para ejecutar el servidor:
{1BE1F766-5536-11D1-B726-00C04FB926AF}


CodeIntegrity:
===================================

Date: 2018-11-20 18:16:43.166
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-11-20 18:16:43.043
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-11-17 11:48:42.039
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-11-17 11:48:41.758
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-11-16 11:41:42.547
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-11-16 11:41:42.434
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-11-16 11:41:42.264
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-11-16 11:41:38.126
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

==================== Memory info =========================== 

Processor: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz
Percentage of memory in use: 60%
Total physical RAM: 2038.18 MB
Available physical RAM: 804.34 MB
Total Virtual: 4076.36 MB
Available Virtual: 2276.95 MB

==================== Drives ================================

Drive a: (Datos) (Fixed) (Total:150 GB) (Free:112.51 GB) NTFS
Drive c: () (Fixed) (Total:147.99 GB) (Free:112.22 GB) NTFS

\\?\Volume{a9572656-d319-11e5-b7dc-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 328F328F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=148 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=150 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
#81
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24.10.2018
Ran by Diego (administrator) on DIEGO-PC (24-02-2019 13:37:58)
Running from C:\Users\Diego\Escritorio
Loaded Profiles: Diego (Available Profiles: Diego & I2 & Invitado)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Zbshareware Lab) C:\Program Files\USB Disk Security\USBGuard.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
() C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(Opera Software) C:\Program Files\Opera\58.0.3135.68\opera.exe
(Opera Software) C:\Program Files\Opera\58.0.3135.68\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\58.0.3135.68\opera.exe
(Opera Software) C:\Program Files\Opera\58.0.3135.68\opera.exe
(Opera Software) C:\Program Files\Opera\58.0.3135.68\opera.exe
(Opera Software) C:\Program Files\Opera\58.0.3135.68\opera.exe
(Opera Software) C:\Program Files\Opera\58.0.3135.68\opera.exe
(Opera Software) C:\Program Files\Opera\58.0.3135.68\opera.exe
(Opera Software) C:\Program Files\Opera\58.0.3135.68\opera.exe
(Opera Software) C:\Program Files\Opera\58.0.3135.68\opera.exe
(Glarysoft Ltd) C:\Program Files\Glary Utilities 5\Integrator.exe
(Opera Software) C:\Program Files\Opera\58.0.3135.68\opera.exe
(IBM Corp.) C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
(IBM Corp.) C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
(Opera Software) C:\Program Files\Opera\58.0.3135.68\opera.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Opera Software) C:\Program Files\Opera\58.0.3135.68\opera.exe
(Opera Software) C:\Program Files\Opera\58.0.3135.68\opera.exe
(Opera Software) C:\Program Files\Opera\58.0.3135.68\opera.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\reader_sl.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [USB Security] => C:\Program Files\USB Disk Security\USBGuard.exe [695528 2015-01-31] (Zbshareware Lab)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems, Incorporated)
HKLM\...\Run: [ArgenteRC] => C:\Program Files\Argente - Registry Cleaner\ArgenteRC.exe [2842112 2016-03-13] (Raúl Argente)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [43984 2018-06-04] (Glarysoft Ltd)
HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [13769584 2018-09-19] (Piriform Ltd)
HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [10240 2009-07-13] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2016-02-14]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
BootExecute: autocheck autochk *  

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 200.42.4.198 200.49.130.51
Tcpip\..\Interfaces\{A38C42F4-2C47-484E-976E-4962A945F520}: [DhcpNameServer] 200.42.4.198 200.49.130.51
Tcpip\..\Interfaces\{AF6D671A-777B-4CBF-BE5B-5187FDE44BFE}: [DhcpNameServer] 200.49.130.47 200.42.4.210

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-01-19] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-19] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\l8ga9exw.default-1477268946708 [2019-02-24]
FF Session Restore: Mozilla\Firefox\Profiles\l8ga9exw.default-1477268946708 -> is enabled.
FF Extension: (IBM Security Rapport) - C:\Users\Diego\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] [2017-11-06]
FF Extension: (Al Traductor de Google) - C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\l8ga9exw.default-1477268946708\Extensions\[email protected] [2018-06-07]
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\l8ga9exw.default-1477268946708\Extensions\[email protected] [2019-02-14]
FF Extension: (uBlock Origin) - C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\l8ga9exw.default-1477268946708\Extensions\[email protected] [2018-06-16]
FF Extension: (Avast Online Security) - C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\l8ga9exw.default-1477268946708\Extensions\[email protected] [2018-06-16]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_142.dll [2019-02-12] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-19] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-01-31] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4176836711-1023169650-3318900086-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Diego\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-03-23] (Citrix Online)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default [2019-02-24]
CHR Extension: (Presentaciones) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-18]
CHR Extension: (Anti Miner - No 1 Coin Minerblock) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\abgnbkcdbiafipllamhhmikhgjolhdaf [2017-12-28]
CHR Extension: (Documentos) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-18]
CHR Extension: (Google Drive) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-18]
CHR Extension: (IBM Security Rapport) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2019-01-23]
CHR Extension: (YouTube) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-18]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-01-23]
CHR Extension: (Hojas de cálculo) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-18]
CHR Extension: (Authy Chrome Extension) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhgenkpocbhhddlgkjnfghpjanffonno [2018-05-21]
CHR Extension: (Authy) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaedmjdfmmahhbjefcbgaolhhanlaolb [2018-05-26]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-12]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-18]
CHR Extension: (Chrome Media Router) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-23]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx

Opera: 
=======
OPR Session Restore: -> is enabled.
OPR Extension: (Super Auto Refresh) - C:\Users\Diego\AppData\Roaming\Opera Software\Opera Stable\Extensions\ghjaeanhfafkigkehjgapnlobfhefkme [2018-02-06]
OPR Extension: (Traductor de Google) - C:\Users\Diego\AppData\Roaming\Opera Software\Opera Stable\Extensions\mchdgimobfnilobnllpdnompfjkkfdmi [2019-01-23]
OPR Extension: (Mining Blocker) - C:\Users\Diego\AppData\Roaming\Opera Software\Opera Stable\Extensions\nbpfigdgbjgoejmnffbpgmbcnppjjokp [2018-09-21]
OPR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\Diego\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2019-01-23]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems, Incorporated)
S3 GoogleChromeElevationService; C:\Program Files\Google\Chrome\Application\72.0.3626.109\elevation_service.exe [1043440 2019-02-13] (Google Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5073376 2018-09-19] (Malwarebytes)
R2 RapportMgmtService; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [2350064 2017-09-28] (IBM Corp.)
S3 Themes; C:\Windows\system32\themeservice.dll [37376 2009-07-13] (Microsoft Corporation) [File not signed]
S2 WinDefend; %ProgramFiles%\Windows Defender\mpsvc.dll [X]
S2 wscsvc; %SYSTEMROOT%\system32\wscsvc.dll [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [48152 2017-03-02] (The OpenVPN Project)
R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1570304 2011-04-20] (Atheros Communications, Inc.)
R3 debutfilter; C:\Windows\System32\DRIVERS\debutfilterx86.sys [44752 2016-04-03] ()
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [25744 2018-06-11] (Glarysoft Ltd)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [230120 2019-02-24] (Malwarebytes)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [461824 2009-04-28] (PixArt Imaging Inc.)
R1 RapportAegle; C:\Program Files\Trusteer\Rapport\bin\RapportAegle.sys [204632 2017-09-28] (IBM Corp.)
R1 RapportCerberus_1804077; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_1804077.sys [848024 2017-10-02] (IBM Corp.)
R1 RapportEI; C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [336504 2017-09-28] (IBM Corp.)
R0 RapportHades; C:\Windows\System32\Drivers\RapportHades.sys [103616 2017-09-28] (IBM Corp.)
S3 RapportKELL; C:\Windows\System32\Drivers\RapportKELL.sys [265304 2017-09-28] (IBM Corp.)
R1 RapportPG; C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [415992 2017-09-28] (IBM Corp.)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [23040 2016-04-21] (The OpenVPN Project)
S3 catchme; \??\C:\Users\Diego\AppData\Local\Temp\catchme.sys [X] <==== ATTENTION
U5 W32Time; C:\Windows\system32\svchost.exe [20992 2009-07-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-24 13:37 - 2019-02-24 13:38 - 000014828 _____ C:\Users\Diego\Escritorio\FRST.txt
2019-02-24 13:25 - 2019-02-24 13:25 - 000230120 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-02-24 13:24 - 2019-02-24 13:29 - 000016308 _____ C:\Windows\ntbtlog.txt
2019-02-24 13:12 - 2019-02-24 13:12 - 012116824 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Diego\Escritorio\avgclear.exe
2019-02-24 13:10 - 2019-02-24 13:10 - 010370944 _____ (AVAST Software) C:\Users\Diego\Escritorio\avastclear.exe
2019-02-22 08:53 - 2019-02-22 08:53 - 000000000 ____D C:\Users\I2\AppData\Roaming\Opera Software
2019-02-22 08:53 - 2019-02-22 08:53 - 000000000 ____D C:\Users\I2\AppData\Local\Opera Software
2019-02-22 08:07 - 2019-02-22 08:07 - 000065103 _____ C:\Users\I2\Downloads\factura-debito-ECOGAS-nro-0400-04238611-000020655450-cen.pdf
2019-02-22 08:01 - 2019-02-20 20:48 - 002000776 _____ C:\Users\I2\Documents\Uphold.mhtml
2019-02-22 08:00 - 2019-02-17 21:08 - 000017383 _____ C:\Users\I2\Documents\CANairtm_transactions (1).csv
2019-02-20 20:49 - 2019-02-20 20:49 - 000067064 _____ C:\Users\I2\AppData\Local\GDIPFONTCACHEV1.DAT
2019-02-20 13:21 - 2019-02-20 13:21 - 000111496 _____ (Adguard Software Ltd) C:\Users\I2\Downloads\adguardInstaller.exe
2019-02-20 13:13 - 2019-02-20 13:13 - 000000000 ____D C:\Users\I2\AppData\Local\Apple
2019-02-20 12:57 - 2019-02-20 12:57 - 001104796 _____ C:\Users\I2\Downloads\Manual_Cajeros_AirTM_V2.1_03-18_1.pdf
2019-02-19 22:27 - 2019-02-19 22:27 - 000158244 _____ C:\Users\Diego\Downloads\9205-18522801 (1).pdf
2019-02-19 22:26 - 2019-02-19 22:26 - 000158170 _____ C:\Users\Diego\Downloads\9207-15874258 (1).pdf
2019-02-19 22:25 - 2019-02-19 22:25 - 000159192 _____ C:\Users\Diego\Downloads\9207-15959662.pdf
2019-02-18 13:15 - 2019-02-18 13:15 - 000301549 _____ C:\Users\I2\Downloads\POLIZA_7627621_323084818_0.pdf
2019-02-18 13:11 - 2019-02-18 13:11 - 000000000 ____D C:\Users\I2\AppData\Roaming\Sun
2019-02-18 13:11 - 2019-02-18 13:11 - 000000000 ____D C:\Users\I2\AppData\LocalLow\Sun
2019-02-16 12:53 - 2019-02-16 12:54 - 000089898 _____ C:\Users\I2\Downloads\copia_3230848_1021818.pdf
2019-02-16 11:05 - 2019-02-16 11:05 - 000132181 _____ C:\Users\I2\Documents\cd.xps
2019-02-16 11:05 - 2019-02-16 11:05 - 000000000 ____D C:\Users\I2\AppData\LocalLow\Temp
2019-02-14 14:44 - 2019-02-17 17:58 - 000002137 _____ C:\Users\I2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
2019-02-14 14:44 - 2019-02-17 17:58 - 000000000 ____D C:\Users\I2\AppData\Local\Vivaldi
2019-02-14 14:42 - 2019-02-14 14:43 - 055467592 _____ (Vivaldi Technologies AS) C:\Users\I2\Downloads\Vivaldi.2.3.1440.41.exe
2019-02-14 11:24 - 2019-02-14 11:53 - 000106932 _____ C:\Users\I2\Downloads\airtm_transactions.csv
2019-02-14 11:20 - 2019-02-14 11:20 - 000000000 ____D C:\Users\I2\AppData\Local\CEF
2019-02-14 11:18 - 2019-02-18 14:52 - 000000000 ____D C:\Users\I2\AppData\Roaming\TP-LINK
2019-02-14 11:18 - 2019-02-14 11:18 - 000000000 ____D C:\Users\I2\AppData\Roaming\Zbshareware Lab
2019-02-14 11:16 - 2019-02-14 11:16 - 000001267 _____ C:\Users\I2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2019-02-14 11:16 - 2019-02-14 11:16 - 000000000 ____D C:\Users\I2\AppData\Roaming\Adobe
2019-02-14 10:07 - 2019-02-14 13:36 - 000000000 ____D C:\Users\I2\AppData\Local\Google
2019-02-14 10:07 - 2019-02-14 11:17 - 000000000 ____D C:\Users\I2
2019-02-14 10:07 - 2019-02-14 10:07 - 000000020 ___SH C:\Users\I2\ntuser.ini
2019-02-14 10:07 - 2019-02-14 10:07 - 000000000 _SHDL C:\Users\I2\Reciente
2019-02-14 10:07 - 2019-02-14 10:07 - 000000000 _SHDL C:\Users\I2\Plantillas
2019-02-14 10:07 - 2019-02-14 10:07 - 000000000 _SHDL C:\Users\I2\Mis documentos
2019-02-14 10:07 - 2019-02-14 10:07 - 000000000 _SHDL C:\Users\I2\Menú Inicio
2019-02-14 10:07 - 2019-02-14 10:07 - 000000000 _SHDL C:\Users\I2\Impresoras
2019-02-14 10:07 - 2019-02-14 10:07 - 000000000 _SHDL C:\Users\I2\Entorno de red
2019-02-14 10:07 - 2019-02-14 10:07 - 000000000 _SHDL C:\Users\I2\Documents\Mis vídeos
2019-02-14 10:07 - 2019-02-14 10:07 - 000000000 _SHDL C:\Users\I2\Documents\Mis imágenes
2019-02-14 10:07 - 2019-02-14 10:07 - 000000000 _SHDL C:\Users\I2\Documents\Mi música
2019-02-14 10:07 - 2019-02-14 10:07 - 000000000 _SHDL C:\Users\I2\Datos de programa
2019-02-14 10:07 - 2019-02-14 10:07 - 000000000 _SHDL C:\Users\I2\Configuración local
2019-02-14 10:07 - 2019-02-14 10:07 - 000000000 _SHDL C:\Users\I2\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2019-02-14 10:07 - 2019-02-14 10:07 - 000000000 _SHDL C:\Users\I2\AppData\Local\Historial
2019-02-14 10:07 - 2019-02-14 10:07 - 000000000 _SHDL C:\Users\I2\AppData\Local\Datos de programa
2019-02-14 10:07 - 2019-02-14 10:07 - 000000000 _SHDL C:\Users\I2\AppData\Local\Archivos temporales de Internet
2019-02-14 10:07 - 2019-02-14 10:07 - 000000000 ____D C:\Users\I2\AppData\Local\mbamtray
2019-02-14 10:07 - 2018-07-12 15:52 - 000000000 ____D C:\Users\I2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-02-14 10:07 - 2018-01-30 13:08 - 000000000 ____D C:\Users\I2\AppData\Local\AVG
2019-02-14 10:07 - 2017-08-09 21:53 - 000000000 ____D C:\Users\I2\AppData\Roaming\Mozilla
2019-02-14 10:07 - 2017-08-09 21:53 - 000000000 ____D C:\Users\I2\AppData\Local\Trusteer
2019-02-14 08:57 - 2019-02-14 08:59 - 000000000 ____D C:\Users\TEMP
2019-02-14 08:57 - 2018-11-03 14:00 - 000000000 ____D C:\Users\TEMP\AppData\Local\Google
2019-02-14 08:57 - 2018-07-12 15:52 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-02-14 08:57 - 2018-01-30 13:08 - 000000000 ____D C:\Users\TEMP\AppData\Local\AVG
2019-02-14 08:57 - 2017-08-09 21:53 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\Mozilla
2019-02-14 08:57 - 2017-08-09 21:53 - 000000000 ____D C:\Users\TEMP\AppData\Local\Trusteer
2019-02-14 08:57 - 2016-04-01 16:04 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\AVAST Software
2019-02-12 17:44 - 2019-02-12 17:44 - 000000540 _____ C:\Users\Invitado\Downloads\airtm_transactions (7).csv
2019-02-12 17:30 - 2019-02-12 17:31 - 000000540 _____ C:\Users\Invitado\Downloads\airtm_transactions (6).csv
2019-02-11 13:45 - 2019-02-11 13:45 - 000136002 _____ C:\Users\Diego\Downloads\takeout-20190209T015536Z-001.zip
2019-02-11 13:45 - 2019-02-11 13:45 - 000136002 _____ C:\Users\Diego\Downloads\takeout-20190209T015536Z-001 (1).zip
2019-02-04 15:30 - 2019-02-04 15:30 - 000156935 _____ C:\Users\Diego\Downloads\statements (25).pdf
2019-02-04 15:30 - 2019-02-04 15:30 - 000056730 _____ C:\Users\Diego\Downloads\statements (26).pdf
2019-01-29 08:39 - 2019-01-29 08:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-24 13:37 - 2017-11-29 16:47 - 000000000 ____D C:\FRST
2019-02-24 13:37 - 2016-02-14 13:54 - 000000000 ___RD C:\Users\Diego\Escritorio
2019-02-24 13:35 - 2018-11-06 01:17 - 000008932 _____ C:\Users\Diego\Escritorio\Fixlog.txt
2019-02-24 13:32 - 2009-07-14 01:34 - 000026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-02-24 13:32 - 2009-07-14 01:34 - 000026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-02-24 13:27 - 2017-12-01 21:42 - 000000000 ____D C:\Program Files\Glary Utilities 5
2019-02-24 13:24 - 2018-07-17 14:33 - 000000000 ____D C:\Users\Diego\AppData\Local\AVAST Software
2019-02-24 13:24 - 2018-01-19 03:22 - 000000000 ____D C:\Program Files\AVG
2019-02-24 13:24 - 2017-12-06 11:50 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2019-02-24 13:24 - 2016-02-14 13:58 - 000000000 ____D C:\ProgramData\AVAST Software
2019-02-24 13:24 - 2009-07-14 01:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-24 13:24 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\inf
2019-02-24 13:22 - 2017-03-20 11:08 - 000000000 ____D C:\Windows\Minidump
2019-02-23 08:32 - 2017-09-01 20:24 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-02-23 08:15 - 2009-07-14 01:53 - 000032630 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-02-22 08:08 - 2017-05-12 23:19 - 000000000 ____D C:\Program Files\Opera
2019-02-14 09:30 - 2017-12-18 21:30 - 000002028 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-02-13 11:01 - 2018-03-21 23:11 - 000000000 ____D C:\Users\Invitado\AppData\Local\AVAST Software
2019-02-12 22:51 - 2016-02-14 14:45 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2019-02-12 22:51 - 2016-02-14 14:45 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-02-12 22:51 - 2016-02-14 14:45 - 000000000 ____D C:\Windows\system32\Macromed
2019-02-06 09:26 - 2018-04-16 14:43 - 000002157 _____ C:\Users\Invitado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
2019-02-06 09:17 - 2018-04-16 14:39 - 000000000 ____D C:\Users\Invitado\AppData\Local\Vivaldi
2019-02-05 08:47 - 2016-02-14 14:48 - 000000000 ____D C:\Program Files\CCleaner
2019-01-29 13:27 - 2018-08-10 16:40 - 000000000 ____D C:\Users\Invitado\AppData\Roaming\Skype
2019-01-29 08:40 - 2016-02-14 15:36 - 000000000 ____D C:\Users\Diego\AppData\Roaming\Skype
2019-01-29 08:39 - 2017-02-02 18:16 - 000000000 ____D C:\Program Files\Common Files\Skype
2019-01-29 08:39 - 2016-02-14 15:36 - 000000000 ___RD C:\Program Files\Skype
2019-01-29 08:39 - 2016-02-14 15:35 - 000000000 ____D C:\ProgramData\Skype
2019-01-25 10:10 - 2018-11-17 16:31 - 000129248 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys

==================== Files in the root of some directories =======

2017-10-25 23:14 - 2017-10-25 23:14 - 000021368 _____ (Schneider Electric) C:\Users\Diego\en_res.dll
2017-10-25 23:14 - 2017-10-25 23:14 - 000021368 _____ (Schneider Electric) C:\Users\Diego\es_res.dll
2017-10-25 23:14 - 2017-10-25 23:14 - 000021880 _____ (Schneider Electric) C:\Users\Diego\fr_res.dll
2017-10-25 23:14 - 2017-10-25 23:14 - 000021880 _____ (Schneider Electric) C:\Users\Diego\grm_res.dll
2017-10-25 23:14 - 2017-10-25 23:14 - 000021368 _____ (Schneider Electric) C:\Users\Diego\it_res.dll
2017-10-25 23:14 - 2017-10-25 23:14 - 000020344 _____ (Schneider Electric) C:\Users\Diego\jp_res.dll
2017-10-25 23:14 - 2017-10-25 23:14 - 001079808 _____ (Microsoft Corporation) C:\Users\Diego\mfc80u.dll
2017-10-25 23:14 - 2017-10-25 23:14 - 000626688 _____ (Microsoft Corporation) C:\Users\Diego\msvcr80.dll
2017-10-25 23:14 - 2017-10-25 23:14 - 013923704 _____ (Schneider Electric) C:\Users\Diego\PCPE Setup.exe
2017-10-25 23:14 - 2017-10-25 23:14 - 000021368 _____ (Schneider Electric) C:\Users\Diego\pt_res.dll
2017-10-25 23:14 - 2017-10-25 23:14 - 000020856 _____ (Schneider Electric) C:\Users\Diego\ru_res.dll
2017-10-25 23:14 - 2017-10-25 23:14 - 000019832 _____ (Schneider Electric) C:\Users\Diego\zh_res.dll
2018-11-01 17:27 - 2018-11-01 17:27 - 000000000 _____ () C:\Users\Diego\AppData\Local\oobelibMkey.log
2017-11-29 02:26 - 2017-11-29 02:26 - 000000017 _____ () C:\Users\Diego\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
2019-01-15 11:21 - 2019-01-15 11:21 - 002580480 _____ (Opera Software) C:\Users\Invitado\AppData\Local\Temp\Opera_installer_1901151421315247028.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-02-22 15:44

==================== End of FRST.txt ============================
#82

Hola

:arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe( en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\...\Run: [USB Security] => C:\Program Files\USB Disk Security\USBGuard.exe [695528 2015-01-31] (Zbshareware Lab)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems, Incorporated)
HKLM\...\Run: [ArgenteRC] => C:\Program Files\Argente - Registry Cleaner\ArgenteRC.exe [2842112 2016-03-13] (Raúl Argente)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [43984 2018-06-04] (Glarysoft Ltd)
HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [13769584 2018-09-19] (Piriform Ltd)
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\l8ga9exw.default-1477268946708\Extensions\[email protected] [2019-02-14]
FF Extension: (Avast Online Security) - C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\l8ga9exw.default-1477268946708\Extensions\[email protected] [2018-06-16]
CHR Extension: (Anti Miner - No 1 Coin Minerblock) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\abgnbkcdbiafipllamhhmikhgjolhdaf [2017-12-28]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
S2 WinDefend; %ProgramFiles%\Windows Defender\mpsvc.dll [X]
S2 wscsvc; %SYSTEMROOT%\system32\wscsvc.dll [X]
S3 catchme; \??\C:\Users\Diego\AppData\Local\Temp\catchme.sys [X] <==== ATTENTION
U5 W32Time; C:\Windows\system32\svchost.exe [20992 2009-07-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
2019-02-24 13:12 - 2019-02-24 13:12 - 012116824 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Diego\Escritorio\avgclear.exe
2019-02-24 13:10 - 2019-02-24 13:10 - 010370944 _____ (AVAST Software) C:\Users\Diego\Escritorio\avastclear.exe
2019-02-14 10:07 - 2018-01-30 13:08 - 000000000 ____D C:\Users\I2\AppData\Local\AVG
2019-02-14 08:57 - 2018-01-30 13:08 - 000000000 ____D C:\Users\TEMP\AppData\Local\AVG
2019-02-14 08:57 - 2016-04-01 16:04 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\AVAST Software
2019-02-24 13:24 - 2018-07-17 14:33 - 000000000 ____D C:\Users\Diego\AppData\Local\AVAST Software
2019-02-24 13:24 - 2018-01-19 03:22 - 000000000 ____D C:\Program Files\AVG
2019-02-24 13:24 - 2017-12-06 11:50 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2019-02-24 13:24 - 2016-02-14 13:58 - 000000000 ____D C:\ProgramData\AVAST Software
2019-02-13 11:01 - 2018-03-21 23:11 - 000000000 ____D C:\Users\Invitado\AppData\Local\AVAST Software
2019-01-15 11:21 - 2019-01-15 11:21 - 002580480 _____ (Opera Software) C:\Users\Invitado\AppData\Local\Temp\Opera_installer_1901151421315247028.dll
Task: {2A50F7CF-ED61-4A97-8FBD-09F42D46D908} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
Task: {44495661-1558-4FB8-9C3D-D1F25AE3D023} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {56FCA812-80EB-476A-94C3-7E461BDDBD7F} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files\AVG\AVG PC TuneUp\tuscanx.exe
Task: {78370DCE-7583-4A8C-AF8E-8994C0BD99F5} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
DeleteKey: [HKEY_USERS\S-1-5-21-4176836711-1023169650-3318900086-1000\0=0;+²10+0)+ahttps://secure.comodo.net/CPS*ÉõH]

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.


  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
  • Presionar el botón FIX y aguardar a que termine.
  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo

#83
Fix result of Farbar Recovery Scan Tool (x86) Version: 24.10.2018
Ran by Diego (01-03-2019 00:56:39) Run:2
Running from C:\Users\Diego\Escritorio
Loaded Profiles: Diego & I2 (Available Profiles: Diego & I2 & Invitado)
Boot Mode: Normal

==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\...\Run: [USB Security] => C:\Program Files\USB Disk Security\USBGuard.exe [695528 2015-01-31] (Zbshareware Lab)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems, Incorporated)
HKLM\...\Run: [ArgenteRC] => C:\Program Files\Argente - Registry Cleaner\ArgenteRC.exe [2842112 2016-03-13] (Ra�l Argente)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [43984 2018-06-04] (Glarysoft Ltd)
HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [13769584 2018-09-19] (Piriform Ltd)
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\l8ga9exw.default-1477268946708\Extensions\[email protected] [2019-02-14]
FF Extension: (Avast Online Security) - C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\l8ga9exw.default-1477268946708\Extensions\[email protected] [2018-06-16]
CHR Extension: (Anti Miner - No 1 Coin Minerblock) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\abgnbkcdbiafipllamhhmikhgjolhdaf [2017-12-28]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
S2 WinDefend; %ProgramFiles%\Windows Defender\mpsvc.dll [X]
S2 wscsvc; %SYSTEMROOT%\system32\wscsvc.dll [X]
S3 catchme; \??\C:\Users\Diego\AppData\Local\Temp\catchme.sys [X] <==== ATTENTION
U5 W32Time; C:\Windows\system32\svchost.exe [20992 2009-07-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
2019-02-24 13:12 - 2019-02-24 13:12 - 012116824 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Diego\Escritorio\avgclear.exe
2019-02-24 13:10 - 2019-02-24 13:10 - 010370944 _____ (AVAST Software) C:\Users\Diego\Escritorio\avastclear.exe
2019-02-14 10:07 - 2018-01-30 13:08 - 000000000 ____D C:\Users\I2\AppData\Local\AVG
2019-02-14 08:57 - 2018-01-30 13:08 - 000000000 ____D C:\Users\TEMP\AppData\Local\AVG
2019-02-14 08:57 - 2016-04-01 16:04 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\AVAST Software
2019-02-24 13:24 - 2018-07-17 14:33 - 000000000 ____D C:\Users\Diego\AppData\Local\AVAST Software
2019-02-24 13:24 - 2018-01-19 03:22 - 000000000 ____D C:\Program Files\AVG
2019-02-24 13:24 - 2017-12-06 11:50 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2019-02-24 13:24 - 2016-02-14 13:58 - 000000000 ____D C:\ProgramData\AVAST Software
2019-02-13 11:01 - 2018-03-21 23:11 - 000000000 ____D C:\Users\Invitado\AppData\Local\AVAST Software
2019-01-15 11:21 - 2019-01-15 11:21 - 002580480 _____ (Opera Software) C:\Users\Invitado\AppData\Local\Temp\Opera_installer_1901151421315247028.dll
Task: {2A50F7CF-ED61-4A97-8FBD-09F42D46D908} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
Task: {44495661-1558-4FB8-9C3D-D1F25AE3D023} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {56FCA812-80EB-476A-94C3-7E461BDDBD7F} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files\AVG\AVG PC TuneUp\tuscanx.exe
Task: {78370DCE-7583-4A8C-AF8E-8994C0BD99F5} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
DeleteKey: [HKEY_USERS\S-1-5-21-4176836711-1023169650-3318900086-1000\0=0;+�10+0)+ahttps://secure.comodo.net/CPS*��H]

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: (0) Failed to create a restore point.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\USB Security" => removed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeGCInvoker-1.0" => removed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ArgenteRC" => removed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully.
"HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GUDelayStartup" => removed successfully.
"HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Smart Cleaning" => removed successfully.
C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\l8ga9exw.default-1477268946708\Extensions\[email protected] => moved successfully
C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\l8ga9exw.default-1477268946708\Extensions\[email protected] => moved successfully
CHR Extension: (Anti Miner - No 1 Coin Minerblock) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\abgnbkcdbiafipllamhhmikhgjolhdaf [2017-12-28] => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => removed successfully.
HKLM\System\CurrentControlSet\Services\WinDefend => removed successfully.
WinDefend => service removed successfully.
HKLM\System\CurrentControlSet\Services\wscsvc => removed successfully.
wscsvc => service removed successfully.
HKLM\System\CurrentControlSet\Services\catchme => removed successfully.
catchme => service removed successfully.
HKLM\System\CurrentControlSet\Services\W32Time => removed successfully.
W32Time => service removed successfully.
C:\Users\Diego\Escritorio\avgclear.exe => moved successfully
C:\Users\Diego\Escritorio\avastclear.exe => moved successfully
C:\Users\I2\AppData\Local\AVG => moved successfully
C:\Users\TEMP\AppData\Local\AVG => moved successfully
C:\Users\TEMP\AppData\Roaming\AVAST Software => moved successfully
C:\Users\Diego\AppData\Local\AVAST Software => moved successfully
C:\Program Files\AVG => moved successfully

"C:\Program Files\Common Files\Avast Software" folder move:

Could not move "C:\Program Files\Common Files\Avast Software" => Scheduled to move on reboot.


"C:\ProgramData\AVAST Software" folder move:

Could not move "C:\ProgramData\AVAST Software" => Scheduled to move on reboot.

C:\Users\Invitado\AppData\Local\AVAST Software => moved successfully
C:\Users\Invitado\AppData\Local\Temp\Opera_installer_1901151421315247028.dll => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{2A50F7CF-ED61-4A97-8FBD-09F42D46D908}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A50F7CF-ED61-4A97-8FBD-09F42D46D908}" => removed successfully.
C:\Windows\System32\Tasks\Avast Software\Overseer => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software\Overseer" => removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44495661-1558-4FB8-9C3D-D1F25AE3D023} => not found
C:\Windows\System32\Tasks\Avast Emergency Update => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Emergency Update" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{56FCA812-80EB-476A-94C3-7E461BDDBD7F}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56FCA812-80EB-476A-94C3-7E461BDDBD7F}" => removed successfully.
C:\Windows\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVGPCTuneUp_Task_BkGndMaintenance" => removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{78370DCE-7583-4A8C-AF8E-8994C0BD99F5} => removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78370DCE-7583-4A8C-AF8E-8994C0BD99F5} => removed successfully.
C:\Windows\System32\Tasks\AVAST Software\Avast settings backup => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Avast settings backup => removed successfully.
HKEY_USERS\S-1-5-21-4176836711-1023169650-3318900086-1000\0=0;+�10+0)+ahttps://secure.comodo.net/CPS*��H => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully.
HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.
"HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-4176836711-1023169650-3318900086-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.
"HKU\S-1-5-21-4176836711-1023169650-3318900086-1012\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-4176836711-1023169650-3318900086-1012\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local mientras los medios
est‚n desconectados.

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica:

   Sufijo DNS espec¡fico para la conexi¢n. . : fibertel.com.ar
   V¡nculo: direcci¢n IPv6 local. . . : fe80::cdbb:6138:c49c:d473%12
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.9
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.0.1

Adaptador de Ethernet Conexi¢n de  rea local:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.{AF6D671A-777B-4CBF-BE5B-5187FDE44BFE}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.fibertel.com.ar:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel Reusable ISATAP Interface {9F640117-3CE4-4BDA-9DB4-DAFAC1065747}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel Conexi¢n de  rea local* 15:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : fibertel.com.ar

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

{4BD975FF-72C4-4DAE-87C0-4457B07BDA56} canceled.
{FE1C8CE3-9D7C-4876-AA07-7AEC723C5B99} canceled.
{6B168C1E-6D65-45B3-B884-99519EE6F393} canceled.
3 out of 3 jobs canceled.

========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4490281 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 5357435 B
Edge => 0 B
Chrome => 158608 B
Firefox => 7406837 B
Opera => 172373300 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
LocalService => 0 B
NetworkService => 0 B
Diego => 30787288 B
I2 => 79097574 B
TEMP => 0 B
Invitado => 311084076 B

RecycleBin => 0 B
EmptyTemp: => 590.5 MB temporary data Removed.

================================ 
#84

GRACIAS, ahora LA PRUEBO ENTONCES A LA COMPUTADORA

#85

Hola

De acuerdo, nos comentas cuando la pruebes.

Un saludo

#86

ok parece que quiere andar, lo único q noto es q me sale el mensaje de malwarebytes cuando estoy en chrome “sitio web bloqueado debido a pup” no se si es grave o no ese mensaje, ojala puedas responderme, gracias

#87

Hola

El mensaje de Malwarebytes sale al visitar alguna página concreta?

Un saludo

#90

@Daniela

ningun sitio en especial en gral me aparece este informe

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del evento de protección: 7/3/19
Hora del evento de protección: 22:47
Archivo de registro: 1a6d7c5e-4144-11e9-b5c0-e0cb4ee62916.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.538
Versión del paquete de actualización: 1.0.9582
Licencia: Prueba

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x86
Sistema de archivos: NTFS
Usuario: System

-Detalles del sitio web bloqueado-
Sitio web malicioso: 1
, , Bloqueado, [-1], [-1],0.0.0

-Datos de sitio web-
Categoría: PUP
Dominio: negbar.ad-blocker.org
Dirección IP: 52.85.160.196
Puerto: [49401]
Tipo: Saliente
Archivo: C:\Program Files\Google\Chrome\Application\chrome.exe



(end)

Y he notado q con Vilvaldi tambien me aparece…

bueno si no es grave la seguire probando gracias por todo

#91

Ok sin comentarios entonces cerramos el tema ?

#92

Hola

Has tardado en volver 6 días y en algunas ocasiones hasta 15 días, los demás también tenemos vida propia con nuestras obligaciones, por lo que no exijamos recibir respuesta al momento.

Responde a estas preguntas:

1.- Tienes el disco por si tuvieras que reinstalar el SO? Es original?

2.- Cómo es que tienes Malwarebytes todavía de prueba después de 5 meses? Lo has crackeado?

Realiza los siguientes pasos:

1.- Actualiza Java, tienes versiones antiguas.

2.- Resetea Chrome y/o Vivaldi…eliminando TODAS las extensiones que tengas en ellos y TODOS los motores de búsqueda dejando únicamente el de Google.

Reinicia el equipo, comprueba el funcionamiento y responde en menos de 5 días, no esperes a tener un nuevo problema para volver.

:warning: Y de momento , Por Favor, mientras estemos desinfectando/arreglando tu maquina :

No realices pasos/acciones que NOSOTROS no te hayamos indicado.

No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.

No instales NADA (programas/software/complementos/extensiones del navegador…)

No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…)

No realices por tu cuenta otros procedimientos.

Usa tu equipo EXCLUSIVAMENTE para desinfectarlo/arreglarlo siguiendo nuestras indicaciones.

Un saludo

1 me gusta
#93

Bueno no te enojes solo preguntaba, no estaba exigiendo, no poseo el disco original lo perdi, yo lo baje del enlace q me dieron ustedes, luego desinstale,
varios progr y lo volvi a bajar cuando me lo pidieron, si quieres lo vuelvo a desinstalar, a java lo actualizo desde aca ¿? https://www.java.com/es/download/, porque hace poco baje los archivos y los abri, entiendo q se actualizo Acerca del reseteo, no se si viene la funcion resetear en las opciones la buscare y si no la encuentro hare lo q dices, y solo de crome y/o vivaldi no de Opera Comprendido lo otro

#94

probando, hasta ahora bien

#95

Hola @adm77

Sigue estos pasos, para eliminar las herramientas utilizadas:

Para hacerlo utiliza de nuevo/descarga >> DelFix.exe en tu escritorio.

  • Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador -).

  • Marca todas las casillas, y pulsas en Run

Se abrirá el informe (DelFix.txt), puedes cerrarlo.


Gracias a ti por confiar en ForoSpyware. Ha sido un placer ayudarte :handshake:

Nos alegramos que se te haya resuelto :Bien: Damos el tema por solucionado.

Solucionado

Un saludo

cerrado #98