Chromium que es


#1

hola mientras instalaba un programa para instalar un juego me apareció en la barra de tareas un icono azul parecido al de chrome se llamaba chromium y me parecio que fuese un virus o algo parecido entoses fui ala Guía de detección y eliminación de Malwares 2018 ise lo que decía pero el icono sigue ay y ademas cuando prendo el computador el chromium se abre solo ¿como lo puedo eliminar? agradecería su ayuda


#2

Hola y [email protected] al nuevo Forospyware

Realizaste algún paso de la guía?

Si es asi, pega los logs para revisarlos

Saludos


#3

hola pues esto lo del primer paso de la guía que ise

Rkill 2.9.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2018 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/08/2018 09:28:50 PM in x64 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Users\EQUIPO_5\AppData\Local\chromium\Application\chrome.exe (PID: 3304) [FI]
 * C:\Users\EQUIPO_5\AppData\Local\chromium\Application\chrome.exe (PID: 3304) [UP-HEUR]
 * C:\Users\EQUIPO_5\AppData\Local\chromium\Application\chrome.exe (PID: 3356) [FI]

3 proccesses terminated!

#4

el de malwarebytes no me deja mandar porque tiene muchas letras


#5

Guarda el log en tu pc y usa el boton de flecha arriba en tu respuesta y sube el log


#8

mwarebytes.txt (189,9 KB)


#9

Tienes bastante infectado el pc.

Ahora sigues en orden y me pegas los logs:

Realiza los siguientes pasos, , sin cambiar el orden

1) Descarga Adwcleaner en el escritorio.

  • Desactiva tu antivirus :arrow_forward:Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad.

  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Pulsar en el botón Analizar Ahora, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Iniciar Reparacion.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • Si no encuentra nada, pulsamos “Omitir Reparación

  • El log lo encontramos en la pestaña “Informes”, volviendo a abrir el programa, si es necesario o en"C:\AdwCleaner\Logs\AdwCleaner[C0].txt"

Puedes mirar su manual >> Manual de Adwcleaner

2) Descarga Ccleaner

Instalalo y ejecútalo. En la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine > clic en ejecutar limpiador. Clic en la pestaña Registro > clic en buscar problemas esperas que termine > clic en Reparar Seleccionadas y haces una copia de seguridad.

3 -

  • Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.

  • Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits?

  • Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.

  • En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.

  • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.

En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST

Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.

Pega los reportes de AdwCleaner y Fabar y comentas como va el problema.



#10

lo de desactivar cualquier programa de seguridad incluye malwarebytes? y si es así como lo desactivo

una cosa mas esque el compu lo acababa de comprar y creo que no tiene antivirus


#11

Efectivamente, pues Malwarebytes es también un programa de seguridad (icono junto al reloj- Boton derecho - salir).

Esto es para la versión de pago, si usas la free, no hay que hacer nada


#12

puedo mandar los logs en forma de descarga asi como el anterior que mande ?


#13

Si ,puedes subirlos ,pero intenta pegarlos , pues es mejor para todos

Primero el De adwcleaner.

Luego los de Fabar, uno por respuesta al menos y pones en cada respuesta, al inicio y al final esas etiquetas .

Si tienes problemas, entonces subelos


#14

este es de adwcleaner


# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build:    09-25-2018
# Database: 2018-10-09.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    10-09-2018
# Duration: 00:00:05
# OS:       Windows 7 Ultimate
# Cleaned:  16
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware
Deleted       C:\ProgramData\ByteFence
Deleted       C:\Program Files\ByteFence

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKU\S-1-5-18\Software\ByteFence
Deleted       HKCU\Software\ByteFence
Deleted       HKU\.DEFAULT\Software\ByteFence
Deleted       HKLM\Software\Wow6432Node\ByteFence
Deleted       HKLM\Software\ByteFence
Deleted       HKLM\System\CurrentControlSet\Services\EventLog\Application\ByteFenceService
Deleted       HKCU\Software\csastats
Deleted       HKLM\SOFTWARE\Classes\Directory\shell\ByteFence Folder Scan
Deleted       HKLM\SOFTWARE\Classes\*\shell\ByteFence File Scan
Deleted       HKCU\Software\PRODUCTSETUP
Deleted       HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
Deleted       HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2460 octets] - [09/10/2018 14:04:15]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

#15

tuve un problema en el paso 3, se me olvido salir de malwarebytes y le di a scan pero me sali del malwarebytes apenas me di cuenta


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.10.2018
Ran by EQUIPO_5 (administrator) on EQUIPO_6 (09-10-2018 14:51:56)
Running from C:\Users\EQUIPO_5\Desktop
Loaded Profiles: EQUIPO_5 (Available Profiles: EQUIPO_5)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Faronics Corporation) C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DF5Serv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Faronics Corporation) C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\_$Df\FrzState2k.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft) C:\Program Files (x86)\USB 2.0 PC CAMERA\Camera Snap.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-06] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Snap] => C:\Program Files (x86)\USB 2.0 PC CAMERA\Camera Snap.exe [163840 2008-05-07] (Microsoft)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
Winlogon\Notify\DfLogon: LogonDll.dll [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1058829925-1863850587-550313231-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3207968 2018-09-08] (Valve Corporation)
HKU\S-1-5-21-1058829925-1863850587-550313231-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-10-04] (Disc Soft Ltd)
HKU\S-1-5-21-1058829925-1863850587-550313231-1000\...\Run: [WallpaperHd] => C:\Users\EQUIPO_5\AppData\Local\WallpaperHd\WallpaperHd.exe [1828864 2018-05-04] (WallpaperHd)
HKU\S-1-5-21-1058829925-1863850587-550313231-1000\...\Run: [Chromium] => c:\users\equipo_5\appdata\local\chromium\application\chrome.exe [828416 2017-01-20] (The Chromium Authors)
HKU\S-1-5-21-1058829925-1863850587-550313231-1000\...\Run: [GoogleChromeAutoLaunch_E71DC39FFD261B414080F89BF34448EC] => C:\Users\EQUIPO_5\AppData\Local\chromium\Application\chrome.exe [828416 2017-01-20] (The Chromium Authors)
HKU\S-1-5-21-1058829925-1863850587-550313231-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18594760 2018-09-19] (Piriform Ltd)
HKU\S-1-5-21-1058829925-1863850587-550313231-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1058829925-1863850587-550313231-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-1058829925-1863850587-550313231-1000\...\MountPoints2: {e9e9a6c9-35da-11e4-a195-806e6f6e6963} - E:\autorun.exe
BootExecute: autocheck autochk /k:C /k:D * 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 190.157.8.33 190.157.8.1
Tcpip\..\Interfaces\{D56389F5-72FE-468F-8826-E57048500863}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{D56389F5-72FE-468F-8826-E57048500863}: [DhcpNameServer] 190.157.8.33 190.157.8.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-1058829925-1863850587-550313231-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://co.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1058829925-1863850587-550313231-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: No Name -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-09-29] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-09-29] (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\EQUIPO_5\AppData\Roaming\Mozilla\Firefox\Profiles\74583fw9.default [2018-10-09]
FF Homepage: Mozilla\Firefox\Profiles\74583fw9.default -> hxxp://www.cbm.com.ar/ini/co
FF Extension: (avast! Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2018-08-24] [Legacy] [not signed]
FF Extension: (Skype Click to Call) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14] [Legacy] [not signed]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-09-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-09-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-08-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-08-24] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-10-06] (Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\EQUIPO_5\AppData\Local\Google\Chrome\User Data\Default [2018-10-09]
CHR Extension: (Presentaciones) - C:\Users\EQUIPO_5\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-24]
CHR Extension: (Documentos) - C:\Users\EQUIPO_5\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-24]
CHR Extension: (Google Drive) - C:\Users\EQUIPO_5\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-08-24]
CHR Extension: (YouTube) - C:\Users\EQUIPO_5\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-24]
CHR Extension: (Adobe Acrobat) - C:\Users\EQUIPO_5\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-09-10]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\EQUIPO_5\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-10-04]
CHR Extension: (Hojas de cálculo) - C:\Users\EQUIPO_5\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-24]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\EQUIPO_5\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-24]
CHR Extension: (Avast Online Security) - C:\Users\EQUIPO_5\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-09-26]
CHR Extension: (Skype) - C:\Users\EQUIPO_5\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-08-24]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\EQUIPO_5\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-24]
CHR Extension: (Gmail) - C:\Users\EQUIPO_5\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-08-24]
CHR Extension: (Chrome Media Router) - C:\Users\EQUIPO_5\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-12]
CHR HKU\S-1-5-21-1058829925-1863850587-550313231-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-17] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7994520 2018-08-24] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-08-24] (AVAST Software)
R2 DF5Serv; C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DF5Serv.exe [431616 2008-06-17] (Faronics Corporation) [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3730024 2018-10-04] (Disc Soft Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
S2 escSrv; %SystemRoot%\system32\escsrv.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [199712 2018-08-24] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229384 2018-08-24] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201320 2018-08-24] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-08-24] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59568 2018-08-24] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [249016 2018-08-24] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-08-24] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-09-06] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163392 2018-09-11] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111864 2018-08-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87904 2018-08-28] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027720 2018-08-24] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467320 2018-09-04] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215920 2018-09-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381560 2018-08-24] (AVAST Software)
R0 DeepFrz; C:\Windows\System32\Drivers\DeepFrz.sys [199056 2008-06-17] (Faronics Corporation)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2018-10-08] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2018-10-08] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152688 2018-09-11] (Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [200232 2018-10-09] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [118584 2018-10-09] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [58400 2018-10-09] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [260384 2018-10-09] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [100664 2018-10-09] (Malwarebytes)
S3 usbcamcl; C:\Windows\System32\DRIVERS\usbcamcl.sys [50792 2008-05-07] (usb camera)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-09 14:51 - 2018-10-09 14:53 - 000017962 _____ C:\Users\EQUIPO_5\Desktop\FRST.txt
2018-10-09 14:51 - 2018-10-09 14:51 - 000000000 ____D C:\FRST
2018-10-09 14:49 - 2018-10-09 14:49 - 002414592 _____ (Farbar) C:\Users\EQUIPO_5\Desktop\FRST64.exe
2018-10-09 14:38 - 2018-10-09 14:41 - 000077216 _____ C:\Users\EQUIPO_5\Documents\cc_20181009_143805.reg
2018-10-09 14:26 - 2018-10-09 14:26 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-10-09 14:26 - 2018-10-09 14:26 - 000002796 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-10-09 14:26 - 2018-10-09 14:26 - 000000782 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-10-09 14:26 - 2018-10-09 14:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-10-09 14:25 - 2018-10-09 14:26 - 000000000 ____D C:\Program Files\CCleaner
2018-10-09 14:24 - 2018-10-09 14:25 - 016796856 _____ (Piriform Ltd) C:\Users\EQUIPO_5\Desktop\ccsetup547.exe
2018-10-09 14:01 - 2018-10-09 14:01 - 007592144 _____ (Malwarebytes) C:\Users\EQUIPO_5\Desktop\adwcleaner_7.2.4.0.exe
2018-10-09 13:56 - 2018-10-09 14:09 - 000000000 ____D C:\AdwCleaner
2018-10-09 02:18 - 2018-10-09 02:18 - 000194506 _____ C:\Users\EQUIPO_5\Downloads\mwarebytes.txt
2018-10-08 22:08 - 2018-10-08 22:08 - 000000000 ____D C:\Users\EQUIPO_5\AppData\Local\ESET
2018-10-08 22:07 - 2018-10-08 22:07 - 006985848 _____ (ESET spol. s r.o.) C:\Users\EQUIPO_5\Downloads\esetonlinescanner_esn.exe
2018-10-08 21:04 - 2018-10-08 21:04 - 000000000 ____D C:\Users\EQUIPO_5\AppData\Local\mbam
2018-10-08 21:03 - 2018-10-08 21:03 - 000001827 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-10-08 21:03 - 2018-10-08 21:03 - 000000000 ____D C:\Users\EQUIPO_5\AppData\Local\mbamtray
2018-10-08 21:03 - 2018-10-08 21:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-10-08 21:03 - 2018-10-08 21:03 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-10-08 21:03 - 2018-10-08 21:03 - 000000000 ____D C:\Program Files\Malwarebytes
2018-10-08 21:03 - 2018-09-11 13:18 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-10-08 20:56 - 2018-10-08 20:56 - 000001460 _____ C:\Users\EQUIPO_5\Desktop\iExplore - Acceso directo.lnk
2018-10-08 20:50 - 2018-10-08 20:53 - 081176816 _____ (Malwarebytes ) C:\Users\EQUIPO_5\Desktop\mb3-setup-consumer-3.6.1.2711-1.0.463-1.0.7197.exe
2018-10-08 20:42 - 2018-10-08 21:28 - 000001520 _____ C:\Users\EQUIPO_5\Desktop\Rkill.txt
2018-10-08 20:41 - 2018-10-08 20:41 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\EQUIPO_5\Downloads\iExplore.exe
2018-10-08 20:37 - 2018-10-08 20:38 - 000000000 ____D C:\Users\EQUIPO_5\AppData\Local\{A5799325-81D1-FF9D-EC49-DA75C82126ED}
2018-10-08 19:43 - 2018-10-08 19:44 - 000000000 ____D C:\Users\EQUIPO_5\AppData\Local\Disc_Soft_Ltd
2018-10-08 19:43 - 2018-10-08 19:43 - 000000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2018-10-08 19:42 - 2018-10-08 19:42 - 000000118 _____ C:\Users\EQUIPO_5\AppData\Roaming\WB.CFG
2018-10-08 19:41 - 2018-10-08 19:41 - 000000000 ____D C:\Users\Public\Documents\Catch!
2018-10-08 19:38 - 2018-10-08 19:38 - 000002234 _____ C:\Users\EQUIPO_5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2018-10-08 19:38 - 2018-10-08 19:38 - 000002226 _____ C:\Users\EQUIPO_5\Desktop\Chromium.lnk
2018-10-08 19:37 - 2018-10-08 19:38 - 000000000 ____D C:\Users\EQUIPO_5\AppData\Local\chromium
2018-10-08 19:36 - 2018-10-08 19:36 - 000047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys
2018-10-08 19:34 - 2018-10-08 19:34 - 000030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2018-10-08 19:34 - 2018-10-08 19:34 - 000001733 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2018-10-08 19:34 - 2018-10-08 19:34 - 000000000 ____D C:\Users\EQUIPO_5\AppData\Local\WallpaperHd
2018-10-08 19:34 - 2018-10-08 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2018-10-08 19:33 - 2018-10-09 13:23 - 000000000 ____D C:\Program Files\DAEMON Tools Lite
2018-10-08 19:33 - 2018-10-08 19:44 - 000000000 ____D C:\Users\EQUIPO_5\AppData\Roaming\DAEMON Tools Lite
2018-10-08 19:29 - 2018-10-08 19:33 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2018-10-08 19:06 - 2015-02-02 22:34 - 000095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-10-08 19:06 - 2015-02-02 22:34 - 000094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2018-10-08 19:06 - 2015-02-02 22:31 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2018-10-08 19:06 - 2015-02-02 22:31 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2018-10-08 19:06 - 2015-02-02 22:31 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-10-08 19:06 - 2015-02-02 22:31 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2018-10-08 19:06 - 2015-02-02 22:31 - 000210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-10-08 19:06 - 2015-02-02 22:31 - 000188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2018-10-08 19:06 - 2015-02-02 22:31 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-10-08 19:06 - 2015-02-02 22:31 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-10-08 19:06 - 2015-02-02 22:31 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-10-08 19:06 - 2015-02-02 22:31 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2018-10-08 19:06 - 2015-02-02 22:31 - 000029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-10-08 19:06 - 2015-02-02 22:31 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-10-08 19:06 - 2015-02-02 22:31 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2018-10-08 19:06 - 2015-02-02 22:30 - 000631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2018-10-08 19:06 - 2015-02-02 22:30 - 000440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2018-10-08 19:06 - 2015-02-02 22:30 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-10-08 19:06 - 2015-02-02 22:30 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2018-10-08 19:06 - 2015-02-02 22:30 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2018-10-08 19:06 - 2015-02-02 22:30 - 000146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-10-08 19:06 - 2015-02-02 22:30 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2018-10-08 19:06 - 2015-02-02 22:30 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2018-10-08 19:06 - 2015-02-02 22:30 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2018-10-08 19:06 - 2015-02-02 22:30 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-10-08 19:06 - 2015-02-02 22:30 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-10-08 19:06 - 2015-02-02 22:30 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-10-08 19:06 - 2015-02-02 22:30 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2018-10-08 19:06 - 2015-02-02 22:30 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2018-10-08 19:06 - 2015-02-02 22:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-10-08 19:06 - 2015-02-02 22:29 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2018-10-08 19:06 - 2015-02-02 22:28 - 000686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-10-08 19:06 - 2015-02-02 22:28 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-10-08 19:06 - 2015-02-02 22:28 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-10-08 19:06 - 2015-02-02 22:19 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2018-10-08 19:06 - 2015-02-02 22:12 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2018-10-08 19:06 - 2015-02-02 22:12 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2018-10-08 19:06 - 2015-02-02 22:12 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2018-10-08 19:06 - 2015-02-02 22:12 - 000374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2018-10-08 19:06 - 2015-02-02 22:12 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2018-10-08 19:06 - 2015-02-02 22:12 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-10-08 19:06 - 2015-02-02 22:12 - 000143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2018-10-08 19:06 - 2015-02-02 22:12 - 000103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2018-10-08 19:06 - 2015-02-02 22:12 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2018-10-08 19:06 - 2015-02-02 22:12 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-10-08 19:06 - 2015-02-02 22:12 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-10-08 19:06 - 2015-02-02 22:12 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2018-10-08 19:06 - 2015-02-02 22:11 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-10-08 19:06 - 2015-02-02 22:11 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-10-08 19:06 - 2015-02-02 22:09 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-10-08 19:06 - 2015-02-02 22:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-10-08 19:06 - 2015-02-02 22:08 - 000686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-10-08 19:06 - 2015-02-02 22:08 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-10-08 19:06 - 2015-02-02 21:32 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-10-08 19:06 - 2014-10-31 17:24 - 000619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-10-08 19:06 - 2014-06-27 19:21 - 000532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2018-10-08 19:06 - 2014-06-27 19:21 - 000457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-10-08 19:05 - 2015-02-02 22:34 - 005554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-10-08 19:05 - 2015-02-02 22:34 - 000693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-10-08 19:05 - 2015-02-02 22:34 - 000155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-10-08 19:05 - 2015-02-02 22:33 - 000616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-10-08 19:05 - 2015-02-02 22:31 - 014632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2018-10-08 19:05 - 2015-02-02 22:31 - 004121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2018-10-08 19:05 - 2015-02-02 22:31 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-10-08 19:05 - 2015-02-02 22:31 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2018-10-08 19:05 - 2015-02-02 22:31 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-10-08 19:05 - 2015-02-02 22:31 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2018-10-08 19:05 - 2015-02-02 22:31 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-10-08 19:05 - 2015-02-02 22:31 - 000500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2018-10-08 19:05 - 2015-02-02 22:31 - 000432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2018-10-08 19:05 - 2015-02-02 22:31 - 000314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-10-08 19:05 - 2015-02-02 22:31 - 000309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-10-08 19:05 - 2015-02-02 22:31 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2018-10-08 19:05 - 2015-02-02 22:31 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-10-08 19:05 - 2015-02-02 22:31 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-10-08 19:05 - 2015-02-02 22:31 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2018-10-08 19:05 - 2015-02-02 22:31 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2018-10-08 19:05 - 2015-02-02 22:31 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2018-10-08 19:05 - 2015-02-02 22:30 - 012625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2018-10-08 19:05 - 2015-02-02 22:30 - 001480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2018-10-08 19:05 - 2015-02-02 22:30 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2018-10-08 19:05 - 2015-02-02 22:30 - 001069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2018-10-08 19:05 - 2015-02-02 22:30 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2018-10-08 19:05 - 2015-02-02 22:30 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2018-10-08 19:05 - 2015-02-02 22:30 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2018-10-08 19:05 - 2015-02-02 22:30 - 000296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2018-10-08 19:05 - 2015-02-02 22:30 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-10-08 19:05 - 2015-02-02 22:30 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-10-08 19:05 - 2015-02-02 22:30 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2018-10-08 19:05 - 2015-02-02 22:30 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-10-08 19:05 - 2015-02-02 22:30 - 000032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-10-08 19:05 - 2015-02-02 22:30 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2018-10-08 19:05 - 2015-02-02 22:30 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-10-08 19:05 - 2015-02-02 22:28 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2018-10-08 19:05 - 2015-02-02 22:16 - 003973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-10-08 19:05 - 2015-02-02 22:16 - 003917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-10-08 19:05 - 2015-02-02 22:12 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2018-10-08 19:05 - 2015-02-02 22:12 - 003209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2018-10-08 19:05 - 2015-02-02 22:12 - 001174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2018-10-08 19:05 - 2015-02-02 22:12 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2018-10-08 19:05 - 2015-02-02 22:12 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2018-10-08 19:05 - 2015-02-02 22:12 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2018-10-08 19:05 - 2015-02-02 22:12 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2018-10-08 19:05 - 2015-02-02 22:12 - 000550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-10-08 19:05 - 2015-02-02 22:12 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2018-10-08 19:05 - 2015-02-02 22:12 - 000442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2018-10-08 19:05 - 2015-02-02 22:12 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2018-10-08 19:05 - 2015-02-02 22:12 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2018-10-08 19:05 - 2015-02-02 22:12 - 000259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-10-08 19:05 - 2015-02-02 22:12 - 000248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-10-08 19:05 - 2015-02-02 22:12 - 000221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-10-08 19:05 - 2015-02-02 22:12 - 000195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2018-10-08 19:05 - 2015-02-02 22:12 - 000179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2018-10-08 19:05 - 2015-02-02 22:12 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2018-10-08 19:05 - 2015-02-02 22:12 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-10-08 19:05 - 2015-02-02 22:12 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-10-08 19:05 - 2015-02-02 22:12 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-10-08 19:05 - 2015-02-02 22:12 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2018-10-08 19:05 - 2015-02-02 22:12 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2018-10-08 19:05 - 2015-02-02 22:11 - 012625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2018-10-08 19:05 - 2015-02-02 22:11 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2018-10-08 19:05 - 2015-02-02 22:11 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2018-10-08 19:05 - 2015-02-02 22:09 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2018-10-08 19:05 - 2015-01-30 18:56 - 000459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-10-08 19:01 - 2018-10-08 19:03 - 045918843 _____ C:\Users\EQUIPO_5\Downloads\Windows6.1-KB3033929-x64.msu
2018-10-08 18:08 - 2018-10-08 18:08 - 000692488 _____ (Disc Soft Ltd.) C:\Users\EQUIPO_5\Downloads\DTLiteInstaller.exe
2018-10-08 17:34 - 2015-06-06 18:13 - 000961192 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-10-08 17:34 - 2015-06-06 18:13 - 000062304 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:13 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:13 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:13 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:13 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:13 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:13 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:13 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:13 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-10-08 17:34 - 2015-06-06 18:13 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:13 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:13 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:13 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:13 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:13 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:13 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:13 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-10-08 17:34 - 2015-06-06 18:13 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-10-08 17:34 - 2015-06-06 18:13 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:13 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:13 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:13 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:13 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-10-08 17:34 - 2015-06-06 18:08 - 000883712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-10-08 17:34 - 2015-06-06 18:08 - 000064352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:08 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:08 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:08 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:08 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-10-08 17:34 - 2015-06-06 18:08 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-10-08 17:34 - 2015-06-06 18:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-10-08 17:34 - 2015-06-06 18:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2018-10-08 17:34 - 2015-06-06 18:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2018-10-08 17:11 - 2018-10-08 17:12 - 000177720 _____ C:\Users\EQUIPO_5\Downloads\desktop screenshot 2018.10.06 - 13.02.20.91-2gmsveui.png.crdownload
2018-10-06 20:58 - 2018-10-06 20:58 - 000000000 ____D C:\Users\Public\Facebook Games
2018-10-06 20:33 - 2018-10-06 20:33 - 000795696 _____ C:\Users\EQUIPO_5\Downloads\UnityDownloadAssistant-2018.2.11f1.exe
2018-10-06 20:29 - 2018-10-06 21:03 - 000000000 ____D C:\Users\EQUIPO_5\AppData\Local\Facebook
2018-10-06 20:27 - 2018-10-06 20:27 - 000260696 _____ (Facebook) C:\Users\EQUIPO_5\Downloads\FacebookGameroom.exe
2018-10-06 19:28 - 2018-10-06 19:28 - 005260456 _____ (techPowerUp (www.techpowerup.com)) C:\Users\EQUIPO_5\Downloads\GPU-Z.2.11.0.exe
2018-10-01 00:30 - 2018-10-01 00:30 - 000001894 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Operation7.lnk
2018-10-01 00:30 - 2018-10-01 00:30 - 000001888 _____ C:\Users\EQUIPO_5\Desktop\Operation7.lnk
2018-10-01 00:30 - 2018-10-01 00:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Operation7
2018-10-01 00:23 - 2018-10-01 00:23 - 000000000 ____D C:\Game
2018-09-30 23:44 - 2018-10-01 00:20 - 1189151608 _____ (Softnyx Co., Ltd. ) C:\Users\EQUIPO_5\Desktop\Operation7_20122017Ver1.7(Espanol).exe
2018-09-30 23:22 - 2018-09-30 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Axeso5
2018-09-30 19:25 - 2018-09-30 19:25 - 004615656 _____ C:\Users\EQUIPO_5\Downloads\1527775984_ENY_FORTNITE_WEAPONS_PACK.zip
2018-09-30 00:21 - 2018-10-07 12:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2018-09-30 00:21 - 2018-09-30 00:21 - 000000000 ____D C:\Users\EQUIPO_5\Documents\GTA San Andreas User Files
2018-09-30 00:21 - 2018-09-30 00:21 - 000000000 ____D C:\Users\EQUIPO_5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2018-09-29 22:25 - 2018-09-29 22:25 - 000894691 _____ (Seemann, Deji, Alien ) C:\Users\EQUIPO_5\Downloads\CLEO4_setup.exe
2018-09-29 16:45 - 2018-09-29 16:45 - 000000000 ____D C:\Users\EQUIPO_5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2018-09-29 14:14 - 2018-09-29 14:51 - 000000000 ____D C:\Users\EQUIPO_5\AppData\Roaming\.minecraft
2018-09-29 14:13 - 2018-09-29 14:14 - 000000000 ____D C:\Users\EQUIPO_5\AppData\Roaming\.tlauncher
2018-09-29 14:11 - 2018-09-29 14:11 - 000000000 ____D C:\Users\EQUIPO_5\AppData\Roaming\Sun
2018-09-29 14:11 - 2018-09-29 14:11 - 000000000 ____D C:\Users\EQUIPO_5\AppData\LocalLow\Sun
2018-09-29 14:10 - 2018-09-29 14:10 - 000098680 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2018-09-29 14:10 - 2018-09-29 14:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-09-29 14:09 - 2018-09-29 14:09 - 000000000 ____D C:\ProgramData\Oracle
2018-09-29 14:09 - 2018-09-29 14:09 - 000000000 ____D C:\Program Files (x86)\Java
2018-09-29 14:00 - 2018-09-29 14:00 - 000001322 _____ C:\Users\EQUIPO_5\Desktop\PartyHardGame - Acceso directo.lnk
2018-09-27 20:49 - 2018-10-08 20:44 - 000000000 ____D C:\Users\EQUIPO_5\Documents\Lightshot
2018-09-26 00:12 - 2018-09-27 23:16 - 023423042 _____ C:\Users\EQUIPO_5\Documents\TAREA DIAPOSITIVAS.pptx
2018-09-25 22:33 - 2018-09-25 22:34 - 000000000 ____D C:\Users\EQUIPO_5\Downloads\Plantillas PowerPoint
2018-09-25 22:17 - 2018-09-25 22:24 - 269889457 _____ C:\Users\EQUIPO_5\Downloads\Plantillas PowerPoint.rar
2018-09-25 21:16 - 2018-10-09 14:16 - 000000394 _____ C:\Windows\Tasks\update-sys.job
2018-09-25 21:16 - 2018-10-09 13:23 - 000000394 _____ C:\Windows\Tasks\update-S-1-5-21-1058829925-1863850587-550313231-1000.job
2018-09-25 21:16 - 2018-09-25 21:16 - 000003290 _____ C:\Windows\System32\Tasks\update-sys
2018-09-25 21:16 - 2018-09-25 21:16 - 000003274 _____ C:\Windows\System32\Tasks\update-S-1-5-21-1058829925-1863850587-550313231-1000
2018-09-25 21:16 - 2018-09-25 21:16 - 000000425 _____ C:\Users\EQUIPO_5\AppData\Local\UserProducts.xml
2018-09-25 21:16 - 2018-09-25 21:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2018-09-25 21:16 - 2018-09-25 21:16 - 000000000 ____D C:\Program Files (x86)\Skillbrains
2018-09-25 21:13 - 2018-09-25 21:15 - 002731128 _____ (Skillbrains ) C:\Users\EQUIPO_5\Downloads\setup-lightshot.exe
2018-09-23 19:01 - 2018-09-23 19:01 - 000006935 _____ C:\Users\EQUIPO_5\AppData\Localtransition_ed83d2a0133b83303638a4a6f0392713.ini
2018-09-23 19:00 - 2018-09-23 19:08 - 000000000 ____D C:\Users\EQUIPO_5\AppData\Local\Ankama
2018-09-23 15:04 - 2018-09-23 15:04 - 009154560 _____ C:\Users\EQUIPO_5\Desktop\hamachi.msi
2018-09-23 14:45 - 2018-09-23 14:45 - 000000000 ___HD C:\$AV_ASW
2018-09-23 13:47 - 2018-09-23 13:47 - 000000000 ____D C:\Users\EQUIPO_5\AppData\Local\LogMeIn
2018-09-23 13:47 - 2018-09-23 13:47 - 000000000 ____D C:\ProgramData\LogMeIn
2018-09-22 15:38 - 2018-10-04 23:13 - 000001313 _____ C:\Users\EQUIPO_5\Desktop\Roblox Player.lnk
2018-09-22 15:35 - 2018-10-04 23:13 - 000001132 _____ C:\Users\EQUIPO_5\Desktop\Roblox Studio.lnk
2018-09-22 15:35 - 2018-10-04 23:13 - 000000254 _____ C:\Users\EQUIPO_5\AppData\LocalLow\rbxcsettings.rbx
2018-09-22 15:35 - 2018-10-04 23:13 - 000000000 ____D C:\Users\EQUIPO_5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2018-09-22 15:35 - 2018-09-22 16:39 - 000000000 ____D C:\Users\EQUIPO_5\AppData\Local\Roblox
2018-09-22 15:34 - 2018-09-22 15:35 - 000748088 _____ (Roblox Corporation) C:\Users\EQUIPO_5\Desktop\RobloxPlayerLauncher.exe
2018-09-22 15:12 - 2018-09-22 15:12 - 000000000 ____D C:\Users\EQUIPO_5\Workshop
2018-09-22 15:12 - 2018-09-22 15:12 - 000000000 ____D C:\Users\EQUIPO_5\AppData\Roaming\REVOLT
2018-09-22 15:12 - 2018-09-22 15:12 - 000000000 ____D C:\Users\EQUIPO_5\AppData\LocalLow\Landfall West
2018-09-22 14:34 - 2018-09-22 14:34 - 005835025 _____ (UserBenchmark.com) C:\Users\EQUIPO_5\Downloads\UserBenchMark.exe
2018-09-19 20:56 - 2018-10-09 01:23 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-09-16 16:17 - 2018-09-16 16:19 - 000000000 ____D C:\Users\EQUIPO_5\AppData\Roaming\Nidhogg
2018-09-16 16:17 - 2018-09-16 16:17 - 000000000 ____D C:\ProgramData\Steam
2018-09-15 22:02 - 2018-09-15 22:03 - 000000000 ____D C:\Users\EQUIPO_5\Documents\DuckGame
2018-09-15 21:56 - 2018-09-15 21:56 - 000000000 ____D C:\Users\EQUIPO_5\AppData\Local\Steam
2018-09-15 21:49 - 2018-10-09 14:33 - 000000000 ____D C:\Program Files (x86)\Steam
2018-09-15 21:49 - 2018-09-15 21:49 - 000000963 _____ C:\Users\Public\Desktop\Steam.lnk
2018-09-15 21:49 - 2018-09-15 21:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2018-09-15 21:48 - 2018-09-15 21:49 - 001573568 _____ C:\Users\EQUIPO_5\Desktop\SteamSetup.exe
2018-09-15 21:48 - 2018-09-15 21:48 - 000001129 _____ C:\Users\EQUIPO_5\Desktop\DuckGame - Acceso directo.lnk
2018-09-15 21:36 - 2018-09-15 22:05 - 000000000 ____D C:\Users\EQUIPO_5\Desktop\Duck Game_ (GAMESJL)
2018-09-15 21:29 - 2018-09-15 21:35 - 171558502 _____ C:\Users\EQUIPO_5\Desktop\Duck Game_ (GAMESJL)VF.rar
2018-09-15 20:07 - 2018-09-15 20:07 - 000000000 ____D C:\Users\EQUIPO_5\AppData\Local\HyperLightDrifter
2018-09-15 19:54 - 2018-09-15 19:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2018-09-15 16:15 - 2018-09-15 16:15 - 000000000 ____D C:\Users\EQUIPO_5\AppData\LocalLow\Dodge Roll
2018-09-13 22:44 - 2018-09-13 22:46 - 056167424 _____ C:\Users\EQUIPO_5\Downloads\Undertale Wave Bank.rar
2018-09-13 16:11 - 2018-09-13 16:44 - 000000000 ____D C:\Users\EQUIPO_5\Desktop\jugadores
2018-09-10 19:50 - 2018-09-10 19:50 - 000000000 ____D C:\Users\EQUIPO_5\AppData\LocalLow\Adobe
2018-09-10 19:50 - 2018-09-10 19:50 - 000000000 ____D C:\Users\EQUIPO_5\AppData\Local\CEF
2018-09-09 23:06 - 2018-09-09 23:06 - 000002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2018-09-09 23:05 - 2018-09-09 23:05 - 000000000 ____D C:\Program Files (x86)\Adobe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-09 14:52 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2018-10-09 14:33 - 2018-09-05 18:30 - 000000000 ____D C:\Windows\Minidump
2018-10-09 14:33 - 2014-09-06 04:31 - 000000000 ____D C:\Windows\Panther
2018-10-09 14:17 - 2009-07-13 23:45 - 000026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-10-09 14:17 - 2009-07-13 23:45 - 000026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-10-09 14:10 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-10-09 13:38 - 2014-09-10 10:33 - 000000976 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1058829925-1863850587-550313231-1004UA.job
2018-10-09 01:25 - 2018-08-27 22:08 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-10-08 19:26 - 2009-07-14 00:09 - 000000000 ____D C:\Windows\System32\Tasks\WPD
2018-10-08 19:23 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2018-10-08 19:23 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\Dism
2018-10-08 18:27 - 2014-09-06 15:27 - 001650540 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-10-08 18:27 - 2010-11-21 02:09 - 000747396 _____ C:\Windows\system32\perfh00A.dat
2018-10-08 18:27 - 2010-11-21 02:09 - 000158868 _____ C:\Windows\system32\perfc00A.dat
2018-10-08 18:27 - 2009-07-14 00:13 - 001650540 _____ C:\Windows\system32\PerfStringBackup.INI
2018-10-08 17:41 - 2014-09-06 15:33 - 000000000 ____D C:\ProgramData\Package Cache
2018-10-07 12:13 - 2018-08-24 21:26 - 000000000 ____D C:\Users\EQUIPO_5\AppData\Local\ElevatedDiagnostics
2018-10-01 10:38 - 2014-09-10 10:33 - 000000954 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1058829925-1863850587-550313231-1004Core.job
2018-09-29 14:00 - 2018-08-30 20:28 - 000000000 ____D C:\Users\EQUIPO_5\Desktop\Party Hard v1.4.035.r-PiviGames.blog
2018-09-23 19:57 - 2018-08-25 12:36 - 000000000 ____D C:\Users\EQUIPO_5\Documents\My Games
2018-09-22 15:12 - 2014-09-06 10:43 - 000000000 ____D C:\Users\EQUIPO_5
2018-09-17 16:46 - 2018-08-24 20:41 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-17 16:46 - 2018-08-24 20:41 - 000002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-09-16 13:21 - 2018-08-25 12:20 - 000000000 ____D C:\Games
2018-09-12 12:03 - 2014-09-06 12:10 - 000215920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-09-11 12:07 - 2014-09-06 11:58 - 000163392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-09-10 19:50 - 2014-09-09 13:00 - 000000000 ____D C:\Users\EQUIPO_5\AppData\Local\Adobe
2018-09-10 19:50 - 2014-09-06 17:43 - 000000000 ____D C:\Users\EQUIPO_5\AppData\Roaming\Adobe
2018-09-09 23:05 - 2014-09-09 13:02 - 000000000 ____D C:\ProgramData\Adobe

==================== Files in the root of some directories =======

2018-10-08 19:42 - 2018-10-08 19:42 - 000000118 _____ () C:\Users\EQUIPO_5\AppData\Roaming\WB.CFG
2018-08-24 21:58 - 2018-08-25 17:29 - 000007603 _____ () C:\Users\EQUIPO_5\AppData\Local\Resmon.ResmonCfg
2018-09-25 21:16 - 2018-09-25 21:16 - 000000003 _____ () C:\Users\EQUIPO_5\AppData\Local\updater.log
2018-09-25 21:16 - 2018-09-25 21:16 - 000000425 _____ () C:\Users\EQUIPO_5\AppData\Local\UserProducts.xml

Some files in TEMP:
====================
2018-10-01 00:51 - 2018-10-08 15:46 - 000000000 _____ () C:\Users\EQUIPO_5\AppData\Local\Temp\7dd1e1189f9fcf05a559dccee48d89c6.dll
2018-10-08 18:08 - 2018-10-08 18:10 - 039062304 _____ (Disc Soft Ltd.) C:\Users\EQUIPO_5\AppData\Local\Temp\DAEMON Tools Lite.exe


#16


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-10-07 19:30

==================== End of FRST.txt ============================

#17

El problema esta localizado, pero te falta poner el otro log, Addition.txt


#18

no lo pude poner porque la pagina no me dejo,aqui esta


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06.10.2018
Ran by EQUIPO_5 (09-10-2018 14:53:53)
Running from C:\Users\EQUIPO_5\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2014-09-06 15:43:09)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1058829925-1863850587-550313231-500 - Administrator - Disabled)
EQUIPO_5 (S-1-5-21-1058829925-1863850587-550313231-1000 - Administrator - Enabled) => C:\Users\EQUIPO_5
Invitado (S-1-5-21-1058829925-1863850587-550313231-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY FineReader 9.0 Sprint (HKLM-x32\...\{F9000000-0018-0000-0000-074957833700}) (Version: 9.01.513.58212 - ABBYY) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.008.20074 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{3096080B-BFA4-F2E5-0E2B-D289933054C5}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.47 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0637 - Disc Soft Ltd)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains)
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{86CE1746-9EFF-3C9C-8755-81EA8903AC34}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
Operation7 (HKLM-x32\...\Operation7_is1) (Version: 1 - Softnyx Co., Ltd.)
Paquete de controladores de Windows - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.88.617.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Roblox Player for EQUIPO_5 (HKU\S-1-5-21-1058829925-1863850587-550313231-1000\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - Roblox Corporation)
Roblox Player for EQUIPO_5 (HKU\S-1-5-21-1058829925-1863850587-550313231-1000\...\roblox-player) (Version:  - Roblox Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
USB2.0 PC CAMERA (HKLM-x32\...\{58D4FB3A-98E9-4B9B-B01E-7F005AEFE019}) (Version: 1.00.0000 - USB 2.0 PC CAMERA)
WallpaperHd (HKU\S-1-5-21-1058829925-1863850587-550313231-1000\...\WallpaperHd) (Version: 1.0.0.1 - WallpaperHd)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1058829925-1863850587-550313231-1000_Classes\CLSID\{F7B8E2CA-97DF-4974-BDF1-3D93EDC93A5E}\InprocServer32 -> C:\Users\EQUIPO_5\AppData\Local\WallpaperHd\WallpaperHdLib64.dll (WallpaperHd)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-24] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-24] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-24] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-09-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-09-11] (Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-04] (Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-24] (AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-04] (Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2014-04-17] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-24] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-09-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-09-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0083BCB5-AB9D-4AE8-AD10-0F6921E29267} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {1D596988-C5FB-439E-8D74-2024B4300A60} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {578AC678-5F2A-4126-B9C9-E63AF1D7AC0E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
Task: {676660A1-CAF1-42F9-8946-B0E420312455} - System32\Tasks\update-S-1-5-21-1058829925-1863850587-550313231-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {78994F1D-0119-45E2-8D0C-CC0E20CC4A48} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1058829925-1863850587-550313231-1004UA => C:\Users\USUARIOS INTERNET\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {8F020113-9F64-4166-9638-98F9C4736BEE} - System32\Tasks\{5C52A6EB-DCE2-4B3A-BCF0-D95956B92F29} => C:\Windows\system32\pcalua.exe -a "C:\Users\EQUIPO_5\Desktop\Deep Freeze.exe" -d C:\Users\EQUIPO_5\Desktop
Task: {A0C41B93-E887-4580-9498-C5911DF2FECA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1058829925-1863850587-550313231-1004Core => C:\Users\USUARIOS INTERNET\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {B43E55C2-CF6E-4B0B-A440-7896AD6FC4C6} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-24] (AVAST Software)
Task: {B80B3141-BBEA-4E79-8296-7004908DF42C} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: {B8F0EA8C-A040-4066-BAFD-44B7C61709C9} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-19] (Piriform Ltd)
Task: {BB323CEB-02A9-455C-A55C-DDF8D98EF0CF} - System32\Tasks\{A33E7100-36D7-4406-ADF2-92C2E46FA90E} => C:\Windows\system32\pcalua.exe -a "D:\Control\Cliente 1.exe" -d D:\Control
Task: {BC83E9CF-227D-48ED-9140-9128B19D31F7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2018-09-14] (AVAST Software)
Task: {BED45BEB-A7F2-43C0-AD61-3290CB389BD6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-08-24] (Google Inc.)
Task: {CEC30E0A-9272-4262-8AA9-60ECD3DF3137} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-08-24] (Google Inc.)
Task: {F58FFF03-4BD6-45CB-AFB5-B6D038C61B71} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-19] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1058829925-1863850587-550313231-1004Core.job => C:\Users\USUARIOS INTERNET\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1058829925-1863850587-550313231-1004UA.job => C:\Users\USUARIOS INTERNET\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-1058829925-1863850587-550313231-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2018-10-08 21:03 - 2018-09-12 17:57 - 002785784 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-10-08 21:03 - 2018-09-12 11:35 - 002701064 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-08-24 20:43 - 2018-08-24 20:43 - 000703192 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2018-10-08 19:41 - 2018-10-08 19:41 - 003190272 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\DotNetCommon\330dc9c999d1e0b3a0676a749f213c58\DotNetCommon.ni.dll
2018-10-04 08:11 - 2018-10-04 08:11 - 000079872 _____ () C:\Program Files\DAEMON Tools Lite\ToastNotificationControl.dll
2014-04-17 22:29 - 2014-04-17 22:29 - 000102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2018-09-19 03:13 - 2018-09-19 03:13 - 000095168 _____ () C:\Program Files\CCleaner\lang\lang-1034.dll
2018-09-17 16:46 - 2018-09-15 03:26 - 005110616 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libglesv2.dll
2018-09-17 16:46 - 2018-09-15 03:26 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libegl.dll
2018-08-24 20:43 - 2018-08-24 20:43 - 000575704 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-10-09 13:20 - 2018-10-09 13:20 - 005704848 _____ () C:\Program Files\AVAST Software\Avast\defs\18100904\algo.dll
2018-08-24 20:43 - 2018-08-24 20:43 - 000541400 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-08-24 20:43 - 2018-08-24 20:43 - 000151768 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-08-24 20:43 - 2018-08-24 20:43 - 000986840 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-09-15 21:55 - 2018-09-05 15:14 - 000876320 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2018-09-15 21:55 - 2016-08-31 20:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2018-09-15 21:55 - 2016-08-31 20:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2018-09-15 21:55 - 2016-08-31 20:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2018-09-15 21:55 - 2018-09-08 15:31 - 002646304 _____ () C:\Program Files (x86)\Steam\video.dll
2018-09-15 21:55 - 2017-12-19 20:43 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2018-09-15 21:55 - 2017-12-19 20:43 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2018-09-15 21:55 - 2017-12-19 20:43 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2018-09-15 21:55 - 2017-12-19 20:43 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2018-09-15 21:55 - 2017-12-19 20:43 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2018-09-15 21:55 - 2018-09-08 15:31 - 001015584 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2018-09-15 21:55 - 2016-07-04 17:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 004300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2018-09-15 21:55 - 2018-09-05 15:14 - 000876320 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2018-09-15 21:55 - 2018-08-27 15:52 - 083524896 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2018-09-15 21:55 - 2018-08-27 15:52 - 003732256 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libglesv2.dll
2018-09-15 21:55 - 2018-08-27 15:52 - 000086304 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2018-10-08 20:58 - 000002103 _____ C:\Windows\system32\Drivers\etc\hosts

0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 rp.yefeneri2.com
0.0.0.0 os.yefeneri2.com
0.0.0.0 os2.yefeneri2.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1058829925-1863850587-550313231-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\EQUIPO_5\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 208.67.222.222 - 208.67.220.220
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{13C2CE56-F6E7-4675-8907-7A39FC17047B}] => (Allow) E:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{217420F3-FA48-47B4-AB18-A2A299E7B89D}] => (Allow) E:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{82F8A965-FF3E-4582-B233-DD64217D9AC3}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{FABDC103-2CDB-40B0-B585-3B1A1C514340}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{0D19BDBC-0352-4F4E-AEB1-5467C20C85B0}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{890F820A-BE4E-4ADB-83A4-2BAB1C607DFA}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{AB00F370-FC7F-4E3B-BF99-035997177B68}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6A8EF6D4-656E-4E35-A369-945DD2B2D746}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AA477C75-AFB4-475D-8CFB-A84F531183B4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{62A46D34-9E35-4741-BD5B-144658576611}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{11130143-462E-420A-A221-D3C4F8DB9864}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F9D45931-6DB2-4179-8525-868E33E16C13}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
FirewallRules: [{F47E2BE4-CB1C-4874-8607-791E4A06C003}] => (Allow) C:\Users\EQUIPO_5\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{CEFECCA9-4D6A-4598-BEF3-BC5B48E15180}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{B9C29162-613C-408C-BA3B-D79F232FFB8E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe

==================== Restore Points =========================

02-10-2018 12:03:43 Punto de control programado
08-10-2018 17:26:49 UE4 Prerequisites (x64)
08-10-2018 17:33:29 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026
08-10-2018 17:34:08 Windows Update
08-10-2018 17:41:00 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026
08-10-2018 19:05:04 Windows Update
08-10-2018 19:34:51 Instalación del paquete de controladores de dispositivo: Disc Soft Ltd Controladoras de almacenamiento
08-10-2018 19:36:58 Instalación del paquete de controladores de dispositivo: Disc Soft Ltd Controladoras de bus serie universal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/09/2018 02:52:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: malwarebytes_assistant.exe, versión: 3.1.0.1614, marca de tiempo: 0x5b9bcc2c
Nombre del módulo con errores: Qt5Core.dll, versión: 5.11.1.0, marca de tiempo: 0x5b9bc256
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x001b91fe
Id. del proceso con errores: 0x1788
Hora de inicio de la aplicación con errores: 0x01d46009a4c8007f
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe
Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Id. del informe: e7d024de-cbfc-11e8-8886-74d43580e261

Error: (10/09/2018 02:10:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (10/09/2018 01:19:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (10/08/2018 09:27:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (10/08/2018 08:59:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (10/08/2018 07:25:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (10/08/2018 06:43:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (10/08/2018 05:41:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddLegacyDriverFiles: Unable to back up image of binary xhunter1.

System Error:
El sistema no puede encontrar el archivo especificado.
.


System errors:
=============
Error: (10/09/2018 02:10:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Cargador del Terminal no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (10/09/2018 02:09:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio ABBYY FineReader 9.0 Sprint Licensing Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (10/09/2018 02:09:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

Error: (10/09/2018 02:09:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Disc Soft Lite Bus Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (10/09/2018 02:09:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Adobe Acrobat Update Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (10/09/2018 02:09:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio DF5Serv se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (10/09/2018 02:09:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Steam Client Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (10/09/2018 02:09:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio AMD FUEL Service se terminó de manera inesperada. Esto ha sucedido 1 veces.


CodeIntegrity:
===================================

Date: 2018-09-24 20:25:32.083
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-09-24 20:25:32.083
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-09-24 10:42:13.613
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-09-24 10:42:13.613
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-09-23 15:14:31.147
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-09-23 15:14:31.147
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-09-23 15:07:15.564
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-09-23 15:07:15.563
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hamachi.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

==================== Memory info =========================== 

Processor: AMD E-350D APU with Radeon(tm) HD Graphics
Percentage of memory in use: 50%
Total physical RAM: 3684.8 MB
Available physical RAM: 1816.03 MB
Total Virtual: 7367.8 MB
Available Virtual: 5192.66 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:351.89 GB) (Free:244.09 GB) NTFS
Drive d: () (Fixed) (Total:578.84 GB) (Free:578.15 GB) NTFS

\\?\Volume{e9e9a6c4-35da-11e4-a195-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.78 GB) (Free:0.75 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 02F1B0D2)
Partition 1: (Active) - (Size=795 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=351.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=578.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#19

Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

  • Para hacerlo descarga Delfix en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:


Start
CreateRestorePoint:
CloseProcesses:

Winlogon\Notify\DfLogon: LogonDll.dll [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1058829925-1863850587-550313231-1000\...\Run: [Chromium] => c:\users\equipo_5\appdata\local\chromium\application\chrome.exe [828416 2017-01-20] (The Chromium Authors)
c:\users\equipo_5\appdata\local\chromium
HKU\S-1-5-21-1058829925-1863850587-550313231-1000\...\Run: [GoogleChromeAutoLaunch_E71DC39FFD261B414080F89BF34448EC] => C:\Users\EQUIPO_5\AppData\Local\chromium\Application\chrome.exe [828416 2017-01-20] (The Chromium Authors)
HKU\S-1-5-21-1058829925-1863850587-550313231-1000\...\MountPoints2: {e9e9a6c9-35da-11e4-a195-806e6f6e6963} - E:\autorun.exe
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
S2 escSrv; %SystemRoot%\system32\escsrv.exe [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2018-10-08 19:38 - 2018-10-08 19:38 - 000002234 _____ C:\Users\EQUIPO_5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2018-10-08 19:38 - 2018-10-08 19:38 - 000002226 _____ C:\Users\EQUIPO_5\Desktop\Chromium.lnk
2018-10-08 19:37 - 2018-10-08 19:38 - 000000000 ____D C:\Users\EQUIPO_5\AppData\Local\chromium
018-10-01 00:51 - 2018-10-08 15:46 - 000000000 _____ () C:\Users\EQUIPO_5\AppData\Local\Temp\7dd1e1189f9fcf05a559dccee48d89c6.dll
2018-10-08 18:08 - 2018-10-08 18:10 - 039062304 _____ (Disc Soft Ltd.) C:\Users\EQUIPO_5\AppData\Local\Temp\DAEMON Tools Lite.exe

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

  • Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro?, para trabajar desde ese modo de windows.

  • Ejecutas Frst.exe.

  • Presionas el botón Fix y aguardas a que termine.

  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, comentado como va el problema


#20

una cosa mas y esque cada ves que abro un programa de los que descargo de forospyware , automáticamente se abre chromiun con un monton de pestañas abiertas


#21

Si haces lo que indico se solucionara…para eso te puse la anterior respuesta


#22

Screenshot_2

la casilla que esta en rrojo la dejo con el chulito? esque dijiste selecciona unicamente create registry backut las demas no