He realizado los análisis propuestos, y por otro lado también he cambiado el cable de red por otro. De momento no he notado ninguna caída de Internet, aunque tampoco he estado delante del ordenador mucho rato seguido para poder juzgar con seguridad.
Muchas gracias!
Malwarebytes
www.malwarebytes.com-Detalles del registro-
Fecha del análisis: 31/12/18
Hora del análisis: 18:54
Archivo de registro: 275294d4-0d25-11e9-87fa-002522d188b7.json
-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.508
Versión del paquete de actualización: 1.0.8569
Licencia: Prueba
-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: DAVID-PC\DAVID
-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 272339
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 4 min, 4 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Advertencia
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 0
(No hay elementos maliciosos detectados)
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 0
(No hay elementos maliciosos detectados)
Deleted HKLM\Software\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Deleted HKLM\Software\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{5A70EF24-1CBD-40DA-A251-5DD3925E840E}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{0E654B52-F382-44ED-9888-45F849735581}
Deleted HKCU\Software\Classes\.acestream
Deleted HKLM\Software\Classes\Prod.cap
Deleted HKCU\Software\Classes\.tslive
Deleted HKCU\Software\Classes\.acemedia
Deleted HKCU\Software\Classes\.acelive
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Search Page
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main|Search Page
Deleted HKCU\Software\Softonic
Deleted HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3739339770-2571176858-3877415890-1000\Software\SpecialSavings
Deleted HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3739339770-2571176858-3877415890-1000\Software\SweetIM
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [12399 octets] - [31/12/2018 19:11:58]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Professional x64
Ran by DAVID (Administrator) on 31/12/2018 at 19:17:53,00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 34
Successfully deleted: C:\ProgramData\babylon (Folder)
Successfully deleted: C:\ProgramData\Start Menu\Programs\coupon printer (Folder)
Successfully deleted: C:\Users\DAVID\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cjpglkicenollcignonpgiafdgfeehoj (Folder)
Successfully deleted: C:\Users\DAVID\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fdloijijlkoblmigdofommgnheckmaki (Folder)
Successfully deleted: C:\Users\DAVID\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dhkplhfnhceodhffomolpfigojocbpcb_0.localstorage (File)
Successfully deleted: C:\Users\DAVID\AppData\Roaming\babylon (Folder)
Successfully deleted: C:\Windows\couponprinter.ocx (File)
Successfully deleted: C:\Program Files (x86)\coupon printer (Folder)
Successfully deleted: C:\Users\DAVID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\099KTY17 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\DAVID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\DAVID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4OW5UFRI (Temporary Internet Files Folder)
Successfully deleted: C:\Users\DAVID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\DAVID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6GKLPA8V (Temporary Internet Files Folder)
Successfully deleted: C:\Users\DAVID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7P0ZRK2J (Temporary Internet Files Folder)
Successfully deleted: C:\Users\DAVID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B360L001 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\DAVID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\DAVID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\DAVID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SQHSAZIP (Temporary Internet Files Folder)
Successfully deleted: C:\Users\DAVID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T32750TS (Temporary Internet Files Folder)
Successfully deleted: C:\Users\DAVID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XD5XF2JB (Temporary Internet Files Folder)
Successfully deleted: C:\Users\DAVID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XZSBBQMO (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\099KTY17 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4OW5UFRI (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6GKLPA8V (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7P0ZRK2J (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B360L001 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SQHSAZIP (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T32750TS (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XD5XF2JB (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XZSBBQMO (Temporary Internet Files Folder)
Deleted the following from C:\Users\DAVID\AppData\Roaming\Mozilla\Firefox\Profiles\b3k8cjal.default\prefs.js
user_pref(browser.urlbar.suggest.searches, false);
Registry: 7
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje (Registry Key)
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{DB131C55-60C8-4ADC-84DC-9E76AB06E2DC} (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{938958E8-355C-49FF-92B0-53C1B87ACEA9} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{938958E8-355C-49FF-92B0-53C1B87ACEA9} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31/12/2018 at 19:25:50,11
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29.12.2018
Ran by DAVID (administrator) on DAVID-PC (31-12-2018 19:33:29)
Running from C:\Users\DAVID\Desktop
Loaded Profiles: DAVID (Available Profiles: DAVID & Invitado)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Users\DAVID\Desktop\adwcleaner_7.2.6.0.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler64.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2184520 2009-03-23] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-17] (CANON INC.)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [9577680 2012-11-08] (COMODO)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-11-26] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\...\Run: [Google Update] => C:\Users\DAVID\AppData\Local\Google\Update\1.3.33.23\GoogleUpdateCore.exe [605992 2018-12-21] (Google Inc.)
HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\...\Run: [AvastBrowserAutoLaunch_9560DD57782AE376F5DBF21A968872DD] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1826600 2018-11-16] (AVAST Software)
HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19589208 2018-12-10] (Piriform Software Ltd)
HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\...\MountPoints2: {3473a4bd-fc4e-11e7-9c74-002522d188b7} - G:\HiSuiteDownLoader.exe
HKLM\...\Drivers32-x32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> C:\Program Files\Windows Mail\WinMail.exe [2009-07-14] (Microsoft Corporation)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\70.0.917.102\Installer\chrmstp.exe [2018-11-26] (AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> C:\Program Files (x86)\Windows Mail\WinMail.exe [2009-07-14] (Microsoft Corporation)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2018-10-19] (Adobe Systems, Inc.)
AppInit_DLLs: C:\Windows\system32\guard64.dll => C:\Windows\system32\guard64.dll [390392 2012-11-08] (COMODO)
AppInit_DLLs-x32: c:\windows\syswow64\guard32.dll => c:\windows\syswow64\guard32.dll [301264 2012-11-08] (COMODO)
AppInit_DLLs-x32: C:\Windows\SysWOW64\guard32.dll => C:\Windows\SysWOW64\guard32.dll [301264 2012-11-08] (COMODO)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-12-22]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (No File)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{23131E43-78A7-4480-9496-5A12661401F0}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://es.yahoo.com/?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.cajamar.es/
HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://es.msn.com/?ocid=iehp
URLSearchHook: HKU\S-1-5-21-3739339770-2571176858-3877415890-1000 - (No Name) - {db131c55-60c8-4adc-84dc-9e76ab06e2dc} - No File
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL =
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b}
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-3739339770-2571176858-3877415890-1000 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL =
SearchScopes: HKU\S-1-5-21-3739339770-2571176858-3877415890-1000 -> Backup.Old.DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-17] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-17] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
DPF: HKLM-x32 {2DAB6EF1-66C3-427C-87CD-8DC448C47EAE} hxxps://www5.aeat.es/es13/h/tgvicab.cab
DPF: HKLM-x32 {947B00D2-962D-4A35-9E48-98EE6A442B41} hxxps://www1.agenciatributaria.gob.es/ADUA/internet/aded1503.cab
DPF: HKLM-x32 {B785FA3C-1DE9-4D20-8396-613C486FE95E} hxxps://www1.agenciatributaria.gob.es/es13/h/cactivex.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
FireFox:
========
FF ProfilePath: C:\Users\DAVID\AppData\Roaming\Mozilla\Firefox\Profiles\b3k8cjal.default [2018-12-31]
FF Homepage: Mozilla\Firefox\Profiles\b3k8cjal.default -> hxxps://prod.uhrs.playmsn.com/Judge/Views/LogIn
FF Session Restore: Mozilla\Firefox\Profiles\b3k8cjal.default -> is enabled.
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\DAVID\AppData\Roaming\Mozilla\Firefox\Profiles\b3k8cjal.default\Extensions\[email protected] [2018-12-22]
FF Extension: (Avast Online Security) - C:\Users\DAVID\AppData\Roaming\Mozilla\Firefox\Profiles\b3k8cjal.default\Extensions\[email protected] [2018-12-22]
FF Extension: (Adblock Plus (versión de desarrollo)) - C:\Users\DAVID\AppData\Roaming\Mozilla\Firefox\Profiles\b3k8cjal.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-12-22]
FF SearchPlugin: C:\Users\DAVID\AppData\Roaming\Mozilla\Firefox\Profiles\b3k8cjal.default\searchplugins\yahoo-avast.xml [2015-01-04]
FF HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: (McAfee Security Scan Plus) - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] [Legacy] [not signed]
FF HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\DAVID\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi
FF Extension: (Ace Script) - C:\Users\DAVID\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2018-11-26]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_101.dll [2018-12-07] ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-04-17] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-07] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2009-03-26] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-21] (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll [2012-01-14] (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll [2012-01-14] (Veetle Inc)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3739339770-2571176858-3877415890-1000: @acestream.net/acestreamplugin,version=3.0.12 -> C:\Users\DAVID\AppData\Roaming\ACEStream\player\npace_plugin.dll [2015-09-25] (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-3739339770-2571176858-3877415890-1000: @tools.google.com/Google Update;version=3 -> C:\Users\DAVID\AppData\Local\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-21] (Google Inc.)
FF Plugin HKU\S-1-5-21-3739339770-2571176858-3877415890-1000: @tools.google.com/Google Update;version=9 -> C:\Users\DAVID\AppData\Local\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-21] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2014-09-03] (Coupons, Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\user.js [2010-11-11]
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://es.yahoo.com/?fr=hp-avast&type=avastbcl"
CHR DefaultSearchURL: Default -> hxxps://es.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
CHR DefaultSearchKeyword: Default -> www.yahoo.com
CHR DefaultSuggestURL: Default -> hxxp://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\DAVID\AppData\Local\Google\Chrome\User Data\Default [2018-12-31]
CHR Extension: (Documentos) - C:\Users\DAVID\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-21]
CHR Extension: (Google Drive) - C:\Users\DAVID\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-03]
CHR Extension: (YouTube) - C:\Users\DAVID\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Búsqueda de Google) - C:\Users\DAVID\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Adobe Acrobat) - C:\Users\DAVID\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-03-30]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\DAVID\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-25]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\DAVID\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-10]
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\DAVID\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp [2014-03-01]
CHR Extension: (Gmail) - C:\Users\DAVID\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\DAVID\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-21]
CHR HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [npiecjlhkngdinoeekmccdbjdgclmnbk] - C:\Users\DAVID\AppData\Local\Temp\ccex.crx <not found>
StartMenuInternet: Google Chrome - C:\Users\DAVID\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-11-26] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-10] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-11-26] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-10] (AVAST Software)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2828408 2012-11-08] (COMODO)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [201240 2018-11-26] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [230344 2018-11-26] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201768 2018-11-26] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346592 2018-11-26] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59496 2018-11-26] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239840 2018-12-03] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46384 2018-11-26] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2018-11-26] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163208 2018-11-26] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111800 2018-11-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87432 2018-11-26] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1028680 2018-11-26] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469272 2018-11-26] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [208472 2018-11-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380464 2018-11-26] (AVAST Software)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [584056 2012-11-08] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [38144 2012-11-08] (COMODO)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-05-26] (DT Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152688 2018-12-04] (Malwarebytes)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [94288 2012-11-08] (COMODO)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2018-12-27] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [126624 2018-12-31] (Malwarebytes)
S3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [72536 2018-12-31] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [261032 2018-12-31] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [103760 2018-12-31] (Malwarebytes)
S3 usbcamcl; C:\Windows\System32\DRIVERS\usbcamcl.sys [54600 2010-04-26] (usb camera)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-12-31 19:33 - 2018-12-31 19:33 - 000019884 _____ C:\Users\DAVID\Desktop\FRST.txt
2018-12-31 19:33 - 2018-12-31 19:33 - 000000000 ____D C:\FRST
2018-12-31 19:32 - 2018-12-31 19:32 - 000006739 _____ C:\Users\DAVID\Desktop\JRT virus.txt
2018-12-31 19:25 - 2018-12-31 19:25 - 000006739 _____ C:\Users\DAVID\Desktop\JRT.txt
2018-12-31 19:16 - 2018-12-31 19:16 - 000072536 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-12-31 19:15 - 2018-12-31 19:15 - 000261032 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-12-31 19:15 - 2018-12-31 19:15 - 000126624 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-12-31 19:15 - 2018-12-31 19:15 - 000103760 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-12-31 19:11 - 2018-12-31 19:12 - 000000000 ____D C:\AdwCleaner
2018-12-31 19:10 - 2018-12-31 19:10 - 000001540 _____ C:\Users\DAVID\Desktop\malwareanalisisdic2018.txt
2018-12-31 18:52 - 2018-12-31 18:53 - 000136750 _____ C:\Users\DAVID\Documents\cc_leanercopiaseguridadregistro.reg
2018-12-31 18:32 - 2018-12-31 19:23 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-12-31 18:32 - 2018-12-31 18:32 - 000002808 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-12-31 18:32 - 2018-12-31 18:32 - 000000782 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-12-31 18:32 - 2018-12-31 18:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-12-31 15:59 - 2018-12-31 15:59 - 002424320 _____ (Farbar) C:\Users\DAVID\Desktop\FRST64.exe
2018-12-31 15:55 - 2018-12-31 15:55 - 007320272 _____ (Malwarebytes) C:\Users\DAVID\Desktop\adwcleaner_7.2.6.0.exe
2018-12-31 15:55 - 2018-12-31 15:55 - 001790024 _____ (Malwarebytes) C:\Users\DAVID\Desktop\JRT.exe
2018-12-31 15:53 - 2018-12-31 15:53 - 019299120 _____ (Piriform Software Ltd) C:\Users\DAVID\Desktop\ccsetup551.exe
2018-12-31 15:47 - 2018-12-31 18:30 - 000000000 ____D C:\Users\DAVID\Desktop\PARA VIRUS DICIEMBRE 2018
2018-12-29 21:09 - 2018-12-29 21:09 - 000000218 _____ C:\Users\DAVID\AppData\Local\recently-used.xbel
2018-12-27 14:51 - 2018-12-27 14:51 - 000198512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-12-26 21:19 - 2018-12-26 21:19 - 000000000 ____D C:\Users\DAVID\AppData\Local\ElevatedDiagnostics
2018-12-25 10:46 - 2018-12-25 10:46 - 007019208 _____ (Valassis) C:\Users\DAVID\Downloads\Valassis-SecurePrintAtHome (18).exe
2018-12-22 22:59 - 2018-12-22 22:59 - 000000831 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-12-22 22:59 - 2018-12-22 22:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-12-22 22:58 - 2018-12-22 22:58 - 000000000 ____D C:\Program Files\VideoLAN
2018-12-22 19:08 - 2018-12-22 19:08 - 000015776 _____ C:\Users\DAVID\Downloads\MCI-CRY 22.12.2018.torrent
2018-12-22 18:23 - 2018-12-22 18:23 - 000015448 _____ C:\Users\DAVID\Downloads\CHE-LEI 22.12.2018.torrent
2018-12-22 10:41 - 2018-12-22 10:41 - 000000000 ____D C:\Users\DAVID\AppData\Local\mbamtray
2018-12-22 10:41 - 2018-12-22 10:41 - 000000000 ____D C:\Users\DAVID\AppData\Local\mbam
2018-12-22 10:40 - 2018-12-22 10:40 - 000001827 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-12-22 10:40 - 2018-12-22 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-12-22 10:40 - 2018-12-22 10:40 - 000000000 ____D C:\Program Files\Malwarebytes
2018-12-22 10:40 - 2018-12-04 08:09 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-12-10 18:02 - 2018-12-10 18:02 - 000032256 _____ C:\Users\Invitado\Downloads\LISTADO ACTUALIZADO SAPHIR 200ML.. 2 (1).xls
2018-12-10 18:00 - 2018-12-10 18:00 - 000032256 _____ C:\Users\Invitado\Downloads\LISTADO ACTUALIZADO SAPHIR 200ML.. 2.xls
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-12-31 19:23 - 2017-05-01 12:52 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-12-31 19:14 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-12-31 19:13 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-12-31 19:12 - 2009-07-14 05:45 - 000020944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-12-31 19:12 - 2009-07-14 05:45 - 000020944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-12-31 18:47 - 2018-03-31 23:05 - 000000000 ____D C:\Users\DAVID\AppData\Roaming\MPC-HC
2018-12-31 18:47 - 2014-12-23 23:11 - 000000000 ____D C:\Program Files (x86)\Steam
2018-12-31 18:47 - 2012-03-04 18:45 - 000000000 ____D C:\Users\DAVID\AppData\Roaming\uTorrent
2018-12-31 18:45 - 2016-12-25 01:18 - 000000000 ____D C:\Users\DAVID\AppData\LocalLow\Mozilla
2018-12-31 18:38 - 2012-06-10 14:47 - 000000000 ____D C:\Windows\Minidump
2018-12-31 18:38 - 2012-03-04 16:50 - 000000000 ____D C:\Windows\Panther
2018-12-31 18:33 - 2012-03-04 18:59 - 000000000 ____D C:\Program Files\CCleaner
2018-12-30 19:36 - 2012-03-04 19:36 - 000000548 _____ C:\Windows\Tasks\hpwebreg_xxxxxxxxxx.job
2018-12-30 17:22 - 2018-03-15 19:02 - 000004492 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-12-30 17:22 - 2015-12-11 15:43 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-12-30 17:22 - 2014-12-23 21:21 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-12-30 17:22 - 2013-11-29 18:55 - 000003170 _____ C:\Windows\System32\Tasks\{5617F1FD-672C-4B61-ACB8-BE681386E276}
2018-12-30 17:22 - 2013-11-29 16:23 - 000003170 _____ C:\Windows\System32\Tasks\{157C0369-E61F-47E8-B68D-92EEF0109809}
2018-12-30 17:22 - 2013-11-27 14:24 - 000003118 _____ C:\Windows\System32\Tasks\{B46B5AAC-E04B-4AFA-9ED8-25EC1BF9099F}
2018-12-30 17:22 - 2013-11-27 14:24 - 000003118 _____ C:\Windows\System32\Tasks\{16385E47-3EDF-4AC9-8BB8-BCD0E9D6CD62}
2018-12-30 17:22 - 2013-05-26 13:16 - 000003534 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-12-30 17:22 - 2013-05-26 13:16 - 000003406 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-30 17:22 - 2012-12-19 14:37 - 000004320 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-12-30 17:22 - 2012-05-15 16:36 - 000003106 _____ C:\Windows\System32\Tasks\{14467514-C0EA-4C39-B79A-D4295BF4DB63}
2018-12-30 17:22 - 2012-04-30 14:59 - 000003182 _____ C:\Windows\System32\Tasks\{FE8F7E4B-7C99-4885-BBDB-ACE93E789291}
2018-12-30 17:22 - 2012-04-11 21:59 - 000003190 _____ C:\Windows\System32\Tasks\{7D0D0A0A-6825-4809-AFFF-924A31D125F7}
2018-12-30 17:22 - 2012-03-04 19:36 - 000003256 _____ C:\Windows\System32\Tasks\hpwebreg_xxxxxxxxxx
2018-12-30 17:22 - 2012-03-04 19:28 - 000003622 _____ C:\Windows\System32\Tasks\HPCustParticipation HP Deskjet 1000 J110 series
2018-12-30 17:22 - 2012-03-04 19:05 - 000003712 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3739339770-2571176858-3877415890-1000UA
2018-12-30 17:22 - 2012-03-04 19:05 - 000003440 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3739339770-2571176858-3877415890-1000Core
2018-12-30 14:18 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2018-12-29 23:41 - 2012-05-04 21:17 - 000000000 ____D C:\Users\DAVID\AppData\Roaming\vlc
2018-12-29 20:20 - 2013-05-26 21:30 - 000000000 _____ C:\Users\DAVID\AppData\Roaming\bitlord_log.txt
2018-12-26 19:59 - 2018-06-10 11:30 - 000000000 ____D C:\Users\DAVID\AppData\Local\AVAST Software
2018-12-25 10:46 - 2015-07-17 14:37 - 000000000 ____D C:\Users\DAVID\AppData\Roaming\Valassis
2018-12-24 14:20 - 2016-12-24 15:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-12-24 14:20 - 2012-04-26 12:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-12-24 14:20 - 2009-07-14 06:08 - 000032522 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-12-22 22:56 - 2012-05-04 21:16 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2018-12-22 22:45 - 2018-01-04 10:46 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2018-12-22 22:44 - 2018-01-04 10:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2018-12-22 22:36 - 2018-01-04 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKV Player
2018-12-22 22:36 - 2018-01-04 10:40 - 000000000 ____D C:\Program Files (x86)\MKV Player
2018-12-22 18:47 - 2017-11-17 18:19 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2018-12-22 18:24 - 2013-05-26 21:30 - 000000000 ____D C:\Users\DAVID\AppData\Roaming\BitLord
2018-12-22 11:07 - 2013-05-26 21:29 - 000000000 ____D C:\Program Files (x86)\BitLord 2
2018-12-22 10:40 - 2012-03-04 19:00 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-12-22 10:40 - 2012-03-04 19:00 - 000000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2018-12-21 21:36 - 2010-11-21 08:09 - 000744748 _____ C:\Windows\system32\perfh00A.dat
2018-12-21 21:36 - 2010-11-21 08:09 - 000157248 _____ C:\Windows\system32\perfc00A.dat
2018-12-21 21:36 - 2009-07-14 06:13 - 001669262 _____ C:\Windows\system32\PerfStringBackup.INI
2018-12-17 15:12 - 2012-03-04 18:48 - 000000000 ____D C:\Users\DAVID\AppData\LocalLow\Temp
2018-12-16 12:53 - 2018-01-07 11:57 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-12-16 12:46 - 2012-03-04 19:07 - 000002381 _____ C:\Users\DAVID\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-16 12:46 - 2012-03-04 19:07 - 000002344 _____ C:\Users\DAVID\Desktop\Google Chrome.lnk
2018-12-13 22:13 - 2017-07-15 10:12 - 000000000 ____D C:\Users\Invitado\AppData\LocalLow\Mozilla
2018-12-13 20:35 - 2018-06-12 18:33 - 000000000 ____D C:\Users\Invitado\AppData\Local\AVAST Software
2018-12-07 11:02 - 2012-04-09 00:09 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-12-07 11:02 - 2012-03-04 18:24 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-12-07 11:02 - 2012-03-04 18:24 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-12-07 11:02 - 2012-03-04 18:24 - 000000000 ____D C:\Windows\system32\Macromed
2018-12-03 21:36 - 2018-01-04 22:16 - 000239840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-12-03 21:33 - 2012-03-05 22:48 - 000000000 ____D C:\Users\DAVID\AppData\LocalLow\Adobe
==================== Files in the root of some directories =======
2013-05-26 21:30 - 2018-12-29 20:20 - 000000000 _____ () C:\Users\DAVID\AppData\Roaming\bitlord_log.txt
2012-05-03 12:12 - 2012-05-03 12:12 - 000000532 _____ () C:\Users\DAVID\AppData\Local\datos.txt
2018-12-29 21:09 - 2018-12-29 21:09 - 000000218 _____ () C:\Users\DAVID\AppData\Local\recently-used.xbel
2012-05-14 11:38 - 2012-05-14 11:38 - 000043976 _____ () C:\Users\DAVID\AppData\Local\save_en.bmp
2012-05-14 11:38 - 2012-05-14 11:38 - 000043976 _____ () C:\Users\DAVID\AppData\Local\save_es.bmp
Some files in TEMP:
====================
2017-03-17 21:50 - 2017-03-17 21:50 - 014456872 ____N (Microsoft Corporation) C:\Users\DAVID\AppData\Local\Temp\vc_redist.x86.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-12-24 15:08
==================== End of FRST.txt ============================