Internet se me cae continuamente


#1

Buenas, mi conexión por cable en el ordenador se me cae continuamente. No es cosa de la conexión a Internet en sí, porque miro en otros dispositivos como tablet, móvil, etc y tengo wifi sin problema. Es en el ordenador principal, conectado por cable, donde está el problema. Lo enciendo y a veces a los pocos minutos, a veces a las varias horas, se me va Internet y tengo que estar deshabilitando la conexión y reiniciando (a veces no se arregla a la primera)

No sé si puede ser algo relacionado con conflictividad con el ipv6. Cuando pincho en conexión de red local me pone “Conectividad Ipv4” -> Internet, “Conectividad ipv6” “Sin acceso a Internet” pero eso me sale tanto cuando me falla como mientras escribo esto. De hecho es que aparentemente nada cambia cuando se me cae el Internet. Sencillamente es que dejo de poder ver ninguna página.

Tengo un router wifi de orange Arcadian prv3399B y windows7


#2

Hola @Ilose.

Has realizado algún tipo de análisis en busca de infecciones en ese equipo.??


#4

usando el Avast me dice que no tengo virus. Eso sí, me detecta que tengo el router mal configurado y vulnerable a ataques, no sé si puede ir la cosa por ahí…


#5

Bien… pues lo primero revisaremos tu maquina, y para hacerlo sigue estos pasos, en el orden indicado y leyendo todo lo explicado. :+1:

:one: Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar :face_with_monocle:) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :


:two: Ejecutas las herramientas de una en una y en el orden indicado :



CCleaner.-

  • Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.

  • Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.

  • Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

  • Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.

  • Realiza un Análisis Completo. :white_check_mark:

  • Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.

  • En el apartado del manual :arrow_forward:Historial :arrow_backward: encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.

AdwCleaner.-

  • Ejecuta Adwcleaner.exe.

  • Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.

  • El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

  • Ejecuta JRT.exe.

  • Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.

  • Si en algún momento te pide Reiniciar hazlo.

  • Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.

  • Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

  • Ejecuta FRST.exe.

  • En el mensaje de la ventana del Disclaimer, pulsamos Yes

  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.

  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

:three: Poner los informes en tu próxima respuesta de :

  • Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden. :+1:

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado. :face_with_monocle:

Saludos.


#6

#7

#8

He realizado los análisis propuestos, y por otro lado también he cambiado el cable de red por otro. De momento no he notado ninguna caída de Internet, aunque tampoco he estado delante del ordenador mucho rato seguido para poder juzgar con seguridad.

Muchas gracias!

Malwarebytes
www.malwarebytes.com-Detalles del registro-
Fecha del análisis: 31/12/18
Hora del análisis: 18:54
Archivo de registro: 275294d4-0d25-11e9-87fa-002522d188b7.json

-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.508
Versión del paquete de actualización: 1.0.8569
Licencia: Prueba

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: DAVID-PC\DAVID

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 272339
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 4 min, 4 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Advertencia
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)
Deleted       HKLM\Software\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Deleted       HKLM\Software\Wow6432Node\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Deleted       HKLM\Software\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{5A70EF24-1CBD-40DA-A251-5DD3925E840E}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{0E654B52-F382-44ED-9888-45F849735581}
Deleted       HKCU\Software\Classes\.acestream
Deleted       HKLM\Software\Classes\Prod.cap
Deleted       HKCU\Software\Classes\.tslive
Deleted       HKCU\Software\Classes\.acemedia
Deleted       HKCU\Software\Classes\.acelive
Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}
Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Main|Search Page
Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main|Search Page
Deleted       HKCU\Software\Softonic
Deleted       HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3739339770-2571176858-3877415890-1000\Software\SpecialSavings
Deleted       HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3739339770-2571176858-3877415890-1000\Software\SweetIM

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [12399 octets] - [31/12/2018 19:11:58]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Professional x64 
Ran by DAVID (Administrator) on 31/12/2018 at 19:17:53,00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 34 

Successfully deleted: C:\ProgramData\babylon (Folder) 
Successfully deleted: C:\ProgramData\Start Menu\Programs\coupon printer (Folder) 
Successfully deleted: C:\Users\DAVID\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cjpglkicenollcignonpgiafdgfeehoj (Folder) 
Successfully deleted: C:\Users\DAVID\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fdloijijlkoblmigdofommgnheckmaki (Folder) 
Successfully deleted: C:\Users\DAVID\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dhkplhfnhceodhffomolpfigojocbpcb_0.localstorage (File) 
Successfully deleted: C:\Users\DAVID\AppData\Roaming\babylon (Folder) 
Successfully deleted: C:\Windows\couponprinter.ocx (File) 
Successfully deleted: C:\Program Files (x86)\coupon printer (Folder) 
Successfully deleted: C:\Users\DAVID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\099KTY17 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\DAVID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\DAVID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4OW5UFRI (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\DAVID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\DAVID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6GKLPA8V (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\DAVID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7P0ZRK2J (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\DAVID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B360L001 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\DAVID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\DAVID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\DAVID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SQHSAZIP (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\DAVID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T32750TS (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\DAVID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XD5XF2JB (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\DAVID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XZSBBQMO (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\099KTY17 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4OW5UFRI (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6GKLPA8V (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7P0ZRK2J (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B360L001 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SQHSAZIP (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T32750TS (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XD5XF2JB (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XZSBBQMO (Temporary Internet Files Folder) 

Deleted the following from C:\Users\DAVID\AppData\Roaming\Mozilla\Firefox\Profiles\b3k8cjal.default\prefs.js
user_pref(browser.urlbar.suggest.searches, false);



Registry: 7 

Successfully deleted: HKLM\Software\Google\Chrome\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje (Registry Key) 
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh (Registry Key) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{DB131C55-60C8-4ADC-84DC-9E76AB06E2DC} (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{938958E8-355C-49FF-92B0-53C1B87ACEA9} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{938958E8-355C-49FF-92B0-53C1B87ACEA9} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value) 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31/12/2018 at 19:25:50,11
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29.12.2018
Ran by DAVID (administrator) on DAVID-PC (31-12-2018 19:33:29)
Running from C:\Users\DAVID\Desktop
Loaded Profiles: DAVID (Available Profiles: DAVID & Invitado)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Users\DAVID\Desktop\adwcleaner_7.2.6.0.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler64.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\splwow64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2184520 2009-03-23] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-17] (CANON INC.)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [9577680 2012-11-08] (COMODO)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-11-26] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\...\Run: [Google Update] => C:\Users\DAVID\AppData\Local\Google\Update\1.3.33.23\GoogleUpdateCore.exe [605992 2018-12-21] (Google Inc.)
HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\...\Run: [AvastBrowserAutoLaunch_9560DD57782AE376F5DBF21A968872DD] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1826600 2018-11-16] (AVAST Software)
HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19589208 2018-12-10] (Piriform Software Ltd)
HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\...\MountPoints2: {3473a4bd-fc4e-11e7-9c74-002522d188b7} - G:\HiSuiteDownLoader.exe
HKLM\...\Drivers32-x32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> C:\Program Files\Windows Mail\WinMail.exe [2009-07-14] (Microsoft Corporation)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\70.0.917.102\Installer\chrmstp.exe [2018-11-26] (AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> C:\Program Files (x86)\Windows Mail\WinMail.exe [2009-07-14] (Microsoft Corporation)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2018-10-19] (Adobe Systems, Inc.)
AppInit_DLLs: C:\Windows\system32\guard64.dll => C:\Windows\system32\guard64.dll [390392 2012-11-08] (COMODO)
AppInit_DLLs-x32: c:\windows\syswow64\guard32.dll => c:\windows\syswow64\guard32.dll [301264 2012-11-08] (COMODO)
AppInit_DLLs-x32:  C:\Windows\SysWOW64\guard32.dll => C:\Windows\SysWOW64\guard32.dll [301264 2012-11-08] (COMODO)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-12-22]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{23131E43-78A7-4480-9496-5A12661401F0}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://es.yahoo.com/?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.cajamar.es/
HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://es.msn.com/?ocid=iehp
URLSearchHook: HKU\S-1-5-21-3739339770-2571176858-3877415890-1000 - (No Name) - {db131c55-60c8-4adc-84dc-9e76ab06e2dc} - No File
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = 
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b}
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-3739339770-2571176858-3877415890-1000 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = 
SearchScopes: HKU\S-1-5-21-3739339770-2571176858-3877415890-1000 -> Backup.Old.DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-17] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-17] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
DPF: HKLM-x32 {2DAB6EF1-66C3-427C-87CD-8DC448C47EAE} hxxps://www5.aeat.es/es13/h/tgvicab.cab
DPF: HKLM-x32 {947B00D2-962D-4A35-9E48-98EE6A442B41} hxxps://www1.agenciatributaria.gob.es/ADUA/internet/aded1503.cab
DPF: HKLM-x32 {B785FA3C-1DE9-4D20-8396-613C486FE95E} hxxps://www1.agenciatributaria.gob.es/es13/h/cactivex.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF ProfilePath: C:\Users\DAVID\AppData\Roaming\Mozilla\Firefox\Profiles\b3k8cjal.default [2018-12-31]
FF Homepage: Mozilla\Firefox\Profiles\b3k8cjal.default -> hxxps://prod.uhrs.playmsn.com/Judge/Views/LogIn
FF Session Restore: Mozilla\Firefox\Profiles\b3k8cjal.default -> is enabled.
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\DAVID\AppData\Roaming\Mozilla\Firefox\Profiles\b3k8cjal.default\Extensions\[email protected] [2018-12-22]
FF Extension: (Avast Online Security) - C:\Users\DAVID\AppData\Roaming\Mozilla\Firefox\Profiles\b3k8cjal.default\Extensions\[email protected] [2018-12-22]
FF Extension: (Adblock Plus (versión de desarrollo)) - C:\Users\DAVID\AppData\Roaming\Mozilla\Firefox\Profiles\b3k8cjal.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-12-22]
FF SearchPlugin: C:\Users\DAVID\AppData\Roaming\Mozilla\Firefox\Profiles\b3k8cjal.default\searchplugins\yahoo-avast.xml [2015-01-04]
FF HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: (McAfee Security Scan Plus) - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] [Legacy] [not signed]
FF HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\DAVID\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi
FF Extension: (Ace Script) - C:\Users\DAVID\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2018-11-26]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_101.dll [2018-12-07] ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-04-17] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-07] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2009-03-26] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-21] (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll [2012-01-14] (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll [2012-01-14] (Veetle Inc)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3739339770-2571176858-3877415890-1000: @acestream.net/acestreamplugin,version=3.0.12 -> C:\Users\DAVID\AppData\Roaming\ACEStream\player\npace_plugin.dll [2015-09-25] (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-3739339770-2571176858-3877415890-1000: @tools.google.com/Google Update;version=3 -> C:\Users\DAVID\AppData\Local\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-21] (Google Inc.)
FF Plugin HKU\S-1-5-21-3739339770-2571176858-3877415890-1000: @tools.google.com/Google Update;version=9 -> C:\Users\DAVID\AppData\Local\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-21] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2014-09-03] (Coupons, Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\user.js [2010-11-11]

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://es.yahoo.com/?fr=hp-avast&type=avastbcl"
CHR DefaultSearchURL: Default -> hxxps://es.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
CHR DefaultSearchKeyword: Default -> www.yahoo.com
CHR DefaultSuggestURL: Default -> hxxp://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\DAVID\AppData\Local\Google\Chrome\User Data\Default [2018-12-31]
CHR Extension: (Documentos) - C:\Users\DAVID\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-21]
CHR Extension: (Google Drive) - C:\Users\DAVID\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-03]
CHR Extension: (YouTube) - C:\Users\DAVID\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Búsqueda de Google) - C:\Users\DAVID\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Adobe Acrobat) - C:\Users\DAVID\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-03-30]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\DAVID\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-25]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\DAVID\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-10]
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\DAVID\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp [2014-03-01]
CHR Extension: (Gmail) - C:\Users\DAVID\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\DAVID\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-21]
CHR HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [npiecjlhkngdinoeekmccdbjdgclmnbk] - C:\Users\DAVID\AppData\Local\Temp\ccex.crx <not found>
StartMenuInternet: Google Chrome - C:\Users\DAVID\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-11-26] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-10] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-11-26] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-10] (AVAST Software)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2828408 2012-11-08] (COMODO)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [201240 2018-11-26] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [230344 2018-11-26] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201768 2018-11-26] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346592 2018-11-26] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59496 2018-11-26] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239840 2018-12-03] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46384 2018-11-26] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2018-11-26] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163208 2018-11-26] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111800 2018-11-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87432 2018-11-26] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1028680 2018-11-26] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469272 2018-11-26] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [208472 2018-11-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380464 2018-11-26] (AVAST Software)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [584056 2012-11-08] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [38144 2012-11-08] (COMODO)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-05-26] (DT Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152688 2018-12-04] (Malwarebytes)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [94288 2012-11-08] (COMODO)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2018-12-27] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [126624 2018-12-31] (Malwarebytes)
S3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [72536 2018-12-31] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [261032 2018-12-31] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [103760 2018-12-31] (Malwarebytes)
S3 usbcamcl; C:\Windows\System32\DRIVERS\usbcamcl.sys [54600 2010-04-26] (usb camera)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-31 19:33 - 2018-12-31 19:33 - 000019884 _____ C:\Users\DAVID\Desktop\FRST.txt
2018-12-31 19:33 - 2018-12-31 19:33 - 000000000 ____D C:\FRST
2018-12-31 19:32 - 2018-12-31 19:32 - 000006739 _____ C:\Users\DAVID\Desktop\JRT virus.txt
2018-12-31 19:25 - 2018-12-31 19:25 - 000006739 _____ C:\Users\DAVID\Desktop\JRT.txt
2018-12-31 19:16 - 2018-12-31 19:16 - 000072536 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-12-31 19:15 - 2018-12-31 19:15 - 000261032 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-12-31 19:15 - 2018-12-31 19:15 - 000126624 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-12-31 19:15 - 2018-12-31 19:15 - 000103760 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-12-31 19:11 - 2018-12-31 19:12 - 000000000 ____D C:\AdwCleaner
2018-12-31 19:10 - 2018-12-31 19:10 - 000001540 _____ C:\Users\DAVID\Desktop\malwareanalisisdic2018.txt
2018-12-31 18:52 - 2018-12-31 18:53 - 000136750 _____ C:\Users\DAVID\Documents\cc_leanercopiaseguridadregistro.reg
2018-12-31 18:32 - 2018-12-31 19:23 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-12-31 18:32 - 2018-12-31 18:32 - 000002808 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-12-31 18:32 - 2018-12-31 18:32 - 000000782 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-12-31 18:32 - 2018-12-31 18:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-12-31 15:59 - 2018-12-31 15:59 - 002424320 _____ (Farbar) C:\Users\DAVID\Desktop\FRST64.exe
2018-12-31 15:55 - 2018-12-31 15:55 - 007320272 _____ (Malwarebytes) C:\Users\DAVID\Desktop\adwcleaner_7.2.6.0.exe
2018-12-31 15:55 - 2018-12-31 15:55 - 001790024 _____ (Malwarebytes) C:\Users\DAVID\Desktop\JRT.exe
2018-12-31 15:53 - 2018-12-31 15:53 - 019299120 _____ (Piriform Software Ltd) C:\Users\DAVID\Desktop\ccsetup551.exe
2018-12-31 15:47 - 2018-12-31 18:30 - 000000000 ____D C:\Users\DAVID\Desktop\PARA VIRUS DICIEMBRE 2018
2018-12-29 21:09 - 2018-12-29 21:09 - 000000218 _____ C:\Users\DAVID\AppData\Local\recently-used.xbel
2018-12-27 14:51 - 2018-12-27 14:51 - 000198512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-12-26 21:19 - 2018-12-26 21:19 - 000000000 ____D C:\Users\DAVID\AppData\Local\ElevatedDiagnostics
2018-12-25 10:46 - 2018-12-25 10:46 - 007019208 _____ (Valassis) C:\Users\DAVID\Downloads\Valassis-SecurePrintAtHome (18).exe
2018-12-22 22:59 - 2018-12-22 22:59 - 000000831 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-12-22 22:59 - 2018-12-22 22:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-12-22 22:58 - 2018-12-22 22:58 - 000000000 ____D C:\Program Files\VideoLAN
2018-12-22 19:08 - 2018-12-22 19:08 - 000015776 _____ C:\Users\DAVID\Downloads\MCI-CRY 22.12.2018.torrent
2018-12-22 18:23 - 2018-12-22 18:23 - 000015448 _____ C:\Users\DAVID\Downloads\CHE-LEI 22.12.2018.torrent
2018-12-22 10:41 - 2018-12-22 10:41 - 000000000 ____D C:\Users\DAVID\AppData\Local\mbamtray
2018-12-22 10:41 - 2018-12-22 10:41 - 000000000 ____D C:\Users\DAVID\AppData\Local\mbam
2018-12-22 10:40 - 2018-12-22 10:40 - 000001827 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-12-22 10:40 - 2018-12-22 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-12-22 10:40 - 2018-12-22 10:40 - 000000000 ____D C:\Program Files\Malwarebytes
2018-12-22 10:40 - 2018-12-04 08:09 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-12-10 18:02 - 2018-12-10 18:02 - 000032256 _____ C:\Users\Invitado\Downloads\LISTADO ACTUALIZADO SAPHIR 200ML.. 2 (1).xls
2018-12-10 18:00 - 2018-12-10 18:00 - 000032256 _____ C:\Users\Invitado\Downloads\LISTADO ACTUALIZADO SAPHIR 200ML.. 2.xls

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-31 19:23 - 2017-05-01 12:52 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-12-31 19:14 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-12-31 19:13 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-12-31 19:12 - 2009-07-14 05:45 - 000020944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-12-31 19:12 - 2009-07-14 05:45 - 000020944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-12-31 18:47 - 2018-03-31 23:05 - 000000000 ____D C:\Users\DAVID\AppData\Roaming\MPC-HC
2018-12-31 18:47 - 2014-12-23 23:11 - 000000000 ____D C:\Program Files (x86)\Steam
2018-12-31 18:47 - 2012-03-04 18:45 - 000000000 ____D C:\Users\DAVID\AppData\Roaming\uTorrent
2018-12-31 18:45 - 2016-12-25 01:18 - 000000000 ____D C:\Users\DAVID\AppData\LocalLow\Mozilla
2018-12-31 18:38 - 2012-06-10 14:47 - 000000000 ____D C:\Windows\Minidump
2018-12-31 18:38 - 2012-03-04 16:50 - 000000000 ____D C:\Windows\Panther
2018-12-31 18:33 - 2012-03-04 18:59 - 000000000 ____D C:\Program Files\CCleaner
2018-12-30 19:36 - 2012-03-04 19:36 - 000000548 _____ C:\Windows\Tasks\hpwebreg_xxxxxxxxxx.job
2018-12-30 17:22 - 2018-03-15 19:02 - 000004492 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-12-30 17:22 - 2015-12-11 15:43 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-12-30 17:22 - 2014-12-23 21:21 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-12-30 17:22 - 2013-11-29 18:55 - 000003170 _____ C:\Windows\System32\Tasks\{5617F1FD-672C-4B61-ACB8-BE681386E276}
2018-12-30 17:22 - 2013-11-29 16:23 - 000003170 _____ C:\Windows\System32\Tasks\{157C0369-E61F-47E8-B68D-92EEF0109809}
2018-12-30 17:22 - 2013-11-27 14:24 - 000003118 _____ C:\Windows\System32\Tasks\{B46B5AAC-E04B-4AFA-9ED8-25EC1BF9099F}
2018-12-30 17:22 - 2013-11-27 14:24 - 000003118 _____ C:\Windows\System32\Tasks\{16385E47-3EDF-4AC9-8BB8-BCD0E9D6CD62}
2018-12-30 17:22 - 2013-05-26 13:16 - 000003534 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-12-30 17:22 - 2013-05-26 13:16 - 000003406 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-30 17:22 - 2012-12-19 14:37 - 000004320 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-12-30 17:22 - 2012-05-15 16:36 - 000003106 _____ C:\Windows\System32\Tasks\{14467514-C0EA-4C39-B79A-D4295BF4DB63}
2018-12-30 17:22 - 2012-04-30 14:59 - 000003182 _____ C:\Windows\System32\Tasks\{FE8F7E4B-7C99-4885-BBDB-ACE93E789291}
2018-12-30 17:22 - 2012-04-11 21:59 - 000003190 _____ C:\Windows\System32\Tasks\{7D0D0A0A-6825-4809-AFFF-924A31D125F7}
2018-12-30 17:22 - 2012-03-04 19:36 - 000003256 _____ C:\Windows\System32\Tasks\hpwebreg_xxxxxxxxxx
2018-12-30 17:22 - 2012-03-04 19:28 - 000003622 _____ C:\Windows\System32\Tasks\HPCustParticipation HP Deskjet 1000 J110 series
2018-12-30 17:22 - 2012-03-04 19:05 - 000003712 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3739339770-2571176858-3877415890-1000UA
2018-12-30 17:22 - 2012-03-04 19:05 - 000003440 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3739339770-2571176858-3877415890-1000Core
2018-12-30 14:18 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2018-12-29 23:41 - 2012-05-04 21:17 - 000000000 ____D C:\Users\DAVID\AppData\Roaming\vlc
2018-12-29 20:20 - 2013-05-26 21:30 - 000000000 _____ C:\Users\DAVID\AppData\Roaming\bitlord_log.txt
2018-12-26 19:59 - 2018-06-10 11:30 - 000000000 ____D C:\Users\DAVID\AppData\Local\AVAST Software
2018-12-25 10:46 - 2015-07-17 14:37 - 000000000 ____D C:\Users\DAVID\AppData\Roaming\Valassis
2018-12-24 14:20 - 2016-12-24 15:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-12-24 14:20 - 2012-04-26 12:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-12-24 14:20 - 2009-07-14 06:08 - 000032522 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-12-22 22:56 - 2012-05-04 21:16 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2018-12-22 22:45 - 2018-01-04 10:46 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2018-12-22 22:44 - 2018-01-04 10:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2018-12-22 22:36 - 2018-01-04 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKV Player
2018-12-22 22:36 - 2018-01-04 10:40 - 000000000 ____D C:\Program Files (x86)\MKV Player
2018-12-22 18:47 - 2017-11-17 18:19 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2018-12-22 18:24 - 2013-05-26 21:30 - 000000000 ____D C:\Users\DAVID\AppData\Roaming\BitLord
2018-12-22 11:07 - 2013-05-26 21:29 - 000000000 ____D C:\Program Files (x86)\BitLord 2
2018-12-22 10:40 - 2012-03-04 19:00 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-12-22 10:40 - 2012-03-04 19:00 - 000000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2018-12-21 21:36 - 2010-11-21 08:09 - 000744748 _____ C:\Windows\system32\perfh00A.dat
2018-12-21 21:36 - 2010-11-21 08:09 - 000157248 _____ C:\Windows\system32\perfc00A.dat
2018-12-21 21:36 - 2009-07-14 06:13 - 001669262 _____ C:\Windows\system32\PerfStringBackup.INI
2018-12-17 15:12 - 2012-03-04 18:48 - 000000000 ____D C:\Users\DAVID\AppData\LocalLow\Temp
2018-12-16 12:53 - 2018-01-07 11:57 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-12-16 12:46 - 2012-03-04 19:07 - 000002381 _____ C:\Users\DAVID\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-16 12:46 - 2012-03-04 19:07 - 000002344 _____ C:\Users\DAVID\Desktop\Google Chrome.lnk
2018-12-13 22:13 - 2017-07-15 10:12 - 000000000 ____D C:\Users\Invitado\AppData\LocalLow\Mozilla
2018-12-13 20:35 - 2018-06-12 18:33 - 000000000 ____D C:\Users\Invitado\AppData\Local\AVAST Software
2018-12-07 11:02 - 2012-04-09 00:09 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-12-07 11:02 - 2012-03-04 18:24 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-12-07 11:02 - 2012-03-04 18:24 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-12-07 11:02 - 2012-03-04 18:24 - 000000000 ____D C:\Windows\system32\Macromed
2018-12-03 21:36 - 2018-01-04 22:16 - 000239840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-12-03 21:33 - 2012-03-05 22:48 - 000000000 ____D C:\Users\DAVID\AppData\LocalLow\Adobe

==================== Files in the root of some directories =======

2013-05-26 21:30 - 2018-12-29 20:20 - 000000000 _____ () C:\Users\DAVID\AppData\Roaming\bitlord_log.txt
2012-05-03 12:12 - 2012-05-03 12:12 - 000000532 _____ () C:\Users\DAVID\AppData\Local\datos.txt
2018-12-29 21:09 - 2018-12-29 21:09 - 000000218 _____ () C:\Users\DAVID\AppData\Local\recently-used.xbel
2012-05-14 11:38 - 2012-05-14 11:38 - 000043976 _____ () C:\Users\DAVID\AppData\Local\save_en.bmp
2012-05-14 11:38 - 2012-05-14 11:38 - 000043976 _____ () C:\Users\DAVID\AppData\Local\save_es.bmp

Some files in TEMP:
====================
2017-03-17 21:50 - 2017-03-17 21:50 - 014456872 ____N (Microsoft Corporation) C:\Users\DAVID\AppData\Local\Temp\vc_redist.x86.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-12-24 15:08

==================== End of FRST.txt ============================

#9
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29.12.2018
Ran by DAVID (31-12-2018 19:34:20)
Running from C:\Users\DAVID\Desktop
Windows 7 Professional Service Pack 1 (X64) (2012-03-04 16:45:59)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-3739339770-2571176858-3877415890-500 - Administrator - Disabled)
DAVID (S-1-5-21-3739339770-2571176858-3877415890-1000 - Administrator - Enabled) => C:\Users\DAVID
Invitado (S-1-5-21-3739339770-2571176858-3877415890-501 - Limited - Enabled) => C:\Users\Invitado

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Defense+ (Enabled - Up to date) {FEEA52D5-051E-08DD-07EF-2F009097607D}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: COMODO Firewall (Enabled) {7DB03214-694B-060B-1600-BD4715C36DBB}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 1.6 - )
ActivoTrader (HKLM-x32\...\{2D683CA5-E228-4EC2-868B-6EC2A927E184}) (Version: 2.59.10.0 - ActivoTrade Valores, Agencia de Valores (WLP))
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.010.20064 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Aplicación para detectar Winamp (HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
ATI Catalyst Install Manager (HKLM\...\{A0FD3D5E-5E58-9CFB-9DFA-85D8F8BD668A}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 70.0.917.102 - AVAST Software)
BitLord 2.3 (HKLM-x32\...\BitLord) (Version: 2.3.2-239 - House of Life)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.61.1065 - AB Team, d.o.o.)
calibre (HKLM-x32\...\{5AD205E9-E80E-4F4B-88A5-C6B5CC12BBE4}) (Version: 2.48.0 - Kovid Goyal)
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version:  - )
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version:  - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
COMODO Internet Security (HKLM\...\{FD8E178D-8B4E-42DA-B434-EFF270329B1C}) (Version: 5.5.64714.1383 - COMODO Security Solutions Inc.)
Configurador AEAT 1.9 (HKLM-x32\...\Configurador AEAT 1.9) (Version: 1.9 - AEAT)
Coupon Printer (HKLM-x32\...\Coupon Printer2.2.0.9) (Version: 2.2.0.9 - Coupons.com Inc.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version:  - Softland)
Dropbox (HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Estudio de mejora de productos de HP Deskjet 1000 J110 series (HKLM\...\{49A8CFD6-42A5-4AE2-82C5-B18360EA42E4}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
Free PDF Compressor (HKLM-x32\...\{BFA49A14-EC18-4071-BC13-B43043B09222}_is1) (Version:  - freepdfcompressor.com)
Google Chrome (HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hofmann 9.1 (HKLM-x32\...\{93EC89BE-1179-4E12-94D6-F28F4C27EE92}) (Version: 9.1 - Hofmann)
HP Deskjet 1000 J110 series Ayuda (HKLM-x32\...\{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}) (Version: 140.0.65.65 - Hewlett Packard)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
JDownloader (HKLM-x32\...\JDownloader) (Version:  - AppWork UG (haftungsbeschränkt))
K-Lite Codec Pack 14.6.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.6.0 - KLCP)
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (HKLM-x32\...\{90120000-00B2-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MKV Player 2.1.23 (HKLM-x32\...\MKV Player_is1) (Version:  - )
MKVToolNix 19.0.0 (32-bit) (HKLM-x32\...\MKVToolNix) (Version: 19.0.0 - Moritz Bunkus)
Modulos 2012 1.00 (HKLM-x32\...\5749-4104-5749-2753) (Version: 1.00 - AEAT)
Modulos 2013 1.00 (HKLM-x32\...\4282-0141-1609-3325) (Version: 1.00 - AEAT)
Mozilla Firefox 64.0 (x64 es-ES) (HKLM\...\Mozilla Firefox 64.0 (x64 es-ES)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 64.0.0.6914 - Mozilla)
Mozilla Thunderbird 17.0 (x86 es-ES) (HKLM-x32\...\Mozilla Thunderbird 17.0 (x86 es-ES)) (Version: 17.0 - Mozilla)
Opera 12.15 (HKLM-x32\...\Opera 12.15.1748) (Version: 12.15.1748 - Opera Software ASA)
PDF Split And Merge Basic (HKLM\...\{C91B24F6-1629-11E2-B696-21676188709B}) (Version: 2.2.2 - Andrea Vacondio)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
Registro de usuario de Canon MP250 series (HKLM-x32\...\Registro de usuario de Canon MP250 series) (Version:  - )
Renta 2011 1.00 (HKLM-x32\...\9329-2753-3156-3513) (Version: 1.00 - AEAT)
Renta 2012 1.21 (HKLM-x32\...\8421-7800-2226-7659) (Version: 1.21 - AEAT)
Renta 2014 1.25 (HKLM-x32\...\8330-1526-1221-2374) (Version: 1.25 - AEAT)
Renta2010 1.20 (HKLM-x32\...\2359-2070-3006-7938) (Version: 1.20 - AEAT)
Rosetta Stone Version 3 (HKLM-x32\...\{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}) (Version: 3.4.7.0 - Rosetta Stone Ltd.)
Secure [email protected] (HKLM-x32\...\{C9A11F59-4DD1-4144-A126-70EF53B7BFAD}) (Version: 3.50.2104 - Valassis)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Software básico del dispositivo HP Deskjet 1000 J110 series (HKLM\...\{AB66869F-D73F-49FB-9E88-79F52FE14EF3}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
SopCast 3.8.3 (HKLM-x32\...\SopCast) (Version: 3.8.3 - www.sopcast.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellar Phoenix Photo Recovery (HKLM-x32\...\Stellar Phoenix Photo Recovery_is1) (Version: 4.0.0.0 - Stellar Information Systems Ltd)
Veetle TV (HKLM-x32\...\Veetle TV) (Version: 0.9.19 - Veetle, Inc)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.623  - Nullsoft, Inc)
WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\...\ChromeHTML: -> C:\Users\DAVID\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3739339770-2571176858-3877415890-1000_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\DAVID\AppData\Local\Google\Chrome\Application\71.0.3578.98\notification_helper.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3739339770-2571176858-3877415890-1000_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\DAVID\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3739339770-2571176858-3877415890-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\DAVID\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3739339770-2571176858-3877415890-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\DAVID\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3739339770-2571176858-3877415890-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DAVID\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3739339770-2571176858-3877415890-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DAVID\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3739339770-2571176858-3877415890-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DAVID\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3739339770-2571176858-3877415890-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DAVID\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3739339770-2571176858-3877415890-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DAVID\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3739339770-2571176858-3877415890-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DAVID\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3739339770-2571176858-3877415890-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DAVID\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3739339770-2571176858-3877415890-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DAVID\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-26] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-26] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\DAVID\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\DAVID\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\DAVID\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\DAVID\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  -> No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\DAVID\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\DAVID\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\DAVID\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-26] (AVAST Software)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2012-11-08] (COMODO)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-02-17] ()
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-02-17] ()
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2012-11-08] (COMODO)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-26] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-02-17] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-02-17] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-26] (AVAST Software)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2012-11-08] (COMODO)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-02-17] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-02-17] ()
ContextMenuHandlers1_S-1-5-21-3739339770-2571176858-3877415890-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\DAVID\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-3739339770-2571176858-3877415890-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\DAVID\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-3739339770-2571176858-3877415890-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\DAVID\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {161F10D7-7CDC-4CB6-9A93-BE9D71AC76B3} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe [2018-12-07] (Adobe Systems Incorporated)
Task: {1772E75A-8E63-4D93-A790-D7F4AF69C919} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-07] (Adobe Systems Incorporated)
Task: {1B63399E-D054-4719-9618-CD1A06D7CDA2} - System32\Tasks\{7D0D0A0A-6825-4809-AFFF-924A31D125F7} => C:\Windows\system32\pcalua.exe -a "D:\Descargas (desde marzo 2012)\ConfiguradorAEAT.exe" -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {1EDB8761-0F6B-469D-B155-E13FB132BB2A} - System32\Tasks\{157C0369-E61F-47E8-B68D-92EEF0109809} => "c:\users\david\appdata\local\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.9.0.115&LastError=404
Task: {281C81F6-77DF-40D2-99CF-D9459C105327} - System32\Tasks\avastBCLRestartS-1-5-21-3739339770-2571176858-3877415890-1000 => C:\Users\DAVID\AppData\Local\Google\Chrome\Application\chrome.exe 
Task: {3DA5E25D-A741-436D-942E-A3783D47672D} - System32\Tasks\{FE8F7E4B-7C99-4885-BBDB-ACE93E789291} => C:\Windows\system32\pcalua.exe -a "D:\Descargas (desde marzo 2012)\uTorrent-1.6.exe" -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {5EEBEE3D-3AA1-4D72-9714-90944B58D35B} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-10] (AVAST Software)
Task: {60494A73-4924-4E17-B67F-05AC9FBAEE42} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-10] (AVAST Software)
Task: {67CD087C-CAE4-453C-B4BC-687AE62F6CB6} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {71B76C6A-69EB-4C94-B008-81A6DDBA19CA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {80B6D607-9800-4218-95B0-F3FF9D758669} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3739339770-2571176858-3877415890-1000UA => C:\Users\DAVID\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {A361BC97-CF6A-4F46-8304-A98A4E448CB4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-11-26] (AVAST Software)
Task: {A419556D-C9AE-4D77-A052-E8EBA6156C79} - System32\Tasks\hpwebreg_xxxxxxxxxx => C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\hpwebreg.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {A7262D69-8A32-482B-BD7B-94A8F4B0C1B6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3739339770-2571176858-3877415890-1000Core => C:\Users\DAVID\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {A7545CD6-B98F-486D-88C8-5725E6DC1C2A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-11-04] (AVAST Software)
Task: {AE7D989F-9EA9-4E98-9970-0022913B58AB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-12-10] (Piriform Software Ltd)
Task: {AEAA8E75-D077-4B9D-AE1F-5F9D31C70D64} - System32\Tasks\{14467514-C0EA-4C39-B79A-D4295BF4DB63} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\FineBrowser Trial\uninstall.exe"
Task: {B31F5F96-2B09-428D-81D0-C87DD0219D0C} - System32\Tasks\HPCustParticipation HP Deskjet 1000 J110 series => C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {B95708C4-EC08-46DD-A41C-758DF6C9A89F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {C038D71B-81B6-4433-9F24-59A32924D315} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-12-10] (Piriform Ltd)
Task: {C87105CF-E765-4B95-9D2D-1CF81AC9F663} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {CDF3AAA8-CF80-49C1-9E8D-592C40D53D43} - System32\Tasks\{5617F1FD-672C-4B61-ACB8-BE681386E276} => "c:\users\david\appdata\local\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.9.0.115&LastError=404
Task: {D18F5B4E-1AF7-44B3-A43E-6392CD33E9A9} - System32\Tasks\{B46B5AAC-E04B-4AFA-9ED8-25EC1BF9099F} => "c:\users\david\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.11.0.102/es/abandoninstall?page=tsProgressBar
Task: {E43CE8F8-150D-4BB4-9328-C23ED1E54BD4} - System32\Tasks\{16385E47-3EDF-4AC9-8BB8-BCD0E9D6CD62} => "c:\users\david\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.11.0.102/es/abandoninstall?page=tsProgressBar

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\hpwebreg_xxxxxxxxxx.job => C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\hpwebreg.ex C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\HpWebReg.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-12-22 10:40 - 2018-11-21 11:07 - 002842608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-12-22 10:40 - 2018-11-15 11:01 - 002712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2012-03-04 18:39 - 2012-02-17 20:55 - 000193536 _____ () C:\Program Files\WinRAR\rarext.dll
2018-11-26 09:51 - 2018-11-26 09:51 - 000728792 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2018-11-26 09:51 - 2018-11-26 09:51 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-11-26 09:51 - 2018-11-26 09:51 - 000596696 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-12-31 15:37 - 2018-12-31 15:37 - 005736080 _____ () C:\Program Files\AVAST Software\Avast\defs\18123102\algo.dll
2018-11-26 09:51 - 2018-11-26 09:51 - 000496344 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-11-26 09:50 - 2018-11-26 09:50 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-11-26 09:51 - 2018-11-26 09:51 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-03-07 08:30 - 2018-03-07 08:30 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:7631EA83 [125]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\...\gob.es -> hxxps://agenciatributaria.gob.es

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2018-11-18 13:13 - 000000921 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Calibre2\;C:\Program Files (x86)\Skype\Phone\
HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Corporation)
FirewallRules: [{8F6DDC6E-FB46-434E-94FC-B15467D9B3A3}] => (Allow) C:\Program Files (x86)\Veetle\Player\VeetleNet.exe ()
FirewallRules: [{69D36BD3-B27E-4885-9FE4-46D90B2913E0}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe ()
FirewallRules: [{C1047F1E-B653-4D96-80CD-DAAF40599372}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe ()
FirewallRules: [{733D0555-046E-4590-A490-A6D8CED54394}] => (Allow) C:\Program Files (x86)\Opera\opera.exe (Opera Software)
FirewallRules: [{1438A23D-90B5-4D12-B42E-6FAFC721B5E8}] => (Allow) C:\Program Files (x86)\Opera\opera.exe (Opera Software)
FirewallRules: [{119E03E6-1FC3-46D7-B911-82DA650AD497}] => (Allow) C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\USBSetup.exe (Hewlett-Packard Co.)
FirewallRules: [{55D408F6-D72F-441E-A066-B6FAA9170EA7}] => (Allow) C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\USBSetup.exe (Hewlett-Packard Co.)
FirewallRules: [{743520A6-3E4F-4259-BA20-770CCD23DABA}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe ()
FirewallRules: [{C50E62EE-50A0-4F54-85BD-D4A079869424}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe ()
FirewallRules: [{D59CD611-BE10-42D4-88FB-2EE654EAD08D}] => (Allow) C:\Program Files (x86)\Opera\opera.exe (Opera Software)
FirewallRules: [{29754494-1F70-4A2C-A411-7250A52516D5}] => (Allow) C:\Program Files (x86)\Opera\opera.exe (Opera Software)
FirewallRules: [{82D054FA-7C0C-4700-8904-3730D0F3E70E}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe (Multidmedia Limited )
FirewallRules: [{FA8D82FA-B96B-49F8-B381-79842A013095}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe (Multidmedia Limited )
FirewallRules: [{10C841FA-F695-43FA-8E5C-6D4C937250AE}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe (Rosetta Stone Ltd. )
FirewallRules: [{5E25733B-3251-46B2-BB3E-59E1EA5EE51E}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe (Rosetta Stone Ltd. )
FirewallRules: [{6F0E477F-4D56-4F0F-80F2-4A407CD422D6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{7EA4F360-297F-451B-8B77-743410CCF6AB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{52C486A3-E8B0-4544-A1B3-2669E1CA4581}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{B39C941B-5F78-4E55-884B-97A157474540}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{ABB7A54E-73DC-4C19-BF01-E15EDCA71B15}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{9B6CA5AF-98B8-477F-A037-D76D5D1EBEAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pro Evolution Soccer 2015 Demo\PES2015.exe (Konami Digital Entertainment Co., Ltd.)
FirewallRules: [{F634EB7C-469C-4BF7-91FC-3FA6089190F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pro Evolution Soccer 2015 Demo\PES2015.exe (Konami Digital Entertainment Co., Ltd.)
FirewallRules: [{86C104FE-454A-423B-AE56-69D24A849B3B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{B6797B44-A041-4EBA-9810-9B7B37D20834}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{4CFDF3D4-62FB-49A0-BEC4-92FF3B39CBDD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{053E9F08-E3F9-49F4-9D5D-16FB5CF23598}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{03B97E98-D999-4D0C-B52B-C7B9E8D81CBB}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{FC3EDFB1-3B04-42A3-9875-9AE5D7656A81}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{477653D2-47B1-4C0B-9312-F3EE24743AC2}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software)
FirewallRules: [{7A30BE92-2E13-4EBA-8358-EC9EF20DB578}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{88C88A2E-E6D3-4F42-9E36-64ACA3671184}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)

==================== Restore Points =========================

31-12-2018 18:17:36 Punto de control programado
31-12-2018 19:17:55 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

Name: Controlador de host de PCI a USB mejorado
Description: Controlador de host de PCI a USB mejorado
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Controladora de host USB estándar)
Service: usbehci
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Controlador de host de PCI a USB mejorado
Description: Controlador de host de PCI a USB mejorado
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Controladora de host USB estándar)
Service: usbehci
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/31/2018 07:15:21 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: No se puede inicializar el índice.

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/31/2018 07:15:21 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: No se puede inicializar la aplicación.

Contexto: aplicación Windows

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/31/2018 07:15:21 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: No se puede inicializar el objeto Recopilador.

Contexto: aplicación Windows, catálogo SystemIndex

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/31/2018 07:15:21 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: No se puede inicializar el complemento <Search.TripoliIndexer>.

Contexto: aplicación Windows, catálogo SystemIndex

Detalles:
	No se ha encontrado el elemento.  (HRESULT : 0x80070490) (0x80070490)

Error: (12/31/2018 07:15:17 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: No se puede inicializar el complemento <Search.JetPropStore>.

Contexto: aplicación Windows, catálogo SystemIndex

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/31/2018 07:15:17 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: El servicio Windows Search no puede cargar la información del almacén de propiedades.

Contexto: aplicación Windows, catálogo SystemIndex

Detalles:
	La base de datos del índice de contenido está dañada.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (12/31/2018 07:15:17 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: El servicio Windows Search se está deteniendo porque hay un problema con el indizador: The catalog is corrupt.

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/31/2018 07:15:17 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: El servicio de búsqueda detectó archivos de datos dañados en el índice {id=4700}. Este servicio intentará corregir este problema automáticamente mediante la nueva generación del índice.

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (12/31/2018 07:16:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio MBAMProtection no pudo iniciarse debido al siguiente error: 
Recursos insuficientes en el sistema para completar el servicio solicitado.

Error: (12/31/2018 07:15:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Search terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

Error: (12/31/2018 07:15:21 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: El servicio Windows Search se cerró con el error específico de servicio %%-1073473535.

Error: (12/31/2018 07:12:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Protección de software terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.

Error: (12/31/2018 07:12:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Adobe Acrobat Update Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (12/31/2018 07:12:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Coupon Printer Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 5000 milisegundos: Reiniciar el servicio.

Error: (12/31/2018 05:46:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio MBAMProtection no pudo iniciarse debido al siguiente error: 
Recursos insuficientes en el sistema para completar el servicio solicitado.

Error: (12/31/2018 03:37:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio MBAMProtection no pudo iniciarse debido al siguiente error: 
Recursos insuficientes en el sistema para completar el servicio solicitado.


CodeIntegrity:
===================================

Date: 2017-02-02 17:41:48.016
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-02-02 17:41:48.000
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-02-02 17:25:33.802
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-02-02 17:25:33.770
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-01-30 17:20:11.447
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-01-30 17:20:11.383
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-01-30 15:42:40.989
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-01-30 15:42:40.973
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

==================== Memory info =========================== 

Processor: AMD A6-3500 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 44%
Total physical RAM: 3817.64 MB
Available physical RAM: 2129.16 MB
Total Virtual: 7633.46 MB
Available Virtual: 6103.21 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:189.23 GB) (Free:117.88 GB) NTFS
Drive d: () (Fixed) (Total:742.19 GB) (Free:308.08 GB) NTFS
Drive f: (French_4) (CDROM) (Total:0.41 GB) (Free:0 GB) CDFS

\\?\Volume{db274b78-6611-11e1-8cef-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: AA9BAA9B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=189.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=742.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#11

Bien… y ahora sigue estos pasos, :arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe(en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla :white_check_mark: Create registry backup, las demás casillas NO. :face_with_monocle:

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Y ahora inicia tu equipo desde el :arrow_forward: Modo Seguro – con funciones de Red, de Windows

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
Task: {1B63399E-D054-4719-9618-CD1A06D7CDA2} - System32\Tasks\{7D0D0A0A-6825-4809-AFFF-924A31D125F7} => C:\Windows\system32\pcalua.exe -a "D:\Descargas (desde marzo 2012)\ConfiguradorAEAT.exe" -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {1EDB8761-0F6B-469D-B155-E13FB132BB2A} - System32\Tasks\{157C0369-E61F-47E8-B68D-92EEF0109809} => "c:\users\david\appdata\local\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.9.0.115&LastError=404
Task: {281C81F6-77DF-40D2-99CF-D9459C105327} - System32\Tasks\avastBCLRestartS-1-5-21-3739339770-2571176858-3877415890-1000 => C:\Users\DAVID\AppData\Local\Google\Chrome\Application\chrome.exe
Task: {3DA5E25D-A741-436D-942E-A3783D47672D} - System32\Tasks\{FE8F7E4B-7C99-4885-BBDB-ACE93E789291} => C:\Windows\system32\pcalua.exe -a "D:\Descargas (desde marzo 2012)\uTorrent-1.6.exe" -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {CDF3AAA8-CF80-49C1-9E8D-592C40D53D43} - System32\Tasks\{5617F1FD-672C-4B61-ACB8-BE681386E276} => "c:\users\david\appdata\local\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.9.0.115&LastError=404
Task: {D18F5B4E-1AF7-44B3-A43E-6392CD33E9A9} - System32\Tasks\{B46B5AAC-E04B-4AFA-9ED8-25EC1BF9099F} => "c:\users\david\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.11.0.102/es/abandoninstall?page=tsProgressBar
Task: {E43CE8F8-150D-4BB4-9328-C23ED1E54BD4} - System32\Tasks\{16385E47-3EDF-4AC9-8BB8-BCD0E9D6CD62} => "c:\users\david\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.11.0.102/es/abandoninstall?page=tsProgressBar
AlternateDataStreams: C:\ProgramData\TEMP:7631EA83 [125]
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\...\MountPoints2: {3473a4bd-fc4e-11e7-9c74-002522d188b7} - G:\HiSuiteDownLoader.exe
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (No File)
URLSearchHook: HKU\S-1-5-21-3739339770-2571176858-3877415890-1000 - (No Name) - {db131c55-60c8-4adc-84dc-9e76ab06e2dc} - No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
FF SearchPlugin: C:\Users\DAVID\AppData\Roaming\Mozilla\Firefox\Profiles\b3k8cjal.default\searchplugins\yahoo-avast.xml [2015-01-04]
FF HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: (McAfee Security Scan Plus) - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] [Legacy] [not signed]
FF HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\DAVID\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi
FF Extension: (Ace Script) - C:\Users\DAVID\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2018-11-26]
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-04-17] (Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle Corporation)
FF Plugin HKU\S-1-5-21-3739339770-2571176858-3877415890-1000: @acestream.net/acestreamplugin,version=3.0.12 -> C:\Users\DAVID\AppData\Roaming\ACEStream\player\npace_plugin.dll [2015-09-25] (Innovative Digital Technologies)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2014-09-03] (Coupons, Inc.)
CHR DefaultSearchURL: Default -> hxxps://es.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
CHR HKU\S-1-5-21-3739339770-2571176858-3877415890-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [npiecjlhkngdinoeekmccdbjdgclmnbk] - C:\Users\DAVID\AppData\Local\Temp\ccex.crx <not found>
2018-12-30 19:36 - 2012-03-04 19:36 - 000000548 _____ C:\Windows\Tasks\hpwebreg_xxxxxxxxxx.job
2017-03-17 21:50 - 2017-03-17 21:50 - 014456872 ____N (Microsoft Corporation) C:\Users\DAVID\AppData\Local\Temp\vc_redist.x86.exe
2018-12-30 17:22 - 2013-11-29 18:55 - 000003170 _____ C:\Windows\System32\Tasks\{5617F1FD-672C-4B61-ACB8-BE681386E276}
2018-12-30 17:22 - 2013-11-29 16:23 - 000003170 _____ C:\Windows\System32\Tasks\{157C0369-E61F-47E8-B68D-92EEF0109809}
2018-12-30 17:22 - 2013-11-27 14:24 - 000003118 _____ C:\Windows\System32\Tasks\{B46B5AAC-E04B-4AFA-9ED8-25EC1BF9099F}
2018-12-30 17:22 - 2013-11-27 14:24 - 000003118 _____ C:\Windows\System32\Tasks\{16385E47-3EDF-4AC9-8BB8-BCD0E9D6CD62}
2018-12-30 17:22 - 2012-05-15 16:36 - 000003106 _____ C:\Windows\System32\Tasks\{14467514-C0EA-4C39-B79A-D4295BF4DB63}
2018-12-30 17:22 - 2012-04-30 14:59 - 000003182 _____ C:\Windows\System32\Tasks\{FE8F7E4B-7C99-4885-BBDB-ACE93E789291}
2018-12-30 17:22 - 2012-04-11 21:59 - 000003190 _____ C:\Windows\System32\Tasks\{7D0D0A0A-6825-4809-AFFF-924A31D125F7}
2018-12-30 17:22 - 2012-03-04 19:36 - 000003256 _____ C:\Windows\System32\Tasks\hpwebreg_xxxxxxxxxx
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

  • Presionar el botón FIX y aguardar a que termine.

  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta. :+1:

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.


#12

hola. Intenté usar el delfix varias veces pero siempre me daba error y no se ejecutaba.

En cualquier caso el problema de momento no ha vuelto a suceder, no sé si ha sido cosa de algún virus o era el cable de red, pero sea como sea muchísimas gracias por la ayuda!!


#13

Atención.!!! hemos dejado pasos muy importantes sin hacer. :rage:

Que problemas tuviste al ejecutar DELFIX.??