Me pueden revisar estos log veo cosas muy raras Trojan.Agent.AutoIt.Generic

Pues eso que hace tiempo que vengo notando el ordenador raro y me da que estoy infectado de alguna manera, no soy muy experto en el tema, espero que me perdonen y tengan paciencia conmigo.

Creo a ver instalado un archivo bajado de http://www.mejortorrentt.org/ con la extencion *.VBS

He seguido los pasos de este hilo Quitar virus *.vbe bajado de la web mejortorrent

a continuación pego los log para que puedan analizarlos, un saludo y un millón de gracias

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 19/1/20
Hora del análisis: 2:26
Archivo de registro: af49c426-3a5a-11ea-bfdd-5404a61f275c.json

-Información del software-
Versión: 4.0.4.49
Versión de los componentes: 1.0.793
Versión del paquete de actualización: 1.0.17926
Licencia: Gratis

-Información del sistema-
SO: Windows 10 (Build 18362.592)
CPU: x64
Sistema de archivos: NTFS
Usuario: JoseManuel-PC\Jose Manuel

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 356704
Amenazas detectadas: 262
Amenazas en cuarentena: 262
Tiempo transcurrido: 11 min, 20 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 20
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\APPID\REI_AxControl.DLL, En cuarentena, 372, 327193, 1.0.17926, , ame, 
PUP.Optional.Reimage, HKU\S-1-5-21-2576600735-719561415-4048846507-1000\SOFTWARE\Reimage, En cuarentena, 372, 357494, 1.0.17926, , ame, 
PUP.Optional.Restoro, HKU\S-1-5-21-2576600735-719561415-4048846507-1000\SOFTWARE\Restoro, En cuarentena, 732, 551610, 1.0.17926, , ame, 
PUP.Optional.DefaultSearch, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\NLADLJMABBOANHIHFKJACNNKGJHNOKHJ, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nladljmabboanhihfkjacnnkgjhnokhj, En cuarentena, 316, 550469, 1.0.17926, , ame, 
PUP.Optional.Reimage, HKU\S-1-5-21-2576600735-719561415-4048846507-1000\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\Fixer - Windows Problem Relief., En cuarentena, 372, 709541, 1.0.17926, , ame, 
PUP.Optional.Conduit, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En cuarentena, 200, 236865, , , , 
PUP.Optional.Conduit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En cuarentena, 200, 236865, , , , 
PUP.Optional.Conduit, HKU\S-1-5-21-2576600735-719561415-4048846507-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, En cuarentena, 200, 236865, 1.0.17926, , ame, 
PUP.Optional.Reimage, HKU\S-1-5-21-2576600735-719561415-4048846507-1000\SOFTWARE\REIMAGE\PC REPAIR, En cuarentena, 372, 327204, 1.0.17926, , ame, 
PUP.Optional.Restoro, HKLM\SOFTWARE\Restoro, En cuarentena, 732, 551614, 1.0.17926, , ame, 
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\REI_AxControl.DLL, En cuarentena, 372, 327193, 1.0.17926, , ame, 
PUP.Optional.Restoro, HKU\S-1-5-21-2576600735-719561415-4048846507-1000\SOFTWARE\Local AppWizard-Generated Applications\Restoro, En cuarentena, 732, 551612, 1.0.17926, , ame, 
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\REI_AxControl.DLL, En cuarentena, 372, 327193, 1.0.17926, , ame, 
PUP.Optional.Reimage, HKLM\SOFTWARE\REIMAGE\Reimage Repair, En cuarentena, 372, 336077, 1.0.17926, , ame, 
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, En cuarentena, 372, 332494, , , , 
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, En cuarentena, 372, 332494, , , , 
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, En cuarentena, 372, 332494, 1.0.17926, , ame, 
PUP.Optional.DriverAgent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DrvAgent64, En cuarentena, 3524, 345587, , , , 
PUP.Optional.Reimage, HKU\S-1-5-21-2576600735-719561415-4048846507-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{10ECCE17-29B5-4880-A8F5-EAD298611484}, En cuarentena, 372, 327205, 1.0.17926, , ame, 

Valor del registro: 4
PUP.Optional.DefaultSearch, HKU\S-1-5-21-2576600735-719561415-4048846507-1000\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|NLADLJMABBOANHIHFKJACNNKGJHNOKHJ, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, HKU\S-1-5-21-2576600735-719561415-4048846507-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Profile 1\extensions.settings|NLADLJMABBOANHIHFKJACNNKGJHNOKHJ, En cuarentena, 316, 550469, , , , 
PUP.Optional.Conduit, HKU\S-1-5-21-2576600735-719561415-4048846507-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, En cuarentena, 200, 236865, 1.0.17926, , ame, 
PUP.Optional.Reimage, HKU\S-1-5-21-2576600735-719561415-4048846507-1000\SOFTWARE\REIMAGE\PC REPAIR|QUITMESSAGE, En cuarentena, 372, 327204, 1.0.17926, , ame, 

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 30
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\img\browsericons, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\_locales\de, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\_locales\en, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\_locales\es, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\_locales\fr, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\css\fonts, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\_metadata, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\_locales, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\js\lib, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\css, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\img, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\js, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\USERS\CARIDAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Extensions\NLADLJMABBOANHIHFKJACNNKGJHNOKHJ, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\img\browsericons, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\_locales\de, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\_locales\en, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\_locales\es, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\_locales\fr, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\css\fonts, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\_metadata, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\_locales, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\css, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\img, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\USERS\JOSE MANUEL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\NLADLJMABBOANHIHFKJACNNKGJHNOKHJ, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\USERS\JOSE MANUEL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Local Extension Settings\NLADLJMABBOANHIHFKJACNNKGJHNOKHJ, En cuarentena, 316, 550469, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\PROGRAMDATA\INTEL\WIRELESS\6b1c681, En cuarentena, 5615, 781622, 1.0.17926, , ame, 
PUP.Optional.DefaultSearch, C:\USERS\JOSE MANUEL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 316, 469798, , , , 

Archivo: 208
PUP.Optional.Restoro, C:\WINDOWS\RESTORO.INI, En cuarentena, 732, 551609, 1.0.17926, , ame, 
PUP.Optional.RemoteInjectionFF, C:\USERS\JOSE MANUEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NCA4HT65.DEFAULT\EXTENSIONS\{6070C95F-6460-4FFD-9846-2BBD7238697F}.XPI, En cuarentena, 1792, 615797, 1.0.17926, , ame, 
PUP.Optional.DefaultSearch, C:\USERS\CARIDAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Sustituido, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\USERS\JOSE MANUEL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\USERS\CARIDAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Preferences, Sustituido, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\USERS\JOSE MANUEL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Sustituido, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\css\fonts\adaware.eot, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\css\fonts\adaware.svg, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\css\fonts\adaware.ttf, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\css\fonts\adaware.woff, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\css\fonts\canaro-book.ttf, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\css\fonts\canaro-bookitalic.ttf, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\css\fonts\canaro-light.ttf, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\css\fonts\canaro-lightitalic.ttf, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\css\fonts\canaro-medium.ttf, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\css\fonts\canaro-mediumitalic.ttf, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\css\fonts\canaro-semibold.ttf, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\css\fonts\canaro-semibolditalic.ttf, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\css\fonts\fontawesome-webfont.ttf, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\css\fonts\segoeui.ttf, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\css\auto-complete.css, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\css\contentscript.css, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\css\flexbox.css, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\css\new-tab.css, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\css\normalize.css, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\css\roboto.css, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\img\browsericons\icon19.png, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\img\browsericons\icon38.png, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\img\abstract_default.jpg, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\img\adaware_secure_search.png, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\img\animals_default.jpg, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\img\dot.png, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\img\dot_color.png, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\img\dropdown_arrow.png, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\img\finalStep.png, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\img\icon_128.png, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\img\icon_16.png, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\img\icon_check.png, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\img\keepChange.png, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\img\magnifier_icon.png, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\img\nature_default.jpg, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\img\settings_icon.png, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\img\urban_default.jpg, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\js\lib\auto-complete.js, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\js\lib\publicsuffixlist.js, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\js\adaware-telemetry.js, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\js\adaware-utils.js, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\js\bitmask.js, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\js\contentscript.js, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\js\i18n.js, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\js\load-new.js, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\js\messaging.js, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\js\new-tab.js, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\js\pagestore.js, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\js\polyfill.js, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\js\start.js, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\js\storage.js, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\js\suggest.js, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\js\tab.js, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\js\traffic.js, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\js\uritools.js, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\js\vapi-background.js, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\js\vapi-client.js, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\js\vapi-common.js, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\_locales\de\messages.json, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\_locales\en\messages.json, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\_locales\es\messages.json, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\_locales\fr\messages.json, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\_metadata\verified_contents.json, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\background.html, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\LICENSE.txt, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\load-new.html, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\manifest.json, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Caridad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.11.6_0\new-tab.html, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\css\fonts\adaware.svg, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\css\fonts\adaware.woff, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\css\auto-complete.css, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\css\contentscript.css, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\css\flexbox.css, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\css\new-tab.css, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\css\normalize.css, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\css\roboto.css, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\img\browsericons\icon19.png, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\img\browsericons\icon38.png, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\img\abstract_default.jpg, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\img\adaware_secure_search.png, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\img\animals_default.jpg, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\img\dot.png, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\img\dot_color.png, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\img\dropdown_arrow.png, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\img\finalStep.png, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\img\icon_128.png, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\img\icon_16.png, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\img\icon_check.png, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\img\keepChange.png, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\img\magnifier_icon.png, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\img\nature_default.jpg, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\img\settings_icon.png, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\img\urban_default.jpg, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\_locales\de\messages.json, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\_locales\en\messages.json, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\_locales\es\messages.json, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\_locales\fr\messages.json, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\_metadata\verified_contents.json, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\background.html, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\LICENSE.txt, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\load-new.html, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\manifest.json, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.12.1_0\new-tab.html, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nladljmabboanhihfkjacnnkgjhnokhj\000003.log, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nladljmabboanhihfkjacnnkgjhnokhj\CURRENT, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nladljmabboanhihfkjacnnkgjhnokhj\LOCK, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nladljmabboanhihfkjacnnkgjhnokhj\LOG, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nladljmabboanhihfkjacnnkgjhnokhj\LOG.old, En cuarentena, 316, 550469, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nladljmabboanhihfkjacnnkgjhnokhj\MANIFEST-000001, En cuarentena, 316, 550469, , , , 
Trojan.Agent.AutoIt.Generic, C:\PROGRAMDATA\INTEL\WIRELESS\6b1c681\592d2a2.au3, En cuarentena, 5615, 781622, 1.0.17926, , ame, 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\01-09-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\01-10-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\02-08-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\02-09-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\02-10-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\02-11-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\03-08-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\03-10-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\03-11-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\04-08-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\04-10-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\05-10-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\05-11-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\06-08-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\06-09-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\06-10-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\06-11-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\07-08-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\07-09-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\07-10-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\07-11-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\08-08-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\08-10-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\08-11-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\09-08-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\09-10-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\0e6d041, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\10-08-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\10-09-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\10-10-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\11-08-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\11-09-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\11-10-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\12-10-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\12-11-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\13-08-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\13-11-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\14-08-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\14-09-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\14-10-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\14-11-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\15-09-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\16-09-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\16-10-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\17-10-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\18-08-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\18-09-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\18-10-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\18640b2, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\19-08-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\19-09-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\19-10-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\21-08-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\21-09-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\21-10-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\22-10-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\23-08-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\23-09-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\24-08-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\24-09-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\24-10-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\25-10-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\26-08-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\26-09-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\27-07-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\27-09-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\27-10-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\28-08-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\28-09-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\28-10-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\29-08-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\29-09-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\30-09-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\30-10-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\31-07-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\31-08-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\7e48593\31-10-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\6b1c681\pe.bin, En cuarentena, 5615, 781622, , , , 
PUP.Optional.Reimage, C:\WINDOWS\REIMAGE.INI, En cuarentena, 372, 412667, 1.0.17926, , ame, 
PUP.Optional.Conduit, C:\USERS\JOSE MANUEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NCA4HT65.DEFAULT\PREFS.JS, Sustituido, 200, 301520, 1.0.17926, , ame, 
PUP.Optional.WinBing, C:\USERS\JOSE MANUEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NCA4HT65.DEFAULT\SEARCHPLUGINS\BING-LAVASOFT-FF59.XML, En cuarentena, 5313, 678452, 1.0.17926, , ame, 
PUP.Optional.DriverAgent, C:\WINDOWS\SYSWOW64\DRIVERS\DRVAGENT64.SYS, En cuarentena, 3524, 345587, 1.0.17926, , ame, 
PUP.Optional.Reimage, C:\USERS\JOSE MANUEL\DOWNLOADS\REIMAGEREPAIR.EXE, En cuarentena, 372, 331559, 1.0.17926, , ame, 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.ldb, En cuarentena, 316, 469798, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000004.log, En cuarentena, 316, 469798, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, En cuarentena, 316, 469798, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, En cuarentena, 316, 469798, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, En cuarentena, 316, 469798, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, En cuarentena, 316, 469798, , , , 
PUP.Optional.DefaultSearch, C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, En cuarentena, 316, 469798, , , , 
PUP.Optional.DefaultSearch, C:\USERS\CARIDAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Sustituido, 316, 469798, 1.0.17926, , ame, 
PUP.Optional.DefaultSearch, C:\USERS\JOSE MANUEL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 316, 469798, 1.0.17926, , ame, 

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build:    12-17-2019
# Database: 2020-01-13.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    01-19-2020
# Duration: 00:00:41
# OS:       Windows 10 Pro
# Cleaned:  46
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\TRADAIR SELECTION TOOL
Deleted       C:\Users\Jose Manuel\AppData\LocalLow\.acestream
Deleted       C:\Users\Jose Manuel\AppData\Roaming\.acestream
Deleted       C:\Users\Jose Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media
Deleted       C:\Users\Jose Manuel\AppData\Roaming\acestream
Deleted       C:\_acestream_cache_

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\SOFTWARE\Classes\Applications\ace_player.exe
Deleted       HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acelive
Deleted       HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acemedia
Deleted       HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acestream
Deleted       HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tslive
Deleted       HKCU\Software\AceStream
Deleted       HKCU\Software\Classes\.acelive
Deleted       HKCU\Software\Classes\.acemedia
Deleted       HKCU\Software\Classes\.acestream
Deleted       HKCU\Software\Classes\.tslive
Deleted       HKCU\Software\Classes\AudioCD\shell\PlayWithACEStream
Deleted       HKCU\Software\Classes\DVD\shell\PlayWithACEStream
Deleted       HKCU\Software\Classes\acestream
Deleted       HKCU\Software\Lavasoft\Web Companion
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayCDAudioOnArrival
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayDVDAudioOnArrival
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayDVDMovieOnArrival
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayMusicFilesOnArrival
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlaySVCDMovieOnArrival
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayVCDMovieOnArrival
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayVideoFilesOnArrival
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AceStream
Deleted       HKCU\Software\RegisteredApplications|AceStream
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{6E266366-FD2C-4563-9970-00EED507B599}C:\users\jose manuel\appdata\roaming\acestream\player\ace_player.exe
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{D1008431-EBEB-4F09-A660-158EFDE49B94}C:\users\jose manuel\appdata\roaming\acestream\player\ace_player.exe
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{32D2971D-3701-4D79-85AE-97CC6EE87191}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B3C9A1EC-2AA0-4C9C-96F8-B3C07DD47A41}
Deleted       HKLM\Software\Classes\.acestream
Deleted       HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted       HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted       HKLM\Software\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted       HKLM\Software\Reimage
Deleted       HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{79690976-ED6E-403C-BBBA-F8928B5EDE17}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{C915F573-4C11-4968-9080-29E611FDBE9F}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted       HKLM\Software\Wow6432Node\\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted       HKU\S-1-5-21-2576600735-719561415-4048846507-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [6317 octets] - [19/01/2020 02:44:35]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Hola @RiNiTo

Bienvenido al Foro!!!

Ahora realiza lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. >> Como saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

3.- En tu próxima respuesta, pega los reportes generados.

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2

Muchas gracias por su ayuda, le dejo los aportes que me pides.

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 18-01-2020
Ejecutado por Jose Manuel (19-01-2020 03:44:23)
Ejecutado desde C:\Users\Jose Manuel\Downloads
Windows 10 Pro Versión 1909 18363.592 (X64) (2020-01-04 19:45:49)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-2576600735-719561415-4048846507-500 - Administrator - Disabled)
Caridad (S-1-5-21-2576600735-719561415-4048846507-1001 - Limited - Enabled) => C:\Users\Caridad
DefaultAccount (S-1-5-21-2576600735-719561415-4048846507-503 - Limited - Disabled)
Invitado (S-1-5-21-2576600735-719561415-4048846507-501 - Limited - Disabled)
Jose Manuel (S-1-5-21-2576600735-719561415-4048846507-1000 - Administrator - Enabled) => C:\Users\Jose Manuel
WDAGUtilityAccount (S-1-5-21-2576600735-719561415-4048846507-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-2576600735-719561415-4048846507-1000\...\uTorrent) (Version: 3.5.5.45505 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.314 - Adobe)
Apple Application Support (32 bits) (HKLM-x32\...\{C3A282C9-4C8B-4A63-B449-3A064FB378D7}) (Version: 8.2 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{CC046FB9-E84E-4092-B924-DBE33DA2BE75}) (Version: 8.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{45DDDFED-AABC-450C-B49C-5B4A5E547F5B}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Core Temp 1.12.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.12.1 - ALCPU)
dr.fone toolkit para Android (Version 8.3.2) (HKLM-x32\...\{7B08A1E1-3644-4237-B39D-762B5F5564D0}_is1) (Version: 8.3.2.62 - Wondershare Technology Co.,Ltd.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 88.4.172 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.241.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
HDD Regenerator (HKLM-x32\...\{2445981B-A23B-4A0E-AD15-3D391BDAEC3E}) (Version: 1.71.0012 - Abstradrome)
iCloud (HKLM\...\{4E727621-3550-4CE0-883E-F27D7D7E0D2C}) (Version: 7.16.0.15 - Apple Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
iTunes (HKLM\...\{3B98B596-03F0-4DB0-B2D8-33CFBD487B57}) (Version: 12.10.3.1 - Apple Inc.)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Manager (HKLM-x32\...\{8DED36D9-54D6-4127-A112-5A1BA1CDD66B}) (Version: 5.0.26.33533 - 2017 pdfforge GmbH. All rights reserved) Hidden
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2576600735-719561415-4048846507-1000\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation)
Microsoft Tool Web Package:diskpart.exe (HKLM-x32\...\{9782762F-639B-499B-A23D-5EBEAFC160E6}) (Version: 1.0.0.1 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mitsubishi Electric - MitsuSoft (HKLM-x32\...\MitsuSoft) (Version:  - )
Mozilla Firefox 72.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 72.0.1 (x64 es-ES)) (Version: 72.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM-x32\...\{98EFD8F0-08DE-48DB-B922-A2EBAB711034}) (Version: 7.03.1151 - Nero AG)
Nox APP Player (HKLM-x32\...\Nox) (Version: 6.0.9.0 - Duodian Technology Co. Ltd.)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PCSleek Free Error Cleaner (HKLM-x32\...\PCSleek Free Error Cleaner_is1) (Version:  - )
PDF Architect 5 (HKLM-x32\...\PDF Architect 5) (Version: 5.0.22.32360 - pdfforge GmbH)
PDF Architect 5 Create Module (HKLM\...\{0E25DE98-E56E-4259-B554-F1360BB2DC22}) (Version: 5.0.28.34044 - pdfforge GmbH) Hidden
PDF Architect 5 Edit Module (HKLM\...\{EE01D8D7-2DD0-4C43-BF42-D9C8FC8DAE99}) (Version: 5.0.28.34044 - pdfforge GmbH) Hidden
PDF Architect 5 View Module (HKLM\...\{4DC94B75-B036-474D-8AC8-E2D055C95FBD}) (Version: 5.0.28.34044 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.0.2 - pdfforge GmbH)
PokerStars.es (HKLM-x32\...\PokerStars.es) (Version:  - PokerStars.es)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7982 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Serviio (HKLM\...\Serviio) (Version: 1.10.1 - Six Lines Ltd)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)

Packages:
=========
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2020-01-05] (Facebook Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-05] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-05] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2020-01-05] (Microsoft Studios) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2020-01-05] (Microsoft Corporation) [MS Ad]
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_0.3.9309.0_x64__cv1g1gvanyjgm [2020-01-05] (WhatsApp Inc.)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-2576600735-719561415-4048846507-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2576600735-719561415-4048846507-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2576600735-719561415-4048846507-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2576600735-719561415-4048846507-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2576600735-719561415-4048846507-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2576600735-719561415-4048846507-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2576600735-719561415-4048846507-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Jose Manuel\Dropbox [2017-12-07 01:40]
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Jose Manuel\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-27] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Jose Manuel\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-27] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Jose Manuel\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-27] (Mega Limited -> )
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Jose Manuel\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-27] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Jose Manuel\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-27] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Jose Manuel\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-27] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [2007-07-24] (Nero AG -> Nero AG)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jose Manuel\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-27] (Mega Limited -> )
ContextMenuHandlers1: [PDFArchitect5_ManagerExt] -> {00B7B69F-6774-4906-9C7F-7D117A3644A9} => C:\Program Files\PDF Architect 5\creator-context-menu.dll [2017-07-05] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2017-09-04] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-12-09] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] () [Archivo no firmado]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] () [Archivo no firmado]
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jose Manuel\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-27] (Mega Limited -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jose Manuel\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-27] (Mega Limited -> )
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jose Manuel\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-27] (Mega Limited -> )
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] () [Archivo no firmado]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] () [Archivo no firmado]
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] () [Archivo no firmado]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] () [Archivo no firmado]

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Módulos cargados (Lista blanca) =============

2017-12-08 01:28 - 2017-12-08 01:28 - 000116224 _____ (pdfforge GmbH) [Archivo no firmado] C:\WINDOWS\System32\pdfcmon.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\Windows:CM_36faabd924501fcd2f743302621d89eb425ec11f74fef19a5e0fe69c3f0b5201 [74]
AlternateDataStreams: C:\Windows:CM_e0501b65315a77c6cde279a3a8d62a1a6c48bf2c2e353a3654218165115f1673 [74]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-2576600735-719561415-4048846507-1000\...\localhost -> localhost

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKU\S-1-5-21-2576600735-719561415-4048846507-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: DbxSvc => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BackupRemind.lnk => C:\Windows\pss\BackupRemind.lnk.CommonStartup
MSCONFIG\startupreg: (default) => 
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe"
MSCONFIG\startupreg: iCloudServices => "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe"
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{3BF8B282-3144-426E-B7C3-340CB8C5E802}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0EC1D738-9A07-43C7-97C2-7C847CA05FEB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A3771E9A-7C0A-4236-9E93-4C47F8382461}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{16E48710-2779-453D-8057-7DF2C3125610}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{D8D1EC1C-480A-4F31-8A56-825E6D3EA39D}] => (Allow) C:\Program Files\Serviio\console\ServiioConsole.exe (Six Lines Ltd) [Archivo no firmado]
FirewallRules: [{73191AE7-46C2-49E4-BB04-D2A04B40C3BA}] => (Allow) C:\Program Files\Serviio\bin\ServiioService.exe () [Archivo no firmado]
FirewallRules: [{113D1922-9CF6-4D8E-931E-BEFEE26E2FC8}] => (Allow) C:\Program Files\Serviio\bin\ServiioService.exe () [Archivo no firmado]
FirewallRules: [{D2E0B169-8BEB-4EBF-AD19-BC89D1D67A68}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0EE73BDF-5AAB-4F20-928F-C22FBCC9E8AC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B2C57967-2B37-4F5C-A59E-E67FCC016636}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{355809AD-50C8-4B0E-85A8-009F28E52D71}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8B1F805B-0B7B-40D2-A489-540D1DBA1930}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{000A3600-1442-4376-8AD3-ADBE4B40B933}] => (Allow) C:\Users\Jose Manuel\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{9AE8D6CA-1AE9-4FD8-971D-D3C39AAC7D53}] => (Allow) C:\Users\Jose Manuel\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F5744FE0-B1EF-476E-B455-07E6DC8B0D49}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{765C158D-419A-4455-95BF-893F6DB33E54}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3ADB8A09-76F8-4964-B803-8ADCCE859763}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

==================== Puntos de Restauración =========================

18-01-2020 18:28:57 Punto de control programado

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (01/19/2020 03:43:04 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10952,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/19/2020 03:21:05 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6148,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/19/2020 03:13:31 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8344,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/19/2020 02:57:50 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5500,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/19/2020 02:46:27 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (01/19/2020 02:46:27 AM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (01/19/2020 02:35:10 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (18036,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/19/2020 02:23:48 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15460,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


Errores del sistema:
=============
Error: (01/19/2020 03:15:58 AM) (Source: DCOM) (EventID: 10000) (User: JoseManuel-PC)
Description: No se puede iniciar un servidor DCOM: {389510B7-9E58-40D7-98BF-60B911CB0EA9}. Error 
"2147942593"
al iniciar este comando:
C:\Users\Jose Manuel\AppData\Local\Microsoft\OneDrive\19.222.1110.0006\FileCoAuth.exe -Embedding

Error: (01/19/2020 03:05:58 AM) (Source: DCOM) (EventID: 10000) (User: JoseManuel-PC)
Description: No se puede iniciar un servidor DCOM: {389510B7-9E58-40D7-98BF-60B911CB0EA9}. Error 
"2147942593"
al iniciar este comando:
C:\Users\Jose Manuel\AppData\Local\Microsoft\OneDrive\19.222.1110.0006\FileCoAuth.exe -Embedding

Error: (01/19/2020 02:52:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Servicio de Google Update (gupdate) no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (01/19/2020 02:52:48 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Servicio de Google Update (gupdate).

Error: (01/19/2020 02:45:09 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Apple Mobile Device Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 60000 milisegundos: Reiniciar el servicio.

Error: (01/19/2020 02:45:09 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio PDF Architect 5 Manager se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (01/19/2020 02:45:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio DbxSvc se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (01/19/2020 02:45:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio PDF Architect 5 Creator se terminó de manera inesperada. Esto ha sucedido 1 veces.


Windows Defender:
===================================
Date: 2020-01-07 21:51:47.443
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {575D036D-61A7-4166-8215-B329D8DE2CEE}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-01-07 21:33:42.796
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {675E2B0D-D489-4858-80A2-9C112CD897CB}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-01-06 19:40:03.933
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {4DAAC2E3-9C26-45B2-AA72-AB9DB7EFE3F3}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

CodeIntegrity:
===================================

Date: 2020-01-19 02:34:18.431
Description: 
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2020-01-19 02:33:56.638
Description: 
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2020-01-19 02:31:36.306
Description: 
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2020-01-19 02:31:36.224
Description: 
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2020-01-19 02:31:36.095
Description: 
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2020-01-19 02:31:35.955
Description: 
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2020-01-19 02:31:35.828
Description: 
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2020-01-19 02:31:35.691
Description: 
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.

==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. 1001 09/26/2011
Placa base: ASUSTeK Computer INC. P8H61-M LE
Procesador: Intel(R) Core(TM) i5-2300 CPU @ 2.80GHz
Porcentaje de memoria en uso: 52%
RAM física total: 8104.3 MB
RAM física disponible: 3863.02 MB
Virtual total: 16296.3 MB
Virtual disponible: 11857.63 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:465 GB) (Free:102.24 GB) NTFS
Drive d: () (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS
Drive f: () (Fixed) (Total:184.39 GB) (Free:19.81 GB) NTFS
Drive g: () (Fixed) (Total:188.22 GB) (Free:8.06 GB) NTFS

\\?\Volume{2f8f106d-da13-11e7-9561-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{45f9d0a6-0000-0000-0000-c04c74000000}\ () (Fixed) (Total:0.56 GB) (Free:0.08 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 45F9D0A6)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=465 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=574 MB) - (Type=27)

==========================================================
Disk: 1 (Size: 372.6 GB) (Disk ID: 35A935A8)
Partition 1: (Not Active) - (Size=188.2 GB) - (Type=0F Extended)
Partition 2: (Active) - (Size=184.4 GB) - (Type=07 NTFS)

==================== Final de Addition.txt =======================

Hola @RiNiTo

Pegaste dos veces el reporte de Adittion.

Necesito que pegues el reporte de FRST.txt.

Salu2

Me dice que es un mensajes con demaciados caracteres y no me deja reportarloal completo, como lo hago?

FRST.txt (122,5 KB)

Hola @RiNiTo

Perfecto como lo has hecho.


Ejecutaste FRST desde un lugar incorrecto:

  • Ejecutado desde C:\Users\Jose Manuel\ Downloads

Corta el ejecutable y pegalo en tu escritorio <<< Esto es Muy Importante.


Luego sigue estos pasos:

1.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

2.- Desactiva Temporalmente tu antivirus.

3.- Abre un nuevo archivo Notepad/Bloc de Notas y copia y pega este contenido:

Start
CloseProcesses:
CreateRestorePoint:
Folder: C:\ProgramData\Intel
HKU\S-1-5-21-2576600735-719561415-4048846507-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2576600735-719561415-4048846507-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
GroupPolicy\User: Restricción ? <==== ATENCIÓN
GroupPolicyUsers\S-1-5-21-2576600735-719561415-4048846507-1001\User: Restricción <==== ATENCIÓN
Task: {19556F62-19AE-4A8F-B89D-909E95049B5D} - \Microsoft\Windows\Setup\EOSNotify2 -> Ningún archivo <==== ATENCIÓN
Task: {A7495214-FD21-4D7A-9D6D-B9259F5CE6E7} - System32\Tasks\{EABDD3D5-6BE5-4786-A3D0-17D8B6D33E63} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jose Manuel\Downloads\nox_setup_v6.0.9.0_full_intl.exe" -d "C:\Users\Jose Manuel\Downloads"
Task: {B4CF8752-8942-4B4E-9905-9D797DB4E5BC} - \Microsoft\Windows\Setup\EOSNotify -> Ningún archivo <==== ATENCIÓN
HKU\S-1-5-21-2576600735-719561415-4048846507-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/?pc=U453&ocid=U453DHP&osmkt=es-xl
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2576600735-719561415-4048846507-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF HKU\S-1-5-21-2576600735-719561415-4048846507-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\Jose Manuel\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => no encontrado
C:\Users\Jose Manuel\AppData\Roaming\ACEStream
FF Plugin HKU\S-1-5-21-2576600735-719561415-4048846507-1000: @acestream.net/acestreamplugin,version=3.1.32 -> C:\Users\Jose Manuel\AppData\Roaming\ACEStream\player\npace_plugin.dll [Ningún archivo]
CHR Extension: (Adaware Ad Block) - C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmllgdnjnkbapbchnebiedipojhmnjej [2018-06-21]
CHR Extension: (Adaware Web Protection) - C:\Users\Jose Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnooggpliipegmffiolegeppbgkclbpi [2018-05-18]
CHR HKU\S-1-5-21-2576600735-719561415-4048846507-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-2576600735-719561415-4048846507-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
U3 idsvc; no ImagePath
2020-01-12 19:20 - 2017-12-07 03:00 - 000000000 ____D C:\Users\Jose Manuel\AppData\Local\PokerStars.ES
2020-01-12 16:13 - 2017-12-07 02:59 - 000000000 ____D C:\Program Files (x86)\PokerStars.ES
2020-01-04 20:17 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-01-04 20:17 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-01-04 20:17 - 2018-11-14 23:34 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2020-01-04 20:17 - 2017-12-07 03:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.ES
2020-01-04 19:09 - 2017-12-06 01:45 - 000000000 ____D C:\ProgramData\Avira
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
AlternateDataStreams: C:\Windows:CM_36faabd924501fcd2f743302621d89eb425ec11f74fef19a5e0fe69c3f0b5201 [74]
AlternateDataStreams: C:\Windows:CM_e0501b65315a77c6cde279a3a8d62a1a6c48bf2c2e353a3654218165115f1673 [74]
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
C:\ProgramData\Intel

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

Nos comentas .

Salu2.

Hola @SanMar Aqui te dejo el archivo log qu me pides Fixlog.txt (16,3 KB)

Un saludo y gracias por su paciencia

Hola @RiNiTo

Perfecto…:clap:

Para eliminar las herramientas utilizadas:

Descargas/Ejecutas >> Delfix, desde tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7 /8 /10,presiona clic derecho y selecciona >> “Ejecutar como Administrador”)
  • Marca las casilla Remove disinfection tools y Purgue Sistem Restore
  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Nos comentas si todo esta en orden para dar por Solucionado el tema.

Salu2.

Hola @SanMar

Parece que me a borrado todas las utilidades que hemos usado, ahora como puedo saber que no estoy infectado y mi PC esta en orden? vistes algos anomalo en los logs reportados?

un saludo

Hola @RiNiTo

Por que ya eliminamos todos los restos con FRST.

Tenias la típica infección del Troyano que da al ejecutar el archivo descargado de torrents .vbe y varias porquerías mas (Adwares)

Nos comentas como sientes el equipo así vamos cerrando el tema.:+1:

Salu2

Parece que va todo correcto @SanMar

Pudieras recomendarme algun antivirus gratuito? actualmente estoy con el de windows 10 que trae por defecto pero no se si sera remendable instalar alguno que vaya mejor

Un saludo

Hola @RiNiTo

Mira esta infección a la fecha no es detectada por ningún antivirus, hace unos pocos días la esta detectando Malwarebytes solamente.

Enlace de Interés para configurar el AV que tienes correctamente.

Y si quieres probar uno gratuito puedes probar el Kaspersky Free.


Que bueno que hayamos podido resolver tu consulta…:+1:

Para otros problemas, ya sabes donde encontrarnos. :wink:

Tema Solucionado

Salu2.

1 me gusta