Hola mi compu anda muy lenta, yo venía consultando con ustedes hasta q justo surgió el cambio de formato de la página y no puede volver hasta hoy. De los casos publicados x lo mismo ya efectuados esos pasos sin conseguir mejoras. Necesito q me sigan dando una mano y ver si consigo normalizar la compu de escritorio gracias saludos
Hola @Pupis_78
Bienvenido a Nuestro nuevo Portal.
Realiza los siguientes pasos, sin cambiar el orden:
1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.
2.- Descargá a Tu escritorio las siguientes herramientas:
3.- Seguí paso a paso las acciones …
Malwarebytes
Instalalo y actualizalo. Realiza un Análisis Completo. Pulsa en “Eliminar Seleccionados” para enviarlo a la cuarentena. Reinicias el sistema. En el apartado del manual “Historial” >> Registros de Aplicación >> Scan Log/Registro de Análisis encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta.
AdwCleaner
Ejecutalo. (Clic derecho y selecciona Ejecutar como Administrador). Pulsa en el botón Escanear y espera a que se realice el proceso. Luego pulsa sobre el botón Limpiar. Espera a que se complete. Si te pidiera reiniciar el sistema Aceptas. Guardas el reporte que te aparecerá para copiarlo y pegarlo en tu próxima respuesta. El informe también se puede encontrar en “C:\AdwCleaner\AdwCleaner.txt”
ZHPCleaner
Siguiendo Su manual, lo instalas y ejecutas. Cuando termine, eliminas todo lo que encuentre.
CCleaner
Instalalo y ejecutalo. En la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine > clic en ejecutar limpiador. Clic en la pestaña Registro > clic en buscar problemas esperas que termine > clic en Reparar Seleccionadas y haces una copia de seguridad.
NOTAS IMPORTANTES:
-
En Tu próxima respuesta, debes pegar los reportes de Malwarebytes Antimalware, ZHPCleaner y Adwcleaner.
-
Debes copiar y pegar los reportes solicitados con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).
-
Envuelve cada uno de los informes con una etiqueta escrita
[CODE]al inicio del informe y otra como este[/CODE]al final del mismo. -
Nos comentas como sigue el problema original por el que abriste el tema.
Saludos
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 17/10/18
Hora del análisis: 21:00
Archivo de registro: dd916830-d268-11e8-b560-485b395d497f.json
-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.463
Versión del paquete de actualización: 1.0.7407
Licencia: Prueba
-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x86
Sistema de archivos: NTFS
Usuario: wilde-PC\wilde
-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 190147
Amenazas detectadas: 68
Amenazas en cuarentena: 68
Tiempo transcurrido: 5 min, 6 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 6
RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\LAUNCHER.EXE, En cuarentena, [6481], [249368],1.0.7407
PUP.Optional.DriverPack, HKU\S-1-5-21-2943951968-3168165516-1643759013-1000\SOFTWARE\DRPSU, En cuarentena, [920], [472301],1.0.7407
PUP.Optional.InternetStart, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En cuarentena, [299], [509563],1.0.7407
PUP.Optional.InternetStart, HKU\S-1-5-21-2943951968-3168165516-1643759013-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, En cuarentena, [299], [509563],1.0.7407
PUP.Optional.DriverPack, HKU\S-1-5-21-2943951968-3168165516-1643759013-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\DriverPack Easy Search, En cuarentena, [920], [564064],1.0.7407
PUP.Optional.MyStart, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\fagakgcelolinfnkfgekcnedpaklfcok, En cuarentena, [227], [492335],1.0.7407
Valor del registro: 7
RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\LAUNCHER.EXE|DEBUGGER, En cuarentena, [6481], [249368],1.0.7407
PUP.Optional.DriverPack, HKU\S-1-5-21-2943951968-3168165516-1643759013-1000\SOFTWARE\DRPSU|CLIENTID, En cuarentena, [920], [472301],1.0.7407
PUP.Optional.InternetStart, HKU\S-1-5-21-2943951968-3168165516-1643759013-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|DISPLAYNAME, En cuarentena, [299], [509563],1.0.7407
PUP.Optional.InternetStart, HKU\S-1-5-21-2943951968-3168165516-1643759013-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|FAVICONURLFALLBACK, En cuarentena, [299], [509563],1.0.7407
PUP.Optional.InternetStart, HKU\S-1-5-21-2943951968-3168165516-1643759013-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, En cuarentena, [299], [509563],1.0.7407
PUP.Optional.MyStart, HKU\S-1-5-21-2943951968-3168165516-1643759013-1000\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|fagakgcelolinfnkfgekcnedpaklfcok, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.SearchManager, HKU\S-1-5-21-2943951968-3168165516-1643759013-1000\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|ijahobfejgeblmkpcmgpelfibgnnjpil, En cuarentena, [251], [501411],1.0.7407
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 10
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\images\icons, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\_metadata, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\html\css, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\html\img, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\images, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\font, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\html, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\js, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\USERS\WILDE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok, En cuarentena, [227], [492335],1.0.7407
Archivo: 45
PUP.Optional.DriverPack, C:\USERS\WILDE\APPDATA\ROAMING\DRIVERPACK EASY SEARCH\SETUP.EXE, En cuarentena, [920], [564064],1.0.7407
PUP.Optional.DriverPack, C:\USERS\WILDE\APPDATA\ROAMING\~DRIVERPACK NOTIFIER\DRIVERPACKNOTIFIER.EXE, En cuarentena, [920], [564064],1.0.7407
PUP.Optional.DriverPack, C:\USERS\WILDE\APPDATA\ROAMING\~DRIVERPACK NOTIFIER\UNINSTALL.EXE, En cuarentena, [920], [564064],1.0.7407
PUP.Optional.DriverPack, C:\PROGRAM FILES\~DRIVERPACK NOTIFIER\DRIVERPACKNOTIFIER.EXE, En cuarentena, [920], [564064],1.0.7407
PUP.Optional.DriverPack, C:\PROGRAM FILES\~DRIVERPACK NOTIFIER\UNINSTALL.EXE, En cuarentena, [920], [564064],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\font\Campton-BoldDEMO1.woff, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\font\Campton-LightDEMO1.woff, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\font\mystart-font.woff2, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\html\css\options.css, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\html\css\popup.css, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\html\img\icn_check.png, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\html\background.html, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\html\options.html, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\html\popup.html, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\images\icons\128.png, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\images\icons\16.png, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\images\icons\48.png, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\images\128.png, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\images\neutral-icon.png, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\images\Panda-logo.png, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\images\Panda-watermask.png, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\images\safe-icon.png, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\images\unsafe-icon.png, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\js\api.js, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\js\appeventslisteners.js, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\js\content.js, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\js\contentscript.js, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\js\domparser.js, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\js\google-analytics.js, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\js\indexeddb.js, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\js\jquery-2.1.4.min.js, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\js\main.js, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\js\mwparser.js, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\js\options.js, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\js\popup.js, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\js\settings.js, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\js\webpagehelper.js, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\_metadata\verified_contents.json, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok\2.0.47_0\manifest.json, En cuarentena, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\USERS\WILDE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\USERS\WILDE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Sustituido, [227], [492335],1.0.7407
PUP.Optional.MyStart, C:\USERS\WILDE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [227], [492335],1.0.7407
PUP.Optional.SearchManager, C:\USERS\WILDE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [251], [501411],1.0.7407
PUP.Optional.SearchManager, C:\USERS\WILDE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [251], [501411],1.0.7407
PUP.Optional.SrchBar, C:\USERS\WILDE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [248], [454807],1.0.7407
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)
# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-10-12.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 10-17-2018
# Duration: 00:00:12
# OS: Windows 7 Ultimate
# Scanned: 31969
# Detected: 8
***** [ Services ] *****
PUP.Optional.Panda panda_url_filtering
***** [ Folders ] *****
PUP.Optional.DriverPack C:\Users\wilde\AppData\Roaming\DRPSu
PUP.Optional.Panda C:\Program Files\Panda Security URL Filtering
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{4E058417-4A28-4F1A-A4EA-089B4A6BDAB3}
PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{C75F1B85-F547-444B-A382-3879D9433C66}
PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{937E9BE4-D120-42AF-9F4D-0451C15CBD16}
PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E60608EF-07F5-4023-95AC-FDF9C765EE08}
***** [ Chromium (and derivatives) ] *****
PUP.Optional.Legacy ????? ??????a
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
AdwCleaner[S00].txt - [2000 octets] - [22/07/2018 17:57:07]
AdwCleaner[C00].txt - [1940 octets] - [22/07/2018 20:21:25]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
~ ZHPCleaner v2018.10.14.184 by Nicolas Coolman (2018/10/14) ~ Run by wilde (Administrator) (17/10/2018 23:05:33) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : ZHP ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Reparar ~ Report : C:\Users\wilde\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\wilde\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 7 Ultimate, 32-bit Service Pack 1 (Build 7601) —\ Alternate Data Stream (ADS). (0) ~ No malintencionados o innecesarios artículos encontrados. (ADS) —\ Servicios (0) ~ No malintencionados o innecesarios artículos encontrados. (Servicio) —\ Navegadores de Internet (0) ~ No malintencionados o innecesarios artículos encontrados. (Navegador) —\ Hosts carpeta (1) ~ El archivo hosts es legítimo (2) —\ Tareas automáticas programadas. (0) ~ No malintencionados o innecesarios artículos encontrados. (Tarea) —\ Explorador ( Archivos, Carpetas ) (3) MOVIDO archivo: C:\Program Files~DriverPack Notifier =>.SUP.DriverPack MOVIDO archivo: C:\ProgramData\panda_url_filtering =>.SUP.StartSearch MOVIDO archivo: C:\Users\wilde\AppData\Roaming~DriverPack Notifier =>.SUP.DriverPack —\ Registro ( Claves, Valores, Datos) (2) BORRADOS clave*: HKCU\Software\undefined =>.SUP.Downloader BORRADOS clave*: HKLM\SOFTWARE\Classes\Interface{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool] =>Toolbar.Ask —\ Resumen de elementos en su estación de trabajo (4) DriverPack, Logiciel Potentiellement Superflu - Zone Antimalware =>.SUP.DriverPack StartSearch, Logiciel Potentiellement Superflu. - Zone Antimalware =>.SUP.StartSearch Downloader, Logiciel Potentiellement Superflu. =>.SUP.Downloader Ask, Barre d’outils de navigateur. - Zone Antimalware =>Toolbar.Ask —\ Limpieza adicional. (2) ~ Clave de registro Tracing borrados (2) ~ Quitar los antiguos informes de ZHPCleaner. (0) —\ Resultado de la reparación. ~ Reparación llevada a cabo con éxito —\ STATISTIQUES ~ Items escaneado : 2774 ~ Items encontrado : 0 ~ artículos cancelados : 0 ~ Items opciones : 0/7 ~ Ahorro de espacio (bytes) : 0 ~ End of clean in 00h00mn23s —\ Reporte (2) ZHPCleaner-[S]-17102018-22_47_20.txt ZHPCleaner-[R]-17102018-23_05_56.txt
Artículos li
[ code] me aparece cuando abro el chome el aviso q adjunto. Desde q instale el malawarebytes. y el reporte del c clear no lo encuentro donde lo guardo en la compu tenía 4 items .
[/ code]
[Code] la compu sigue igual de lenta. Si pongo a reparar en el c clean , sale como no encuentra nada. Espero puedas seguir ayudándome. Saludos y gracias
Hola
1.- Descargá la herramienta Delfix a Tu escritorio.
Ejecutala, Tildá la casilla Remove disinfection tools y presioná Run
Al terminar Se abrirá un reporte llamado DelFix.txt, verifica que se hayan eliminado las herramientas usadas para desinfectar el Pc.
2.- Ejecuta un análisis con ESET Online. Cuando te salga esta pantalla:
Debes seguir estos pasos :
- 1.- Marcas
todas esas opciones. - 2.- Pulsar sobre " Cambiar……" y seleccionas todas las unidades de disco y/o usb que tengas.
- 3.- Pulsar en “Iniciar” y comenzara el análisis.
Con esto realizaras un análisis completo de todo el equipo, cuando termines todo el proceso, guardas el informe, que veras la opción para exportar/guardar en TXT y lo dejas guardado en tu escritorio para ponerlo en tu próxima respuesta.
Finalizas el proceso desinfectando los elementos encontrados y Reinicia tu PC, y nos pones el informe en tu próxima respuesta.
3.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.
Descarga a Tu Escritorio Farbar Recovery Scan Tool considerando la versión adecuada para tu equipo. (32 o 64 bits) 
¿Cómo saber si mi Windows es de 32 o 64 bits?
Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.
En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.
Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.
En Tu próxima respuesta, copias y pegas el reporte Frst.txt de FRST
NOTAS IMPORTANTES:
-
En Tu próxima respuesta, debes pegar los reportes de Eset Online y FRST
-
Debes copiar y pegar los reportes solicitados con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).
-
Envuelve cada uno de los informes con una etiqueta escrita
[CODE]al inicio del informe y otra como este[/CODE]al final del mismo. -
Nos comentas como sigue el problema original por el que abriste el tema.
Saludos
|C:\Users\wilde\Desktop\spyw\dfsetup222.exe|Win32/Bundled.Toolbar.Google.D aplicación potencialmente peligrosa|no se ha podido desinfectar - archivo eliminado|
|---|---|---|
|C:\Users\wilde\Downloads\CCleaner_v5.45.6611.exe|Win32/Bundled.Toolbar.Google.D aplicación potencialmente peligrosa|no se ha podido desinfectar - archivo eliminado|
|C:\Users\wilde\Downloads\ccsetup545.exe|Win32/Bundled.Toolbar.Google.D aplicación potencialmente peligrosa|no se ha podido desinfectar - archivo eliminado|
|C:\Users\wilde\Downloads\dfsetup222.exe|Win32/Bundled.Toolbar.Google.D aplicación potencialmente peligrosa|no se ha podido desinfectar - archivo eliminado|
|C:\Users\wilde\Downloads\FREEAV.exe|Win32/Visicom.C aplicación potencialmente indeseable|eliminado|
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10.10.2018
Ran by wilde (administrator) on WILDE-PC (18-10-2018 11:43:31)
Running from C:\Users\wilde\Desktop
Loaded Profiles: wilde & UpdatusUser (Available Profiles: wilde & UpdatusUser)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast Cleanup\TuneupUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast Cleanup\TuneupSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [7827712 2016-04-12] (Realtek Semiconductor)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [979328 2010-08-30] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-08-26] (AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2943951968-3168165516-1643759013-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [13684416 2018-07-20] (Piriform Ltd)
HKU\S-1-5-21-2943951968-3168165516-1643759013-1000\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [43984 2018-07-22] (Glarysoft Ltd)
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
IFEO\excel.exe: [Debugger] "C:\Program Files\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\groove.exe: [Debugger] "C:\Program Files\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\infopath.exe: [Debugger] "C:\Program Files\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\mep.exe: [Debugger] "C:\Program Files\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\misc.exe: [Debugger] "C:\Program Files\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\mstore.exe: [Debugger] "C:\Program Files\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\ois.exe: [Debugger] "C:\Program Files\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\winword.exe: [Debugger] "C:\Program Files\AVAST Software\Avast Cleanup\autoreactivator.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2018-08-11]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software)
BootExecute: autocheck autochk *
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{A147B3CE-DF66-4224-8D7F-981172687A25}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-2943951968-3168165516-1643759013-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com.ar/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2943951968-3168165516-1643759013-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-30] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-30] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
FireFox:
========
FF ProfilePath: C:\Users\wilde\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default [2018-10-17]
FF Homepage: Mozilla\Firefox\Profiles\nahd6ha2.default -> hxxps://www.malwarebytes.org/restorebrowser//
FF Extension: (Avast SafePrice) - C:\Users\wilde\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\[email protected] [2018-08-11]
FF Extension: (Avast Online Security) - C:\Users\wilde\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\[email protected] [2018-08-11]
FF SearchPlugin: C:\Users\wilde\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\yandex.ru-163124.xml [2017-06-02]
FF Extension: (Visual Bookmarks) - C:\Program Files\Mozilla Firefox\distribution\extensions\[email protected] [2016-03-04] [Legacy]
FF Extension: ("Yandex Elements") - C:\Program Files\Mozilla Firefox\distribution\extensions\[email protected] [2016-03-04] [Legacy]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com.ar/
CHR StartupUrls: Default -> "hxxp://www.google.com.ar/"
CHR NewTab: Default -> Active:"chrome-extension://ojnmgimpbjnldameangbfpkaolelhkhm/html/new_tab.html"
CHR Profile: C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default [2018-10-18]
CHR Extension: (Web Search) - C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiilajmkjokcpcmigcffjkjaedhnfon [2018-03-21]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Social Search) - C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojnmgimpbjnldameangbfpkaolelhkhm [2018-03-21]
CHR Extension: (Chrome Media Router) - C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-17]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6488376 2018-08-26] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-08-26] (AVAST Software)
R2 CleanupPSvc; C:\Program Files\AVAST Software\Avast Cleanup\TuneupSvc.exe [9116128 2018-10-02] (AVAST Software)
S2 KMService; C:\Windows\system32\srvany.exe [8192 2017-06-02] () [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5073376 2018-09-19] (Malwarebytes)
S4 MyEpson Portal Service; C:\Program Files\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (Seiko Epson Corporation)
R2 PandaAgent; C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe [86104 2016-07-19] (Panda Security, S.L.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167552 2018-08-26] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [188336 2018-08-26] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [164944 2018-08-26] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [284320 2018-08-26] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [57968 2018-08-26] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [196008 2018-08-26] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42808 2018-08-26] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [135376 2018-10-02] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [101056 2018-08-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [73264 2018-08-28] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [784112 2018-08-26] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [396536 2018-10-02] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [165928 2018-10-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [311328 2018-08-26] (AVAST Software)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [129248 2018-09-11] (Malwarebytes)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [25864 2018-07-28] (Glarysoft Ltd)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [175024 2018-10-17] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [101688 2018-10-18] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [51696 2018-10-18] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [229472 2018-10-18] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [81600 2018-10-18] (Malwarebytes)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [13216 2009-07-16] ()
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [17920 2014-01-12] (Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [76288 2014-01-12] (Nuvoton Technology Corp.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-10-18 11:43 - 2018-10-18 11:44 - 000012785 _____ C:\Users\wilde\Desktop\FRST.txt
2018-10-18 11:43 - 2018-10-18 11:43 - 000000000 ____D C:\FRST
2018-10-18 11:41 - 2018-10-18 11:41 - 000229472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-10-18 11:41 - 2018-10-18 11:41 - 000101688 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-10-18 11:41 - 2018-10-18 11:41 - 000081600 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-10-18 11:41 - 2018-10-18 11:41 - 000051696 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-10-18 11:36 - 2018-10-18 11:36 - 000001474 _____ C:\Users\wilde\Desktop\.txt
2018-10-18 10:35 - 2018-10-18 10:34 - 001774592 _____ (Farbar) C:\Users\wilde\Desktop\FRST.exe
2018-10-18 10:34 - 2018-10-18 10:34 - 001774592 _____ (Farbar) C:\Users\wilde\Downloads\FRST.exe
2018-10-18 10:25 - 2018-10-18 10:25 - 000000000 ____D C:\Program Files\ESET
2018-10-18 10:24 - 2018-10-18 10:24 - 002870984 _____ (ESET) C:\Users\wilde\Downloads\esetsmartinstaller_esn.exe
2018-10-18 10:24 - 2018-10-18 10:24 - 002870984 _____ (ESET) C:\Users\wilde\Desktop\esetsmartinstaller_esn.exe
2018-10-18 10:19 - 2018-10-18 10:19 - 000797760 _____ C:\Users\wilde\Downloads\delfix.exe
2018-10-18 09:49 - 2018-10-18 09:49 - 000000259 _____ C:\DelFix1.txt
2018-10-17 23:09 - 2018-10-17 23:09 - 000001606 _____ C:\Users\wilde\Desktop\cc_20181017_230939.reg
2018-10-17 21:18 - 2018-10-17 23:05 - 000000000 ____D C:\Users\wilde\AppData\Roaming\ZHP
2018-10-17 21:18 - 2018-10-17 21:18 - 000000000 ____D C:\Users\wilde\AppData\Local\ZHP
2018-10-17 21:07 - 2018-10-17 21:07 - 000013832 _____ C:\Users\wilde\Desktop\Malwarebytes..txt
2018-10-17 20:53 - 2018-10-17 20:53 - 000175024 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-10-17 20:53 - 2018-10-17 20:53 - 000002031 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-10-17 20:53 - 2018-10-17 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-10-17 20:53 - 2018-09-11 13:18 - 000129248 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2018-10-17 20:37 - 2018-10-17 20:37 - 000000000 ____D C:\Users\wilde\AppData\Local\mbam
2018-10-17 20:34 - 2018-10-17 20:34 - 000000000 ____D C:\Users\wilde\AppData\Local\mbamtray
2018-10-17 19:32 - 2018-10-17 20:53 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-10-17 19:17 - 2018-10-17 19:17 - 080509968 _____ (Malwarebytes ) C:\Users\wilde\Desktop\mb3-setup-consumer-3.6.1.2711-1.0.463-1.0.7401.exe
2018-10-17 19:15 - 2018-10-17 19:17 - 080509968 _____ (Malwarebytes ) C:\Users\wilde\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.463-1.0.7401.exe
2018-10-17 18:53 - 2018-10-18 11:24 - 000000000 ____D C:\Users\wilde\Desktop\spyw
2018-10-01 19:19 - 2018-10-01 19:19 - 000407560 _____ C:\Windows\system32\FNTCACHE.DAT
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-10-18 11:42 - 2018-03-20 19:29 - 000000000 ____D C:\Users\wilde\AppData\Local\AVAST Software
2018-10-18 11:40 - 2009-07-14 01:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-10-18 10:19 - 2018-07-24 14:25 - 000000259 _____ C:\DelFix.txt
2018-10-18 03:10 - 2009-07-14 01:34 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-10-18 03:10 - 2009-07-14 01:34 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-10-18 02:45 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\inf
2018-10-17 21:06 - 2017-06-02 16:36 - 000000000 ____D C:\Users\wilde\AppData\Roaming\DriverPack Easy Search
2018-10-17 18:48 - 2017-09-21 13:58 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2018-10-17 18:48 - 2017-09-21 13:58 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2018-10-17 18:48 - 2017-09-21 13:58 - 000000000 ____D C:\Windows\system32\Macromed
2018-10-02 22:27 - 2009-07-14 01:52 - 000000000 ____D C:\Windows\system32\FxsTmp
2018-10-02 20:44 - 2018-08-16 17:14 - 000000000 ____D C:\Users\wilde\AppData\Roaming\AVAST Software
2018-10-02 20:16 - 2017-06-03 11:15 - 000002175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-02 20:16 - 2017-06-03 11:15 - 000002134 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-10-02 20:14 - 2018-08-11 20:42 - 000165928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-10-02 20:14 - 2018-08-11 20:42 - 000135376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-10-02 20:13 - 2018-08-11 20:42 - 000396536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-10-02 20:09 - 2017-06-20 15:16 - 000000000 ____D C:\Program Files\CCleaner
2018-10-01 21:22 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\system32\NDF
2018-10-01 19:49 - 2017-06-03 19:32 - 000000000 ____D C:\Users\wilde\AppData\Local\ElevatedDiagnostics
==================== Files in the root of some directories =======
2018-03-22 12:03 - 2018-05-25 08:31 - 000000354 _____ () C:\Users\wilde\AppData\Roaming\WB.CFG
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-10-18 09:10
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10.10.2018
Ran by wilde (18-10-2018 11:44:55)
Running from C:\Users\wilde\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2017-06-02 19:19:23)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-2943951968-3168165516-1643759013-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-2943951968-3168165516-1643759013-1003 - Limited - Enabled)
Invitado (S-1-5-21-2943951968-3168165516-1643759013-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-2943951968-3168165516-1643759013-1001 - Limited - Enabled) => C:\Users\UpdatusUser
wilde (S-1-5-21-2943951968-3168165516-1643759013-1000 - Administrator - Enabled) => C:\Users\wilde
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Actualización de NVIDIA 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Adobe Flash Player 31 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Argente - Registry Cleaner 3.1.2.0 (HKLM\...\Argente - Registry Cleaner_is1) (Version: 3.1.2.0 - Raúl Argente)
Avast Cleanup Premium (HKLM\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 18.2.5796 - AVAST Software)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software)
Calculadora (HKLM\...\Calculadora_is1) (Version: 3.2.0.405 - ROASOFT)
CCleaner (HKLM\...\CCleaner) (Version: 5.45 - Piriform)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Desinstalador de impresoras EPSON TX133 TX135 Series (HKLM\...\EPSON TX133 TX135 Series) (Version: - SEIKO EPSON Corporation)
Epson Easy Photo Print 2 (HKLM\...\{E65AE514-9C14-48DE-BAE5-64A4F9CB6FE5}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery (HKLM\...\EEPPPlugIn) (Version: - SEIKO EPSON Corporation)
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery Setup (HKLM\...\{7B7044AE-6D1F-456D-B2BA-28BFFFAF3F71}) (Version: 1.00.0000 - SEIKO EPSON Corporation) Hidden
Epson Event Manager (HKLM\...\{8A17C27D-0325-400C-8AA9-DAA6B16CBD74}) (Version: 2.40.0009 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Glary Utilities 5.102 (HKLM\...\Glary Utilities 5) (Version: 5.102.0.124 - Glarysoft Ltd)
Google Chrome (HKLM\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft .NET Framework 4.7.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Mozilla Firefox 61.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 61.0.2 (x86 en-US)) (Version: 61.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.0.6525 - Mozilla)
MyEpson Portal (HKLM\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.0.0.12 - SEIKO EPSON CORPORATION) Hidden
MyEpson Portal (HKLM\...\MyEpson Portal) (Version: - SEIKO EPSON Corporation)
NVIDIA Controlador de gráficos 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 309.08 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
Opera Stable 42.0.2393.137 (HKLM\...\Opera 42.0.2393.137) (Version: 42.0.2393.137 - Opera Software)
Opera Stable 55.0.2994.37 (HKLM\...\Opera 55.0.2994.37) (Version: 55.0.2994.37 - Opera Software)
Panda Devices Agent (HKLM\...\{3F9548B2-0B34-4453-A92E-35056B053F19}) (Version: 1.08.00 - Panda Security) Hidden
Panda Devices Agent (HKLM\...\Panda Devices Agent) (Version: 1.03.08 - Panda Security) Hidden
Panel de control de NVIDIA 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 309.08 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7791 - Realtek Semiconductor Corp.)
WinRAR 5.60 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-08-26] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-08-26] (AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2018-03-02] (Glarysoft Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2018-03-02] (Glarysoft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-08-26] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-01-30] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-08-26] (AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2018-03-02] (Glarysoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0185393C-F5AB-4649-9AE4-EA17AAA4D9B8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-10-02] (AVAST Software)
Task: {0356E0D0-9E3B-4665-AF54-39F71CEA986D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-07-20] (Piriform Ltd)
Task: {0C2D5A09-CA03-4EA6-B7F1-73777ED8E09E} - System32\Tasks\Opera scheduled Autoupdate 1534028425 => c:\program files\opera\launcher.exe [2018-08-14] (Opera Software)
Task: {0DD44E42-2899-4C82-87F1-E8950D3DFB4E} - System32\Tasks\Avast TUNEUP Update => C:\Program Files\AVAST Software\Avast Cleanup\TUNEUpdate.exe [2018-10-02] (AVAST Software)
Task: {0E26761E-D84D-42DB-BD84-2F59B88A5456} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-06-03] (Google Inc.)
Task: {1251335A-6064-45E2-8F34-C58BB4E0BA2D} - System32\Tasks\{E0C76653-FC37-403F-98D2-ECCFEEFE3A91} => C:\Users\wilde\Downloads\Dummper\Dumpper.exe
Task: {29C82526-A955-4F64-81EF-89AE5BF98F24} - System32\Tasks\{E8872987-3C9D-4CD0-80E9-C3A276E3F171} => C:\Users\wilde\Downloads\Dummper\Dumpper.exe
Task: {37D22ED1-A736-4E68-8F1D-733156DABB90} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-26] (AVAST Software)
Task: {4BC69D8F-9670-466C-AE05-A9D4E37BA758} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_31_0_0_122_pepper.exe [2018-10-17] (Adobe Systems Incorporated)
Task: {63E6CA81-DD13-4F16-A266-64ED80C49BB5} - System32\Tasks\{E3890D1A-4E5B-41CC-8019-C3A512B9BA8C} => C:\Program Files\Google\Chrome\Application\chrome.exe
Task: {6930C0AE-891E-4076-8F8D-ED6817809DE6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-07-20] (Piriform Ltd)
Task: {75CA424D-5A77-42F0-91EB-12E31D969C77} - System32\Tasks\{510C0F76-8C4E-4D75-BEAB-140C5D714415} => C:\Users\wilde\Downloads\Dummper\Dumpper.exe
Task: {86F55B76-BBD9-4E4A-9C41-87217ABB6799} - System32\Tasks\{4E5A7BBB-CD1B-44B8-B4FF-9893D67E537D} => C:\Program Files\Google\Chrome\Application\chrome.exe
Task: {B4B3F860-F45A-4F46-97E1-2D449D34877F} - System32\Tasks\{FE2A19CE-0A5B-4525-BF7E-9CEE8BE7F5F0} => C:\Users\wilde\Downloads\Dummper\Dumpper.exe
Task: {B4D1324F-5010-4D35-9A89-873BFDF02DF1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-06-03] (Google Inc.)
Task: {CF60AB34-B257-49B9-96F1-45D59B687E13} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-17] (Adobe Systems Incorporated)
Task: {D74131E8-9A85-4BF0-9D25-C5D7601B4B22} - System32\Tasks\{10A515CB-51B4-4A22-8AE6-1EC2B2753AE5} => C:\Program Files\Google\Chrome\Application\chrome.exe
Task: {E840CBA4-5B7E-4B04-99EA-308801EBACF6} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-08-26 19:45 - 2018-08-26 19:45 - 000575704 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-10-17 18:35 - 2018-10-17 18:35 - 005710992 _____ () C:\Program Files\AVAST Software\Avast\defs\18101708\algo.dll
2018-08-26 19:45 - 2018-08-26 19:45 - 000896216 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-08-26 19:44 - 2018-08-26 19:44 - 000541400 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-08-26 19:44 - 2018-08-26 19:44 - 000151768 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-08-26 19:44 - 2018-08-26 19:44 - 000986840 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-10-18 11:42 - 2018-10-18 11:42 - 005712016 _____ () C:\Program Files\AVAST Software\Avast\defs\18101802\algo.dll
2017-06-02 16:36 - 2015-01-30 21:48 - 000078480 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2010-01-30 02:41 - 2010-01-30 02:41 - 004254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2018-08-11 20:51 - 2016-09-12 15:53 - 048936448 _____ () C:\Program Files\AVAST Software\Avast Cleanup\libcef.dll
2018-08-16 17:13 - 2018-08-16 17:13 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-07-20 14:21 - 2018-07-20 14:21 - 000095168 _____ () C:\Program Files\CCleaner\lang\lang-1034.dll
2018-10-17 20:53 - 2018-09-12 17:57 - 002281640 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-10-17 20:53 - 2018-09-12 11:35 - 002230048 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 23:04 - 2018-08-26 19:41 - 000000036 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2943951968-3168165516-1643759013-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\wilde\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{EFFAB987-6F27-4919-B66C-741219BDB36B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{BEB3126E-ABFE-46FA-AA33-0FCEB61590DE}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [TCP Query User{A3772037-95CF-4B4F-9F35-5129EFB1B612}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{C4DB43A4-3BA6-4105-8875-EA0FE7EF3873}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [{B3D34057-4B8B-4CC8-A66A-C643362C1CEF}] => (Allow) C:\Program Files\Opera\54.0.2952.64\opera.exe
FirewallRules: [TCP Query User{2A6FEDB0-6160-49BE-BCC1-A013A9F6EA9E}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{481F264C-1DF0-4044-AFF6-7898B2C1BCF2}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [{8EE5CBB2-FC5C-41C8-81AD-7785728A5156}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3F281D92-23B6-4911-ABBD-17B9C78A5CF2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D015C712-9EE8-42D3-9DE1-6DB8D7D68F11}] => (Allow) c:\program files\opera\55.0.2994.37\opera.exe
FirewallRules: [{7093DDCE-2317-4AD4-B6DC-488B79A7C8F8}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{EF47311F-14E7-40C2-BABA-1D97466B9A2A}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{FD3F00CC-93A2-43B2-951F-A48AB8E61251}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
23-08-2018 16:10:54 Instalador de Módulos de Windows
01-09-2018 19:33:53 Punto de control programado
01-10-2018 19:49:44 Punto de control programado
18-10-2018 09:17:02 Punto de control programado
==================== Faulty Device Manager Devices =============
Name: Adaptador de tunelización Teredo de Microsoft
Description: Adaptador de tunelización Teredo de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/18/2018 11:39:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbamservice.exe, versión: 3.2.0.704, marca de tiempo: 0x5b9acc47
Nombre del módulo con errores: SelfProtectionSdk.dll, versión: 3.0.0.360, marca de tiempo: 0x5b995b6a
Código de excepción: 0x40000015
Desplazamiento de errores: 0x001201ef
Id. del proceso con errores: 0xac8
Hora de inicio de la aplicación con errores: 0x01d46677e1e88b50
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Ruta de acceso del módulo con errores: C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
Id. del informe: 996c2a20-d2e3-11e8-b3c7-485b395d497f
Error: (10/17/2018 07:31:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbamservice.exe, versión: 3.1.0.667, marca de tiempo: 0x5ad8de5a
Nombre del módulo con errores: CleanControllerImpl.dll_unloaded, versión: 0.0.0.0, marca de tiempo: 0x5b312a53
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x04b28c47
Id. del proceso con errores: 0x121c
Hora de inicio de la aplicación con errores: 0x01d466679e07f7f0
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Ruta de acceso del módulo con errores: CleanControllerImpl.dll
Id. del informe: 60f77370-d25c-11e8-99b6-485b395d497f
Error: (10/17/2018 07:15:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbamservice.exe, versión: 3.1.0.667, marca de tiempo: 0x5ad8de5a
Nombre del módulo con errores: CleanControllerImpl.dll, versión: 3.1.0.423, marca de tiempo: 0x5b312a53
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x002c8c47
Id. del proceso con errores: 0x17f8
Hora de inicio de la aplicación con errores: 0x01d46665759c7180
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Ruta de acceso del módulo con errores: C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\CleanControllerImpl.dll
Id. del informe: 2d2ab7c0-d25a-11e8-99b6-485b395d497f
Error: (10/17/2018 06:59:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbamservice.exe, versión: 3.1.0.667, marca de tiempo: 0x5ad8de5a
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0xfed6fe4b
Id. del proceso con errores: 0xe04
Hora de inicio de la aplicación con errores: 0x01d466636b5e13b0
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Ruta de acceso del módulo con errores: unknown
Id. del informe: e84a47d0-d257-11e8-99b6-485b395d497f
Error: (10/02/2018 11:06:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa escndv.exe, versión 3.7.8.0, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.
Identificador de proceso: 4f8
Hora de inicio: 01d45abcb0428d10
Hora de finalización: 1152
Ruta de acceso de la aplicación: C:\Windows\twain_32\escndv\escndv.exe
Identificador de informe: ac3bbce1-c6b0-11e8-8876-485b395d497f
Error: (10/01/2018 07:34:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (1472) WebCacheLocal: Error -1811 (0xfffff8ed) al abrir un archivo de registro C:\Users\wilde\AppData\Local\Microsoft\Windows\WebCache\V01.log.
Error: (08/27/2018 03:21:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa Explorer.EXE, versión 6.1.7601.23537, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.
Identificador de proceso: a98
Hora de inicio: 01d43d8d81551960
Hora de finalización: 1847
Ruta de acceso de la aplicación: C:\Windows\Explorer.EXE
Identificador de informe: edec2c31-aa25-11e8-915b-485b395d497f
Error: (08/23/2018 04:07:31 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: No se pudo crear el punto de restauración (proceso = C:\Windows\system32\svchost.exe -k netsvcs; descripción = Windows Update; error = 0x81000101).
System errors:
=============
Error: (10/17/2018 09:17:01 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 20) (User: NT AUTHORITY)
Description: Error de hardware irrecuperable.
Componente: AMD Northbridge
Origen del error: 3
Tipo de error: 2
Identificador del procesador: 0
La vista de detalles de esta entrada contiene más información.
Error: (10/17/2018 09:16:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media no pudo iniciarse debido al siguiente error:
No se puede iniciar el servicio debido a un error en el inicio de sesión.
Error: (10/17/2018 09:16:05 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: El servicio WMPNetworkSvc no se pudo iniciarse como NT AUTHORITY\NetworkService con la contraseña configurada actualmente debido al siguiente error:
Solicitud no compatible.
Para asegurarse de que el servicio esté correctamente configurado, use el complemento Servicios en Microsoft Management Console (MMC).
Error: (10/17/2018 09:15:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Avast Cleanup Premium terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 5000 milisegundos: Reiniciar el servicio.
Error: (10/17/2018 09:15:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio NVIDIA Display Driver Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (10/17/2018 09:15:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.
Error: (10/17/2018 09:15:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio NVIDIA Update Service Daemon se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (10/17/2018 08:39:16 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: El servicio "WMPNetworkSvc" no se puede iniciar correctamente debido al error "0x80004005" en CoCreateInstance(CLSID_UPnPDeviceFinder). Compruebe que el servicio UPnPHost esté en ejecución y que el componente UPnPHost de Windows esté instalado correctamente.
==================== Memory info ===========================
Processor: AMD Sempron(tm) 140 Processor
Percentage of memory in use: 41%
Total physical RAM: 2815.29 MB
Available physical RAM: 1638.55 MB
Total Virtual: 5630.58 MB
Available Virtual: 4556.9 MB
==================== Drives ================================
Drive c: (sistema) (Fixed) (Total:146.48 GB) (Free:100.17 GB) NTFS
Drive d: (datos) (Fixed) (Total:151.51 GB) (Free:151.23 GB) NTFS
\\?\Volume{27138484-47c7-11e7-bb46-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 336C336C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=151.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=146.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
la compu sigue lenta y el cartel que te mencione que sale del bloqueo debido a troyano, sigue apareciendo(el que te mande antes en la foto). gracias
Hola
Sigue con atención, porque vas a tener que realizar varios pasos. momentaneamente vas a quedar sin antivirus, asi que NO descargues NI instales nada que no te indiquemos.
Vas a desinstalar los siguientes antivirus:
Avast
Panda Security
Para ello, sigue las instrucciones del siguente enlace:
Abrí un nuevo archivo Notepad y copia y pega este contenido:
Start
CreateRestorePoint:
CloseProcesses
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe
C:\Program Files\Panda Security
(Glarysoft Ltd) HKU\S-1-5-18…\RunOnce: [SPReview] => “C:\Windows\System32\SPReview\SPReview.exe” /sp:1 /errorfwlink:“hxxp://go.microsoft.com/fwlink/?
CHR HomePage: Default -> hxxp://www.google.com.ar/ CHR StartupUrls: Default -> “hxxp://www.google.com.ar/” CHR NewTab: Default -> Active:“chrome-extension://ojnmgimpbjnldameangbfpkaolelhkhm/html/new_tab.html” CHR Profile: C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default [2018-10-18] CHR Extension: (Web Search) - C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiilajmkjokcpcmigcffjkjaedhnfon
C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-17] CHR HKLM…\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM…\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
task: {0C2D5A09-CA03-4EA6-B7F1-73777ED8E09E} - System32\Tasks\Opera scheduled Autoupdate 1534028425 => c:\program files\opera\launcher.exe [2018-08-14] (Opera Software)
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
RemoveProxy:
EmptyTemp:
Hosts:
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
- Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.
Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.
- Ejecutas Frst.exe.
- Presionas el botón Fix y aguardas a que termine.
- La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
- Lo pegas en tu próxima respuesta.
Nos comentas como sigue el PC.
Saludos
Fix result of Farbar Recovery Scan Tool (x86) Version: 10.10.2018
Ran by wilde (18-10-2018 16:14:31) Run:1
Running from C:\Users\wilde\Desktop
Loaded Profiles: wilde & UpdatusUser (Available Profiles: wilde & UpdatusUser)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe
C:\Program Files\Panda Security
(Glarysoft Ltd) HKU\S-1-5-18�\RunOnce: [SPReview] => �C:\Windows\System32\SPReview\SPReview.exe� /sp:1 /errorfwlink:�hxxp://go.microsoft.com/fwlink/?
CHR HomePage: Default -> hxxp://www.google.com.ar/ CHR StartupUrls: Default -> �hxxp://www.google.com.ar/� CHR NewTab: Default -> Active:�chrome-extension://ojnmgimpbjnldameangbfpkaolelhkhm/html/new_tab.html� CHR Profile: C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default [2018-10-18] CHR Extension: (Web Search) - C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgiilajmkjokcpcmigcffjkjaedhnfon
C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-17] CHR HKLM�\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM�\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
task: {0C2D5A09-CA03-4EA6-B7F1-73777ED8E09E} - System32\Tasks\Opera scheduled Autoupdate 1534028425 => c:\program files\opera\launcher.exe [2018-08-14] (Opera Software)
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
RemoveProxy:
EmptyTemp:
Hosts:
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************
Restore point was successfully created.
CloseProcesses => Error: No automatic fix found for this entry.
C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe
"C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe" => Could not close process
C:\Program Files\Panda Security => moved successfully
"HKU\(Glarysoft Ltd) S-1-5-18�\Software\Microsoft\Windows\CurrentVersion\RunOnce\\(Glarysoft Ltd) SPReview" => not found
"Chrome StartupUrls" => removed successfully.
"C:\Users\wilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-17] CHR HKLM�\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM�\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{0C2D5A09-CA03-4EA6-B7F1-73777ED8E09E}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C2D5A09-CA03-4EA6-B7F1-73777ED8E09E}" => removed successfully.
C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1534028425 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1534028425" => removed successfully.
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= End of CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
Adaptador de Ethernet Conexi¢n de rea local:
Sufijo DNS espec¡fico para la conexi¢n. . :
V¡nculo: direcci¢n IPv6 local. . . : fe80::d9da:a24f:bc21:310%10
Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.105
M scara de subred . . . . . . . . . . . . : 255.255.255.0
Puerta de enlace predeterminada . . . . . : 192.168.0.1
========= End of CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
0 out of 0 jobs canceled.
========= End of CMD: =========
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.
"HKU\S-1-5-21-2943951968-3168165516-1643759013-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-2943951968-3168165516-1643759013-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.
========= End of RemoveProxy: =========
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-2943951968-3168165516-1643759013-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-2943951968-3168165516-1643759013-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.
========= End of RemoveProxy: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= End of CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
Adaptador de Ethernet Conexi¢n de rea local:
Sufijo DNS espec¡fico para la conexi¢n. . :
V¡nculo: direcci¢n IPv6 local. . . : fe80::d9da:a24f:bc21:310%10
Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.105
M scara de subred . . . . . . . . . . . . : 255.255.255.0
Puerta de enlace predeterminada . . . . . : 192.168.0.1
========= End of CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= End of CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
0 out of 0 jobs canceled.
========= End of CMD: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= End of CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
Adaptador de Ethernet Conexi¢n de rea local:
Sufijo DNS espec¡fico para la conexi¢n. . :
V¡nculo: direcci¢n IPv6 local. . . : fe80::d9da:a24f:bc21:310%10
Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.105
M scara de subred . . . . . . . . . . . . : 255.255.255.0
Puerta de enlace predeterminada . . . . . : 192.168.0.1
========= End of CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= End of CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
0 out of 0 jobs canceled.
========= End of CMD: =========
========= netsh advfirewall reset =========
Aceptar
========= End of CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Aceptar
========= End of CMD: =========
========= netsh int ipv4 reset =========
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= End of CMD: =========
========= netsh int ipv6 reset =========
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= End of CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 3167112 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 318656 B
Edge => 0 B
Chrome => 18287703 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
LocalService => 0 B
NetworkService => 4844 B
wilde => 66561067 B
UpdatusUser => 0 B
RecycleBin => 0 B
EmptyTemp: => 92.2 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 16:15:28 ====
sigue lenta, pero el cartel que me salia ya no esta.
el cartel del bloqueo del troyano volvio a salir
Hola
Reestablecer la Configuraciòn de Google Chrome
Nos comentas acerca del problema de Chrome y del funcionamiento del PC.
ahora si, volvio a funcionar adecuadamente y se fue el cartel , mil gracias, como saque el antivirus, cual me aconsejas que baje y como cierro el post?muy agradecida por tu tiempo .
Hola
Descargá la herramienta Delfix a Tu escritorio.
Ejecutala, Tildá la casilla Remove disinfection tools y presioná Run
Al terminar Se abrirá un reporte llamado DelFix.txt, verifica que se hayan eliminado las herramientas usadas para desinfectar el Pc.
Podes usar cualquier antivirus free, PERO SOLO UNO, porque gran parte del problema que tenia Tu PC era la coexistencia de dos antivirus.
Tema Solucionado
Como dar por Solucionado un Tema
Ok perfecto. Gracias x todo
Este tema se cerró automáticamente 2 días después del último post. No se permiten nuevas respuestas.