No puedo abrir avast antivirus free


#1

Cuando enciendo la PC (Windows XP) sale una ventana que Avlaunch.exe debe cerrarse debido a un error y puedo o no enviar el informe. Cerrada esa ventana deje de tener activo el Avast antivirus free y tampoco me permite abrirlo. Veo que está detenido, trato de iniciarlo y no se activa. Agradecería una ayuda.


#2

Hola

Utiliza la Herramienta Específica de Desinstalación para desinstalar ese antivirus

https://forospyware.com/t/herramientas-de-desinstalacion-de-antivirus-antispyware-y-firewall/99/4

NOTA: No descargues nada ni instales nada que no te solicitemos, puesto que estaras momentaneamente SIN antivirus y podrias entorpecer el trabajo de limpieza.

Nos comentas como te fue con este procedimiento …


#3

Hola Leo; gracias por tu pronta respuesta. Seguí los pasos indicados y descargué Avastclear.exe, inice la PC en modo seguro y ejecute el Avastclear, a continuación salió una ventana: c/Documents and Settings/administrador/escritorio/avastclear.exe no es una aplicación Win32 válida y botón de aceptar


#4

Hola

Vamos con este metodo …

Nos comentas …


#5

se abre la ventana de herramienta de comprobación de instrumental de administración de Windows, tengo que clickear en conectar??? Gracias!


#6

Tal cual esta explicado en la guía …


#7

Pulse conectar, abre otra ventana y coloqué root/securitycenter, se abre otra ventana con la siguiente leyenda: Número: 0x8004100e Recurso: WMI Descripción: Espacio de nombres no válido botón de descartar

Cuando se abre la ventana de conectar en nombre dice: root/default


#8

Hola

Descarga Farbar Recovery Scan Tool en el escritorio de Tu PC. Selecciona la versión adecuada para la arquitectura (32 o 64bits) de tu equipo.

Como saber si Mi Windows es de 32 0 64 Bits`

  • Ejecuta FRST.exe
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

En Tu próxima respuesta, debes pegar los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Envuelve cada uno de los informes con una etiqueta escrita CODE_Inicial al inicio del informe y otra como este CODE_Final al final del mismo.

Saludos


#9

Quiero saber si es 32 o 64 y cuando ejecuto sale ventana que windows no puede encontrar el archivo msinfo32.exe


#10

Proba con las dos herramientas …


#11

ok, perfecto! Gracias!


#12

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-01-2019
Ran by Administrador (administrator) on ORDENADOR (07-01-2019 17:49:06)
Running from C:\Documents and Settings\Administrador\Escritorio
Loaded Profiles: Administrador (Available Profiles: Administrador)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: Español (alfabetización internacional)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Digital Care Solutions) C:\Archivos de programa\BDServices\BitDefenderCOM.exe
(HP) C:\WINDOWS\system32\HPZipm12.exe
(Google Inc.) C:\Archivos de programa\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Archivos de programa\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Archivos de programa\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Archivos de programa\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Archivos de programa\AVAST Software\Avast\AvLaunch.exe [242392 2018-11-20] (AVAST Software)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKU\S-1-5-19\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-19\...\RunOnce: [IE8] => rundll32 advpack.dll,LaunchINFSection IE8.INF,FirstUserStart
HKU\S-1-5-19\...\RunOnce: [ShowDeskFix] => regsvr32 /s /n /i:u shell32
HKU\S-1-5-19\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\S-1-5-19\...\Policies\Explorer: [NoSMMyPictures] 1
HKU\S-1-5-19\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-19\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-20\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-20\...\RunOnce: [IE8] => rundll32 advpack.dll,LaunchINFSection IE8.INF,FirstUserStart
HKU\S-1-5-20\...\RunOnce: [ShowDeskFix] => regsvr32 /s /n /i:u shell32
HKU\S-1-5-20\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoSMMyPictures] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-20\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-527237240-839522115-1177238915-500\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\S-1-5-21-527237240-839522115-1177238915-500\...\Policies\Explorer: [NoSMMyPictures] 1
HKU\S-1-5-21-527237240-839522115-1177238915-500\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-527237240-839522115-1177238915-500\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-527237240-839522115-1177238915-500\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-527237240-839522115-1177238915-500\...\MountPoints2: {00349893-610c-11e4-a8b9-001a4df77074} - J:\USBAutoRun.exe
HKU\S-1-5-21-527237240-839522115-1177238915-500\...\MountPoints2: {84ca1a70-a0e5-11e4-a8e1-001a4df77074} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL drivers\setup.exe
HKU\S-1-5-18\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-18\...\RunOnce: [IE8] => rundll32 advpack.dll,LaunchINFSection IE8.INF,FirstUserStart
HKU\S-1-5-18\...\RunOnce: [ShowDeskFix] => regsvr32 /s /n /i:u shell32
HKU\S-1-5-18\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoSMMyPictures] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 1
HKLM\...\Drivers32: [msacm.trspch] => C:\WINDOWS\system32\tssoft32.acm [8192 2008-04-14] (DSP GROUP, INC.)
HKLM\...\Drivers32: [VIDC.I420] => C:\WINDOWS\system32\msh263.drv [294912 2012-11-14] (Microsoft Corporation)
HKLM\...\Drivers32: [vidc.iv31] => C:\WINDOWS\system32\ir32_32.dll [199168 2008-04-14] ()
HKLM\...\Drivers32: [vidc.iv32] => C:\WINDOWS\system32\ir32_32.dll [199168 2008-04-14] ()
HKLM\...\Drivers32: [vidc.iv41] => C:\WINDOWS\system32\ir41_32.ax [848384 2008-04-14] (Intel Corporation)
HKLM\...\Drivers32: [msacm.msaudio1] => C:\WINDOWS\system32\msaud32.acm [282654 2012-11-14] (Microsoft Corporation)
HKLM\...\Drivers32: [msacm.sl_anet] => C:\WINDOWS\system32\sl_anet.acm [86016 2008-04-14] (Sipro Lab Telecom Inc.)
HKLM\...\Drivers32: [msacm.iac2] => C:\WINDOWS\system32\iac25_32.ax [199680 2008-04-14] (Intel Corporation)
HKLM\...\Drivers32: [vidc.iv50] => C:\WINDOWS\system32\ir50_32.dll [755200 2008-04-14] (Intel Corporation)
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [243200 2011-06-24] ()
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [216064 2011-12-07] ( )
HKLM\...\Drivers32: [VIDC.HFYU] => C:\WINDOWS\system32\huffyuv.dll [39936 2004-05-18] (Disappearing Inc.)
HKLM\...\Drivers32: [VIDC.FFDS] => C:\WINDOWS\system32\ff_vfw.dll [112640 2013-05-31] ()
HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw.dll [3649536 2013-03-17] (x264vfw project)
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [151552 2011-12-21] (fccHandler)
HKLM\...\Drivers32: [msacm.l3codecp] => C:\WINDOWS\system32\l3codecp.acm [232448 2012-11-14] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> C:\WINDOWS\inf\unregmp2.exe [2012-11-14] (Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{26923b43-4d38-484f-9b9e-de460746276c}] -> C:\WINDOWS\system32\shmgrate.exe [2008-04-14] (Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] -> C:\WINDOWS\system32\IEDKCS32.DLL [2014-03-06] (Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] -> C:\WINDOWS\system32\ieudinit.exe [2012-11-14] (Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] -> 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{4b218e3e-bc98-4770-93d3-2731b9329278}] -> 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> C:\WINDOWS\system32\advpack.dll [2012-11-14] (Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Archivos de programa\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe [2016-06-16] (Google Inc.)
BootExecute: autocheck autochk * sdnclean.exe
GroupPolicy\User: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-527237240-839522115-1177238915-500] => localhost:8080
AutoConfigURL: [S-1-5-21-527237240-839522115-1177238915-500] => localhost:8080
Tcpip\Parameters: [DhcpNameServer] 200.42.4.207 200.49.130.47
Tcpip\..\Interfaces\{84B2BE2A-146A-4C9D-83AA-A94B837DD3FF}: [DhcpNameServer] 200.49.130.40 200.42.4.203
Tcpip\..\Interfaces\{DFDA29B0-F962-45C5-BDDD-9D86E0254D2A}: [DhcpNameServer] 200.42.4.207 200.49.130.47

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-527237240-839522115-1177238915-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-527237240-839522115-1177238915-500\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
URLSearchHook: [S-1-5-21-527237240-839522115-1177238915-500] ATTENTION => Default URLSearchHook is missing
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-527237240-839522115-1177238915-500 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-527237240-839522115-1177238915-500 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Archivos de programa\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-11] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Archivos de programa\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-527237240-839522115-1177238915-500 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} -  No File
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-27] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-27] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-27] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-27] (Microsoft Corporation)
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} -  No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} -  No File
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Help\hxds.dll [2009-05-22] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-27] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-27] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} -  No File
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} -  No File
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Archivos de programa\Windows Live\Mail\mailcomm.dll [2010-04-16] (Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-08-14] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-14] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\ARCHIV~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\ARCHIV~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Archivos de programa\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Archivos de programa\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Archivos de programa\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)

Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://www.google.com.ar/"
CHR Profile: C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Google\Chrome\User Data\Default [2019-01-07]
CHR Extension: (Google Drive) - C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-04]
CHR Extension: (Búsqueda de Google) - C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Gmail) - C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-04]
CHR Profile: C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Google\Chrome\User Data\Profile 2 [2018-04-24]
CHR Extension: (Google Drive) - C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-17]
CHR Extension: (YouTube) - C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-24]
CHR Extension: (Búsqueda de Google) - C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-24]
CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-27]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR Extension: (Gmail) - C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-24]
CHR Profile: C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Google\Chrome\User Data\System Profile [2018-04-24]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-12-14] (Adobe Systems Incorporated) [File not signed]
S3 aswbIDSAgent; C:\Archivos de programa\AVAST Software\Avast\aswidsagent.exe [6799632 2018-11-20] (AVAST Software)
S2 avast! Antivirus; C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe [324000 2018-11-20] (AVAST Software)
R2 BitDefenderCOM; C:\Archivos de programa\BDServices\BitDefenderCom.exe [773632 2016-11-21] (Digital Care Solutions) [File not signed]
R2 Browser; C:\WINDOWS\System32\browser.dll [78336 2012-11-14] (Microsoft Corporation) [File not signed]
R2 DcomLaunch; C:\WINDOWS\system32\rpcss.dll [401408 2012-11-14] (Microsoft Corporation) [File not signed]
R2 Dnscache; C:\WINDOWS\System32\dnsrslvr.dll [45568 2012-11-14] (Microsoft Corporation) [File not signed]
R2 Eventlog; C:\WINDOWS\system32\services.exe [111104 2012-11-14] (Microsoft Corporation) [File not signed]
R3 EventSystem; C:\WINDOWS\system32\es.dll [253952 2012-11-14] (Microsoft Corporation) [File not signed]
R3 FastUserSwitchingCompatibility; C:\WINDOWS\System32\shsvcs.dll [135168 2012-11-14] (Microsoft Corporation) [File not signed]
S2 gupdate; C:\Archivos de programa\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
S3 gupdatem; C:\Archivos de programa\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
R2 LanmanServer; C:\WINDOWS\System32\srvsvc.dll [99840 2012-11-14] (Microsoft Corporation) [File not signed]
R2 lanmanworkstation; C:\WINDOWS\System32\wkssvc.dll [134144 2012-11-14] (Microsoft Corporation) [File not signed]
S2 MBAMService; C:\Archivos de programa\Malwarebytes\Anti-Malware\mbamservice.exe [4563920 2017-11-01] (Malwarebytes)
S3 Microsoft SharePoint Workspace Audit Service; C:\Archivos de programa\Microsoft Office\Office14\GROOVE.EXE [31124344 2010-12-27] (Microsoft Corporation)
R3 Nla; C:\WINDOWS\System32\mswsock.dll [248320 2012-11-14] (Microsoft Corporation) [File not signed]
S3 ose; C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE [149352 2010-01-09] (Microsoft Corporation)
S3 osppsvc; C:\Archivos de programa\Archivos comunes\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4640000 2010-01-09] (Microsoft Corporation)
R2 PlugPlay; C:\WINDOWS\system32\services.exe [111104 2012-11-14] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\WINDOWS\system32\rpcss.dll [401408 2012-11-14] (Microsoft Corporation) [File not signed]
S3 scan; C:\Archivos de programa\BDServices\scan.dll [522192 2016-11-09] (Bitdefender)
R2 ShellHWDetection; C:\WINDOWS\System32\shsvcs.dll [135168 2012-11-14] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\WINDOWS\system32\spoolsv.exe [58880 2012-11-14] (Microsoft Corporation) [File not signed]
R2 Themes; C:\WINDOWS\System32\shsvcs.dll [135168 2012-11-14] (Microsoft Corporation) [File not signed]
S4 WmdmPmSN; C:\WINDOWS\system32\MsPMSNSv.dll [27136 2012-11-14] (Microsoft Corporation) [File not signed]
S3 Wmi; C:\WINDOWS\System32\advapi32.dll [685056 2012-11-14] (Microsoft Corporation) [File not signed]
S3 WMPNetworkSvc; C:\Archivos de programa\Windows Media Player\WMPNetwk.exe [916480 2012-11-14] (Microsoft Corporation) [File not signed]
R2 WudfSvc; C:\WINDOWS\System32\WUDFSvc.dll [55808 2012-11-14] (Microsoft Corporation) [File not signed]
S2 BrowserDefendert; no ImagePath

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AFD; C:\WINDOWS\System32\drivers\afd.sys [138496 2012-11-14] (Microsoft Corporation) [File not signed]
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-17] (Creative)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [167480 2018-11-20] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriverx.sys [188976 2018-11-20] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidshx.sys [165384 2018-11-20] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblogx.sys [284256 2018-11-20] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbunivx.sys [57904 2018-11-20] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [183176 2018-11-26] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [42736 2018-11-20] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [40688 2018-11-20] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [135200 2018-11-20] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr.sys [70640 2018-11-20] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [72800 2018-11-20] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [784560 2018-11-20] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [397992 2018-11-20] (AVAST Software)
S3 aswStmXP; C:\WINDOWS\System32\drivers\aswStmXP.sys [146584 2018-11-20] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [310200 2018-11-20] (AVAST Software)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49664 2006-04-12] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2006-04-12] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2006-04-12] (HP)
R3 HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [265728 2012-11-14] (Microsoft Corporation) [File not signed]
R0 KSecDD; C:\WINDOWS\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Corporation) [File not signed]
R1 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [151328 2019-01-07] (Malwarebytes)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-17] (Creative Technology Ltd.)
R1 MRxSmb; C:\WINDOWS\System32\DRIVERS\mrxsmb.sys [457856 2012-11-14] (Microsoft Corporation) [File not signed]
R0 Mup; C:\WINDOWS\system32\Drivers\Mup.sys [105472 2012-11-14] (Microsoft Corporation) [File not signed]
R0 mv61xxmm; C:\WINDOWS\system32\Drivers\mv61xxmm.sys [14184 2012-11-14] (Marvell Semiconductor Inc.)
R0 mv64xxmm; C:\WINDOWS\system32\Drivers\mv64xxmm.sys [5632 2012-11-14] (Marvell Semiconductor Inc.) [File not signed]
R0 mvxxmm; C:\WINDOWS\system32\Drivers\mvxxmm.sys [14184 2012-11-14] (Marvell Semiconductor Inc.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 NdisTapi; C:\WINDOWS\System32\DRIVERS\ndistapi.sys [10496 2012-11-14] (Microsoft Corporation) [File not signed]
R3 NuidFltr; C:\WINDOWS\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
S3 rt2870; C:\WINDOWS\System32\DRIVERS\rt2870.sys [829792 2010-05-27] (Ralink Technology, Corp.)
S3 SWDUMon; C:\WINDOWS\System32\DRIVERS\SWDUMon.sys [22728 2019-01-04] (SlimWare Utilities, Inc.)
R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361600 2012-11-14] (Microsoft Corporation) [File not signed]
S3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [428832 2016-11-09] (BitDefender S.R.L.)
S1 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [32000 2008-04-14] (Microsoft Corporation)
S3 WpdUsb; C:\WINDOWS\System32\DRIVERS\wpdusb.sys [38528 2012-11-14] (Microsoft Corporation) [File not signed]
R0 WudfPf; C:\WINDOWS\System32\DRIVERS\WudfPf.sys [77568 2012-11-14] (Microsoft Corporation) [File not signed]
S3 WudfRd; C:\WINDOWS\System32\DRIVERS\wudfrd.sys [82944 2012-11-14] (Microsoft Corporation) [File not signed]
S4 IntelIde; no ImagePath
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]
U1 WS2IFSL; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-07 17:49 - 2019-01-07 17:49 - 000024589 _____ C:\Documents and Settings\Administrador\Escritorio\FRST.txt
2019-01-07 17:48 - 2019-01-07 17:49 - 000000000 ____D C:\FRST
2019-01-07 17:46 - 2019-01-07 17:46 - 002424832 _____ (Farbar) C:\Documents and Settings\Administrador\Escritorio\FRST64.exe
2019-01-07 17:45 - 2019-01-07 17:46 - 001784320 _____ (Farbar) C:\Documents and Settings\Administrador\Escritorio\FRST.exe
2019-01-07 16:31 - 2019-01-07 16:31 - 000000000 ____D C:\Documents and Settings\Administrador\Datos de programa\ParetoLogic
2019-01-07 16:30 - 2019-01-07 16:41 - 000000000 ____D C:\Archivos de programa\BDServices
2019-01-07 16:30 - 2019-01-07 16:31 - 000000000 ____D C:\Documents and Settings\All Users\Datos de programa\ParetoLogic
2019-01-07 16:30 - 2019-01-07 16:30 - 000000875 _____ C:\Documents and Settings\Administrador\Escritorio\ParetoLogic PC Health Advisor.lnk
2019-01-07 16:30 - 2019-01-07 16:30 - 000000480 _____ C:\WINDOWS\Tasks\Actualización de PC Health Advisor.job
2019-01-07 16:30 - 2019-01-07 16:30 - 000000420 _____ C:\WINDOWS\Tasks\PC Health Advisor Defrag.job
2019-01-07 16:30 - 2019-01-07 16:30 - 000000402 _____ C:\WINDOWS\Tasks\PC Health Advisor.job
2019-01-07 16:30 - 2019-01-07 16:30 - 000000000 ____D C:\Documents and Settings\Administrador\Menú Inicio\Programas\ParetoLogic
2019-01-07 16:30 - 2019-01-07 16:30 - 000000000 ____D C:\Archivos de programa\ParetoLogic
2019-01-07 16:22 - 2019-01-07 16:42 - 000151328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2019-01-07 15:55 - 2019-01-07 15:55 - 010317440 _____ (AVAST Software) C:\Documents and Settings\Administrador\Escritorio\avastclear.exe
2019-01-07 15:18 - 2019-01-07 17:03 - 000040376 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-01-07 15:17 - 2019-01-07 17:03 - 000221112 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2019-01-07 15:17 - 2019-01-07 15:17 - 000001778 _____ C:\Documents and Settings\All Users\Escritorio\Malwarebytes.lnk
2019-01-07 15:17 - 2019-01-07 15:17 - 000000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\Malwarebytes
2019-01-07 15:17 - 2019-01-07 15:17 - 000000000 ____D C:\Archivos de programa\Malwarebytes
2019-01-07 15:17 - 2017-11-29 09:11 - 000059896 _____ C:\WINDOWS\system32\Drivers\mbae.sys
2019-01-07 13:44 - 2019-01-07 13:44 - 000000000 ____D C:\Documents and Settings\Administrador\Configuración local\Datos de programa\ESET
2019-01-07 12:48 - 2019-01-07 12:48 - 000000000 ____D C:\Archivos de programa\VS Revo Group
2019-01-05 11:58 - 2019-01-07 17:00 - 000401936 _____ C:\WINDOWS\ntbtlog.txt
2019-01-04 20:01 - 2019-01-07 11:47 - 000000000 ____D C:\Documents and Settings\Administrador\Datos de programa\Panda Security
2019-01-04 20:00 - 2019-01-07 13:05 - 000000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\Panda Dome
2019-01-04 19:58 - 2019-01-07 11:47 - 000000000 ____D C:\Documents and Settings\All Users\Datos de programa\Panda Security
2019-01-04 13:54 - 2019-01-07 13:54 - 000000034 _____ C:\WINDOWS\AvEmUpdate.ini
2018-12-18 10:25 - 2018-12-18 10:25 - 000303288 _____ C:\Documents and Settings\Administrador\Escritorio\turismo_humberto_canale2015.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-07 17:49 - 2018-06-19 12:08 - 000000000 ____D C:\Documents and Settings\Administrador\Configuración local\Temp
2019-01-07 17:49 - 2013-08-14 07:52 - 000000000 ____D C:\Documents and Settings\Administrador\Escritorio
2019-01-07 17:02 - 2017-03-17 18:01 - 000000372 ____H C:\WINDOWS\Tasks\Avast Emergency Update.job
2019-01-07 17:01 - 2016-06-20 21:52 - 000000000 _____ C:\WINDOWS\system32\last.dump
2019-01-07 17:01 - 2014-02-12 09:22 - 000001098 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2019-01-07 17:01 - 2013-08-14 07:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-07 17:00 - 2013-08-14 07:52 - 000000192 ___SH C:\Documents and Settings\Administrador\ntuser.ini
2019-01-07 16:53 - 2014-10-31 11:23 - 000032640 _____ C:\WINDOWS\SchedLgU.Txt
2019-01-07 16:52 - 2013-08-14 07:52 - 000000000 ___RD C:\Documents and Settings\Administrador\Menú Inicio\Programas
2019-01-07 16:31 - 2013-08-14 08:31 - 000000000 ____D C:\Archivos de programa\Archivos comunes
2019-01-07 16:31 - 2013-08-14 07:52 - 000000000 __RHD C:\Documents and Settings\Administrador\Datos de programa
2019-01-07 16:30 - 2013-08-14 11:53 - 000069064 _____ C:\Documents and Settings\Administrador\Configuración local\Datos de programa\GDIPFONTCACHEV1.DAT
2019-01-07 16:30 - 2013-08-14 09:24 - 000000000 ___HD C:\WINDOWS\inf
2019-01-07 16:30 - 2013-08-14 08:31 - 000000000 ____D C:\Archivos de programa
2019-01-07 16:30 - 2013-08-14 08:30 - 000000000 __RHD C:\Documents and Settings\All Users\Datos de programa
2019-01-07 16:20 - 2014-08-01 17:51 - 000000000 ____D C:\Archivos de programa\Malwarebytes Anti-Malware
2019-01-07 16:20 - 2013-08-14 08:30 - 000281336 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-01-07 15:59 - 2014-02-12 09:22 - 000001102 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2019-01-07 15:17 - 2013-09-06 09:59 - 000000000 ____D C:\Documents and Settings\All Users\Datos de programa\Malwarebytes
2019-01-07 15:17 - 2013-08-14 08:30 - 000000000 ___RD C:\Documents and Settings\All Users\Menú Inicio\Programas
2019-01-07 15:17 - 2013-08-14 08:30 - 000000000 ____D C:\Documents and Settings\All Users\Escritorio
2019-01-07 13:44 - 2013-08-14 07:52 - 000000000 ___HD C:\Documents and Settings\Administrador\Configuración local\Datos de programa
2019-01-07 11:58 - 2013-08-14 07:46 - 000000749 __RHC C:\WINDOWS\system32\sapi.cpl.manifest
2019-01-07 11:58 - 2013-08-14 07:46 - 000000749 __RHC C:\WINDOWS\system32\ncpa.cpl.manifest
2019-01-07 11:58 - 2013-08-14 07:46 - 000000749 __RHC C:\WINDOWS\system32\cdplayer.exe.manifest
2019-01-07 11:58 - 2013-08-14 07:46 - 000000749 ___RH C:\WINDOWS\WindowsShell.Manifest
2019-01-07 11:58 - 2013-08-14 07:46 - 000000749 ___RH C:\WINDOWS\system32\wuaucpl.cpl.manifest
2019-01-07 11:58 - 2013-08-14 07:46 - 000000749 ___RH C:\WINDOWS\system32\nwc.cpl.manifest
2019-01-07 11:41 - 2008-04-14 08:00 - 000002206 _____ C:\WINDOWS\system32\wpa.dbl
2019-01-05 23:32 - 2018-03-14 02:12 - 000000910 _____ C:\WINDOWS\Tasks\Adobe Flash Player NPAPI Notifier.job
2019-01-05 23:32 - 2013-08-14 07:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-01-05 13:52 - 2018-09-22 18:06 - 000000000 ____D C:\Documents and Settings\Administrador\Datos de programa\vlc
2019-01-05 11:54 - 2018-06-21 14:29 - 002779992 _____ C:\Documents and Settings\LocalService\Configuración local\Datos de programa\WPFFontCache_v0400-S-1-5-21-527237240-839522115-1177238915-500-0.dat
2019-01-05 11:54 - 2016-06-30 11:40 - 000283974 ____C C:\Documents and Settings\LocalService\Configuración local\Datos de programa\WPFFontCache_v0400-System.dat
2019-01-05 02:21 - 2013-08-14 07:52 - 000000000 ____D C:\Documents and Settings\Administrador
2019-01-04 20:15 - 2013-08-14 08:28 - 000000664 _____ C:\WINDOWS\system32\d3d9caps.dat
2019-01-04 20:11 - 2013-08-17 13:34 - 000000000 ____D C:\Documents and Settings\Administrador\Mis documentos\Archivos de Outlook
2019-01-04 20:05 - 2013-08-14 07:52 - 000000000 __SHD C:\Documents and Settings\Administrador\Configuración local\Archivos temporales de Internet
2019-01-04 19:41 - 2013-08-14 09:57 - 000131072 _____ C:\WINDOWS\system32\config\OAlerts.evt
2019-01-04 10:42 - 2018-07-17 14:24 - 000022728 _____ (SlimWare Utilities, Inc.) C:\WINDOWS\system32\Drivers\SWDUMon.sys
2018-12-24 17:27 - 2013-08-14 07:52 - 000000000 ___RD C:\Documents and Settings\Administrador\Mis documentos\Mi música
2018-12-20 10:34 - 2013-08-14 11:37 - 000002495 _____ C:\Documents and Settings\Administrador\Escritorio\Microsoft Word 2010.lnk
2018-12-14 10:37 - 2017-11-21 12:19 - 000000711 _____ C:\Documents and Settings\Administrador\Escritorio\WinRAR.lnk
2018-12-14 10:37 - 2014-02-24 09:01 - 000000838 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2018-12-14 10:37 - 2013-08-14 08:28 - 000000000 ____D C:\Archivos de programa\WinRAR
2018-12-14 10:37 - 2013-08-14 07:46 - 000842240 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2018-12-14 10:37 - 2013-08-14 07:46 - 000175104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2018-12-14 10:33 - 2017-02-04 15:50 - 000000000 _____ C:\Documents and Settings\Administrador\last.dump
2018-12-10 11:29 - 2013-08-17 14:56 - 000000000 ____D C:\Documents and Settings\Administrador\Mis documentos\RODOLFO

==================== Files in the root of some directories =======

2013-12-03 15:49 - 2016-08-15 14:37 - 000011776 ____C () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-30 13:35 - 2013-11-11 10:24 - 000003290 ____C () C:\Documents and Settings\All Users\Datos de programa\hpzinstall.log

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe
[2012-11-14 05:45] - [2012-11-14 05:45] - 000111104 _____ (Microsoft Corporation) AA6E1769469F9D15603A619FC1FB9E18

C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll
[2012-11-14 05:45] - [2012-11-14 05:45] - 000401408 _____ (Microsoft Corporation) AEF41FC6F108CC4F94F9B4E96AFA9C70

C:\WINDOWS\system32\dnsapi.dll
[2012-11-14 05:48] - [2012-11-14 05:48] - 000149504 _____ (Microsoft Corporation) 7C6CB9B5FABFBBD708299C67C8480614

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

#13

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-01-2019
Ran by Administrador (07-01-2019 17:50:14)
Running from C:\Documents and Settings\Administrador\Escritorio
Microsoft Windows XP Professional Service Pack 3 (X86) (2013-08-14 10:50:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-527237240-839522115-1177238915-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrador
Asistente de ayuda (S-1-5-21-527237240-839522115-1177238915-1000 - Limited - Disabled)
ASPNET (S-1-5-21-527237240-839522115-1177238915-1001 - Limited - Enabled)
Invitado (S-1-5-21-527237240-839522115-1177238915-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Actualización de seguridad para el Reproductor de Windows Media (KB2834904-v2) (HKLM\...\KB2834904-v2_WM11) (Version:  - Microsoft Corporation)
Actualización de seguridad para el Reproductor de Windows Media (KB975558) (HKLM\...\KB975558_WM8) (Version:  - Microsoft Corporation)
Actualización de seguridad para Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows Internet Explorer 8 (KB2909921) (HKLM\...\KB2909921-IE8) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows Internet Explorer 8 (KB2925418) (HKLM\...\KB2925418-IE8) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows Internet Explorer 8 (KB2964358) (HKLM\...\KB2964358-IE8) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2570947) (HKLM\...\KB2570947) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2603381) (HKLM\...\KB2603381) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2618451) (HKLM\...\KB2618451) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2661637) (HKLM\...\KB2661637) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2686509) (HKLM\...\KB2686509) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2695962) (HKLM\...\KB2695962) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2698365) (HKLM\...\KB2698365) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2757638) (HKLM\...\KB2757638) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2758857) (HKLM\...\KB2758857) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2770660) (HKLM\...\KB2770660) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2780091) (HKLM\...\KB2780091) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2802968) (HKLM\...\KB2802968) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2807986) (HKLM\...\KB2807986) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2820917) (HKLM\...\KB2820917) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2834886) (HKLM\...\KB2834886) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2845187) (HKLM\...\KB2845187) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2847311) (HKLM\...\KB2847311) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2850869) (HKLM\...\KB2850869) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2859537) (HKLM\...\KB2859537) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2862152) (HKLM\...\KB2862152) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2862330) (HKLM\...\KB2862330) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2862335) (HKLM\...\KB2862335) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2864063) (HKLM\...\KB2864063) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2868038) (HKLM\...\KB2868038) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2868626) (HKLM\...\KB2868626) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2876217) (HKLM\...\KB2876217) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2876331) (HKLM\...\KB2876331) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2892075) (HKLM\...\KB2892075) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2893294) (HKLM\...\KB2893294) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2893984) (HKLM\...\KB2893984) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2898715) (HKLM\...\KB2898715) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2900986) (HKLM\...\KB2900986) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2914368) (HKLM\...\KB2914368) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2916036) (HKLM\...\KB2916036) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2922229) (HKLM\...\KB2922229) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2929961) (HKLM\...\KB2929961) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB2930275) (HKLM\...\KB2930275) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB4012598) (HKLM\...\KB4012598) (Version: 1 - Microsoft Corporation)
Actualización de seguridad para Windows XP (KB923561) (HKLM\...\KB923561) (Version: 1 - Microsoft Corporation)
Actualización para Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Actualización para Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Actualización para Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Actualización para Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Actualización para Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
AiO_Scan_CDA (HKLM\...\{C8753E28-2680-49BF-BD48-DD38FD086EFE}) (Version: 70.0.231.000 - Hewlett-Packard) Hidden
AiOSoftwareNPI (HKLM\...\{68763C27-235D-4165-A961-FDEA228CE504}) (Version: 70.0.231.000 - Hewlett-Packard) Hidden
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
BufferChm (HKLM\...\{45B8A76B-57EC-4242-B019-066400CD8428}) (Version: 70.0.170.000 - Hewlett-Packard) Hidden
C3100 (HKLM\...\{EB8C9964-09AC-48bf-8B98-027609C78251}) (Version: 70.0.231.000 - Hewlett-Packard) Hidden
c3100_Help (HKLM\...\{9FC8D8F8-AF3A-4488-98AF-51C6DEC732F2}) (Version: 70.0.231.000 - Hewlett-Packard) Hidden
Destinations (HKLM\...\{FB15E224-67C3-491F-9F5C-F257BC418412}) (Version: 70.0.170.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (HKLM\...\{AB5D51AE-EBC3-438D-872C-705C7C2084B0}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
DocProc (HKLM\...\{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}) (Version: 7.0.0.0 - Hewlett-Packard) Hidden
DocProcQFolder (HKLM\...\{87E2B986-07E8-477a-93DC-AF0B6758B192}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
eSupportQFolder (HKLM\...\{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
Fax_CDA (HKLM\...\{F6076EF9-08E1-442F-B6A2-BFB61B295A14}) (Version: 70.0.231.000 - Hewlett-Packard) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP Imaging Device Functions 7.0 (HKLM\...\HP Imaging Device Functions) (Version: 7.0 - HP)
HP Photosmart Essential (HKLM\...\{6994491D-D491-48F1-AE1F-E179C1FFFC2F}) (Version: 1.9.1.3 - HP)
HP Photosmart, Officejet and Deskjet 7.0.A (HKLM\...\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}) (Version:  - HP)
HP Solution Center 7.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 7.0 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoSmartExpress (HKLM\...\{2376813B-2E5A-4641-B7B3-A0D5ADB55229}) (Version: 70.0.170.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM\...\{4EA684E9-5C81-4033-A696-3019EC57AC3A}) (Version: 70.0.170.000 - Hewlett-Packard) Hidden
InstantShareDevicesMFC (HKLM\...\{F157460F-720E-482f-8625-AD7843891E5F}) (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
Junk Mail filter update (HKLM\...\{8E5233E1-7495-44FB-8DEB-4BE906D59619}) (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 9.9.5 (HKLM\...\KLiteCodecPack_is1) (Version: 9.9.5 - )
Malwarebytes versión 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.6229 (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6313 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6313 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219.414 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero - Burning Rom (HKLM\...\{A4D7B764-4140-11D4-88EB-0050DA3579C0}) (Version: 5.5.9 - ahead software gmbh)
NewCopy_CDA (HKLM\...\{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}) (Version: 70.0.231.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S 7.0 (HKLM\...\HPOCR) (Version: 7.0 - HP)
PanoStandAlone (HKLM\...\{363790D2-DA98-41DD-9C9F-69FA36B169DE}) (Version: 70.0.170.000 - Hewlett-Packard) Hidden
ProductContextNPI (HKLM\...\{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}) (Version: 70.0.231.000 - Hewlett-Packard) Hidden
Readme (HKLM\...\{736C803C-DD3B-4015-BC51-AFB9E67B9076}) (Version: 70.0.231.000 - Hewlett-Packard) Hidden
REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.35.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.6662 - Realtek Semiconductor Corp.)
SafeZone Stable 1.48.2066.101 (HKLM\...\SafeZone 1.48.2066.101) (Version:  - )
Scan (HKLM\...\{F3760724-B29D-465B-BC53-E5D72095BCC4}) (Version: 7.0.0.0 - Hewlett-Packard) Hidden
ScannerCopy (HKLM\...\{996512CF-F35B-48DE-9291-557FA5316967}) (Version: 7.0.0.0 - Hewlett-Packard) Hidden
Segoe UI (HKLM\...\{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}) (Version: 14.0.4327.805 - Microsoft Corp) Hidden
SolutionCenter (HKLM\...\{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}) (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Status (HKLM\...\{8331C3EA-0C91-43AA-A4D4-27221C631139}) (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Toolbox (HKLM\...\{6909F917-5499-482e-9AA1-FAD06A99F231}) (Version: 70.0.170.000 - Hewlett-Packard) Hidden
TP-LINK Wireless Utility (HKLM\...\{7EF80615-639D-4BD0-B612-E347096452AD}) (Version: 1.0.3.0 - TP-LINK)
TrayApp (HKLM\...\{DBC20735-34E6-4E97-A9E5-2066B66B243D}) (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Unload (HKLM\...\{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}) (Version: 7.0.0 - Hewlett-Packard) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WebReg (HKLM\...\{66910000-8B30-4973-A159-6371345AFFA5}) (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Windows Genuine Advantage Validation 1.9.42.0 Cracked (HKLM\...\{EB1BE39D-4C36-40A0-8CFB-079A2D14CB79}) (Version: 1.5.0.0 - Wocarson)
Windows Internet Explorer 8  (HKLM\...\IE8) (Version:  - REGGNETWORK)
Windows Live Messenger (HKLM\...\{C4156B59-DD7E-40DF-AF08-E568A27A6409}) (Version: 14.0.8117.0416 - Microsoft Corporation)
WinRAR 5.61 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Archivos de programa\AVAST Software\Avast\ashShell.dll [2018-11-20] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Archivos de programa\AVAST Software\Avast\ashShell.dll [2018-11-20] (AVAST Software)
ContextMenuHandlers1: [Offline Files] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} =>  -> No File
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> [CC]{d9cea52e-100d-4159-89ea-76e845bc13e1} =>  -> No File
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Archivos de programa\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers2: [Offline Files] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} =>  -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Archivos de programa\AVAST Software\Avast\ashShell.dll [2018-11-20] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Archivos de programa\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [Offline Files] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2008-02-15] (Intel Corporation)
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} =>  -> No File
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Archivos de programa\AVAST Software\Avast\ashShell.dll [2018-11-20] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Archivos de programa\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Archivos de programa\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)

==================== Scheduled Tasks=============================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Actualización de PC Health Advisor.job => C:\Archivos de programa\ParetoLogic\PCHA\PCHA.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player NPAPI Notifier.job => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\Avast Emergency Update.job => C:\Archivos de programa\AVAST Software\Avast\AvEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Archivos de programa\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Archivos de programa\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Notificación de inicio de sesión de fin de servicio de Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Notificación mensual de fin de servicio de Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\PC Health Advisor Defrag.job => C:\Archivos de programa\ParetoLogic\PCHA\PCHA.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\PC Health Advisor.job => C:\Archivos de programa\ParetoLogic\PCHA\PCHA.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\SafeZone scheduled Autoupdate 1462972027.job => C:\Archivos de programa\AVAST Software\SZBrowser\launcher.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->\\.\root\subscription:MSFT_UCScenarioControl.Name=\"Microsoft WMI Updating Consumer Scenario Control\"",Filter="\\.\root\subscription:__EventFilter.Name=\"Microsoft WMI Updating Consumer Scenario Control\":
WMI:subscription\__EventFilter->Microsoft WMI Updating Consumer Scenario Control:

Shortcut: C:\Documents and Settings\Administrador\Entorno de red\My Web Sites on MSN\target.lnk -> hxxp://www.msnusers.co

==================== Loaded Modules (Whitelisted) ==============

2011-03-16 19:11 - 2011-03-16 19:11 - 004297568 _____ () C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-08-21 11:01 - 2012-09-18 15:26 - 000169472 _____ () C:\WINDOWS\system32\zlhp1020.dll
2013-08-21 11:01 - 2012-09-18 15:26 - 000059904 _____ () C:\WINDOWS\System32\spool\PRTPROCS\W32X86\pphp1020.dll
2016-09-07 09:56 - 2016-09-06 12:00 - 005197312 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Google\Chrome\User Data\SwiftShader\3.3.0.1\libglesv2.dll
2016-09-07 09:56 - 2016-09-06 12:00 - 000147456 _____ () C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Google\Chrome\User Data\SwiftShader\3.3.0.1\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7865 more sites.

IE restricted site: HKU\S-1-5-21-527237240-839522115-1177238915-500\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-527237240-839522115-1177238915-500\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-527237240-839522115-1177238915-500\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-527237240-839522115-1177238915-500\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-527237240-839522115-1177238915-500\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-527237240-839522115-1177238915-500\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-527237240-839522115-1177238915-500\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-527237240-839522115-1177238915-500\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-527237240-839522115-1177238915-500\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-527237240-839522115-1177238915-500\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-527237240-839522115-1177238915-500\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-527237240-839522115-1177238915-500\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-527237240-839522115-1177238915-500\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-527237240-839522115-1177238915-500\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-527237240-839522115-1177238915-500\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-527237240-839522115-1177238915-500\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-527237240-839522115-1177238915-500\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-527237240-839522115-1177238915-500\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-527237240-839522115-1177238915-500\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-527237240-839522115-1177238915-500\...\123simsen.com -> www.123simsen.com

There are 7865 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2008-04-14 08:00 - 2019-01-04 06:46 - 000000795 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
HKU\S-1-5-21-527237240-839522115-1177238915-500\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 200.42.4.207 - 200.49.130.47
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName3 -> C:\WINDOWS\system32\ipconf.tsp (Microsoft Corporation)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName4 -> C:\WINDOWS\system32\h323.tsp (Microsoft Corporation)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Menú Inicio^Programas^Inicio^HP Digital Imaging Monitor.lnk => 
MSCONFIG\startupreg: Adobe ARM => "C:\Archivos de programa\Archivos comunes\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: BCSSync => "C:\Archivos de programa\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: DWPersistentQueuedReporting => C:\Archivos de programa\Archivos comunes\Microsoft Shared\DW\DWTRIG20.EXE -a
MSCONFIG\startupreg: HotKeysCmds => C:\WINDOWS\system32\hkcmd.exe
MSCONFIG\startupreg: HP Software Update => C:\Archivos de programa\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IgfxTray => C:\WINDOWS\system32\igfxtray.exe
MSCONFIG\startupreg: KernelFaultCheck => %systemroot%\system32\dumprep 0 -k
MSCONFIG\startupreg: NeroCheck => C:\WINDOWS\system32\\NeroCheck.exe
MSCONFIG\startupreg: Persistence => C:\WINDOWS\system32\igfxpers.exe
MSCONFIG\startupreg: RTHDCPL => RTHDCPL.EXE

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

DomainProfile\AuthorizedApplications: [C:\Archivos de programa\Windows Live\Messenger\msnmsgr.exe] => Enabled:Windows Live Messenger
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Windows Live\Messenger\msnmsgr.exe] => Enabled:Windows Live Messenger
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Microsoft Office\Office14\GROOVE.EXE] => Enabled:Microsoft SharePoint Workspace
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Microsoft Office\Office14\ONENOTE.EXE] => Enabled:Microsoft OneNote
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Microsoft Office\Office14\OUTLOOK.EXE] => Enabled:Microsoft Office Outlook
StandardProfile\AuthorizedApplications: [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe] => Enabled:Visual Basic Command Line Compiler
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\mmc.exe] => Disabled:Microsoft Management Console
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe] => Enabled:hpqtra08.exe
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\HP\Digital Imaging\bin\hpqste08.exe] => Enabled:hpqste08.exe
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\HP\Digital Imaging\bin\hpofxm08.exe] => Enabled:hpofxm08.exe
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\HP\Digital Imaging\bin\hposfx08.exe] => Enabled:hposfx08.exe
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\HP\Digital Imaging\bin\hposid01.exe] => Enabled:hposid01.exe
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\HP\Digital Imaging\bin\hpqscnvw.exe] => Enabled:hpqscnvw.exe
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\HP\Digital Imaging\bin\hpqkygrp.exe] => Enabled:hpqkygrp.exe
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\HP\Digital Imaging\bin\hpqCopy.exe] => Enabled:hpqcopy.exe
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\HP\Digital Imaging\bin\hpfccopy.exe] => Enabled:hpfccopy.exe
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\HP\Digital Imaging\bin\hpzwiz01.exe] => Enabled:hpzwiz01.exe
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\HP\Digital Imaging\Unload\HpqPhUnl.exe] => Enabled:hpqphunl.exe
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\HP\Digital Imaging\Unload\HpqDIA.exe] => Enabled:hpqdia.exe
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\HP\Digital Imaging\bin\hpoews01.exe] => Enabled:hpoews01.exe
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\HP\Digital Imaging\bin\hpqnrs08.exe] => Enabled:hpqnrs08.exe
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\sessmgr.exe] => Disabled:@xpsp2res.dll,-22019
StandardProfile\AuthorizedApplications: [C:\Archivos de programa\AVAST Software\Avast\AvEmUpdate.exe] => Enabled:Avast Emergency Update
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22008

==================== Restore Points =========================

07-01-2019 16:19:38 Punto de control del sistema
07-01-2019 16:43:32 Revo Uninstaller's restore point - ParetoLogic PC Health Advisor
07-01-2019 16:45:14 Revo Uninstaller's restore point - ParetoLogic PC Health Advisor

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/07/2019 05:02:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Aplicación con errores: avlaunch.exe, versión: 18.8.4084.0, módulo con error: ucrtbase.dll, versión 10.0.16299.15, dirección de error 0x000933ba.
Procesando suceso específico de medio para [avlaunch.exe!ws!]

Error: (01/07/2019 04:44:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Aplicación con errores: mbamtray.exe, versión: 3.0.0.1284, módulo con error: mbamtray.exe, versión 3.0.0.1284, dirección de error 0x000098a8.
Procesando suceso específico de medio para [mbamtray.exe!ws!]

Error: (01/07/2019 04:42:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Aplicación con errores: pcha.exe, versión: 3.2.4.0, módulo con error: pcha.exe, versión 3.2.4.0, dirección de error 0x00079c40.
Procesando suceso específico de medio para [pcha.exe!ws!]

Error: (01/07/2019 04:31:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Aplicación con errores: pcha.exe, versión: 3.2.4.0, módulo con error: pcha.exe, versión 3.2.4.0, dirección de error 0x00079c40.
Procesando suceso específico de medio para [pcha.exe!ws!]

Error: (01/07/2019 04:31:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Aplicación con errores: pcha.exe, versión: 3.2.4.0, módulo con error: pcha.exe, versión 3.2.4.0, dirección de error 0x00079c40.
Procesando suceso específico de medio para [pcha.exe!ws!]

Error: (01/07/2019 04:21:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Aplicación con errores: avlaunch.exe, versión: 18.8.4084.0, módulo con error: ucrtbase.dll, versión 10.0.16299.15, dirección de error 0x000933ba.
Procesando suceso específico de medio para [avlaunch.exe!ws!]

Error: (01/07/2019 04:14:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Aplicación con errores: ccsetup551.exe, versión: 5.51.0.6939, módulo con error: asdk.dll, versión 18.1.97.0, dirección de error 0x000b08a0.
Procesando suceso específico de medio para [ccsetup551.exe!ws!]

Error: (01/07/2019 01:40:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Aplicación con errores: avlaunch.exe, versión: 18.8.4084.0, módulo con error: ucrtbase.dll, versión 10.0.16299.15, dirección de error 0x000933ba.
Procesando suceso específico de medio para [avlaunch.exe!ws!]


System errors:
=============
Error: (01/07/2019 05:03:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio BrowserDefendert no pudo iniciarse debido al siguiente error: 
El sistema no puede hallar la ruta especificada.

Error: (01/07/2019 05:03:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Avast Antivirus no pudo iniciarse debido al siguiente error: 
El servicio no ha respondido a la petición o inicio del control en un tiempo adecuado.

Error: (01/07/2019 05:03:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Intervalo de espera (30000 ms.) para la conexión con el servicio Avast Antivirus.

Error: (01/07/2019 05:00:20 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM ha obtenido un error "%%1084 = El servicio no puede iniciarse en modo a prueba de errores" al intentar iniciar el servicio EventSystem con argumentos ""
para ejecutar el servidor:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (01/07/2019 04:59:20 PM) (Source: DCOM) (EventID: 10005) (User: ORDENADOR)
Description: DCOM ha obtenido un error "%%1084 = El servicio no puede iniciarse en modo a prueba de errores" al intentar iniciar el servicio wuauserv con argumentos ""
para ejecutar el servidor:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (01/07/2019 04:58:52 PM) (Source: DCOM) (EventID: 10005) (User: ORDENADOR)
Description: DCOM ha obtenido un error "%%1084 = El servicio no puede iniciarse en modo a prueba de errores" al intentar iniciar el servicio wuauserv con argumentos ""
para ejecutar el servidor:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (01/07/2019 04:56:33 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El controlador de inicialización siguiente no se cargó correctamente: 
AFD
aswArPot
aswbidsdriver
aswbidsh
aswblog
aswbuniv
aswHdsKe
aswRdr
aswRvrt
aswSnx
aswSP
aswVmm
Fips
intelppm
IPSec
MRxSmb
NetBIOS
NetBT
RasAcd
Rdbss
Tcpip

Error: (01/07/2019 04:56:33 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicios IPSEC depende del servicio Controlador IPSEC, el cual no pudo iniciarse debido al siguiente error: 
Uno de los dispositivos vinculados al sistema no funciona.


==================== Memory info =========================== 

Processor: Intel(R) Celeron(R) CPU E1200 @ 1.60GHz
Percentage of memory in use: 58%
Total physical RAM: 1015.48 MB
Available physical RAM: 426.06 MB
Total Virtual: 2442.16 MB
Available Virtual: 1772.48 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:149.04 GB) (Free:81.13 GB) NTFS ==>[drive with boot components (Windows XP)]


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 149 GB) (Disk ID: 9CFB9CFB)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#14

Hola

Abrí un nuevo archivo Notepad y copia y pega este contenido:

Start
CreateRestorePoint:
CloseProcesses
(Digital Care Solutions) C:\Archivos de programa\BDServices\BitDefenderCOM.exe
HKLM\...\Run: [AvastUI.exe] => C:\Archivos de programa\AVAST Software\Avast\AvLaunch.exe [242392 2018-11-20] (AVAST Software)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKU\S-1-5-21-527237240-839522115-1177238915-500\...\MountPoints2: {00349893-610c-11e4-a8b9-001a4df77074} - J:\USBAutoRun.exe
S3 aswbIDSAgent; C:\Archivos de programa\AVAST Software\Avast\aswidsagent.exe [6799632 2018-11-20] (AVAST Software)
S2 avast! Antivirus; C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe [324000 2018-11-20] (AVAST Software)
R2 BitDefenderCOM; C:\Archivos de programa\BDServices\BitDefenderCom.exe [773632 2016-11-21] (Digital Care Solutions) [File not signed]
R2 RpcSs; C:\WINDOWS\system32\rpcss.dll [401408 2012-11-14] (Microsoft Corporation) [File not signed]
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [167480 2018-11-20] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriverx.sys [188976 2018-11-20] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidshx.sys [165384 2018-11-20] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblogx.sys [284256 2018-11-20] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbunivx.sys [57904 2018-11-20] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [183176 2018-11-26] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [42736 2018-11-20] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [40688 2018-11-20] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [135200 2018-11-20] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr.sys [70640 2018-11-20] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [72800 2018-11-20] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [784560 2018-11-20] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [397992 2018-11-20] (AVAST Software)
S3 aswStmXP; C:\WINDOWS\System32\drivers\aswStmXP.sys [146584 2018-11-20] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [310200 2018-11-20] (AVAST Software)
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]
U1 WS2IFSL; no ImagePath
2019-01-07 13:44 - 2019-01-07 13:44 - 000000000 ____D C:\Documents and Settings\Administrador\Configuración local\Datos de programa\ESET
2019-01-04 20:01 - 2019-01-07 11:47 - 000000000 ____D C:\Documents and Settings\Administrador\Datos de programa\Panda Security
2019-01-04 20:00 - 2019-01-07 13:05 - 000000000 ____D C:\Documents and Settings\All Users\Menú Inicio\Programas\Panda Dome
2019-01-04 19:58 - 2019-01-07 11:47 - 000000000 ____D C:\Documents and Settings\All Users\Datos de programa\Panda Security
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

Reinicia el ordenador en modo seguro

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

Saludos


#15

Hola Leo, te copio fixlog:

Fix result of Farbar Recovery Scan Tool (x86) Version: 07-01-2019
Ran by Administrador (07-01-2019 19:21:11) Run:1
Running from C:\Documents and Settings\Administrador\Escritorio
Loaded Profiles: Administrador (Available Profiles: Administrador)
Boot Mode: Safe Mode (minimal)

==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses
(Digital Care Solutions) C:\Archivos de programa\BDServices\BitDefenderCOM.exe
HKLM\...\Run: [AvastUI.exe] => C:\Archivos de programa\AVAST Software\Avast\AvLaunch.exe [242392 2018-11-20] (AVAST Software)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKU\S-1-5-21-527237240-839522115-1177238915-500\...\MountPoints2: {00349893-610c-11e4-a8b9-001a4df77074} - J:\USBAutoRun.exe
S3 aswbIDSAgent; C:\Archivos de programa\AVAST Software\Avast\aswidsagent.exe [6799632 2018-11-20] (AVAST Software)
S2 avast! Antivirus; C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe [324000 2018-11-20] (AVAST Software)
R2 BitDefenderCOM; C:\Archivos de programa\BDServices\BitDefenderCom.exe [773632 2016-11-21] (Digital Care Solutions) [File not signed]
R2 RpcSs; C:\WINDOWS\system32\rpcss.dll [401408 2012-11-14] (Microsoft Corporation) [File not signed]
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [167480 2018-11-20] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriverx.sys [188976 2018-11-20] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidshx.sys [165384 2018-11-20] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblogx.sys [284256 2018-11-20] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbunivx.sys [57904 2018-11-20] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [183176 2018-11-26] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [42736 2018-11-20] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [40688 2018-11-20] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [135200 2018-11-20] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr.sys [70640 2018-11-20] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [72800 2018-11-20] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [784560 2018-11-20] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [397992 2018-11-20] (AVAST Software)
S3 aswStmXP; C:\WINDOWS\System32\drivers\aswStmXP.sys [146584 2018-11-20] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [310200 2018-11-20] (AVAST Software)
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]
U1 WS2IFSL; no ImagePath
2019-01-07 13:44 - 2019-01-07 13:44 - 000000000 ____D C:\Documents and Settings\Administrador\Configuracin local\Datos de programa\ESET
2019-01-04 20:01 - 2019-01-07 11:47 - 000000000 ____D C:\Documents and Settings\Administrador\Datos de programa\Panda Security
2019-01-04 20:00 - 2019-01-07 13:05 - 000000000 ____D C:\Documents and Settings\All Users\Men Inicio\Programas\Panda Dome
2019-01-04 19:58 - 2019-01-07 11:47 - 000000000 ____D C:\Documents and Settings\All Users\Datos de programa\Panda Security
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Error: Restore point can only be created in normal mode.
CloseProcesses => Error: No automatic fix found for this entry.
C:\Archivos de programa\BDServices\BitDefenderCOM.exe => No running process found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AvastUI.exe" => removed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck" => removed successfully.
HKU\S-1-5-21-527237240-839522115-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{00349893-610c-11e4-a8b9-001a4df77074} => removed successfully.
HKLM\Software\Classes\CLSID\{00349893-610c-11e4-a8b9-001a4df77074} => not found
HKLM\System\CurrentControlSet\Services\aswbIDSAgent => removed successfully.
aswbIDSAgent => service removed successfully.
HKLM\System\CurrentControlSet\Services\avast! Antivirus => removed successfully.
avast! Antivirus => service removed successfully.
HKLM\System\CurrentControlSet\Services\BitDefenderCOM => removed successfully.
BitDefenderCOM => service removed successfully.
RpcSs => Unable to stop service.
HKLM\System\CurrentControlSet\Services\RpcSs => removed successfully.
RpcSs => service removed successfully.
HKLM\System\CurrentControlSet\Services\aswArPot => removed successfully.
aswArPot => service removed successfully.
HKLM\System\CurrentControlSet\Services\aswbidsdriver => removed successfully.
aswbidsdriver => service removed successfully.
HKLM\System\CurrentControlSet\Services\aswbidsh => removed successfully.
aswbidsh => service removed successfully.
HKLM\System\CurrentControlSet\Services\aswblog => removed successfully.
aswblog => service removed successfully.
HKLM\System\CurrentControlSet\Services\aswbuniv => removed successfully.
aswbuniv => service removed successfully.
HKLM\System\CurrentControlSet\Services\aswHdsKe => removed successfully.
aswHdsKe => service removed successfully.
HKLM\System\CurrentControlSet\Services\aswHwid => removed successfully.
aswHwid => service removed successfully.
aswKbd => Unable to stop service.
HKLM\System\CurrentControlSet\Services\aswKbd => removed successfully.
aswKbd => service removed successfully.
HKLM\System\CurrentControlSet\Services\aswMonFlt => removed successfully.
aswMonFlt => service removed successfully.
HKLM\System\CurrentControlSet\Services\aswRdr => removed successfully.
aswRdr => service removed successfully.
HKLM\System\CurrentControlSet\Services\aswRvrt => removed successfully.
aswRvrt => service removed successfully.
HKLM\System\CurrentControlSet\Services\aswSnx => removed successfully.
aswSnx => service removed successfully.
HKLM\System\CurrentControlSet\Services\aswSP => removed successfully.
aswSP => service removed successfully.
HKLM\System\CurrentControlSet\Services\aswStmXP => removed successfully.
aswStmXP => service removed successfully.
HKLM\System\CurrentControlSet\Services\aswVmm => removed successfully.
aswVmm => service removed successfully.
HKLM\System\CurrentControlSet\Services\USBAAPL => removed successfully.
USBAAPL => service removed successfully.
HKLM\System\CurrentControlSet\Services\WS2IFSL => removed successfully.
WS2IFSL => service removed successfully.
"C:\Documents and Settings\Administrador\Configuracin local\Datos de programa\ESET" => not found
C:\Documents and Settings\Administrador\Datos de programa\Panda Security => moved successfully
"C:\Documents and Settings\All Users\Men Inicio\Programas\Panda Dome" => not found
C:\Documents and Settings\All Users\Datos de programa\Panda Security => moved successfully

========= ipconfig /flushdns =========



Configuración IP de Windows



Error interno: Solicitud no compatible.

 

Póngase en contacto con los servicios de soporte técnico de Microsoft para

obtener ayuda.



Información adicional: no se puede encontrar el nombre de host.


========= End of CMD: =========


========= ipconfig /renew =========



Configuración IP de Windows



Error interno: Solicitud no compatible.

 

Póngase en contacto con los servicios de soporte técnico de Microsoft para

obtener ayuda.



Información adicional: no se puede encontrar el nombre de host.


========= End of CMD: =========


========= bitsadmin /reset /allusers =========

"bitsadmin" no se reconoce como un comando interno o externo,
programa o archivo por lotes ejecutable.

========= End of CMD: =========


========= netsh winsock reset =========

"netsh" no se reconoce como un comando interno o externo,
programa o archivo por lotes ejecutable.

========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

"netsh" no se reconoce como un comando interno o externo,
programa o archivo por lotes ejecutable.

========= End of CMD: =========


========= netsh int ipv4 reset =========

"netsh" no se reconoce como un comando interno o externo,
programa o archivo por lotes ejecutable.

========= End of CMD: =========


========= netsh int ipv6 reset =========

"netsh" no se reconoce como un comando interno o externo,
programa o archivo por lotes ejecutable.

========= End of CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.
"HKU\S-1-5-21-527237240-839522115-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer" => removed successfully.
"HKU\S-1-5-21-527237240-839522115-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-527237240-839522115-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache => 65869 B
Java, Flash, Steam htmlcache => 523 B
Windows/system/dllcache/drivers => 46163150 B
Edge => 0 B
Chrome => 692070594 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Documents and Settings => 0 B
Default User => 66228 B
All Users => 0 B
systemprofile => 748885209 B
LocalService => 66228 B
NetworkService => 66228 B
Administrador => 52143920 B

RecycleBin => 1042740577 B
EmptyTemp: => 2.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:25:26 ====

#16

te comento que la PC donde tengo el problema luego de hacer el análisis de Fixlog dejo de funcionar el teclado, no abre ninguna aplicación de Windows, me pide que instale todo de nuevo


#17

:roll_eyes: No entiendo … La reiniciaste ?


#18

cuando termino el informe de fixlog se reinicio, no me dio posibilidad de hacer nada


#19

Bueno …

No se que pudo pasar, pero no pinta bien. Evidentemente el sistema esta dañado.

El sistema Windows XP que tenes instalado es Obsoleto y ya está desatendido por Windows.

Esto que paso en los primeros pasos, me hace pensar que el sistema estaba seriamente dañado:

Lo ideal seria Rescatar todos los archivos utiles que tenes en ese disco e instalar un sistema operativo nuevo, actual, como lo es Windows 10.

Es un proceso que requiere conocimientos avanzados de informática para hacer la estraccion de archivos y la posterior reinstalacion del sistema.

O sea, hay que sacar el disco, ponerlo como disco esclavo en otro PC y desde ahi, sacar los archivos.

Luego volver a poner el disco en el PC original y a partir de ahi, reinstalar el sistema.

No veo otra solución posible …


#20

Hola @Leosolari y con su permiso, os comparto una sugerencia pues hay muchos usuario que nunca han tratado con el hardware de la PC y pues sería riesgoso que alguien sin conocimientos se pusiera a trastear esa parte del PC, no sería mas conveniente usar un LiveCD y pues extraer los datos del disco para uno externo (en caso de que tenga uno)?, en vez de sacar el disco y ponerlo de esclavo en otro PC.