¿Portátil infectado?


#1

Hace unos meses tuve que utilizar un programa no muy conocido, pero que realmente necesitaba en ese preciso momento… y, no estoy muy orgulloso de decirlo, pero decidí utilizar un activador en aquel entonces.

El programa lo desinstalé después de haberlo utilizado, ya que sólo lo necesitaba para una pequeña y simple cosa … pero me quedé preocupado por el activador.

En ese entonces recuerdo que “VirusTotal” había asegurado que más de 20 antivirus detectaban el archivo como algo malicioso… Sí, un número bastante grande. Pero en ese entonces necesitaba tanto el programa, que sinceramente ignoré eso.

… Hoy en día me di cuenta de qué tan torpe pudo haber sido ese movimiento mío.

y a raíz de que tengo problemas para terminar de analizar mi portátil con Malwarebytes (el análisis no avanza de la penúltima fase, antes de llegar al análisis heurístico), estoy creando este tema con la esperanza de que alguien pueda ayudarme a escanear esta laptop, y… finalmente, ver si hay algo merodeando por ahí :frowning:

no estoy seguro de que el rendimiento haya empeorado, pero lo que me realmente preocupa es… son, los datos personales. me da pánico que pueda estar en riesgo por ese lado.

agradecería de por vida que pudiesen ayudarme con todo este lío mío


#2

Hola Solid_Snake

Realiza el análisis con Malwarebytes en modo seguro a ver si puede terminar.

Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.

  • Realiza un Análisis de amenazas, actualizando si te lo pide.
  • Pulsar en “Cuarentena seleccionado” para enviarlo a la cuarentena y Reinicias el sistema.
  • En el apartado del manual Informes :arrow_forward: Informe de análisis encontrarás el reporte de MBAM, clic en Exportar :arrow_forward: Copiar al portapapeles.

2) Descarga AdwCleaner | InfoSpyware en el escritorio.

  • Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus.
  • Cierra también todos los programas que tengas abiertos.
  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
  • Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
  • Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt

3) Descarga CCleaner

  • Instala Ccleaner
  • Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine :arrow_forward: clic en ejecutar limpiador
  • Clic en la pestaña Registro :arrow_forward: clic en buscar problemas esperas que termine :arrow_forward: clic en Reparar Seleccionadas y haces una copia de seguridad
  • Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.

Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.

Un saludo


#4

Buenas noches, Daniela!

Primero que nada, me disculpo por la demora.

En la madrugada de ayer dejé el portátil analizándose en modo seguro, y al despertar vi que al parecer esta vez el análisis sí pudo completarse! (me aseguré de actualizar Malwarebytes antes de entrar a este modo, ya que sé que no hay manera de conectarse a internet ahí).

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 3/11/18
Hora del análisis: 1:47
Archivo de registro: 85ad26be-df23-11e8-9ab3-000000000000.json

-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.0
Versión del paquete de actualización: 1.0.7665
Licencia: Gratis

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x86
Sistema de archivos: NTFS
Usuario: 2CI6C71D96FA824\Alumno

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 303731
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 3 hr, 16 min, 9 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build:    09-25-2018
# Database: 2018-10-31.2 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    11-03-2018
# Duration: 00:00:05
# OS:       Windows 7 Professional
# Cleaned:  0
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1257 octets] - [03/11/2018 11:21:02]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Todo va bien! Sin embargo… por curiosidad, hay más herramientas que pueda utilizar para seguir escaneando el sistema?


#5

Hola

Los reportes salen limpios, pero puedes realizar u análisis con ESETOnline para ver si se ha quedado algo oculto.

Manual Eset Online

Trae el reporte y noscoments como sigue tu PC.

Un saludo


#6

Muy buenas, Daniela.

El análisis sólo me detectó como amenaza el instalador oficial de CCleaner, como ya me ha pasado en anteriores ocasiones… así que no creí necesario guardar el reporte.

Todo va bien.

Si quieres podemos cerrar el tema como solucionado, pero te agradecería mucho si antes pudieses darme una pequeña lista de más herramientas con las que podría seguir escaneando el sistema por mi cuenta.


#7

(para no seguir molestándote, jaja!)


#8

Hola

Parece que tu equipo está limpio, no deberías de realizar más escaneos :roll_eyes:

Para hacer una revisión de tu equipo, cuando creas que está infectado, con los programas que te he indicado valdría, también puedes analizar con tu antivirus.

Yo, en particular, saliendo los reportes limpios y funcionando bien tu equipo, no le haría nada más.

Vamos a ver si queda algo en tu equipo, con FRST solo vas a analizar, dime que programa fue el que instalaste para ver si quedaron restos.

Descarga Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Pon los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Un saludo


#9

Daniela,

te agradezco enormemente la paciencia.

Seguí tus consejos, y analicé el sistema con la herramienta que mencionaste y el antivirus.

El programa que utilicé fue “Allavsoft”.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24.10.2018
Ran by Alumno (administrator) on 2CI6C71D96FA824 (05-11-2018 15:25:30)
Running from C:\Users\Alumno\Desktop
Loaded Profiles: Alumno (Available Profiles: Alumno)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdredline.exe
(Apple Computer, Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files\Intel\Device Control Service\DeviceControlService.exe
() C:\Program Files\FusionInventory-Agent\perl\bin\perl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files\Intel\On Screen Indicator\bin\FnKeyHook.exe
(OEM) C:\Program Files\Intel(R) Learning Series\HDD Protection\HDD Protection\HPUtility.exe
() D:\.cache\.b\conigform-windows.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
() C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
(OEM) C:\Program Files\Intel(R) Learning Series\HDD Protection\HDD Protection\HDPService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\downloader.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11442792 2011-11-01] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1938728 2010-10-14] (Synaptics Incorporated)
HKLM\...\Run: [FnKeyHook] => C:\Program Files\Intel\On Screen Indicator\bin\FnKeyHook.exe [115712 2011-12-12] (Intel Corporation)
HKLM\...\Run: [AlwaysAware Hard-Disk Drive] => C:\Program Files\Intel(R) Learning Series\HDD Protection\HDD Protection\HPUtility.exe [1298432 2011-07-06] (OEM)
HKLM\...\Run: [Formulario] => D:\.cache\.b\conigform-windows.exe [5328986 2013-07-10] ()
HKLM\...\Run: [GfxServiceInstall] => C:\Windows\system32\GfxCUIServiceInstall.vbs [131 2011-12-14] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKU\S-1-5-19\...\Run: [Formulario] => D:\.cache\.b\conigform-windows.exe [5328986 2013-07-10] ()
HKU\S-1-5-21-1426333803-718080766-1020419503-1000\...\MountPoints2: {99e35816-c1e6-11e8-9936-eca86b518c62} - E:\LG_PC_Programs.exe
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [94208 2006-02-28] (Apple Computer, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{93757894-14ED-408F-86A8-C7A524B525B7}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{93757894-14ED-408F-86A8-C7A524B525B7}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{965D91DE-CEB5-4B19-8E2D-AFF8FD876521}: [DhcpNameServer] 172.16.0.254
Tcpip\..\Interfaces\{C99B56E5-6A81-4B0F-91A5-41727481E8A8}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{E5C9AAD6-2A6D-4C1E-AC30-C359A2985DBA}: [DhcpNameServer] 200.80.206.11 200.80.206.12

Internet Explorer:
==================
HKU\S-1-5-21-1426333803-718080766-1020419503-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://conectarigualdad.gob.ar/
HKU\S-1-5-21-1426333803-718080766-1020419503-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ar.msn.com/?ocid=iehp
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files\Common Files\McAfee\SystemCore => not found
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor => not found
FF Plugin: @mcafee.com/MSC,version=10 -> c:\progra~1\mcafee\msc\npmcsn~1.dll [No File]
FF Plugin: @mcafee.com/SAFFPlugin -> C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-08-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-08-01] (Google Inc.)

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxps://s.ytimg.com/yts/img/favicon-vfl8qSV2F.ico
CHR Profile: C:\Users\Alumno\AppData\Local\Google\Chrome\User Data\Default [2018-08-01]
CHR Extension: (Google Drive) - C:\Users\Alumno\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-08-01]
CHR Extension: (YouTube) - C:\Users\Alumno\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-01]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Alumno\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-01]
CHR Extension: (Gmail) - C:\Users\Alumno\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-08-01]
CHR Extension: (Chrome Media Router) - C:\Users\Alumno\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-01]
CHR Extension: (uBlock Origin) - C:\Users\Alumno\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-08-01]
CHR Extension: (Ver Imagen) - C:\Users\Alumno\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpcmhcelnjdmblfmjabdeclccemkghjk [2018-08-05]
CHR Extension: (Hide Fake Torrents on TPB) - C:\Users\Alumno\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkdhkcpmifehkmadpldbbdadepgplcmo [2018-09-25]
CHR Extension: (YouTube) - C:\Users\Alumno\AppData\Local\Google\Chrome\User Data\Default\Extensions\adnlfjpnmidfimlkaohpidplnoimahfh [2018-10-11]
CHR Extension: (Hide YouTube Comments) - C:\Users\Alumno\AppData\Local\Google\Chrome\User Data\Default\Extensions\kehdmnjmaakacofbgmjgjapbbibhafoh [2018-10-13]
CHR Extension: (HTTPS Everywhere) - C:\Users\Alumno\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2018-10-25]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AlwaysAware HDP Service; C:\Program Files\Intel(R) Learning Series\HDD Protection\HDD Protection\HDPService.exe [163840 2010-10-20] (OEM) [File not signed]
R2 bdredline; C:\Program Files\Bitdefender Antivirus Free\bdredline.exe [1929240 2018-03-22] (Bitdefender)
R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
R2 Device Control Service; C:\Program Files\Intel\Device Control Service\DeviceControlService.exe [1196544 2011-12-12] (Intel Corporation) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2018-08-01] (Macrovision Europe Ltd.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 MBAMService; D:\Leandro (archivos)\Programas\Anti-Malware\mbamservice.exe [5073376 2018-09-19] (Malwarebytes)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1284032 2018-07-31] (Bitdefender)
S2 SkypeUpdate; D:\Leandro (archivos)\Programas\Skype\Updater\Updater.exe [317408 2017-07-18] (Skype Technologies)
R2 tcsd_win32.exe; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1552384 2007-11-08] () [File not signed]
R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [236208 2018-05-14] (Bitdefender)
R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [236208 2018-05-14] (Bitdefender)
R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [236208 2018-09-04] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
R2 FusionInventory-Agent; "C:\Program Files\FusionInventory-Agent\perl\bin\perl.exe" "C:\Program Files\FusionInventory-Agent\perl\bin\fusioninventory-win32-service"

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 accel; C:\Windows\System32\DRIVERS\ADXL345accel.sys [14336 2011-12-12] (Intel Corporation)
S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus.sys [15744 2014-10-09] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23680 2014-10-09] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [28416 2014-10-09] (LG Electronics Inc.)
R0 atc; C:\Windows\System32\DRIVERS\atc.sys [1016552 2018-06-05] (BitDefender S.R.L. Bucharest, ROMANIA)
R0 BdDci; C:\Windows\System32\DRIVERS\bddci.sys [249136 2018-08-22] (Bitdefender)
R3 edrsensor; C:\Windows\System32\DRIVERS\edrsensor.sys [246688 2018-10-09] (BitDefender S.R.L. Bucharest, ROMANIA)
R0 Gemma; C:\Windows\System32\DRIVERS\Gemma.sys [304800 2018-10-04] (BitDefender S.R.L. Bucharest, ROMANIA)
R0 gzflt; C:\Windows\System32\drivers\gzflt.sys [157256 2018-05-29] (BitDefender LLC)
R0 HDPFilter; C:\Windows\System32\DRIVERS\HDPFilter.sys [15736 2010-10-20] (Intel Corporation)
R3 IPMLEBL; C:\Windows\System32\Drivers\ipmlebl.sys [9984 2011-12-12] (Intel Corporation)
R3 RTL8192Ce; C:\Windows\System32\DRIVERS\rtl8192Ce.sys [1036904 2011-06-23] (Realtek Semiconductor Corporation )
S3 smsbda; C:\Windows\System32\drivers\smsbda.sys [71456 2012-02-23] (Siano)
R2 trufos; C:\Windows\System32\drivers\trufos.sys [522240 2018-06-28] (Bitdefender)
R3 VKBD; C:\Windows\System32\DRIVERS\virkbd.sys [18432 2011-12-12] (Intel Corporation)
S0 PxHelp20; system32\DRIVERS\PxHelp20.sys [X]
S3 rtl8192se; system32\DRIVERS\rtl8192se.sys [X]
S3 WinRing0_1_2_0; \??\D:\Leandro (archivos)\Programas\Game Booster 3\Driver\WinRing0.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-05 15:25 - 2018-11-05 15:28 - 000012905 _____ C:\Users\Alumno\Desktop\FRST.txt
2018-11-05 14:39 - 2018-11-05 14:40 - 000190976 _____ C:\Windows\ntbtlog.txt
2018-11-05 14:38 - 2018-11-05 14:38 - 000000000 _____ C:\Users\Alumno\AppData\Local\{7ADBA587-B908-407D-9E3F-BC1A3E6BB02E}
2018-11-04 20:28 - 2018-11-04 20:28 - 000033751 _____ C:\ProgramData\agent.update.1541374059.bdinstall.bin
2018-11-04 20:21 - 2018-11-04 20:21 - 000001145 _____ C:\Users\Public\Desktop\Bitdefender Antivirus Free.lnk
2018-11-04 20:21 - 2018-11-04 20:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free
2018-11-04 20:21 - 2018-11-04 20:21 - 000000000 ____D C:\ProgramData\Bitdefender
2018-11-04 20:21 - 2018-10-09 15:07 - 000246688 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\edrsensor.sys
2018-11-04 20:21 - 2018-05-29 05:04 - 000157256 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2018-11-04 20:20 - 2018-10-04 23:40 - 000304800 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\Gemma.sys
2018-11-04 20:20 - 2018-08-22 12:43 - 000249136 _____ (Bitdefender) C:\Windows\system32\Drivers\bddci.sys
2018-11-04 20:20 - 2018-06-05 04:32 - 001016552 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\atc.sys
2018-11-04 20:17 - 2018-11-05 15:27 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2018-11-04 20:17 - 2018-06-28 14:39 - 000522240 _____ (Bitdefender) C:\Windows\system32\Drivers\trufos.sys
2018-11-04 20:07 - 2018-11-04 20:28 - 000000000 ____D C:\Program Files\Bitdefender Agent
2018-11-04 20:07 - 2018-11-04 20:07 - 000041393 _____ C:\ProgramData\agent.1541372848.bdinstall.bin
2018-11-04 20:07 - 2018-11-04 20:07 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2018-11-04 15:02 - 2018-11-04 15:02 - 000000000 ____D C:\Users\Alumno\AppData\Local\ElevatedDiagnostics
2018-11-04 14:45 - 2018-11-04 14:45 - 000000000 ____D C:\Users\Alumno\AppData\Roaming\QuickScan
2018-11-04 13:18 - 2018-11-05 15:25 - 000000000 ____D C:\FRST
2018-11-04 13:16 - 2018-11-04 13:17 - 001774592 _____ (Farbar) C:\Users\Alumno\Desktop\FRST.exe
2018-11-03 22:31 - 2018-11-04 13:46 - 000000000 ____D C:\Users\Alumno\AppData\Local\ESET
2018-11-03 22:28 - 2018-11-03 22:28 - 006981240 _____ (ESET spol. s r.o.) C:\Users\Alumno\Desktop\esetonlinescanner_enu.exe
2018-11-03 11:29 - 2018-11-03 11:22 - 000001443 _____ C:\Users\Alumno\Desktop\AdwCleaner.txt
2018-11-03 11:14 - 2018-11-03 11:14 - 007592144 _____ (Malwarebytes) C:\Users\Alumno\Desktop\adwcleaner_7.2.4.0.exe
2018-11-03 11:05 - 2018-11-03 11:05 - 000001547 _____ C:\Users\Alumno\Desktop\Malwarebytes.txt
2018-11-03 01:35 - 2018-11-03 11:09 - 000129248 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2018-11-03 01:35 - 2018-11-03 01:35 - 000000846 _____ C:\Users\Alumno\Desktop\Malwarebytes.lnk
2018-11-03 01:35 - 2018-11-03 01:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-11-03 01:35 - 2018-11-03 01:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-10-31 16:14 - 2018-10-31 16:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2018-10-31 16:00 - 2018-10-31 16:00 - 000000045 _____ C:\Windows\system32\initdebug.nfo
2018-10-27 16:32 - 2018-10-28 22:45 - 000000000 ____D C:\Users\Alumno\AppData\Roaming\Allavsoft
2018-10-24 21:05 - 2018-10-24 21:05 - 001233920 _____ (Microsoft Corporation) C:\Windows\system32\msxml4.dll
2018-10-24 21:05 - 2018-10-24 21:05 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\msxml4r.dll
2018-10-23 23:59 - 2018-10-23 23:59 - 000000000 ____D C:\Windows\system32\directx
2018-10-21 20:13 - 2018-10-21 20:20 - 000000000 ____D C:\Users\Alumno\.gradle
2018-10-21 20:12 - 2018-10-21 20:12 - 000000000 ____D C:\Users\Alumno\AndroidStudioProjects
2018-10-20 14:39 - 2018-10-20 14:39 - 000000000 ____D C:\Users\Alumno\AppData\Roaming\Sun
2018-10-20 14:39 - 2018-10-20 14:39 - 000000000 ____D C:\Program Files\Common Files\Oracle
2018-10-20 14:38 - 2018-10-20 14:38 - 000000000 ____D C:\Program Files\Common Files\Java
2018-10-20 14:36 - 2018-10-20 14:36 - 000000000 ____D C:\Program Files\Java
2018-10-11 15:19 - 2018-10-11 15:19 - 000000000 ____D C:\Users\Alumno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
2018-10-09 16:36 - 2018-11-05 13:44 - 000000000 ____D C:\Users\Alumno\AppData\Roaming\vlc
2018-10-09 16:35 - 2018-10-09 16:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-05 15:24 - 2010-07-29 15:37 - 000012711 _____ C:\Windows\system32\Default.bty
2018-11-05 15:19 - 2009-07-14 01:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-05 14:10 - 2018-08-05 16:53 - 000000000 ____D C:\Users\Alumno\AppData\Roaming\MPC-HC
2018-11-05 13:33 - 2010-07-27 11:11 - 000007614 _____ C:\Users\Alumno\AppData\Local\Resmon.ResmonCfg
2018-11-05 11:41 - 2009-07-14 01:34 - 000019168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-11-05 11:41 - 2009-07-14 01:34 - 000019168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-11-05 00:53 - 2010-07-22 16:28 - 000095280 _____ C:\Users\Alumno\AppData\Local\GDIPFONTCACHEV1.DAT
2018-11-05 00:52 - 2009-07-14 01:33 - 001726688 _____ C:\Windows\system32\FNTCACHE.DAT
2018-11-05 00:46 - 2009-07-13 23:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-11-05 00:43 - 2009-07-14 06:08 - 000000000 ____D C:\Windows\ShellNew
2018-11-05 00:37 - 2018-08-02 09:37 - 000000000 ___RD C:\Users\Alumno\Desktop\Programas
2018-11-04 22:09 - 2018-08-05 15:45 - 000000000 ____D C:\ProgramData\TechSmith
2018-11-04 22:06 - 2018-09-27 01:23 - 000000000 ____D C:\Users\Alumno\AppData\Roaming\LG Electronics
2018-11-04 22:06 - 2018-09-27 01:20 - 000000000 ____D C:\Users\Alumno\AppData\Local\LG Electronics
2018-11-04 13:46 - 2018-08-01 08:26 - 000000000 ____D C:\Users\Alumno\AppData\Local\Avg
2018-11-04 13:46 - 2018-08-01 08:20 - 000000000 ____D C:\ProgramData\AVG
2018-11-03 14:25 - 2018-08-08 16:24 - 000000000 ____D C:\Users\Alumno\AppData\Local\CrashDumps
2018-11-03 14:23 - 2018-08-05 16:33 - 000000000 ____D C:\Users\Alumno\AppData\Roaming\Audacity
2018-11-02 17:49 - 2018-08-10 12:22 - 000000000 ____D C:\Users\Alumno\AppData\LocalLow\uTorrent
2018-11-02 13:03 - 2009-07-13 23:37 - 000000000 __RHD C:\Users\Public\Libraries
2018-10-31 16:29 - 2018-08-11 04:18 - 000000000 ____D C:\Users\Alumno\AppData\Roaming\Mp3tag
2018-10-30 22:50 - 2018-08-01 08:37 - 000002140 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-10-30 22:50 - 2018-08-01 08:37 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-28 19:56 - 2018-09-12 20:37 - 000000000 ____D C:\Users\Alumno\AppData\Roaming\Skype
2018-10-24 21:43 - 2018-08-01 22:36 - 000000000 ____D C:\Program Files\Adobe
2018-10-24 21:43 - 2018-08-01 22:22 - 000000000 ____D C:\Program Files\Common Files\Adobe
2018-10-24 21:43 - 2012-08-23 15:22 - 000000000 ____D C:\ProgramData\Adobe
2018-10-24 21:38 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\inf
2018-10-24 21:22 - 2012-08-23 15:16 - 000000000 ____D C:\Users\Alumno\AppData\Local\Adobe
2018-10-24 21:22 - 2010-07-28 14:24 - 000000000 ____D C:\Users\Alumno\AppData\Roaming\Adobe
2018-10-21 20:13 - 2018-09-26 23:41 - 000000000 ____D C:\Users\Alumno\AppData\Roaming\Google
2018-10-21 20:13 - 2010-07-22 10:35 - 000000000 ____D C:\Users\Alumno
2018-10-21 20:12 - 2018-09-26 23:41 - 000000000 ____D C:\Users\Alumno\.android
2018-10-20 14:39 - 2018-07-31 23:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-10-20 14:36 - 2018-07-31 23:34 - 000096632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2018-10-19 14:34 - 2018-08-02 01:50 - 000000000 ____D C:\Program Files\Common Files\Steam
2018-10-11 05:13 - 2009-07-14 01:53 - 000032630 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-10-10 05:45 - 2018-08-02 01:43 - 000000000 ____D C:\Users\Alumno\AppData\Roaming\Spotify
2018-10-10 05:45 - 2018-08-02 01:43 - 000000000 ____D C:\Users\Alumno\AppData\Local\Spotify
2018-10-09 16:32 - 2013-06-14 19:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonido y vídeo
2018-10-08 01:23 - 2013-08-01 17:34 - 000000452 __RSH C:\Users\Alumno\ntuser.pol

==================== Files in the root of some directories =======

2010-07-26 07:43 - 2010-11-23 14:46 - 001610752 _____ () C:\Program Files\Winplot_espanol.exe
2010-07-27 11:11 - 2018-11-05 13:33 - 000007614 _____ () C:\Users\Alumno\AppData\Local\Resmon.ResmonCfg
2018-11-05 14:38 - 2018-11-05 14:38 - 000000000 _____ () C:\Users\Alumno\AppData\Local\{7ADBA587-B908-407D-9E3F-BC1A3E6BB02E}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-11-04 04:00

==================== End of FRST.txt ============================

#10
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24.10.2018
Ran by Alumno (05-11-2018 15:30:16)
Running from C:\Users\Alumno\Desktop
Microsoft Windows 7 Professional  Service Pack 1 (X86) (2010-07-22 13:35:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1426333803-718080766-1020419503-500 - Administrator - Disabled)
Alumno (S-1-5-21-1426333803-718080766-1020419503-1000 - Administrator - Enabled) => C:\Users\Alumno
Invitado (S-1-5-21-1426333803-718080766-1020419503-501 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {EA21BCE8-A461-99C3-3A0D-4C964E75494E}
AS: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {51405D0C-825B-964D-00BD-77E435F203F3}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACD/Labs Software in C:\Program Files\ACDFREE12\ (HKLM\...\ACDLabs in C__Program_Files_ACDFREE12_) (Version: v12.00, FREE - ACD/Labs)
Adobe Photoshop CS3 (HKLM\...\Adobe_53a35a181eeb50486a0e091bd67ae62) (Version: 10.0 - Adobe Systems Incorporated)
Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.13.65 - Bitdefender)
Camtasia Studio 8 (HKLM\...\{AF33D0D2-2627-4AC8-8473-FDBB7892129C}) (Version: 8.6.0.2079 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
E-Reader (HKLM\...\E-Reader) (Version: 2.0.20110711 - Foxit Corporation)
FFmpeg v0.6.2 for Audacity (HKLM\...\FFmpeg for Audacity_is1) (Version:  - )
ForcePAD 2.4.2 (HKLM\...\ForcePAD_is1) (Version:  - Division of Structural Mechanics)
FusionInventory Agent (HKLM\...\FusionInventory Agent) (Version: 2.1.7-2 - FusionInventory Team)
GNU Privacy Guard (HKLM\...\GnuPG) (Version: 1.4.12 - Free Software Foundation)
Google Chrome (HKLM\...\Google Chrome) (Version: 70.0.3538.77 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.14.8.1096 - Intel Corporation)
Intel(R) Learning Series HDD Protection (HKLM\...\{568401B6-0219-4409-94BF-084AFE71B2BF}) (Version: 1.6.5.95 - Nombre de su organización)
Intel(R) Learning Series On Screen Display (HKLM\...\{a0aa7e61-24c9-11e1-9b56-00155d50bd31}) (Version: 3.0.1.3213 - Intel Corporation)
Intel(R) Learning Series Runtime (HKLM\...\{ec8ebf2e-24c9-11e1-b4ca-00155d50bd31}) (Version: 3.0.1.3213 - Intel Corporation)
Intel(R) Learning Series System Recovery Tool (HKLM\...\{F7A70522-9FDD-4D4C-91E3-9C0E67618737}) (Version: 1.1.0 - Intel Corporation)
Intel(R) Learning Series WebCam Companion by ArcSoft (HKLM\...\{F10B8A69-5B8A-4394-85DC-1205A7DA1A46}) (Version: 4.0.35.456 - ArcSoft)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
Java 8 Update 191 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Labcam by WebCamLaboratory (HKLM\...\{6F6B65D0-3143-4948-BBCB-7704847748BD}) (Version: 6.5.2115 - Intel(R) Learning Series)
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )
Last.fm Scrobbler 2.1.37 (HKLM\...\LastFM_is1) (Version:  - Last.fm)
LG United Mobile Drivers (HKLM\...\{2D5218EB-6992-46E3-8ECE-76C79AB955CE}) (Version: 3.13.2.0 - LG Electronics)
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft .NET Framework 4.5.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MPC-HC 1.7.13 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.13 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Notepad++ (HKLM\...\Notepad++) (Version: 6.1.5 - )
NTRU TCG Software Stack (HKLM\...\{FEC193E4-6C5F-40E9-A249-7D8C8404A9EC}) (Version: 2.1.25 - NTRU Cryptosystems) Hidden
OGA Notifier 2.0.0048.0 (HKLM\...\{B2544A03-10D0-4E5E-BA69-0362FFC20D18}) (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PDF Settings (HKLM\...\{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.43.321.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6493 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.30130 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.0180 - REALTEK Semiconductor Corp.)
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
Skype™ 7.40 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.104 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Spotify (HKU\S-1-5-21-1426333803-718080766-1020419503-1000\...\Spotify) (Version: 1.0.85.259.g4ab01679 - Spotify AB)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.19.0 - Synaptics Incorporated)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN)
WinRAR 5.60 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1426333803-718080766-1020419503-1000_Classes\CLSID\{3C4F3BE3-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1426333803-718080766-1020419503-1000_Classes\CLSID\{3C4F3BE5-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1426333803-718080766-1020419503-1000_Classes\CLSID\{3C4F3BE7-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1426333803-718080766-1020419503-1000_Classes\CLSID\{693566bc-21f8-401e-8d42-e2c5ce50dacc}\localserver32 -> C:\Users\Alumno\AppData\Local\Temp\{d5641912-e47a-429c-879e-cfe13eac7a13}\IDriver.NonElevated.exe => No File
CustomCLSID: HKU\S-1-5-21-1426333803-718080766-1020419503-1000_Classes\CLSID\{7629CFA2-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1426333803-718080766-1020419503-1000_Classes\CLSID\{7629CFA4-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1426333803-718080766-1020419503-1000_Classes\CLSID\{7DA06D40-54A0-11CF-A521-0080C77A7786}\InprocServer32 -> C:\Windows\system32\tabctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1426333803-718080766-1020419503-1000_Classes\CLSID\{BDC217C5-ED16-11CD-956C-0000C04E4C0A}\InprocServer32 -> C:\Windows\system32\tabctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1426333803-718080766-1020419503-1000_Classes\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
ContextMenuHandlers1: [ANotepad++] -> {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593} => C:\Program Files\Notepad++\NppShell_05.dll [2012-06-18] ()
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => D:\Leandro (archivos)\Programas\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Leandro (archivos)\Programas\WinRAR 5.60\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Leandro (archivos)\Programas\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-11-04] (Intel Corporation)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => D:\Leandro (archivos)\Programas\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Leandro (archivos)\Programas\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Leandro (archivos)\Programas\WinRAR 5.60\rarext.dll [2018-06-24] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {09FEBBEB-83D9-4A5F-B260-EFB2D33AAA35} - System32\Tasks\memreductSkipUac => D:\Leandro (archivos)\Programas\Mem Reduct\memreduct.exe [2018-02-08] (Henry++)
Task: {1AC04F0B-D77E-4B39-8E1C-A031E08B721E} - System32\Tasks\{DA8EF229-35E5-4B34-AB0A-F9DF37FA1BC9} => C:\Windows\system32\pcalua.exe -a E:\Windows7\Setup_ISDBT(RIO)_DEF_6_8_7_3_55_NonWHQL_x32.exe -d E:\Windows7
Task: {2E2F53A6-AEF8-46AC-9AE8-87E53629A56A} - System32\Tasks\updater => C:\Windows\System32\runupdate.bat [2012-09-03] ()
Task: {3E3A7143-B5A7-4300-BED2-71E05F65B91F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2018-08-01] (Google Inc.)
Task: {47740FBB-398D-4EF5-A416-B33E760418BF} - System32\Tasks\{61CA6F85-F504-4613-A05C-413AE23A11D0} => C:\Windows\system32\pcalua.exe -a E:\Software\Windows\Diccionarios\Babiloo-Spanish-2.0.9.exe -d E:\Software\Windows\Diccionarios
Task: {6185233F-3E48-4DC8-9748-78E60CCD38B8} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-10-28] (AVG Technologies CZ, s.r.o.)
Task: {692CEE98-6320-40EF-9A13-5F964763F8E5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2018-08-01] (Google Inc.)
Task: {807BAF3B-56CD-4121-9083-1EB8B174B4E5} - System32\Tasks\RunSpeccy => D:\Leandro (archivos)\Programas\Speccy\Speccy.exe [2018-05-02] (Piriform Ltd)
Task: {8F5AEBFD-A1CC-4A47-A7E7-3B1EAC649513} - System32\Tasks\Game_Booster_AutoUpdate => D:\Leandro (archivos)\Programas\Game Booster 3\AutoUpdate.exe
Task: {D6FB4B1F-03F2-4FE5-8165-A0BA99D11CAF} - System32\Tasks\BatteryInfo => "C:\Program Files\BatteryInfo\logstart.cmd" 
Task: {E07C98C0-0E5E-4471-B1BF-FDE4733D0D26} - System32\Tasks\CCleaner Update => D:\Leandro (archivos)\Programas\CCleaner\CCUpdate.exe [2018-06-24] (Piriform Ltd)
Task: {EF52D922-5743-4AF7-B9E4-E38E7AC9DFA9} - System32\Tasks\CCleanerSkipUAC => D:\Leandro (archivos)\Programas\CCleaner\CCleaner.exe [2018-06-24] (Piriform Ltd)
Task: {F733B4F8-62C8-4F21-88C3-D9E9718E0061} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2018-07-31] (Bitdefender)
Task: {FCB7FB8E-11C7-4F94-A550-7C12B27ACF09} - System32\Tasks\{F12E43F7-CB46-404A-BBDB-9C2C8271F19D} => C:\Windows\system32\pcalua.exe -a "E:\Drivers y aplicaciones\app\Classroom_Management_Student_v2.3.0.9206\student_2.3.0.9206.exe" -d "E:\Drivers y aplicaciones\app\Classroom_Management_Student_v2.3.0.9206"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Alumno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=adnlfjpnmidfimlkaohpidplnoimahfh
ShortcutWithArgument: C:\Users\Alumno\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --process-per-site --wm-window-animations-disabled
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --process-per-site --wm-window-animations-disabled

==================== Loaded Modules (Whitelisted) ==============

2018-11-04 20:20 - 2017-11-21 18:55 - 000220096 _____ () C:\Program Files\Bitdefender Antivirus Free\txmlutil.dll
2012-06-18 12:24 - 2012-06-18 12:24 - 000260096 _____ () C:\Program Files\Notepad++\NppShell_05.dll
2010-12-14 19:05 - 2010-12-14 19:05 - 000014336 _____ () C:\Program Files\FusionInventory-Agent\perl\bin\perl.exe
2010-12-14 19:05 - 2010-12-14 19:05 - 001375744 _____ () C:\Program Files\FusionInventory-Agent\perl\bin\perl512.dll
2010-12-14 19:05 - 2010-12-14 19:05 - 000035328 _____ () C:\Program Files\FusionInventory-Agent\perl\bin\libgcc_s_sjlj-1.dll
2010-12-14 19:05 - 2010-12-14 19:05 - 000047616 _____ () C:\Program Files\FusionInventory-Agent\perl\lib\auto\Win32\Win32.dll
2010-12-14 19:05 - 2010-12-14 19:05 - 000114176 _____ () C:\Program Files\FusionInventory-Agent\perl\site\lib\auto\Win32\Daemon\Daemon.dll
2010-12-14 19:05 - 2010-12-14 19:05 - 000037888 _____ () C:\Program Files\FusionInventory-Agent\perl\lib\auto\threads\threads.dll
2010-12-14 19:05 - 2010-12-14 19:05 - 000027136 _____ () C:\Program Files\FusionInventory-Agent\perl\lib\auto\List\Util\Util.dll
2010-12-14 19:05 - 2010-12-14 19:05 - 000034816 _____ () C:\Program Files\FusionInventory-Agent\perl\lib\auto\threads\shared\shared.dll
2010-12-14 19:05 - 2010-12-14 19:05 - 000015872 _____ () C:\Program Files\FusionInventory-Agent\perl\lib\auto\Cwd\Cwd.dll
2010-12-14 19:05 - 2010-12-14 19:05 - 000011776 _____ () C:\Program Files\FusionInventory-Agent\perl\lib\auto\Sys\Hostname\Hostname.dll
2010-12-14 19:05 - 2010-12-14 19:05 - 000015360 _____ () C:\Program Files\FusionInventory-Agent\perl\lib\auto\attributes\attributes.dll
2010-12-14 19:05 - 2010-12-14 19:05 - 000034816 _____ () C:\Program Files\FusionInventory-Agent\perl\lib\auto\Encode\Encode.dll
2010-12-14 19:05 - 2010-12-14 19:05 - 000019968 _____ () C:\Program Files\FusionInventory-Agent\perl\lib\auto\Digest\MD5\MD5.dll
2010-12-14 19:05 - 2010-12-14 19:05 - 000016896 _____ () C:\Program Files\FusionInventory-Agent\perl\lib\auto\Fcntl\Fcntl.dll
2010-12-14 19:05 - 2010-12-14 19:05 - 000020992 _____ () C:\Program Files\FusionInventory-Agent\perl\lib\auto\IO\IO.dll
2010-12-14 19:05 - 2010-12-14 19:05 - 000020992 _____ () C:\Program Files\FusionInventory-Agent\perl\lib\auto\File\Glob\Glob.dll
2010-12-14 19:05 - 2010-12-14 19:05 - 000075264 _____ () C:\Program Files\FusionInventory-Agent\perl\lib\auto\Storable\Storable.dll
2010-12-14 19:05 - 2010-12-14 19:05 - 000036864 _____ () C:\Program Files\FusionInventory-Agent\perl\lib\auto\Data\Dumper\Dumper.dll
2010-12-14 19:05 - 2010-12-14 19:05 - 000200192 _____ () C:\Program Files\FusionInventory-Agent\perl\vendor\lib\auto\Win32API\Registry\Registry.dll
2010-12-14 19:05 - 2010-12-14 19:05 - 000076288 _____ () C:\Program Files\FusionInventory-Agent\perl\vendor\lib\auto\Win32\WinError\WinError.dll
2010-12-14 19:05 - 2010-12-14 19:05 - 000025600 _____ () C:\Program Files\FusionInventory-Agent\perl\vendor\lib\auto\Win32\API\API.dll
2010-12-14 19:05 - 2010-12-14 19:05 - 000025088 _____ () C:\Program Files\FusionInventory-Agent\perl\lib\auto\Encode\Unicode\Unicode.dll
2013-07-10 12:23 - 2013-07-10 12:23 - 005328986 _____ () D:\.cache\.b\conigform-windows.exe
2018-11-05 15:19 - 2018-11-05 15:19 - 000032865 ____R () C:\Users\Alumno\AppData\Local\Temp\pdk-Alumno-1616\4696abe3fa8a1ccc5425b239074855ec\vxs.dll
2018-11-05 15:19 - 2018-11-05 15:19 - 000024670 ____R () C:\Users\Alumno\AppData\Local\Temp\pdk-Alumno-1616\5adeefc90695475b848af121c9520df4\IO.dll
2018-11-05 15:19 - 2018-11-05 15:19 - 000024696 ____R () C:\Users\Alumno\AppData\Local\Temp\pdk-Alumno-1616\8e78bfae2a56dc40baeadc6c1d8058a1\Base64.dll
2018-11-05 15:19 - 2018-11-05 15:19 - 000049246 ____R () C:\Users\Alumno\AppData\Local\Temp\pdk-Alumno-1616\82e8d5f71f7973fe6b7449c25b387d00\Event.dll
2018-11-05 15:19 - 2018-11-05 15:19 - 000020587 ____R () C:\Users\Alumno\AppData\Local\Temp\pdk-Alumno-1616\c10f3b22ff31812ec7d7f661769d748c\Cwd.dll
2018-11-05 15:19 - 2018-11-05 15:19 - 000036958 ____R () C:\Users\Alumno\AppData\Local\Temp\pdk-Alumno-1616\8ccb0cfe3df2fd836da0f985dbe89580\Encode.dll
2018-11-05 15:19 - 2018-11-05 15:19 - 000024679 ____R () C:\Users\Alumno\AppData\Local\Temp\pdk-Alumno-1616\c9bd8333839b1f2689695569492bad64\Unicode.dll
2018-11-05 15:19 - 2018-11-05 15:19 - 000110689 ____R () C:\Users\Alumno\AppData\Local\Temp\pdk-Alumno-1616\7af8c4832779af8b3ee965aa3fbdd069\Byte.dll
2018-11-05 15:19 - 2018-11-05 15:19 - 000032873 ____R () C:\Users\Alumno\AppData\Local\Temp\pdk-Alumno-1616\e790df575748f7ddfa6d074eefbd3af9\Dumper.dll
2018-11-05 15:19 - 2018-11-05 15:19 - 000090204 ____R () C:\Users\Alumno\AppData\Local\Temp\pdk-Alumno-1616\bb2118399e747cf0b05e85f078f17719\Text.dll
2018-11-05 15:19 - 2018-11-05 15:19 - 000147548 ____R () C:\Users\Alumno\AppData\Local\Temp\pdk-Alumno-1616\d6af2d1a7b078cc50551f4fd2675bf8c\JPEG.dll
2018-11-05 15:19 - 2018-11-05 15:19 - 000135258 ____R () C:\Users\Alumno\AppData\Local\Temp\pdk-Alumno-1616\5b9aab1c77b1d083365b6c067ea46a76\PNG.dll
2018-11-05 15:19 - 2018-11-05 15:19 - 000024679 ____R () C:\Users\Alumno\AppData\Local\Temp\pdk-Alumno-1616\3d204758818396d7bdc2bcd572a56e44\HiRes.dll
2018-11-05 15:19 - 2018-11-05 15:19 - 000020590 ____R () C:\Users\Alumno\AppData\Local\Temp\pdk-Alumno-1616\e3db8a859fc8bcefbdc0b0794ccdec86\Hostname.dll
2018-11-05 15:19 - 2018-11-05 15:19 - 000041054 ____R () C:\Users\Alumno\AppData\Local\Temp\pdk-Alumno-1616\4cb26298ba3f86390fa179da751d37c4\Entry.dll
2018-11-05 15:19 - 2018-11-05 15:19 - 000045148 ____R () C:\Users\Alumno\AppData\Local\Temp\pdk-Alumno-1616\23163649894ab57472dd74332aaada55\XS.dll
2018-11-05 15:19 - 2018-11-05 15:19 - 000024676 ____R () C:\Users\Alumno\AppData\Local\Temp\pdk-Alumno-1616\b727b7fdd6145d51389bd1b1d83243e4\Fcntl.dll
2018-11-05 15:19 - 2018-11-05 15:19 - 000065636 ____R () C:\Users\Alumno\AppData\Local\Temp\pdk-Alumno-1616\aa3d152eda628944ec1fb2cab55cf7b5\Storable.dll
2018-11-05 15:19 - 2018-11-05 15:19 - 001335398 ____R () C:\Users\Alumno\AppData\Local\Temp\pdk-Alumno-1616\0dd97247006a69bd89723f10b3570454\Pari.dll
2018-11-05 15:19 - 2018-11-05 15:19 - 000053347 ____R () C:\Users\Alumno\AppData\Local\Temp\pdk-Alumno-1616\baeb31b10de41e0fd6fecc1b786c31f3\SHA.dll
2018-11-05 15:19 - 2018-11-05 15:19 - 000028794 ____R () C:\Users\Alumno\AppData\Local\Temp\pdk-Alumno-1616\adb40ad6184b77fb02b8d0dc012153f9\Util.dll
2018-11-05 15:19 - 2018-11-05 15:19 - 000024691 ____R () C:\Users\Alumno\AppData\Local\Temp\pdk-Alumno-1616\fbddb779c808bb8a87d21e8be16e78c5\MD5.dll
2018-11-05 15:19 - 2018-11-05 15:19 - 000028774 ____R () C:\Users\Alumno\AppData\Local\Temp\pdk-Alumno-1616\6f490717989e4864684b86ac93aae102\Socket.dll
2018-11-05 15:19 - 2018-11-05 15:19 - 000073828 ____R () C:\Users\Alumno\AppData\Local\Temp\pdk-Alumno-1616\e35df745f997abffd46edcb830985f30\POSIX.dll
2018-11-05 15:19 - 2018-11-05 15:19 - 000024679 ____R () C:\Users\Alumno\AppData\Local\Temp\pdk-Alumno-1616\4d7e3996a9077a8a59c070e741c554e8\Glob.dll
2018-11-05 15:19 - 2018-11-05 15:19 - 000876666 ____R () C:\Users\Alumno\AppData\Local\Temp\pdk-Alumno-1616\a6072653d5fb38014e07a245b7863088\SSLeay.dll
2018-11-04 20:20 - 2018-09-24 13:15 - 000849296 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_000_000\ashttpbr.mdl
2018-11-04 20:20 - 2018-09-24 13:15 - 000470016 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_000_000\ashttpdsp.mdl
2018-11-04 20:20 - 2018-09-24 13:15 - 002660224 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_000_000\ashttpph.mdl
2018-11-04 20:20 - 2018-09-24 13:15 - 001291936 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_000_000\ashttprbl.mdl
2007-11-08 22:50 - 2007-11-08 22:50 - 001552384 _____ () C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
2013-05-15 08:36 - 2013-05-15 08:36 - 000172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\fd7fa1aa086fc23a60b1536d346f5657\IsdiInterop.ni.dll
2012-06-21 14:44 - 2011-04-30 00:28 - 000059904 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Whitelisted) =========

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:04 - 2018-10-08 14:58 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1426333803-718080766-1020419503-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 1.1.1.1 - 1.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: ACDaemon => 3
MSCONFIG\startupreg: CCleaner Monitoring => "D:\Leandro (archivos)\Programas\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: GfxServiceInstall => C:\Windows\system32\GfxCUIServiceInstall.vbs
MSCONFIG\startupreg: Spotify Web Helper => C:\Users\Alumno\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{9BA2E6A2-2595-4B7B-B94C-3B4D68CB10EB}D:\leandro (archivos)\programas\chrome\application\chrome.exe] => (Allow) D:\leandro (archivos)\programas\chrome\application\chrome.exe
FirewallRules: [UDP Query User{44B04B91-5151-48AA-92E7-A96AD66FE29B}D:\leandro (archivos)\programas\chrome\application\chrome.exe] => (Allow) D:\leandro (archivos)\programas\chrome\application\chrome.exe
FirewallRules: [TCP Query User{8A490E5F-AB07-47B6-9BB2-44023860DCAE}D:\leandro (archivos)\programas\chrome\application\chrome.exe] => (Allow) D:\leandro (archivos)\programas\chrome\application\chrome.exe
FirewallRules: [UDP Query User{8EB610C0-F96B-4F8E-94DA-AFF975DED2E1}D:\leandro (archivos)\programas\chrome\application\chrome.exe] => (Allow) D:\leandro (archivos)\programas\chrome\application\chrome.exe
FirewallRules: [{D702D6F6-C631-4566-A749-74531ECDDC74}] => (Allow) D:\Leandro (archivos)\Programas\Steam\Steam.exe
FirewallRules: [{DF9297EB-5032-4578-8AC7-AF9147B193D8}] => (Allow) D:\Leandro (archivos)\Programas\Steam\Steam.exe
FirewallRules: [{7AA474CA-CE41-4D22-A544-51BD0D2AAD18}] => (Allow) D:\Leandro (archivos)\Programas\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{3826F748-D5CF-4B9F-9FAF-10954FDB1BB0}] => (Allow) D:\Leandro (archivos)\Programas\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{87D83D8F-8AF9-48F5-BDAE-7197450FA680}C:\users\alumno\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\alumno\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{F11626FB-2EF7-411A-9C1A-68C2B7411BEE}C:\users\alumno\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\alumno\appdata\roaming\spotify\spotify.exe
FirewallRules: [{92E976DD-D05C-4724-AEA0-A78626CB4E49}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{FDD54294-ED73-4F2C-B580-934E9CFB02F5}] => (Allow) LPort=8317
FirewallRules: [{4DF1EA87-ED54-4EF6-983F-F6A605BA6A3E}] => (Allow) D:\Leandro (archivos)\Programas\CCleaner\CCUpdate.exe
FirewallRules: [{E61E5208-E50E-4B6D-BF2A-8CF081F24CBF}] => (Allow) D:\Leandro (archivos)\Programas\Skype\Phone\Skype.exe
FirewallRules: [{6DE777EB-F556-420A-8F66-DACEC8C74245}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/05/2018 03:21:01 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: No se puede inicializar el índice.

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/05/2018 03:21:01 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: No se puede inicializar la aplicación.

Contexto: aplicación Windows

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/05/2018 03:21:01 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: No se puede inicializar el objeto Recopilador.

Contexto: aplicación Windows, catálogo SystemIndex

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/05/2018 03:21:01 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: No se puede inicializar el complemento <Search.TripoliIndexer>.

Contexto: aplicación Windows, catálogo SystemIndex

Detalles:
	No se ha encontrado el elemento.  (HRESULT : 0x80070490) (0x80070490)

Error: (11/05/2018 03:20:56 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: No se puede inicializar el complemento <Search.JetPropStore>.

Contexto: aplicación Windows, catálogo SystemIndex

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/05/2018 03:20:56 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: El servicio Windows Search no puede cargar la información del almacén de propiedades.

Contexto: aplicación Windows, catálogo SystemIndex

Detalles:
	La base de datos del índice de contenido está dañada.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (11/05/2018 03:20:56 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: El servicio Windows Search se está deteniendo porque hay un problema con el indizador: The catalog is corrupt.

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/05/2018 03:20:56 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: El servicio de búsqueda detectó archivos de datos dañados en el índice {id=4700}. Este servicio intentará corregir este problema automáticamente mediante la nueva generación del índice.

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (11/05/2018 03:21:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Search terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

Error: (11/05/2018 03:21:02 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: El servicio Windows Search se cerró con el error específico de servicio %%-1073473535.

Error: (11/05/2018 03:20:47 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
atc
cdrom
Gemma
PxHelp20

Error: (11/05/2018 02:40:23 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (11/05/2018 02:40:23 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (11/05/2018 02:40:23 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (11/05/2018 02:40:23 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (11/05/2018 02:40:23 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.


==================== Memory info =========================== 

Processor: Intel(R) Atom(TM) CPU N2600 @ 1.60GHz
Percentage of memory in use: 51%
Total physical RAM: 2031.17 MB
Available physical RAM: 977.21 MB
Total Virtual: 4062.34 MB
Available Virtual: 2582.27 MB

==================== Drives ================================

Drive c: (WINDOWS) (Fixed) (Total:40 GB) (Free:18.97 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DATOS) (Fixed) (Total:195.03 GB) (Free:25.21 GB) FAT32


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 1B41A361)
Partition 1: (Not Active) - (Size=40 GB) - (Type=83)
Partition 2: (Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=218.1 GB) - (Type=0F Extended)

==================== End of Addition.txt ============================

#11

(separé ambos reportes en cada mensaje)

También te dejo una captura del análisis del antivirus, por cualquier cosa:


#12

:arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe( en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:

HKU\S-1-5-21-1426333803-718080766-1020419503-1000\...\MountPoints2: {99e35816-c1e6-11e8-9936-eca86b518c62} - E:\LG_PC_Programs.exe
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
FF HKLM\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files\Common Files\McAfee\SystemCore => not found
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor => not found
FF Plugin: @mcafee.com/MSC,version=10 -> c:\progra~1\mcafee\msc\npmcsn~1.dll [No File]
FF Plugin: @mcafee.com/SAFFPlugin -> C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [No File]
CHR Extension: (Chrome Media Router) - C:\Users\Alumno\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-01]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx <not found>
S0 PxHelp20; system32\DRIVERS\PxHelp20.sys [X]
S3 rtl8192se; system32\DRIVERS\rtl8192se.sys [X]
S3 WinRing0_1_2_0; \??\D:\Leandro (archivos)\Programas\Game Booster 3\Driver\WinRing0.sys [X]
2018-11-05 14:38 - 2018-11-05 14:38 - 000000000 _____ C:\Users\Alumno\AppData\Local\{7ADBA587-B908-407D-9E3F-BC1A3E6BB02E}
2018-10-27 16:32 - 2018-10-28 22:45 - 000000000 ____D C:\Users\Alumno\AppData\Roaming\Allavsoft
CustomCLSID: HKU\S-1-5-21-1426333803-718080766-1020419503-1000_Classes\CLSID\{693566bc-21f8-401e-8d42-e2c5ce50dacc}\localserver32 -> C:\Users\Alumno\AppData\Local\Temp\{d5641912-e47a-429c-879e-cfe13eac7a13}\IDriver.NonElevated.exe => No File
ShortcutWithArgument: C:\Users\Alumno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=adnlfjpnmidfimlkaohpidplnoimahfh

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
  • Presionar el botón FIX y aguardar a que termine.
  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo


#13

Oye, Daniela… la herramienta tenía que cerrarse automáticamente al terminar el proceso de “fix”? porque… eso fue lo que pasó o.o

Y al parecer Bitdefender me dio un aviso de que el archivo (“Frst.exe”) podía ser malicioso… pero no lo eliminó

… Mira, aquí va el informe:

Fix result of Farbar Recovery Scan Tool (x86) Version: 24.10.2018
Ran by Alumno (05-11-2018 21:43:26) Run:1
Running from C:\Users\Alumno\Desktop
Loaded Profiles: Alumno (Available Profiles: Alumno)
Boot Mode: Normal

==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:

HKU\S-1-5-21-1426333803-718080766-1020419503-1000\...\MountPoints2: {99e35816-c1e6-11e8-9936-eca86b518c62} - E:\LG_PC_Programs.exe
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
FF HKLM\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files\Common Files\McAfee\SystemCore => not found
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor => not found
FF Plugin: @mcafee.com/MSC,version=10 -> c:\progra~1\mcafee\msc\npmcsn~1.dll [No File]
FF Plugin: @mcafee.com/SAFFPlugin -> C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [No File]
CHR Extension: (Chrome Media Router) - C:\Users\Alumno\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-01]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx <not found>
S0 PxHelp20; system32\DRIVERS\PxHelp20.sys [X]
S3 rtl8192se; system32\DRIVERS\rtl8192se.sys [X]
S3 WinRing0_1_2_0; \??\D:\Leandro (archivos)\Programas\Game Booster 3\Driver\WinRing0.sys [X]
2018-11-05 14:38 - 2018-11-05 14:38 - 000000000 _____ C:\Users\Alumno\AppData\Local\{7ADBA587-B908-407D-9E3F-BC1A3E6BB02E}
2018-10-27 16:32 - 2018-10-28 22:45 - 000000000 ____D C:\Users\Alumno\AppData\Roaming\Allavsoft
CustomCLSID: HKU\S-1-5-21-1426333803-718080766-1020419503-1000_Classes\CLSID\{693566bc-21f8-401e-8d42-e2c5ce50dacc}\localserver32 -> C:\Users\Alumno\AppData\Local\Temp\{d5641912-e47a-429c-879e-cfe13eac7a13}\IDriver.NonElevated.exe => No File
ShortcutWithArgument: C:\Users\Alumno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=adnlfjpnmidfimlkaohpidplnoimahfh

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: (0) Failed to create a restore point.
Processes closed successfully.
HKU\S-1-5-21-1426333803-718080766-1020419503-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99e35816-c1e6-11e8-9936-eca86b518c62} => removed successfully.
HKLM\Software\Classes\CLSID\{99e35816-c1e6-11e8-9936-eca86b518c62} => not found
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\system32\GroupPolicy\User => moved successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => removed successfully.
HKLM\Software\Classes\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => not found
HKLM\Software\Classes\PROTOCOLS\Handler\dssrequest => removed successfully.
HKLM\Software\Classes\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} => not found
HKLM\Software\Classes\PROTOCOLS\Handler\sacore => removed successfully.
HKLM\Software\Classes\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} => not found
HKLM\Software\Classes\PROTOCOLS\Filter\application/x-mfe-ipt => removed successfully.
HKLM\Software\Classes\CLSID\{3EF5086B-5478-4598-A054-786C45D75692} => not found
"HKLM\Software\Mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}" => removed successfully.
"HKLM\Software\Mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}" => removed successfully.
HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10 => removed successfully.
HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin => removed successfully.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully.
HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922 => removed successfully.
CHR Extension: (Chrome Media Router) - C:\Users\Alumno\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-01] => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho => removed successfully.
HKLM\System\CurrentControlSet\Services\PxHelp20 => removed successfully.
PxHelp20 => service removed successfully.
HKLM\System\CurrentControlSet\Services\rtl8192se => removed successfully.
rtl8192se => service removed successfully.
HKLM\System\CurrentControlSet\Services\WinRing0_1_2_0 => removed successfully.
WinRing0_1_2_0 => service removed successfully.
C:\Users\Alumno\AppData\Local\{7ADBA587-B908-407D-9E3F-BC1A3E6BB02E} => moved successfully
C:\Users\Alumno\AppData\Roaming\Allavsoft => moved successfully
HKU\S-1-5-21-1426333803-718080766-1020419503-1000_Classes\CLSID\{693566bc-21f8-401e-8d42-e2c5ce50dacc} => removed successfully.
C:\Users\Alumno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\YouTube.lnk => Shortcut argument removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-1426333803-718080766-1020419503-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-1426333803-718080766-1020419503-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.


========= End of RemoveProxy: =========


========= netsh winsock reset =========

Y todo va Ok!


#14

Hola

Sí, se cierra automáticamente :+1:

No, te preocupes, es completamente fiable.

Sigue estos pasos, para eliminar las herramientas utilizadas:

Para hacerlo utiliza de nuevo/descarga >> DelFix.exe en tu escritorio.

  • Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador -).

  • Marca todas las casillas, y pulsas en Run

Se abrirá el informe (DelFix.txt), puedes cerrarlo.

Comenta si ya no quedan más dudas, tu equipo ya está limpio y eliminamos una entrada que quedaba del programa que descargaste.

Un saludo


#15

Ohh, genial!! me alegra saber eso!! :smiley:

Acabo de hacer ese último paso, y la verdad ya estoy mucho más tranquilo!

Muchísimas gracias por toda tu ayuda!! Aprecio mucho tu gran voluntad en querer ayudarme con esto… así que, realmente te lo agradezco enormemente… de verdad! :hugs: :hugs:

Oh, y ya no tengo más dudas :slight_smile:

Muchísimas gracias, Daniela!!


#16

Hola Solid_Snake

Gracias a ti por confiar en ForoSpyware. Ha sido un placer ayudarte :manos:

Nos alegramos que se te haya resuelto :Bien: Damos el tema por solucionado.

Solucionado

Un saludo


#17

Este tema se cerró automáticamente 2 días después del último post. No se permiten nuevas respuestas.