Se meten imagenes cuando navego

Buenas tardes. Cuando busco cualquier producto en internet para informarme, a continuación cuando navego, me salen los productos que solicité recientemente, como publicidad. También me salen ventanas emergentes en el lateral derecho del ordenador con informaciones de periódicos online que he visitado. No tengo ni idea de como quitarlo, espero me podais ayudar, gracias.

Hola

Realiza el siguiente procedimiento:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga, instala y/o actualiza a las siguientes herramientas:

3.- Ejecutas respetando el orden los pasos:

CCleaner

Lo ejecutas usando su opción Limpiador de acuerdo su Manual:

  • Para borrar Cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.

  • NO necesitamos este reporte

AdwCleaner

Lo ejecutas.

  • Pulsa en el botón Escanear y espera a que se realice el proceso. Luego pulsa sobre el botón Limpiar.
  • Espera a que se complete. Si te pidiera reiniciar el sistema Aceptas.
  • Guarda el reporte que le aparecerá para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también puede encontrarse en “C:\AdwCleaner\AdwCleaner.txt”

Malwarebytes

  • No olvides actualizarlo.
  • Lee detenidamente su Manual
  • Realiza un Análisis Personalizado marcando todas las unidades
  • Pulsa en “Eliminar Seleccionados” para enviar lo encontrado a la cuarentena.
  • Reinicias el Sistema.
  • En el apartado del manual “Historial” >> Registros de Aplicación >> Scan Log/Registro de Análisis encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta.

4.- Nota Importante:

En tu próxima respuesta debes pegar los reportes de AdwCleaner y Malwarebytes.

Guía: Como Pegar reportes en el Foro

Nos comentas.

Saludos

Hola Leosolari, he pasado el ccleaner; a continuación el Malaware Antimalaware y después ADW cleaner, que no encuentra nada. te envío el listado del Malaware.

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build:    04-04-2019
# Database: 2019-06-25.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    06-25-2019
# Duration: 00:00:03
# OS:       Windows 10 Home
# Cleaned:  7
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\ProgramData\SecuritySuite
Deleted       C:\Users\Jose Crespo\Documents\TotalAV

***** [ Files ] *****

Deleted       C:\Users\Jose Crespo\Documents\TOTALAV_SETUP.EXE
Deleted       C:\Users\Public\Desktop\TotalAV.lnk

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\SSProtect
Deleted       HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted       izito.es

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2433 octets] - [03/05/2019 19:53:04]
AdwCleaner[C00].txt - [2377 octets] - [03/05/2019 19:56:22]
AdwCleaner[S01].txt - [1372 octets] - [17/05/2019 11:50:44]
AdwCleaner[S02].txt - [1433 octets] - [17/05/2019 11:55:23]
AdwCleaner[S03].txt - [1866 octets] - [25/06/2019 19:56:23]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########

Hola

Y como sigue el problema que comentaste ?

Hola Leosolari. Pues sigue igual, ayer pedí unos cartuchos para la impresora en amazon y hahora me salen anuncios de cartuchos, y en la parte derecha siguen apareciendo noticias de los periódicos online. perropo

Hola

Desactiva temporalmente tu antivirus y cualquier programa de seguridad que tengas en funciones.

Descarga Farbar Recovery Scan Tool en el escritorio de Tu PC. Selecciona la versión adecuada para la arquitectura (32 o 64bits) de tu equipo.

Como saber si Mi Windows es de 32 0 64 Bits`

  • Ejecuta FRST.exe
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

En Tu próxima respuesta, debes pegar los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Envuelve cada uno de los informes con una etiqueta escrita CODE_Inicial al inicio del informe y otra como este CODE_Final al final del mismo.

Saludos

Adjuntoel FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-09-2019
Ran by Jose Crespo (administrator) on DESKTOP-CKIKPAF (HP-Pavilion FR373AA-ABE a6513.es) (16-09-2019 18:57:22)
Running from C:\Users\Jose Crespo\Downloads
Loaded Profiles: Jose Crespo (Available Profiles: Jose Crespo)
Platform: Windows 10 Home Version 1803 17134.753 (X64) Language: Español (España, internacional)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_80.1.349.0_x64__v10z8vjag6ke6\HP.Smart.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Visicom Media Inc. -> Visicom Media Inc.) C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1189693503-1014610322-1828919842-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [718208 2010-03-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1189693503-1014610322-1828919842-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22695280 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\Installer\chrmstp.exe [2019-08-31] (Google LLC -> Google LLC)
GroupPolicyScripts: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {16A760B6-52D4-47BF-8B02-3BE270495616} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16667424 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {16ED67E2-612A-4308-9A95-2791F3965896} - no filepath
Task: {2E518C0F-F5A1-4177-8366-A53D64C4824E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-11-07] (Google Inc -> Google Inc.)
Task: {44BFE7CA-F5C9-479B-92F4-A6E382FF7A1C} - no filepath
Task: {A8543C0D-B144-460F-9A3C-EAFABAEAA692} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {BBAF4FDD-0158-4937-A0E5-45D9C80867E6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CBA71BFE-8A10-4FD7-B03D-2884A2E36BDE} - System32\Tasks\HPCustParticipation HP DeskJet 2600 series => C:\Program Files\HP\HP DeskJet 2600 series\Bin\HPCustPartic.exe [6653576 2018-04-17] (Hewlett Packard -> HP Inc.)
Task: {D45DDD1C-2955-4C24-922C-CB11EA0B0A25} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-11-07] (Google Inc -> Google Inc.)
Task: {F5694F01-E2CB-434B-BCBB-624CD6748CE0} - no filepath

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{2d301342-b58b-4619-a5d2-4bae21cd907a}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{3d1dee65-5a64-4106-ac72-4d8190d5cf84}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{b91ce0dc-4f93-4921-b7c1-e52462260b68}: [DhcpNameServer] 80.58.61.250 80.58.61.254

Internet Explorer:
==================
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO: Panda Safe Web -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll => No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Panda Safe Web -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll => No File
Toolbar: HKLM - Panda Safe Web - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll No File
Toolbar: HKLM-x32 - Panda Safe Web - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll No File

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-17] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-17] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://www.youtube.com/watch?v=Vf9Vbx86cIo"
CHR Profile: C:\Users\Jose Crespo\AppData\Local\Google\Chrome\User Data\Default [2019-09-16]
CHR Extension: (Presentaciones) - C:\Users\Jose Crespo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-07]
CHR Extension: (Documentos) - C:\Users\Jose Crespo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-07]
CHR Extension: (Google Drive) - C:\Users\Jose Crespo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-07]
CHR Extension: (YouTube) - C:\Users\Jose Crespo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-07]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\Jose Crespo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-08-27]
CHR Extension: (Sollmia: un tema florido ) - C:\Users\Jose Crespo\AppData\Local\Google\Chrome\User Data\Default\Extensions\daimjlghlhdbdefgjdgckhmoedkknecg [2018-01-03]
CHR Extension: (Hojas de cálculo) - C:\Users\Jose Crespo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-07]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Jose Crespo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-15]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Jose Crespo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\Jose Crespo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\Jose Crespo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-07]
CHR Profile: C:\Users\Jose Crespo\AppData\Local\Google\Chrome\User Data\System Profile [2019-07-10]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 panda_url_filtering; C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe [246256 2016-11-22] (Visicom Media Inc. -> Visicom Media Inc.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-05-11] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-05-11] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2019-08-27] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-09-15] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [225944 2019-09-15] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2019-09-15] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-09-15] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [116832 2019-09-15] (Malwarebytes Corporation -> Malwarebytes)
R3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2224128 2018-04-12] (Microsoft Windows -> MediaTek Inc.)
R3 panda_url_filteringd; C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [51288 2014-03-19] (Visicom Media Inc. -> Visicom Media Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-09-16 18:57 - 2019-09-16 18:59 - 000015439 _____ C:\Users\Jose Crespo\Downloads\FRST.txt
2019-09-16 18:44 - 2019-09-16 18:44 - 001614848 _____ (Farbar) C:\Users\Jose Crespo\Downloads\FRST64.exe
2019-09-15 10:18 - 2019-09-15 10:18 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-09-15 10:16 - 2019-09-15 10:18 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-09-15 10:15 - 2019-09-15 10:15 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-09-15 10:15 - 2019-09-15 10:15 - 000225944 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-09-15 10:15 - 2019-09-15 10:15 - 000116832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-09-15 10:15 - 2019-09-15 10:15 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-09-15 10:15 - 2019-09-15 10:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-09-15 10:15 - 2019-08-27 05:50 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-09-15 10:15 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-09-15 10:13 - 2019-09-15 10:13 - 066469624 _____ (Malwarebytes ) C:\Users\Jose Crespo\Downloads\mb3-setup-consumer-3.8.3.2965-1.0.625-1.0.12467.exe
2019-09-15 10:06 - 2019-09-15 10:06 - 000001918 _____ C:\Users\Jose Crespo\Documents\AdwCleaner[C03].txt
2019-09-15 10:03 - 2019-09-15 10:03 - 007636680 _____ (Malwarebytes) C:\Users\Jose Crespo\Desktop\adwcleaner_7.4.1.exe
2019-09-13 18:38 - 2019-09-13 18:38 - 000000000 ___HD C:\$WINDOWS.~BT
2019-09-12 20:32 - 2019-09-14 18:29 - 000005098 _____ C:\Users\Jose Crespo\Desktop\Llanes.txt

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-09-16 18:57 - 2018-02-10 19:14 - 000000000 ____D C:\FRST
2019-09-16 18:51 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-09-15 20:12 - 2019-05-11 21:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-09-15 19:07 - 2019-05-11 21:56 - 000003392 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1189693503-1014610322-1828919842-1001
2019-09-15 19:07 - 2019-05-11 21:34 - 000002464 _____ C:\Users\Jose Crespo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-09-15 19:07 - 2017-11-07 20:31 - 000000000 ___RD C:\Users\Jose Crespo\OneDrive
2019-09-15 19:03 - 2018-02-05 20:05 - 000000000 ____D C:\Program Files\Panda Security URL Filtering
2019-09-15 11:14 - 2019-05-11 21:34 - 000000000 ____D C:\Users\Jose Crespo
2019-09-15 10:15 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-09-15 10:15 - 2018-02-04 18:53 - 000000000 ____D C:\Program Files\Malwarebytes
2019-09-15 09:56 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-09-15 09:48 - 2019-05-11 21:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-09-13 18:38 - 2019-05-05 10:39 - 000000000 ___DC C:\WINDOWS\Panther
2019-09-12 18:40 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-09-12 09:31 - 2017-11-07 20:57 - 000000000 ____D C:\ProgramData\AVAST Software
2019-09-07 18:36 - 2019-08-13 19:08 - 000002046 _____ C:\Users\Jose Crespo\Desktop\funciones del conserge.txt
2019-09-02 20:02 - 2018-01-11 21:21 - 000002289 _____ C:\Users\Jose Crespo\Desktop\HP DeskJet 2600 series.lnk
2019-08-31 14:56 - 2017-11-07 20:34 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-31 14:56 - 2017-11-07 20:34 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-08-24 17:18 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Aqui esta Gracias.

El segundo listado.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-09-2019
Ran by Jose Crespo (16-09-2019 19:00:04)
Running from C:\Users\Jose Crespo\Downloads
Windows 10 Home Version 1803 17134.753 (X64) (2019-05-11 19:57:44)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1189693503-1014610322-1828919842-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1189693503-1014610322-1828919842-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1189693503-1014610322-1828919842-1003 - Limited - Enabled)
Invitado (S-1-5-21-1189693503-1014610322-1828919842-501 - Limited - Disabled)
Jose Crespo (S-1-5-21-1189693503-1014610322-1828919842-1001 - Administrator - Enabled) => C:\Users\Jose Crespo
WDAGUtilityAccount (S-1-5-21-1189693503-1014610322-1828919842-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader X (10.1.16) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.59 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.6795 - CDBurnerXP)
Estudio para la mejora del producto HP DeskJet 2600 series (HKLM\...\{40802652-F262-41FD-89E4-0E00A509993C}) (Version: 43.3.2478.18107 - HP Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HP DeskJet 2600 series Ayuda (HKLM-x32\...\{8F2427CD-7A1B-4DCD-87A3-B40FB12E2CEB}) (Version: 44.0.0 - HP)
HP DeskJet 2600 series Software básico del dispositivo (HKLM\...\{A5F3FC74-B4C5-455B-B6FA-B948F8740DB4}) (Version: 43.3.2478.18107 - HP Inc.)
HP Dropbox Plugin (HKLM-x32\...\{FAC8770D-74CE-4849-92DD-032C58B0D5F0}) (Version: 36.0.100.66344 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{5A687488-7002-4E37-B735-C0142DA717D2}) (Version: 43.0.0.0 - HP)
HP FTP Plugin (HKLM-x32\...\{AF8889B6-1E11-49B3-BE42-3A511FB3039B}) (Version: 43.0.0.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{EDADC11B-AF5A-4FD1-99FD-D2984AFB1FEA}) (Version: 36.0.100.66344 - HP)
HP OneDrive Plugin (HKLM-x32\...\{97D82849-D747-41C5-8B55-56ADBAD17866}) (Version: 36.0.0.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP SharePoint Plugin (HKLM-x32\...\{4CC20772-ED28-46F6-9D3F-DDE2827C438D}) (Version: 43.0.0.0 - HP)
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1189693503-1014610322-1828919842-1001\...\OneDriveSetup.exe) (Version: 19.152.0801.0008 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Panda Safe Web (HKLM-x32\...\pandasecuritytb) (Version: 4.3.1.25 - Panda Security and Visicom Media Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18091.6 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18091.6 - Samsung Electronics Co., Ltd.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

Packages:
=========
Complemento de Fotos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-06-26] (Microsoft Corporation)
Complemento de teléfono de Microsoft -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-14] (Microsoft Corporation)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9126.21785.0_x64__8wekyb3d8bbwe [2018-04-27] (Microsoft Corporation) [MS Ad]
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_80.1.349.0_x64__v10z8vjag6ke6 [2018-01-26] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1804.3.0_x64__8wekyb3d8bbwe [2018-04-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1804.3.0_x86__8wekyb3d8bbwe [2018-04-30] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.0.1301.0_x86__8wekyb3d8bbwe [2019-05-11] (Microsoft Studios) [MS Ad]
MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.23.10923.0_x64__8wekyb3d8bbwe [2018-04-04] (Microsoft Corporation) [MS Ad]
MSN Dinero -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.23.10923.0_x64__8wekyb3d8bbwe [2018-04-04] (Microsoft Corporation) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.23.10923.0_x64__8wekyb3d8bbwe [2018-04-04] (Microsoft Corporation) [MS Ad]
MSN Noticias -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.23.10923.0_x64__8wekyb3d8bbwe [2018-04-04] (Microsoft Corporation) [MS Ad]
Teléfono Microsoft -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.34.12002.0_x64__8wekyb3d8bbwe [2017-12-03] (Microsoft Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.0.9.0_neutral__wgeqdkkx372wm [2018-05-01] (Twitter Inc.)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_0.2.9230.0_x64__cv1g1gvanyjgm [2018-06-13] (WhatsApp Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6722448 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-01-26 21:04 - 2018-01-26 21:04 - 000181760 _____ () [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_80.1.349.0_x64__v10z8vjag6ke6\HPPageLift.UWP.dll
2018-01-26 21:04 - 2018-01-26 21:04 - 043947008 _____ (HP Development Company, L.P.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_80.1.349.0_x64__v10z8vjag6ke6\HP.Smart.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2015-10-30 09:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1189693503-1014610322-1828919842-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 80.58.61.250 - 80.58.61.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKU\S-1-5-21-1189693503-1014610322-1828919842-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7D1AA579-C27F-4079-86CB-5B6D2C46C97D}] => (Allow) C:\Users\Jose Crespo\AppData\Local\Temp\7zS13D4\HP.EasyStart.exe No File
FirewallRules: [{6F3C3FD7-DE7F-4F64-B450-EB974D592A72}] => (Allow) C:\Users\Jose Crespo\AppData\Local\Temp\7zS0EF4\HP.EasyStart.exe No File
FirewallRules: [{252E6B4C-D451-4C5B-BBD1-50813B989F6C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{393C0FE0-9125-4168-9728-75A7C4984684}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{95B14518-6566-417E-9819-22ACCCA4A740}] => (Allow) C:\Users\Jose Crespo\AppData\Local\Temp\7zS437E\HPDiagnosticCoreUI.exe No File
FirewallRules: [{6899580A-23F7-4403-9606-011FB87898E7}] => (Allow) C:\Users\Jose Crespo\AppData\Local\Temp\7zS437E\HPDiagnosticCoreUI.exe No File
FirewallRules: [{F9DD5AAB-F4EE-4EBA-B3B3-0569B73BB319}] => (Allow) C:\Program Files\HP\HP DeskJet 2600 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{41C86F86-FB2D-4E3D-AB89-BEAC32E11CD6}] => (Allow) LPort=5357
FirewallRules: [{4E4BF57D-0C26-4045-AED9-AB851938DC34}] => (Allow) C:\Program Files\HP\HP DeskJet 2600 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{61BD6FB3-DED6-4706-B864-9DBDFFCE2BC9}] => (Allow) C:\Program Files\HP\HP DeskJet 2600 series\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{A1321001-833C-4AD6-8649-265ACF9B5643}] => (Allow) C:\Users\Jose Crespo\AppData\Local\Temp\7zS014B\HP.EasyStart.exe No File
FirewallRules: [{00432FF1-DA82-44D3-90F5-8F0B9886B1A4}] => (Allow) C:\Users\Jose Crespo\AppData\Local\Temp\7zS297A\HP.EasyStart.exe No File
FirewallRules: [{72DF87A2-10F4-4F44-A4C2-245E9B85F1AA}] => (Allow) C:\Users\Jose Crespo\AppData\Local\Temp\7zS1D1B\HPDiagnosticCoreUI.exe No File
FirewallRules: [{258C67AC-51ED-4B39-B05C-8F55385C421C}] => (Allow) C:\Users\Jose Crespo\AppData\Local\Temp\7zS1D1B\HPDiagnosticCoreUI.exe No File
FirewallRules: [{27010E22-1865-4A1C-85B6-A26B2E7859F7}] => (Allow) C:\Users\Jose Crespo\AppData\Local\Temp\7zS2B88\HPDiagnosticCoreUI.exe No File
FirewallRules: [{E12F3DF4-21F8-44DE-8937-FCE0ADCBDD2D}] => (Allow) C:\Users\Jose Crespo\AppData\Local\Temp\7zS2B88\HPDiagnosticCoreUI.exe No File
FirewallRules: [{731D3086-3C7C-4C5E-888A-9473C5057B34}] => (Allow) C:\Users\Jose Crespo\AppData\Local\Temp\7zS61C9\HPDiagnosticCoreUI.exe No File
FirewallRules: [{C4656FEE-7224-4938-9099-EC7C79EFA230}] => (Allow) C:\Users\Jose Crespo\AppData\Local\Temp\7zS61C9\HPDiagnosticCoreUI.exe No File
FirewallRules: [{2D93A03B-C659-4A94-9523-D8A6A307358B}] => (Allow) C:\Users\Jose Crespo\AppData\Local\Temp\7zS6101\HPDiagnosticCoreUI.exe No File
FirewallRules: [{871D60A2-D0DC-419B-B7A7-1CEB62B99A5E}] => (Allow) C:\Users\Jose Crespo\AppData\Local\Temp\7zS6101\HPDiagnosticCoreUI.exe No File
FirewallRules: [{EAB2BEBC-F4D2-42CB-BA8A-B2EA374B8A60}] => (Allow) C:\Users\Jose Crespo\AppData\Local\Temp\7zS51EF\HPDiagnosticCoreUI.exe No File
FirewallRules: [{A3188B71-EC7D-47E1-83A7-70A20CA27165}] => (Allow) C:\Users\Jose Crespo\AppData\Local\Temp\7zS51EF\HPDiagnosticCoreUI.exe No File
FirewallRules: [{A6CFA9B6-F03C-4B3B-BF43-6C6978FE1957}] => (Allow) C:\Users\Jose Crespo\AppData\Local\Temp\7zS4209\HP.EasyStart.exe No File
FirewallRules: [{17D6EC72-8693-4CC9-8614-0740070917CC}] => (Allow) C:\Users\Jose Crespo\AppData\Local\Temp\7zS09DD\HPDiagnosticCoreUI.exe No File
FirewallRules: [{D7EF4E84-80DA-4026-8563-9C06305523C8}] => (Allow) C:\Users\Jose Crespo\AppData\Local\Temp\7zS09DD\HPDiagnosticCoreUI.exe No File
FirewallRules: [{5D6DD326-B6DD-4D25-BE3A-3C10AA35ABD6}] => (Allow) C:\Users\Jose Crespo\AppData\Local\Temp\7zS643A\HPDiagnosticCoreUI.exe No File
FirewallRules: [{88536417-5CB8-47CB-AEC6-28D7F2DB5049}] => (Allow) C:\Users\Jose Crespo\AppData\Local\Temp\7zS643A\HPDiagnosticCoreUI.exe No File
FirewallRules: [{495E136F-7243-4CF6-A4E5-E52443EA3DB7}] => (Allow) C:\Users\Jose Crespo\AppData\Local\Temp\7zS709B\HPDiagnosticCoreUI.exe No File
FirewallRules: [{3C4D2705-BA9B-490A-B783-664CF14EA2A9}] => (Allow) C:\Users\Jose Crespo\AppData\Local\Temp\7zS709B\HPDiagnosticCoreUI.exe No File
FirewallRules: [{AD6F4B8F-F3B5-4BEE-9D1C-228397E79D08}] => (Allow) C:\Users\Jose Crespo\AppData\Local\Temp\7zS5A72\HP.EasyStart.exe No File
FirewallRules: [{4CFF9609-89C4-45DC-A22B-4F1737D16BB9}] => (Allow) C:\Users\Jose Crespo\AppData\Local\Temp\7zS2C3B\HP.EasyStart.exe No File
FirewallRules: [{804F8F09-0FF8-49FC-837D-AA818A581744}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

02-08-2019 20:50:24 Punto de control programado
06-09-2019 12:17:27 Punto de control programado

==================== Faulty Device Manager Devices =============

Name: Creative Live! Cam Vista IM
Description: Creative Live! Cam Vista IM
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/16/2019 05:20:59 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007232B
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (09/16/2019 05:20:59 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007232B
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=UserLogon;SessionId=3

Error: (09/15/2019 08:13:15 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007232B
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (09/15/2019 08:13:12 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007232B
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (09/15/2019 07:04:21 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007232B
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (09/15/2019 07:04:20 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007232B
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

Error: (09/15/2019 10:16:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbamservice.exe, versión: 3.2.0.845, marca de tiempo: 0x5d10ed55
Nombre del módulo con errores: SPControllerImpl.dll, versión: 3.1.0.221, marca de tiempo: 0x5c4a33c0
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000020319
Identificador del proceso con errores: 0x16fc
Hora de inicio de la aplicación con errores: 0x01d56b9dbf9b3452
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Ruta de acceso del módulo con errores: C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SPControllerImpl.dll
Identificador del informe: 3d1ca2c5-f130-46e3-8ba4-f64492b46eef
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (09/15/2019 09:49:06 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007232B
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=UserLogon;SessionId=1


System errors:
=============
Error: (09/16/2019 06:42:43 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-CKIKPAF)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-CKIKPAF\Jose Crespo con SID (S-1-5-21-1189693503-1014610322-1828919842-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (09/16/2019 05:23:11 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-CKIKPAF)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-CKIKPAF\Jose Crespo con SID (S-1-5-21-1189693503-1014610322-1828919842-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (09/16/2019 05:23:09 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-CKIKPAF)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-CKIKPAF\Jose Crespo con SID (S-1-5-21-1189693503-1014610322-1828919842-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (09/16/2019 05:22:19 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-CKIKPAF)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-CKIKPAF\Jose Crespo con SID (S-1-5-21-1189693503-1014610322-1828919842-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (09/15/2019 08:13:27 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-CKIKPAF)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-CKIKPAF\Jose Crespo con SID (S-1-5-21-1189693503-1014610322-1828919842-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (09/15/2019 08:13:24 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-CKIKPAF)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-CKIKPAF\Jose Crespo con SID (S-1-5-21-1189693503-1014610322-1828919842-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (09/15/2019 10:18:04 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Malwarebytes Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 5000 milisegundos: Reiniciar el servicio.

Error: (09/15/2019 09:50:14 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.WscDataProtection
 y APPID 
No disponible
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.


Windows Defender:
===================================
Date: 2019-09-11 10:50:57.769
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {6D1921DC-FF34-4199-AD6F-E788252CC9CC}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-09-06 12:07:47.930
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {08BDD8B0-7867-423B-8486-6B42793C05A1}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-09-06 11:48:22.543
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {67F70570-AB66-4271-8B9D-EEB26314F93E}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-09-06 11:41:11.754
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {C656F094-30DC-46E5-BA03-7BEE25C18419}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-09-06 11:34:47.367
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {CA9A829C-D8CF-4FAF-9C83-10C0C8CB1542}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-06-04 17:44:43.132
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.293.664.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.15900.4
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-06-04 17:44:43.132
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.293.664.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.15900.4
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-06-04 17:44:43.131
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.293.664.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.15900.4
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-06-04 17:44:39.482
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.293.664.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15900.4
Código de error: 0x8024402c
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

CodeIntegrity:
===================================

Date: 2019-09-16 18:50:28.598
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-09-16 18:50:03.893
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-09-16 18:50:03.501
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-09-16 18:49:54.749
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-09-16 18:49:54.746
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-09-16 18:42:18.632
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-09-16 18:42:18.632
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-09-16 18:42:18.629
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. 5.25 06/16/2008
Motherboard: PEGATRON CORPORATION Benicia
Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Percentage of memory in use: 78%
Total physical RAM: 3062.29 MB
Available physical RAM: 664.07 MB
Total Virtual: 4470.29 MB
Available Virtual: 1237.13 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:323.95 GB) (Free:293.11 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:10.44 GB) (Free:0.97 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{1549f232-0000-0000-0000-100000000000}\ (Reservado para el sistema) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{1549f232-0000-0000-0000-101c51000000}\ () (Fixed) (Total:0.47 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 335.4 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=323.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=479 MB) - (Type=27)
Partition 4: (Not Active) - (Size=10.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Hola

No veo nada raro.

Podes hacer una captura de pantalla de cuando salga ese anuncio y luego subis la imagen …

Como Insertar Imágenes en una Respuesta

Saludos

Leosolari, no se como capturar las imágenes pues entran y se van y si se quedan algún tiempo no se como hacerlo a pesar del ejemplo de Daniela.