Se reinicia al mover el mouse


#1

Buenas.

Tengo un problema con mi pc. De un día a otro empezó el problema, se reinició y al volver a iniciar, ni bien aparece el escritorio, muevo el mouse y se reinicia, a veces lo hace sin que mueva ni toque nada. Le empecé a buscarle la vuelta entrando con F8 cuando inicia y entrar a “Reparar equipo”, use algunas de las opciones que ofrece y sin éxito, ni restaurando el sistema a días anteriores.

La dejé dos o tres días sin usar, desenchufada totalmente de la corriente y salió andando de diez por dos o tres días hasta que empezó de nuevo el mismo problema.

Quiero aclarar que si uso la pc en “Modo a prueba de fallos, con funciones de red”, por ejemplo, anda lo más bien, no se reinicia en ningún momento. La PC se encuentra totalmente limpia de suciedad, descartaría temperatura tal vez.

Tengo instalado Windows 7 x32.

Qué podrá ser? Agradezco su ayuda.

Muchas gracias.


#2

Hola @Qaballero

Has probado a cambiar el mouse/ratón…??

Cuantos años tiene la maquina.??

Dinos características hardware de tu equipo. :thinking:


#3

Tiene un par de años.

Con respecto al mouse, no es usb. Decís que puede tener algo que ver?

En cuánto llegue a casa subo bien el equipo qué tengo.

Gracias.

Saludos.


#4

Ese equipo es un portátil o sobremesa/torre.??

El ratón es integrado(touchpad) de portátil o es ratón de mano y conectado por cable o conexión inhalambrica.??


#5

PC de escritorio. Mouse Optico Genius Xscrol Ps2

En 4 hs llego a casa y paso info más detallada.


#6

Perfecto.:+1:

Cuando tu puedas.

Saludos.


#7

Estoy en modo a prueba de fallos, así anda de diez sin reinicios pero de forma normal no pasa más de un minuto que se reinicia.

image


#8

Tienes otro ratón, o puedes hacerte con uno que te dejen para verificar si fuese problema del hardware/ratón. :thinking:

Y ademas que en vez de ser de conexión PS2 fuese de conexión USB.??


#9

Trataré. Estás convencido qué es el mouse?

Acabo de bajar unos drivers de la tarjeta grafica y al reinicia, hasta el momento no se reinicio sola. Pero puede ser casualidad como la otra vez que se soluciono por unos dias.


#10

Hola.

Perfecto. :+1:

De lo único que estoy convencido es que algún día nos comeran los gusanos. :joy:

No soy YO muy partidario de andar haciendo actualizaciones de driver al chim-pum y sin tener ademas problemas con el vídeo. :roll_eyes:

Si quieres podemos hacer procesos de desinfección de la maquina por si alguna infección esta provocando ese tipo de comportamientos. :thinking:

Nos comentas.

Saludos.


#11

Encantado, siempre viene bien una buena desinfección.

Actualmente tengo instalado el Nod32 v4.

Gracias.


#12

Bien…pues empecemos, para revisar tu máquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado. :+1:

:one: Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar :face_with_monocle:) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :


:two: Ejecutas las herramientas de una en una y en el orden indicado :



CCleaner.-

  • Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.

  • Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.

  • Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

  • Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.

  • Realiza un Análisis Completo. :white_check_mark:

  • Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.

  • En el apartado del manual :arrow_forward:Historial :arrow_backward: encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.

AdwCleaner.-

  • Ejecuta Adwcleaner.exe.

  • Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.

  • El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

  • Ejecuta JRT.exe.

  • Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.

  • Si en algún momento te pide Reiniciar hazlo.

  • Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.

  • Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

  • Ejecuta FRST.exe.

  • En el mensaje de la ventana del Disclaimer, pulsamos Yes

  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.

  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

:three: Poner los informes en tu próxima respuesta de :

  • Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden. :+1:

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado. :face_with_monocle:

Saludos.


#13

En un rato llego a casa y me pongo a cumplir con todos esos procesos.

Muchas gracias.


#14

Entendido, cuando tengas TODOS los procesos realizados nos pones los informes. :+1:


#15

Me tiró ésta pantalla azul casi terminando de pasar el malwarebytes, en la parte de “Analizar sistema de archivos”, iba encontrando 31 amanazas.

Ahora reinicié y lo puse de vuelta.

Edit: al segundo intento se reinició pero sin pantalla azul.

Edit2: al tercer intento lo mismo, reinicio sin pantalla azul.


#16

Malwarebytes

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 8/3/19
Hora del análisis: 19:07
Archivo de registro: 7f30f3dd-41ee-11e9-9050-00306719ba1f.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.538
Versión del paquete de actualización: 1.0.9594
Licencia: Gratis

-Información del sistema-
SO: Windows 7
CPU: x86
Sistema de archivos: NTFS
Usuario: PC-PC\PC

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 182166
Amenazas detectadas: 43
Amenazas en cuarentena: 41
Tiempo transcurrido: 4 min, 1 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 9
PUP.Optional.SearchManager, HKU\S-1-5-21-3644517816-1168602805-3951327880-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\NAHHMPBCKPGDIDFNMFKFGIFLPJIJILCE, En cuarentena, [2043], [476595],1.0.9594
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nahhmpbckpgdidfnmfkfgiflpjijilce, En cuarentena, [2043], [476595],1.0.9594
PUP.Optional.SearchManager, HKU\S-1-5-21-3644517816-1168602805-3951327880-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, En cuarentena, [2043], [260991],1.0.9594
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, En cuarentena, [2043], [260991],1.0.9594
PUP.Optional.InstallCore, HKU\S-1-5-21-3644517816-1168602805-3951327880-1000\SOFTWARE\CSASTATS\ic, En cuarentena, [417], [586068],1.0.9594
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En cuarentena, [236], [182757],1.0.9594
PUP.Optional.WinYahoo, HKU\S-1-5-21-3644517816-1168602805-3951327880-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, En cuarentena, [236], [182757],1.0.9594
PUP.Optional.WinYahoo, HKU\S-1-5-21-3644517816-1168602805-3951327880-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2F23AB71-4AC6-41F2-A955-EA576E553146}, En cuarentena, [236], [182758],1.0.9594
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}, En cuarentena, [236], [182758],1.0.9594

Valor del registro: 4
PUP.Optional.SearchManager, HKU\S-1-5-21-3644517816-1168602805-3951327880-1000\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|NAHHMPBCKPGDIDFNMFKFGIFLPJIJILCE, En cuarentena, [2043], [476595],1.0.9594
PUP.Optional.SearchManager, HKU\S-1-5-21-3644517816-1168602805-3951327880-1000\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, En cuarentena, [2043], [260991],1.0.9594
PUP.Optional.WinYahoo, HKU\S-1-5-21-3644517816-1168602805-3951327880-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, En cuarentena, [236], [182757],1.0.9594
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}|URL, En cuarentena, [236], [182758],1.0.9594

Datos del registro: 2
PUP.Optional.WinYahoo, HKU\S-1-5-21-3644517816-1168602805-3951327880-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Sustituido, [236], [293459],1.0.9594
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Sustituido, [236], [293461],1.0.9594

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 6
PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\icons, En cuarentena, [2043], [453140],1.0.9594
PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images, En cuarentena, [2043], [453140],1.0.9594
PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content, En cuarentena, [2043], [453140],1.0.9594
PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\vendor, En cuarentena, [2043], [453140],1.0.9594
PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0, En cuarentena, [2043], [453140],1.0.9594
PUP.Optional.SearchManager, C:\USERS\PC\APPDATA\LOCAL\CHROMIUM\USER DATA\Default\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, En cuarentena, [2043], [453140],1.0.9594

Archivo: 22
PUP.Optional.SearchManager, C:\USERS\PC\APPDATA\LOCAL\CHROMIUM\USER DATA\DEFAULT\LOCAL STORAGE\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage, En cuarentena, [2043], [260989],1.0.9594
PUP.Optional.SearchManager, C:\USERS\PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Error durante la eliminación, [2043], [476595],1.0.9594
PUP.Optional.SearchManager, C:\USERS\PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Error durante la eliminación, [2043], [260991],1.0.9594
PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\content\images\icons\favicon.ico, En cuarentena, [2043], [453140],1.0.9594
PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\vendor\md5.min.js, En cuarentena, [2043], [453140],1.0.9594
PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\vendor\react-dom.min.js, En cuarentena, [2043], [453140],1.0.9594
PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\vendor\react-with-addons.min.js, En cuarentena, [2043], [453140],1.0.9594
PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\background.v0.0.1.min.js, En cuarentena, [2043], [453140],1.0.9594
PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\client.v0.0.1.min.js, En cuarentena, [2043], [453140],1.0.9594
PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\10.1.3.65_0\common.js.v0.0.1.min.js, En cuarentena, [2043], [453140],1.0.9594
PUP.Optional.DriverFix, C:\USERS\PC\DESKTOP\DRIVERFIXWEBDL-6155731325.EXE, En cuarentena, [3902], [613996],1.0.9594
PUP.Optional.SearchManager.BITSRST, C:\USERS\PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [264], [626729],1.0.9594
PUP.Optional.SearchManager.BITSRST, C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR0.DAT, En cuarentena, [264], [-1],0.0.0
PUP.Optional.SearchManager.BITSRST, C:\PROGRAMDATA\APPLICATION DATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR0.DAT, En cuarentena, [264], [-1],0.0.0
PUP.Optional.SearchManager.BITSRST, C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR1.DAT, En cuarentena, [264], [-1],0.0.0
PUP.Optional.SearchManager.BITSRST, C:\PROGRAMDATA\APPLICATION DATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR1.DAT, En cuarentena, [264], [-1],0.0.0
PUP.Optional.SearchManager.BITSRST, C:\DOCUMENTS AND SETTINGS\ALL USERS\MICROSOFT\NETWORK\DOWNLOADER\QMGR0.DAT, En cuarentena, [264], [-1],0.0.0
PUP.Optional.SearchManager.BITSRST, C:\PROGRAMDATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR0.DAT, En cuarentena, [264], [-1],0.0.0
PUP.Optional.SearchManager.BITSRST, C:\DOCUMENTS AND SETTINGS\ALL USERS\MICROSOFT\NETWORK\DOWNLOADER\QMGR1.DAT, En cuarentena, [264], [-1],0.0.0
PUP.Optional.SearchManager.BITSRST, C:\PROGRAMDATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR1.DAT, En cuarentena, [264], [-1],0.0.0
PUP.Optional.SearchManager.BITSRST, C:\USERS\PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [264], [626729],1.0.9594
PUP.Optional.SearchManager.BITSRST, C:\USERS\PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [264], [628563],1.0.9594

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

#17

AdwCleaner

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build:    01-30-2019
# Database: 2019-01-25.2 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    03-08-2019
# Duration: 00:00:02
# OS:       Windows 7 Ultimate
# Cleaned:  11
# Failed:   2


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\ProgramData\ByteFence

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKU\S-1-5-18\Software\ByteFence
Deleted       HKU\.DEFAULT\Software\ByteFence
Deleted       HKLM\Software\Wow6432Node\ByteFence
Deleted       HKCU\Software\csastats
Deleted       HKLM\Software\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Deleted       HKLM\Software\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Deleted       HKLM\Software\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Deleted       HKCU\Software\PRODUCTSETUP
Deleted       HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
Deleted       HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G

***** [ Chromium (and derivatives) ] *****

Not Deleted   Search Manager
Not Deleted   Search Manager

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2138 octets] - [08/03/2019 19:15:52]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

#18

Junkware Removal Tool

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Ultimate x86 
Ran by PC (Limited) on 08/03/2019 at 19:18:10,01
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 26 

Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4CHDOJT5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7T33JICW (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ASVPC9XN (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BB6C7IZH (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CJ0O7YKZ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D96HIY3E (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J3B2TQHW (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LFZFYO7X (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NBI50B46 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QAROE7NK (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGKEIGVS (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VOYIUDP0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y73QHT0X (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4CHDOJT5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7T33JICW (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ASVPC9XN (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BB6C7IZH (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CJ0O7YKZ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D96HIY3E (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J3B2TQHW (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LFZFYO7X (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NBI50B46 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QAROE7NK (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGKEIGVS (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VOYIUDP0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y73QHT0X (Temporary Internet Files Folder) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08/03/2019 at 19:19:11,54
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#19

Farbar Recovery Scan Tool

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-03-2019
Ran by PC (administrator) on PC-PC (08-03-2019 19:20:15)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC)
Platform: Microsoft Windows 7 Ultimate  (X86) Language: Español (España, internacional)
Internet Explorer Version 9 (Default browser: Opera)
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe [917112 2015-10-08] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [16557504 2018-04-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2219184 2011-01-12] (ESET, spol. s r.o. -> ESET)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-21-3644517816-1168602805-3951327880-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-12-15] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-3644517816-1168602805-3951327880-1000\...\Run: [Chromium] => c:\users\pc\appdata\local\chromium\application\chrome.exe [828416 2017-01-20] (The Chromium Authors) [File not signed]
HKU\S-1-5-21-3644517816-1168602805-3951327880-1000\...\Run: [IDMan] => C:\Users\PC\Desktop\Internet.Download.Manager.v6.32.Build.3.Retail.FiNAL-P0RTABL3\Internet Download Manager\IDMan.exe [4043888 2018-12-20] (Tonec Inc. -> Tonec Inc.) [File not signed]
HKU\S-1-5-21-3644517816-1168602805-3951327880-1000\...\MountPoints2: {57f39f21-b2c5-11e0-be39-00306719ba1f} - I:\USBAutoRun.exe
HKU\S-1-5-21-3644517816-1168602805-3951327880-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [205824 2009-05-29] () [File not signed]
HKLM\...\Drivers32: [VIDC.YV12] => C:\Windows\system32\yv12vfw.dll [217088 2004-01-25] (www.helixcommunity.org) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [118784 2007-09-20] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\system32\lameACM.acm [839680 2008-09-24] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [85504 2010-01-05] () [File not signed]

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 200.49.130.41 200.42.4.203
Tcpip\..\Interfaces\{9A5DF81C-41E6-4E9E-9DE4-DC63570791CD}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A9A4ED7C-27FA-427F-AB33-6944DA0D21F7}: [DhcpNameServer] 200.49.130.41 200.42.4.203

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-3644517816-1168602805-3951327880-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ar.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-3644517816-1168602805-3951327880-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3644517816-1168602805-3951327880-1000 -> {AEC56C22-041E-4174-A3F6-B51FC629B8B9} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Users\PC\Desktop\Internet.Download.Manager.v6.32.Build.3.Retail.FiNAL-P0RTABL3\Internet Download Manager\IDMIECC.dll [2018-11-21] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-12-29] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live Aplicación auxiliar de inicio de sesión -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-12-29] (Oracle America, Inc. -> Oracle Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation -> Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: (ESET Smart Security Extension) - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2019-01-22] [Legacy] [not signed]
FF HKU\S-1-5-21-3644517816-1168602805-3951327880-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\PC\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\PC\AppData\Roaming\IDM\idmmzcc5 [2019-01-12] [Legacy] [not signed]
FF HKU\S-1-5-21-3644517816-1168602805-3951327880-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\PC\Desktop\Internet.Download.Manager.v6.32.Build.3.Retail.FiNAL-P0RTABL3\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Users\PC\Desktop\Internet.Download.Manager.v6.32.Build.3.Retail.FiNAL-P0RTABL3\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_142.dll [2019-02-13] (Adobe Systems Incorporated -> )
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2011-03-30] (Adobe Systems, Inc.) [File not signed]
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-12-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-12-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com.ar/
CHR StartupUrls: Default -> "hxxp://www.google.com.ar/"
CHR DefaultSearchURL: Default -> hxxp://srchbar.com/?q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2019-03-08]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Búsqueda de Google) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (AdBlock) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-03-06]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2014-06-10] [UpdateUrl:hxxp://www.interoperabilitybridges.com/ChromeWMP/wmpChromeupdates.xml] <==== ATTENTION
CHR Extension: (IDM Integration Module) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2019-03-08]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-21]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-09]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Users\PC\Desktop\Internet.Download.Manager.v6.32.Build.3.Retail.FiNAL-P0RTABL3\Internet Download Manager\IDMGCExt.crx [2019-01-12]
StartMenuInternet: Google Chrome.Q7CEWQPP4NYFW6OZJAWRWKNS4M - C:\Users\PC\AppData\Local\Google\Chrome\Application\old_chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-12-17] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-12-17] (AVAST Software s.r.o. -> AVAST Software)
S3 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [437880 2015-10-08] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [417400 2015-10-08] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.)
S2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [855672 2015-10-08] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.)
S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [33584 2011-01-12] (ESET, spol. s r.o. -> ESET)
S2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [810144 2011-01-12] (ESET, spol. s r.o. -> ESET)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5247944 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 athur; C:\Windows\System32\DRIVERS\athur.sys [1570304 2014-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [132216 2015-10-08] (Bluestack Systems, Inc. -> BlueStack Systems)
S2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [137144 2010-12-21] (ESET, spol. s r.o. -> ESET)
S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [115008 2010-12-21] (ESET, spol. s r.o. -> ESET)
S2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [95384 2010-12-21] (ESET, spol. s r.o. -> ESET)
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd32.sys [4808192 2009-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [240440 2019-03-08] (Malwarebytes Corporation -> Malwarebytes)
S3 RTL8167; C:\Windows\System32\DRIVERS\Rt86win7.sys [139776 2009-07-13] (Microsoft Windows -> Realtek Corporation )
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [13056 2008-11-19] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [19968 2008-11-19] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [24832 2008-11-19] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-08 19:20 - 2019-03-08 19:21 - 000013812 _____ C:\Users\PC\Desktop\FRST.txt
2019-03-08 19:20 - 2019-03-08 19:20 - 000000000 ____D C:\FRST
2019-03-08 19:19 - 2019-03-08 19:19 - 000004767 _____ C:\Users\PC\Desktop\JRT.txt
2019-03-08 19:17 - 2019-03-08 19:17 - 000240440 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-03-08 19:16 - 2019-03-08 19:16 - 000000282 _____ C:\Windows\Tasks\AdwCleaner_onReboot.job
2019-03-08 19:06 - 2019-03-08 19:06 - 000001984 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-03-08 19:06 - 2019-03-08 19:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-03-08 19:06 - 2019-03-08 16:46 - 001793536 ____N (Farbar) C:\Users\PC\Desktop\FRST.exe
2019-03-08 19:06 - 2019-01-08 15:32 - 000128552 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2019-03-08 19:05 - 2019-03-08 19:05 - 001369329 _____ C:\Users\PC\Downloads\FRST (1).zip
2019-03-08 19:04 - 2019-03-08 19:04 - 064296368 _____ (Malwarebytes ) C:\Users\PC\Desktop\mb3-setup-consumer-3.7.1.2839-1.0.538-1.0.9594.exe
2019-03-08 19:04 - 2019-03-08 19:04 - 007316688 _____ (Malwarebytes) C:\Users\PC\Desktop\adwcleaner_7.2.7.0.exe
2019-03-08 19:04 - 2019-03-08 19:04 - 001790024 _____ (Malwarebytes) C:\Users\PC\Desktop\JRT.exe
2019-03-08 18:59 - 2019-03-08 18:59 - 000000000 _____ C:\Users\PC\AppData\Local\{1D4354CA-B409-4AF3-B7C1-4CC102976A12}
2019-03-08 17:57 - 2019-03-08 17:57 - 000010800 ____N C:\bootsqm.dat
2019-03-08 17:01 - 2019-03-08 17:01 - 000000000 ____D C:\Users\PC\AppData\Local\mbamtray
2019-03-08 17:01 - 2019-03-08 17:01 - 000000000 ____D C:\Users\PC\AppData\Local\mbam
2019-03-08 17:00 - 2019-03-08 17:00 - 000000000 ____D C:\Program Files\Malwarebytes
2019-03-08 16:55 - 2019-03-08 16:55 - 001369329 _____ C:\Users\PC\Downloads\FRST.zip
2019-03-07 16:37 - 2019-03-08 14:58 - 000000000 ____D C:\Program Files\SpeedFan
2019-03-07 16:28 - 2019-03-07 16:28 - 000014772 _____ C:\Windows\system32\results.xml
2019-03-07 16:25 - 2019-03-07 16:25 - 023812912 _____ (Intel Corporation) C:\Users\PC\Desktop\win7_1512754.exe
2019-03-07 16:25 - 2019-03-07 16:25 - 000000000 ____D C:\Intel
2019-03-07 16:11 - 2019-03-07 16:11 - 052904728 _____ (FinalWire Ltd. ) C:\Users\PC\Desktop\aida64extreme599.exe
2019-03-07 15:47 - 2019-03-07 15:47 - 000000396 _____ C:\Windows\Tasks\Opera scheduled Autoupdate 1551739913.job
2019-03-06 20:12 - 2019-03-08 19:18 - 000676500 _____ C:\Windows\ntbtlog.txt
2019-03-06 19:52 - 2019-03-06 19:52 - 000000000 _____ C:\Users\PC\AppData\Local\{C89EB7D5-A57B-40C7-A1A7-8A7D5BAD0FFC}
2019-03-05 17:26 - 2019-03-05 17:26 - 026605483 _____ C:\Users\PC\Downloads\com-garmin-android-apps-viago.apk
2019-03-04 19:57 - 2019-03-06 19:51 - 000000000 ____D C:\Users\PC\Desktop\MyBot_v7.7.0 r03
2019-03-04 19:56 - 2019-03-04 19:57 - 018267425 _____ C:\Users\PC\Downloads\MyBot_v7-master.zip
2019-03-04 19:51 - 2019-03-04 19:51 - 000000000 ____D C:\Users\PC\AppData\Local\Opera Software
2019-03-04 19:50 - 2019-03-07 15:47 - 000000000 ____D C:\Program Files\Opera
2019-03-04 19:50 - 2019-03-04 19:50 - 000000000 ____D C:\Users\PC\AppData\Roaming\Opera Software
2019-03-03 10:37 - 2019-03-03 10:37 - 000000000 _____ C:\Users\PC\AppData\Local\{4A834E31-97F7-49A1-8D65-A7F4D7164588}
2019-02-12 07:09 - 2019-03-04 19:43 - 000000000 ____D C:\Users\PC\AppData\Local\CrashDumps
2019-02-11 16:06 - 2019-02-11 16:20 - 000000000 ____D C:\Users\PC\Desktop\MyBot 7.7.0 Light [ r02 ]

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-08 19:15 - 2014-03-28 10:55 - 000000000 ____D C:\AdwCleaner
2019-03-08 18:59 - 2011-06-04 10:21 - 000000000 ____D C:\Users\PC
2019-03-08 18:59 - 2009-07-14 01:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-03-08 17:00 - 2014-03-28 09:34 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-03-08 14:58 - 2019-01-28 13:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2016
2019-03-08 14:58 - 2019-01-28 13:06 - 000000000 ____D C:\Program Files\SketchUp
2019-03-08 14:58 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\inf
2019-03-08 14:57 - 2019-01-12 22:56 - 000000000 ____D C:\Users\PC\AppData\Roaming\IDM
2019-03-08 14:57 - 2011-06-04 10:39 - 000000000 ____D C:\Windows\system32\Macromed
2019-03-08 14:57 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\registration
2019-03-07 16:56 - 2019-01-12 22:56 - 000000000 ____D C:\Users\PC\AppData\Roaming\DMCache
2019-03-07 16:34 - 2009-07-14 01:34 - 000017168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-03-07 16:26 - 2012-06-27 10:32 - 000000000 ____D C:\Windows\system32\Lang
2019-03-06 20:26 - 2009-07-14 01:34 - 000012288 _____ C:\Windows\system32\umstartup.etl
2019-03-06 19:51 - 2018-12-15 15:34 - 000000000 ____D C:\Program Files\Common Files\avast software
2019-03-06 19:51 - 2011-06-04 10:39 - 000000000 ____D C:\Users\PC\AppData\Local\Google
2019-03-06 19:51 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\AppCompat
2019-03-06 16:14 - 2009-07-14 01:34 - 000017168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-02-19 11:28 - 2018-12-29 10:59 - 000000000 ____D C:\Users\PC\AppData\Roaming\.minecraft
2019-02-13 01:06 - 2013-02-28 08:59 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2019-02-13 01:06 - 2013-02-28 08:59 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-02-11 14:54 - 2011-06-04 10:39 - 000000000 ____D C:\Program Files\CCleaner

==================== Files in the root of some directories =======

2013-08-29 10:29 - 2013-08-29 10:29 - 000004608 _____ () C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-03-08 18:59 - 2019-03-08 18:59 - 000000000 _____ () C:\Users\PC\AppData\Local\{1D4354CA-B409-4AF3-B7C1-4CC102976A12}
2019-03-03 10:37 - 2019-03-03 10:37 - 000000000 _____ () C:\Users\PC\AppData\Local\{4A834E31-97F7-49A1-8D65-A7F4D7164588}
2019-03-06 19:52 - 2019-03-06 19:52 - 000000000 _____ () C:\Users\PC\AppData\Local\{C89EB7D5-A57B-40C7-A1A7-8A7D5BAD0FFC}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-02-24 14:06

==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 06-03-2019
Ran by PC (08-03-2019 19:21:17)
Running from C:\Users\PC\Desktop
Microsoft Windows 7 Ultimate  (X86) (2011-06-04 13:20:58)
Boot Mode: Safe Mode (minimal)
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-3644517816-1168602805-3951327880-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-3644517816-1168602805-3951327880-1002 - Limited - Enabled)
Invitado (S-1-5-21-3644517816-1168602805-3951327880-501 - Limited - Disabled)
PC (S-1-5-21-3644517816-1168602805-3951327880-1000 - Administrator - Enabled) => C:\Users\PC

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 4.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET NOD32 Antivirus 4.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DP Chip Lite v18.11 (HKLM\...\3DP Chip Lite) (Version: v18.11 - 3DP)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Reader X (10.1.6) - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AA1000000001}) (Version: 10.1.6 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
Autodesk DWF Viewer (HKLM\...\Autodesk DWF Viewer) (Version: 6.5 - Autodesk, Inc.)
AutoIt v3.3.14.5 (HKLM\...\AutoItv3) (Version: 3.3.14.5 - AutoIt Team)
Avast Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
BlueStacks App Player (HKLM\...\{D7E3588F-25E6-4A93-8B1C-596F7951CA38}) (Version: 0.10.7.5601 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Compresor WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
ESET NOD32 Antivirus (HKLM\...\{1D48FBBF-E8C3-4EB2-9A66-47468E8562C2}) (Version: 4.2.71.2 - ESET, spol. s r.o.)
Herramienta de carga de Windows Live (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version:  - Intel Corporation)
Java 8 Update 191 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
K-Lite Codec Pack 5.6.1 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 5.6.1 - )
LG USB Modem Drivers (HKLM\...\{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}) (Version: 4.9.4 - LG Electronics)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM\...\{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version:  - Microsoft)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM\...\{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version:  - Microsoft)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM\...\{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version:  - Microsoft)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM\...\{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version:  - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Nero 8.3.2.1 (HKLM\...\Nero8WinuE_is1) (Version: 8.3.2.1 - Bj @ WinuE)
Opera Stable 58.0.3135.90 (HKLM\...\Opera 58.0.3135.90) (Version: 58.0.3135.90 - Opera Software)
Paquete de controladores de Windows - Intel Corporation (iegdmini) Display  (10/26/2009 10.2.2.1450) (HKLM\...\7C12B3CB54A17AB537E54C97DA273A2685545A6C) (Version: 10/26/2009 10.2.2.1450 - Intel Corporation)
Paquete de idioma de Microsoft .NET Framework 4.5 ESN (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.50709 - Microsoft Corporation)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.2211.0 - CyberLink Corporation)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8419 - Realtek Semiconductor Corp.)
SketchUp 2016 (HKLM\...\{44433F62-1B61-46A6-915C-F8960E75B06E}) (Version: 16.1.1450 - Trimble Navigation Limited)
TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.44109 - TeamViewer)
TP-LINK TL-WN721N_TL-WN722N Driver (HKLM\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.3.1 - TP-LINK)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Windows Live Asistente para el inicio de sesión (HKLM\...\{7593234B-2AEB-4FC9-B02D-C9B30D86084C}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [			IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Users\PC\Desktop\Internet.Download.Manager.v6.32.Build.3.Retail.FiNAL-P0RTABL3\Internet Download Manager\IDMShellExt.dll [2018-05-12] (Tonec Inc. -> Tonec Inc.)
ContextMenuHandlers1: [Autodesk.DWF.ContextMenu] -> {6C18531F-CA85-45F7-8278-FF33CF0A5964} => C:\Program Files\Common Files\Autodesk shared\dwf common\DWFShellExtension.dll [2005-11-15] (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2011-01-12] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2011-01-12] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2011-01-12] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {12761FAE-2F22-4FFC-929C-04D845F2FCF2} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_142_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {1D6DAA23-5EAF-490B-B248-AA1073E6E170} - System32\Tasks\{F12130C0-458D-453A-A5FF-41E1045BC2A0} => C:\Windows\system32\pcalua.exe -a I:\tp\TL-WN722N(ES)_V2_170125\Setup.exe -d I:\tp\TL-WN722N(ES)_V2_170125
Task: {1E80232D-184D-4F3D-A072-32A48AFB890D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {2F9C30D1-2E29-439F-9CBD-4838610767CA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3644517816-1168602805-3951327880-1000Core => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {35182E82-68A4-4051-8E6B-DFCE13B6C030} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software) <==== ATTENTION
Task: {4CF4BF07-1CB5-400E-B941-E11F6067AD16} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software) <==== ATTENTION
Task: {570B8286-5A85-49C4-A939-471FE806185C} - System32\Tasks\{75977F9A-B89E-41F5-9933-D41E3552287C} => C:\Users\PC\Downloads\New.Super.Mario.Bros.U.v1.3.0.incl.Luigi.U.DLC.EUR.WiiU-P2P\CEMU\Cemu.exe
Task: {7E2FAF9D-C558-47A1-8A8D-6D4120F56833} - System32\Tasks\{B7511A26-7C16-4D85-ACF7-646B9E7508A4} => "c:\users\pc\appdata\local\google\chrome\application\old_chrome.exe" hxxp://ui.skype.com/ui/0/6.3.73.105.457/es/abandoninstall?page=tsProgressBar
Task: {A0F49BB0-501E-4387-9BA2-1AC2A7952526} - System32\Tasks\ESET Windows 10 upgrade – Refresh settings => C:\Program Files\Common Files\AV\ESET NOD32 Antivirus 4.2\upgrade.exe (ESET, spol. s r.o. -> ESET) [File not signed]
Task: {A6EFD824-408A-4628-A995-D97732A82361} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {B90D7DDE-38F3-4774-90CA-78F81733E587} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3644517816-1168602805-3951327880-1000UA => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {BDD77670-EA7A-4BA4-BBAC-5B8164A8720B} - System32\Tasks\{4A316958-05AC-4B16-ABCB-21363D52607D} => C:\Users\PC\Downloads\New.Super.Mario.Bros.U.v1.3.0.incl.Luigi.U.DLC.EUR.WiiU-P2P\CEMU\Cemu.exe
Task: {D03EAF7C-9885-4E6D-86AE-389A54F69647} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {F224FC38-E6E7-48FE-A4DE-5A9084B1257E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\PC\Desktop\adwcleaner_7.2.7.0.exe
Task: C:\Windows\Tasks\Opera scheduled Autoupdate 1551739913.job => C:\Program Files\Opera\launcher.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2012-06-26 23:26 - 2012-06-26 23:26 - 000097280 _____ () C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2011-06-04 10:38 - 2010-03-15 11:28 - 000141824 _____ () C:\Program Files\WinRAR\rarext.dll
2019-03-08 19:06 - 2019-02-01 09:56 - 003084800 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-03-08 19:06 - 2019-02-01 09:56 - 005139968 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-03-08 19:06 - 2019-02-01 09:55 - 005010944 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-03-08 19:06 - 2019-02-01 09:55 - 000024192 _____ () C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-runtime-l1-1-0.dll
2019-03-08 19:06 - 2019-02-01 09:55 - 001193808 _____ () C:\Program Files\Malwarebytes\Anti-Malware\ucrtbase.DLL
2019-03-08 19:06 - 2019-02-01 09:55 - 000022144 _____ () C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-core-localization-l1-2-0.dll
2019-03-08 19:06 - 2019-02-01 09:55 - 000020096 _____ () C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-core-processthreads-l1-1-1.dll
2019-03-08 19:06 - 2019-02-01 09:55 - 000019584 _____ () C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-core-file-l1-2-0.dll
2019-03-08 19:06 - 2019-02-01 09:55 - 000020096 _____ () C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-core-timezone-l1-1-0.dll
2019-03-08 19:06 - 2019-02-01 09:55 - 000019584 _____ () C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-core-file-l2-1-0.dll
2019-03-08 19:06 - 2019-02-01 09:55 - 000020336 _____ () C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-core-synch-l1-2-0.dll
2019-03-08 19:06 - 2019-02-01 09:55 - 000025728 _____ () C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-string-l1-1-0.dll
2019-03-08 19:06 - 2019-02-01 09:55 - 000020608 _____ () C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-heap-l1-1-0.dll
2019-03-08 19:06 - 2019-02-01 09:55 - 000025944 _____ () C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-stdio-l1-1-0.dll
2019-03-08 19:06 - 2019-02-01 09:55 - 000023680 _____ () C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-convert-l1-1-0.dll
2019-03-08 19:06 - 2019-02-01 09:55 - 000020096 _____ () C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-locale-l1-1-0.dll
2019-03-08 19:06 - 2019-02-01 09:55 - 000030336 _____ () C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-math-l1-1-0.dll
2019-03-08 19:06 - 2019-02-01 09:55 - 000022144 _____ () C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-time-l1-1-0.dll
2019-03-08 19:06 - 2019-02-01 09:55 - 000021632 _____ () C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-filesystem-l1-1-0.dll
2019-03-08 19:06 - 2019-02-01 09:55 - 000020096 _____ () C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-environment-l1-1-0.dll
2019-03-08 19:06 - 2019-02-01 09:55 - 000020096 _____ () C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-utility-l1-1-0.dll
2019-03-08 19:06 - 2019-02-01 09:56 - 002950144 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-03-08 19:06 - 2019-02-01 09:56 - 002234880 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-03-08 19:06 - 2019-02-01 09:56 - 004571648 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-03-08 19:06 - 2019-02-01 09:56 - 000438272 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-03-08 19:06 - 2019-02-01 09:56 - 001181184 _____ () C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-03-08 17:00 - 2019-02-01 09:56 - 000124928 _____ () C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-03-08 19:06 - 2019-02-01 09:56 - 000026112 _____ () C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-03-08 19:06 - 2019-02-01 09:56 - 000020992 _____ () C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-03-08 19:06 - 2019-02-01 09:56 - 000259584 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-03-08 19:06 - 2019-02-01 09:56 - 000014848 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-03-08 19:06 - 2019-02-01 09:56 - 000729088 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-03-08 19:06 - 2019-02-01 09:56 - 000073216 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-03-08 19:06 - 2019-02-01 09:56 - 000179712 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-03-08 19:06 - 2019-02-01 09:56 - 000014848 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-03-08 19:06 - 2019-02-01 09:56 - 000014848 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-03-08 19:06 - 2019-02-01 09:56 - 000101888 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-02 20:02 - 2018-12-29 23:33 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
HKU\S-1-5-21-3644517816-1168602805-3951327880-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\PC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DD6B6432-5D10-4AD0-AC7B-CB9B28D0E8BF}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ADBD95B6-58CC-435A-815F-C8FF5A1F604D}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C65413E4-97BC-4C35-B811-9A4271888A96}] => (Allow) svchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{A0C771AB-3E26-4835-BEBC-7B14702F5545}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{D416729D-49B0-49AA-947B-5F9B9C32495A}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{B94233B5-B15C-4E5C-AABA-E8BB32F64E93}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{77A1EF1A-7BA8-4766-993F-BFC7E7604228}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [TCP Query User{DC9E3986-6E62-4D6D-BE19-C028745FB0A1}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{D0E79BF5-0ADD-4BA3-852C-59CFBEDE9D69}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{393B1693-D56E-4E06-81F6-85B0B71E543C}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{0F631B5E-033D-4562-A357-F185ACD5BCDE}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{573E5A17-FB84-4CEE-B6EB-5DD59AB06B44}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{FC227E6E-450D-462C-8899-C93F01E2E551}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{82113654-A9F0-4237-A8D2-170C1F038523}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{43CA4B9B-3893-4409-BCDF-74D633CA3699}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{DB433C4B-D156-4995-BD56-9C708CF0AD9B}C:\program files\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_191\bin\javaw.exe
FirewallRules: [UDP Query User{1838ED0B-D417-4ABD-BA9A-1F5C67C3000E}C:\program files\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_191\bin\javaw.exe
FirewallRules: [{6C0E2224-B204-4F98-B48B-CA09C7C2CD51}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BA39E909-4B9E-42E3-9BC1-A9E7E1A08E7F}] => (Allow) C:\Program Files\Opera\58.0.3135.90\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================

05-02-2019 00:00:06 Punto de control programado
14-02-2019 05:48:34 Punto de control programado
21-02-2019 12:35:33 Punto de control programado
01-03-2019 16:09:34 Punto de control programado
07-03-2019 16:34:00 SketchUp 2016 eliminado(s)

==================== Faulty Device Manager Devices =============

Name: ehdrv
Description: ehdrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ehdrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/08/2019 07:18:10 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: No se pudo crear el punto de restauración (proceso = C:\Users\PC\AppData\Local\Temp\jrt\CreateRestorePoint.exe  "JRT Pre-Junkware Removal"; descripción = JRT Pre-Junkware Removal; error = 0x8007043c).

Error: (03/08/2019 06:59:26 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "C:\Users\PC\AppData\Local\chromium\Application\chrome.exe".
No se encontró el ensamblado dependiente 58.0.2988.0,language="&#x2a;",type="win32",version="58.0.2988.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (03/08/2019 05:58:45 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "C:\Users\PC\AppData\Local\chromium\Application\chrome.exe".
No se encontró el ensamblado dependiente 58.0.2988.0,language="&#x2a;",type="win32",version="58.0.2988.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (03/07/2019 04:55:24 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: No se puede iniciar el servicio. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   en BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   en System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/07/2019 04:55:24 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: No se puede iniciar el servicio. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   en BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   en System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/07/2019 04:28:15 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "C:\Users\PC\AppData\Local\chromium\Application\chrome.exe".
No se encontró el ensamblado dependiente 58.0.2988.0,language="&#x2a;",type="win32",version="58.0.2988.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (03/06/2019 08:26:49 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "C:\Users\PC\AppData\Local\chromium\Application\chrome.exe".
No se encontró el ensamblado dependiente 58.0.2988.0,language="&#x2a;",type="win32",version="58.0.2988.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (03/06/2019 08:09:14 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: El servicio Windows Search se está deteniendo porque hay un problema con el indizador: The catalog is corrupt.

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (03/08/2019 07:17:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (03/08/2019 07:17:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (03/08/2019 07:17:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (03/08/2019 07:17:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (03/08/2019 07:17:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (03/08/2019 07:17:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (03/08/2019 07:17:57 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "" para ejecutar el servidor:
{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (03/08/2019 07:17:56 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "" para ejecutar el servidor:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}


Windows Defender:
===================================
Date: 2015-08-05 05:56:48.438
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{19259270-F34E-4475-9139-CA86BD830D95}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

==================== Memory info =========================== 

Processor: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz
Percentage of memory in use: 68%
Total physical RAM: 2038.3 MB
Available physical RAM: 643.22 MB
Total Virtual: 4076.61 MB
Available Virtual: 2725.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:60.11 GB) (Free:22.32 GB) NTFS
Drive d: (DATOS) (Fixed) (Total:237.88 GB) (Free:233.6 GB) NTFS

\\?\Volume{bcde3278-8eac-11e0-b5f8-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: F44CCE9B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=60.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=237.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#20

Al ver que al iniciar el primer proceso de la lista que pusiste, se reiniciaba la pc, hice un scandisk y después no volvió a pasar.

Pude hacer todos los procesos y reinicios que fue pidiendo sin ningun drama.

Espero tu respuesta.

Muchas gracias.