Wacatac

Martin_La_Fuente · 2 Febrero, 2020 19:23

Hace 3 horas por error mi hermano instalo un archivo desconocido y hace 1 hora que lo veo windows me dio la amenaza de wacatac.D, si alguien pudiera ayudarme o recomendarme que hacer, gracias.

Daniela · 2 Febrero, 2020 19:24

Hola @Martin_La_Fuente bienvenido al ForoSpyware

Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.

Realiza un Análisis personalizado, actualizando si te lo pide.
Pulsar en “Cuarentena seleccionado” para enviarlo a la cuarentena y Reinicias el sistema.
En el apartado del manual Historial de detecciones encontrarás el reporte de MBAM, clic en Exportar >> Copiar al portapapeles.

2) Descarga AdwCleaner | InfoSpyware en el escritorio.

Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
Cierra también todos los programas que tengas abiertos.
Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt

3) Descarga CCleaner

Instala Ccleaner
Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine >> clic en ejecutar limpiador
Clic en la pestaña Registro >> clic en buscar problemas esperas que termine >> clic en Reparar Seleccionadas y haces una copia de seguridad
Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.

Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.

¿Cómo pegar reportes en el foro?

Un saludo

Martin_La_Fuente · 2 Febrero, 2020 20:23

Hola Daniela aca esta el reporte de malwarebytes y AdwCleaner

www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 2/2/20
Hora del análisis: 15:59
Archivo de registro: 7cd520e2-45f6-11ea-b18c-0c9d927fcda0.json

-Información del software-
Versión: 4.0.4.49
Versión de los componentes: 1.0.810
Versión del paquete de actualización: 1.0.18602
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.592)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-O07B44L\WINDOWS 10

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 292914
Amenazas detectadas: 134
Amenazas en cuarentena: 134
Tiempo transcurrido: 0 min, 43 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 20
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\UPDATER_ONLINE_APPLICATION, En cuarentena, 3698, 391429, , , , 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3EC94F1D-C7B5-4EBE-99EF-DA128EE0B55E}, En cuarentena, 3698, 391429, , , , 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{3EC94F1D-C7B5-4EBE-99EF-DA128EE0B55E}, En cuarentena, 3698, 391429, , , , 
PUP.Optional.Linkury, HKU\S-1-5-21-1401964566-684620665-1505736036-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}, En cuarentena, 268, 259313, 1.0.18602, , ame, 
Adware.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\Microleaves, En cuarentena, 1298, 716215, 1.0.18602, , ame, 
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\mtQuoteex, En cuarentena, 904, 260625, 1.0.18602, , ame, 
PUP.Optional.DriverPack, HKU\S-1-5-21-1401964566-684620665-1505736036-1001\SOFTWARE\DRPSU, En cuarentena, 610, 472301, 1.0.18602, , ame, 
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch, En cuarentena, 268, 259314, 1.0.18602, , ame, 
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\CloudPrinter_RASAPI32, En cuarentena, 904, 259705, 1.0.18602, , ame, 
PUP.Optional.SearchYa, HKU\S-1-5-21-1401964566-684620665-1505736036-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{993F5746-4C15-42BC-99C1-064A1764271B}, En cuarentena, 416, 242794, 1.0.18602, , ame, 
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\CloudPrinter_RASMANCS, En cuarentena, 904, 259705, 1.0.18602, , ame, 
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Quoteex_RASAPI32, En cuarentena, 904, 260623, 1.0.18602, , ame, 
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Quoteex_RASMANCS, En cuarentena, 904, 260623, 1.0.18602, , ame, 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, En cuarentena, 3698, 398592, 1.0.18602, , ame, 
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Application Hosting, En cuarentena, 904, 259928, 1.0.18602, , ame, 
Adware.Linkury, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\Quoteex.exe, En cuarentena, 422, 527830, 1.0.18602, , ame, 
PUP.Optional.DriverPack, HKLM\SOFTWARE\WOW6432NODE\DRPSU, En cuarentena, 610, 472300, 1.0.18602, , ame, 
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Quoteex.exe, En cuarentena, 904, 260624, 1.0.18602, , ame, 
Adware.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\Quoteex.exe, En cuarentena, 422, 527830, 1.0.18602, , ame, 
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{22867D89-6781-453C-94B0-A9D93F8C88F0}, En cuarentena, 268, 239939, 1.0.18602, , ame, 

Valor del registro: 17
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, En cuarentena, 904, -1, 0.0.0, , action, 
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, En cuarentena, 904, -1, 0.0.0, , action, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1401964566-684620665-1505736036-1001\ENVIRONMENT|SNF, En cuarentena, 904, -1, 0.0.0, , action, 
PUP.Optional.Linkury, HKU\S-1-5-21-1401964566-684620665-1505736036-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|DISPLAYNAME, En cuarentena, 268, 259313, 1.0.18602, , ame, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1401964566-684620665-1505736036-1001\ENVIRONMENT|SNP, En cuarentena, 904, 259518, 1.0.18602, , ame, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1401964566-684620665-1505736036-1001\ENVIRONMENT|SNF, En cuarentena, 904, 259517, 1.0.18602, , ame, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1401964566-684620665-1505736036-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|DEFAULT, En cuarentena, 904, 259988, 1.0.18602, , ame, 
PUP.Optional.DriverPack, HKU\S-1-5-21-1401964566-684620665-1505736036-1001\SOFTWARE\DRPSU|CLIENTID, En cuarentena, 610, 472301, 1.0.18602, , ame, 
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|DISPLAYNAME, En cuarentena, 268, 259314, 1.0.18602, , ame, 
PUP.Optional.SearchYa, HKU\S-1-5-21-1401964566-684620665-1505736036-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{993F5746-4C15-42BC-99C1-064A1764271B}|DISPLAYNAME, En cuarentena, 416, 242794, 1.0.18602, , ame, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1401964566-684620665-1505736036-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|URL, En cuarentena, 904, 259987, 1.0.18602, , ame, 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3EC94F1D-C7B5-4EBE-99EF-DA128EE0B55E}|PATH, En cuarentena, 3698, 391427, 1.0.18602, , ame, 
PUP.Optional.DriverPack, HKLM\SOFTWARE\WOW6432NODE\DRPSU|CLIENTID, En cuarentena, 610, 472300, 1.0.18602, , ame, 
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|URL, En cuarentena, 904, 259989, 1.0.18602, , ame, 
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{22867D89-6781-453C-94B0-A9D93F8C88F0}|PUBLISHER, En cuarentena, 268, 239939, 1.0.18602, , ame, 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}|CONTACT, En cuarentena, 3698, 333852, 1.0.18602, , ame, 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}|URLINFOABOUT, En cuarentena, 3698, 321304, 1.0.18602, , ame, 

Datos del registro: 8
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1401964566-684620665-1505736036-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH PAGE, Sustituido, 904, 293485, 1.0.18602, , ame, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1401964566-684620665-1505736036-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Sustituido, 904, 293485, 1.0.18602, , ame, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1401964566-684620665-1505736036-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH BAR, Sustituido, 904, 293485, 1.0.18602, , ame, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1401964566-684620665-1505736036-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCHASSISTANT, Sustituido, 904, 293485, 1.0.18602, , ame, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1401964566-684620665-1505736036-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|DEFAULT_SEARCH_URL, Sustituido, 904, 293486, 1.0.18602, , ame, 
PUP.Optional.Linkury, HKU\S-1-5-21-1401964566-684620665-1505736036-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DEFAULTSCOPE, Sustituido, 268, 293476, 1.0.18602, , ame, 
Adware.SonicSearch, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|DEFAULT, Sustituido, 13537, 693611, 1.0.18602, , ame, 
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DEFAULTSCOPE, Sustituido, 268, 293477, 1.0.18602, , ame, 

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 17
PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\CLOUDPRINTER, En cuarentena, 904, 259506, 1.0.18602, , ame, 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\ondemand, En cuarentena, 904, 260620, , , , 
PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\QUOTEEX, En cuarentena, 904, 260620, 1.0.18602, , ame, 
PUP.Optional.BundleInstaller, C:\USERS\WINDOWS 10\APPDATA\LOCAL\TEMP\247349109, En cuarentena, 504, 463480, 1.0.18602, , ame, 
PUP.Optional.OnlineIO, C:\WINDOWS\INSTALLER\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, En cuarentena, 3698, 391425, 1.0.18602, , ame, 
Adware.OnlineIO, C:\Users\WINDOWS 10\AppData\Roaming\Microleaves\Online Application 2.7.0\install\CFCBAA1, En cuarentena, 1298, 399763, , , , 
Adware.OnlineIO, C:\Users\WINDOWS 10\AppData\Roaming\Microleaves\Online Application 2.7.0\install, En cuarentena, 1298, 399763, , , , 
Adware.OnlineIO, C:\Users\WINDOWS 10\AppData\Roaming\Microleaves\Online Application 2.7.0, En cuarentena, 1298, 399763, , , , 
Adware.OnlineIO, C:\USERS\WINDOWS 10\APPDATA\ROAMING\MICROLEAVES, En cuarentena, 1298, 399763, 1.0.18602, , ame, 
Adware.Linkury, C:\ProgramData\Logic Cramble\X64, En cuarentena, 422, 431817, , , , 
Adware.Linkury, C:\ProgramData\Logic Cramble\X86, En cuarentena, 422, 431817, , , , 
Adware.Linkury, C:\PROGRAMDATA\LOGIC CRAMBLE, En cuarentena, 422, 431817, 1.0.18602, , ame, 
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0, En cuarentena, 1298, 716213, , , , 
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application, En cuarentena, 1298, 716213, , , , 
Adware.OnlineIO, C:\PROGRAM FILES (X86)\MICROLEAVES, En cuarentena, 1298, 716213, 1.0.18602, , ame, 
Adware.Linkury.TskLnk, C:\PROGRAM FILES (X86)\COMMON FILES\TOUGHTAM, En cuarentena, 14924, 444931, 1.0.18602, , ame, 
PUP.Optional.Linkury.Generic, C:\PROGRAMDATA\QUOTEEXS, En cuarentena, 204, 380106, 1.0.18602, , ame, 

Archivo: 72
PUP.Optional.Linkury.ACMB1, C:\WINDOWS\SYSWOW64\FINDIT.XML, En cuarentena, 904, 259512, 1.0.18602, , ame, 
PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\CLOUDPRINTER\CLOUDPRINTER.DAT, En cuarentena, 904, 259506, 1.0.18602, , ame, 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\CloudPrinter\Config.xml, En cuarentena, 904, 259506, , , , 
PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\QUOTEEX\Anron.bin, En cuarentena, 904, 260620, 1.0.18602, , ame, 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Big-Tax.bin, En cuarentena, 904, 260620, , , , 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\conf.config, En cuarentena, 904, 260620, , , , 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\DamMatstock.dat, En cuarentena, 904, 260620, , , , 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Dingflex.bin, En cuarentena, 904, 260620, , , , 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\DoubleHottex.dat, En cuarentena, 904, 260620, , , , 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Hotfan.bin, En cuarentena, 904, 260620, , , , 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Lamtex.exe, En cuarentena, 904, 260620, , , , 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Lamtex.exe.config, En cuarentena, 904, 260620, , , , 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\md.xml, En cuarentena, 904, 260620, , , , 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\qrey50yw.xml, En cuarentena, 904, 260620, , , , 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Quotam.exe, En cuarentena, 904, 260620, , , , 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Quotam.exe.config, En cuarentena, 904, 260620, , , , 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Quoteex.d.dat, En cuarentena, 904, 260620, , , , 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Quoteex.dat, En cuarentena, 904, 260620, , , , 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\S-nix.dat, En cuarentena, 904, 260620, , , , 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\SolDom.bin, En cuarentena, 904, 260620, , , , 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Unahome.bin, En cuarentena, 904, 260620, , , , 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\uninstall.dat, En cuarentena, 904, 260620, , , , 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Voyacom.bin, En cuarentena, 904, 260620, , , , 
PUP.Optional.OnlineIO, C:\WINDOWS\INSTALLER\SOURCEHASH{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, En cuarentena, 3698, 391431, 1.0.18602, , ame, 
Adware.Linkury.Generic, C:\USERS\WINDOWS 10\APPDATA\LOCAL\NOAH.DAT, En cuarentena, 3759, 404865, 1.0.18602, , ame, 
Adware.Linkury.Generic, C:\USERS\WINDOWS 10\APPDATA\LOCAL\MD.XML, En cuarentena, 3759, 404866, 1.0.18602, , ame, 
PUP.Optional.OnlineIO, C:\WINDOWS\TASKS\UPDATER_ONLINE_APPLICATION.JOB, En cuarentena, 3698, 391430, 1.0.18602, , ame, 
Adware.Linkury.Generic, C:\USERS\WINDOWS 10\APPDATA\LOCAL\UNINSTALL_TEMP.ICO, En cuarentena, 3759, 404862, 1.0.18602, , ame, 
Adware.Linkury, C:\USERS\WINDOWS 10\APPDATA\LOCAL\TEMP\247349109\ic-0.1ba41626d5b6ac.exe, En cuarentena, 422, 780109, 1.0.18602, 0E6275DE7E275071E91E55C4, dds, 00572791
PUP.Optional.BundleInstaller, C:\USERS\WINDOWS 10\APPDATA\LOCAL\TEMP\247349109\ic-0.e75cf1ffacf76.exe, En cuarentena, 504, 463480, 1.0.18602, , ame, 
PUP.Optional.BundleInstaller, C:\Users\WINDOWS 10\AppData\Local\Temp\247349109\dlreport, En cuarentena, 504, 463480, , , , 
Adware.Linkury.Generic, C:\USERS\WINDOWS 10\APPDATA\LOCAL\MAIN.DAT, En cuarentena, 3759, 442900, 1.0.18602, , ame, 
Adware.Linkury.Generic, C:\USERS\WINDOWS 10\APPDATA\LOCAL\Icecanlab.tst, En cuarentena, 3759, 404871, 1.0.18602, , ame, 
Adware.Linkury.Generic, C:\USERS\WINDOWS 10\APPDATA\LOCAL\Opentom.tst, En cuarentena, 3759, 404871, 1.0.18602, , ame, 
Adware.Linkury, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\installer.dat, En cuarentena, 422, 715618, 1.0.18602, , ame, 
Adware.Linkury.Generic, C:\USERS\WINDOWS 10\APPDATA\LOCAL\AGENT.DAT, En cuarentena, 3759, 404872, 1.0.18602, , ame, 
PUP.Optional.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\UPDATER_ONLINE_APPLICATION, En cuarentena, 3698, 391429, 1.0.18602, , ame, 
Adware.OnlineIO, C:\WINDOWS\TASKS\Online Application V2G5.job, En cuarentena, 1298, 527823, 1.0.18602, , ame, 
Adware.OnlineIO, C:\WINDOWS\TASKS\Online Application V2G6.job, En cuarentena, 1298, 527823, 1.0.18602, , ame, 
Trojan.Agent, C:\USERS\WINDOWS 10\APPDATA\LOCAL\LOBBY.DAT, En cuarentena, 487, 712637, 1.0.18602, , ame, 
Trojan.Agent, C:\USERS\WINDOWS 10\APPDATA\LOCAL\APPLICATIONHOSTING.DAT, En cuarentena, 487, 712640, 1.0.18602, , ame, 
Adware.Linkury, C:\USERS\WINDOWS 10\APPDATA\LOCAL\installer.dat, En cuarentena, 422, 715618, 1.0.18602, , ame, 
PUP.Optional.OnlineIO, C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}\online.exe, En cuarentena, 3698, 391425, , , , 
PUP.Optional.OnlineIO, C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}\SystemFoldermsiexec.exe, En cuarentena, 3698, 391425, , , , 
Adware.OnlineIO, C:\Users\WINDOWS 10\AppData\Roaming\Microleaves\Online Application 2.7.0\install\CFCBAA1\Basic Installer with memory detection.msi, En cuarentena, 1298, 399763, , , , 
Adware.Linkury, C:\ProgramData\Logic Cramble\X64\SQLite.Interop.dll, En cuarentena, 422, 431817, , , , 
Adware.Linkury, C:\ProgramData\Logic Cramble\X86\SQLite.Interop.dll, En cuarentena, 422, 431817, , , , 
Adware.Linkury, C:\ProgramData\Logic Cramble\Config.json, En cuarentena, 422, 431817, , , , 
Adware.Linkury, C:\ProgramData\Logic Cramble\set.exe.config, En cuarentena, 422, 431817, , , , 
Adware.Linkury, C:\ProgramData\Logic Cramble\System.Data.SQLite.dll, En cuarentena, 422, 431817, , , , 
Adware.Linkury, C:\ProgramData\Logic Cramble\System.Data.SQLite.Linq.dll, En cuarentena, 422, 431817, , , , 
Adware.Linkury, C:\ProgramData\Logic Cramble\System.Data.SQLite.xml, En cuarentena, 422, 431817, , , , 
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online.io EULA.url, En cuarentena, 1298, 716213, , , , 
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online.io Privacy.url, En cuarentena, 1298, 716213, , , , 
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\trz4F9C.tmp, En cuarentena, 1298, 716213, , , , 
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Uninstall Online Application.lnk, En cuarentena, 1298, 716213, , , , 
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\unp20967215.tmp, En cuarentena, 1298, 716213, , , , 
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe, En cuarentena, 1298, 716213, , , , 
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.ini, En cuarentena, 1298, 716213, , , , 
Adware.Linkury.TskLnk, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\INSTALLATIONCONFIGURATION.XML, En cuarentena, 14924, 444922, 1.0.18602, , ame, 
Adware.Linkury.Generic, C:\USERS\WINDOWS 10\APPDATA\LOCAL\CONFIG.XML, En cuarentena, 3759, 404859, 1.0.18602, , ame, 
Adware.Linkury, C:\USERS\WINDOWS 10\APPDATA\LOCAL\ICECANLAB.EXE, En cuarentena, 422, 780109, 1.0.18602, 0E6275DE7E275071E91E55C4, dds, 00572791
Adware.Linkury.TskLnk, C:\USERS\WINDOWS 10\APPDATA\LOCAL\INSTALLATIONCONFIGURATION.XML, En cuarentena, 14924, 444923, 1.0.18602, , ame, 
Adware.Linkury, C:\USERS\WINDOWS 10\APPDATA\LOCAL\OPENTOM.EXE, En cuarentena, 422, 780109, 1.0.18602, 0E6275DE7E275071E91E55C4, dds, 00572791
Adware.Linkury.TskLnk, C:\PROGRAM FILES (X86)\COMMON FILES\TOUGHTAM\INSTALLATIONCONFIGURATION.XML, En cuarentena, 14924, 444931, 1.0.18602, , ame, 
Adware.Linkury.TskLnk, C:\Program Files (x86)\Common Files\Toughtam\uninstall.dat, En cuarentena, 14924, 444931, , , , 
Adware.Linkury.TskLnk, C:\Program Files (x86)\Common Files\Toughtam\uninstall.exe, En cuarentena, 14924, 444931, , , , 
Adware.Linkury.TskLnk, C:\Program Files (x86)\Common Files\Toughtam\uninstall.ico, En cuarentena, 14924, 444931, , , , 
PUP.Optional.Linkury.Generic, C:\PROGRAMDATA\QUOTEEXS\FF.HP, En cuarentena, 204, 380106, 1.0.18602, , ame, 
PUP.Optional.Linkury.Generic, C:\ProgramData\Quoteexs\ff.NT, En cuarentena, 204, 380106, , , , 
PUP.Optional.Linkury.Generic, C:\ProgramData\Quoteexs\snp.sc, En cuarentena, 204, 380106, , , , 
PUP.Optional.BundleInstaller, C:\USERS\WINDOWS 10\DOWNLOADS\UTORRENT.EXE, En cuarentena, 504, 774106, 1.0.18602, , ame, 

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)````



y aca el de AdwCleaner

````# -------------------------------
# Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build:    01-27-2020
# Database: 2020-01-24.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    02-02-2020
# Duration: 00:00:06
# OS:       Windows 10 Pro
# Cleaned:  183
# Failed:   0


***** [ Services ] *****

Deleted       WCAssistantService

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\Lavasoft\Web Companion
Deleted       C:\Program Files (x86)\Yahoo!\Companion
Deleted       C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted       C:\ProgramData\Lavasoft\Web Companion
Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted       C:\ProgramData\Yahoo! Companion
Deleted       C:\Users\WINDOWS 10\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
Deleted       C:\Users\WINDOWS 10\AppData\Roaming\DRPSu
Deleted       C:\Users\WINDOWS 10\AppData\Roaming\Lavasoft\Web Companion
Deleted       C:\Users\WINDOWS 10\AppData\Roaming\Yahoo!\Companion

***** [ Files ] *****

Deleted       C:\Program Files (x86)\Yahoo!\Common\unyt.exe

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\AppDataLow\Software\Yahoo\Companion
Deleted       HKCU\Software\Lavasoft\Web Companion
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted       HKCU\Software\Yahoo\Companion
Deleted       HKCU\Software\Yahoo\YFriendsBar
Deleted       HKLM\SOFTWARE\Classes\AppID\YCAPlugin.DLL
Deleted       HKLM\SOFTWARE\Classes\AppID\YMERemote.DLL
Deleted       HKLM\SOFTWARE\Classes\AppID\YPUBC.DLL
Deleted       HKLM\SOFTWARE\Classes\AppID\YTBM.DLL
Deleted       HKLM\SOFTWARE\Classes\AppID\YTMsgr.DLL
Deleted       HKLM\SOFTWARE\Classes\AppID\YTNavAssist.DLL
Deleted       HKLM\SOFTWARE\Classes\AppID\YTSingleInstance.DLL
Deleted       HKLM\SOFTWARE\Classes\AppID\YTabBar.DLL
Deleted       HKLM\SOFTWARE\Classes\AppID\yt.DLL
Deleted       HKLM\SOFTWARE\Classes\AppID\ytbbroker.EXE
Deleted       HKLM\SYSTEM\Setup\FirstBoot\Services\WCAssistantService
Deleted       HKLM\Software\Classes\AppID\{07CDAAD9-1226-4C6D-B774-C00E7B323484}
Deleted       HKLM\Software\Classes\AppID\{1CAE874F-F5C7-4BCC-BA46-9AD26DF35B93}
Deleted       HKLM\Software\Classes\AppID\{35860EFB-1589-4F32-A618-99E847A502B2}
Deleted       HKLM\Software\Classes\AppID\{39DCCEAF-C749-4390-9953-527CF916935C}
Deleted       HKLM\Software\Classes\AppID\{41D7CEE0-D91F-498C-BC88-4A6BEE46C2BC}
Deleted       HKLM\Software\Classes\AppID\{7D831388-D405-4272-9511-A07440AD2927}
Deleted       HKLM\Software\Classes\AppID\{9EDCCD11-960D-49AE-B523-C6B5AB7E1345}
Deleted       HKLM\Software\Classes\AppID\{EB2BA65E-41F6-4F64-92A6-216CDFFDF577}
Deleted       HKLM\Software\Classes\AppID\{EFC0651C-B6D7-49CD-A6E0-B1CE9AB5FE46}
Deleted       HKLM\Software\Classes\AppID\{FFFFE1D1-E40D-49a1-9622-BC59BD1879C3}
Deleted       HKLM\Software\Classes\Installer\Features\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted       HKLM\Software\Classes\Installer\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted       HKLM\Software\Classes\Interface\{11D5E9EA-3117-4389-8E58-742F0975C980}
Deleted       HKLM\Software\Classes\Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}
Deleted       HKLM\Software\Classes\Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}
Deleted       HKLM\Software\Classes\Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915}
Deleted       HKLM\Software\Classes\Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}
Deleted       HKLM\Software\Classes\Interface\{2723E96B-905F-4C64-8999-D868A08E6370}
Deleted       HKLM\Software\Classes\Interface\{29E3319C-4B3C-479F-8692-BDD2CA30BEDD}
Deleted       HKLM\Software\Classes\Interface\{2FCB4E7E-E5C7-4D07-BB2C-78DF2DA867AD}
Deleted       HKLM\Software\Classes\Interface\{367BD1CD-74A3-451F-B1A4-6A2DE4129A2D}
Deleted       HKLM\Software\Classes\Interface\{38552F25-8DED-4206-BB21-041EF53328F9}
Deleted       HKLM\Software\Classes\Interface\{3D592FCB-FEFD-43A6-9A4F-BDE2D4607D07}
Deleted       HKLM\Software\Classes\Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21}
Deleted       HKLM\Software\Classes\Interface\{63B73044-FC1A-4FE1-991B-FDBD4CDAA868}
Deleted       HKLM\Software\Classes\Interface\{67E5E37C-E6B8-4782-877D-E9437C4CD982}
Deleted       HKLM\Software\Classes\Interface\{686D40BC-FA43-4317-8474-E634E6B487F2}
Deleted       HKLM\Software\Classes\Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF}
Deleted       HKLM\Software\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}
Deleted       HKLM\Software\Classes\Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE}
Deleted       HKLM\Software\Classes\Interface\{A310B105-FB7D-4497-A7E8-E046462B012F}
Deleted       HKLM\Software\Classes\Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}
Deleted       HKLM\Software\Classes\Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A}
Deleted       HKLM\Software\Classes\Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB}
Deleted       HKLM\Software\Classes\Interface\{DF522774-8CA0-4B15-A93A-5F61AB95DA1C}
Deleted       HKLM\Software\Classes\Interface\{F56ACA29-1C99-40F1-AC64-2E44C4F6BC71}
Deleted       HKLM\Software\Classes\Interface\{F9A10D86-182A-4946-869B-70C3D109D14D}
Deleted       HKLM\Software\Classes\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}
Deleted       HKLM\Software\Classes\TypeLib\{0548C79F-7B8C-455D-B228-97D35371BB62}
Deleted       HKLM\Software\Classes\TypeLib\{4A1E52AC-64F2-49E9-BFD7-0806D9494DBB}
Deleted       HKLM\Software\Classes\TypeLib\{61A2027D-B837-4080-A925-6E30E10DEF32}
Deleted       HKLM\Software\Classes\TypeLib\{78DB07DF-483E-4829-AB44-ED7952083584}
Deleted       HKLM\Software\Classes\TypeLib\{8A1AB044-787D-4309-8410-709768E484AB}
Deleted       HKLM\Software\Classes\TypeLib\{A2C55651-A23E-43CA-B63D-C10B99EFF7E0}
Deleted       HKLM\Software\Classes\TypeLib\{A31F34A1-EBD2-45A2-BF6D-231C1B987CC8}
Deleted       HKLM\Software\Classes\TypeLib\{AD34BE7D-2603-43DD-8D1F-E4431D42C44E}
Deleted       HKLM\Software\Classes\TypeLib\{B722ED8B-0B38-408E-BB89-260C73BCF3D4}
Deleted       HKLM\Software\Classes\TypeLib\{B82D18E0-1649-48DE-92D7-AA89BBB5F0AD}
Deleted       HKLM\Software\Classes\TypeLib\{D2EA97F6-6235-4B2D-B5AA-A4472B9CE557}
Deleted       HKLM\Software\Classes\Yahoo.AntiSpyPlugin
Deleted       HKLM\Software\Classes\Yahoo.PopupBlockerPlugin
Deleted       HKLM\Software\Classes\yt.CacheLoader
Deleted       HKLM\Software\Classes\yt.Clickstream
Deleted       HKLM\Software\Classes\yt.YTHelper
Deleted       HKLM\Software\Classes\yt.YToolbarBand
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted       HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{fe72372d-90c4-4e26-81ee-64c01c55d18e}|DisplayIcon
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{fe72372d-90c4-4e26-81ee-64c01c55d18e}|DisplayName
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{fe72372d-90c4-4e26-81ee-64c01c55d18e}|UninstallString
Deleted       HKLM\Software\Wow6432Node\Yahoo\Companion
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\YCAPlugin.DLL
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\YMERemote.DLL
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\YPUBC.DLL
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\YTBM.DLL
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\YTMsgr.DLL
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\YTNavAssist.DLL
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\YTSingleInstance.DLL
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\YTabBar.DLL
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\yt.DLL
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\ytbbroker.EXE
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{07CDAAD9-1226-4C6D-B774-C00E7B323484}
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{1CAE874F-F5C7-4BCC-BA46-9AD26DF35B93}
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{35860EFB-1589-4F32-A618-99E847A502B2}
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{39DCCEAF-C749-4390-9953-527CF916935C}
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{41D7CEE0-D91F-498C-BC88-4A6BEE46C2BC}
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{7D831388-D405-4272-9511-A07440AD2927}
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{9EDCCD11-960D-49AE-B523-C6B5AB7E1345}
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{EB2BA65E-41F6-4F64-92A6-216CDFFDF577}
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{EFC0651C-B6D7-49CD-A6E0-B1CE9AB5FE46}
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{FFFFE1D1-E40D-49a1-9622-BC59BD1879C3}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{1147DC83-6208-4dca-8E88-DD45BAAB3043}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{11CB4723-D5A1-4a55-8D1D-5C2679D54CF5}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{1E57256D-9F39-4267-AB39-D7813D644C5A}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{31371420-098D-4C0E-A11E-EBEC2305DD01}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{37B8167C-B9A4-4316-94B2-67B64BB2BA7C}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{3A06AA27-D94B-48C2-BB55-9FD0FF2120E3}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{46140CE4-76FE-440E-AE88-4C2272BC05C7}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{6EB4349D-4333-442F-ACA4-4C72AF28B6ED}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{9F9C4C5C-2BA8-4E00-A697-9F710BB1026B}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{B7A0E898-93E5-43f4-B99A-6C70B303699C}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{C60CCE95-6AF9-4E74-B66B-3212D19F1D2F}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{D40A62D1-8FC0-4F03-90C4-0DE03BE73A41}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{DDCED22E-D018-471D-9A5C-A4EA2F21133D}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{E1A2D448-6334-45ec-8800-6D7F71DC87FC}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{F51C15D4-3D0A-4DBA-A095-EBCC09F24DA2}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{F9A10D86-182A-4946-869B-70C3D109D14D}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{FBE30D66-39A2-4b72-8B43-6D4C335A6F34}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{11D5E9EA-3117-4389-8E58-742F0975C980}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{2723E96B-905F-4C64-8999-D868A08E6370}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{29E3319C-4B3C-479F-8692-BDD2CA30BEDD}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{2FCB4E7E-E5C7-4D07-BB2C-78DF2DA867AD}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{367BD1CD-74A3-451F-B1A4-6A2DE4129A2D}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{38552F25-8DED-4206-BB21-041EF53328F9}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{3D592FCB-FEFD-43A6-9A4F-BDE2D4607D07}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{63B73044-FC1A-4FE1-991B-FDBD4CDAA868}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{67E5E37C-E6B8-4782-877D-E9437C4CD982}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{686D40BC-FA43-4317-8474-E634E6B487F2}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{A310B105-FB7D-4497-A7E8-E046462B012F}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{DF522774-8CA0-4B15-A93A-5F61AB95DA1C}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{F56ACA29-1C99-40F1-AC64-2E44C4F6BC71}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{F9A10D86-182A-4946-869B-70C3D109D14D}
Deleted       HKLM\Software\Wow6432Node\\Classes\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}
Deleted       HKLM\Software\Wow6432Node\\Classes\TypeLib\{0548C79F-7B8C-455D-B228-97D35371BB62}
Deleted       HKLM\Software\Wow6432Node\\Classes\TypeLib\{4A1E52AC-64F2-49E9-BFD7-0806D9494DBB}
Deleted       HKLM\Software\Wow6432Node\\Classes\TypeLib\{61A2027D-B837-4080-A925-6E30E10DEF32}
Deleted       HKLM\Software\Wow6432Node\\Classes\TypeLib\{78DB07DF-483E-4829-AB44-ED7952083584}
Deleted       HKLM\Software\Wow6432Node\\Classes\TypeLib\{8A1AB044-787D-4309-8410-709768E484AB}
Deleted       HKLM\Software\Wow6432Node\\Classes\TypeLib\{A2C55651-A23E-43CA-B63D-C10B99EFF7E0}
Deleted       HKLM\Software\Wow6432Node\\Classes\TypeLib\{A31F34A1-EBD2-45A2-BF6D-231C1B987CC8}
Deleted       HKLM\Software\Wow6432Node\\Classes\TypeLib\{AD34BE7D-2603-43DD-8D1F-E4431D42C44E}
Deleted       HKLM\Software\Wow6432Node\\Classes\TypeLib\{B722ED8B-0B38-408E-BB89-260C73BCF3D4}
Deleted       HKLM\Software\Wow6432Node\\Classes\TypeLib\{B82D18E0-1649-48DE-92D7-AA89BBB5F0AD}
Deleted       HKLM\Software\Wow6432Node\\Classes\TypeLib\{D2EA97F6-6235-4B2D-B5AA-A4472B9CE557}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EFC0651C-B6D7-49CD-A6E0-B1CE9AB5FE46}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Toolbar|{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
Deleted       HKU\.DEFAULT\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
Deleted       HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKU\S-1-5-18\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
Deleted       HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

Deleted       findit
Deleted       findit

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [20361 octets] - [02/02/2020 16:07:58]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Gracias por ayudarme.

Daniela · 2 Febrero, 2020 22:26

Hola

Hiciste un análisis de amenazas con Malwarebytes y te comenté personalizado, hace una búsqueda más exhausta.

Tenías muy infectado ese equipo.

Cómo sigue el problema.

Un saludo