• Registrarse
  • Iniciar sesión


  • Página 3 de 8 PrimeroPrimero 1234567 ... ÚltimoÚltimo
    Resultados 21 al 30 de 79

    antivirus bloqueado

    gracias, te copio: # DelFix v1.011 - Logfile created 27/05/2017 at 11:14:28 # Updated 18/08/2015 by Xplode # Username : Julia - JULIA-PC # Operating System : Windows 7 Ultimate (32 bits) ~ Removing disinfection ...

    1. #21
      Usuario Avatar de siemprebuscando
      Registrado
      may 2017
      Ubicación
      españa
      Mensajes
      43

      Re: antivirus bloqueado

      gracias, te copio:

      # DelFix v1.011 - Logfile created 27/05/2017 at 11:14:28
      # Updated 18/08/2015 by Xplode
      # Username : Julia - JULIA-PC
      # Operating System : Windows 7 Ultimate (32 bits)

      ~ Removing disinfection tools ...

      Deleted : C:\FRST
      Deleted : C:\AdwCleaner
      Deleted : C:\Users\Julia\Downloads\AdwCleaner.exe
      Deleted : C:\Users\Julia\Downloads\adwcleaner_6.047.exe
      Deleted : C:\Users\Julia\Downloads\FRST.exe

      ########## - EOF - ##########

      copio frst:
      Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-05-2017
      Ran by Julia (administrator) on JULIA-PC (27-05-2017 11:24:38)
      Running from C:\Users\Julia\Desktop
      Loaded Profiles: Julia (Available Profiles: Julia)
      Platform: Microsoft Windows 7 Ultimate (X86) Language: Spanish (Spain, International Sort)
      Internet Explorer Version 8 (Default browser: FF)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (AMD) C:\Windows\System32\atiesrxx.exe
      (AMD) C:\Windows\System32\atieclxx.exe
      (Microsoft Corporation) C:\Windows\System32\wlanext.exe
      (pdfforge GbR) C:\Program Files\PDF Architect\HelperService.exe
      (pdfforge GbR) C:\Program Files\PDF Architect\ConversionService.exe
      (DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
      (StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
      (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
      (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      (Dropbox, Inc.) C:\Users\Julia\AppData\Roaming\Dropbox\bin\Dropbox.exe
      (Dropbox, Inc.) C:\Users\Julia\AppData\Roaming\Dropbox\bin\Dropbox.exe
      (Dropbox, Inc.) C:\Users\Julia\AppData\Roaming\Dropbox\bin\Dropbox.exe
      (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
      (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
      (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
      (Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
      (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
      (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

      ==================== Registry (Whitelisted) ====================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2012-03-14] (Advanced Micro Devices, Inc.)
      HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
      HKLM\...\Run: [BrStsMon00] => C:\Program Files\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
      HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
      HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
      HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
      HKLM\...\Run: [AdobeCS6ServiceManager] => C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
      HKLM\...\Run: [AvgUi] => "C:\Program Files\AVG\Framework\Common\avguirnx.exe" /lps=fmw
      HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [318128 2016-08-25] (Samsung Electronics Co., Ltd.)
      HKLM\...\Run: [AVGUI.exe] => "C:\Program Files\AVG\Antivirus\AvLaunch.exe" /gui
      HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
      HKU\S-1-5-21-2155655650-2868152525-1627722622-1000\...\Run: [AlcoholAutomount] => C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
      HKU\S-1-5-21-2155655650-2868152525-1627722622-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
      HKU\S-1-5-21-2155655650-2868152525-1627722622-1000\...\Run: [AdobeBridge] => [X]
      HKU\S-1-5-21-2155655650-2868152525-1627722622-1000\...\Run: [Dropbox Update] => C:\Users\Julia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
      Startup: C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-05-17]
      ShortcutTarget: Dropbox.lnk -> C:\Users\Julia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
      BootExecute: autocheck autochk * sdnclean.exe

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
      Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254
      Tcpip\..\Interfaces\{3CD4A4F4-AE19-4C86-AA79-F7EFA290AD19}: [DhcpNameServer] 80.58.61.250 80.58.61.254

      Internet Explorer:
      ==================
      HKU\S-1-5-21-2155655650-2868152525-1627722622-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.es/
      HKU\S-1-5-21-2155655650-2868152525-1627722622-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://es.msn.com/?ocid=iehp
      SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
      BHO: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2011-04-11] (BitComet)
      BHO: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files\PDF Architect\PDFIEHelper.dll [2013-01-09] (pdfforge GbR)
      BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2011-06-08] (Advanced Micro Devices)
      BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation)
      BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-25] (Oracle Corporation)
      BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
      BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-25] (Oracle Corporation)
      Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
      Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)

      FireFox:
      ========
      FF ProfilePath: C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\py5zvzi2.default [2017-05-27]
      FF DefaultSearchEngine: Mozilla\Firefox\Profiles\py5zvzi2.default -> Google
      FF Homepage: Mozilla\Firefox\Profiles\py5zvzi2.default -> hxxps://www.google.es
      FF Extension: (X-notifier (for Gmail™,Hotmail,Yahoo,AOL...)) - C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\py5zvzi2.default\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2017-05-05]
      FF Extension: (Download YouTube Videos as MP4) - C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\py5zvzi2.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2017-02-15]
      FF Extension: (Adblock Plus) - C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\py5zvzi2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-05-25]
      FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
      FF Extension: (Microsoft .NET Framework Assistant) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-22] [not signed]
      FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\PDF Architect\FFPDFArchitectExt
      FF Extension: (PDF Architect Converter For Firefox) - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-03-28] [not signed]
      FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-09] ()
      FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-25] (Oracle Corporation)
      FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-25] (Oracle Corporation)
      FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
      FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
      FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2009-04-04] (Microsoft Corporation)
      FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files\Sony\Media Go\npmediago.dll [2013-02-14] (Sony Network Entertainment International LLC)
      FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
      FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
      FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-04-11] (VideoLAN)
      FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-12-21] (Adobe Systems Inc.)
      FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-03] (Adobe Systems)
      FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll [2012-01-12] (BitComet)
      FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-12-21] (Adobe Systems Inc.)

      Chrome:
      =======
      CHR Profile: C:\Users\Julia\AppData\Local\Google\Chrome\User Data\Default [2017-05-24]
      CHR Extension: (Presentaciones de Google) - C:\Users\Julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-16]
      CHR Extension: (Google Docs) - C:\Users\Julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-16]
      CHR Extension: (Google Drive) - C:\Users\Julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-16]
      CHR Extension: (YouTube) - C:\Users\Julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-16]
      CHR Extension: (Hojas de cálculo de Google) - C:\Users\Julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-16]
      CHR Extension: (Documentos de Google sin conexión) - C:\Users\Julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-08]
      CHR Extension: (Gmail) - C:\Users\Julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-16]
      CHR HKU\S-1-5-21-2155655650-2868152525-1627722622-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
      S3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
      R2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1799272 2011-12-07] (Realsil Microelectronics Inc.)
      R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [3398608 2017-05-09] (Malwarebytes)
      R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
      R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
      S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
      R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
      R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
      S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
      S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680448 2009-04-22] (Microsoft Corporation)

      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R3 amdhub30; C:\Windows\System32\DRIVERS\amdhub30.sys [81536 2011-10-25] (Advanced Micro Devices, INC.)
      S3 amdsata; C:\Windows\system32\DRIVERS\amdsata.sys [77904 2009-04-22] (AMD)
      R0 amdxata; C:\Windows\System32\DRIVERS\amdxata.sys [23120 2009-04-22] (AMD)
      R3 amdxhc; C:\Windows\System32\DRIVERS\amdxhc.sys [173184 2011-10-25] (Advanced Micro Devices, INC.)
      R2 avgMonFlt; C:\Windows\system32\drivers\avgMonFlt.sys [109056 2017-05-24] (AVG Technologies CZ, s.r.o.)
      R1 avgRdr; C:\Windows\system32\drivers\avgRdr2.sys [91464 2017-05-24] (AVG Technologies CZ, s.r.o.)
      R0 avgRvrt; C:\Windows\system32\drivers\avgRvrt.sys [63280 2017-05-24] (AVG Technologies CZ, s.r.o.)
      R1 avgSnx; C:\Windows\system32\drivers\avgSnx.sys [765704 2017-05-24] (AVG Technologies CZ, s.r.o.)
      R1 avgSP; C:\Windows\system32\drivers\avgSP.sys [483736 2017-05-24] (AVG Technologies CZ, s.r.o.)
      R2 avgStm; C:\Windows\system32\drivers\avgStm.sys [116280 2017-05-24] (AVG Technologies CZ, s.r.o.)
      R0 avgVmm; C:\Windows\system32\drivers\avgVmm.sys [280928 2017-05-24] (AVG Technologies CZ, s.r.o.)
      S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [107648 2016-07-22] (Samsung Electronics Co., Ltd.)
      R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [59904 2017-05-09] ()
      R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [161720 2017-05-25] (Malwarebytes)
      R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [97208 2017-05-27] (Malwarebytes)
      R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [39360 2017-05-27] (Malwarebytes)
      R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [220088 2017-05-27] (Malwarebytes)
      R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [65824 2017-05-27] (Malwarebytes)
      R3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [255080 2012-01-31] (Realtek Semiconductor Corp.)
      R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324096 2014-01-13] (Duplex Secure Ltd.)
      S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [146048 2016-07-22] (Samsung Electronics Co., Ltd.)
      U3 abkgu2qt; C:\Windows\system32\Drivers\abkgu2qt.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
      U3 awcvphhr; C:\Windows\system32\Drivers\awcvphhr.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
      U3 aswbdisk; no ImagePath

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-05-27 11:24 - 2017-05-27 11:25 - 00016225 _____ C:\Users\Julia\Desktop\FRST.txt
      2017-05-27 11:24 - 2017-05-27 11:24 - 00000442 _____ C:\Users\Julia\Desktop\DelFix.txt
      2017-05-27 11:15 - 2017-05-26 00:12 - 01770496 _____ (Farbar) C:\Users\Julia\Desktop\FRST.exe
      2017-05-27 11:14 - 2017-05-27 11:14 - 00000442 _____ C:\DelFix.txt
      2017-05-27 11:12 - 2017-05-27 11:13 - 00781312 _____ C:\Users\Julia\Downloads\DelFix.exe
      2017-05-26 23:42 - 2017-05-26 23:44 - 00000000 ____D C:\Users\Julia\Desktop\prueba
      2017-05-26 19:11 - 2017-05-26 19:11 - 00000000 ____D C:\Program Files\HitmanPro
      2017-05-26 19:08 - 2017-05-26 19:23 - 00000000 ____D C:\ProgramData\HitmanPro
      2017-05-26 19:07 - 2017-05-26 19:07 - 11007936 _____ (SurfRight B.V.) C:\Users\Julia\Downloads\hitmanpro.exe
      2017-05-26 17:47 - 2017-05-26 17:47 - 328893200 _____ C:\Windows\MEMORY.DMP
      2017-05-26 17:47 - 2017-05-26 17:47 - 00140264 _____ C:\Windows\Minidump\052617-27362-01.dmp
      2017-05-26 15:34 - 2017-05-26 15:34 - 00000079 _____ C:\Windows\wininit.ini
      2017-05-26 12:45 - 2017-05-26 12:45 - 00000000 ____D C:\Users\Julia\AppData\Local\AvgSetupLog
      2017-05-26 12:43 - 2017-05-26 12:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
      2017-05-26 12:43 - 2017-05-26 12:43 - 00000000 ____D C:\Program Files\VS Revo Group
      2017-05-26 12:15 - 2017-05-26 12:16 - 07178424 _____ (VS Revo Group ) C:\Users\Julia\Downloads\revosetup.exe
      2017-05-26 11:38 - 2017-05-26 11:39 - 08544408 _____ (AVAST Software) C:\Users\Julia\Downloads\avastclear.exe
      2017-05-26 00:54 - 2017-05-26 23:44 - 00000000 ____D C:\FRST
      2017-05-26 00:14 - 2017-05-26 00:53 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
      2017-05-26 00:05 - 2017-05-26 00:05 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Julia\Downloads\mbar-1.09.3.1001.exe
      2017-05-25 02:16 - 2017-05-27 11:02 - 00065824 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
      2017-05-25 02:16 - 2017-05-27 10:54 - 00097208 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
      2017-05-25 02:16 - 2017-05-25 02:16 - 00161720 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
      2017-05-25 02:15 - 2017-05-27 10:54 - 00220088 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
      2017-05-25 02:15 - 2017-05-27 10:54 - 00039360 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
      2017-05-25 02:14 - 2017-05-26 00:14 - 00000000 ____D C:\ProgramData\Malwarebytes
      2017-05-25 02:14 - 2017-05-25 02:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
      2017-05-25 02:14 - 2017-05-25 02:14 - 00000000 ____D C:\Program Files\Malwarebytes
      2017-05-25 02:14 - 2017-05-09 16:37 - 00059904 _____ C:\Windows\system32\Drivers\mbae.sys
      2017-05-25 01:08 - 2017-05-25 01:08 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Julia\Downloads\iExplore.exe
      2017-05-25 01:06 - 2017-05-25 01:52 - 63364552 _____ (Malwarebytes ) C:\Users\Julia\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.122-1.0.1976.exe
      2017-05-24 15:50 - 2017-05-24 15:50 - 00921280 _____ (Microsoft Corporation) C:\Windows\ucrtbase.dll
      2017-05-24 15:34 - 2017-05-26 11:49 - 00000000 ____D C:\ProgramData\AVAST Software
      2017-05-24 12:38 - 2017-05-26 23:45 - 01372328 _____ C:\Windows\ntbtlog.txt
      2017-05-24 11:02 - 2017-05-24 11:14 - 00000000 ____D C:\AVG_Remover
      2017-05-24 11:01 - 2017-05-24 11:01 - 07986864 _____ ( ) C:\Users\Julia\Downloads\AVG_Remover.exe
      2017-05-24 02:51 - 2017-05-24 02:51 - 00000000 ____D C:\Users\Julia\AppData\Roaming\ProductData
      2017-05-24 02:50 - 2017-05-26 18:56 - 00000000 ____D C:\Users\Julia\AppData\Roaming\IObit
      2017-05-24 02:50 - 2017-05-24 02:51 - 00000000 ____D C:\Users\Julia\AppData\LocalLow\IObit
      2017-05-24 02:50 - 2017-05-24 02:51 - 00000000 ____D C:\ProgramData\ProductData
      2017-05-24 02:50 - 2017-05-24 02:50 - 00000000 ____D C:\Program Files\Common Files\IObit
      2017-05-24 02:48 - 2017-05-26 18:57 - 00000000 ____D C:\ProgramData\IObit
      2017-05-24 02:48 - 2017-05-24 02:48 - 00000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
      2017-05-24 02:44 - 2017-05-24 02:49 - 06654960 _____ (AVAST Software) C:\Users\Julia\Downloads\avast_free_antivirus_setup_online.exe
      2017-05-24 02:43 - 2017-05-26 15:35 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
      2017-05-24 02:43 - 2017-05-26 15:34 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
      2017-05-24 01:57 - 2017-05-24 02:44 - 44432208 _____ (IObit ) C:\Users\Julia\Downloads\IObit-Malware-Fighter-Setup.exe
      2017-05-24 01:55 - 2017-05-24 02:25 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Julia\Downloads\spybot-2-4.exe
      2017-05-24 01:54 - 2017-05-24 01:55 - 30144408 _____ (SUPERAntiSpyware) C:\Users\Julia\Downloads\SUPERAntiSpyware.exe
      2017-05-24 01:27 - 2017-05-24 01:27 - 00000000 ____D C:\Users\Julia\AppData\Local\Avg2013
      2017-05-24 01:22 - 2017-05-24 01:26 - 04445592 _____ (AVG Technologies) C:\Users\Julia\Downloads\avg_free_stb_all_2013_3272_freets3.exe
      2017-05-24 01:10 - 2017-05-24 01:15 - 164552440 _____ (Symantec Corporation) C:\Users\Julia\Downloads\Setup.exe
      2017-05-24 00:55 - 2017-05-24 00:55 - 00483736 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
      2017-05-24 00:55 - 2017-05-24 00:55 - 00280928 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
      2017-05-24 00:55 - 2017-05-24 00:55 - 00116280 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgstm.sys
      2017-05-24 00:55 - 2017-05-24 00:55 - 00109056 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
      2017-05-24 00:55 - 2017-05-24 00:55 - 00091464 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
      2017-05-24 00:55 - 2017-05-24 00:55 - 00063280 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
      2017-05-24 00:55 - 2017-05-24 00:55 - 00035264 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys
      2017-05-24 00:55 - 2017-05-24 00:54 - 00765704 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
      2017-05-24 00:55 - 2017-05-24 00:54 - 00331896 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
      2017-05-24 00:55 - 2017-05-24 00:54 - 00270344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgblogx.sys
      2017-05-24 00:55 - 2017-05-24 00:54 - 00260616 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriverx.sys
      2017-05-24 00:55 - 2017-05-24 00:54 - 00151024 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidshx.sys
      2017-05-24 00:55 - 2017-05-24 00:54 - 00135872 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbdiskx.sys
      2017-05-24 00:55 - 2017-05-24 00:54 - 00043992 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbunivx.sys
      2017-05-24 00:49 - 2017-05-24 00:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
      2017-05-23 23:54 - 2017-05-23 23:54 - 03624296 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Julia\Downloads\AVG_Protection_Free_698.exe
      2017-05-17 23:03 - 2017-05-17 23:03 - 00000000 ____D C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
      2017-05-09 00:11 - 2017-05-09 00:11 - 00000000 ____D C:\Users\Julia\AppData\Roaming\Bandicam Company
      2017-05-09 00:10 - 2017-05-09 00:17 - 00000000 ____D C:\Users\Julia\Documents\Bandicam
      2017-05-09 00:09 - 2017-05-09 00:09 - 00000000 ____D C:\Program Files\BandiMPEG1
      2017-05-09 00:07 - 2017-05-09 00:07 - 16992080 _____ (Bandicam Company) C:\Users\Julia\Downloads\bdcamsetup.exe
      2017-05-09 00:02 - 2017-05-09 00:02 - 00000000 ____D C:\Users\Julia\Documents\liteCam
      2017-05-09 00:01 - 2017-05-09 00:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RSUPPORT
      2017-05-09 00:01 - 2014-10-20 10:24 - 12888576 _____ (RSUPPORT) C:\Windows\system32\n264.dll
      2017-05-09 00:01 - 2013-02-21 11:34 - 00671744 _____ (RSUPPORT) C:\Windows\system32\rscc.dll
      2017-05-09 00:00 - 2017-05-09 00:05 - 00000000 ____D C:\Program Files\RSUPPORT
      2017-05-09 00:00 - 2010-03-15 00:00 - 00413760 _____ (Microsoft Corporation) C:\Windows\system32\MPG4C32.dll
      2017-05-08 23:56 - 2017-05-08 23:57 - 38139280 _____ (Acresso Software Inc. ) C:\Users\Julia\Downloads\lcam-hd-en-505_setup.exe
      2017-05-05 23:48 - 2017-05-05 23:48 - 03449440 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Julia\Downloads\Antivirus_Free_1865(1).exe
      2017-05-03 16:52 - 2017-05-03 16:52 - 01834550 ____H C:\Users\Julia\Documents\~WRL0003.tmp
      2017-05-03 01:05 - 2017-05-03 01:05 - 00102980 _____ C:\Users\Julia\Downloads\4. IRPF (CONJUNTA).pdf
      2017-05-01 17:09 - 2017-05-01 17:09 - 00000000 ___SD C:\Users\Julia\AppData\LocalLow\Temp
      2017-04-27 17:17 - 2017-04-27 17:17 - 00070581 _____ C:\Users\Julia\Downloads\3XQLETQD_bulto_1_Correos.pdf

      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-05-27 11:22 - 2015-06-17 12:25 - 00001002 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2155655650-2868152525-1627722622-1000UA.job
      2017-05-27 11:03 - 2016-11-19 01:27 - 00000000 ____D C:\Users\Julia\AppData\LocalLow\Mozilla
      2017-05-27 10:54 - 2009-04-22 10:27 - 00000006 ____H C:\Windows\Tasks\SA.DAT
      2017-05-27 01:24 - 2009-04-22 10:08 - 00017152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2017-05-27 01:24 - 2009-04-22 10:08 - 00017152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2017-05-26 23:47 - 2013-06-09 23:49 - 00000000 ____D C:\Users\Julia\AppData\Local\Adobe
      2017-05-26 22:22 - 2015-06-17 12:25 - 00000950 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2155655650-2868152525-1627722622-1000Core.job
      2017-05-26 19:42 - 2015-02-28 16:06 - 00000000 ___RD C:\Users\Julia\Desktop\Programas
      2017-05-26 18:56 - 2013-03-19 18:16 - 00000000 ____D C:\Users\Julia
      2017-05-26 17:47 - 2013-06-16 01:13 - 00000000 ____D C:\Windows\Minidump
      2017-05-25 02:49 - 2016-09-17 13:05 - 00000000 ____D C:\Program Files\eMuleTorrent
      2017-05-24 15:53 - 2016-11-21 00:02 - 00000000 ____D C:\Temp
      2017-05-24 13:10 - 2009-04-22 08:17 - 00000000 ____D C:\Windows\inf
      2017-05-24 11:15 - 2015-05-23 11:27 - 00000000 ____D C:\Users\Julia\AppData\Local\Avg
      2017-05-24 10:35 - 2013-06-02 19:32 - 00000000 ____D C:\Users\Julia\AppData\Local\Google
      2017-05-24 02:04 - 2013-03-19 18:09 - 01555628 _____ C:\Windows\system32\PerfStringBackup.INI
      2017-05-24 02:04 - 2009-04-22 12:10 - 00703820 _____ C:\Windows\system32\perfh00A.dat
      2017-05-24 02:04 - 2009-04-22 12:10 - 00137808 _____ C:\Windows\system32\perfc00A.dat
      2017-05-24 01:30 - 2013-03-21 20:30 - 00000000 ____D C:\ProgramData\MFAData
      2017-05-24 00:56 - 2015-12-15 08:43 - 00000000 ____D C:\Users\Julia\AppData\Roaming\AVG
      2017-05-24 00:49 - 2015-12-15 08:33 - 00000000 ____D C:\ProgramData\Avg
      2017-05-24 00:45 - 2013-04-01 00:15 - 00000000 ____D C:\Program Files\Sony
      2017-05-24 00:44 - 2016-10-06 00:45 - 00000000 ____D C:\Program Files\Pixum
      2017-05-24 00:42 - 2013-06-09 23:43 - 00000000 ____D C:\Program Files\Adobe
      2017-05-24 00:42 - 2013-03-21 20:27 - 00000000 ____D C:\Users\Julia\AppData\Roaming\Adobe
      2017-05-21 10:56 - 2016-11-18 18:16 - 00000000 ____D C:\Program Files\Mozilla Firefox
      2017-05-21 10:56 - 2013-03-27 01:44 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
      2017-05-21 06:34 - 2014-01-13 00:55 - 00000000 ____D C:\Users\Julia\AppData\Roaming\DAEMON Tools Lite
      2017-05-20 10:28 - 2015-06-17 12:25 - 00000000 ____D C:\Users\Julia\AppData\Local\Dropbox
      2017-05-17 23:04 - 2015-05-04 12:20 - 00000000 ____D C:\Users\Julia\AppData\Roaming\Dropbox
      2017-05-17 00:21 - 2013-03-29 17:06 - 00000000 ____D C:\Users\Julia\AppData\Roaming\BitComet
      2017-05-12 10:40 - 2016-10-16 04:14 - 00002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2017-05-12 10:40 - 2016-10-16 04:14 - 00002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2017-05-09 11:39 - 2013-03-21 20:27 - 00803320 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
      2017-05-09 11:39 - 2013-03-21 20:27 - 00144888 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
      2017-05-09 11:39 - 2013-03-21 20:27 - 00000000 ____D C:\Windows\system32\Macromed
      2017-05-09 09:11 - 2013-03-21 18:41 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
      2017-05-09 00:03 - 2016-10-06 00:10 - 00004608 _____ C:\Users\Julia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      2017-05-05 15:02 - 2013-06-01 23:38 - 00000000 ____D C:\Users\Julia\AppData\Roaming\vlc
      2017-05-05 00:54 - 2016-10-31 00:23 - 00000294 _____ C:\Users\Julia\Desktop\1.txt
      2017-05-02 23:44 - 2015-05-04 22:17 - 00000000 ___RD C:\Users\Julia\Dropbox

      ==================== Files in the root of some directories =======

      2016-11-16 01:21 - 2016-11-16 02:20 - 0001456 _____ () C:\Users\Julia\AppData\Local\Adobe Guardar para Web 13.0 Prefs
      2016-10-06 00:10 - 2017-05-09 00:03 - 0004608 _____ () C:\Users\Julia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

      ==================== Bamital & volsnap ======================

      (There is no automatic fix for files that do not pass verification.)

      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\system32\winlogon.exe
      [2009-04-22 05:35] - [2010-11-19 16:17] - 0285696 _____ (Microsoft Corporation) C3EB9EA34EBE459F13F3F890F56CE72A

      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll
      [2009-04-22 05:22] - [2010-11-19 16:21] - 0812032 _____ (Microsoft Corporation) CF97D64D7EC169C53C93B0A192218B29

      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

      LastRegBack: 2017-05-27 00:40

      ==================== End of FRST.txt ============================

    2. #22
      Usuario Avatar de siemprebuscando
      Registrado
      may 2017
      Ubicación
      españa
      Mensajes
      43

      Re: antivirus bloqueado

      Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-05-2017
      Ran by Julia (27-05-2017 11:26:40)
      Running from C:\Users\Julia\Desktop
      Microsoft Windows 7 Ultimate (X86) (2013-03-19 16:16:23)
      Boot Mode: Normal
      ==========================================================


      ==================== Accounts: =============================

      Administrador (S-1-5-21-2155655650-2868152525-1627722622-500 - Administrator - Disabled)
      Invitado (S-1-5-21-2155655650-2868152525-1627722622-501 - Limited - Disabled)
      Julia (S-1-5-21-2155655650-2868152525-1627722622-1000 - Administrator - Enabled) => C:\Users\Julia

      ==================== Security Center ========================

      (If an entry is included in the fixlist, it will be removed.)

      AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
      AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
      AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

      ==================== Installed Programs ======================

      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

      888poker.es (HKLM\...\888poker.es) (Version: - )
      Adobe Flash Player 25 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 25.0.0.171 - Adobe Systems Incorporated)
      Adobe Flash Player 25 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
      Adobe Photoshop CC 2014 (32 Bit) (HKLM\...\{7C25E7A0-A0A1-4B87-BB30-BF0FBDC37878}) (Version: 15.2 - Adobe Systems Incorporated)
      Adobe Photoshop CS6 (HKLM\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
      Adobe Reader XI (11.0.06) - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
      Age of Empires III - Complete Collection (HKLM\...\Age of Empires III - Complete Collection_is1) (Version: - )
      AMD Catalyst Install Manager (HKLM\...\{D73BDA86-AEAC-ABF4-1928-52E2527491C0}) (Version: 3.0.859.0 - Advanced Micro Devices, Inc.)
      Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.12.13 - Atheros Communications Inc.)
      Atheros Driver Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
      aTube Catcher versión 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
      Bandicam MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version: - Bandicam.com)
      BitComet 1.35 64-bit (HKLM\...\BitComet_x64) (Version: 1.35 - CometNetwork)
      BitComet 1.36 (HKLM\...\BitComet) (Version: 1.36 - CometNetwork)
      CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
      Colasoft MAC Scanner 2.2 Free (HKLM\...\Colasoft MAC Scanner 2.2 Free_is1) (Version: 2.0 - Colasoft LLC.)
      Convertidor de Videos 3.6 (HKLM\...\Convertidor de Videos_is1) (Version: - convertidor-de-videos.com)
      DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
      Dropbox (HKU\S-1-5-21-2155655650-2868152525-1627722622-1000\...\Dropbox) (Version: 26.4.24 - Dropbox, Inc.)
      eMuleTorrent (HKLM\...\eMuleTorrent) (Version: 1.0.0.21 - eMule.com)
      EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
      Google Chrome (HKLM\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
      Google Update Helper (Version: 1.3.33.5 - Google Inc.) Hidden
      HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.20.286 - SurfRight B.V.)
      HL-2130 (HKLM\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
      Java 8 Update 40 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
      K-Lite Codec Pack 10.4.5 Full (HKLM\...\KLiteCodecPack_is1) (Version: 10.4.5 - )
      Los Sims™ 3 (HKLM\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
      Los Sims™ 3 ¡Menuda familia! (HKLM\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
      Los Sims™ 3 ¡Quemando rueda! Accesorios (HKLM\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
      Los Sims™ 3 ¡Vaya fauna! (HKLM\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
      Los Sims™ 3 Al caer la noche (HKLM\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
      Los Sims™ 3 Aventura en la Isla (HKLM\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
      Los Sims™ 3 Criaturas Sobrenaturales (HKLM\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
      Los Sims™ 3 Diesel Accesorios (HKLM\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
      Los Sims™ 3 Diseño y Tecnología Accesorios (HKLM\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
      Los Sims™ 3 Hacia el Futuro (HKLM\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
      Los Sims™ 3 Katy Perry Dulce Tentación (HKLM\...\{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 - Electronic Arts)
      Los Sims™ 3 LOS '70 '80 '90 Accesorios (HKLM\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
      Los Sims™ 3 Movida en la facultad (HKLM\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
      Los Sims™ 3 Patios y Jardines Accesorios (HKLM\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
      Los Sims™ 3 Salto a la fama (HKLM\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
      Los Sims™ 3 Suite de ensueño Accesorios (HKLM\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
      Los Sims™ 3 Triunfadores (HKLM\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
      Los Sims™ 3 Trotamundos (HKLM\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
      Los Sims™ 3 Vida en la ciudad Accesorios (HKLM\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
      Los Sims™ 3 Y Las Cuatro Estaciones (HKLM\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
      Malwarebytes versión 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
      Media Go (HKLM\...\{362AB21A-E2C4-40CE-81C2-8C4D62B0635A}) (Version: 2.4.256 - Sony)
      Media Go Video Playback Engine 1.116.105.02020 (HKLM\...\{54215B8A-6212-8DB8-39B4-98EE2BB98BD1}) (Version: 1.116.105.02020 - Sony)
      Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
      Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
      Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
      Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
      Mozilla Firefox 53.0.3 (x86 es-ES) (HKLM\...\Mozilla Firefox 53.0.3 (x86 es-ES)) (Version: 53.0.3 - Mozilla)
      Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla)
      MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
      MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
      Origin (HKLM\...\Origin) (Version: 8.4.1.210 - Electronic Arts, Inc.)
      Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN (HKLM\...\Microsoft .NET Framework 4 Client Profile ESN Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
      Patrician III - Imperio de los Mares (HKLM\...\Patrician III - Imperio de los Mares) (Version: - )
      Patrician IV Gold Edition (HKLM\...\Patrician IV Gold Edition_is1) (Version: - )
      PDF Architect (HKLM\...\{80A07844-CA64-4DE4-AB61-D37DDBE8074F}) (Version: 1.0.52.8917 - pdfforge)
      PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden
      PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.2 - pdfforge)
      Qtrax Player (HKLM\...\{58C91689-85E3-4B25-ADEC-2697986DF817}) (Version: 1.00.0001 - Qtrax)
      Realtek PCIE Card Reader (HKLM\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.28094 - Realtek Semiconductor Corp.)
      Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
      RMP4 (HKLM\...\{F78FC958-7354-43EA-BF26-AFCBFE7B9C18}) (Version: 1.05.0000 - RSUPPORT)
      RSCC (HKLM\...\{562CBD30-CA59-4640-862C-99C0ECED4B4C}) (Version: 2.02.0000 - RSUPPORT)
      Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16084.2 - Samsung Electronics Co., Ltd.)
      Samsung Kies (Version: 2.6.4.16084.2 - Samsung Electronics Co., Ltd.) Hidden
      Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.)
      Samsung Kies3 (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Hidden
      Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
      Secure [email protected] (HKLM\...\{3996B1BA-7210-4830-B32F-9200A6872B71}) (Version: 3.35.2852.0 - Valassis)
      Sony Ericsson Update Engine (HKLM\...\Update Engine) (Version: 2.13.4.20 - Sony Ericsson Communications AB)
      Sony PC Companion 2.10.155 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.155 - Sony)
      The Night of the Rabbit (HKLM\...\GOGPACKNIGHTOFTHERABBIT_is1) (Version: 2.0.0.3 - GOG.com)
      Video Web Camera (HKLM\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2624.00 - CyberLink Corp.)
      Video Web Camera (Version: 1.5.2624.00 - CyberLink Corp.) Hidden
      VideoPad, software para edición de vídeo (HKLM\...\VideoPad) (Version: 3.88 - NCH Software)
      Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
      VLC media player 2.0.6 (HKLM\...\VLC media player) (Version: 2.0.6 - VideoLAN)
      Watermark Image software version 1.9.9.4 (HKLM\...\Watermark Image_is1) (Version: - )
      Windows Movie Maker 2.6 (HKLM\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
      WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
      XBMC (HKU\S-1-5-21-2155655650-2868152525-1627722622-1000\...\XBMC) (Version: - Team XBMC)

      ==================== Custom CLSID (Whitelisted): ==========================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      CustomCLSID: HKU\S-1-5-21-2155655650-2868152525-1627722622-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Julia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
      CustomCLSID: HKU\S-1-5-21-2155655650-2868152525-1627722622-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Julia\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
      CustomCLSID: HKU\S-1-5-21-2155655650-2868152525-1627722622-1000_Classes\CLSID\{449CFB1B-1C07-48EA-9A9A-7A7881C2B49B}\InprocServer32 -> C:\Users\Julia\AppData\Local\Dropbox\Update\1.3.59.1\psuser.dll (Dropbox, Inc.)
      CustomCLSID: HKU\S-1-5-21-2155655650-2868152525-1627722622-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Julia\AppData\Local\Dropbox\Update\1.3.59.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
      CustomCLSID: HKU\S-1-5-21-2155655650-2868152525-1627722622-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Julia\AppData\Local\Dropbox\Update\1.3.59.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
      CustomCLSID: HKU\S-1-5-21-2155655650-2868152525-1627722622-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Julia\AppData\Local\Dropbox\Update\1.3.59.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
      CustomCLSID: HKU\S-1-5-21-2155655650-2868152525-1627722622-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Julia\AppData\Local\Dropbox\Update\1.3.59.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
      CustomCLSID: HKU\S-1-5-21-2155655650-2868152525-1627722622-1000_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\Julia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
      CustomCLSID: HKU\S-1-5-21-2155655650-2868152525-1627722622-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Julia\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll (Dropbox, Inc.)
      CustomCLSID: HKU\S-1-5-21-2155655650-2868152525-1627722622-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julia\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll (Dropbox, Inc.)
      CustomCLSID: HKU\S-1-5-21-2155655650-2868152525-1627722622-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julia\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll (Dropbox, Inc.)
      CustomCLSID: HKU\S-1-5-21-2155655650-2868152525-1627722622-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julia\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll (Dropbox, Inc.)
      CustomCLSID: HKU\S-1-5-21-2155655650-2868152525-1627722622-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julia\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll (Dropbox, Inc.)
      CustomCLSID: HKU\S-1-5-21-2155655650-2868152525-1627722622-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julia\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll (Dropbox, Inc.)
      CustomCLSID: HKU\S-1-5-21-2155655650-2868152525-1627722622-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julia\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll (Dropbox, Inc.)
      CustomCLSID: HKU\S-1-5-21-2155655650-2868152525-1627722622-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julia\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll (Dropbox, Inc.)
      CustomCLSID: HKU\S-1-5-21-2155655650-2868152525-1627722622-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julia\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll (Dropbox, Inc.)
      CustomCLSID: HKU\S-1-5-21-2155655650-2868152525-1627722622-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julia\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll (Dropbox, Inc.)
      CustomCLSID: HKU\S-1-5-21-2155655650-2868152525-1627722622-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julia\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll (Dropbox, Inc.)
      CustomCLSID: HKU\S-1-5-21-2155655650-2868152525-1627722622-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Julia\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll (Dropbox, Inc.)
      CustomCLSID: HKU\S-1-5-21-2155655650-2868152525-1627722622-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\Julia\AppData\Local\Dropbox\Update\1.3.59.1\psuser.dll (Dropbox, Inc.)

      ==================== Scheduled Tasks (Whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      Task: {0CFF64C2-5D69-4A39-B470-71103BFCACDD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-10-16] (Google Inc.)
      Task: {0D0D9AE2-5E93-4F10-B745-3D23F05536A1} - System32\Tasks\{7683DEC0-B81C-4E71-8706-AA46708A8EFF} => F:\setup.exe
      Task: {112B5CD2-A798-4244-B6CA-6D7B23B1DBD8} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
      Task: {1BCA7B7E-604D-4FCE-B2A3-27F150F5F8B9} - System32\Tasks\{74D5DC39-170C-458E-8E73-7A64DBD5E959} => pcalua.exe -a C:\Users\Julia\Desktop\cjb2300EN.exe -d C:\Users\Julia\Desktop
      Task: {1C1F19A7-22F0-488A-9278-B30316FDD3A0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-09] (Adobe Systems Incorporated)
      Task: {1DDDD16B-6AA2-4BF8-8971-EBB97EB0BAFC} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
      Task: {22D3CC4F-085B-422B-AEA6-2C68D4C6D63D} - System32\Tasks\{7F2458EA-78B4-4771-AF8C-6CFBEFAE5231} => pcalua.exe -a C:\Users\Julia\Downloads\TouchPad_ALPS_8.0.2020.204_W81x64_A\Touchpad_Alps_8.0.2020.204_W81x64\Setup.exe -d C:\Users\Julia\Downloads\TouchPad_ALPS_8.0.2020.204_W81x64_A\Touchpad_Alps_8.0.2020.204_W81x64
      Task: {30858513-1954-4B8C-9E82-2328904BC2F3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-10-16] (Google Inc.)
      Task: {349DDA5B-DE5C-4412-B54C-8205B9CD5B89} - System32\Tasks\{665CEFAA-D729-4F6E-96FF-18A4FD638CEF} => C:\Users\Julia\Desktop\BitComet_1-35_x64_setup.exe
      Task: {4812762D-25DC-4782-9B7F-6E225E205F45} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
      Task: {67A21875-3E26-4E3A-9B4C-BC1574FD7C84} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\WatTask => C:\Windows Activation Technologies\wat.exe [2006-04-21] ()
      Task: {6F9217E6-CB2E-41AA-A260-12EAD2AC3B0A} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\system32\FlashPlayerUpdateService.exe
      Task: {74B592AC-3E28-449A-8FB6-60879C2264AB} - System32\Tasks\{5786A423-C888-4231-BA44-1DE2E0880915} => F:\setup.exe
      Task: {77B1F251-95AE-47E9-B77F-D2DFDA943A0B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
      Task: {896A8292-D80B-4D7A-A868-4C283B7E1E53} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2155655650-2868152525-1627722622-1000Core => C:\Users\Julia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
      Task: {91765A0F-33D4-4571-B89B-5696490E0167} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\system32\FlashPlayerUpdateService.exe
      Task: {986A4780-4FB6-4E80-806F-601442A468EB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2155655650-2868152525-1627722622-1000UA => C:\Users\Julia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
      Task: {99E8A066-28AA-480A-864F-75AFA091D445} - System32\Tasks\{A574E961-3FA5-4264-98C2-51E9363B608E} => C:\Users\Julia\Downloads\BitComet_1.36_x86_setup.exe
      Task: {9D83ECDA-A340-4236-A6F3-0EBBF6F64284} - System32\Tasks\{AA7EF55E-D4D2-47A7-B47B-A2756EB808E3} => pcalua.exe -a C:\Users\Julia\Downloads\cjb2300EN.exe -d C:\Users\Julia\Downloads
      Task: {A15A28D5-6B37-4154-9C1B-73C5988C9CE0} - System32\Tasks\{016718B3-0D0E-4D0A-A51B-AFA6CF10E1FD} => pcalua.exe -a F:\VGA_AMD_8.930.13.4000_W7x86W7x64_A\VGA_AMD_8.930.13.4000_W7x86x64\Bin\ATISetup.exe -d F:\VGA_AMD_8.930.13.4000_W7x86W7x64_A\VGA_AMD_8.930.13.4000_W7x86x64\Bin
      Task: {A393D095-258B-4A29-8746-1DB80CF09F66} - System32\Tasks\{AB31589C-6EEC-44C3-AE18-96333749907E} => F:\setup.exe
      Task: {AB1E2568-14EB-44F6-B9C7-6DA1178A5276} - System32\Tasks\SafeZone scheduled Autoupdate 1495634425 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
      Task: {AC58BAE0-8D67-4A01-9DB3-51F7736B1E1C} - System32\Tasks\{E9D11597-E86A-41F1-B4CD-E825D227ED35} => F:\setup.exe
      Task: {E8696B0D-9860-425D-A034-881428B541B4} - System32\Tasks\0915tbUpdateInfo => C:\ProgramData\Avg_Update_0915tb\0915tb_{71C59998-EB48-4FDE-9A90-1DC14FF26BC8}.exe

      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

      Task: C:\Windows\Tasks\0915tbUpdateInfo.job => C:\ProgramData\Avg_Update_0915tb\0915tb_{71C59998-EB48-4FDE-9A90-1DC14FF26BC8}.exe
      Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2155655650-2868152525-1627722622-1000Core.job => C:\Users\Julia\AppData\Local\Dropbox\Update\DropboxUpdate.exe
      Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2155655650-2868152525-1627722622-1000UA.job => C:\Users\Julia\AppData\Local\Dropbox\Update\DropboxUpdate.exe

      ==================== Shortcuts =============================

      (The entries could be listed to be restored or removed.)

      Shortcut: C:\Users\Julia\Favorites\Sitio para descargas de NCH Software.lnk -> hxxp://www.nchsoftware.com/es/index.htm

      ==================== Loaded Modules (Whitelisted) ==============

      2011-03-17 00:11 - 2011-03-17 00:11 - 04297568 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
      2017-05-25 02:14 - 2017-05-09 16:38 - 01728456 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
      2017-05-17 23:02 - 2017-05-16 22:55 - 00871744 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
      2017-05-17 23:02 - 2017-05-16 22:55 - 01787200 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\dropbox_crashpad.dll
      2017-05-17 23:02 - 2017-04-26 02:38 - 00035792 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
      2017-05-17 23:02 - 2017-04-26 02:38 - 00100296 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\_ctypes.pyd
      2017-05-02 23:45 - 2017-04-26 02:38 - 00018888 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\select.pyd
      2017-05-02 23:45 - 2017-05-16 23:00 - 00019776 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
      2017-05-17 23:02 - 2017-05-16 23:00 - 00020824 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
      2017-05-17 23:02 - 2017-04-26 02:39 - 00123856 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
      2017-05-02 23:45 - 2017-04-26 02:38 - 00694224 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\unicodedata.pyd
      2017-05-17 23:02 - 2017-05-16 23:00 - 01729360 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
      2017-05-17 23:02 - 2017-05-16 23:00 - 00020816 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
      2017-05-17 23:02 - 2017-04-26 02:38 - 00145864 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\pyexpat.pyd
      2017-05-17 23:02 - 2017-04-26 02:39 - 00019408 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\faulthandler.pyd
      2017-05-17 23:02 - 2017-04-26 02:38 - 00116688 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\pywintypes27.dll
      2017-05-02 23:45 - 2017-04-26 02:40 - 00105928 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\win32api.pyd
      2017-05-02 23:45 - 2017-05-16 23:01 - 00022864 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
      2017-05-17 23:02 - 2017-05-16 23:00 - 00060736 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
      2017-05-17 23:02 - 2017-05-16 23:00 - 00038712 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\fastpath.pyd
      2017-05-02 23:45 - 2017-04-26 02:40 - 00024528 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\win32event.pyd
      2017-05-17 23:02 - 2017-04-26 02:38 - 00392656 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\pythoncom27.dll
      2017-05-17 23:02 - 2017-04-26 02:40 - 00020936 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\mmapfile.pyd
      2017-05-02 23:45 - 2017-04-26 02:40 - 00116176 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\win32security.pyd
      2017-05-02 23:45 - 2017-05-16 23:00 - 00392512 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
      2017-05-02 23:45 - 2017-04-26 02:40 - 00124880 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\win32file.pyd
      2017-05-17 23:02 - 2017-05-16 23:01 - 00026456 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
      2017-05-02 23:45 - 2017-04-26 02:40 - 00024016 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
      2017-05-02 23:45 - 2017-04-26 02:40 - 00175560 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\win32gui.pyd
      2017-05-02 23:45 - 2017-04-26 02:40 - 00030160 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\win32pipe.pyd
      2017-05-02 23:45 - 2017-04-26 02:40 - 00043472 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\win32process.pyd
      2017-05-02 23:45 - 2017-04-26 02:40 - 00048592 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\win32service.pyd
      2017-05-02 23:45 - 2017-04-26 02:40 - 00057808 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
      2017-05-02 23:45 - 2017-04-26 02:40 - 00024016 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\win32profile.pyd
      2017-05-17 23:02 - 2017-05-16 23:00 - 00246608 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
      2017-05-17 23:02 - 2017-05-16 23:00 - 00027488 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
      2017-05-17 23:02 - 2017-05-16 23:00 - 00022336 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
      2017-05-17 23:02 - 2017-05-16 23:01 - 00082264 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\winenumhandles.compiled._WinEnumHandles.pyd
      2017-05-17 23:02 - 2017-05-16 23:01 - 00025432 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
      2017-05-02 23:45 - 2017-04-26 02:40 - 00028616 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\win32ts.pyd
      2017-05-17 23:02 - 2017-05-16 23:00 - 01826104 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
      2017-05-02 23:45 - 2017-04-26 02:39 - 00083912 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\sip.pyd
      2017-05-17 23:02 - 2017-05-16 23:00 - 01972024 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
      2017-05-17 23:02 - 2017-05-16 23:00 - 03928896 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
      2017-05-17 23:02 - 2017-05-16 23:00 - 00171336 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
      2017-05-17 23:02 - 2017-05-16 23:00 - 00042816 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
      2017-05-17 23:02 - 2017-05-16 23:00 - 00531264 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
      2017-05-17 23:02 - 2017-05-16 23:00 - 00133432 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
      2017-05-17 23:02 - 2017-05-16 23:00 - 00224064 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
      2017-05-17 23:02 - 2017-05-16 23:00 - 00207680 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
      2017-05-02 23:45 - 2017-04-26 02:40 - 00060880 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\win32print.pyd
      2017-05-17 23:02 - 2017-05-16 23:01 - 00054608 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.pyd
      2017-05-17 23:02 - 2017-05-16 23:01 - 00022864 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.pyd
      2017-05-02 23:45 - 2017-05-16 23:01 - 00022872 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
      2017-05-17 23:02 - 2017-05-16 23:01 - 00021848 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.pyd
      2017-05-17 23:02 - 2017-05-16 23:01 - 00022872 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.pyd
      2017-05-17 23:02 - 2017-04-26 02:40 - 00349128 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\winxpgui.pyd
      2017-05-17 23:02 - 2017-05-16 23:01 - 00023896 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
      2017-05-17 23:02 - 2017-05-16 23:00 - 00025936 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
      2017-05-17 23:02 - 2017-04-26 02:34 - 00036296 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\librsync.dll
      2017-05-17 23:02 - 2017-05-16 23:00 - 00084288 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
      2017-05-02 23:45 - 2017-05-16 23:01 - 00030536 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\wind3d11.compiled._wind3d11.pyd
      2017-05-17 23:02 - 2017-04-26 02:43 - 00017864 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\libEGL.dll
      2017-05-17 23:02 - 2017-04-26 02:43 - 01631184 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\libGLESv2.dll
      2017-05-17 23:02 - 2017-05-16 23:01 - 00026456 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
      2017-05-02 23:45 - 2017-05-16 23:01 - 00023368 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\wincrashpad.compiled._Crashpad.pyd
      2017-05-17 23:02 - 2017-05-16 23:00 - 00546104 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
      2017-05-17 23:02 - 2017-05-16 23:00 - 00357688 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
      2012-03-14 15:12 - 2012-03-14 15:12 - 00369152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
      2011-11-09 10:55 - 2011-11-09 10:55 - 00016384 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll

      ==================== Alternate Data Streams (Whitelisted) =========

      (If an entry is included in the fixlist, only the ADS will be removed.)


      ==================== Safe Mode (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"

      ==================== Association (Whitelisted) ===============

      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


      ==================== Internet Explorer trusted/restricted ===============

      (If an entry is included in the fixlist, it will be removed from the registry.)


      ==================== Hosts content: ==========================

      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

      2009-04-22 07:57 - 2013-06-09 23:36 - 00003252 ____N C:\Windows\system32\Drivers\etc\hosts

      127.0.0.1 activate.adobe.com
      127.0.0.1 practivate.adobe.com
      127.0.0.1 192.150.14.69
      127.0.0.1 192.150.18.101
      127.0.0.1 192.150.18.108
      127.0.0.1 192.150.22.40
      127.0.0.1 192.150.8.100
      127.0.0.1 192.150.8.118
      127.0.0.1 209-34-83-73.ood.opsource.net
      127.0.0.1 3dns-1.adobe.com
      127.0.0.1 3dns-2.adobe.com
      127.0.0.1 3dns-3.adobe.com
      127.0.0.1 3dns-4.adobe.com
      127.0.0.1 3dns.adobe.com
      127.0.0.1 activate-sea.adobe.com
      127.0.0.1 activate-sjc0.adobe.com
      127.0.0.1 activate.wip.adobe.com
      127.0.0.1 activate.wip1.adobe.com
      127.0.0.1 activate.wip2.adobe.com
      127.0.0.1 activate.wip3.adobe.com
      127.0.0.1 activate.wip4.adobe.com
      127.0.0.1 adobe-dns-1.adobe.com
      127.0.0.1 adobe-dns-2.adobe.com
      127.0.0.1 adobe-dns-3.adobe.com
      127.0.0.1 adobe-dns-4.adobe.com
      127.0.0.1 adobe-dns.adobe.com
      127.0.0.1 adobe.activate.com
      127.0.0.1 adobeereg.com
      127.0.0.1 crl.verisign.net
      127.0.0.1 CRL.VERISIGN.NET.*

      There are 19 more lines.


      ==================== Other Areas ============================

      (Currently there is no automatic fix for this section.)

      HKU\S-1-5-21-2155655650-2868152525-1627722622-1000\Control Panel\Desktop\\Wallpaper ->
      DNS Servers: 80.58.61.250 - 80.58.61.254
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
      Windows Firewall is enabled.

      ==================== MSCONFIG/TASK MANAGER disabled items ==

      MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background

      ==================== FirewallRules (Whitelisted) ===============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      FirewallRules: [{7718FC3F-1827-4281-80FF-AB6EE2611C21}] => (Allow) C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
      FirewallRules: [{8C7E3C78-F5B4-4052-81A4-52FBD1FEFC04}] => (Allow) C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
      FirewallRules: [{92152969-D0D7-46B0-B504-DAF1190CB9A1}] => (Allow) C:\Program Files\BitComet\BitComet.exe
      FirewallRules: [{489FC3BF-8496-45AD-B2E2-BAD58EE3F02A}] => (Allow) C:\Program Files\BitComet\BitComet.exe
      FirewallRules: [{252A5C8B-8525-4731-9DFA-38FFFAD9F7A6}] => (Allow) LPort=10120
      FirewallRules: [{371734D1-49FE-494E-8261-6EA94E0EF887}] => (Allow) LPort=10120
      FirewallRules: [TCP Query User{4A9239BA-BFC1-4546-91AF-96B5CB9A59F6}C:\program files\bitcomet\bitcomet.exe] => (Allow) C:\program files\bitcomet\bitcomet.exe
      FirewallRules: [UDP Query User{F0A5D203-B82E-4669-BCA2-040CB4C8C415}C:\program files\bitcomet\bitcomet.exe] => (Allow) C:\program files\bitcomet\bitcomet.exe
      FirewallRules: [{6A7EE117-3870-4CC2-AF41-78616AA6E5C2}] => (Allow) C:\Windows\System32\muzapp.exe
      FirewallRules: [{0566451B-988E-4C9C-8B41-31275857BA8A}] => (Allow) C:\Windows\System32\muzapp.exe
      FirewallRules: [TCP Query User{F3FE3D9C-BD90-4502-B0FB-351043B65CCE}C:\program files\xbmc\xbmc.exe] => (Allow) C:\program files\xbmc\xbmc.exe
      FirewallRules: [UDP Query User{E24E8666-99AB-4A77-83AD-4248952D2B58}C:\program files\xbmc\xbmc.exe] => (Allow) C:\program files\xbmc\xbmc.exe
      FirewallRules: [{FCD5F8BE-EED0-4EB0-AA14-F876B4D594D3}] => (Block) C:\program files\xbmc\xbmc.exe
      FirewallRules: [{70AE3835-DA56-4A0B-85AD-16C209CC8432}] => (Block) C:\program files\xbmc\xbmc.exe
      FirewallRules: [{85FFB5EB-D143-4B43-B4D6-B07E228068DB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
      FirewallRules: [{6E6C9340-6E06-4A0B-984D-E18F4497AF44}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
      FirewallRules: [TCP Query User{7026F39C-56D9-4DEE-81AE-EFEB11BB362E}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
      FirewallRules: [UDP Query User{F1578313-B5F2-4256-A447-36D8EF9FF7EA}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
      FirewallRules: [{BDE9C4B0-91DC-457E-882B-98D537B3373C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
      FirewallRules: [{9CB4EC42-B879-4E59-B9A5-E9026A1AE391}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
      FirewallRules: [TCP Query User{1885A2D5-5715-45AB-B24D-F763B0103E74}C:\program files\emuletorrent\emuletorrent.exe] => (Allow) C:\program files\emuletorrent\emuletorrent.exe
      FirewallRules: [UDP Query User{18870393-FD82-4D08-9B61-FE68D41DF175}C:\program files\emuletorrent\emuletorrent.exe] => (Allow) C:\program files\emuletorrent\emuletorrent.exe
      FirewallRules: [{116521AC-70F3-4869-ADFD-19096CB232A6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
      FirewallRules: [TCP Query User{D0A0FC67-0696-46CA-984F-48B9255F43F3}C:\users\julia\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\julia\appdata\roaming\dropbox\bin\dropbox.exe
      FirewallRules: [UDP Query User{E94361BD-3AC7-438D-A709-15751E698061}C:\users\julia\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\julia\appdata\roaming\dropbox\bin\dropbox.exe
      FirewallRules: [{B956CC7E-58BE-490B-9740-260573EE3A29}] => (Block) LPort=445
      FirewallRules: [{20E0E0E9-5514-4293-87D2-DC50CD8B5E0A}] => (Block) LPort=445
      FirewallRules: [{449C1D0D-671E-4D37-8FE6-AB0B0643407B}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe

      ==================== Restore Points =========================

      25-05-2017 16:39:04 Punto de control programado
      26-05-2017 12:44:18 Revo Uninstaller's restore point - AVG Protection
      26-05-2017 15:24:38 Revo Uninstaller's restore point - BitGuard
      26-05-2017 17:43:53 Restore Point Created by FRST
      26-05-2017 19:21:49 Punto de comprobación por HitmanPro
      26-05-2017 19:23:10 Punto de comprobación por HitmanPro

      ==================== Faulty Device Manager Devices =============

      Name: Mouse compatible PS/2
      Description: Mouse compatible PS/2
      Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
      Manufacturer: Microsoft
      Service: i8042prt
      Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
      Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
      Devices stay in this state if they have been prepared for removal.
      After you remove the device, this error disappears.Remove the device, and this error should be resolved.


      ==================== Event log errors: =========================

      Application errors:
      ==================
      Error: (05/27/2017 12:51:38 AM) (Source: SideBySide) (EventID: 33) (User: )
      Description: Error al generar el contexto de activación para "c:\program files\Sony\sony pc companion\Drivers\DPInst64.exe".
      No se encontró el ensamblado dependiente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
      Use sxstrace.exe para obtener un diagnóstico detallado.

      Error: (05/26/2017 07:23:44 PM) (Source: VSS) (EventID: 8193) (User: )
      Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina RegSetValueExW(0x00000260,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,0133F38C.64). HR = 0x80070005, Acceso denegado.
      .

      Error: (05/26/2017 07:23:44 PM) (Source: VSS) (EventID: 8193) (User: )
      Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina RegSetValueExW(0x00000408,(null),0,REG_BINARY,03CDEFBC.64). HR = 0x80070005, Acceso denegado.
      .


      Operación:
      Evento BackupShutdown

      Contexto:
      Contexto de ejecución: Writer
      Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
      Nombre del escritor: System Writer
      Id. de instancia del escritor: {52d2e70f-3228-40f9-aa14-e27dd704d376}

      Error: (05/26/2017 07:23:44 PM) (Source: VSS) (EventID: 8193) (User: )
      Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina RegSetValueExW(0x00000408,(null),0,REG_BINARY,03CDEFA8.64). HR = 0x80070005, Acceso denegado.
      .


      Operación:
      Evento BackupShutdown

      Contexto:
      Contexto de ejecución: Writer
      Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
      Nombre del escritor: System Writer
      Id. de instancia del escritor: {52d2e70f-3228-40f9-aa14-e27dd704d376}

      Error: (05/26/2017 07:23:44 PM) (Source: VSS) (EventID: 8193) (User: )
      Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina RegSetValueExW(0x0000087c,(null),0,REG_BINARY,00B5F03C.64). HR = 0x80070005, Acceso denegado.
      .


      Operación:
      Evento BackupShutdown

      Contexto:
      Contexto de ejecución: Writer
      Id. de clase del escritor: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
      Nombre del escritor: WMI Writer
      Id. de instancia del escritor: {08d56e34-2d3c-47e2-9384-d70f71ced4ec}

      Error: (05/26/2017 07:23:44 PM) (Source: VSS) (EventID: 8193) (User: )
      Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina RegSetValueExW(0x0000087c,(null),0,REG_BINARY,00B5F028.64). HR = 0x80070005, Acceso denegado.
      .


      Operación:
      Evento BackupShutdown

      Contexto:
      Contexto de ejecución: Writer
      Id. de clase del escritor: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
      Nombre del escritor: WMI Writer
      Id. de instancia del escritor: {08d56e34-2d3c-47e2-9384-d70f71ced4ec}

      Error: (05/26/2017 07:23:44 PM) (Source: VSS) (EventID: 8193) (User: )
      Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina RegSetValueExW(0x00000a7c,(null),0,REG_BINARY,0484EBD4.64). HR = 0x80070005, Acceso denegado.
      .


      Operación:
      Evento BackupShutdown

      Contexto:
      Contexto de ejecución: Writer
      Id. de clase del escritor: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
      Nombre del escritor: MSSearch Service Writer
      Id. de instancia del escritor: {50bd4ef7-7889-445a-bfe8-f8164e009e4c}

      Error: (05/26/2017 07:23:44 PM) (Source: VSS) (EventID: 8193) (User: )
      Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina RegSetValueExW(0x000001bc,(null),0,REG_BINARY,01D0F7A4.64). HR = 0x80070005, Acceso denegado.
      .


      Operación:
      Evento BackupShutdown

      Contexto:
      Contexto de ejecución: Writer
      Id. de clase del escritor: {542da469-d3e1-473c-9f4f-7847f01fc64f}
      Nombre del escritor: COM+ REGDB Writer
      Id. de instancia del escritor: {0079c32e-8a7f-40f2-b15a-ba482e7f387c}

      Error: (05/26/2017 07:23:44 PM) (Source: VSS) (EventID: 8193) (User: )
      Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina RegSetValueExW(0x000001a8,(null),0,REG_BINARY,01D6F384.64). HR = 0x80070005, Acceso denegado.
      .


      Operación:
      Evento BackupShutdown

      Contexto:
      Contexto de ejecución: Writer
      Id. de clase del escritor: {afbab4a2-367d-4d15-a586-71dbb18f8485}
      Nombre del escritor: Registry Writer
      Id. de instancia del escritor: {b86cb99e-bae7-42ac-bbc2-009bad1c63f3}

      Error: (05/26/2017 07:23:44 PM) (Source: VSS) (EventID: 8193) (User: )
      Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina RegSetValueExW(0x000001ec,(null),0,REG_BINARY,016EF424.64). HR = 0x80070005, Acceso denegado.
      .


      Operación:
      Evento BackupShutdown

      Contexto:
      Contexto de ejecución: Writer
      Id. de clase del escritor: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
      Nombre del escritor: Shadow Copy Optimization Writer
      Id. de instancia del escritor: {6a965ec5-2d1d-4930-936b-d7198a99d9ff}


      System errors:
      =============
      Error: (05/27/2017 10:56:44 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
      Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Microsoft .NET Framework NGEN v4.0.30319_X86.

      Error: (05/26/2017 11:49:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
      Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Microsoft .NET Framework NGEN v4.0.30319_X86.

      Error: (05/26/2017 11:44:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
      Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error:
      No se puede iniciar el servicio o grupo de dependencia.

      Error: (05/26/2017 11:44:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
      Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error:
      No se puede iniciar el servicio o grupo de dependencia.

      Error: (05/26/2017 11:44:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
      Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error:
      No se puede iniciar el servicio o grupo de dependencia.

      Error: (05/26/2017 11:44:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
      Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error:
      No se puede iniciar el servicio o grupo de dependencia.

      Error: (05/26/2017 11:44:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
      Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error:
      No se puede iniciar el servicio o grupo de dependencia.

      Error: (05/26/2017 11:44:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
      Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error:
      No se puede iniciar el servicio o grupo de dependencia.

      Error: (05/26/2017 11:44:43 PM) (Source: DCOM) (EventID: 10005) (User: )
      Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "" para ejecutar el servidor:
      {9E175B6D-F52A-11D8-B9A5-505054503030}

      Error: (05/26/2017 11:44:43 PM) (Source: DCOM) (EventID: 10005) (User: )
      Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "" para ejecutar el servidor:
      {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}


      CodeIntegrity:
      ===================================
      Date: 2017-05-27 11:23:46.296
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-05-27 11:14:20.074
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-05-27 10:53:59.832
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-05-27 01:23:48.444
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-05-27 00:20:46.307
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-05-26 23:46:46.779
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-05-26 23:43:16.035
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-05-26 22:36:26.609
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-05-26 22:21:33.676
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-05-26 20:16:05.581
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.


      ==================== Memory info ===========================

      Processor: AMD E-300 APU with Radeon(tm) HD Graphics
      Percentage of memory in use: 40%
      Total physical RAM: 3549.36 MB
      Available physical RAM: 2107.3 MB
      Total Virtual: 7097 MB
      Available Virtual: 5372.2 MB

      ==================== Drives ================================

      Drive c: () (Fixed) (Total:292.87 GB) (Free:121.62 GB) NTFS
      Drive d: () (Fixed) (Total:405.67 GB) (Free:55.53 GB) NTFS
      Drive g: (BOB_ESPONJA_HISTORIA_MARINA_DVD5) (CDROM) (Total:4.2 GB) (Free:0 GB) UDF

      ==================== MBR & Partition Table ==================

      ========================================================
      Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: BDDBD57B)
      Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
      Partition 2: (Not Active) - (Size=292.9 GB) - (Type=07 NTFS)
      Partition 3: (Not Active) - (Size=405.7 GB) - (Type=07 NTFS)

      ==================== End of Addition.txt ============================

    3. #23
      Warrior Avatar de @Miguelgrado
      Registrado
      dic 2005
      Ubicación
      Asturias-España
      Mensajes
      19.040

      Re: antivirus bloqueado

      Realizas en modo normal



      En el equipo con los demas programas cerrados:
      Inicio >>> Ejecutar >>>Escribes notepad.exe.

      Ahora copia y pega estos archivos dentro del Notepad: (Se excluye la palabra código)

      Código:
      Start
      CreateRestorePoint:
      CloseProcesses:
      
      
      CHR HKU\S-1-5-21-2155655650-2868152525-1627722622-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
      U3 abkgu2qt; C:\Windows\system32\Drivers\abkgu2qt.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
      U3 awcvphhr; C:\Windows\system32\Drivers\awcvphhr.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
      2017-05-24 15:34 - 2017-05-26 11:49 - 00000000 ____D C:\ProgramData\AVAST Software
      2017-05-24 02:50 - 2017-05-26 18:56 - 00000000 ____D C:\Users\Julia\AppData\Roaming\IObit
      2017-05-24 02:50 - 2017-05-24 02:51 - 00000000 ____D C:\Users\Julia\AppData\LocalLow\IObit
      2017-05-24 02:50 - 2017-05-24 02:51 - 00000000 ____D C:\ProgramData\ProductData
      2017-05-24 02:50 - 2017-05-24 02:50 - 00000000 ____D C:\Program Files\Common Files\IObit
      2017-05-24 02:48 - 2017-05-26 18:57 - 00000000 ____D C:\ProgramData\IObit
      2017-05-24 02:48 - 2017-05-24 02:48 - 00000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
      Task: {0D0D9AE2-5E93-4F10-B745-3D23F05536A1} - System32\Tasks\{7683DEC0-B81C-4E71-8706-AA46708A8EFF} => F:\setup.exe
      Task: {112B5CD2-A798-4244-B6CA-6D7B23B1DBD8} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe 
      Task: {1DDDD16B-6AA2-4BF8-8971-EBB97EB0BAFC} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe 
      Task: {74B592AC-3E28-449A-8FB6-60879C2264AB} - System32\Tasks\{5786A423-C888-4231-BA44-1DE2E0880915} => F:\setup.exe
      Task: {77B1F251-95AE-47E9-B77F-D2DFDA943A0B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe 
      Task: {A393D095-258B-4A29-8746-1DB80CF09F66} - System32\Tasks\{AB31589C-6EEC-44C3-AE18-96333749907E} => F:\setup.exe
      Task: {AB1E2568-14EB-44F6-B9C7-6DA1178A5276} - System32\Tasks\SafeZone scheduled Autoupdate 1495634425 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
      Task: {AC58BAE0-8D67-4A01-9DB3-51F7736B1E1C} - System32\Tasks\{E9D11597-E86A-41F1-B4CD-E825D227ED35} => F:\setup.exe
      C:\Program Files\AVAST Software
       
      
      HOSTS:
      REMOVEPROXY:
      EMPTYTEMP:
      CMD: netsh winsock reset
      CMD: ipconfig /renew
      CMD: ipconfig /flushdns
      CMD: bitsadmin /reset /allusers
      END
      Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

      Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.
      Ejecutas Frst.exe.

      Presionas el botón Fix y aguardas a que termine.
      La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
      ATENCION!!!! El siguiente Script de reparación fue hecho específicamente por un miembro del staff para este usuario, si tiene un problema similar por favor abra su propio tema para recibir ayuda personalizada. Usar Scripts de otros usuarios puede causar daños a su equipo
      Lo pegas en tu próxima respuesta
      Última edición por @Miguelgrado fecha: 27/05/17 a las 15:17:44
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    4. #24
      Usuario Avatar de siemprebuscando
      Registrado
      may 2017
      Ubicación
      españa
      Mensajes
      43

      Re: antivirus bloqueado

      ok, me ha pasado lo mismo del otro dia, mientras se estaba realizando el fix se ha cortado y ha saltado la pantalla azul, esta vez si me ha dado tiempo a apuntar el archivo que da el error. es el avgrdr2.sys

      lo hago desde el modo seguro? te copio el fixlog que me ha generado que supongo estara incompleto como el otro:

      Fix result of Farbar Recovery Scan Tool (x86) Version: 24-05-2017
      Ran by Julia (27-05-2017 13:16:10) Run:2
      Running from C:\Users\Julia\Desktop
      Loaded Profiles: Julia (Available Profiles: Julia)
      Boot Mode: Normal

      ==============================================

      fixlist content:
      *****************
      Start
      CreateRestorePoint:
      CloseProcesses:

      HKLM\...\Run: [AVGUI.exe] => "C:\Program Files\AVG\Antivirus\AvLaunch.exe" /gui
      C:\Program Files\AVG
      CHR HKU\S-1-5-21-2155655650-2868152525-1627722622-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
      R1 avgRdr; C:\Windows\system32\drivers\avgRdr2.sys [91464 2017-05-24] (AVG Technologies CZ, s.r.o.)
      R0 avgRvrt; C:\Windows\system32\drivers\avgRvrt.sys [63280 2017-05-24] (AVG Technologies CZ, s.r.o.)
      R1 avgSnx; C:\Windows\system32\drivers\avgSnx.sys [765704 2017-05-24] (AVG Technologies CZ, s.r.o.)
      R1 avgSP; C:\Windows\system32\drivers\avgSP.sys [483736 2017-05-24] (AVG Technologies CZ, s.r.o.)
      R2 avgStm; C:\Windows\system32\drivers\avgStm.sys [116280 2017-05-24] (AVG Technologies CZ, s.r.o.)
      R0 avgVmm; C:\Windows\system32\drivers\avgVmm.sys [280928 2017-05-24] (AVG Technologies CZ, s.r.o.)
      U3 abkgu2qt; C:\Windows\system32\Drivers\abkgu2qt.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
      U3 awcvphhr; C:\Windows\system32\Drivers\awcvphhr.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
      2017-05-24 15:34 - 2017-05-26 11:49 - 00000000 ____D C:\ProgramData\AVAST Software
      2017-05-24 02:50 - 2017-05-26 18:56 - 00000000 ____D C:\Users\Julia\AppData\Roaming\IObit
      2017-05-24 02:50 - 2017-05-24 02:51 - 00000000 ____D C:\Users\Julia\AppData\LocalLow\IObit
      2017-05-24 02:50 - 2017-05-24 02:51 - 00000000 ____D C:\ProgramData\ProductData
      2017-05-24 02:50 - 2017-05-24 02:50 - 00000000 ____D C:\Program Files\Common Files\IObit
      2017-05-24 02:48 - 2017-05-26 18:57 - 00000000 ____D C:\ProgramData\IObit
      2017-05-24 02:48 - 2017-05-24 02:48 - 00000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
      2017-05-24 00:55 - 2017-05-24 00:55 - 00483736 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
      2017-05-24 00:55 - 2017-05-24 00:55 - 00280928 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
      2017-05-24 00:55 - 2017-05-24 00:55 - 00116280 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgstm.sys
      2017-05-24 00:55 - 2017-05-24 00:55 - 00109056 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
      2017-05-24 00:55 - 2017-05-24 00:55 - 00091464 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
      2017-05-24 00:55 - 2017-05-24 00:55 - 00063280 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
      2017-05-24 00:55 - 2017-05-24 00:55 - 00035264 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys
      2017-05-24 00:55 - 2017-05-24 00:54 - 00765704 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
      2017-05-24 00:55 - 2017-05-24 00:54 - 00331896 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
      2017-05-24 00:55 - 2017-05-24 00:54 - 00270344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgblogx.sys
      2017-05-24 00:55 - 2017-05-24 00:54 - 00260616 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriverx.sys
      2017-05-24 00:55 - 2017-05-24 00:54 - 00151024 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidshx.sys
      2017-05-24 00:55 - 2017-05-24 00:54 - 00135872 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbdiskx.sys
      2017-05-24 00:55 - 2017-05-24 00:54 - 00043992 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbunivx.sys
      2017-05-24 00:49 - 2017-05-24 00:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
      2017-05-23 23:54 - 2017-05-23 23:54 - 03624296 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Julia\Downloads\AVG_Protection_Free_698.exe
      2017-05-24 00:56 - 2015-12-15 08:43 - 00000000 ____D C:\Users\Julia\AppData\Roaming\AVG
      2017-05-24 00:49 - 2015-12-15 08:33 - 00000000 ____D C:\ProgramData\Avg
      Task: {0D0D9AE2-5E93-4F10-B745-3D23F05536A1} - System32\Tasks\{7683DEC0-B81C-4E71-8706-AA46708A8EFF} => F:\setup.exe
      Task: {112B5CD2-A798-4244-B6CA-6D7B23B1DBD8} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
      Task: {1DDDD16B-6AA2-4BF8-8971-EBB97EB0BAFC} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
      Task: {74B592AC-3E28-449A-8FB6-60879C2264AB} - System32\Tasks\{5786A423-C888-4231-BA44-1DE2E0880915} => F:\setup.exe
      Task: {77B1F251-95AE-47E9-B77F-D2DFDA943A0B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
      Task: {A393D095-258B-4A29-8746-1DB80CF09F66} - System32\Tasks\{AB31589C-6EEC-44C3-AE18-96333749907E} => F:\setup.exe
      Task: {AB1E2568-14EB-44F6-B9C7-6DA1178A5276} - System32\Tasks\SafeZone scheduled Autoupdate 1495634425 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
      Task: {AC58BAE0-8D67-4A01-9DB3-51F7736B1E1C} - System32\Tasks\{E9D11597-E86A-41F1-B4CD-E825D227ED35} => F:\setup.exe
      Task: {E8696B0D-9860-425D-A034-881428B541B4} - System32\Tasks\0915tbUpdateInfo => C:\ProgramData\Avg_Update_0915tb\0915tb_{71C59998-EB48-4FDE-9A90-1DC14FF26BC8}.exe
      Task: C:\Windows\Tasks\0915tbUpdateInfo.job => C:\ProgramData\Avg_Update_0915tb\0915tb_{71C59998-EB48-4FDE-9A90-1DC14FF26BC8}.exe
      C:\ProgramData\Avg_Update_0915tb
      C:\Program Files\AVAST Softwar


      HOSTS:
      REMOVEPROXY:
      EMPTYTEMP:
      CMD: netsh winsock reset
      CMD: ipconfig /renew
      CMD: ipconfig /flushdns
      CMD: bitsadmin /reset /allusers
      END
      *****************

      Restore point was successfully created.
      Processes closed successfully.
      HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AVGUI.exe => value could not remove.
      "C:\Program Files\AVG" => not found.

    5. #25
      Warrior Avatar de @Miguelgrado
      Registrado
      dic 2005
      Ubicación
      Asturias-España
      Mensajes
      19.040

      Re: antivirus bloqueado

      Buscas estos drivers manualmente y lo eliminas



      C:\Windows\system32\drivers\avgRdr2.sys
      C:\Windows\system32\drivers\avgRvrt.sys
      C:\Windows\system32\drivers\avgSnx.sys
      C:\Windows\system32\drivers\avgSP.sys
      C:\Windows\system32\drivers\avgStm.sys
      C:\Windows\system32\drivers\avgVmm.sys

      Luego repites el fix en modo normal
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    6. #26
      Warrior Avatar de @Miguelgrado
      Registrado
      dic 2005
      Ubicación
      Asturias-España
      Mensajes
      19.040

      Re: antivirus bloqueado

      Tambien elimina esta clave antes del fix


      HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AVGUI.exe


      Boton derecho en incio -ejecutar-regedit y navegas hasta esa clave y boton derecho eliminar

      Hklm es Hkey local Machine
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #27
      Usuario Avatar de siemprebuscando
      Registrado
      may 2017
      Ubicación
      españa
      Mensajes
      43

      Re: antivirus bloqueado

      lo siento pero no soy capaz. los primeros que me ha dicho al tratar de eliminarlos me dice acceso denegado al archivo, necesita permisos de administradores, le doy a intentar de nuevo y siempre me sale la misma ventana.

      y respecto al segundo paso he entrado y lo he localizado pero al tratar de eliminarlo me sale una ventana y me dice error al eliminar valores no se pueden eliminar todos los valores especificados

      lo lamento, no se si estare haciendo algo mal. muchisimas gracias por todo el tiempo y las molestias que se esta tomando

    8. #28
      Warrior Avatar de @Miguelgrado
      Registrado
      dic 2005
      Ubicación
      Asturias-España
      Mensajes
      19.040

      Re: antivirus bloqueado

      los driver elimimalos con >>https://www.infospyware.com/herramientas/unlocker/

      La clave dejala
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #29
      Usuario Avatar de siemprebuscando
      Registrado
      may 2017
      Ubicación
      españa
      Mensajes
      43

      Re: antivirus bloqueado

      nada no me deja. me sale una ventana y me dice

      error

      the object could not be deleted

      do yo want to perform the requested delete operatiocn at next reboot?

      le he dicho que si pero ahi sigue tras reiniciar

    10. #30
      Warrior Avatar de @Miguelgrado
      Registrado
      dic 2005
      Ubicación
      Asturias-España
      Mensajes
      19.040

      Re: antivirus bloqueado

      Ok.

      Vamos a reinstalar Avg

      AVG 2017 | Antivirus y aplicaciones TuneUp gratuitas para su equipo, Mac y Android


      Instala la version que tenias,free y comenta si funciona

      Luego vemos
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.