• Registrarse
  • Iniciar sesión


  • Página 1 de 3 123 ÚltimoÚltimo
    Resultados 1 al 10 de 25

    Malwarebytes! No funcionan los antivirus! (Solucionado)

    Hola, queria consultar por que desde hace unos días el programa no funciona! Sale esto! Quise desintalarlo, pensando que podría tener algún fallo o algo y me salió esto! No tengo idea que puede ser, ...

    1. #1
      Usuario Avatar de AlejandraGAG
      Registrado
      dic 2015
      Ubicación
      Argentina
      Mensajes
      38

      Triste Malwarebytes! No funcionan los antivirus! (Solucionado)

      Hola, queria consultar por que desde hace unos días el programa no funciona! Sale esto!



      Quise desintalarlo, pensando que podría tener algún fallo o algo y me salió esto!






      No tengo idea que puede ser, tampoco me funcionaba el antivirus (Avast), lo borré y quise instalar otro y ahora no me deja, asi que me quede sin seguridad, necesito ayuda urgente porfas!

      Gracias, y espero poder solucionarlo!

      Besos!
      Última edición por AlejandraGAG fecha: 08/07/17 a las 03:54:06 Razón: Arregle las imagenes que no se veian!

    2. #2
      Warrior Avatar de @Miguelgrado
      Registrado
      dic 2005
      Ubicación
      Asturias-España
      Mensajes
      18.142

      re: Malwarebytes! No funcionan los antivirus! (Solucionado)

      Descarga y ejecutas la herramienta de desinstalacion de Malwarebytes y reinicias despues el pc

      Herramientas de desinstalación de Antivirus, AntiSpyware y Firewall.



      Luego en orden y me pegas los logs.


      Paso 1.-: Descarga Malwarebytes Anti-Rootkit Beta >>Malwarebytes Anti-Rootkit | InfoSpyware y descomprima el contenido en su escritorio
      Paso 2.- : Desactiva tu antivirus >> Cómo deshabilitar temporalmente su Antivirus

      Abra la carpeta Mbar. Doble clic en el archivo Mbar.exe
      • En la interfaz del programa haga clic en Next.
      • Haga clic en el botón Update. Terminando clic en Next
      • Para iniciar el análisis clic en el botón Scan
      • Terminando, si hay infección clic en CleanUp, si no hay, clic en Exit.


      Al finalizar abra la carpeta Mbar, los archivos mbar-log.txt y system-log.txt, copie y pegue todo su contenido en la siguiente respuesta y comentando los resultados.


      Descarga AdwCleaner 3.0 | InfoSpyware y colócalo en el escritorio:


      - Ejecútalo con todos los programas cerrados y con el antivirus deshabilitado >>Cómo deshabilitar temporalmente su Antivirus.
      - Si usas Windows Vista/ W 7/W 8, ejecútalo como administrador. (Botón derecho >> Ejecutar como Administrador) , aceptas la licencia (j’acepte) ..


      Presionas y das en Escanear y esperas a que el programa haga lo suyo.
      Ejecutamos Limpiar para realizar la limpieza y si nos pide reiniciar el pc lo hacemos.

      - Al terminar se abrirá un reporte en un archivo de texto, cuyo contenido deberás copiar y pegar en tu próxima respuesta.


      El reporte se encuentra también en C:\AdwCleaner- AdwCleaner[CX].txt



      1-Descarga Farbar Recovery Scan Tool By Farbar (Descarga el archivo dependiendo de la arquitectura de tu sistema).>> Como saber si mi sistema es de 32 o de 64 Bits

      • La guardas en el escritorio >> Esto es muy importante..
      • Con todos los programas /ventanas cerrados, doble clic para ejecutar Frst.exe.
      • En la ventana del Disclaimer, presiona Yes.
      • En la nueva ventana que se abre, presiona el botón Scan y espera paciente a que concluya el análisis.

      • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, estos estarán grabados en tu escritorio.

      • Para terminar abres los archivos Frst.txt y Addition.Txt copia y pega todo su contenido en tu próxima respuesta. Utiliza dos mensajes si te dice que es muy largo.
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de AlejandraGAG
      Registrado
      dic 2015
      Ubicación
      Argentina
      Mensajes
      38

      re: Malwarebytes! No funcionan los antivirus! (Solucionado)

      Hola, gracias por contestar Miguel , te comento que no puedo instalar la herramienta para desintalar el Malwarebytes. Me salía un cartel. Este más precisamente.




      Así que no pude seguir lo que me indicaste, sigo aquí pendiente de la ayuda!

      Saludos!! y nuevamente gracias!
      Última edición por AlejandraGAG fecha: 08/07/17 a las 03:49:54 Razón: No sabía como subir la imagen jaja :P

    4. #4
      Warrior Avatar de @Miguelgrado
      Registrado
      dic 2005
      Ubicación
      Asturias-España
      Mensajes
      18.142

      re: Malwarebytes! No funcionan los antivirus! (Solucionado)

      Continua con los demas pasos
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de AlejandraGAG
      Registrado
      dic 2015
      Ubicación
      Argentina
      Mensajes
      38

      re: Malwarebytes! No funcionan los antivirus! (Solucionado)

      Bueno, se ve que algo había por que en cuanto termine de pasar el Malware anti rootkit, el programa MBM volvió a funcionar o eso creo, ya no me salen los errores del principio.


      De todas formas hice todo como me indicaste Miguel, y aquí te dejo los reportes:


      Malware Anti Rootkit

      Malwarebytes Anti-Rootkit BETA 1.9.3.1001
      www.malwarebytes.org

      Database version:
      main: v2017.07.08.06
      rootkit: v2017.05.27.01

      Windows 8 x64 NTFS
      Internet Explorer 10.0.9200.17607
      gimenam :: ALEJANDRA [administrator]

      08/07/2017 05:26:49 p.m.
      mbar-log-2017-07-08 (17-26-49).txt

      Scan type: Quick scan
      Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
      Scan options disabled:
      Objects scanned: 274639
      Time elapsed: 39 minute(s), 41 second(s)

      Memory Processes Detected: 0
      (No malicious items detected)

      Memory Modules Detected: 0
      (No malicious items detected)

      Registry Keys Detected: 7
      HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\249BDA38A611CD746A132FA2AF995A2D3C941264 (Trojan.Wdfload) -> Delete on reboot. [954164ffdacf59dd83a7979021df19e7]
      HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84 (Trojan.Wdfload) -> Delete on reboot. [efe7352e8b1e290d8497130fc53bdc24]
      HKLM\SOFTWARE\WOW6432NODE\Eggper (Adware.Ghokswa) -> Delete on reboot. [33a3c99a8128b482b3063eac3cc58e72]
      HKLM\SOFTWARE\WOW6432NODE\{84416237-6490-494D-9AD6-4994DD978971} (Adware.Elex) -> Delete on reboot. [07cf362d9d0c69cd078d7ce39a6753ad]
      HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\249BDA38A611CD746A132FA2AF995A2D3C941264 (Trojan.Wdfload) -> Delete on reboot. [af277fe4a9000c2a9397f631d12f09f7]
      HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84 (Trojan.Wdfload) -> Delete on reboot. [389e0b58119840f6ed2e869c897722de]
      HKU\S-1-5-21-1786290276-262488355-3525370003-1001\SOFTWARE\MICROSOFT\BIGTIME (Adware.Tuto4PC) -> Delete on reboot. [587e382b426706306286e31331d09b65]

      Registry Values Detected: 1
      HKU\S-1-5-21-1786290276-262488355-3525370003-1001\SOFTWARE\MICROSOFT\BIGTIME|partner (Adware.Tuto4PC) -> Data: installcube -> Delete on reboot. [587e382b426706306286e31331d09b65]

      Registry Data Items Detected: 0
      (No malicious items detected)

      Folders Detected: 0
      (No malicious items detected)

      Files Detected: 2
      C:\Users\gimenam\AppData\Local\po.db (Adware.Linkury.Generic) -> Delete on reboot. [18bec69de0c978beb8e1cac27e83f30d]
      C:\Windows\System32\Drivers\cfidsk.sys (PUP.Optional.ChinAd) -> Delete on reboot. [44e5f236e1850924b331080a67e09d0b]

      Physical Sectors Detected: 0
      (No malicious items detected)

      (end)


      ---------------------------------------
      Malwarebytes Anti-Rootkit BETA 1.09.3.1001

      (c) Malwarebytes Corporation 2011-2012

      OS version: 6.2.9200 Windows 8 x64

      Account is Administrative

      Internet Explorer version: 10.0.9200.17607

      File system is: NTFS
      Disk drives: C:\ DRIVE_FIXED
      CPU speed: 1.696000 GHz
      Memory total: 2020278272, free: 888225792

      Downloaded database version: v2017.07.08.06
      Downloaded database version: v2017.05.27.01
      Downloaded database version: v2017.07.07.01
      =======================================
      Initializing...
      Driver version: 0.3.0.4
      ------------ Kernel report ------------
      07/08/2017 17:26:35
      ------------ Loaded modules -----------
      \SystemRoot\system32\ntoskrnl.exe
      \SystemRoot\system32\hal.dll
      \SystemRoot\system32\kd.dll
      \SystemRoot\system32\mcupdate_GenuineIntel.dll
      \SystemRoot\System32\drivers\CLFS.SYS
      \SystemRoot\System32\drivers\tm.sys
      \SystemRoot\system32\PSHED.dll
      \SystemRoot\system32\BOOTVID.dll
      \SystemRoot\system32\CI.dll
      \SystemRoot\System32\drivers\msrpc.sys
      \SystemRoot\system32\drivers\Wdf01000.sys
      \SystemRoot\system32\drivers\WDFLDR.SYS
      \SystemRoot\System32\Drivers\acpiex.sys
      \SystemRoot\System32\Drivers\WppRecorder.sys
      \SystemRoot\System32\drivers\ACPI.sys
      \SystemRoot\System32\drivers\WMILIB.SYS
      \SystemRoot\System32\drivers\msisadrv.sys
      \SystemRoot\System32\drivers\pci.sys
      \SystemRoot\System32\Drivers\cng.sys
      \SystemRoot\system32\drivers\tpm.sys
      \SystemRoot\System32\drivers\vdrvroot.sys
      \SystemRoot\system32\drivers\pdc.sys
      \SystemRoot\System32\drivers\partmgr.sys
      \SystemRoot\System32\drivers\spaceport.sys
      \SystemRoot\System32\drivers\volmgr.sys
      \SystemRoot\System32\drivers\volmgrx.sys
      \SystemRoot\System32\drivers\mountmgr.sys
      \SystemRoot\System32\drivers\iaStorA.sys
      \SystemRoot\System32\drivers\storport.sys
      \SystemRoot\System32\drivers\EhStorClass.sys
      \SystemRoot\system32\drivers\fltmgr.sys
      \SystemRoot\System32\drivers\fileinfo.sys
      \SystemRoot\system32\drivers\CLASSPNP.SYS
      \SystemRoot\System32\Drivers\Ntfs.sys
      \SystemRoot\System32\Drivers\ksecdd.sys
      \SystemRoot\System32\drivers\pcw.sys
      \SystemRoot\System32\Drivers\Fs_Rec.sys
      \SystemRoot\system32\drivers\ndis.sys
      \SystemRoot\system32\drivers\NETIO.SYS
      \SystemRoot\System32\Drivers\ksecpkg.sys
      \SystemRoot\System32\drivers\tcpip.sys
      \SystemRoot\System32\drivers\fwpkclnt.sys
      \SystemRoot\system32\DRIVERS\wfplwfs.sys
      \SystemRoot\System32\DRIVERS\fvevol.sys
      \SystemRoot\System32\drivers\volsnap.sys
      \SystemRoot\System32\drivers\rdyboost.sys
      \SystemRoot\System32\Drivers\mup.sys
      \SystemRoot\System32\drivers\disk.sys
      \SystemRoot\System32\Drivers\crashdmp.sys
      \SystemRoot\System32\drivers\cdrom.sys
      \SystemRoot\System32\Drivers\Null.SYS
      \SystemRoot\System32\Drivers\Beep.SYS
      \SystemRoot\System32\drivers\BasicRender.sys
      \SystemRoot\System32\drivers\dxgkrnl.sys
      \SystemRoot\System32\drivers\watchdog.sys
      \SystemRoot\System32\drivers\dxgmms1.sys
      \SystemRoot\System32\drivers\BasicDisplay.sys
      \SystemRoot\System32\Drivers\Npfs.SYS
      \SystemRoot\System32\Drivers\Msfs.SYS
      \SystemRoot\system32\DRIVERS\tdx.sys
      \SystemRoot\system32\DRIVERS\TDI.SYS
      \SystemRoot\System32\DRIVERS\netbt.sys
      \SystemRoot\system32\drivers\cfidsk.sys
      \SystemRoot\system32\drivers\afd.sys
      \SystemRoot\system32\DRIVERS\pacer.sys
      \SystemRoot\system32\DRIVERS\vwififlt.sys
      \SystemRoot\system32\DRIVERS\netbios.sys
      \SystemRoot\system32\DRIVERS\rdbss.sys
      \SystemRoot\system32\DRIVERS\wanarp.sys
      \SystemRoot\system32\DRIVERS\VBoxUSBMon.sys
      \SystemRoot\system32\drivers\nsiproxy.sys
      \SystemRoot\System32\drivers\npsvctrig.sys
      \SystemRoot\System32\drivers\mssmbios.sys
      \SystemRoot\System32\drivers\discache.sys
      \SystemRoot\System32\Drivers\dfsc.sys
      \SystemRoot\system32\DRIVERS\ndistapi.sys
      \SystemRoot\system32\DRIVERS\ndiswan.sys
      \SystemRoot\system32\DRIVERS\rassstp.sys
      \SystemRoot\system32\DRIVERS\AgileVpn.sys
      \SystemRoot\system32\DRIVERS\tunnel.sys
      \SystemRoot\System32\drivers\CompositeBus.sys
      \SystemRoot\system32\DRIVERS\kdnic.sys
      \SystemRoot\System32\drivers\umbus.sys
      \SystemRoot\system32\DRIVERS\igdkmd64.sys
      \SystemRoot\System32\drivers\USBXHCI.SYS
      \SystemRoot\System32\drivers\ucx01000.sys
      \SystemRoot\System32\drivers\HECIx64.sys
      \SystemRoot\System32\drivers\usbehci.sys
      \SystemRoot\System32\drivers\USBPORT.SYS
      \SystemRoot\System32\drivers\HDAudBus.sys
      \SystemRoot\system32\DRIVERS\Rt630x64.sys
      \SystemRoot\System32\drivers\i8042prt.sys
      \SystemRoot\system32\DRIVERS\SynTP.sys
      \SystemRoot\system32\DRIVERS\USBD.SYS
      \SystemRoot\System32\drivers\mouclass.sys
      \SystemRoot\System32\drivers\kbdclass.sys
      \SystemRoot\System32\drivers\CmBatt.sys
      \SystemRoot\System32\drivers\BATTC.SYS
      \SystemRoot\System32\drivers\wmiacpi.sys
      \SystemRoot\System32\drivers\intelppm.sys
      \SystemRoot\system32\DRIVERS\raspptp.sys
      \SystemRoot\system32\DRIVERS\rasl2tp.sys
      \SystemRoot\system32\DRIVERS\raspppoe.sys
      \SystemRoot\System32\drivers\swenum.sys
      \SystemRoot\System32\drivers\ks.sys
      \SystemRoot\System32\drivers\btath_bus.sys
      \SystemRoot\System32\Drivers\fastfat.SYS
      \SystemRoot\System32\drivers\rdpbus.sys
      \SystemRoot\System32\Drivers\NDProxy.SYS
      \SystemRoot\System32\drivers\usbhub.sys
      \SystemRoot\System32\drivers\UsbHub3.sys
      \SystemRoot\system32\drivers\RTKVHD64.sys
      \SystemRoot\system32\drivers\portcls.sys
      \SystemRoot\system32\drivers\drmk.sys
      \SystemRoot\system32\drivers\ksthunk.sys
      \SystemRoot\system32\DRIVERS\IntcDAud.sys
      \SystemRoot\System32\drivers\usbccgp.sys
      \SystemRoot\System32\Drivers\usbvideo.sys
      \SystemRoot\system32\DRIVERS\btfilter.sys
      \SystemRoot\System32\Drivers\BTHUSB.sys
      \SystemRoot\System32\Drivers\bthport.sys
      \SystemRoot\System32\Drivers\dump_diskdump.sys
      \SystemRoot\System32\Drivers\dump_iaStorA.sys
      \SystemRoot\System32\Drivers\dump_dumpfve.sys
      \SystemRoot\system32\DRIVERS\BthLEEnum.sys
      \SystemRoot\System32\drivers\rfcomm.sys
      \SystemRoot\System32\drivers\BthEnum.sys
      \SystemRoot\system32\DRIVERS\bthpan.sys
      \SystemRoot\System32\drivers\btath_rcp.sys
      \SystemRoot\System32\drivers\HIDCLASS.SYS
      \SystemRoot\System32\drivers\HIDPARSE.SYS
      \SystemRoot\system32\drivers\btath_avdt.sys
      \SystemRoot\system32\drivers\btath_a2dp.sys
      \SystemRoot\System32\drivers\btath_hcrp.sys
      \SystemRoot\system32\DRIVERS\btath_flt.sys
      \SystemRoot\system32\DRIVERS\btath_lwflt.sys
      \SystemRoot\System32\win32k.sys
      \SystemRoot\System32\TSDDD.dll
      \SystemRoot\system32\drivers\luafv.sys
      \SystemRoot\system32\DRIVERS\lltdio.sys
      \SystemRoot\system32\DRIVERS\nwifi.sys
      \SystemRoot\system32\DRIVERS\ndisuio.sys
      \SystemRoot\system32\DRIVERS\rspndr.sys
      \??\C:\Program Files (x86)\PHotkey\PEGAGFN.sys
      \SystemRoot\system32\drivers\HTTP.sys
      \SystemRoot\system32\DRIVERS\bowser.sys
      \SystemRoot\System32\drivers\mpsdrv.sys
      \SystemRoot\system32\DRIVERS\mrxsmb.sys
      \SystemRoot\system32\DRIVERS\mrxsmb10.sys
      \SystemRoot\system32\DRIVERS\mrxsmb20.sys
      \SystemRoot\system32\drivers\Ndu.sys
      \SystemRoot\system32\drivers\peauth.sys
      \SystemRoot\System32\DRIVERS\srvnet.sys
      \SystemRoot\System32\drivers\tcpipreg.sys
      \SystemRoot\System32\DRIVERS\srv2.sys
      \SystemRoot\System32\DRIVERS\srv.sys
      \SystemRoot\System32\drivers\condrv.sys
      \SystemRoot\system32\drivers\qwavedrv.sys
      \SystemRoot\system32\DRIVERS\athw8x.sys
      \SystemRoot\System32\drivers\vwifibus.sys
      \SystemRoot\system32\DRIVERS\vwifimp.sys
      \SystemRoot\System32\cdd.dll
      \SystemRoot\System32\drivers\monitor.sys
      \??\C:\Windows\system32\drivers\mbamchameleon.sys
      \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
      ----------- End -----------
      Done!

      Scan started
      Database versions:
      main: v2017.07.08.06
      rootkit: v2017.05.27.01

      <<<2>>>
      Physical Sector Size: 512
      Drive: 0, DevicePointer: 0xfffffa80052c4740, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
      --------- Disk Stack ------
      DevicePointer: 0xfffffa80052c41f0, DeviceName: Unknown, DriverName: \Driver\partmgr\
      DevicePointer: 0xfffffa80052c4740, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
      DevicePointer: 0xfffffa80031b69e0, DeviceName: Unknown, DriverName: \Driver\ACPI\
      DevicePointer: 0xfffffa8003dbf060, DeviceName: \Device\00000037\, DriverName: \Driver\iaStorA\
      ------------ End ----------
      Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
      Upper DeviceData: 0x0, 0x0, 0x0
      Lower DeviceData: 0x0, 0x0, 0x0
      <<<3>>>
      Volume: C:
      File system type: NTFS
      SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
      <<<2>>>
      <<<3>>>
      Volume: C:
      File system type: NTFS
      SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
      Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
      Done!
      Drive 0
      This is a System drive
      Scanning MBR on drive 0...
      Inspecting partition table:
      This drive is a GPT Drive.
      MBR Signature: 55AA
      Disk Signature: A08C84EB

      GPT Protective MBR Partition information:

      Partition 0 type is EFI-GPT (0xee)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 1 Numsec = 4294967295

      Partition 1 type is Empty (0x0)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 0 Numsec = 0

      Partition 2 type is Empty (0x0)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 0 Numsec = 0

      Partition 3 type is Empty (0x0)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 0 Numsec = 0

      GPT Partition information:

      GPT Header Signature 4546492050415254
      GPT Header Revision 65536 Size 92 CRC 2990722093
      GPT Header CurrentLba = 1 BackupLba 625142447
      GPT Header FirstUsableLba 34 LastUsableLba 625142414
      GPT Header Guid 649079c2-ab29-4168-802c-af1d63ffb06
      GPT Header Contains 128 partition entries starting at LBA 2
      GPT Header Partition entry size = 128

      Backup GPT header Signature 4546492050415254
      Backup GPT header Revision 65536 Size 92 CRC 2990722093
      Backup GPT header CurrentLba = 625142447 BackupLba 1
      Backup GPT header FirstUsableLba 34 LastUsableLba 625142414
      Backup GPT header Guid 649079c2-ab29-4168-802c-af1d63ffb06
      Backup GPT header Contains 128 partition entries starting at LBA 625142415
      Backup GPT header Partition entry size = 128

      Partition 0 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
      Partition ID 59569848-6d5f-4dc4-a8a0-f391cf17344b
      FirstLBA 2048 Last LBA 616447
      Attributes 1
      Partition Name Basic data partition

      Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
      Partition ID 6dfc8db8-b4d3-4c6e-9e48-d95f37b429d
      FirstLBA 616448 Last LBA 1148927
      Attributes 0
      Partition Name EFI system partition

      GPT Partition 1 is bootable
      Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
      Partition ID 617440eb-bce0-41ca-b552-7cd45f83db0
      FirstLBA 1148928 Last LBA 1411071
      Attributes 0
      Partition Name Microsoft reserved partition

      Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
      Partition ID cab8d62f-c680-49df-a9e0-c676b8539e90
      FirstLBA 1411072 Last LBA 594421759
      Attributes 0
      Partition Name Basic data partition

      Partition 4 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
      Partition ID 118317a-b73a-4c00-b6fd-f56aa7d6d0
      FirstLBA 594421760 Last LBA 625141759
      Attributes 1
      Partition Name Basic data partition

      Disk Size: 320072933376 bytes
      Sector size: 512 bytes

      Done!
      Infected: C:\Users\gimenam\AppData\Local\po.db --> [Adware.Linkury.Generic]
      File C:\Windows\System32\Drivers\cfidsk.sys will be destroyed
      Infected: C:\Windows\System32\Drivers\cfidsk.sys --> [PUP.Optional.ChinAd]
      Infected: HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\249BDA38A611CD746A132FA2AF995A2D3C941264 --> [Trojan.Wdfload]
      Infected: HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84 --> [Trojan.Wdfload]
      Infected: HKLM\SOFTWARE\WOW6432NODE\Eggper --> [Adware.Ghokswa]
      Infected: HKLM\SOFTWARE\WOW6432NODE\{84416237-6490-494D-9AD6-4994DD978971} --> [Adware.Elex]
      Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\249BDA38A611CD746A132FA2AF995A2D3C941264 --> [Trojan.Wdfload]
      Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84 --> [Trojan.Wdfload]
      Infected: HKU\S-1-5-21-1786290276-262488355-3525370003-1001\SOFTWARE\MICROSOFT\BIGTIME|partner --> [Adware.Tuto4PC]
      Infected: HKU\S-1-5-21-1786290276-262488355-3525370003-1001\SOFTWARE\MICROSOFT\BIGTIME --> [Adware.Tuto4PC]
      Scan finished
      Creating System Restore point...
      Cleaning up...
      <<<2>>>
      <<<3>>>
      Volume: C:
      File system type: NTFS
      SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action reg.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Executing an action cmd.exe...
      Success!
      Removal scheduling successful. System shutdown needed.
      System shutdown occurred
      =======================================


      Adware



      # AdwCleaner v6.046 - Archivo de registro creado 08/07/2017 en 18:28:11
      # Actualizado en 24/04/2017 por Malwarebytes
      # Base de datos : 2017-07-07.1 [Servidor]
      # Sistema Operativo : Windows 8 Single Language (X64)
      # Nombre de usuario : gimenam - ALEJANDRA
      # Ejecutado desde : C:\Users\gimenam\Desktop\AdwCleaner.exe
      # Modo: Limpiar
      # Soporte : https://www.malwarebytes.com/support



      ***** [ Servicios ] *****

      [-] Servicio eliminado: SNARE
      [-] Servicio eliminado: cfidsk


      ***** [ Carpetas ] *****

      [-] Carpeta eliminada: C:\Users\gimenam\AppData\Local\AdvinstAnalytics
      [-] Carpeta eliminada: C:\Users\gimenam\AppData\Local\snare
      [-] Carpeta eliminada: C:\Insist
      [-] Carpeta eliminada: C:\ProgramData\Logic Cramble
      [#] Carpeta eliminada al reiniciar: C:\ProgramData\Application Data\Logic Cramble
      [-] Carpeta eliminada: C:\Users\Public\Documents\XMUpdate
      [-] Carpeta eliminada: C:\Program Files (x86)\Firefox
      [-] Carpeta eliminada: C:\Windows\SysWOW64\SSL
      [-] Carpeta eliminada: C:\Users\gimenam\AppData\Local\Firefox
      [#] Carpeta eliminada al reiniciar: C:\Users\gimenam\AppData\Local\SNARE
      [-] Carpeta eliminada: C:\ProgramData\BIT
      [#] Carpeta eliminada al reiniciar: C:\Insist


      ***** [ Archivos ] *****

      [-] Archivo eliminado: C:\Users\gimenam\appdata\local\installationconfiguration.xml
      [-] Archivo eliminado: C:\Windows\SysNative\log\iSafeKrnlCall.log
      [-] Archivo eliminado: C:\Windows\SysNative\bi3.exe
      [-] Archivo eliminado: C:\Users\gimenam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fdckocnfhibclnnkifmjbbogcfkbijki_0.localstorage


      ***** [ DLL ] *****



      ***** [ WMI ] *****



      ***** [ Accesos directos ] *****



      ***** [ Tareas programadas ] *****

      [-] Tarea eliminada: Microsoft\Windows\Multimedia\Manager


      ***** [ Registro ] *****

      [#] Llave eliminada al reiniciar: HKLM\SYSTEM\CurrentControlSet\services\snare
      [-] Llave eliminada: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SNARE
      [#] Llave eliminada al reiniciar: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SNARE
      [#] Llave eliminada al reiniciar: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\snare
      [#] Llave eliminada al reiniciar: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\snare
      [-] Llave eliminada: HKU\S-1-5-21-1786290276-262488355-3525370003-1001\Software\Installer
      [-] Llave eliminada: HKU\S-1-5-21-1786290276-262488355-3525370003-1001\Software\Media Get LLC
      [-] Llave eliminada: HKU\S-1-5-21-1786290276-262488355-3525370003-1001\Software\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
      [-] Llave eliminada: HKU\S-1-5-21-1786290276-262488355-3525370003-1001\Software\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
      [-] Llave eliminada: HKU\S-1-5-21-1786290276-262488355-3525370003-1001\Software\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
      [-] Llave eliminada: HKU\S-1-5-21-1786290276-262488355-3525370003-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082017180918196\Software\Installer
      [-] Llave eliminada: HKU\S-1-5-21-1786290276-262488355-3525370003-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082017180918196\Software\Media Get LLC
      [-] Llave eliminada: HKU\S-1-5-21-1786290276-262488355-3525370003-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082017180918196\Software\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
      [-] Llave eliminada: HKU\S-1-5-21-1786290276-262488355-3525370003-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082017180918196\Software\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
      [-] Llave eliminada: HKU\S-1-5-21-1786290276-262488355-3525370003-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082017180918196\Software\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
      [#] Llave eliminada al reiniciar: HKCU\Software\Installer
      [#] Llave eliminada al reiniciar: HKCU\Software\Media Get LLC
      [#] Llave eliminada al reiniciar: HKCU\Software\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
      [#] Llave eliminada al reiniciar: HKCU\Software\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
      [#] Llave eliminada al reiniciar: HKCU\Software\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
      [-] Llave eliminada: HKLM\SOFTWARE\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
      [-] Llave eliminada: HKLM\SOFTWARE\ScreenShot
      [-] Llave eliminada: HKLM\SOFTWARE\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
      [-] Llave eliminada: HKLM\SOFTWARE\msServer
      [-] Llave eliminada: HKLM\SOFTWARE\ourluckysitesSoftware
      [-] Llave eliminada: HKLM\SOFTWARE\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
      [-] Llave eliminada: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{59B5A9CD-253D-4C41-A073-B387D4C9672D}
      [#] Llave eliminada al reiniciar: [x64] HKCU\Software\Installer
      [#] Llave eliminada al reiniciar: [x64] HKCU\Software\Media Get LLC
      [#] Llave eliminada al reiniciar: [x64] HKCU\Software\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
      [#] Llave eliminada al reiniciar: [x64] HKCU\Software\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
      [#] Llave eliminada al reiniciar: [x64] HKCU\Software\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
      [-] Llave eliminada: [x64] HKLM\SOFTWARE\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
      [-] Llave eliminada: [x64] HKLM\SOFTWARE\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
      [-] Llave eliminada: [x64] HKLM\SOFTWARE\pcv-var
      [-] Llave eliminada: [x64] HKLM\SOFTWARE\InterSect Alliance
      [-] Llave eliminada: [x64] HKLM\SOFTWARE\Microsoft\DMunversion
      [-] Llave eliminada: [x64] HKLM\SOFTWARE\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
      [-] Llave eliminada: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchy
      [-] Llave eliminada: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{24F5E422-6A70-4FAA-8CAD-E23D5DC1DAE6}
      [-] Llave eliminada: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DD0688A5-FC8B-4E93-A485-CBF606A56D49}
      [-] Valor borrado: HKU\S-1-5-21-1786290276-262488355-3525370003-1001\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
      [-] Valor borrado: HKU\S-1-5-21-1786290276-262488355-3525370003-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082017180918196\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
      [#] Valor eliminado al reiniciar: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
      [#] Valor eliminado al reiniciar: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
      [-] Llave eliminada: HKLM\SYSTEM\CurrentControlSet\Control\Class\{0C95ABFE-4FB6-49DB-B22F-0E1F5FC4BEEC}
      [-] Llave eliminada: HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEEFACB3-729F-4484-B66D-E7A7917BBFC1}
      [#] Llave eliminada al reiniciar: HKLM\SOFTWARE\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
      [-] Valor borrado: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]
      [-] Llave eliminada: HKCU\SOFTWARE\Clients\StartMenuInternet\ChromeHTML
      [-] Llave eliminada: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\VoyasollamU
      [-] Valor borrado: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [BIT]
      [-] Llave eliminada: HKLM\SYSTEM\CurrentControlSet\Control\iSafeKrnlBoot


      ***** [ Navegadores ] *****

      [-] [C:\Users\gimenam\AppData\Local\Google\Chrome\User Data\Default] [homepage] Eliminado: hxxp://www-searching.com/?pid=s&s=H6Rzltpbl1AU,f2f3a070-bb4e-420b-bb23-c6e1b992fc35,&vp=ch&prd=set_ch


      *************************

      :: Llaves "Tracing" eliminadas
      :: Se han borrado los ajustes de Winsock

      *************************

      C:\AdwCleaner\AdwCleaner[C0].txt - [7501 Bytes] - [08/07/2017 18:28:11]
      C:\AdwCleaner\AdwCleaner[S0].txt - [7302 Bytes] - [08/07/2017 18:26:23]

      ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [7647 Bytes] ##########

    6. #6
      Usuario Avatar de AlejandraGAG
      Registrado
      dic 2015
      Ubicación
      Argentina
      Mensajes
      38

      re: Malwarebytes! No funcionan los antivirus! (Solucionado)

      Farbar

      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-07-2017
      Ran by gimenam (administrator) on ALEJANDRA (08-07-2017 18:42:02)
      Running from C:\Users\gimenam\Desktop
      Loaded Profiles: gimenam (Available Profiles: gimenam)
      Platform: Windows 8 Single Language (X64) Language: Español (España, internacional)
      Internet Explorer Version 10 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      () C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
      () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
      (Microsoft Corporation) C:\Windows\System32\rundll32.exe
      (Microsoft Corporation) C:\Windows\System32\rundll32.exe
      (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
      (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
      (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
      (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      () C:\Program Files (x86)\PHotkey\PHotkey.exe
      () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
      () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
      (TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
      (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
      () C:\Program Files (x86)\PHotkey\PVDesktop.exe
      () C:\Program Files (x86)\PHotkey\PVDAgent.exe
      (Pegatron Corporation) C:\Program Files (x86)\PHotkey\MyWiMax.exe
      () C:\Program Files (x86)\PHotkey\POsd.exe
      () C:\Program Files (x86)\PHotkey\GPMTray.exe
      (Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
      (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
      (Intel Corporation) C:\Windows\System32\hkcmd.exe
      (Intel Corporation) C:\Windows\System32\igfxpers.exe
      (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IASTORICON.EXE
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.EXE
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.EXE

      ==================== Registry (Whitelisted) ====================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-10] (Qualcomm Atheros)
      HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-10] (Atheros Communications)
      HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
      HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2917176 2012-09-05] (Synaptics Incorporated)
      HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
      HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-08-16] (Intel Corporation)
      HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
      Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
      HKLM\ DisallowedCertificates: 03D22C9C66915D58C88912B64C1F984B8344EF09 (Comodo Security Solutions) <==== ATTENTION
      HKLM\ DisallowedCertificates: 0F684EC1163281085C6AF20528878103ACEFCAAB (F-Secure Corporation) <==== ATTENTION
      HKLM\ DisallowedCertificates: 1667908C9E22EFBD0590E088715CC74BE4C60884 (FRISK Software International/F-Prot) <==== ATTENTION
      HKLM\ DisallowedCertificates: 18DEA4EFA93B06AE997D234411F3FD72A677EECE (Bitdefender SRL) <==== ATTENTION
      HKLM\ DisallowedCertificates: 2026D13756EB0DB753DF26CB3B7EEBE3E70BB2CF (G DATA Software AG) <==== ATTENTION
      HKLM\ DisallowedCertificates: 31AC96A6C17C425222C46D55C3CCA6BA12E54DAF (Symantec Corporation) <==== ATTENTION
      HKLM\ DisallowedCertificates: 331E2046A1CCA7BFEF766724394BE6112B4CA3F7 (Trend Micro) <==== ATTENTION
      HKLM\ DisallowedCertificates: 3353EA609334A9F23A701B9159E30CB6C22D4C59 (Webroot Inc.) <==== ATTENTION
      HKLM\ DisallowedCertificates: 373C33726722D3A5D1EDD1F1585D5D25B39BEA1A (SUPERAntiSpyware.com) <==== ATTENTION
      HKLM\ DisallowedCertificates: 3850EDD77CC74EC9F4829AE406BBF9C21E0DA87F (Kaspersky Lab) <==== ATTENTION
      HKLM\ DisallowedCertificates: 3D496FA682E65FC122351EC29B55AB94F3BB03FC (AVG Technologies CZ) <==== ATTENTION
      HKLM\ DisallowedCertificates: 4243A03DB4C3C15149CEA8B38EEA1DA4F26BD159 (PC Tools) <==== ATTENTION
      HKLM\ DisallowedCertificates: 42727E052C0C2E1B35AB53E1005FD9EDC9DE8F01 (K7 Computing Pvt Ltd) <==== ATTENTION
      HKLM\ DisallowedCertificates: 4420C99742DF11DD0795BC15B7B0ABF090DC84DF (Doctor Web Ltd.) <==== ATTENTION
      HKLM\ DisallowedCertificates: 4C0AF5719009B7C9D85C5EAEDFA3B7F090FE5FFF (Emsisoft Ltd) <==== ATTENTION
      HKLM\ DisallowedCertificates: 5240AB5B05D11B37900AC7712A3C6AE42F377C8C (Check Point Software Technologies Ltd.) <==== ATTENTION
      HKLM\ DisallowedCertificates: 5DD3D41810F28B2A13E9A004E6412061E28FA48D (Emsisoft Ltd) <==== ATTENTION
      HKLM\ DisallowedCertificates: 7457A3793086DBB58B3858D6476889E3311E550E (K7 Computing Pvt Ltd) <==== ATTENTION
      HKLM\ DisallowedCertificates: 76A9295EF4343E12DFC5FE05DC57227C1AB00D29 (BullGuard Ltd) <==== ATTENTION
      HKLM\ DisallowedCertificates: 775B373B33B9D15B58BC02B184704332B97C3CAF (McAfee) <==== ATTENTION
      HKLM\ DisallowedCertificates: 872CD334B7E7B3C3D1C6114CD6B221026D505EAB (Comodo Security Solutions) <==== ATTENTION
      HKLM\ DisallowedCertificates: 88AD5DFE24126872B33175D1778687B642323ACF (McAfee) <==== ATTENTION
      HKLM\ DisallowedCertificates: 9132E8B079D080E01D52631690BE18EBC2347C1E (Adaware Software) <==== ATTENTION
      HKLM\ DisallowedCertificates: 982D98951CF3C0CA2A02814D474A976CBFF6BDB1 (Safer Networking Ltd.) <==== ATTENTION
      HKLM\ DisallowedCertificates: 9A08641F7C5F2CCA0888388BE3E5DBDDAAA3B361 (Webroot Inc.) <==== ATTENTION
      HKLM\ DisallowedCertificates: 9C43F665E690AB4D486D4717B456C5554D4BCEB5 (ThreatTrack Security) <==== ATTENTION
      HKLM\ DisallowedCertificates: 9E3F95577B37C74CA2F70C1E1859E798B7FC6B13 (CURIOLAB S.M.B.A.) <==== ATTENTION
      HKLM\ DisallowedCertificates: A1F8DCB086E461E2ABB4B46ADCFA0B48C58B6E99 (Avira Operations GmbH & Co. KG) <==== ATTENTION
      HKLM\ DisallowedCertificates: A5341949ABE1407DD7BF7DFE75460D9608FBC309 (BullGuard Ltd) <==== ATTENTION
      HKLM\ DisallowedCertificates: A59CC32724DD07A6FC33F7806945481A2D13CA2F (ESET) <==== ATTENTION
      HKLM\ DisallowedCertificates: AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947 (AVG Technologies CZ) <==== ATTENTION
      HKLM\ DisallowedCertificates: AD4C5429E10F4FF6C01840C20ABA344D7401209F (Avast Antivirus/Software) <==== ATTENTION
      HKLM\ DisallowedCertificates: AD96BB64BA36379D2E354660780C2067B81DA2E0 (Symantec Corporation) <==== ATTENTION
      HKLM\ DisallowedCertificates: CDC37C22FE9272D8F2610206AD397A45040326B8 (Trend Micro) <==== ATTENTION
      HKLM\ DisallowedCertificates: D3F78D747E7C5D6D3AE8ABFDDA7522BFB4CBD598 (Kaspersky Lab) <==== ATTENTION
      HKLM\ DisallowedCertificates: DB303C9B61282DE525DC754A535CA2D6A9BD3D87 (ThreatTrack Security) <==== ATTENTION
      HKLM\ DisallowedCertificates: DB77E5CFEC34459146748B667C97B185619251BA (Avast Antivirus/Software) <==== ATTENTION
      HKLM\ DisallowedCertificates: E22240E837B52E691C71DF248F12D27F96441C00 (Total Defense, Inc.) <==== ATTENTION
      HKLM\ DisallowedCertificates: E513EAB8610CFFD7C87E00BCA15C23AAB407FCEF (AVG Technologies CZ) <==== ATTENTION
      HKLM\ DisallowedCertificates: ED841A61C0F76025598421BC1B00E24189E68D54 (Bitdefender SRL) <==== ATTENTION
      HKLM\ DisallowedCertificates: F83099622B4A9F72CB5081F742164AD1B8D048C9 (ESET) <==== ATTENTION
      HKLM\ DisallowedCertificates: FBB42F089AF2D570F2BF6F493D107A3255A9BB1A (Panda Security S.L) <==== ATTENTION
      HKLM\ DisallowedCertificates: FFFA650F2CB2ABC0D80527B524DD3F9FC172C138 (Doctor Web Ltd.) <==== ATTENTION
      HKU\S-1-5-21-1786290276-262488355-3525370003-1001\...\Run: [Spotify Web Helper] => C:\Users\gimenam\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1560176 2017-05-28] (Spotify Ltd)
      HKU\S-1-5-21-1786290276-262488355-3525370003-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9803992 2017-06-13] (Piriform Ltd)
      HKU\S-1-5-21-1786290276-262488355-3525370003-1001\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [9803992 2017-06-13] (Piriform Ltd)
      HKU\S-1-5-21-1786290276-262488355-3525370003-1001\...\Run: [Spotify] => C:\Users\gimenam\AppData\Roaming\Spotify\Spotify.exe [7009904 2017-05-28] (Spotify Ltd)
      Startup: C:\Users\gimenam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-05-25]
      ShortcutTarget: MEGAsync.lnk -> C:\Users\gimenam\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
      Tcpip\Parameters: [DhcpNameServer] 192.168.90.1 192.168.23.1
      Tcpip\..\Interfaces\{1E5D5AD2-2017-4E00-A286-D295D6E9CA17}: [DhcpNameServer] 192.168.90.1 192.168.23.1
      Tcpip\..\Interfaces\{9907E684-B6B3-43FF-9B9A-5EDFDB74ECBF}: [DhcpNameServer] 164.124.101.2 168.126.63.2

      Internet Explorer:
      ==================
      HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Google
      HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Google
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = Google
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Google
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = Google
      BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-10] (Qualcomm Atheros Commnucations)
      BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-06-02] (Oracle Corporation)
      BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-02] (Oracle Corporation)
      StartMenuInternet: IEXPLORE.EXE - iexplore.exe

      FireFox:
      ========
      FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll [2013-01-24] ( Microsoft Corporation)
      FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
      FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
      FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-02] (Oracle Corporation)
      FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-02] (Oracle Corporation)
      FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll [2013-01-24] ( Microsoft Corporation)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-10] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-10] (Google Inc.)

      Chrome:
      =======
      CHR HomePage: Default -> hxxps://www.google.com/
      CHR Profile: C:\Users\gimenam\AppData\Local\Google\Chrome\User Data\Default [2017-07-08]
      CHR Extension: (Presentaciones de Google) - C:\Users\gimenam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-06-10]
      CHR Extension: (Google Docs) - C:\Users\gimenam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-06-10]
      CHR Extension: (Google Drive) - C:\Users\gimenam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-10]
      CHR Extension: (YouTube) - C:\Users\gimenam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-10]
      CHR Extension: (Documentos de Google sin conexión) - C:\Users\gimenam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-10]
      CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\gimenam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-06-10]
      CHR Extension: (Gmail) - C:\Users\gimenam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-10]
      CHR Extension: (Chrome Media Router) - C:\Users\gimenam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-10]
      CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
      CHR HKU\S-1-5-21-1786290276-262488355-3525370003-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-18] ()
      R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations) [File not signed]
      R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]
      S2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-08-16] (Intel Corporation) [File not signed]
      R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
      S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
      S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
      R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-10] (Atheros) [File not signed]

      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
      S3 BthMtpEnum; C:\Windows\system32\DRIVERS\BthMtpEnum.sys [64512 2012-07-25] (Microsoft Corporation)
      S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2017-02-02] (LogMeIn Inc.)
      R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
      R1 VBoxUSBMon; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [127432 2017-02-19] (BigNox Corporation)
      S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Corporation)
      S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation)

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-07-08 18:42 - 2017-07-08 18:42 - 00016534 _____ C:\Users\gimenam\Desktop\FRST.txt
      2017-07-08 18:41 - 2017-07-08 18:42 - 00000000 ____D C:\FRST
      2017-07-08 18:39 - 2017-07-08 18:38 - 02437120 _____ (Farbar) C:\Users\gimenam\Desktop\FRST64.exe
      2017-07-08 18:37 - 2017-07-08 18:38 - 02437120 _____ (Farbar) C:\Users\gimenam\Downloads\FRST64.exe
      2017-07-08 18:22 - 2017-07-08 18:28 - 00000000 ____D C:\AdwCleaner
      2017-07-08 18:20 - 2017-07-08 18:19 - 04102600 _____ C:\Users\gimenam\Desktop\AdwCleaner.exe
      2017-07-08 18:18 - 2017-07-08 18:19 - 04102600 _____ C:\Users\gimenam\Downloads\AdwCleaner.exe
      2017-07-08 17:26 - 2017-07-08 18:29 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
      2017-07-08 17:20 - 2017-07-08 17:20 - 00000000 ____D C:\Users\gimenam\Desktop\mbar-1.09.3.1001
      2017-07-08 17:20 - 2017-07-08 17:19 - 16563352 _____ (Malwarebytes Corp.) C:\Users\gimenam\Desktop\mbar-1.09.3.1001.exe
      2017-07-08 17:15 - 2017-07-08 17:19 - 16563352 _____ (Malwarebytes Corp.) C:\Users\gimenam\Downloads\mbar-1.09.3.1001.exe
      2017-07-06 21:04 - 2017-07-06 21:04 - 00058557 _____ C:\Users\gimenam\Downloads\DEFziimWsAUZLEi.jpg-large
      2017-07-06 18:44 - 2017-07-06 18:44 - 03627336 _____ (AVG Technologies CZ, s.r.o.) C:\Users\gimenam\Downloads\AVG_Protection_Free_698.exe
      2017-07-06 18:26 - 2017-07-06 18:29 - 06654960 _____ (AVAST Software) C:\Users\gimenam\Downloads\avast_free_antivirus_setup_online_cnet_2.exe
      2017-07-06 17:43 - 2017-07-06 17:44 - 08568160 _____ (AVAST Software) C:\Users\gimenam\Downloads\avastclear.exe
      2017-07-06 16:38 - 2017-07-06 16:39 - 09599704 _____ (Piriform Ltd) C:\Users\gimenam\Downloads\ccsetup531pro.exe
      2017-06-27 05:10 - 2017-07-06 16:36 - 00000000 ____D C:\Windows.old
      2017-06-27 04:25 - 2017-06-27 04:26 - 00117760 _____ C:\Windows\Manager.exe
      2017-06-27 04:19 - 2017-06-27 04:19 - 00018432 _____ C:\Users\gimenam\AppData\Local\Main.dat
      2017-06-27 04:18 - 2017-06-27 04:19 - 00000000 ____D C:\ProgramData\Package Cache
      2017-06-27 04:16 - 2017-06-27 04:16 - 00140800 _____ C:\Users\gimenam\AppData\Local\installer.dat
      2017-06-27 04:15 - 2017-06-27 04:43 - 00000000 ____D C:\Program Files (x86)\Retreive
      2017-06-27 04:13 - 2017-06-27 04:13 - 00016742 _____ C:\Windows\System32\Tasks\TN DVD Video Converter
      2017-06-27 04:12 - 2017-06-27 04:12 - 00016760 _____ C:\Windows\System32\Tasks\IMComprease Italian Purch
      2017-06-27 04:08 - 2017-06-27 10:26 - 01955840 ___SH C:\ProgramData\dbg.dll
      2017-06-27 03:14 - 2017-06-27 04:37 - 00003162 _____ C:\Windows\System32\Tasks\163c5b06b9d7dca4cf438960377a7751
      2017-06-25 11:41 - 2017-06-25 11:41 - 00051626 _____ C:\Windows\uninstaller.dat
      2017-06-18 03:21 - 2017-06-18 03:21 - 00000000 ____D C:\Users\gimenam\Downloads\CJB Item Spawner 1.8-93-1-8
      2017-06-18 03:20 - 2017-06-18 03:20 - 00030289 _____ C:\Users\gimenam\Downloads\CJB Item Spawner 1.8-93-1-8.zip
      2017-06-14 02:01 - 2016-03-27 23:14 - 00000000 ____D C:\Users\gimenam\Downloads\Dark-Haired Leah v2
      2017-06-14 01:57 - 2017-06-14 01:57 - 00011272 _____ C:\Users\gimenam\Downloads\Dark-Haired Leah v2-200-2-0.rar
      2017-06-13 15:28 - 2017-06-13 15:29 - 00000000 ____D C:\Users\gimenam\Downloads\Stardew Valley v1.2.30
      2017-06-13 14:00 - 2017-06-13 14:00 - 00000000 ____D C:\Users\gimenam\Downloads\Natural Color - Reshade-1213-3-0 (1)
      2017-06-13 13:59 - 2017-06-13 14:00 - 00861786 _____ C:\Users\gimenam\Downloads\Natural Color - Reshade-1213-3-0 (1).zip
      2017-06-13 13:52 - 2017-06-13 13:52 - 00006226 _____ C:\Users\gimenam\Downloads\blwonderland - Sam-1209-1-0 (1).zip
      2017-06-13 04:23 - 2017-06-13 04:23 - 00226183 _____ C:\Users\gimenam\Downloads\Modern Farm Buildings by Ali-1125-.rar
      2017-06-13 04:17 - 2017-06-13 04:17 - 00000000 ____D C:\Users\gimenam\Downloads\Buildings
      2017-06-13 04:15 - 2017-06-13 04:15 - 00000000 ____D C:\Users\gimenam\Downloads\Farmer
      2017-06-13 04:13 - 2017-06-13 04:13 - 00000000 ____D C:\Users\gimenam\Downloads\Characters
      2017-06-13 04:11 - 2017-06-13 04:11 - 00006226 _____ C:\Users\gimenam\Downloads\blwonderland - Sam-1209-1-0.zip
      2017-06-13 04:11 - 2017-06-13 04:11 - 00000000 ____D C:\Users\gimenam\Downloads\blwonderland - Sam-1209-1-0
      2017-06-13 04:11 - 2016-03-15 22:03 - 00006080 _____ C:\Users\gimenam\Downloads\Sam.xnb
      2017-06-13 04:08 - 2017-06-13 04:08 - 00214781 _____ C:\Users\gimenam\Downloads\Farmhouses and Stalbe Appearance-1210-1-0.zip
      2017-06-13 04:08 - 2017-06-13 04:08 - 00000000 ____D C:\Users\gimenam\Downloads\Farmhouses and Stalbe Appearance-1210-1-0
      2017-06-13 04:06 - 2017-06-13 04:06 - 00000000 ____D C:\Users\gimenam\Downloads\Fox Terrier-125-1-0
      2017-06-13 04:06 - 2017-06-13 04:06 - 00000000 ____D C:\Users\gimenam\Downloads\Animals
      2017-06-13 04:05 - 2017-06-13 04:05 - 00000000 ____D C:\Users\gimenam\Downloads\Rainbow Unicorn-8-1
      2017-06-13 04:04 - 2017-06-13 04:04 - 00004032 _____ C:\Users\gimenam\Downloads\Rainbow Unicorn-8-1.zip
      2017-06-13 04:04 - 2016-03-07 19:14 - 00000288 _____ C:\Users\gimenam\Downloads\readme.txt
      2017-06-13 04:04 - 2016-03-06 19:29 - 00003634 _____ C:\Users\gimenam\Downloads\horse.xnb
      2017-06-13 04:03 - 2017-06-13 04:03 - 00004122 _____ C:\Users\gimenam\Downloads\Fox Terrier-125-1-0.zip
      2017-06-13 03:40 - 2017-06-13 03:41 - 00861786 _____ C:\Users\gimenam\Downloads\Natural Color - Reshade-1213-3-0.zip
      2017-06-13 03:20 - 2017-05-03 12:58 - 00000000 ____D C:\Users\gimenam\Downloads\SMAPI 1.12
      2017-06-13 03:13 - 2017-04-05 14:49 - 00000000 ____D C:\Users\gimenam\Downloads\SMAPI 1.9
      2017-06-13 03:12 - 2017-06-13 03:13 - 01412952 _____ C:\Users\gimenam\Downloads\SMAPI-1.9.zip
      2017-06-13 03:07 - 2017-06-13 03:07 - 01799290 _____ C:\Users\gimenam\Downloads\SMAPI-1.12.zip
      2017-06-13 03:00 - 2017-06-13 03:00 - 00004665 _____ C:\Users\gimenam\Downloads\NoFenceDecay-1180-1-0-0.zip
      2017-06-13 02:23 - 2017-07-06 13:36 - 00000000 ____D C:\Users\gimenam\AppData\Roaming\StardewValley
      2017-06-13 00:21 - 2017-06-13 02:12 - 342731988 _____ C:\Users\gimenam\Downloads\Stardew Valley v1.2.30.rar
      2017-06-10 14:48 - 2017-07-08 18:07 - 00002254 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2017-06-10 14:36 - 2017-06-10 14:36 - 00003532 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
      2017-06-10 14:36 - 2017-06-10 14:36 - 00003404 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
      2017-06-10 14:13 - 2017-07-06 16:42 - 00000829 _____ C:\Users\Public\Desktop\CCleaner.lnk
      2017-06-10 14:13 - 2017-07-06 16:42 - 00000000 ____D C:\Program Files\CCleaner
      2017-06-10 14:13 - 2017-06-10 14:13 - 00002796 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
      2017-06-10 14:13 - 2017-06-10 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
      2017-06-10 12:32 - 2017-07-08 17:23 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
      2017-06-10 12:31 - 2017-07-08 18:29 - 00252832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
      2017-06-10 12:31 - 2017-06-10 12:31 - 00113592 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
      2017-06-10 12:31 - 2017-06-10 12:31 - 00093600 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
      2017-06-10 12:31 - 2017-06-10 12:31 - 00044960 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
      2017-06-10 12:31 - 2017-06-10 12:31 - 00001874 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
      2017-06-10 12:31 - 2017-06-10 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
      2017-06-10 12:31 - 2017-05-25 11:58 - 00077376 _____ C:\Windows\system32\Drivers\mbae64.sys
      2017-06-10 12:30 - 2017-07-08 17:26 - 00000000 ____D C:\ProgramData\Malwarebytes
      2017-06-10 12:30 - 2017-06-10 12:30 - 00000000 ____D C:\Program Files\Malwarebytes
      2017-06-09 23:41 - 2017-06-09 23:40 - 01036912 ____N C:\Users\gimenam\Downloads\ChromeSetup.rar
      2017-06-09 11:32 - 2017-06-10 01:27 - 00000000 ____D C:\Users\gimenam\AppData\Local\Deployment
      2017-06-08 23:34 - 2017-06-11 08:20 - 00000047 _____ C:\Users\gimenam\AppData\LocalLow\rbxcsettings.rbx
      2017-06-08 23:34 - 2017-06-08 23:34 - 00000000 ____D C:\Program Files (x86)\Roblox

      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-07-08 18:29 - 2012-07-26 04:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
      2017-07-08 18:27 - 2017-05-12 06:28 - 00000000 ____D C:\Windows\system32\log
      2017-07-08 18:12 - 2012-07-26 05:12 - 00000000 ____D C:\Windows\system32\NDF
      2017-07-08 07:38 - 2017-02-07 17:34 - 00000000 ____D C:\Users\gimenam\AppData\Local\CrashDumps
      2017-07-08 03:34 - 2017-05-19 19:00 - 00000000 ____D C:\Users\gimenam\AppData\Local\Spotify
      2017-07-08 03:31 - 2017-05-19 18:44 - 00000000 ____D C:\Users\gimenam\AppData\Roaming\Spotify
      2017-07-06 17:57 - 2012-07-26 02:37 - 00000000 ____D C:\Windows\Inf
      2017-07-06 17:47 - 2015-02-07 00:45 - 00000000 ____D C:\ProgramData\AVAST Software
      2017-07-06 17:45 - 2012-07-26 02:26 - 00262144 ___SH C:\Windows\system32\config\BBI
      2017-07-06 16:56 - 2012-07-26 02:37 - 00000000 ____D C:\Program Files\TN DVD Video Converter
      2017-07-06 16:56 - 2012-07-26 02:37 - 00000000 ____D C:\Program Files\IMComprease Italian Purch
      2017-07-02 14:29 - 2015-02-14 02:15 - 00000000 ____D C:\Windows\system32\MRT
      2017-07-02 14:18 - 2013-04-11 17:45 - 133627792 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
      2017-07-01 13:17 - 2014-08-30 19:14 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1786290276-262488355-3525370003-1001
      2017-06-30 09:27 - 2012-07-26 05:12 - 00000000 ___HD C:\Program Files\WindowsApps
      2017-06-30 09:13 - 2012-07-26 05:12 - 00000000 ____D C:\Windows\AUInstallAgent
      2017-06-27 20:23 - 2015-02-07 07:10 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2017-06-27 20:23 - 2014-08-30 19:05 - 00001421 _____ C:\Users\gimenam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
      2017-06-10 14:48 - 2014-11-14 13:25 - 00000000 ____D C:\Program Files (x86)\Google
      2017-06-10 14:33 - 2017-05-25 01:37 - 00000000 ___RD C:\Users\gimenam\Documents\MEGA
      2017-06-10 02:50 - 2014-08-30 19:03 - 00000000 ____D C:\Users\gimenam
      2017-06-10 02:47 - 2017-06-02 00:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
      2017-06-10 02:47 - 2017-06-01 14:24 - 00000000 ____D C:\Users\Public\Documents\chrome
      2017-06-10 02:47 - 2017-02-18 10:58 - 00000000 ____D C:\Users\gimenam\AppData\LocalLow\Oracle
      2017-06-10 02:47 - 2013-04-11 16:21 - 00000000 ____D C:\Program Files (x86)\Qualcomm Atheros
      2017-06-10 02:46 - 2012-07-26 05:12 - 00000000 ____D C:\Windows\registration
      2017-06-10 02:45 - 2017-05-25 01:34 - 00000000 ____D C:\Users\gimenam\AppData\Local\MEGAsync
      2017-06-10 02:45 - 2012-07-26 05:12 - 00000000 ____D C:\Windows\rescache
      2017-06-10 02:44 - 2017-06-02 00:04 - 00000000 ____D C:\Program Files (x86)\Java
      2017-06-10 02:44 - 2014-11-14 13:25 - 00000000 ____D C:\Users\gimenam\AppData\Local\Google

      ==================== Files in the root of some directories =======

      2017-06-27 04:16 - 2017-06-27 04:16 - 0140800 _____ () C:\Users\gimenam\AppData\Local\installer.dat
      2017-06-27 04:19 - 2017-06-27 04:19 - 0018432 _____ () C:\Users\gimenam\AppData\Local\Main.dat
      2017-02-20 04:36 - 2016-11-23 10:37 - 0000570 _____ () C:\Users\gimenam\AppData\Local\TroubleshooterConfig.json
      2014-11-15 23:46 - 2014-11-15 23:46 - 0000000 _____ () C:\Users\gimenam\AppData\Local\{53CDB269-BDCD-4656-B5BE-B51D2E32D3E9}
      2017-03-07 01:09 - 2017-03-07 01:13 - 0000000 _____ () C:\Users\gimenam\AppData\Local\{F24495DD-4997-45B7-B229-BB845ED55AC0}
      2017-06-27 04:08 - 2017-06-27 10:26 - 1955840 ___SH () C:\ProgramData\dbg.dll

      Files to move or delete:
      ====================
      C:\ProgramData\dbg.dll


      Some zero byte size files/folders:
      ==========================
      C:\Windows\SysWOW64\lastpass_1337.exe

      ==================== Bamital & volsnap ======================

      (There is no automatic fix for files that do not pass verification.)

      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\SysWOW64\explorer.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\SysWOW64\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\SysWOW64\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\SysWOW64\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

      LastRegBack: 2017-07-06 13:18

      ==================== End of FRST.txt ============================

    7. #7
      Usuario Avatar de AlejandraGAG
      Registrado
      dic 2015
      Ubicación
      Argentina
      Mensajes
      38

      re: Malwarebytes! No funcionan los antivirus! (Solucionado)

      Farbar PARTE 2

      Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-07-2017
      Ran by gimenam (08-07-2017 18:44:24)
      Running from C:\Users\gimenam\Desktop
      Windows 8 Single Language (X64) (2014-08-30 22:03:48)
      Boot Mode: Normal
      ==========================================================


      ==================== Accounts: =============================

      Administrador (S-1-5-21-1786290276-262488355-3525370003-500 - Administrator - Disabled)
      gimenam (S-1-5-21-1786290276-262488355-3525370003-1001 - Administrator - Enabled) => C:\Users\gimenam
      Invitado (S-1-5-21-1786290276-262488355-3525370003-501 - Limited - Disabled)

      ==================== Security Center ========================

      (If an entry is included in the fixlist, it will be removed.)

      AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

      ==================== Installed Programs ======================

      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

      CCleaner (HKLM\...\CCleaner) (Version: 5.31 - Piriform)
      Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.86 - Google Inc.)
      Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
      Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
      Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
      Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
      Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
      Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
      Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
      Malwarebytes versión 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
      MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
      Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
      Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20125.0 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
      PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0069 - Pegatron Corporation)
      Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Nombre de su organización)
      Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
      Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
      Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.)
      Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
      Sidify Music Converter 1.1.1 (HKLM-x32\...\Sidify Music Converter) (Version: 1.1.1 - Sidify)
      Spotify (HKU\S-1-5-21-1786290276-262488355-3525370003-1001\...\Spotify) (Version: 1.0.55.487.g256699aa - Spotify AB)
      Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.12.12 - Synaptics Incorporated)
      WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

      ==================== Custom CLSID (Whitelisted): ==========================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      CustomCLSID: HKU\S-1-5-21-1786290276-262488355-3525370003-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-1786290276-262488355-3525370003-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-1786290276-262488355-3525370003-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-1786290276-262488355-3525370003-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-1786290276-262488355-3525370003-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-1786290276-262488355-3525370003-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
      ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\gimenam\AppData\Local\MEGAsync\ShellExtX64.dll [2017-04-26] ()
      ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\gimenam\AppData\Local\MEGAsync\ShellExtX64.dll [2017-04-26] ()
      ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\gimenam\AppData\Local\MEGAsync\ShellExtX64.dll [2017-04-26] ()
      ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
      ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
      ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\gimenam\AppData\Local\MEGAsync\ShellExtX32.dll [2017-04-26] ()
      ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\gimenam\AppData\Local\MEGAsync\ShellExtX32.dll [2017-04-26] ()
      ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\gimenam\AppData\Local\MEGAsync\ShellExtX32.dll [2017-04-26] ()
      ContextMenuHandlers01: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2012-08-10] (Qualcomm Atheros Commnucations)
      ContextMenuHandlers01: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\gimenam\AppData\Local\MEGAsync\ShellExtX64.dll [2017-04-26] ()
      ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal)
      ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
      ContextMenuHandlers03: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2012-08-10] (Qualcomm Atheros Commnucations)
      ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
      ContextMenuHandlers03: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\gimenam\AppData\Local\MEGAsync\ShellExtX64.dll [2017-04-26] ()
      ContextMenuHandlers04: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\gimenam\AppData\Local\MEGAsync\ShellExtX64.dll [2017-04-26] ()
      ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-08-03] (Intel Corporation)
      ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
      ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal)
      ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File

      ==================== Scheduled Tasks (Whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      Task: {2B24A328-3BB6-4717-A018-84FCC56ECC5A} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
      Task: {42362225-DE71-43EE-8275-31A687BFD622} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-10] (Google Inc.)
      Task: {4EEFEF5D-B49D-4212-A90E-CC49FC935127} - \Ckugotainatihupy -> No File <==== ATTENTION
      Task: {6AA19DB5-6C9F-44A5-B010-6F9CF2550745} - System32\Tasks\IMComprease Italian Purch => Rundll32.exe "C:\Program Files\IMComprease Italian Purch\IMComprease Italian Purch.dll",TGKlPXsAOY <==== ATTENTION
      Task: {7CA299A5-60FB-447A-AF3C-277F5CF16280} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-13] (Piriform Ltd)
      Task: {7FB425A3-2536-47BB-B11E-AB70E4D6364E} - System32\Tasks\{DC918F66-5DE0-4F98-AAC9-32E827D41289} => pcalua.exe -a C:\Users\gimenam\AppData\Local\{6320557C-4788-39C4-2A10-1C2C0E78E0B4}\uninst.exe -c -P=/Uninstall /s /noun /DelSelfDir
      Task: {ACC6539D-CC49-4418-A852-E2FA151743A8} - System32\Tasks\163c5b06b9d7dca4cf438960377a7751 => sc start 163c5b06b9d7dca4cf438960377a7751 <==== ATTENTION
      Task: {B249AF4C-9DC5-4FDB-847B-FBE44B3C258B} - System32\Tasks\Gerrutqwge Agent => C:\Program Files (x86)\Lomutherbagaied\daterfesh.exe
      Task: {D43CAFB1-1FA0-45FC-AFEE-FB63D22D846A} - System32\Tasks\TN DVD Video Converter => Rundll32.exe "C:\Program Files\TN DVD Video Converter\TN DVD Video Converter.dll",PLJNEKa <==== ATTENTION
      Task: {FA00CE65-FC13-48BB-B4BB-BD2E6166A56C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-10] (Google Inc.)

      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


      ==================== Shortcuts & WMI ========================

      (The entries could be listed to be restored or removed.)


      ==================== Loaded Modules (Whitelisted) ==============

      2013-04-11 16:22 - 2009-12-18 15:40 - 00104968 _____ () C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
      2013-04-11 16:22 - 2011-10-13 14:38 - 00156672 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
      2017-04-26 13:32 - 2017-04-26 13:32 - 00598528 _____ () C:\Users\gimenam\AppData\Local\MEGAsync\ShellExtX64.dll
      2013-04-11 16:22 - 2012-08-13 16:31 - 02603520 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
      2013-04-11 16:22 - 2010-01-12 17:36 - 00117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
      2013-04-11 16:22 - 2010-01-12 17:36 - 00121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
      2013-04-11 16:22 - 2012-01-12 17:58 - 00552960 _____ () C:\Program Files (x86)\PHotkey\PVDesktop.exe
      2013-04-11 16:22 - 2012-01-12 17:58 - 00477696 _____ () C:\Program Files (x86)\PHotkey\PVDAgent.exe
      2013-04-11 16:22 - 2012-03-27 20:48 - 03471872 _____ () C:\Program Files (x86)\PHotkey\POSD.exe
      2013-04-11 16:22 - 2012-08-08 18:10 - 07536128 _____ () C:\Program Files (x86)\PHotkey\GPMTray.exe
      2012-08-10 18:28 - 2012-08-10 18:28 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
      2012-08-10 18:22 - 2012-08-10 18:22 - 00021504 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\es-ES\BtTray.es-ES.dll
      2013-02-25 16:19 - 2012-08-03 14:34 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
      2013-04-11 16:22 - 2009-12-18 15:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
      2013-04-11 16:22 - 2009-12-18 15:41 - 00129544 _____ () C:\Program Files (x86)\PHotkey\GFNEX.dll
      2013-04-11 16:13 - 2012-06-25 14:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

      ==================== Alternate Data Streams (Whitelisted) =========

      (If an entry is included in the fixlist, only the ADS will be removed.)

      AlternateDataStreams: C:\ProgramData\TEMP:BC359956 [360]

      ==================== Safe Mode (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

      ==================== Association (Whitelisted) ===============

      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


      ==================== Internet Explorer trusted/restricted ===============

      (If an entry is included in the fixlist, it will be removed from the registry.)


      ==================== Hosts content: ==========================

      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

      2012-07-26 02:26 - 2017-06-28 19:41 - 00014377 _____ C:\Windows\system32\Drivers\etc\hosts

      127.0.0.1 plugpackdownload.net
      127.0.0.1 dscdn.pw
      127.0.0.1 wemsofts.com
      127.0.0.1 bongadoom.com
      127.0.0.1 wepcmainsystem.com
      127.0.0.1 internalcampaigntargets.com
      127.0.0.1 bongadoom.com
      127.0.0.1 getthefilenow.com
      127.0.0.1 bigpicturepop.com
      127.0.0.1 wizzcaster.com
      127.0.0.1 bestoffersfortoday.com
      127.0.0.1 wepcmainsystem.com
      127.0.0.1 agent.wizztrakys.com
      127.0.0.1 csdimonetize.com
      127.0.0.1 dl.azalee.site
      127.0.0.1 titiaredh.com
      127.0.0.1 wepcdisplaysystem.com
      127.0.0.1 wepcanalyticsystem.com
      127.0.0.1 healthydownload.com
      127.0.0.1 leading2download.com
      127.0.0.1 dwl0.wizzlabs.com
      127.0.0.1 dwl1.wizzlabs.com
      127.0.0.1 installpixel.com
      127.0.0.1 burningcube.ru
      127.0.0.1 mess1.wizzmonetize.com
      127.0.0.1 dl.azalee.site
      127.0.0.1 dl.smashdl.com
      127.0.0.1 downloadmyhost.com
      127.0.0.1 gf.tools.avast.com
      127.0.0.1 pair.ff.avast.com

      There are 358 more lines.


      ==================== Other Areas ============================

      (Currently there is no automatic fix for this section.)

      HKU\S-1-5-21-1786290276-262488355-3525370003-1001\Control Panel\Desktop\\Wallpaper -> C:\Alejandra\Alejandra\Teen Angels\TA Gracias.jpg
      DNS Servers: 192.168.90.1 - 192.168.23.1
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
      Windows Firewall is enabled.

      ==================== MSCONFIG/TASK MANAGER disabled items ==

      HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
      HKU\S-1-5-21-1786290276-262488355-3525370003-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
      HKU\S-1-5-21-1786290276-262488355-3525370003-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
      HKU\S-1-5-21-1786290276-262488355-3525370003-1001\...\StartupApproved\Run: => "Spotify"
      HKU\S-1-5-21-1786290276-262488355-3525370003-1001\...\StartupApproved\Run: => "Spotify Web Helper"

      ==================== FirewallRules (Whitelisted) ===============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      FirewallRules: [TCP Query User{F5CEB375-6D2F-4B5C-9F87-4497468B9BA4}C:\users\gimenam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gimenam\appdata\roaming\spotify\spotify.exe
      FirewallRules: [UDP Query User{E1FC573C-715C-4B92-8200-3D7351036FBA}C:\users\gimenam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gimenam\appdata\roaming\spotify\spotify.exe
      FirewallRules: [TCP Query User{F5803145-5734-4D1B-8F1F-2A57DA9D8DA8}C:\users\gimenam\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\gimenam\appdata\roaming\spotify\spotify.exe
      FirewallRules: [UDP Query User{CDD8D58A-93E4-4B9B-B5B4-4FFF3775CF1B}C:\users\gimenam\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\gimenam\appdata\roaming\spotify\spotify.exe
      FirewallRules: [TCP Query User{DEC4882C-8A40-4C1D-AC8D-F63661EE72B9}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
      FirewallRules: [UDP Query User{B821A0A6-1487-49F8-85D3-C65D79BD2F49}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
      FirewallRules: [{BF97D50D-E9A6-41EB-AAFD-DBD24B13B55F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      FirewallRules: [{5B04D30E-7EB2-4D00-81CE-A34DC7B3BACD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      FirewallRules: [TCP Query User{DF13275F-7A75-404C-B5F7-37758A6B1EA3}C:\users\gimenam\downloads\stardew valley v1.2.30\stardew valley.exe] => (Allow) C:\users\gimenam\downloads\stardew valley v1.2.30\stardew valley.exe
      FirewallRules: [UDP Query User{39613BDE-D44C-4D9D-A21D-C10E30D96B2E}C:\users\gimenam\downloads\stardew valley v1.2.30\stardew valley.exe] => (Allow) C:\users\gimenam\downloads\stardew valley v1.2.30\stardew valley.exe
      FirewallRules: [{2E109835-FD8E-4A7C-BCAB-1772A5757518}] => (Allow) C:\Windows\system32\rundll32.exe
      FirewallRules: [{060B7E48-77AE-45E7-A364-AA5BCE922BA0}] => (Allow) C:\Windows\System32\rundll32.exe
      FirewallRules: [{9C92B593-8974-4DCF-BEB7-EC1739A6D474}] => (Allow) C:\Windows\System32\rundll32.exe
      FirewallRules: [{6CC52712-915A-4E41-9175-0D11FB493A1A}] => (Allow) C:\Windows\System32\rundll32.exe
      FirewallRules: [{AE9AB47E-C188-497D-A7EA-4D6BD4A459EF}] => (Allow) C:\Windows\System32\rundll32.exe

      ==================== Restore Points =========================

      10-06-2017 14:18:11 Removed AlphaGo
      20-06-2017 21:27:59 Punto de control programado
      27-06-2017 04:14:05 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660
      27-06-2017 04:31:22 Removed Online Application
      02-07-2017 1405 Windows Update
      08-07-2017 18:06:58 Malwarebytes Anti-Rootkit Restore Point

      ==================== Faulty Device Manager Devices =============

      Name: Adaptador de tunelización Teredo de Microsoft
      Description: Adaptador de tunelización Teredo de Microsoft
      Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
      Manufacturer: Microsoft
      Service: tunnel
      Problem: : This device cannot start. (Code10)
      Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
      On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


      ==================== Event log errors: =========================

      Application errors:
      ==================
      Error: (07/08/2017 06:33:30 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
      Description: Error de la activación de licencia (slui.exe) con el siguiente código:
      hr=0x80070057
      Argumentos de línea de comandos:
      RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a25f4cc7-4bd1-4124-a4b8-4e6508dbbab8;NotificationInterval=1440;Trigger=NetworkAvailable

      Error: (07/08/2017 06:32:28 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: IAStorDataMgrSvc.exe, versión: 11.5.4.1001, marca de tiempo: 0x502d5a1d
      Nombre del módulo con errores: KERNELBASE.dll, versión: 6.2.9200.17366, marca de tiempo: 0x554d16f6
      Código de excepción: 0xe0434352
      Desplazamiento de errores: 0x00010192
      Identificador del proceso con errores: 0xf08
      Hora de inicio de la aplicación con errores: 0x01d2f8319c34c478
      Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
      Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\KERNELBASE.dll
      Identificador del informe: f049f55e-6424-11e7-bef4-dc85de8798d8
      Nombre completo del paquete con errores:
      Identificador de aplicación relativa del paquete con errores:

      Error: (07/08/2017 06:32:25 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
      Description: Aplicación: IAStorDataMgrSvc.exe
      Versión de Framework: v4.0.30319
      Descripción: el proceso terminó debido a una excepción no controlada.
      Información de la excepción: System.FormatException
      Pila:
      en System.Text.StringBuilder.AppendFormat(System.IFormatProvider, System.String, System.Object[])
      en System.String.Format(System.IFormatProvider, System.String, System.Object[])
      en IAStorDataMgr.EventRelay.formatStrings(System.String, System.Object[])
      en IAStorDataMgr.EventRelay.translateEventType(IAStorUtil.Events.DiskEventArgs, IAStorUtil.LogLevel)
      en IAStorDataMgr.EventRelay.SDM_ComprehensiveHandler(System.Object, IAStorUtil.Events.ComprehensiveEventArgs)
      en IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
      en IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
      en IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
      en System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
      en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
      en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
      en System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
      en System.Threading.ThreadPoolWorkQueue.Dispatch()
      en System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

      Error: (07/08/2017 06:32:25 PM) (Source: IAStorDataMgrSvc) (EventID: 7001) (User: )
      Description: Internal program error: missing resource string DM_1_0_7

      Error: (07/08/2017 06:30:56 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
      Description: Error de la activación de licencia (slui.exe) con el siguiente código:
      hr=0x80070057
      Argumentos de línea de comandos:
      RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a25f4cc7-4bd1-4124-a4b8-4e6508dbbab8;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

      Error: (07/08/2017 06:14:07 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
      Description: Error de la activación de licencia (slui.exe) con el siguiente código:
      hr=0x80070057
      Argumentos de línea de comandos:
      RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a25f4cc7-4bd1-4124-a4b8-4e6508dbbab8;NotificationInterval=1440;Trigger=NetworkAvailable

      Error: (07/08/2017 06:13:01 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: IAStorDataMgrSvc.exe, versión: 11.5.4.1001, marca de tiempo: 0x502d5a1d
      Nombre del módulo con errores: KERNELBASE.dll, versión: 6.2.9200.17366, marca de tiempo: 0x554d16f6
      Código de excepción: 0xe0434352
      Desplazamiento de errores: 0x00010192
      Identificador del proceso con errores: 0xc70
      Hora de inicio de la aplicación con errores: 0x01d2f82ebc875770
      Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
      Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\KERNELBASE.dll
      Identificador del informe: 391e7b26-6422-11e7-bef3-dc85de8798d8
      Nombre completo del paquete con errores:
      Identificador de aplicación relativa del paquete con errores:

      Error: (07/08/2017 06:12:58 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
      Description: Aplicación: IAStorDataMgrSvc.exe
      Versión de Framework: v4.0.30319
      Descripción: el proceso terminó debido a una excepción no controlada.
      Información de la excepción: System.FormatException
      Pila:
      en System.Text.StringBuilder.AppendFormat(System.IFormatProvider, System.String, System.Object[])
      en System.String.Format(System.IFormatProvider, System.String, System.Object[])
      en IAStorDataMgr.EventRelay.formatStrings(System.String, System.Object[])
      en IAStorDataMgr.EventRelay.translateEventType(IAStorUtil.Events.DiskEventArgs, IAStorUtil.LogLevel)
      en IAStorDataMgr.EventRelay.SDM_ComprehensiveHandler(System.Object, IAStorUtil.Events.ComprehensiveEventArgs)
      en IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
      en IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
      en IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
      en System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
      en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
      en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
      en System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
      en System.Threading.ThreadPoolWorkQueue.Dispatch()
      en System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

      Error: (07/08/2017 06:12:58 PM) (Source: IAStorDataMgrSvc) (EventID: 7001) (User: )
      Description: Internal program error: missing resource string DM_1_0_7

      Error: (07/08/2017 06:11:39 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
      Description: Error de la activación de licencia (slui.exe) con el siguiente código:
      hr=0x80070057
      Argumentos de línea de comandos:
      RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a25f4cc7-4bd1-4124-a4b8-4e6508dbbab8;NotificationInterval=1440;Trigger=UserLogon;SessionId=1


      System errors:
      =============
      Error: (07/08/2017 06:34:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio Tecnología de almacenamiento Intel(R) Rapid se terminó de manera inesperada. Esto ha sucedido 1 veces.

      Error: (07/08/2017 06:28:02 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
      Description: El Administrador de control de servicios intentó realizar una acción correctora (Reiniciar el servicio) después de la terminación inesperada del servicio Windows Search, pero ocurrió el siguiente error:
      Ya se está ejecutando una instancia de este servicio.

      Error: (07/08/2017 06:27:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio Intel(R) Management and Security Application User Notification Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

      Error: (07/08/2017 06:27:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio Windows Search terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

      Error: (07/08/2017 06:27:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio Intel(R) Dynamic Application Loader Host Interface Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

      Error: (07/08/2017 06:27:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio Intel(R) Capability Licensing Service Interface terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.

      Error: (07/08/2017 06:27:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio AtherosSvc se terminó de manera inesperada. Esto ha sucedido 1 veces.

      Error: (07/08/2017 06:27:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio Cola de impresión terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 5000 milisegundos: Reiniciar el servicio.

      Error: (07/08/2017 06:27:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio GFNEX Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

      Error: (07/08/2017 06:27:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio ASLDR Service se terminó de manera inesperada. Esto ha sucedido 1 veces.


      ==================== Memory info ===========================

      Processor: Intel(R) Celeron(R) CPU B820 @ 1.70GHz
      Percentage of memory in use: 51%
      Total physical RAM: 1926.69 MB
      Available physical RAM: 935.13 MB
      Total Virtual: 3590.69 MB
      Available Virtual: 2579.82 MB

      ==================== Drives ================================

      Drive c: (Windows) (Fixed) (Total:282.77 GB) (Free:176.42 GB) NTFS

      ==================== MBR & Partition Table ==================

      ========================================================
      Disk: 0 (Size: 298.1 GB) (Disk ID: A08C84EB)

      Partition: GPT.

      ==================== End of Addition.txt ============================

    8. #8
      Warrior Avatar de @Miguelgrado
      Registrado
      dic 2005
      Ubicación
      Asturias-España
      Mensajes
      18.142

      re: Malwarebytes! No funcionan los antivirus! (Solucionado)

      Realiza lo siguiente por favor:

      En el equipo con los demas programas cerrados:
      Inicio >>> Ejecutar >>>Escribes notepad.exe.

      Ahora copia y pega estos archivos dentro del Notepad: (Se excluye la palabra código)
      Código:
      Start
      CreateRestorePoint:
      CloseProcesses:
      
      HKLM\ DisallowedCertificates: 03D22C9C66915D58C88912B64C1F984B8344EF09 (Comodo Security Solutions) <==== ATTENTION
      HKLM\ DisallowedCertificates: 0F684EC1163281085C6AF20528878103ACEFCAAB (F-Secure Corporation) <==== ATTENTION
      HKLM\ DisallowedCertificates: 1667908C9E22EFBD0590E088715CC74BE4C60884 (FRISK Software International/F-Prot) <==== ATTENTION
      HKLM\ DisallowedCertificates: 18DEA4EFA93B06AE997D234411F3FD72A677EECE (Bitdefender SRL) <==== ATTENTION
      HKLM\ DisallowedCertificates: 2026D13756EB0DB753DF26CB3B7EEBE3E70BB2CF (G DATA Software AG) <==== ATTENTION
      HKLM\ DisallowedCertificates: 31AC96A6C17C425222C46D55C3CCA6BA12E54DAF (Symantec Corporation) <==== ATTENTION
      HKLM\ DisallowedCertificates: 331E2046A1CCA7BFEF766724394BE6112B4CA3F7 (Trend Micro) <==== ATTENTION
      HKLM\ DisallowedCertificates: 3353EA609334A9F23A701B9159E30CB6C22D4C59 (Webroot Inc.) <==== ATTENTION
      HKLM\ DisallowedCertificates: 373C33726722D3A5D1EDD1F1585D5D25B39BEA1A (SUPERAntiSpyware.com) <==== ATTENTION
      HKLM\ DisallowedCertificates: 3850EDD77CC74EC9F4829AE406BBF9C21E0DA87F (Kaspersky Lab) <==== ATTENTION
      HKLM\ DisallowedCertificates: 3D496FA682E65FC122351EC29B55AB94F3BB03FC (AVG Technologies CZ) <==== ATTENTION
      HKLM\ DisallowedCertificates: 4243A03DB4C3C15149CEA8B38EEA1DA4F26BD159 (PC Tools) <==== ATTENTION
      HKLM\ DisallowedCertificates: 42727E052C0C2E1B35AB53E1005FD9EDC9DE8F01 (K7 Computing Pvt Ltd) <==== ATTENTION
      HKLM\ DisallowedCertificates: 4420C99742DF11DD0795BC15B7B0ABF090DC84DF (Doctor Web Ltd.) <==== ATTENTION
      HKLM\ DisallowedCertificates: 4C0AF5719009B7C9D85C5EAEDFA3B7F090FE5FFF (Emsisoft Ltd) <==== ATTENTION
      HKLM\ DisallowedCertificates: 5240AB5B05D11B37900AC7712A3C6AE42F377C8C (Check Point Software Technologies Ltd.) <==== ATTENTION
      HKLM\ DisallowedCertificates: 5DD3D41810F28B2A13E9A004E6412061E28FA48D (Emsisoft Ltd) <==== ATTENTION
      HKLM\ DisallowedCertificates: 7457A3793086DBB58B3858D6476889E3311E550E (K7 Computing Pvt Ltd) <==== ATTENTION
      HKLM\ DisallowedCertificates: 76A9295EF4343E12DFC5FE05DC57227C1AB00D29 (BullGuard Ltd) <==== ATTENTION
      HKLM\ DisallowedCertificates: 775B373B33B9D15B58BC02B184704332B97C3CAF (McAfee) <==== ATTENTION
      HKLM\ DisallowedCertificates: 872CD334B7E7B3C3D1C6114CD6B221026D505EAB (Comodo Security Solutions) <==== ATTENTION
      HKLM\ DisallowedCertificates: 88AD5DFE24126872B33175D1778687B642323ACF (McAfee) <==== ATTENTION
      HKLM\ DisallowedCertificates: 9132E8B079D080E01D52631690BE18EBC2347C1E (Adaware Software) <==== ATTENTION
      HKLM\ DisallowedCertificates: 982D98951CF3C0CA2A02814D474A976CBFF6BDB1 (Safer Networking Ltd.) <==== ATTENTION
      HKLM\ DisallowedCertificates: 9A08641F7C5F2CCA0888388BE3E5DBDDAAA3B361 (Webroot Inc.) <==== ATTENTION
      HKLM\ DisallowedCertificates: 9C43F665E690AB4D486D4717B456C5554D4BCEB5 (ThreatTrack Security) <==== ATTENTION
      HKLM\ DisallowedCertificates: 9E3F95577B37C74CA2F70C1E1859E798B7FC6B13 (CURIOLAB S.M.B.A.) <==== ATTENTION
      HKLM\ DisallowedCertificates: A1F8DCB086E461E2ABB4B46ADCFA0B48C58B6E99 (Avira Operations GmbH & Co. KG) <==== ATTENTION
      HKLM\ DisallowedCertificates: A5341949ABE1407DD7BF7DFE75460D9608FBC309 (BullGuard Ltd) <==== ATTENTION
      HKLM\ DisallowedCertificates: A59CC32724DD07A6FC33F7806945481A2D13CA2F (ESET) <==== ATTENTION
      HKLM\ DisallowedCertificates: AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947 (AVG Technologies CZ) <==== ATTENTION
      HKLM\ DisallowedCertificates: AD4C5429E10F4FF6C01840C20ABA344D7401209F (Avast Antivirus/Software) <==== ATTENTION
      HKLM\ DisallowedCertificates: AD96BB64BA36379D2E354660780C2067B81DA2E0 (Symantec Corporation) <==== ATTENTION
      HKLM\ DisallowedCertificates: CDC37C22FE9272D8F2610206AD397A45040326B8 (Trend Micro) <==== ATTENTION
      HKLM\ DisallowedCertificates: D3F78D747E7C5D6D3AE8ABFDDA7522BFB4CBD598 (Kaspersky Lab) <==== ATTENTION
      HKLM\ DisallowedCertificates: DB303C9B61282DE525DC754A535CA2D6A9BD3D87 (ThreatTrack Security) <==== ATTENTION
      HKLM\ DisallowedCertificates: DB77E5CFEC34459146748B667C97B185619251BA (Avast Antivirus/Software) <==== ATTENTION
      HKLM\ DisallowedCertificates: E22240E837B52E691C71DF248F12D27F96441C00 (Total Defense, Inc.) <==== ATTENTION
      HKLM\ DisallowedCertificates: E513EAB8610CFFD7C87E00BCA15C23AAB407FCEF (AVG Technologies CZ) <==== ATTENTION
      HKLM\ DisallowedCertificates: ED841A61C0F76025598421BC1B00E24189E68D54 (Bitdefender SRL) <==== ATTENTION
      HKLM\ DisallowedCertificates: F83099622B4A9F72CB5081F742164AD1B8D048C9 (ESET) <==== ATTENTION
      HKLM\ DisallowedCertificates: FBB42F089AF2D570F2BF6F493D107A3255A9BB1A (Panda Security S.L) <==== ATTENTION
      HKLM\ DisallowedCertificates: FFFA650F2CB2ABC0D80527B524DD3F9FC172C138 (Doctor Web Ltd.) <==== ATTENTION
      CHR Extension: (Chrome Media Router) - C:\Users\gimenam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-10]
      CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
      CHR HKU\S-1-5-21-1786290276-262488355-3525370003-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
      2017-06-27 04:15 - 2017-06-27 04:43 - 00000000 ____D C:\Program Files (x86)\Retreive
      2014-11-15 23:46 - 2014-11-15 23:46 - 0000000 _____ () C:\Users\gimenam\AppData\Local\{53CDB269-BDCD-4656-B5BE-B51D2E32D3E9}
      2017-03-07 01:09 - 2017-03-07 01:13 - 0000000 _____ () C:\Users\gimenam\AppData\Local\{F24495DD-4997-45B7-B229-BB845ED55AC0}
      C:\ProgramData\dbg.dll
      C:\Windows\SysWOW64\lastpass_1337.exe
      Task: {4EEFEF5D-B49D-4212-A90E-CC49FC935127} - \Ckugotainatihupy -> No File <==== ATTENTION
      Task: {6AA19DB5-6C9F-44A5-B010-6F9CF2550745} - System32\Tasks\IMComprease Italian Purch => Rundll32.exe "C:\Program Files\IMComprease Italian Purch\IMComprease Italian Purch.dll",TGKlPXsAOY <==== ATTENTION
      C:\Program Files\IMComprease Italian Purch
      Task: {7FB425A3-2536-47BB-B11E-AB70E4D6364E} - System32\Tasks\{DC918F66-5DE0-4F98-AAC9-32E827D41289} => pcalua.exe -a C:\Users\gimenam\AppData\Local\{6320557C-4788-39C4-2A10-1C2C0E78E0B4}\uninst.exe -c -P=/Uninstall /s /noun /DelSelfDir
      Task: {ACC6539D-CC49-4418-A852-E2FA151743A8} - System32\Tasks\163c5b06b9d7dca4cf438960377a7751 => sc start 163c5b06b9d7dca4cf438960377a7751 <==== ATTENTION
      Task: {B249AF4C-9DC5-4FDB-847B-FBE44B3C258B} - System32\Tasks\Gerrutqwge Agent => C:\Program Files (x86)\Lomutherbagaied\daterfesh.exe
      Task: {D43CAFB1-1FA0-45FC-AFEE-FB63D22D846A} - System32\Tasks\TN DVD Video Converter => Rundll32.exe "C:\Program Files\TN DVD Video Converter\TN DVD Video Converter.dll",PLJNEKa <==== ATTENTION
      C:\Program Files\TN DVD Video Converter
      AlternateDataStreams: C:\ProgramData\TEMP:BC359956 [360]
      C:\Program Files (x86)\Lomutherbagaied
       
      
      HOSTS:
      REMOVEPROXY:
      EMPTYTEMP:
      CMD: netsh winsock reset
      CMD: ipconfig /renew
      CMD: ipconfig /flushdns
      CMD: bitsadmin /reset /allusers
      END
      Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

      Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.
      Ejecutas Frst.exe.

      Presionas el botón Fix y aguardas a que termine.
      La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
      ATENCION!!!! El siguiente Script de reparación fue hecho específicamente por un miembro del staff para este usuario, si tiene un problema similar por favor abra su propio tema para recibir ayuda personalizada. Usar Scripts de otros usuarios puede causar daños a su equipo
      Lo pegas en tu próxima respuesta, comentado como va el problema
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de AlejandraGAG
      Registrado
      dic 2015
      Ubicación
      Argentina
      Mensajes
      38

      re: Malwarebytes! No funcionan los antivirus! (Solucionado)

      Bueno, el problema incial, ya estaría solucionado, muchisimas gracias. Ahora, desde ayer cada vez que entro al foro, me aparecen ventanas de publicidad, y mi navegador bloquea alguna que otra ventana emergente, me parece raro, por que en twitter, facebook y youtube me funciona bien, de todas formas no quise usar mucho la pc hasta que no terminemos de ver bien que pasa, asi que te dejo el log que me pediste en el posteo anterior.


      Fix result of Farbar Recovery Scan Tool (x64) Version: 08-07-2017
      Ran by gimenam (09-07-2017 17:38:36) Run:1
      Running from C:\Users\gimenam\Desktop
      Loaded Profiles: gimenam (Available Profiles: gimenam)
      Boot Mode: Normal
      ==============================================

      fixlist content:
      *****************
      Start
      CreateRestorePoint:
      CloseProcesses:

      HKLM\ DisallowedCertificates: 03D22C9C66915D58C88912B64C1F984B8344EF09 (Comodo Security Solutions) <==== ATTENTION
      HKLM\ DisallowedCertificates: 0F684EC1163281085C6AF20528878103ACEFCAAB (F-Secure Corporation) <==== ATTENTION
      HKLM\ DisallowedCertificates: 1667908C9E22EFBD0590E088715CC74BE4C60884 (FRISK Software International/F-Prot) <==== ATTENTION
      HKLM\ DisallowedCertificates: 18DEA4EFA93B06AE997D234411F3FD72A677EECE (Bitdefender SRL) <==== ATTENTION
      HKLM\ DisallowedCertificates: 2026D13756EB0DB753DF26CB3B7EEBE3E70BB2CF (G DATA Software AG) <==== ATTENTION
      HKLM\ DisallowedCertificates: 31AC96A6C17C425222C46D55C3CCA6BA12E54DAF (Symantec Corporation) <==== ATTENTION
      HKLM\ DisallowedCertificates: 331E2046A1CCA7BFEF766724394BE6112B4CA3F7 (Trend Micro) <==== ATTENTION
      HKLM\ DisallowedCertificates: 3353EA609334A9F23A701B9159E30CB6C22D4C59 (Webroot Inc.) <==== ATTENTION
      HKLM\ DisallowedCertificates: 373C33726722D3A5D1EDD1F1585D5D25B39BEA1A (SUPERAntiSpyware.com) <==== ATTENTION
      HKLM\ DisallowedCertificates: 3850EDD77CC74EC9F4829AE406BBF9C21E0DA87F (Kaspersky Lab) <==== ATTENTION
      HKLM\ DisallowedCertificates: 3D496FA682E65FC122351EC29B55AB94F3BB03FC (AVG Technologies CZ) <==== ATTENTION
      HKLM\ DisallowedCertificates: 4243A03DB4C3C15149CEA8B38EEA1DA4F26BD159 (PC Tools) <==== ATTENTION
      HKLM\ DisallowedCertificates: 42727E052C0C2E1B35AB53E1005FD9EDC9DE8F01 (K7 Computing Pvt Ltd) <==== ATTENTION
      HKLM\ DisallowedCertificates: 4420C99742DF11DD0795BC15B7B0ABF090DC84DF (Doctor Web Ltd.) <==== ATTENTION
      HKLM\ DisallowedCertificates: 4C0AF5719009B7C9D85C5EAEDFA3B7F090FE5FFF (Emsisoft Ltd) <==== ATTENTION
      HKLM\ DisallowedCertificates: 5240AB5B05D11B37900AC7712A3C6AE42F377C8C (Check Point Software Technologies Ltd.) <==== ATTENTION
      HKLM\ DisallowedCertificates: 5DD3D41810F28B2A13E9A004E6412061E28FA48D (Emsisoft Ltd) <==== ATTENTION
      HKLM\ DisallowedCertificates: 7457A3793086DBB58B3858D6476889E3311E550E (K7 Computing Pvt Ltd) <==== ATTENTION
      HKLM\ DisallowedCertificates: 76A9295EF4343E12DFC5FE05DC57227C1AB00D29 BULLGUARD Ltd) <==== ATTENTION
      HKLM\ DisallowedCertificates: 775B373B33B9D15B58BC02B184704332B97C3CAF (McAfee) <==== ATTENTION
      HKLM\ DisallowedCertificates: 872CD334B7E7B3C3D1C6114CD6B221026D505EAB (Comodo Security Solutions) <==== ATTENTION
      HKLM\ DisallowedCertificates: 88AD5DFE24126872B33175D1778687B642323ACF (McAfee) <==== ATTENTION
      HKLM\ DisallowedCertificates: 9132E8B079D080E01D52631690BE18EBC2347C1E (Adaware Software) <==== ATTENTION
      HKLM\ DisallowedCertificates: 982D98951CF3C0CA2A02814D474A976CBFF6BDB1 (Safer Networking Ltd.) <==== ATTENTION
      HKLM\ DisallowedCertificates: 9A08641F7C5F2CCA0888388BE3E5DBDDAAA3B361 (Webroot Inc.) <==== ATTENTION
      HKLM\ DisallowedCertificates: 9C43F665E690AB4D486D4717B456C5554D4BCEB5 (ThreatTrack Security) <==== ATTENTION
      HKLM\ DisallowedCertificates: 9E3F95577B37C74CA2F70C1E1859E798B7FC6B13 (CURIOLAB S.M.B.A.) <==== ATTENTION
      HKLM\ DisallowedCertificates: A1F8DCB086E461E2ABB4B46ADCFA0B48C58B6E99 (Avira Operations GmbH & Co. KG) <==== ATTENTION
      HKLM\ DisallowedCertificates: A5341949ABE1407DD7BF7DFE75460D9608FBC309 (BullGuard Ltd) <==== ATTENTION
      HKLM\ DisallowedCertificates: A59CC32724DD07A6FC33F7806945481A2D13CA2F (ESET) <==== ATTENTION
      HKLM\ DisallowedCertificates: AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947 (AVG Technologies CZ) <==== ATTENTION
      HKLM\ DisallowedCertificates: AD4C5429E10F4FF6C01840C20ABA344D7401209F (Avast Antivirus/Software) <==== ATTENTION
      HKLM\ DisallowedCertificates: AD96BB64BA36379D2E354660780C2067B81DA2E0 (Symantec Corporation) <==== ATTENTION
      HKLM\ DisallowedCertificates: CDC37C22FE9272D8F2610206AD397A45040326B8 (Trend Micro) <==== ATTENTION
      HKLM\ DisallowedCertificates: D3F78D747E7C5D6D3AE8ABFDDA7522BFB4CBD598 (Kaspersky Lab) <==== ATTENTION
      HKLM\ DisallowedCertificates: DB303C9B61282DE525DC754A535CA2D6A9BD3D87 (ThreatTrack Security) <==== ATTENTION
      HKLM\ DisallowedCertificates: DB77E5CFEC34459146748B667C97B185619251BA (Avast Antivirus/Software) <==== ATTENTION
      HKLM\ DisallowedCertificates: E22240E837B52E691C71DF248F12D27F96441C00 (Total Defense, Inc.) <==== ATTENTION
      HKLM\ DisallowedCertificates: E513EAB8610CFFD7C87E00BCA15C23AAB407FCEF (AVG Technologies CZ) <==== ATTENTION
      HKLM\ DisallowedCertificates: ED841A61C0F76025598421BC1B00E24189E68D54 (Bitdefender SRL) <==== ATTENTION
      HKLM\ DisallowedCertificates: F83099622B4A9F72CB5081F742164AD1B8D048C9 (ESET) <==== ATTENTION
      HKLM\ DisallowedCertificates: FBB42F089AF2D570F2BF6F493D107A3255A9BB1A (Panda Security S.L) <==== ATTENTION
      HKLM\ DisallowedCertificates: FFFA650F2CB2ABC0D80527B524DD3F9FC172C138 (Doctor Web Ltd.) <==== ATTENTION
      CHR Extension: (Chrome Media Router) - C:\Users\gimenam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-10]
      CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
      CHR HKU\S-1-5-21-1786290276-262488355-3525370003-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
      2017-06-27 04:15 - 2017-06-27 04:43 - 00000000 ____D C:\Program Files (x86)\Retreive
      2014-11-15 23:46 - 2014-11-15 23:46 - 0000000 _____ () C:\Users\gimenam\AppData\Local\{53CDB269-BDCD-4656-B5BE-B51D2E32D3E9}
      2017-03-07 01:09 - 2017-03-07 01:13 - 0000000 _____ () C:\Users\gimenam\AppData\Local\{F24495DD-4997-45B7-B229-BB845ED55AC0}
      C:\ProgramData\dbg.dll
      C:\Windows\SysWOW64\lastpass_1337.exe
      Task: {4EEFEF5D-B49D-4212-A90E-CC49FC935127} - \Ckugotainatihupy -> No File <==== ATTENTION
      Task: {6AA19DB5-6C9F-44A5-B010-6F9CF2550745} - System32\Tasks\IMComprease Italian Purch => Rundll32.exe "C:\Program Files\IMComprease Italian Purch\IMComprease Italian Purch.dll",TGKlPXsAOY <==== ATTENTION
      C:\Program Files\IMComprease Italian Purch
      Task: {7FB425A3-2536-47BB-B11E-AB70E4D6364E} - System32\Tasks\{DC918F66-5DE0-4F98-AAC9-32E827D41289} => pcalua.exe -a C:\Users\gimenam\AppData\Local\{6320557C-4788-39C4-2A10-1C2C0E78E0B4}\uninst.exe -c -P=/Uninstall /s /noun /DelSelfDir
      Task: {ACC6539D-CC49-4418-A852-E2FA151743A8} - System32\Tasks\163c5b06b9d7dca4cf438960377a7751 => sc start 163c5b06b9d7dca4cf438960377a7751 <==== ATTENTION
      Task: {B249AF4C-9DC5-4FDB-847B-FBE44B3C258B} - System32\Tasks\Gerrutqwge Agent => C:\Program Files (x86)\Lomutherbagaied\daterfesh.exe
      Task: {D43CAFB1-1FA0-45FC-AFEE-FB63D22D846A} - System32\Tasks\TN DVD Video Converter => Rundll32.exe "C:\Program Files\TN DVD Video Converter\TN DVD Video Converter.dll",PLJNEKa <==== ATTENTION
      C:\Program Files\TN DVD Video Converter
      AlternateDataStreams: C:\ProgramData\TEMP:BC359956 [360]
      C:\Program Files (x86)\Lomutherbagaied


      HOSTS:
      REMOVEPROXY:
      EMPTYTEMP:
      CMD: netsh winsock reset
      CMD: ipconfig /renew
      CMD: ipconfig /flushdns
      CMD: bitsadmin /reset /allusers
      END
      *****************

      Restore point was successfully created.
      Processes closed successfully.
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\03D22C9C66915D58C88912B64C1F984B8344EF09 => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\0F684EC1163281085C6AF20528878103ACEFCAAB => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\1667908C9E22EFBD0590E088715CC74BE4C60884 => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\18DEA4EFA93B06AE997D234411F3FD72A677EECE => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\2026D13756EB0DB753DF26CB3B7EEBE3E70BB2CF => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\31AC96A6C17C425222C46D55C3CCA6BA12E54DAF => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\331E2046A1CCA7BFEF766724394BE6112B4CA3F7 => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\3353EA609334A9F23A701B9159E30CB6C22D4C59 => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\373C33726722D3A5D1EDD1F1585D5D25B39BEA1A => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\3850EDD77CC74EC9F4829AE406BBF9C21E0DA87F => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\3D496FA682E65FC122351EC29B55AB94F3BB03FC => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\4243A03DB4C3C15149CEA8B38EEA1DA4F26BD159 => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\42727E052C0C2E1B35AB53E1005FD9EDC9DE8F01 => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\4420C99742DF11DD0795BC15B7B0ABF090DC84DF => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\4C0AF5719009B7C9D85C5EAEDFA3B7F090FE5FFF => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\5240AB5B05D11B37900AC7712A3C6AE42F377C8C => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\5DD3D41810F28B2A13E9A004E6412061E28FA48D => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\7457A3793086DBB58B3858D6476889E3311E550E => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\HKLM\ DisallowedCertificates: 76A9295EF4343E12DFC5FE05DC57227C1AB00D29 BULLGUARD Ltd) <==== ATTENTION => key not found.
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\775B373B33B9D15B58BC02B184704332B97C3CAF => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\872CD334B7E7B3C3D1C6114CD6B221026D505EAB => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\88AD5DFE24126872B33175D1778687B642323ACF => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\9132E8B079D080E01D52631690BE18EBC2347C1E => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\982D98951CF3C0CA2A02814D474A976CBFF6BDB1 => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\9A08641F7C5F2CCA0888388BE3E5DBDDAAA3B361 => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\9C43F665E690AB4D486D4717B456C5554D4BCEB5 => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\9E3F95577B37C74CA2F70C1E1859E798B7FC6B13 => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\A1F8DCB086E461E2ABB4B46ADCFA0B48C58B6E99 => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\A5341949ABE1407DD7BF7DFE75460D9608FBC309 => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\A59CC32724DD07A6FC33F7806945481A2D13CA2F => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947 => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\AD4C5429E10F4FF6C01840C20ABA344D7401209F => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\AD96BB64BA36379D2E354660780C2067B81DA2E0 => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\CDC37C22FE9272D8F2610206AD397A45040326B8 => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\D3F78D747E7C5D6D3AE8ABFDDA7522BFB4CBD598 => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\DB303C9B61282DE525DC754A535CA2D6A9BD3D87 => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\DB77E5CFEC34459146748B667C97B185619251BA => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\E22240E837B52E691C71DF248F12D27F96441C00 => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\E513EAB8610CFFD7C87E00BCA15C23AAB407FCEF => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\ED841A61C0F76025598421BC1B00E24189E68D54 => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\F83099622B4A9F72CB5081F742164AD1B8D048C9 => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\FBB42F089AF2D570F2BF6F493D107A3255A9BB1A => key removed successfully
      HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\FFFA650F2CB2ABC0D80527B524DD3F9FC172C138 => key removed successfully
      CHR Extension: (Chrome Media Router) - C:\Users\gimenam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-10] => Error: No automatic fix found for this entry.
      HKLM\SOFTWARE\Google\Chrome\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce => key removed successfully
      HKU\S-1-5-21-1786290276-262488355-3525370003-1001\SOFTWARE\Google\Chrome\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce => key removed successfully
      HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce => key removed successfully
      C:\Program Files (x86)\Retreive => moved successfully
      C:\Users\gimenam\AppData\Local\{53CDB269-BDCD-4656-B5BE-B51D2E32D3E9} => moved successfully
      C:\Users\gimenam\AppData\Local\{F24495DD-4997-45B7-B229-BB845ED55AC0} => moved successfully
      C:\ProgramData\dbg.dll => moved successfully
      C:\Windows\SysWOW64\lastpass_1337.exe => moved successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4EEFEF5D-B49D-4212-A90E-CC49FC935127} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4EEFEF5D-B49D-4212-A90E-CC49FC935127} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ckugotainatihupy => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{6AA19DB5-6C9F-44A5-B010-6F9CF2550745} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AA19DB5-6C9F-44A5-B010-6F9CF2550745} => key removed successfully
      C:\Windows\System32\Tasks\IMComprease Italian Purch => moved successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IMComprease Italian Purch => key removed successfully
      C:\Program Files\IMComprease Italian Purch => moved successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7FB425A3-2536-47BB-B11E-AB70E4D6364E} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FB425A3-2536-47BB-B11E-AB70E4D6364E} => key removed successfully
      C:\Windows\System32\Tasks\{DC918F66-5DE0-4F98-AAC9-32E827D41289} => moved successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DC918F66-5DE0-4F98-AAC9-32E827D41289} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{ACC6539D-CC49-4418-A852-E2FA151743A8} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ACC6539D-CC49-4418-A852-E2FA151743A8} => key removed successfully
      C:\Windows\System32\Tasks\163c5b06b9d7dca4cf438960377a7751 => moved successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\163c5b06b9d7dca4cf438960377a7751 => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B249AF4C-9DC5-4FDB-847B-FBE44B3C258B} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B249AF4C-9DC5-4FDB-847B-FBE44B3C258B} => key removed successfully
      C:\Windows\System32\Tasks\Gerrutqwge Agent => moved successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Gerrutqwge Agent => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{D43CAFB1-1FA0-45FC-AFEE-FB63D22D846A} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D43CAFB1-1FA0-45FC-AFEE-FB63D22D846A} => key removed successfully
      C:\Windows\System32\Tasks\TN DVD Video Converter => moved successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TN DVD Video Converter => key removed successfully
      C:\Program Files\TN DVD Video Converter => moved successfully
      C:\ProgramData\TEMP => ":BC359956" ADS removed successfully.
      "C:\Program Files (x86)\Lomutherbagaied" => not found.
      C:\Windows\System32\Drivers\etc\hosts => moved successfully
      Hosts restored successfully.

      ========= RemoveProxy: =========

      HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
      HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
      HKU\S-1-5-21-1786290276-262488355-3525370003-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
      HKU\S-1-5-21-1786290276-262488355-3525370003-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


      ========= End of RemoveProxy: =========


      ========= netsh winsock reset =========


      El cat*logo Winsock se restableci¢ correctamente.
      Debe reiniciar el equipo para completar el restablecimiento.


      ========= End of CMD: =========


      ========= ipconfig /renew =========


      Configuraci¢n IP de Windows

      No se puede realizar ninguna operaci¢n en Conexi¢n de *rea local* 1 mientras los medios
      est‚n desconectados.
      No se puede realizar ninguna operaci¢n en Conexi¢n de red Bluetooth mientras los medios
      est‚n desconectados.
      No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
      est‚n desconectados.

      Adaptador de LAN inal*mbrica Conexi¢n de *rea local* 1:

      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :

      Adaptador de Ethernet Conexi¢n de red Bluetooth:

      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :

      Adaptador de LAN inal*mbrica Wi-Fi:

      Sufijo DNS espec¡fico para la conexi¢n. . : mshome.net
      V¡nculo: direcci¢n IPv6 local. . . : fe80::a9f8:2e31:5f62:dc9d%14
      Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.23.3
      M*scara de subred . . . . . . . . . . . . : 255.255.255.0
      Puerta de enlace predeterminada . . . . . : 192.168.23.1

      Adaptador de Ethernet Ethernet:

      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :

      Adaptador de t£nel isatap.mshome.net:

      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . : mshome.net

      ========= End of CMD: =========


      ========= ipconfig /flushdns =========


      Configuraci¢n IP de Windows

      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

      ========= End of CMD: =========


      ========= bitsadmin /reset /allusers =========


      BITSADMIN version 3.0 [ 7.6.9200 ]
      BITS administration utility.
      (C) Copyright 2000-2006 Microsoft Corp.

      BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
      Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

      0 out of 0 jobs canceled.

      ========= End of CMD: =========


      =========== EmptyTemp: ==========

      BITS transfer queue => 12582912 B
      DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17126325 B
      Java, Flash, Steam htmlcache => 506 B
      Windows/system/drivers => 0 B
      Edge => 0 B
      Chrome => 421534256 B
      Firefox => 0 B
      Opera => 0 B

      Temp, IE cache, history, cookies, recent:
      Default => 0 B
      Users => 0 B
      ProgramData => 0 B
      Public => 0 B
      systemprofile => 25091 B
      systemprofile32 => 54073472 B
      LocalService => 1594 B
      NetworkService => 120221944 B
      gimenam => 143539 B

      RecycleBin => 0 B
      EmptyTemp: => 596.7 MB temporary data Removed.

      ================================


      The system needed a reboot.

      ==== End of Fixlog 17:39:35 ====

    10. #10
      Usuario Avatar de AlejandraGAG
      Registrado
      dic 2015
      Ubicación
      Argentina
      Mensajes
      38

      re: Malwarebytes! No funcionan los antivirus! (Solucionado)

      Miguel, te cuento que acabo de notar que no puedo escribir el ARROBA, cada vez que lo hago la página me redirecciona a google.

      Por cierto, perdón por el doble post anterior, pero es que me cuesta ingresar al foro.

      Saludos!

    Página 1 de 3 123 ÚltimoÚltimo