• Registrarse
  • Iniciar sesión


  • Página 1 de 3 123 ÚltimoÚltimo
    Resultados 1 al 10 de 25

    Desde hace meses se me abren ventanas de chrome

    Buenas Noches desde hace mucho tiempo si estoy en una pagina de repente se sale y queda en la pantalla de pestañas de Chrome. He corrido Malwarebytes, Spyboy y el antivirus Avast Free. Pego el ...

    1. #1
      Usuario Avatar de x28federal
      Registrado
      may 2014
      Ubicación
      Argentina
      Mensajes
      16

      Desde hace meses se me abren ventanas de chrome

      Buenas Noches desde hace mucho tiempo si estoy en una pagina de repente se sale y queda en la pantalla de pestañas de Chrome.
      He corrido Malwarebytes, Spyboy y el antivirus Avast Free.

      Pego el Log desde ya muchas Gracias

      Logfile of Trend Micro HijackThis v2.0.5
      Scan saved at 10:27:40 p.m., on 18/09/2017
      Platform: Windows 7 SP1 (WinNT 6.00.3505)
      MSIE: Internet Explorer v8.00 (8.00.7601.17514)

      FIREFOX: 55.0.3 (x86 es-ES)
      Boot mode: Normal

      Running processes:
      C:\Windows\system32\taskhost.exe
      C:\Windows\system32\Dwm.exe
      C:\Windows\Explorer.EXE
      C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
      C:\Program Files\Dropbox\Client\Dropbox.exe
      C:\Program Files\AVAST Software\Avast\AvastUI.exe
      C:\Program Files\Google\Drive\googledrivesync.exe
      C:\Program Files\Google\Drive\googledrivesync.exe
      C:\Windows\system32\RunDll32.exe
      C:\Windows\explorer.exe
      C:\Program Files\Google\Chrome\Application\chrome.exe
      C:\Program Files\Google\Chrome\Application\chrome.exe
      C:\Program Files\Google\Chrome\Application\chrome.exe
      C:\Program Files\Google\Chrome\Application\chrome.exe
      C:\Program Files\Spybot - Search & Destroy 2\SDWelcome.exe
      C:\Program Files\Google\Chrome\Application\chrome.exe
      C:\Windows\system32\taskeng.exe
      C:\Users\Jorge\Downloads\HijackThis (1).exe
      C:\Windows\system32\msfeedssync.exe
      C:\Windows\system32\DllHost.exe
      C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32Info.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      O2 - BHO: Aplicación auxiliar de vínculos de Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
      O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
      O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
      O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
      O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
      O4 - HKLM\..\Run: [Dropbox] "C:\Program Files\Dropbox\Client\Dropbox.exe" /systemstartup
      O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
      O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
      O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
      O8 - Extra context menu item: Descargar con Mipony - file://C:\Program Files\MiPony\Browser\IEContext.htm
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
      O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
      O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
      O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
      O9 - Extra 'Tools' menuitem: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
      O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
      O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
      O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Arp Intelligent Protection Service (AIPS) - Arcai.com - C:\Program Files\netcut\services\AIPS.exe
      O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
      O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
      O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: Servicio de Actualización de Dropbox (dbupdate) (dbupdate) - Unknown owner - C:\Program Files\Dropbox\Update\DropboxUpdate.exe
      O23 - Service: Servicio de Actualización de Dropbox (dbupdatem) (dbupdatem) - Unknown owner - C:\Program Files\Dropbox\Update\DropboxUpdate.exe
      O23 - Service: DbxSvc - Dropbox, Inc. - C:\Windows\system32\DbxSvc.exe
      O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
      O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: Nod32 AV (EFix4) - Unknown owner - C:\Windows\Regedit.exe
      O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
      O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
      O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Google Update Servicio (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
      O23 - Service: Google Update Servicio (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
      O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
      O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
      O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
      O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
      O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
      O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
      O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
      O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
      O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
      O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
      O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
      O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
      O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe
      O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
      O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
      O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
      O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
      O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
      O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe
      O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
      O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
      O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
      O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

      --
      End of file - 21291 bytes

    2. #2
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Via Lactea.
      Mensajes
      22.259

      Re: Desde hace meses se me abren ventanas de chrome

      Buenas x28federal.

      Para revisar tu maquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado.

      Paso 1.- Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus, mientras realizamos TODOS los pasos.

      Vamos a descargar en TU ESCRITORIO(y NO en otro lugar ) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :


      Una vez descargadas, desconectas tu equipo de Internet(apaga el router) << Muy Importante, y Cierras también cualquier otro programa que tengas abierto.

      Paso 2.- Ejecutas las herramientas de una en una y en el orden indicado :

      Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas "Ejecutar como Administrador" para Todos los programas.
      CCleaner.-
      • Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.
      • Úsalo primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.
      • Después usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).

      Malwarebytes.-
      • Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.
      • Realiza un Análisis Completo.
      • Seleccionando "TODOS a Cuarentena" para enviarlo a la cuarentena y Reinicias el sistema.
      • En el apartado del manual "Historial" encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.

      AdwCleaner.-
      • Ejecuta Adwcleaner.exe.
      • Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
      • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
      • Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
      • El informe también se puede encontrar en "C:\Program Files(x86)\AdwCleaner\AdwCleaner[C1].txt"

      Junkware Removal Tool.-
      • Ejecuta JRT.exe.
      • Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.
      • Si en algún momento te pide Reiniciar hazlo.
      • Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.
      • Copia y pega el contenido de JRT.txt en tu próxima respuesta.

      Farbar Recovery Scan Tool.-
      • Ejecuta FRST.exe.
      • En el mensaje de la ventana del Disclaimer, pulsamos Yes.
      • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el análisis.
      • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

      Paso 3.- Poner los informes en tu próxima respuesta de :

      • Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden.


      Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo.

      - Y nos cuentas como funciona tu equipo, en relación al problema planteado.

      Saludos, Javier.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de x28federal
      Registrado
      may 2014
      Ubicación
      Argentina
      Mensajes
      16

      Re: Desde hace meses se me abren ventanas de chrome

      Buenos dias Javier, de momento que comento que sigue el problema, aca van los reportes Gracias

      Malwarebytes Anti-Malware
      www.malwarebytes.org

      Fecha del análisis: 20/09/2017
      Hora del análisis: 01:05 a.m.
      Archivo de registro:
      Administrador: Sí

      Versión: 2.2.1.1043
      Base de datos de malwares: v2017.09.19.04
      Base de datos de rootkits: v2017.09.13.01
      Licencia: Gratis
      Protección contra el malware: Desactivado
      Protección contra sitios web maliciosos: Desactivado
      Autoprotección: Desactivado

      SO: Windows 7 Service Pack 1
      CPU: x86
      Sistema de archivos: NTFS
      Usuario: Jorge

      Tipo de análisis: Análisis de amenazas
      Resultado: Completado
      Objetos analizados: 241729
      Tiempo transcurrido: 23 min, 34 seg

      Memoria: Activado
      Inicio: Activado
      Sistema de archivos: Activado
      Archivo: Activado
      Rootkits: Activado
      Heurística: Activado
      PUP: Activado
      PUM: Activado

      Procesos: 0
      (No hay elementos maliciosos detectados)

      Módulos: 0
      (No hay elementos maliciosos detectados)

      Claves del registro: 0
      (No hay elementos maliciosos detectados)

      Valores del registro: 0
      (No hay elementos maliciosos detectados)

      Datos del registro: 0
      (No hay elementos maliciosos detectados)

      Carpetas: 0
      (No hay elementos maliciosos detectados)

      Archivos: 0
      (No hay elementos maliciosos detectados)

      Sectores físicos: 0
      (No hay elementos maliciosos detectados)


      (end)

      # AdwCleaner 7.0.2.1 - Logfile created on Wed Sep 20 04:31:32 2017
      # Updated on 2017/29/08 by Malwarebytes
      # Database: 08-29-2017.2
      # Running on Windows 7 Ultimate (X86)
      # Mode: scan
      # Support: https://www.malwarebytes.com/support

      ***** [ Services ] *****

      No malicious services found.

      ***** [ Folders ] *****

      No malicious folders found.

      ***** [ Files ] *****

      No malicious files found.

      ***** [ DLL ] *****

      No malicious DLLs found.

      ***** [ WMI ] *****

      No malicious WMI found.

      ***** [ Shortcuts ] *****

      No malicious shortcuts found.

      ***** [ Tasks ] *****

      No malicious tasks found.

      ***** [ Registry ] *****

      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}


      ***** [ Firefox (and derivatives) ] *****

      No malicious Firefox entries.

      ***** [ Chromium (and derivatives) ] *****

      No malicious Chromium entries.

      *************************

      C:/AdwCleaner/AdwCleaner[S0].txt - [948 B] - [2017/9/7 3:11:16]
      C:/AdwCleaner/AdwCleaner[S1].txt - [1013 B] - [2017/9/11 4:24:30]
      C:/AdwCleaner/AdwCleaner[S2].txt - [1080 B] - [2017/9/12 3:44:17]
      C:/AdwCleaner/AdwCleaner[S3].txt - [1147 B] - [2017/9/12 11:11:15]
      C:/AdwCleaner/AdwCleaner[S4].txt - [1215 B] - [2017/9/14 13:30:48]


      ########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt ##########

      # AdwCleaner 7.0.2.1 - Logfile created on Wed Sep 20 04:32:04 2017
      # Updated on 2017/29/08 by Malwarebytes
      # Running on Windows 7 Ultimate (X86)
      # Mode: clean
      # Support: https://www.malwarebytes.com/support

      ***** [ Services ] *****

      No malicious services deleted.

      ***** [ Folders ] *****

      No malicious folders deleted.

      ***** [ Files ] *****

      No malicious files deleted.

      ***** [ DLL ] *****

      No malicious DLLs cleaned.

      ***** [ WMI ] *****

      No malicious WMI cleaned.

      ***** [ Shortcuts ] *****

      No malicious shortcuts cleaned.

      ***** [ Tasks ] *****

      No malicious tasks deleted.

      ***** [ Registry ] *****

      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}


      ***** [ Firefox (and derivatives) ] *****

      No malicious Firefox entries deleted.

      ***** [ Chromium (and derivatives) ] *****

      No malicious Chromium entries deleted.

      *************************

      ::Tracing keys deleted
      ::Winsock settings cleared
      ::Additional Actions: 0



      *************************

      C:/AdwCleaner/AdwCleaner[S0].txt - [948 B] - [2017/9/7 3:11:16]
      C:/AdwCleaner/AdwCleaner[S1].txt - [1013 B] - [2017/9/11 4:24:30]
      C:/AdwCleaner/AdwCleaner[S2].txt - [1080 B] - [2017/9/12 3:44:17]
      C:/AdwCleaner/AdwCleaner[S3].txt - [1147 B] - [2017/9/12 11:11:15]
      C:/AdwCleaner/AdwCleaner[S4].txt - [1215 B] - [2017/9/14 13:30:48]
      C:/AdwCleaner/AdwCleaner[S5].txt - [1380 B] - [2017/9/20 4:31:32]


      ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

      Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-09-2017 01
      Ran by Jorge (administrator) on JOSUNA (20-09-2017 01:44:44)
      Running from C:\Users\Jorge\Desktop
      Loaded Profiles: Jorge (Available Profiles: Jorge)
      Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: Español (España, internacional)
      Internet Explorer Version 8 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (Arcai.com) C:\Program Files\netcut\services\aips.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
      () C:\Windows\System32\PnkBstrA.exe
      () C:\Windows\System32\PnkBstrB.exe
      (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
      (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
      (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
      (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
      (Google Inc.) C:\Program Files\Google\Update\1.3.33.5\GoogleCrashHandler.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
      (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe

      ==================== Registry (Whitelisted) ====================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
      HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [239856 2017-09-01] (AVAST Software)
      HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [3487032 2017-09-14] (Dropbox, Inc.)
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      HKU\S-1-5-21-3431701051-4169044703-816633750-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7684824 2017-09-07] (Piriform Ltd)
      HKU\S-1-5-21-3431701051-4169044703-816633750-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [40257336 2017-08-31] ()
      BootExecute: autocheck autochk * sdnclean.exe
      GroupPolicy: Restriction - Chrome <==== ATTENTION
      CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
      Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
      Tcpip\..\Interfaces\{7D7765C0-6DD9-491C-998F-6CD4E1B665D1}: [DhcpNameServer] 192.168.3.1 192.168.1.1
      Tcpip\..\Interfaces\{E8B95868-7947-4B87-8148-108FF304887F}: [DhcpNameServer] 192.168.1.1

      Internet Explorer:
      ==================
      HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google
      HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
      HKU\S-1-5-21-3431701051-4169044703-816633750-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      SearchScopes: HKU\S-1-5-21-3431701051-4169044703-816633750-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      BHO: Aplicación auxiliar de vínculos de Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23] (Adobe Systems Incorporated)
      BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation)
      BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-09-01] (AVAST Software)
      BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)

      FireFox:
      ========
      FF DefaultProfile: kbufrv61.default
      FF ProfilePath: C:\Users\Jorge\AppData\Roaming\Mozilla\Firefox\Profiles\kbufrv61.default [2017-09-20]
      FF DefaultSearchEngine: Mozilla\Firefox\Profiles\kbufrv61.default -> (Google)
      FF DefaultSearchUrl: Mozilla\Firefox\Profiles\kbufrv61.default -> Google
      FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\kbufrv61.default -> (Google)
      FF SelectedSearchEngine: Mozilla\Firefox\Profiles\kbufrv61.default -> Google
      FF Homepage: Mozilla\Firefox\Profiles\kbufrv61.default -> hxxp://google.com
      FF Keyword.URL: Mozilla\Firefox\Profiles\kbufrv61.default -> hxxps://www.google.com/search?q=
      FF Extension: (Avast SafePrice) - C:\Users\Jorge\AppData\Roaming\Mozilla\Firefox\Profiles\kbufrv61.default\Extensions\[email protected] [2017-09-01]
      FF Extension: (Avast Online Security) - C:\Users\Jorge\AppData\Roaming\Mozilla\Firefox\Profiles\kbufrv61.default\Extensions\[email protected] [2017-09-01]
      FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
      FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
      FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
      FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
      FF Plugin HKU\S-1-5-21-3431701051-4169044703-816633750-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Jorge\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-04-20] (Citrix Online)

      Chrome:
      =======
      CHR Profile: C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default [2017-09-20]
      CHR Extension: (Google Docs) - C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-09-03]
      CHR Extension: (Avast SafePrice) - C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-09-18]
      CHR Extension: (Hojas de cálculo de Google) - C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-09-03]
      CHR Extension: (Documentos de Google sin conexión) - C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-03]
      CHR Extension: (Avast Online Security) - C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-09-01]
      CHR Extension: (Extensión de Google Keep para Chrome) - C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2017-09-03]
      CHR Extension: (Chrome Media Router) - C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-01]
      CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
      CHR HKU\S-1-5-21-3431701051-4169044703-816633750-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Jorge\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2017-09-02]
      CHR HKU\S-1-5-21-3431701051-4169044703-816633750-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R2 AIPS; C:\Program Files\netcut\services\AIPS.exe [262144 2011-07-28] (Arcai.com) [File not signed]
      R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5830352 2017-09-01] (AVAST Software s.r.o.)
      R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [275208 2017-09-01] (AVAST Software)
      S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-12-13] (Dropbox, Inc.)
      S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-12-13] (Dropbox, Inc.)
      R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [43336 2017-09-14] (Dropbox, Inc.)
      S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1138368 2016-05-30] (Disc Soft Ltd)
      R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2016-06-04] ()
      R2 PnkBstrB; C:\Windows\system32\PnkBstrB.exe [103736 2016-06-04] ()
      R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
      R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.) [File not signed]
      S2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.) [File not signed]
      R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)
      S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
      S2 EFix4; %SystemRoot%\Regedit.exe /s %WinDir%\Fix.reg [X]
      S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [267520 2017-09-01] (AVAST Software s.r.o.)
      R0 aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [157416 2017-09-01] (AVAST Software s.r.o.)
      R0 aswblog; C:\Windows\system32\drivers\aswblogx.sys [276736 2017-09-01] (AVAST Software s.r.o.)
      R0 aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [50384 2017-09-01] (AVAST Software s.r.o.)
      S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [42856 2017-09-01] (AVAST Software)
      R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [39784 2017-09-01] (AVAST Software)
      R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [124952 2017-09-01] (AVAST Software)
      R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [99568 2017-09-01] (AVAST Software)
      R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [70864 2017-09-01] (AVAST Software)
      R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [773800 2017-09-01] (AVAST Software)
      R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [500136 2017-09-01] (AVAST Software)
      R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [148232 2017-09-18] (AVAST Software)
      R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [296824 2017-09-01] (AVAST Software)
      R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [26168 2016-06-04] (Disc Soft Ltd)
      R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [40504 2016-06-04] (Disc Soft Ltd)
      S3 NPF; C:\Windows\System32\drivers\npf.sys [35088 2010-06-25] (CACE Technologies, Inc.)
      S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [347136 2009-07-13] (Realtek Semiconductor Corporation )
      S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1348240 2013-03-06] (Realtek Semiconductor Corporation )
      S0 sptd; C:\Windows\System32\Drivers\sptd.sys [682232 2016-06-01] (Duplex Secure Ltd.)
      S3 catchme; \??\C:\Users\Jorge\AppData\Local\Temp\catchme.sys [X]
      S3 dbx; system32\DRIVERS\dbx.sys [X]
      S3 panda_url_filteringd; \??\C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [X]
      S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
      S3 VGPU; System32\drivers\rdvgkmd.sys [X]

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-09-20 01:44 - 2017-09-20 01:45 - 000012710 _____ C:\Users\Jorge\Desktop\FRST.txt
      2017-09-20 01:44 - 2017-09-20 01:44 - 000000000 ____D C:\FRST
      2017-09-20 01:35 - 2017-09-20 01:35 - 000000000 ____D C:\ProgramData\SWCUTemp
      2017-09-19 17:00 - 2017-09-19 17:02 - 008182736 _____ (Malwarebytes) C:\Users\Jorge\Desktop\AdwCleaner.exe
      2017-09-19 16:42 - 2017-09-19 16:43 - 001795584 _____ (Farbar) C:\Users\Jorge\Desktop\FRST.exe
      2017-09-19 15:07 - 2017-09-19 15:07 - 001791292 _____ (Farbar) C:\Users\Jorge\Downloads\Sin confirmar 541722.crdownload
      2017-09-19 14:14 - 2017-09-19 14:15 - 001790024 _____ (Malwarebytes) C:\Users\Jorge\Desktop\JRT.exe
      2017-09-19 13:34 - 2017-09-19 13:37 - 009826968 _____ (Piriform Ltd) C:\Users\Jorge\Desktop\ccsetup534 (1).exe
      2017-09-19 13:33 - 2017-09-19 13:35 - 002886548 _____ C:\Users\Jorge\Downloads\LP RES Vig84 01Sept2017 (1).pdf
      2017-09-19 13:33 - 2017-09-19 13:34 - 001078484 _____ C:\Users\Jorge\Downloads\LP VEH Vig84 01Sept2017 (1).pdf
      2017-09-19 13:33 - 2017-09-19 13:33 - 000055296 _____ C:\Users\Jorge\Downloads\Accesorios Reparaciones Otros Sep 17 (1).xls
      2017-09-19 11:22 - 2017-09-19 11:22 - 002705360 _____ C:\Users\Jorge\Downloads\Carpeta de Monitoreo Septiembre 2017.pdf
      2017-09-18 23:59 - 2017-09-18 09:23 - 000000819 _____ C:\Windows\system32\Drivers\etc\hosts.20170918-235942.backup
      2017-09-18 22:27 - 2017-09-18 22:27 - 000021293 _____ C:\Users\Jorge\Downloads\hijackthis 2017
      2017-09-18 13:32 - 2017-09-18 13:37 - 009826968 _____ (Piriform Ltd) C:\Users\Jorge\Downloads\ccsetup534.exe
      2017-09-18 08:43 - 2017-09-18 08:43 - 002580480 _____ C:\Users\Jorge\Downloads\Res Gremio $ 010917.xls
      2017-09-18 08:43 - 2017-09-18 08:43 - 000055296 _____ C:\Users\Jorge\Downloads\Accesorios Reparaciones Otros Sep 17.xls
      2017-09-18 01:34 - 2017-09-18 01:39 - 000000000 ____D C:\FSTool
      2017-09-18 01:31 - 2017-09-18 01:31 - 000388608 _____ (Trend Micro Inc.) C:\Users\Jorge\Downloads\HijackThis (1).exe
      2017-09-18 01:26 - 2017-09-18 01:28 - 001599815 _____ C:\Users\Jorge\Downloads\IFS.exe
      2017-09-18 01:26 - 2017-09-18 01:26 - 000239192 _____ C:\Users\Jorge\Downloads\mi-factura (1).pdf
      2017-09-17 12:42 - 2017-09-17 12:42 - 000001076 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive for PC is now Backup and Sync from Google.lnk
      2017-09-17 12:42 - 2017-09-17 12:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
      2017-09-16 11:07 - 2017-09-16 11:07 - 000682931 _____ C:\Users\Jorge\Documents\S52ALF.pdf
      2017-09-16 02:12 - 2017-09-16 02:12 - 000002273 _____ C:\Users\Jorge\Desktop\Tienda Fusionfe.txt
      2017-09-15 22:25 - 2017-09-15 22:25 - 000000165 ____H C:\Users\Jorge\Documents\~$Precios de Celulares.xlsx
      2017-09-15 21:54 - 2017-09-15 21:54 - 000019133 _____ C:\Users\Jorge\Desktop\UsbFix_Report.txt
      2017-09-15 18:35 - 2017-09-15 18:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
      2017-09-14 18:41 - 2017-09-14 18:41 - 000043336 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
      2017-09-14 18:41 - 2017-09-14 18:41 - 000035432 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
      2017-09-14 18:41 - 2017-09-14 18:41 - 000035408 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
      2017-09-14 18:41 - 2017-09-14 18:41 - 000035408 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
      2017-09-14 16:43 - 2017-09-14 16:43 - 000020480 _____ C:\Users\Jorge\Downloads\CuentaCorriente-20170914.xls
      2017-09-12 10:52 - 2017-06-27 11:27 - 000014921 ____N C:\Users\Jorge\Desktop\plantilla presup.xlsx
      2017-09-12 10:33 - 2017-09-14 00:32 - 000023023 _____ C:\Users\Jorge\Downloads\PRECIOS 1.xlsx
      2017-09-12 08:07 - 2017-09-12 08:07 - 000040948 __RSH C:\ProgramData\ntuser.pol
      2017-09-12 07:52 - 2017-09-12 08:08 - 000000000 ____D C:\ProgramData\TEMP
      2017-09-12 07:52 - 2017-09-12 08:07 - 000000000 ____D C:\Program Files\SpywareBlaster
      2017-09-12 07:52 - 2017-09-12 07:52 - 000001037 _____ C:\Users\Public\Desktop\SpywareBlaster.lnk
      2017-09-12 07:52 - 2017-09-12 07:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
      2017-09-12 07:52 - 2009-03-24 13:52 - 000129872 _____ (Microsoft Corporation) C:\Windows\system32\MSSTDFMT.DLL
      2017-09-12 01:05 - 2017-09-12 07:40 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
      2017-09-12 01:02 - 2017-09-12 07:40 - 000000000 ____D C:\Users\Jorge\Desktop\mbar
      2017-09-10 23:29 - 2017-09-10 23:30 - 000001326 _____ C:\N-Repair.txt
      2017-09-10 23:29 - 2017-09-10 23:29 - 000000000 ____D C:\_N-Repair
      2017-09-10 12:40 - 2017-09-10 12:42 - 000151185 _____ C:\Users\Jorge\Downloads\WhatsApp Image 2017-08-07 at 09.43.05.jpeg
      2017-09-10 12:38 - 2017-09-10 12:38 - 000128171 _____ C:\Users\Jorge\Downloads\WhatsApp Image 2017-08-07 at 09.43.50.jpeg
      2017-09-10 12:35 - 2017-09-10 12:35 - 000114946 _____ C:\Users\Jorge\Downloads\WhatsApp Image 2017-09-04 at 11.22.08.jpeg
      2017-09-10 12:35 - 2017-09-10 12:35 - 000099139 _____ C:\Users\Jorge\Downloads\WhatsApp Image 2017-09-04 at 11.22.11.jpeg
      2017-09-10 12:19 - 2017-09-10 12:19 - 000001448 _____ C:\Users\Jorge\Desktop\UsbFix.lnk
      2017-09-10 12:18 - 2017-09-10 12:18 - 000000000 ____D C:\UsbFix
      2017-09-10 12:10 - 2017-09-10 12:11 - 003830352 _____ (SOSVirus) C:\Users\Jorge\Downloads\UsbFix_9.066.exe
      2017-09-07 18:36 - 2017-09-07 18:36 - 000043572 _____ C:\Users\Jorge\Documents\Ventas por Plataforma Alcain.xlsx
      2017-09-07 18:29 - 2017-09-07 18:34 - 000045303 _____ C:\Users\Jorge\Downloads\Operaciones de plataforma (6).csv
      2017-09-07 00:08 - 2017-09-20 01:32 - 000000000 ____D C:\AdwCleaner
      2017-09-05 02:25 - 2017-09-05 02:26 - 002886548 _____ C:\Users\Jorge\Downloads\LP RES Vig84 01Sept2017.pdf
      2017-09-05 02:25 - 2017-09-05 02:26 - 001078484 _____ C:\Users\Jorge\Downloads\LP VEH Vig84 01Sept2017.pdf
      2017-09-05 01:33 - 2017-09-07 23:41 - 001588736 _____ C:\Users\Jorge\Downloads\Lista de precios AROMATIZACION AGOSTO.xls
      2017-09-04 10:54 - 2017-09-18 22:02 - 000000000 ____D C:\Users\Jorge\AppData\LocalLow\Mozilla
      2017-09-04 10:48 - 2017-09-04 10:54 - 000000000 ____D C:\Users\Jorge\AppData\Roaming\Mozilla
      2017-09-04 10:47 - 2017-09-12 07:41 - 000000000 ____D C:\Users\Jorge\AppData\Local\Mozilla
      2017-09-04 10:47 - 2017-09-04 10:47 - 000001117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
      2017-09-04 10:47 - 2017-09-04 10:47 - 000001105 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
      2017-09-04 10:47 - 2017-09-04 10:47 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
      2017-09-04 10:47 - 2017-09-04 10:47 - 000000000 ____D C:\Program Files\Mozilla Firefox
      2017-09-04 10:32 - 2017-09-04 10:32 - 000245928 _____ (Mozilla) C:\Users\Jorge\Downloads\Firefox Installer.exe
      2017-09-03 00:58 - 2017-09-03 00:58 - 000002211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2017-09-03 00:58 - 2017-09-03 00:58 - 000002199 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2017-09-01 10:49 - 2017-09-01 10:49 - 000001124 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
      2017-09-01 10:49 - 2017-09-01 10:49 - 000001124 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
      2017-09-01 10:43 - 2017-09-01 10:42 - 000039784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
      2017-09-01 10:04 - 2017-09-01 10:04 - 000000000 ____D C:\Users\Jorge\AppData\Roaming\AVAST Software
      2017-09-01 10:04 - 2017-09-01 10:04 - 000000000 ____D C:\Users\Jorge\AppData\Local\CEF
      2017-09-01 09:58 - 2017-09-01 09:58 - 000002075 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
      2017-09-01 09:58 - 2017-09-01 09:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
      2017-09-01 09:57 - 2017-09-18 09:33 - 000148232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
      2017-09-01 09:57 - 2017-09-01 09:56 - 000500136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
      2017-09-01 09:57 - 2017-09-01 09:56 - 000296824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
      2017-09-01 09:57 - 2017-09-01 09:56 - 000124952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
      2017-09-01 09:57 - 2017-09-01 09:56 - 000099568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
      2017-09-01 09:57 - 2017-09-01 09:56 - 000070864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
      2017-09-01 09:57 - 2017-09-01 09:56 - 000042856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
      2017-09-01 09:57 - 2017-09-01 09:54 - 000773800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
      2017-09-01 09:57 - 2017-09-01 09:54 - 000276736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswblogx.sys
      2017-09-01 09:57 - 2017-09-01 09:54 - 000267520 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdriverx.sys
      2017-09-01 09:57 - 2017-09-01 09:54 - 000157416 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidshx.sys
      2017-09-01 09:57 - 2017-09-01 09:54 - 000050384 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbunivx.sys
      2017-09-01 09:56 - 2017-09-01 09:55 - 000921280 _____ (Microsoft Corporation) C:\Windows\ucrtbase.dll
      2017-09-01 09:56 - 2017-09-01 09:55 - 000304816 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
      2017-09-01 09:43 - 2017-09-01 09:43 - 000000000 ___HD C:\Windows\system32\GroupPolicy
      2017-09-01 09:35 - 2017-09-01 10:41 - 000000000 ____D C:\Program Files\AVAST Software
      2017-09-01 09:33 - 2017-09-01 13:15 - 000000000 ____D C:\ProgramData\AVAST Software
      2017-09-01 00:46 - 2017-09-01 13:14 - 000010960 _____ C:\Users\Jorge\Documents\Precios de Celulares.xlsx
      2017-08-30 14:43 - 2017-08-30 14:46 - 005128879 _____ C:\Users\Jorge\Downloads\diptico+2015_web.pdf
      2017-08-30 14:43 - 2017-08-30 14:45 - 003504129 _____ C:\Users\Jorge\Downloads\Install-sp-a2k4-ng-19-01-17_web.pdf
      2017-08-30 14:43 - 2017-08-30 14:45 - 001979340 _____ C:\Users\Jorge\Downloads\user-sp-teclados-20-01-17_web.pdf
      2017-08-30 14:43 - 2017-08-30 14:44 - 000354919 _____ C:\Users\Jorge\Downloads\especificacion-sp-a2k4-ng_11-12-15_web.pdf
      2017-08-30 14:22 - 2017-08-30 14:23 - 001323003 _____ C:\Users\Jorge\Downloads\ac3_ver_1.3.rar
      2017-08-30 11:52 - 2017-09-18 09:22 - 000013900 _____ C:\AT-Destroyer.txt
      2017-08-29 00:08 - 2017-08-29 00:08 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
      2017-08-29 00:08 - 2017-08-29 00:08 - 000002130 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
      2017-08-26 14:55 - 2017-08-26 14:55 - 000972787 _____ C:\Users\Jorge\Downloads\Chat de Maria del Carmen.html
      2017-08-26 14:55 - 2017-08-26 14:55 - 000000000 ____D C:\Users\Jorge\Downloads\Chat de Maria del Carmen_files
      2017-08-26 14:52 - 2017-08-26 14:52 - 000833517 _____ C:\Users\Jorge\Downloads\Chat de Pilo Maria del Carmen.html
      2017-08-26 14:52 - 2017-08-26 14:52 - 000000000 ____D C:\Users\Jorge\Downloads\Chat de Pilo Maria del Carmen_files
      2017-08-26 12:19 - 2017-08-26 12:19 - 000629091 _____ C:\Users\Jorge\Downloads\10409_FspecmanualSPECUD00265BDatasheetofDS7200HQHIFN20151129.pdf
      2017-08-25 14:14 - 2008-08-18 19:18 - 000077824 _____ (Fox Magic Software) C:\Windows\system32\fmcodec.DLL
      2017-08-24 21:10 - 2017-08-24 21:11 - 003270144 _____ C:\Users\Jorge\Downloads\lista_cctv_gremio_hikvision_dahua Fernandez.xls
      2017-08-24 17:27 - 2017-08-24 17:27 - 000000000 ___SD C:\ComboFix
      2017-08-24 17:23 - 2017-08-24 17:25 - 000198202 _____ C:\TDSSKiller.3.1.0.12_24.08.2017_17.23.41_log.txt
      2017-08-23 22:10 - 2017-08-23 22:10 - 000249856 _____ C:\Users\Jorge\Downloads\Presupuesto Jorge Osuna 17042017.xls
      2017-08-23 22:09 - 2017-08-23 22:09 - 000045474 _____ C:\Users\Jorge\Downloads\Kit full HD 1080p y DVR TURBO 3.0 (1).pdf
      2017-08-23 22:09 - 2017-08-23 22:09 - 000045276 _____ C:\Users\Jorge\Downloads\Kit HD 720p y DVR dLux (1).pdf
      2017-08-22 11:39 - 2017-08-22 11:40 - 000494414 _____ C:\Users\Jorge\Downloads\Osuna Jorge 17-04.pdf
      2017-08-22 01:45 - 2017-08-22 01:45 - 000015292 _____ C:\ComboFix.txt
      2017-08-22 01:03 - 2017-08-22 01:06 - 000199156 _____ C:\TDSSKiller.3.1.0.12_22.08.2017_01.03.34_log.txt
      2017-08-21 22:10 - 2017-08-21 22:20 - 000000000 ____D C:\Windows\system32\MRT
      2017-08-21 22:10 - 2017-08-21 22:10 - 137505280 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
      2017-08-21 17:23 - 2011-04-09 02:56 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
      2017-08-21 16:20 - 2014-05-14 13:23 - 001973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
      2017-08-21 16:20 - 2014-05-14 13:23 - 000054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
      2017-08-21 16:20 - 2014-05-14 13:23 - 000045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
      2017-08-21 16:20 - 2014-05-14 13:17 - 002425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
      2017-08-21 16:19 - 2014-05-14 09:23 - 000179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
      2017-08-21 16:19 - 2014-05-14 09:17 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
      2017-08-21 11:40 - 2017-08-21 11:40 - 000000202 _____ C:\Users\Jorge\Documents\Stock y Precios de Bolsas.txt
      2017-08-21 01:17 - 2017-08-21 01:17 - 000071503 _____ C:\Users\Jorge\Downloads\Lista polietileno mayorista n° 155-17 (1).pdf

      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-09-20 01:41 - 2017-08-08 08:28 - 000001534 _____ C:\Users\Jorge\Desktop\JRT.txt
      2017-09-20 01:36 - 2016-04-20 09:51 - 000000534 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3431701051-4169044703-816633750-1000.job
      2017-09-20 01:34 - 2016-12-13 12:58 - 000000932 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
      2017-09-20 01:34 - 2009-07-14 01:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2017-09-20 01:32 - 2009-07-14 01:34 - 000016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2017-09-20 01:32 - 2009-07-14 01:34 - 000016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2017-09-20 01:09 - 2016-12-13 12:58 - 000000936 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
      2017-09-20 01:05 - 2016-05-17 17:36 - 000170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
      2017-09-19 20:25 - 2016-04-20 09:51 - 000000630 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3431701051-4169044703-816633750-1000.job
      2017-09-19 08:55 - 2016-05-17 17:35 - 000126336 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
      2017-09-18 21:50 - 2016-04-27 10:00 - 000000000 ___RD C:\Users\Jorge\Google Drive
      2017-09-18 15:28 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\inf
      2017-09-18 15:26 - 2016-07-28 23:57 - 000000965 _____ C:\Users\Public\Desktop\CCleaner.lnk
      2017-09-18 09:21 - 2016-08-24 08:33 - 000000000 ____D C:\_AT-Destroyer
      2017-09-18 08:43 - 2016-08-15 11:50 - 000003444 _____ C:\Users\Jorge\Desktop\Rkill.txt
      2017-09-17 12:42 - 2016-04-27 09:44 - 000002000 _____ C:\Users\Public\Desktop\Google Slides.lnk
      2017-09-17 12:42 - 2016-04-27 09:44 - 000001998 _____ C:\Users\Public\Desktop\Google Sheets.lnk
      2017-09-17 01:53 - 2016-03-28 13:07 - 000000000 ____D C:\Users\Jorge
      2017-09-17 00:54 - 2017-07-08 17:20 - 000000000 ____D C:\Users\Jorge\AppData\Local\GoToMeeting
      2017-09-15 21:55 - 2010-11-20 21:30 - 002536566 _____ C:\Windows\system32\perfh00A.dat
      2017-09-15 21:55 - 2010-11-20 21:30 - 000748734 _____ C:\Windows\system32\perfc00A.dat
      2017-09-15 21:55 - 2010-11-20 18:01 - 000006470 _____ C:\Windows\system32\PerfStringBackup.INI
      2017-09-15 18:35 - 2016-12-13 12:57 - 000000000 ____D C:\Program Files\Dropbox
      2017-09-12 20:06 - 2017-02-28 01:40 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
      2017-09-12 20:06 - 2017-02-28 01:40 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
      2017-09-12 20:06 - 2017-02-28 01:40 - 000000000 ____D C:\Windows\system32\Macromed
      2017-09-11 06:12 - 2016-06-04 09:52 - 000000000 ____D C:\Users\Jorge\AppData\Roaming\DAEMON Tools Lite
      2017-09-11 05:34 - 2009-07-14 01:53 - 000032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT
      2017-09-11 00:37 - 2016-04-28 00:42 - 000000000 ____D C:\Users\Jorge\Downloads\Productos para la Venta
      2017-09-10 12:47 - 2016-06-29 22:03 - 000000000 ____D C:\Users\Jorge\Downloads\Ideas de Decoracion
      2017-09-09 10:02 - 2016-12-14 09:57 - 000000000 ____D C:\ProgramData\KMSAutoS
      2017-09-03 14:45 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\system32\NDF
      2017-09-02 23:44 - 2016-04-21 01:31 - 000000000 ____D C:\Users\Jorge\Downloads\Programitas
      2017-09-02 11:44 - 2016-04-15 02:07 - 000000000 ___SD C:\Users\Jorge\AppData\LocalLow\Temp
      2017-09-02 11:08 - 2016-04-01 18:57 - 000000000 ____D C:\Users\Jorge\AppData\Local\Google
      2017-09-01 01:16 - 2017-08-10 07:35 - 000000000 ____D C:\Camara Agosto 2017
      2017-08-29 00:08 - 2016-04-01 18:57 - 000000000 ____D C:\Program Files\Google
      2017-08-28 09:01 - 2016-05-01 01:24 - 000000000 ____D C:\Users\Jorge\AppData\Local\CrashDumps
      2017-08-28 01:50 - 2017-05-16 00:25 - 000000000 ____D C:\Celular Mayo 2017
      2017-08-25 17:17 - 2017-08-07 17:15 - 000000483 _____ C:\Users\Jorge\Desktop\FUCOFA Oficinas.txt
      2017-08-25 14:14 - 2017-01-15 02:25 - 000001144 _____ C:\Users\Public\Desktop\aTube Catcher.lnk
      2017-08-25 14:14 - 2017-01-15 02:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
      2017-08-24 17:27 - 2017-04-11 09:57 - 000000000 ____D C:\Qoobox
      2017-08-24 14:57 - 2016-04-10 12:20 - 000000000 ____D C:\Users\Jorge\AppData\Roaming\uTorrent
      2017-08-23 11:40 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\rescache
      2017-08-22 01:43 - 2009-07-13 23:04 - 000000215 _____ C:\Windows\system.ini
      2017-08-21 13:04 - 2017-03-05 12:34 - 000000000 ____D C:\Users\Jorge\AppData\LocalLow\uTorrent
      2017-08-21 11:31 - 2016-02-21 22:38 - 000000000 ____D C:\Users\Jorge\Documents\CLARO ALCAIN

      ==================== Files in the root of some directories =======

      2016-06-04 15:23 - 2016-06-04 15:23 - 000022328 _____ () C:\Users\Jorge\AppData\Roaming\PnkBstrK.sys
      2016-04-30 00:13 - 2016-05-10 22:12 - 000004608 _____ () C:\Users\Jorge\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

      ==================== Bamital & volsnap ======================

      (There is no automatic fix for files that do not pass verification.)

      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll
      [2010-11-20 18:29] - [2010-11-20 18:29] - 000811520 _____ (Microsoft Corporation) 8626F0C30D4E3564FFDD25C90F4426F1

      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

      LastRegBack: 2017-09-11 01:20

      ==================== End of FRST.txt ============================

    4. #4
      Usuario Avatar de x28federal
      Registrado
      may 2014
      Ubicación
      Argentina
      Mensajes
      16

      Re: Desde hace meses se me abren ventanas de chrome

      Additional scan result of Farbar Recovery Scan Tool (x86) Version: 17-09-2017 01
      Ran by Jorge (20-09-2017 01:46:01)
      Running from C:\Users\Jorge\Desktop
      Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2016-03-28 16:07:20)
      Boot Mode: Normal
      ==========================================================


      ==================== Accounts: =============================

      Administrador (S-1-5-21-3431701051-4169044703-816633750-500 - Administrator - Disabled)
      ASPNET (S-1-5-21-3431701051-4169044703-816633750-1004 - Limited - Enabled)
      HomeGroupUser$ (S-1-5-21-3431701051-4169044703-816633750-1002 - Limited - Enabled)
      Invitado (S-1-5-21-3431701051-4169044703-816633750-501 - Limited - Disabled)
      Jorge (S-1-5-21-3431701051-4169044703-816633750-1000 - Administrator - Enabled) => C:\Users\Jorge

      ==================== Security Center ========================

      (If an entry is included in the fixlist, it will be removed.)

      AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
      AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

      ==================== Installed Programs ======================

      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

      µTorrent (HKU\S-1-5-21-3431701051-4169044703-816633750-1000\...\uTorrent) (Version: 3.4.9.43295 - BitTorrent Inc.)
      Action! (HKLM\...\Mirillis Action!) (Version: 1.30.3 - Mirillis)
      Adobe Flash Player 27 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
      Adobe Reader 8.1.0 - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-A81000000003}) (Version: 8.1.0 - Adobe Systems Incorporated)
      Aplicación para detectar Winamp (HKU\S-1-5-21-3431701051-4169044703-816633750-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
      aTube Catcher versión 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
      Autoevaluación de Ventas (HKLM\...\Autoevaluación de Ventas_is1) (Version: - Curso práctico para emprendedores 2006)
      Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 17.6.2310 - AVAST Software)
      Backup and Sync from Google (HKLM\...\{9AC75ED0-A54A-4AEA-9563-87572879D91C}) (Version: 3.36.6721.3394 - Google, Inc.)
      Call of Duty(R) 4 - Modern Warfare(TM) (HKLM\...\{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision) Hidden
      Call of Duty(R) 4 - Modern Warfare(TM) (HKLM\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision)
      CCleaner (HKLM\...\CCleaner) (Version: 5.34 - Piriform)
      Citrix Online Launcher (HKLM\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
      Compresor WinRAR (HKLM\...\WinRAR archiver) (Version: - )
      Dropbox (HKLM\...\Dropbox) (Version: 34.4.22 - Dropbox, Inc.)
      Dropbox Update Helper (HKLM\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
      dupeGuru (HKLM\...\{926F26B2-8CCD-42C2-8F5A-A3F9E682BC62}) (Version: 3.8.0 - Hardcoded Software)
      Google Chrome (HKLM\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
      Google Earth Pro (HKLM\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
      Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
      GoToMeeting 8.12.0.7638 (HKU\S-1-5-21-3431701051-4169044703-816633750-1000\...\GoToMeeting) (Version: 8.12.0.7638 - LogMeIn, Inc.)
      HiJackThis (HKLM\...\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}) (Version: 1.0.0 - Trend Micro)
      IP Video System Design Tool 8 VIVOTEK v.8.1.0.1303 (HKLM\...\IP Video System Design Tool 8 VIVOTEK_is1) (Version: - JVSG: CCTV Design Software)
      K-Lite Mega Codec Pack 7.0.0 (HKLM\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
      Malwarebytes Anti-Malware versión 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
      MegaDownloader 1.5 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.5 - AppsForMega.info)
      Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
      Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
      Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
      Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
      Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Mozilla Firefox 55.0.3 (x86 es-ES) (HKLM\...\Mozilla Firefox 55.0.3 (x86 es-ES)) (Version: 55.0.3 - Mozilla)
      Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
      MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
      Nero 8.3.2.1 (HKLM\...\Nero8WinuE_is1) (Version: 8.3.2.1 - Bj @ WinuE)
      NetCut 2.1.4 (HKLM\...\NetCut_is1) (Version: - arcai.com)
      Nokia Connectivity Cable Driver (HKLM\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
      Nokia PC Suite (HKLM\...\{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}) (Version: 7.1.180.94 - Nokia) Hidden
      Nokia PC Suite (HKLM\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
      Paquete de controladores de Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
      Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN (HKLM\...\Microsoft .NET Framework 4 Client Profile ESN Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
      Paquete de idioma de Microsoft .NET Framework 4 Extended ESN (HKLM\...\Microsoft .NET Framework 4 Extended ESN Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
      Revo Uninstaller 1.93 (HKLM\...\Revo Uninstaller) (Version: 1.93 - VS Revo Group)
      SafeZone Stable 4.58.2552.909 (HKLM\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
      Sony Sound Forge 8.0 (HKLM\...\{767572FD-4D01-4FA3-B0A6-4B09FB2CFC37}) (Version: 8.0.53 - Sony)
      Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
      SpywareBlaster 5.5 (HKLM\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC)
      UsbFix (HKLM\...\Usbfix) (Version: 9.001 - www.SOSVirus.Net)
      Winamp (HKLM\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
      Windows Phone app for desktop (HKLM\...\{3549ACF5-2BE0-4FCC-8D3A-15B4342DE901}) (Version: 1.1.2726.0 - Microsoft Corporation)
      WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

      ==================== Custom CLSID (Whitelisted): ==========================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.18.0.dll [2017-09-14] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.18.0.dll [2017-09-14] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.18.0.dll [2017-09-14] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.18.0.dll [2017-09-14] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.18.0.dll [2017-09-14] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.18.0.dll [2017-09-14] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.18.0.dll [2017-09-14] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.18.0.dll [2017-09-14] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.18.0.dll [2017-09-14] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.18.0.dll [2017-09-14] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-08-31] (Google)
      ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-08-31] (Google)
      ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-08-31] (Google)
      ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-09-01] (AVAST Software)
      ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
      ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-09-01] (AVAST Software)
      ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.18.0.dll [2017-09-14] (Dropbox, Inc.)
      ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2017-08-31] (Google)
      ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files\Spybot - Search & Destroy 2\SDECon32.dll [2014-06-24] (Safer-Networking Ltd.)
      ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2006-12-04] ()
      ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-09-01] (AVAST Software)
      ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
      ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
      ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.18.0.dll [2017-09-14] (Dropbox, Inc.)
      ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2017-08-31] (Google)
      ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2006-12-04] ()
      ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.18.0.dll [2017-09-14] (Dropbox, Inc.)
      ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-09-01] (AVAST Software)
      ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
      ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files\Spybot - Search & Destroy 2\SDECon32.dll [2014-06-24] (Safer-Networking Ltd.)
      ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2006-12-04] ()

      ==================== Scheduled Tasks (Whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      Task: {034F8844-3F61-4190-9417-1C601265E2F8} - System32\Tasks\SafeZone scheduled Autoupdate 1504273737 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
      Task: {0674B21E-4A67-4B35-B5A8-73962DA5A34F} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [2015-07-28] (MSFree Inc.)
      Task: {13DBF40E-4CC6-474E-9749-E93A5356AF9B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-07] (Piriform Ltd)
      Task: {14824E84-3A02-4D1C-A342-9AD0BF646F9B} - System32\Tasks\G2MUploadTask-S-1-5-21-3431701051-4169044703-816633750-1000 => C:\Users\Jorge\AppData\Local\GoToMeeting\7638\g2mupload.exe [2017-09-17] (LogMeIn, Inc.)
      Task: {24507515-7318-4D97-8E3F-C599B7FEBC39} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-04-01] (Google Inc.)
      Task: {281DE83A-82BD-4DA1-87A9-58B0AA52F1E4} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
      Task: {3F5124C0-3E4E-4CAB-B03A-A88ACF663A08} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
      Task: {6C509059-FDBE-49C3-941C-3AFD2C8E8D3D} - System32\Tasks\G2MUpdateTask-S-1-5-21-3431701051-4169044703-816633750-1000 => C:\Users\Jorge\AppData\Local\GoToMeeting\7638\g2mupdate.exe [2017-09-17] (LogMeIn, Inc.)
      Task: {6CE7C8E0-A0A1-4547-B0A6-0F47BF6379C0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-12] (Adobe Systems Incorporated)
      Task: {A61C9846-EB25-43C2-95B1-70255E98898F} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_27_0_0_130_pepper.exe [2017-09-12] (Adobe Systems Incorporated)
      Task: {A7508DCE-E83D-41B3-8062-C99139063946} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
      Task: {B0FB200B-8933-4E15-92A2-73DC295467CB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-04-01] (Google Inc.)
      Task: {B947F262-788A-4CE6-8693-F388D252E7C7} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-12-13] (Dropbox, Inc.)
      Task: {D9473154-639D-4314-A008-CEF3926363B3} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-12-13] (Dropbox, Inc.)
      Task: {E2B02FE0-A9F4-489A-B1BA-AC895AB29A98} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-09-01] (AVAST Software)
      Task: {EC694C48-AC76-4371-9789-A36A5E21F08C} - System32\Tasks\{191439C3-6D0A-4ED1-8EC1-D3CE66A29260} => C:\Windows\system32\pcalua.exe -a "D:\Sound Forge 8\Sony Sound Forge 8.0.exe" -d "D:\Sound Forge 8"

      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

      Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
      Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
      Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3431701051-4169044703-816633750-1000.job => C:\Users\Jorge\AppData\Local\GoToMeeting\7638\g2mupdate.exe
      Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3431701051-4169044703-816633750-1000.job => C:\Users\Jorge\AppData\Local\GoToMeeting\7638\g2mupload.exe

      ==================== Shortcuts & WMI ========================

      (The entries could be listed to be restored or removed.)


      ==================== Loaded Modules (Whitelisted) ==============

      2017-09-01 09:55 - 2017-09-01 09:55 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
      2017-09-01 09:55 - 2017-09-01 09:55 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
      2017-09-01 09:55 - 2017-09-01 09:55 - 000211904 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
      2017-09-01 09:55 - 2017-09-01 09:55 - 000241960 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
      2017-09-01 09:55 - 2017-09-01 09:55 - 000149568 _____ () C:\Program Files\AVAST Software\Avast\network_notifications.dll
      2017-09-19 12:56 - 2017-09-19 12:56 - 005902376 _____ () C:\Program Files\AVAST Software\Avast\defs\17091904\algo.dll
      2017-09-01 09:55 - 2017-09-01 09:55 - 000685688 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
      2017-09-01 09:55 - 2017-09-01 09:55 - 000241448 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
      2016-06-04 15:23 - 2016-06-04 15:23 - 000066872 _____ () C:\Windows\system32\PnkBstrA.exe
      2016-06-04 15:23 - 2016-06-04 15:23 - 000103736 _____ () C:\Windows\system32\PnkBstrB.exe
      2016-08-16 02:56 - 2014-05-13 12:04 - 000109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
      2016-08-16 02:56 - 2014-05-13 12:04 - 000416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
      2016-08-16 02:56 - 2014-05-13 12:04 - 000167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
      2016-08-16 02:56 - 2012-08-23 10:38 - 000574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
      2016-08-16 02:56 - 2012-04-03 17:06 - 000565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
      2007-05-11 01:50 - 2007-05-11 01:50 - 000017024 _____ () C:\Program Files\Adobe\Reader 8.0\Reader\viewerps.dll
      2016-03-29 10:29 - 2006-12-04 17:00 - 000126464 _____ () C:\Program Files\WinRAR\rarext.dll
      2017-09-01 09:54 - 2017-09-01 09:54 - 000142792 _____ () c:\Program Files\AVAST Software\Avast\vaarclient.dll
      2017-09-01 09:56 - 2017-09-01 09:56 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
      2017-09-01 09:54 - 2017-09-01 09:54 - 000233768 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll

      ==================== Alternate Data Streams (Whitelisted) =========

      (If an entry is included in the fixlist, only the ADS will be removed.)

      AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125]

      ==================== Safe Mode (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


      ==================== Association (Whitelisted) ===============

      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


      ==================== Internet Explorer trusted/restricted ===============

      (If an entry is included in the fixlist, it will be removed from the registry.)

      IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
      IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
      IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
      IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
      IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
      IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
      IE restricted site: HKU\.DEFAULT\...\0scan.com -> 0scan.com
      IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
      IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> 1-domains-registrations.com
      IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
      IE restricted site: HKU\.DEFAULT\...\1001namen.com -> 1001 Namen
      IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
      IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> 100sexlinks.com*-*This website is for sale!*-*Sexlinks Resources and Information.
      IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
      IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
      IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
      IE restricted site: HKU\.DEFAULT\...\123fporn.info -> Dangers related to **** sites | **** related viruses
      IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
      IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> Account Suspended
      IE restricted site: HKU\.DEFAULT\...\123simsen.com -> WebMD - Better information. Better health.

      There are 7936 more sites.

      IE restricted site: HKU\S-1-5-21-3431701051-4169044703-816633750-1000\...\007guard.com -> install.007guard.com
      IE restricted site: HKU\S-1-5-21-3431701051-4169044703-816633750-1000\...\008i.com -> 008i.com
      IE restricted site: HKU\S-1-5-21-3431701051-4169044703-816633750-1000\...\008k.com -> www.008k.com
      IE restricted site: HKU\S-1-5-21-3431701051-4169044703-816633750-1000\...\00hq.com -> www.00hq.com
      IE restricted site: HKU\S-1-5-21-3431701051-4169044703-816633750-1000\...\010402.com -> 010402.com
      IE restricted site: HKU\S-1-5-21-3431701051-4169044703-816633750-1000\...\0190-dialers.com -> 0190-dialers.com
      IE restricted site: HKU\S-1-5-21-3431701051-4169044703-816633750-1000\...\01i.info -> 01i.info
      IE restricted site: HKU\S-1-5-21-3431701051-4169044703-816633750-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
      IE restricted site: HKU\S-1-5-21-3431701051-4169044703-816633750-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
      IE restricted site: HKU\S-1-5-21-3431701051-4169044703-816633750-1000\...\0411dd.com -> 0411dd.com
      IE restricted site: HKU\S-1-5-21-3431701051-4169044703-816633750-1000\...\0511zfhl.com -> 0511zfhl.com
      IE restricted site: HKU\S-1-5-21-3431701051-4169044703-816633750-1000\...\05p.com -> 05p.com
      IE restricted site: HKU\S-1-5-21-3431701051-4169044703-816633750-1000\...\0632qyw.com -> 0632qyw.com
      IE restricted site: HKU\S-1-5-21-3431701051-4169044703-816633750-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
      IE restricted site: HKU\S-1-5-21-3431701051-4169044703-816633750-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
      IE restricted site: HKU\S-1-5-21-3431701051-4169044703-816633750-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
      IE restricted site: HKU\S-1-5-21-3431701051-4169044703-816633750-1000\...\0calories.net -> 0calories.net
      IE restricted site: HKU\S-1-5-21-3431701051-4169044703-816633750-1000\...\0cj.net -> 0cj.net
      IE restricted site: HKU\S-1-5-21-3431701051-4169044703-816633750-1000\...\0scan.com -> 0scan.com
      IE restricted site: HKU\S-1-5-21-3431701051-4169044703-816633750-1000\...\1-2005-search.com -> www.1-2005-search.com

      There are 12753 more sites.


      ==================== Hosts content: ==========================

      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

      2009-07-13 23:04 - 2017-09-18 23:59 - 000454373 ____R C:\Windows\system32\Drivers\etc\hosts

      127.0.0.1 www.007guard.com
      127.0.0.1 007guard.com
      127.0.0.1 008i.com
      127.0.0.1 www.008k.com
      127.0.0.1 008k.com
      127.0.0.1 www.00hq.com
      127.0.0.1 00hq.com
      127.0.0.1 010402.com
      127.0.0.1 032439.com
      127.0.0.1 032439.com
      127.0.0.1 0scan.com
      127.0.0.1 0scan.com
      127.0.0.1 1000gratisproben.com
      127.0.0.1 www.1000gratisproben.com
      127.0.0.1 1001namen.com
      127.0.0.1 1001 Namen
      127.0.0.1 100888290cs.com
      127.0.0.1 My Blog – My WordPress Blog
      127.0.0.1 100sexlinks.com*-*This website is for sale!*-*Sexlinks Resources and Information.
      127.0.0.1 100sexlinks.com
      127.0.0.1 10sek.com
      127.0.0.1 www.10sek.com
      127.0.0.1 www.1-2005-search.com
      127.0.0.1 1-2005-search.com
      127.0.0.1 123fporn.info
      127.0.0.1 Dangers related to **** sites | **** related viruses
      127.0.0.1 www.123haustiereundmehr.com
      127.0.0.1 123haustiereundmehr.com
      127.0.0.1 123moviedownload.com
      127.0.0.1 Account Suspended

      There are 15596 more lines.


      ==================== Other Areas ============================

      (Currently there is no automatic fix for this section.)

      HKU\S-1-5-21-3431701051-4169044703-816633750-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jorge\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
      DNS Servers: Media is not connected to internet.
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
      Windows Firewall is enabled.

      ==================== MSCONFIG/TASK MANAGER disabled items ==


      ==================== FirewallRules (Whitelisted) ===============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      FirewallRules: [{B7261680-BEA3-4F71-A8B5-A05369070410}] => (Allow) C:\Program Files\Winamp\winamp.exe
      FirewallRules: [{F5574863-1AD3-4910-82D4-3BB7F8BCDABC}] => (Allow) C:\Program Files\Winamp\winamp.exe
      FirewallRules: [TCP Query User{FA32F88E-2578-4E68-8F75-2E973F863911}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
      FirewallRules: [UDP Query User{E8A8AE19-FCC4-48A5-AF16-D6CA6B1EF061}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
      FirewallRules: [{6FECE205-8F1D-420E-8095-3B3A24B283CB}] => (Allow) C:\Users\Jorge\AppData\Local\Chromium\Application\chrome.exe
      FirewallRules: [{718A3482-E103-43B3-B79A-EB6A49B6A519}] => (Allow) C:\Users\Jorge\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{7379DCA6-C722-45AD-8442-31840082F111}] => (Allow) C:\Users\Jorge\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{6C973CE6-BE9F-445D-8E83-FBB467436E55}] => (Allow) C:\Users\Jorge\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{60FD81B5-AFEE-4286-96EA-D0A9323FACDA}] => (Allow) C:\Users\Jorge\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{C082C0B6-1EEE-42F7-AD5C-87B4FDCF80EA}] => (Allow) C:\Users\Jorge\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{4FA02CB3-E3B9-4CF0-875A-CDCA2899766D}] => (Allow) C:\Users\Jorge\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{EBF057CD-49DB-49DE-9291-B8E396DADB7A}] => (Allow) C:\Users\Jorge\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{1F37AFA4-00DF-461D-9DEA-BE2EF99259AA}] => (Allow) C:\Users\Jorge\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{F4C5AD99-E75F-4245-9DD2-C718C4AF9C68}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
      FirewallRules: [{09EC4339-DDA8-4A51-B8C8-DD0E9B203052}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
      FirewallRules: [{3BA9EF57-D64C-4A35-A428-E94D5C99D8F6}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
      FirewallRules: [{49E76B77-9925-4170-86F8-A6659D932A17}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
      FirewallRules: [{1A8B6F10-BD46-42FA-AE5D-62FF1E1FA3D8}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
      FirewallRules: [{41562847-9BD2-4608-9CA4-35B200AB4378}] => (Allow) C:\Users\Jorge\AppData\Local\Chromium\Application\chrome.exe
      FirewallRules: [{7C132709-7D55-45C9-B70A-117CFD397367}] => (Allow) C:\Users\Jorge\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{82557DF4-3950-4DCB-AD60-C3865BE55C71}] => (Allow) C:\Users\Jorge\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{0A4E5E8D-1D80-487A-A0D0-1817EE239595}] => (Allow) C:\Windows\System32\PnkBstrA.exe
      FirewallRules: [{B4E769BF-6412-4A26-A5E7-8198DDFA8977}] => (Allow) C:\Windows\System32\PnkBstrA.exe
      FirewallRules: [{604B0068-E548-4A85-8EC3-3A2F4E1D5488}] => (Allow) C:\Windows\System32\PnkBstrB.exe
      FirewallRules: [{74D4F1E4-7F74-4430-A482-30569AAF6F30}] => (Allow) C:\Windows\System32\PnkBstrB.exe
      FirewallRules: [{B2CC2A2C-5BCE-4BD3-9B85-489591CD0809}] => (Allow) C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
      FirewallRules: [{FAE56477-5EB5-495A-923E-2263B6299D3D}] => (Allow) C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
      FirewallRules: [{74FFBF5F-B6DC-4396-974C-5E5FCF6E0B6C}] => (Allow) C:\Program Files\Winamp\winamp.exe
      FirewallRules: [{7E976D16-FC53-4F22-B552-4FCB9D4A9AFE}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
      FirewallRules: [{1505292A-0E23-49F9-96E7-2E95300CDF34}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
      FirewallRules: [{C13D03C0-64A7-47F5-BB9E-819CB2F431FD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
      FirewallRules: [{B30DAB84-55AB-4551-8B60-E247FE578234}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
      FirewallRules: [{C48B73D8-083D-4EFC-B319-52EB2C8F97B8}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe
      StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
      StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
      StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
      StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

      ==================== Restore Points =========================

      ATTENTION: System Restore is disabled

      ==================== Faulty Device Manager Devices =============

      Name: Teredo Tunneling Pseudo-Interface
      Description: Adaptador de tunelización Teredo de Microsoft
      Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
      Manufacturer: Microsoft
      Service: tunnel
      Problem: : This device cannot start. (Code10)
      Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
      On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


      ==================== Event log errors: =========================

      Application errors:
      ==================
      Error: (09/20/2017 01:34:32 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
      Description: No se puede inicializar el índice.

      Detalles:
      El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)

      Error: (09/20/2017 01:34:32 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
      Description: No se puede inicializar la aplicación.

      Contexto: aplicación Windows

      Detalles:
      El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)

      Error: (09/20/2017 01:34:32 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
      Description: No se puede inicializar el objeto Recopilador.

      Contexto: aplicación Windows, catálogo SystemIndex

      Detalles:
      El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)

      Error: (09/20/2017 01:34:32 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
      Description: No se puede inicializar el complemento <Search.TripoliIndexer>.

      Contexto: aplicación Windows, catálogo SystemIndex

      Detalles:
      No se ha encontrado el elemento. (HRESULT : 0x80070490) (0x80070490)

      Error: (09/20/2017 01:34:29 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
      Description: No se puede inicializar el complemento <Search.JetPropStore>.

      Contexto: aplicación Windows, catálogo SystemIndex

      Detalles:
      El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)

      Error: (09/20/2017 01:34:29 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
      Description: El servicio Windows Search no puede cargar la información del almacén de propiedades.

      Contexto: aplicación Windows, catálogo SystemIndex

      Detalles:
      La base de datos del índice de contenido está dañada. (HRESULT : 0xc0041800) (0xc0041800)

      Error: (09/20/2017 01:34:29 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
      Description: El servicio Windows Search se está deteniendo porque hay un problema con el indizador: The catalog is corrupt.

      Detalles:
      El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)

      Error: (09/20/2017 01:34:29 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
      Description: El servicio de búsqueda detectó archivos de datos dañados en el índice {id=4700}. Este servicio intentará corregir este problema automáticamente mediante la nueva generación del índice.

      Detalles:
      El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)

      Error: (09/20/2017 01:34:29 AM) (Source: Windows Search Service) (EventID: 9000) (User: )
      Description: El servicio Windows Search no puede abrir el almacén de propiedades de Jet.

      Detalles:
      0x%08x (0xc0041800 - La base de datos del índice de contenido está dañada. (HRESULT : 0xc0041800))

      Error: (09/20/2017 01:34:28 AM) (Source: ESENT) (EventID: 455) (User: )
      Description: Windows (2324) Windows: Error -1811 al abrir un archivo de registro C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS01155.log.


      System errors:
      =============
      Error: (09/20/2017 01:34:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio Windows Search terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

      Error: (09/20/2017 01:34:32 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
      Description: El servicio Windows Search se cerró con el error específico de servicio %%-1073473535.

      Error: (09/20/2017 01:34:16 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
      Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
      sptd

      Error: (09/20/2017 01:34:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
      Description: El servicio Spybot-S&D 2 Security Center Service no pudo iniciarse debido al siguiente error:
      Windows no puede comprobar la firma digital en este archivo. Un cambio reciente en el hardware o en el software podría haber instalado un archivo con una firma incorrecta o dañada, o podría también tratarse de un software malintencionado proveniente de un origen desconocido.

      Error: (09/20/2017 01:34:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
      Description: El servicio Nod32 AV no pudo iniciarse debido al siguiente error:
      El servicio no respondió a tiempo a la solicitud de inicio o de control.

      Error: (09/20/2017 01:34:05 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
      Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Nod32 AV.

      Error: (09/20/2017 01:33:36 AM) (Source: sptd) (EventID: 4) (User: )
      Description: El controlador detectó un error interno en la estructura de datos de .

      Error: (09/20/2017 01:32:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
      Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media no pudo iniciarse debido al siguiente error:
      No se puede iniciar el servicio debido a un error en el inicio de sesión.

      Error: (09/20/2017 01:32:30 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
      Description: El servicio WMPNetworkSvc no se pudo iniciarse como NT AUTHORITY\NetworkService con la contraseña configurada actualmente debido al siguiente error:
      Solicitud no compatible.


      Para asegurarse de que el servicio esté correctamente configurado, use el complemento Servicios en Microsoft Management Console (MMC).

      Error: (09/20/2017 01:32:00 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio Protección de software terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.


      CodeIntegrity:
      ===================================
      Date: 2017-09-20 01:45:23.148
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-09-20 01:45:22.960
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-09-20 01:34:16.053
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-09-20 01:09:23.303
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-09-20 01:09:23.131
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-09-20 01:09:22.959
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-09-20 01:09:22.803
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-09-20 01:09:22.553
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-09-20 01:09:22.366
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-09-20 01:08:44.334
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.


      ==================== Memory info ===========================

      Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4000+
      Percentage of memory in use: 41%
      Total physical RAM: 2046.49 MB
      Available physical RAM: 1194.39 MB
      Total Virtual: 4092.98 MB
      Available Virtual: 3154.3 MB

      ==================== Drives ================================

      Drive c: () (Fixed) (Total:148.95 GB) (Free:13.95 GB) NTFS
      Drive n: (Osuna HD) (Fixed) (Total:931.51 GB) (Free:22.57 GB) NTFS

      ==================== MBR & Partition Table ==================

      ========================================================
      Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 12CC12CB)
      Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
      Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

      ========================================================
      Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 327B9147)
      Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

      ==================== End of Addition.txt ============================

      Perdon la falta de cortesia, si me demoro se sale de la pagina y me quedo sin saludar Gracias por la ayuda

    5. #5
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Via Lactea.
      Mensajes
      22.259

      Re: Desde hace meses se me abren ventanas de chrome

      Hola.

      NO pusiste el informe de JRT, lo usaste.??
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    6. #6
      Usuario Avatar de x28federal
      Registrado
      may 2014
      Ubicación
      Argentina
      Mensajes
      16

      Re: Desde hace meses se me abren ventanas de chrome

      Mil disculpas se me paso
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Junkware Removal Tool (JRT) by Malwarebytes
      Version: 8.1.4 (07.09.2017)
      Operating System: Windows 7 Ultimate x86
      Ran by Jorge (Administrator) on 20/09/2017 at 1:38:07,21
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




      File System: 6

      Successfully deleted: C:\Users\Jorge\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2GKF3RNW (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Jorge\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OC1YS7P (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Jorge\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WPHFL6P3 (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2GKF3RNW (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OC1YS7P (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WPHFL6P3 (Temporary Internet Files Folder)



      Registry: 0





      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on 20/09/2017 at 1:41:51,55
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    7. #7
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Via Lactea.
      Mensajes
      22.259

      Re: Desde hace meses se me abren ventanas de chrome

      Perfecto.... bien...... y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :


      • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

      • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

      • Pulsar en Run.

      Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

      Y ahora inicia tu equipo desde el >> Modo Seguro – con funciones de Red, de Windows.

      Con los demás programas cerrados ve a >> Inicio >> Ejecutar >> y escribe notepad.exe.

      Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad: (Se excluye la palabra código)

      Código:
      START
      CREATERESTOREPOINT:
      CLOSEPROCESSES:
      ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
      ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
      Task: {EC694C48-AC76-4371-9789-A36A5E21F08C} - System32\Tasks\{191439C3-6D0A-4ED1-8EC1-D3CE66A29260} => C:\Windows\system32\pcalua.exe -a "D:\Sound Forge 8\Sony Sound Forge 8.0.exe" -d "D:\Sound Forge 8"
      AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125]
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      BootExecute: autocheck autochk * sdnclean.exe
      GroupPolicy: Restriction - Chrome <==== ATTENTION
      CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
      FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
      S2 EFix4; %SystemRoot%\Regedit.exe /s %WinDir%\Fix.reg [X]
      S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
      S3 catchme; \??\C:\Users\Jorge\AppData\Local\Temp\catchme.sys [X]
      S3 dbx; system32\DRIVERS\dbx.sys [X]
      S3 panda_url_filteringd; \??\C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [X]
      S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
      S3 VGPU; System32\drivers\rdvgkmd.sys [X]
      2016-06-04 15:23 - 2016-06-04 15:23 - 000022328 _____ () C:\Users\Jorge\AppData\Roaming\PnkBstrK.sys
      2016-04-30 00:13 - 2016-05-10 22:12 - 000004608 _____ () C:\Users\Jorge\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      HOSTS:
      REMOVEPROXY:
      EMPTYTEMP:
      CMD: netsh winsock reset
      CMD: ipconfig /renew
      CMD: ipconfig /flushdns
      CMD: bitsadmin /reset /allusers
      CMD: netsh winsock reset
      CMD: ipconfig /renew
      CMD: ipconfig /flushdns
      CMD: bitsadmin /reset /allusers
      CMD: netsh advfirewall reset
      CMD: netsh advfirewall set allprofiles state ON
      CMD: netsh int ipv4 reset
      CMD: netsh int ipv6 reset
      END
      Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio <<< Esto es muy importante.

      Nota: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.
      ATENCION!!!! El siguiente Script de reparación fue hecho específicamente por un miembro del staff para este usuario, si tiene un problema similar por favor abra su propio tema para recibir ayuda personalizada. Usar Scripts de otros usuarios puede causar daños a su equipo



      • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas "Ejecutar como Administrador")
      • Presionar el botón FIX y aguardar a que termine.
      • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).


      Pegar el contenido de este fichero en tu próxima respuesta.

      Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    8. #8
      Usuario Avatar de x28federal
      Registrado
      may 2014
      Ubicación
      Argentina
      Mensajes
      16

      Re: Desde hace meses se me abren ventanas de chrome

      Hola Buenas tardes, ahora no tengo mucho tiempo para usarla pero parece estable, esta noche te confirmo Gracias va e lreporte
      Edito perdon, al reiniciar me dio algo de que dice "Firewal de windoes bloqueo algunas caracteristicas de este programa Acceso a las redes publicas y privadas, estaba seleccionado "Redes Privadas " y le di permitir acceso

      Fix result of Farbar Recovery Scan Tool (x86) Version: 20-09-2017
      Ran by Jorge (20-09-2017 15:28:07) Run:1
      Running from C:\Users\Jorge\Desktop
      Loaded Profiles: Jorge (Available Profiles: Jorge)
      Boot Mode: Safe Mode (with Networking)

      ==============================================

      fixlist content:
      *****************
      START
      CREATERESTOREPOINT:
      CLOSEPROCESSES:
      ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
      ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
      Task: {EC694C48-AC76-4371-9789-A36A5E21F08C} - System32\Tasks\{191439C3-6D0A-4ED1-8EC1-D3CE66A29260} => C:\Windows\system32\pcalua.exe -a "D:\Sound Forge 8\Sony Sound Forge 8.0.exe" -d "D:\Sound Forge 8"
      AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125]
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      BootExecute: autocheck autochk * sdnclean.exe
      GroupPolicy: Restriction - Chrome <==== ATTENTION
      CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
      FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
      S2 EFix4; %SystemRoot%\Regedit.exe /s %WinDir%\Fix.reg [X]
      S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
      S3 catchme; \??\C:\Users\Jorge\AppData\Local\Temp\catchme.sys [X]
      S3 dbx; system32\DRIVERS\dbx.sys [X]
      S3 panda_url_filteringd; \??\C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [X]
      S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
      S3 VGPU; System32\drivers\rdvgkmd.sys [X]
      2016-06-04 15:23 - 2016-06-04 15:23 - 000022328 _____ () C:\Users\Jorge\AppData\Roaming\PnkBstrK.sys
      2016-04-30 00:13 - 2016-05-10 22:12 - 000004608 _____ () C:\Users\Jorge\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      HOSTS:
      REMOVEPROXY:
      EMPTYTEMP:
      CMD: netsh winsock reset
      CMD: ipconfig /renew
      CMD: ipconfig /flushdns
      CMD: bitsadmin /reset /allusers
      CMD: netsh winsock reset
      CMD: ipconfig /renew
      CMD: ipconfig /flushdns
      CMD: bitsadmin /reset /allusers
      CMD: netsh advfirewall reset
      CMD: netsh advfirewall set allprofiles state ON
      CMD: netsh int ipv4 reset
      CMD: netsh int ipv6 reset
      END
      *****************

      Error: Restore point can only be created in normal mode.
      Processes closed successfully.
      HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\###MegaContextMenuExt => key removed successfully.
      HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => key not found.
      HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\###MegaContextMenuExt => key removed successfully.
      HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => key not found.
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC694C48-AC76-4371-9789-A36A5E21F08C} => key removed successfully.
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC694C48-AC76-4371-9789-A36A5E21F08C} => key removed successfully.
      C:\Windows\System32\Tasks\{191439C3-6D0A-4ED1-8EC1-D3CE66A29260} => moved successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{191439C3-6D0A-4ED1-8EC1-D3CE66A29260} => key removed successfully.
      C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully..
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => key removed successfully.
      HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
      C:\Windows\system32\GroupPolicy\Machine => moved successfully
      C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
      HKLM\SOFTWARE\Policies\Google => key removed successfully.
      HKLM\Software\Mozilla\Thunderbird\Extensions\\[email protected] => value removed successfully.
      HKLM\System\CurrentControlSet\Services\EFix4 => key removed successfully.
      EFix4 => service removed successfully.
      HKLM\System\CurrentControlSet\Services\rpcapd => key removed successfully.
      rpcapd => service removed successfully.
      HKLM\System\CurrentControlSet\Services\catchme => key removed successfully.
      catchme => service removed successfully.
      HKLM\System\CurrentControlSet\Services\dbx => key removed successfully.
      dbx => service removed successfully.
      HKLM\System\CurrentControlSet\Services\panda_url_filteringd => key removed successfully.
      panda_url_filteringd => service removed successfully.
      HKLM\System\CurrentControlSet\Services\pccsmcfd => key removed successfully.
      pccsmcfd => service removed successfully.
      HKLM\System\CurrentControlSet\Services\VGPU => key removed successfully.
      VGPU => service removed successfully.
      C:\Users\Jorge\AppData\Roaming\PnkBstrK.sys => moved successfully
      C:\Users\Jorge\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
      C:\Windows\System32\Drivers\etc\hosts => moved successfully
      Hosts restored successfully.

      ========= RemoveProxy: =========

      HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully.
      HKU\S-1-5-21-3431701051-4169044703-816633750-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully.
      HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
      HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.
      HKU\S-1-5-21-3431701051-4169044703-816633750-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
      HKU\S-1-5-21-3431701051-4169044703-816633750-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.


      ========= End of RemoveProxy: =========


      ========= netsh winsock reset =========


      El cat*logo Winsock se restableci¢ correctamente.
      Debe reiniciar el equipo para completar el restablecimiento.


      ========= End of CMD: =========


      ========= ipconfig /renew =========


      Configuraci¢n IP de Windows


      Adaptador de Ethernet Conexi¢n de *rea local:

      Sufijo DNS espec¡fico para la conexi¢n. . :
      V¡nculo: direcci¢n IPv6 local. . . : fe80::75ce:917b:5f9:9a2b%11
      Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.101
      M*scara de subred . . . . . . . . . . . . : 255.255.255.0
      Puerta de enlace predeterminada . . . . . : 192.168.1.1

      ========= End of CMD: =========


      ========= ipconfig /flushdns =========


      Configuraci¢n IP de Windows

      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

      ========= End of CMD: =========


      ========= bitsadmin /reset /allusers =========


      BITSADMIN version 3.0 [ 7.5.7601 ]
      BITS administration utility.
      (C) Copyright 2000-2006 Microsoft Corp.

      BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
      Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

      Unable to connect to BITS - 0x8007042c

      ========= End of CMD: =========


      ========= netsh winsock reset =========


      El cat*logo Winsock se restableci¢ correctamente.
      Debe reiniciar el equipo para completar el restablecimiento.


      ========= End of CMD: =========


      ========= ipconfig /renew =========


      Configuraci¢n IP de Windows


      Adaptador de Ethernet Conexi¢n de *rea local:

      Sufijo DNS espec¡fico para la conexi¢n. . :
      V¡nculo: direcci¢n IPv6 local. . . : fe80::75ce:917b:5f9:9a2b%11
      Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.101
      M*scara de subred . . . . . . . . . . . . : 255.255.255.0
      Puerta de enlace predeterminada . . . . . : 192.168.1.1

      ========= End of CMD: =========


      ========= ipconfig /flushdns =========


      Configuraci¢n IP de Windows

      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

      ========= End of CMD: =========


      ========= bitsadmin /reset /allusers =========


      BITSADMIN version 3.0 [ 7.5.7601 ]
      BITS administration utility.
      (C) Copyright 2000-2006 Microsoft Corp.

      BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
      Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

      Unable to connect to BITS - 0x8007042c

      ========= End of CMD: =========


      ========= netsh advfirewall reset =========

      Aceptar


      ========= End of CMD: =========


      ========= netsh advfirewall set allprofiles state ON =========

      Aceptar


      ========= End of CMD: =========


      ========= netsh int ipv4 reset =========

      Global se restableci¢ correctamente.
      Interfaz se restableci¢ correctamente.
      Reinicie el equipo para completar esta acci¢n.


      ========= End of CMD: =========


      ========= netsh int ipv6 reset =========

      Interfaz se restableci¢ correctamente.
      Reinicie el equipo para completar esta acci¢n.


      ========= End of CMD: =========


      =========== EmptyTemp: ==========

      BITS transfer queue => 0 B
      DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14459735 B
      Java, Flash, Steam htmlcache => 0 B
      Windows/system/drivers => 324896 B
      Edge => 0 B
      Chrome => 69726171 B
      Firefox => 15502363 B
      Opera => 0 B

      Temp, IE cache, history, cookies, recent:
      Users => 0 B
      Default => 0 B
      Public => 0 B
      ProgramData => 0 B
      systemprofile => 2196148 B
      LocalService => 132244 B
      NetworkService => 66812 B
      Jorge => 74247019 B

      RecycleBin => 0 B
      EmptyTemp: => 168.5 MB temporary data Removed.

      ================================


      The system needed a reboot.

      ==== End of Fixlog 15:28:37 ====
      Última edición por x28federal fecha: 20/09/17 a las 14:45:04 Razón: Olvide un mensaje del sistema

    9. #9
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Via Lactea.
      Mensajes
      22.259

      Re: Desde hace meses se me abren ventanas de chrome

      Hola.
      Cita Originalmente publicado por x28federal Ver Mensaje
      Edito perdon, al reiniciar me dio algo de que dice "Firewal de windoes bloqueo algunas caracteristicas de este programa Acceso a las redes publicas y privadas, estaba seleccionado "Redes Privadas " y le di permitir acceso
      Correcto hiciste lo adecuado, eso ocurre porque en el proceso de reparación incluimos el borrado de TODOS los parámetros del Firewall para eliminar posibles conexiones NO deseadas.
      Cita Originalmente publicado por x28federal Ver Mensaje
      ahora no tengo mucho tiempo para usarla pero parece estable, esta noche te confirmo Gracias va e lreporte
      Perfecto, pruebalo y nos comentas.

      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    10. #10
      Usuario Avatar de x28federal
      Registrado
      may 2014
      Ubicación
      Argentina
      Mensajes
      16

      Re: Desde hace meses se me abren ventanas de chrome

      Hola, perdón recien tuve un tiempito y probé , las paginas no se cambian momentáneamente, pero uno de los síntomas que es : Cuando estas en el Explorador de Windows, abrirse nuevas ventanas lo hizo recién.
      Digamos que al tocar un documento o archivo abre una nueva ventana del explorador, he llegado a tener algunos dias diez abiertas, jamas me abrió en ninguna pagina en especifico, solo el menu de pestañas usadas. (espero haber sido claro) y disculpas que me conecto cuando estoy un rato en casa, igual vos maneja tus tiempos y disculpas nuevamente.

    Página 1 de 3 123 ÚltimoÚltimo