• Registrarse
  • Iniciar sesión


  • Página 4 de 7 PrimeroPrimero 1234567 ÚltimoÚltimo
    Resultados 31 al 40 de 67

    Bloqueo y calculadora (Re-abierto)

    Hola de nuevo. Cuando estaba pasando el malwarebytes, a las 2 horas y pico, cuando llevaba ya mucho tiempo haciendo el "análisis de sistema de archivos" ha salido un mensaje que decía "no se puede ...

    1. #31
      Usuario Avatar de JessCity7788
      Registrado
      jun 2015
      Ubicación
      España
      Mensajes
      40

      Re: Bloqueo y calculadora (Re-abierto)

      Hola de nuevo. Cuando estaba pasando el malwarebytes, a las 2 horas y pico, cuando llevaba ya mucho tiempo haciendo el "análisis de sistema de archivos" ha salido un mensaje que decía "no se puede conectar con el servidor". Lógico, puesto que en el paso 1 desconecté internet como se me pedía y no he querido conectarlo puesto que iba en contra de la pauta a seguir que se me indicó.
      Por mucho que cerraba la ventana del mensaje se volvía a abrir y tampoco el análisis continuaba, así que al final no me ha quedado más remedio que cerrarlo. Tampoco ha generado ningún informe.
      No he seguido con el resto de los programas hasta saber qué tengo que hacer.
      Ya me dices lo que sea. Gracias por tu tiempo.

    2. #32
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Via Lactea.
      Mensajes
      22.431

      Re: Bloqueo y calculadora (Re-abierto)

      Hola.

      Que NO tengas conexión con internet NO debería afectar para que MBAM te genere ese problema.

      Entra al modo seguro de windows y realiza TODOS los pasos desde ese modo de windows.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #33
      Usuario Avatar de JessCity7788
      Registrado
      jun 2015
      Ubicación
      España
      Mensajes
      40

      Re: Bloqueo y calculadora (Re-abierto)

      Hola. Hasta hoy no he podido hacerlo porque el modem está conectado al teléfono y suponía dejar muchas horas a mi familia incomunicada.
      Aquí te paso todo:

      Malwarebytes
      www.malwarebytes.com

      -Log Details-
      Scan Date: 11/7/17
      Scan Time: 11:46 AM
      Log File: e83fc15d-c3a8-11e7-aaa2-000000000000.json
      Administrator: Yes

      -Software Information-
      Version: 3.2.2.2029
      Components Version: 1.0.212
      Update Package Version: 1.0.3152
      License: Free

      -System Information-
      OS: Windows 7 Service Pack 1
      CPU: x64
      File System: NTFS
      User: GUERRERO\victor

      -Scan Summary-
      Scan Type: Custom Scan
      Result: Completed
      Objects Scanned: 285811
      Threats Detected: 0
      (No malicious items detected)
      Threats Quarantined: 0
      (No malicious items detected)
      Time Elapsed: 3 hr, 47 min, 52 sec

      -Scan Options-
      Memory: Enabled
      Startup: Enabled
      Filesystem: Enabled
      Archives: Enabled
      Rootkits: Enabled
      Heuristics: Enabled
      PUP: Detect
      PUM: Detect

      -Scan Details-
      Process: 0
      (No malicious items detected)

      Module: 0
      (No malicious items detected)

      Registry Key: 0
      (No malicious items detected)

      Registry Value: 0
      (No malicious items detected)

      Registry Data: 0
      (No malicious items detected)

      Data Stream: 0
      (No malicious items detected)

      Folder: 0
      (No malicious items detected)

      File: 0
      (No malicious items detected)

      Physical Sector: 0
      (No malicious items detected)


      (end)

      # AdwCleaner 7.0.4.0 - Logfile created on Tue Nov 07 14:46:47 2017
      # Updated on 2017/27/10 by Malwarebytes
      # Database: 10-28-2017.1
      # Running on Windows 7 Ultimate (X64)
      # Mode: scan
      # Support: https://www.malwarebytes.com/support

      ***** [ Services ] *****

      No malicious services found.

      ***** [ Folders ] *****

      No malicious folders found.

      ***** [ Files ] *****

      No malicious files found.

      ***** [ DLL ] *****

      No malicious DLLs found.

      ***** [ WMI ] *****

      No malicious WMI found.

      ***** [ Shortcuts ] *****

      No malicious shortcuts found.

      ***** [ Tasks ] *****

      No malicious tasks found.

      ***** [ Registry ] *****

      No malicious registry entries found.

      ***** [ Firefox (and derivatives) ] *****

      No malicious Firefox entries.

      ***** [ Chromium (and derivatives) ] *****

      No malicious Chromium entries.

      *************************



      ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########

      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Junkware Removal Tool (JRT) by Malwarebytes
      Version: 8.1.4 (07.09.2017)
      Operating System: Windows 7 Ultimate x64
      Ran by victor (Limited) on 07/11/2017 at 15:48:02,09
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




      File System: 8

      Successfully deleted: C:\Users\victor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1P9CXQCM (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\victor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5XXUBP1F (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\victor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IVMF3U53 (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\victor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NB7BLUX0 (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1P9CXQCM (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5XXUBP1F (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IVMF3U53 (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NB7BLUX0 (Temporary Internet Files Folder)

      Deleted the following from C:\Users\victor\AppData\Roaming\Mozilla\Firefox\Profiles\s5py71of.default-1426375829093\prefs.js
      user_pref(browser.urlbar.suggest.searches, false);



      Registry: 0





      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on 07/11/2017 at 16:12:42,71
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

      Y el resto en otro post

    4. #34
      Usuario Avatar de JessCity7788
      Registrado
      jun 2015
      Ubicación
      España
      Mensajes
      40

      Re: Bloqueo y calculadora (Re-abierto)

      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-10-2017
      Ran by victor (administrator) on GUERRERO (07-11-2017 16:14:44)
      Running from C:\Users\victor\Desktop
      Loaded Profiles: victor (Available Profiles: victor)
      Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Español (España, internacional)
      Internet Explorer Version 11 (Default browser: FF)
      Boot Mode: Safe Mode (minimal)
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

      ==================== Registry (Whitelisted) ===========================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-10-12] (AVAST Software)
      HKLM-x32\...\Run: [] => [X]
      Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      HKU\S-1-5-21-795496770-4252586827-2317966144-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10021040 2017-10-18] (Piriform Ltd)
      HKU\S-1-5-21-795496770-4252586827-2317966144-1000\...\MountPoints2: {3861a169-a9a5-11e2-982a-002522f779c9} - H:\bahia.exe
      HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe [829832 2013-10-09] (Adobe Systems Incorporated)

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      Hosts: 127.0.0.1 validation.sls.microsoft.com
      Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
      Tcpip\..\Interfaces\{4876ADD6-ACC9-4776-ADB0-CCCA4DE40942}: [DhcpNameServer] 192.168.0.1
      Tcpip\..\Interfaces\{FEAF3AD1-94DC-4F13-8DD1-66239BC93032}: [DhcpNameServer] 192.168.0.1 192.168.0.1

      Internet Explorer:
      ==================
      HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
      URLSearchHook: HKLM-x32 -> Default = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
      URLSearchHook: HKU\S-1-5-21-795496770-4252586827-2317966144-1000 -> Default = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
      URLSearchHook: HKU\S-1-5-21-795496770-4252586827-2317966144-1000 - (No Name) - {db131c55-60c8-4adc-84dc-9e76ab06e2dc} - No File
      SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-10-12] (AVAST Software)
      BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-10-26] (Oracle Corporation)
      BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-10-12] (AVAST Software)
      BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-10-26] (Oracle Corporation)
      DPF: HKLM-x32 {12193C65-F0E1-4DD1-AD4E-DB73C6911014} file:///C:/Users/victor/AppData/Local/Temp/Rar$EX94.512/DCS-942L_2523/activeX/DCP.cab
      DPF: HKLM-x32 {2D20E99C-1FD7-48EC-9FDF-CF3555B273D4} hxxp://192.168.1.9/VDControl.CAB
      DPF: HKLM-x32 {57AF0810-BDA7-47A5-B02D-FDA1073C04B0} hxxps://eu.mydlink.com/8D/activeX//TunnelX.ocx
      DPF: HKLM-x32 {721700FE-7F0E-49C5-BDED-CA92B7CB1245} hxxps://eu.mydlink.com/8D/activeX//dcsclictrl.cab
      DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

      FireFox:
      ========
      FF ProfilePath: C:\Users\victor\AppData\Roaming\Mozilla\Firefox\Profiles\s5py71of.default-1426375829093 [2017-11-07]
      FF Homepage: Mozilla\Firefox\Profiles\s5py71of.default-1426375829093 -> google.es/
      FF Extension: (MyJDownloader Browser Extension) - C:\Users\victor\AppData\Roaming\Mozilla\Firefox\Profiles\s5py71of.default-1426375829093\Extensions\[email protected] [2017-10-31]
      FF Extension: (Avast SafePrice) - C:\Users\victor\AppData\Roaming\Mozilla\Firefox\Profiles\s5py71of.default-1426375829093\Extensions\[email protected] [2017-10-14]
      FF Extension: (Avast Online Security) - C:\Users\victor\AppData\Roaming\Mozilla\Firefox\Profiles\s5py71of.default-1426375829093\Extensions\[email protected] [2017-10-13]
      FF Extension: (EPUBReader) - C:\Users\victor\AppData\Roaming\Mozilla\Firefox\Profiles\s5py71of.default-1426375829093\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}.xpi [2017-08-01]
      FF Extension: (Adblock Plus) - C:\Users\victor\AppData\Roaming\Mozilla\Firefox\Profiles\s5py71of.default-1426375829093\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-11-06]
      FF ProfilePath: C:\ProgramData [2017-11-01]
      FF user.js: detected! => C:\ProgramData\user.js [2013-09-11]
      FF Extension: (Muter) - C:\ProgramData\Extensions\[email protected] [2013-09-13] [not signed]
      FF Extension: (iMacros for Firefox) - C:\ProgramData\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2013-09-09] [not signed]
      FF Extension: (User Agent Switcher) - C:\ProgramData\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2013-09-13] [not signed]
      FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-05-07] ()
      FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
      FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-05-07] ()
      FF Plugin-x32: @IPC/npmedia3.0.0.1,version=3.0.0.1 -> C:\Program Files\webrec\Torch\3.0.0.1\npmedia3.0.0.1.dll [2014-01-07] ()
      FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-10-26] (Oracle Corporation)
      FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-10-26] (Oracle Corporation)
      FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
      FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-10-15] (VideoLAN)
      FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-08-18] (Adobe Systems Inc.)

      Chrome:
      =======
      CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7446024 2017-10-12] (AVAST Software s.r.o.)
      S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-10-12] (AVAST Software)
      S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
      S2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
      R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
      S2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
      S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      S1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [321032 2017-10-12] (AVAST Software s.r.o.)
      S0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-10-12] (AVAST Software s.r.o.)
      S0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343288 2017-10-12] (AVAST Software s.r.o.)
      S0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57736 2017-10-12] (AVAST Software s.r.o.)
      S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [47008 2017-10-12] (AVAST Software)
      R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-09-09] (AVAST Software)
      S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [147776 2017-10-12] (AVAST Software)
      S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110376 2017-10-12] (AVAST Software)
      S0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84416 2017-10-12] (AVAST Software)
      S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1029872 2017-10-27] (AVAST Software)
      S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [587168 2017-10-12] (AVAST Software)
      S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [201352 2017-10-12] (AVAST Software)
      S0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [363440 2017-10-12] (AVAST Software)
      S1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-10-04] ()
      S1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-07-29] (Glarysoft Ltd)
      S2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [192952 2017-10-31] (Malwarebytes)
      S3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2017-10-31] (Malwarebytes)
      S3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [45504 2017-10-31] (Malwarebytes)
      R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [252232 2017-11-07] (Malwarebytes)
      S3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [84256 2017-10-31] (Malwarebytes)
      R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-02-20] (Duplex Secure Ltd.)
      S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
      S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
      S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
      S3 VGPU; System32\drivers\rdvgkmd.sys [X]

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-11-07 16:14 - 2017-11-07 16:15 - 000011029 _____ C:\Users\victor\Desktop\FRST.txt
      2017-11-07 16:14 - 2017-11-07 16:14 - 000000000 ____D C:\FRST
      2017-11-07 16:12 - 2017-11-07 16:12 - 000002040 _____ C:\Users\victor\Desktop\JRT.txt
      2017-11-07 15:45 - 2017-11-07 15:46 - 000000000 ____D C:\AdwCleaner
      2017-11-07 11:46 - 2017-11-07 16:15 - 000160730 _____ C:\Windows\ntbtlog.txt
      2017-11-07 11:45 - 2017-11-07 11:45 - 000001730 _____ C:\Users\victor\Desktop\cc_20171107_114515.reg
      2017-11-01 12:45 - 2017-11-07 15:45 - 000252232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
      2017-10-31 14:48 - 2017-10-31 23:02 - 000084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
      2017-10-31 14:48 - 2017-10-31 14:50 - 000110016 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
      2017-10-31 14:48 - 2017-10-31 14:48 - 000192952 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
      2017-10-31 14:47 - 2017-10-31 14:50 - 000045504 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
      2017-10-31 10:47 - 2017-11-04 21:08 - 000001911 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
      2017-10-31 10:47 - 2017-11-04 21:08 - 000001911 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
      2017-10-31 10:47 - 2017-10-31 10:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
      2017-10-31 10:47 - 2017-10-04 13:15 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys
      2017-10-31 10:43 - 2017-11-04 21:08 - 000000866 _____ C:\Users\Public\Desktop\CCleaner.lnk
      2017-10-31 10:43 - 2017-11-04 21:08 - 000000866 _____ C:\ProgramData\Desktop\CCleaner.lnk
      2017-10-31 10:43 - 2017-10-31 13:49 - 000004130 _____ C:\Windows\System32\Tasks\CCleaner Update
      2017-10-31 10:43 - 2017-10-31 10:43 - 000002792 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
      2017-10-31 10:43 - 2017-10-31 10:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
      2017-10-31 10:43 - 2017-10-31 10:43 - 000000000 ____D C:\Program Files\CCleaner
      2017-10-31 10:40 - 2017-10-31 10:41 - 002403328 _____ (Farbar) C:\Users\victor\Desktop\FRST64.exe
      2017-10-31 10:40 - 2017-10-31 10:40 - 001790024 _____ (Malwarebytes) C:\Users\victor\Desktop\JRT.exe
      2017-10-31 10:39 - 2017-10-31 10:39 - 008261584 _____ (Malwarebytes) C:\Users\victor\Desktop\AdwCleaner.exe
      2017-10-28 18:54 - 2017-10-28 18:54 - 000069872 _____ C:\Users\victor\Downloads\24081611710.pdf
      2017-10-24 17:12 - 2017-10-24 17:12 - 000000000 ____D C:\Program Files\Common Files\avast software
      2017-10-17 18:36 - 2017-10-17 18:36 - 000000000 ____D C:\Program Files\Malwarebytes
      2017-10-17 18:33 - 2017-10-22 13:21 - 000000677 _____ C:\DelFix.txt
      2017-10-17 18:33 - 2017-10-17 18:33 - 000000000 ____D C:\Windows\ERUNT
      2017-10-16 15:59 - 2017-10-16 15:59 - 000000000 __SHD C:\found.001
      2017-10-15 22:01 - 2017-10-15 22:47 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
      2017-10-12 17:11 - 2017-10-12 17:11 - 000401488 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-11-07 15:45 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
      2017-11-07 11:41 - 2016-11-19 13:29 - 000000000 ____D C:\Users\victor\AppData\LocalLow\Mozilla
      2017-11-07 11:27 - 2009-07-14 05:45 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2017-11-07 11:27 - 2009-07-14 05:45 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2017-11-07 11:19 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2017-11-06 23:55 - 2012-12-14 16:01 - 000000000 ____D C:\Users\victor\AppData\Roaming\vlc
      2017-11-06 16:27 - 2013-01-14 19:12 - 000008495 _____ C:\Windows\lviewpro.ini
      2017-11-06 15:33 - 2014-04-19 12:24 - 000000000 ____D C:\Users\victor\AppData\Local\JDownloader v2.0
      2017-11-06 14:32 - 2017-05-15 18:48 - 000000000 ____D C:\Users\victor\Desktop\Doc y otros a mirar
      2017-11-05 15:43 - 2009-07-14 10:31 - 000747720 _____ C:\Windows\system32\perfh00A.dat
      2017-11-05 15:43 - 2009-07-14 10:31 - 000159192 _____ C:\Windows\system32\perfc00A.dat
      2017-11-05 15:43 - 2009-07-14 06:13 - 001678218 _____ C:\Windows\system32\PerfStringBackup.INI
      2017-10-31 10:47 - 2013-09-16 21:34 - 000000000 __SHD C:\ProgramData\Malwarebytes
      2017-10-29 19:31 - 2012-12-25 12:35 - 000000000 ____D C:\Users\victor\Desktop\Trabajo diario-Seguridad
      2017-10-27 10:14 - 2017-01-28 14:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
      2017-10-27 09:17 - 2015-09-11 18:59 - 001029872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
      2017-10-24 17:29 - 2017-09-08 14:31 - 000000000 _____ C:\Windows\SysWOW64\last.dump
      2017-10-24 17:13 - 2015-07-30 15:22 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
      2017-10-18 19:29 - 2016-10-21 17:07 - 000000000 ____D C:\Users\victor\AppData\Local\ESET
      2017-10-17 18:36 - 2014-09-13 14:35 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
      2017-10-17 13:57 - 2015-07-24 13:14 - 000000000 ____D C:\FSTool
      2017-10-16 18:26 - 2015-07-29 16:37 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5
      2017-10-16 15:24 - 2016-09-07 16:36 - 000003588 _____ C:\Windows\System32\Tasks\HPCustParticipation HP ENVY 4520 series
      2017-10-16 15:24 - 2015-07-29 16:37 - 000003316 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
      2017-10-16 15:24 - 2014-12-23 19:03 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
      2017-10-14 16:04 - 2009-07-14 06:08 - 000032516 _____ C:\Windows\Tasks\SCHEDLGU.TXT
      2017-10-12 17:12 - 2017-03-17 22:52 - 000003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
      2017-10-12 17:11 - 2015-09-11 19:13 - 000201352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
      2017-10-12 17:11 - 2015-09-11 19:13 - 000047008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
      2017-10-12 17:11 - 2015-09-11 19:00 - 000587168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
      2017-10-12 17:11 - 2015-09-11 18:59 - 000363440 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
      2017-10-12 17:11 - 2015-09-11 18:59 - 000147776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
      2017-10-12 17:11 - 2015-09-11 18:59 - 000110376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
      2017-10-12 17:11 - 2015-09-11 18:59 - 000084416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
      2017-10-12 17:11 - 2012-12-14 18:02 - 000000000 __SHD C:\ProgramData\AVAST Software
      2017-10-12 17:10 - 2017-03-17 22:52 - 000343288 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
      2017-10-12 17:10 - 2017-03-17 22:52 - 000321032 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
      2017-10-12 17:10 - 2017-03-17 22:52 - 000198976 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
      2017-10-12 17:10 - 2017-03-17 22:52 - 000057736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
      2017-10-12 13:05 - 2012-12-29 12:45 - 000000000 ____D C:\Users\victor\Desktop\Descargas Directas

      ==================== Files in the root of some directories =======

      2013-01-01 16:05 - 2013-01-01 16:05 - 000013103 _____ () C:\Users\victor\AppData\Roaming\UserTile.png
      2014-04-19 13:24 - 2014-04-19 13:24 - 000000044 _____ () C:\Users\victor\AppData\Roaming\WB.CFG
      2014-09-10 17:43 - 2014-09-10 17:47 - 000000070 _____ () C:\Users\victor\AppData\Local\Config.ini
      2014-12-26 13:53 - 2015-09-14 16:31 - 000005120 _____ () C:\Users\victor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      2014-08-17 13:31 - 2013-09-13 21:48 - 000425984 _____ () C:\ProgramData\addons.sqlite
      2016-09-07 16:34 - 2016-09-07 16:34 - 000000057 _____ () C:\ProgramData\Ament.ini
      2014-08-17 13:31 - 2013-09-13 21:10 - 000077745 _____ () C:\ProgramData\blocklist.xml
      2014-08-17 13:31 - 2013-09-14 14:42 - 000098304 _____ () C:\ProgramData\cert8.db
      2014-08-17 13:31 - 2013-09-09 05:53 - 000098304 _____ () C:\ProgramData\chromeappsstore.sqlite
      2014-08-17 13:31 - 2013-09-15 02:43 - 000000061 ____H () C:\ProgramData\cometbird.bat
      2014-08-17 13:31 - 2013-09-13 21:52 - 000000170 _____ () C:\ProgramData\compatibility.ini
      2014-08-17 13:31 - 2013-09-14 14:42 - 000229376 _____ () C:\ProgramData\content-prefs.sqlite
      2014-08-17 13:31 - 2013-09-14 14:42 - 000131072 _____ () C:\ProgramData\cookies.sqlite
      2014-08-17 13:31 - 2013-09-13 21:16 - 000065536 _____ () C:\ProgramData\downloads.sqlite
      2014-08-17 13:31 - 2013-12-08 04:55 - 000000869 ____H () C:\ProgramData\End.bat
      2014-08-17 13:31 - 2013-09-13 21:49 - 000000330 _____ () C:\ProgramData\extensions.ini
      2014-08-17 13:31 - 2013-09-13 21:49 - 000425984 _____ () C:\ProgramData\extensions.sqlite
      2014-08-17 13:31 - 2013-09-09 21:45 - 000163840 _____ () C:\ProgramData\formhistory.sqlite
      2014-08-17 13:31 - 2013-09-14 14:42 - 000016384 _____ () C:\ProgramData\key3.db
      2014-08-17 13:31 - 2013-12-07 20:56 - 000000046 ____H () C:\ProgramData\Leeme.txt
      2014-08-17 13:31 - 2013-09-14 14:42 - 000005819 _____ () C:\ProgramData\localstore.rdf
      2014-08-17 13:31 - 2013-09-09 20:37 - 000003184 _____ () C:\ProgramData\mimeTypes.rdf
      2014-08-17 13:30 - 2011-06-28 18:07 - 000036864 ____H (NirSoft) C:\ProgramData\nircmd.exe
      2014-08-17 13:30 - 2013-09-14 14:42 - 000065536 _____ () C:\ProgramData\permissions.sqlite
      2014-08-17 13:30 - 2013-09-14 14:42 - 001114112 _____ () C:\ProgramData\places.sqlite
      2014-08-17 13:30 - 2013-09-11 05:36 - 000003900 _____ () C:\ProgramData\pluginreg.dat
      2014-08-17 13:30 - 2013-09-10 04:39 - 000013670 _____ () C:\ProgramData\search.json
      2014-08-17 13:30 - 2013-09-10 05:29 - 000065536 _____ () C:\ProgramData\search.sqlite
      2014-08-17 13:30 - 2013-09-09 05:53 - 000016384 _____ () C:\ProgramData\secmod.db
      2014-08-17 13:30 - 2013-09-09 05:53 - 000294912 _____ () C:\ProgramData\signons.sqlite
      2014-08-17 13:30 - 2013-12-08 05:02 - 000003818 ____H () C:\ProgramData\tk.bat
      2014-08-17 13:30 - 2013-09-14 14:42 - 000000032 _____ () C:\ProgramData\urlclassifier.pset
      2014-08-17 13:30 - 2013-09-14 14:42 - 000262144 _____ () C:\ProgramData\urlclassifier3.sqlite
      2014-08-17 13:30 - 2013-09-11 06:01 - 000000188 _____ () C:\ProgramData\user.js
      2014-08-17 13:30 - 2013-09-09 21:45 - 000098304 _____ () C:\ProgramData\webappsstore.sqlite

      Files to move or delete:
      ====================
      C:\ProgramData\cometbird.bat
      C:\ProgramData\End.bat
      C:\ProgramData\nircmd.exe
      C:\ProgramData\pluginreg.dat
      C:\ProgramData\tk.bat
      C:\ProgramData\user.js


      ==================== Bamital & volsnap ======================

      (There is no automatic fix for files that do not pass verification.)

      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\SysWOW64\wininit.exe => File is digitally signed
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\SysWOW64\explorer.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\SysWOW64\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\SysWOW64\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\SysWOW64\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

      LastRegBack: 2016-10-06 14:12

      ==================== End of FRST.txt ============================

    5. #35
      Usuario Avatar de JessCity7788
      Registrado
      jun 2015
      Ubicación
      España
      Mensajes
      40

      Re: Bloqueo y calculadora (Re-abierto)

      Y el último:

      Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-10-2017
      Ran by victor (07-11-2017 16:16:08)
      Running from C:\Users\victor\Desktop
      Windows 7 Ultimate Service Pack 1 (X64) (2012-10-08 09:45:22)
      Boot Mode: Safe Mode (minimal)
      ==========================================================


      ==================== Accounts: =============================

      Administrador (S-1-5-21-795496770-4252586827-2317966144-500 - Administrator - Disabled)
      HomeGroupUser$ (S-1-5-21-795496770-4252586827-2317966144-2825 - Limited - Enabled)
      Invitado (S-1-5-21-795496770-4252586827-2317966144-501 - Limited - Enabled)
      victor (S-1-5-21-795496770-4252586827-2317966144-1000 - Administrator - Enabled) => C:\Users\victor

      ==================== Security Center ========================

      (If an entry is included in the fixlist, it will be removed.)

      AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
      AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

      ==================== Installed Programs ======================

      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

      ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
      Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.117 - Adobe Systems Incorporated)
      Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
      Adobe Reader XI (11.0.22) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.22 - Adobe Systems Incorporated)
      Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.7.2314 - AVAST Software)
      CCleaner (HKLM\...\CCleaner) (Version: 5.36 - Piriform)
      CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.6059 - CDBurnerXP)
      Epson Easy Photo Print 2 (HKLM-x32\...\{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}) (Version: 2.1.0.0 - SEIKO EPSON CORPORATION)
      Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
      EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
      Epson Stylus SX510W_TX550W Manual (HKLM-x32\...\Epson Stylus SX510W_TX550W Manual de usuario) (Version: - )
      EPSON SX510W Series Printer Uninstall (HKLM\...\EPSON SX510W Series) (Version: - SEIKO EPSON Corporation)
      EpsonNet Setup (HKLM-x32\...\{FFFAE01B-466F-4C07-9821-A94FD753BDDA}) (Version: 3.1c - SEIKO EPSON CORPORATION)
      Estudio para la mejora del producto HP ENVY 4520 series (HKLM\...\{0B5A9E46-E089-42B3-A69F-D7687C65A0BB}) (Version: 36.0.72.54013 - Hewlett-Packard Co.)
      Free MP3 Cutter Joiner 10.6 (HKLM-x32\...\{02509E6E-B951-45A8-BF42-ACFAF0D6B4DA}}_is1) (Version: 10.6 - DVDVideoMedia, Inc.)
      Freemake Video Converter versión 4.1.6 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.6 - Ellora Assets Corporation)
      Glary Utilities 5.30 (HKLM-x32\...\Glary Utilities 5) (Version: 5.30.0.50 - Glarysoft Ltd)
      GonVisor 2.20.06 (HKLM-x32\...\GonVisor_is1) (Version: - G.A.A.)
      HP Dropbox Plugin (HKLM-x32\...\{D1C1B048-C9E8-4DF9-BAE8-45F2BA467426}) (Version: 36.0.31.53050 - Hewlett-Packard Co.)
      HP ENVY 4520 series Ayuda (HKLM-x32\...\{FB8E2FCE-C637-4CE9-B735-8647A91B0368}) (Version: 36.0.0 - Hewlett Packard)
      HP ENVY 4520 series Software básico del dispositivo (HKLM\...\{1A67878A-0096-4AA9-A803-06FE96A329B4}) (Version: 36.0.72.54013 - Hewlett-Packard Co.)
      HP Google Drive Plugin (HKLM-x32\...\{6651A86A-07EA-43E0-B4EC-4E1D809AC99E}) (Version: 36.0.31.53050 - Hewlett-Packard Co.)
      HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
      HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
      Java 7 Update 9 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217009FF}) (Version: 7.0.90 - Oracle)
      JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
      Malwarebytes versión 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
      Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
      Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.4518.1014 - Microsoft Corporation)
      Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
      Mozilla Firefox 56.0 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 56.0 (x86 es-ES)) (Version: 56.0 - Mozilla)
      Mozilla Firefox 56.0.2 (x86 es-ES) (HKU\S-1-5-21-795496770-4252586827-2317966144-1000\...\Mozilla Firefox 56.0.2 (x86 es-ES)) (Version: 56.0.2 - Mozilla)
      Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 56.0.0.6478 - Mozilla)
      MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
      MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
      Paquete de idioma de Microsoft .NET Framework 4.5 ESN (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.50709 - Microsoft Corporation)
      SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
      Setup Wizard SE (HKLM-x32\...\{405D8563-BDD7-487C-9498-942518B366BE}) (Version: - )
      Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
      Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
      VLC media player 2.0.4 (HKLM-x32\...\VLC media player) (Version: 2.0.4 - VideoLAN)
      webplugin.exe version 3.0.0.1 (HKLM-x32\...\{E790ABDC-FE4D-4C68-B40F-C93A3D33FA9E}_is1) (Version: 3.0.0.1 - )
      Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
      Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
      WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
      Yahoo! Detect (HKLM-x32\...\YTdetect) (Version: - )

      ==================== Custom CLSID (Whitelisted): ==========================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-12] (AVAST Software)
      ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-12] (AVAST Software)
      ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-12] (AVAST Software)
      ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2015-03-30] (Glarysoft Ltd)
      ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
      ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()
      ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll [2010-03-25] (Alcohol Soft Development Team)
      ContextMenuHandlers2-x32: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2010-03-25] (Alcohol Soft Development Team)
      ContextMenuHandlers2-x32: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2015-03-30] (Glarysoft Ltd)
      ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-12] (AVAST Software)
      ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
      ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
      ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()
      ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-01-10] (Intel Corporation)
      ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-12] (AVAST Software)
      ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2015-03-30] (Glarysoft Ltd)
      ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
      ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
      ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()

      ==================== Scheduled Tasks (Whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      Task: {12DD5221-2AED-4288-94AA-DDBB2D91BD5F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-10-18] (Piriform Ltd)
      Task: {36B43AF6-F21D-4ED4-B42C-56C9FE64F554} - System32\Tasks\HPCustParticipation HP ENVY 4520 series => C:\Program Files\HP\HP ENVY 4520 series\Bin\HPCustPartic.exe [2015-03-09] (Hewlett-Packard Development Company, LP)
      Task: {397E1837-55C2-43D6-A06E-8BBCB5BB7B00} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-10-18] (Piriform Ltd)
      Task: {58EB8625-CCDD-477A-91E7-E823AE7EF977} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-10-12] (AVAST Software)
      Task: {609236FF-E50B-47BF-AF83-9A36091D45B7} - System32\Tasks\SafeZone scheduled Autoupdate 1468319963 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
      Task: {70C14AF1-68BF-4EFB-AC96-0DEE6C530DA8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
      Task: {AC14EC22-261D-4F8E-AAE4-10EBA3A93F11} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-07-20] (Glarysoft Ltd)
      Task: {C47FE396-9F4E-4B65-B77C-0D7BCEB9FB14} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2017-10-28] (AVAST Software)

      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


      ==================== Shortcuts & WMI ========================

      (The entries could be listed to be restored or removed.)


      ==================== Loaded Modules (Whitelisted) ==============

      2017-10-31 10:47 - 2017-10-04 13:15 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
      2012-10-08 12:03 - 2011-05-28 21:05 - 000164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll

      ==================== Alternate Data Streams (Whitelisted) =========

      (If an entry is included in the fixlist, only the ADS will be removed.)


      ==================== Safe Mode (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"

      ==================== Association (Whitelisted) ===============

      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


      ==================== Internet Explorer trusted/restricted ===============

      (If an entry is included in the fixlist, it will be removed from the registry.)

      IE trusted site: HKU\S-1-5-21-795496770-4252586827-2317966144-1000\...\localhost -> localhost

      ==================== Hosts content: ===============================

      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

      2009-07-14 03:34 - 2012-10-08 12:07 - 000000864 _____ C:\Windows\system32\Drivers\etc\hosts

      127.0.0.1 validation.sls.microsoft.com

      ==================== Other Areas ============================

      (Currently there is no automatic fix for this section.)

      HKU\S-1-5-21-795496770-4252586827-2317966144-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\victor\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
      DNS Servers: Media is not connected to internet.
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

      ==================== MSCONFIG/TASK MANAGER disabled items ==

      MSCONFIG\startupreg: AlcoholAutomount => "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
      MSCONFIG\startupreg: EEventManager => C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe
      MSCONFIG\startupreg: Epson Stylus SX510W(Red) => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIE.EXE /FU "C:\Windows\TEMP\E_SB8A0.tmp" /EF "HKCU"
      MSCONFIG\startupreg: EPSON SX510W Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIE.EXE /FU "C:\Windows\TEMP\E_S86A0.tmp" /EF "HKCU"
      MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
      MSCONFIG\startupreg: HP ENVY 4520 series (NET) => "C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe" -deviceID "TH6243J0130660:NW" -scfn "HP ENVY 4520 series (NET)" -AutoStart 1
      MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
      MSCONFIG\startupreg: ProductUpdater => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
      MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

      ==================== FirewallRules (Whitelisted) ===============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      FirewallRules: [{40E75A85-E419-4012-81C4-F4F4A44EA1BF}] => (Allow) C:\Windows\SysWOW64\mshta.exe
      FirewallRules: [{96F1A508-1670-487E-A917-00124535DA87}] => (Allow) C:\Windows\SysWOW64\mshta.exe
      FirewallRules: [{50BD4012-0251-4FF5-9CB3-4168310B8889}] => (Allow) C:\Program Files (x86)\Internet Explorer\iexplore.exe
      FirewallRules: [{BE0ABDB9-49D7-49CC-966B-507852FC1FB1}] => (Allow) C:\Program Files (x86)\Internet Explorer\iexplore.exe
      FirewallRules: [{A1297A3D-99D6-4B21-88F2-2D7CD538BBA3}] => (Allow) LPort=5978
      FirewallRules: [{33A32E63-B01F-4283-BA9E-0D124CE82B6D}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
      FirewallRules: [{C518D732-2224-45CE-944C-00BC79697C39}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
      FirewallRules: [TCP Query User{A57C6A54-725C-4274-91B8-EE6D94F8DE56}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
      FirewallRules: [UDP Query User{BE7C254C-8A38-43FC-B2AE-8F913C878124}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
      FirewallRules: [TCP Query User{8474E467-4EF9-4C39-93EB-482D1D87770B}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
      FirewallRules: [UDP Query User{AC3DD7ED-E638-4620-814C-44667746B0F7}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
      FirewallRules: [TCP Query User{1D8249EE-A0EE-4056-8761-3661073CEF50}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
      FirewallRules: [UDP Query User{8D5EF705-D713-4A59-B278-B9EA80B7F8BB}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
      FirewallRules: [{57215DC5-9E4A-4911-B4DC-015A5D1FF8E7}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe
      FirewallRules: [{4A6D568D-FA40-41FF-9B26-4F5EABCC7182}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe
      FirewallRules: [TCP Query User{D7844FD3-3730-4F89-84EC-D9AED8135578}C:\program files (x86)\Epson Software\Event Manager\eeventmanager.exe] => (Allow) C:\program files (x86)\Epson Software\Event Manager\eeventmanager.exe
      FirewallRules: [UDP Query User{5100081C-0A75-4307-A455-641BB32E3DC0}C:\program files (x86)\Epson Software\Event Manager\eeventmanager.exe] => (Allow) C:\program files (x86)\Epson Software\Event Manager\eeventmanager.exe
      FirewallRules: [TCP Query User{C13A5D0F-3A00-44D3-88D8-33F9AD6BCB31}C:\users\victor\appdata\local\jdownloader v2.0\jdownloader2.exe] => (Block) C:\users\victor\appdata\local\jdownloader v2.0\jdownloader2.exe
      FirewallRules: [UDP Query User{3427B76C-F6D1-422F-B94E-C533F9AAFF6E}C:\users\victor\appdata\local\jdownloader v2.0\jdownloader2.exe] => (Block) C:\users\victor\appdata\local\jdownloader v2.0\jdownloader2.exe
      FirewallRules: [{AB3D65F4-BD32-4944-95F7-65584C19F0FF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      FirewallRules: [{BC034FE7-EF3E-455C-864C-78A4FD3DC576}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      FirewallRules: [TCP Query User{7DBAD765-3168-4ACA-BEC3-6DA4AB47E172}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
      FirewallRules: [UDP Query User{E401A32B-6AE9-440F-B202-A92F22B561D4}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
      FirewallRules: [{6FE0BE54-0D5A-47FA-9064-4854257A34D7}] => (Allow) C:\ProgramData\CometBird\cometbird.exe
      FirewallRules: [{DFEDCD81-69C5-442D-B501-2D94F6F65AB6}] => (Allow) C:\ProgramData\CometBird\cometbird.exe
      FirewallRules: [{F847337F-A731-47B4-93FF-4629E339A883}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      FirewallRules: [{A9BF9843-488E-4EC0-9F01-88910A63EC52}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      FirewallRules: [{60DF8C14-446E-4018-9828-E55671B1BD98}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\DeviceSetup.exe
      FirewallRules: [{1B94A3AA-7C75-4B03-A596-DCAED05FC3BF}] => (Allow) LPort=5357
      FirewallRules: [{5B427C30-B5CB-461C-8D23-F302DB45D2B2}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\HPNetworkCommunicatorCom.exe
      FirewallRules: [{721A9E93-28D3-4F53-8443-6BFF9A15DFCE}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
      FirewallRules: [{AC8881C0-3D50-40AE-8413-9D5E0198C836}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe

      ==================== Restore Points =========================


      ==================== Faulty Device Manager Devices =============

      Name: aswVmm
      Description: aswVmm
      Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
      Manufacturer:
      Service: aswVmm
      Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
      Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
      Devices stay in this state if they have been prepared for removal.
      After you remove the device, this error disappears.Remove the device, and this error should be resolved.

      Name: Security Processor Loader Driver
      Description: Security Processor Loader Driver
      Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
      Manufacturer:
      Service: spldr
      Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
      Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
      Devices stay in this state if they have been prepared for removal.
      After you remove the device, this error disappears.Remove the device, and this error should be resolved.

      Name: aswRvrt
      Description: aswRvrt
      Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
      Manufacturer:
      Service: aswRvrt
      Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
      Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
      Devices stay in this state if they have been prepared for removal.
      After you remove the device, this error disappears.Remove the device, and this error should be resolved.


      ==================== Event log errors: =========================

      Application errors:
      ==================
      Error: (11/07/2017 03:48:02 PM) (Source: System Restore) (EventID: 8193) (User: )
      Description: No se pudo crear el punto de restauración (proceso = C:\Users\victor\AppData\Local\Temp\jrt\CreateRestorePoint.exe "JRT Pre-Junkware Removal"; descripción = JRT Pre-Junkware Removal; error = 0x8007043c).

      Error: (11/02/2017 02:23:22 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
      Description: Error al adquirir el vale genuino (hr=0x80072EFD) para el Id. de plantilla 66c92734-d682-4d71-983e-d6ec3f16059f

      Error: (11/02/2017 02:23:22 PM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
      Description: Detalles del error de adquisición de licencias.
      hr=0x80072EFD

      Error: (10/31/2017 02:50:38 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
      Description: No se puede inicializar el índice.

      Detalles:
      El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)

      Error: (10/31/2017 02:50:38 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
      Description: No se puede inicializar la aplicación.

      Contexto: aplicación Windows

      Detalles:
      El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)

      Error: (10/31/2017 02:50:38 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
      Description: No se puede inicializar el objeto Recopilador.

      Contexto: aplicación Windows, catálogo SystemIndex

      Detalles:
      El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)

      Error: (10/31/2017 02:50:38 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
      Description: No se puede inicializar el complemento <Search.TripoliIndexer>.

      Contexto: aplicación Windows, catálogo SystemIndex

      Detalles:
      No se ha encontrado el elemento. (HRESULT : 0x80070490) (0x80070490)

      Error: (10/31/2017 02:50:38 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
      Description: No se puede inicializar el complemento <Search.JetPropStore>.

      Contexto: aplicación Windows, catálogo SystemIndex

      Detalles:
      El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)

      Error: (10/31/2017 02:50:38 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
      Description: El servicio Windows Search no puede cargar la información del almacén de propiedades.

      Contexto: aplicación Windows, catálogo SystemIndex

      Detalles:
      La base de datos del índice de contenido está dañada. (HRESULT : 0xc0041800) (0xc0041800)

      Error: (10/31/2017 02:50:38 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
      Description: El servicio Windows Search se está deteniendo porque hay un problema con el indizador: The catalog is corrupt.

      Detalles:
      El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)


      System errors:
      =============
      Error: (11/07/2017 03:45:21 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
      Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error:
      No se puede iniciar el servicio o grupo de dependencia.

      Error: (11/07/2017 03:45:21 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
      Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error:
      No se puede iniciar el servicio o grupo de dependencia.

      Error: (11/07/2017 03:45:21 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
      Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error:
      No se puede iniciar el servicio o grupo de dependencia.

      Error: (11/07/2017 03:45:21 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
      Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error:
      No se puede iniciar el servicio o grupo de dependencia.

      Error: (11/07/2017 03:45:21 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
      Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error:
      No se puede iniciar el servicio o grupo de dependencia.

      Error: (11/07/2017 03:45:21 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
      Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error:
      No se puede iniciar el servicio o grupo de dependencia.

      Error: (11/07/2017 03:45:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
      Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error:
      No se puede iniciar el servicio o grupo de dependencia.

      Error: (11/07/2017 03:45:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
      Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error:
      No se puede iniciar el servicio o grupo de dependencia.

      Error: (11/07/2017 03:45:20 PM) (Source: DCOM) (EventID: 10005) (User: )
      Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "" para ejecutar el servidor:
      {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

      Error: (11/07/2017 03:45:20 PM) (Source: DCOM) (EventID: 10005) (User: )
      Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "" para ejecutar el servidor:
      {9E175B6D-F52A-11D8-B9A5-505054503030}


      CodeIntegrity:
      ===================================
      Date: 2016-09-09 12:09:52.296
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-09-09 12:09:52.031
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-09-08 20:14:50.281
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-09-08 20:14:50.015
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-09-08 12:27:33.343
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-09-08 12:27:33.093
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-09-07 12:13:46.203
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-09-07 12:13:46.109
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-09-06 20:30:34.343
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-09-06 20:30:34.171
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.


      ==================== Memory info ===========================

      Processor: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz
      Percentage of memory in use: 33%
      Total physical RAM: 1719.05 MB
      Available physical RAM: 1151.69 MB
      Total Virtual: 3438.11 MB
      Available Virtual: 2941.16 MB

      ==================== Drives ================================

      Drive c: () (Fixed) (Total:195.21 GB) (Free:58.45 GB) NTFS
      Drive d: () (Fixed) (Total:270.44 GB) (Free:19.45 GB) NTFS

      ==================== MBR & Partition Table ==================

      ========================================================
      Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: AAC2AAC2)
      Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
      Partition 2: (Not Active) - (Size=195.2 GB) - (Type=07 NTFS)
      Partition 3: (Not Active) - (Size=270.4 GB) - (Type=OF Extended)

      ==================== End of Addition.txt ============================

      Ya me dices lo que sea. Gracias y saludos.

    6. #36
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Via Lactea.
      Mensajes
      22.431

      Re: Bloqueo y calculadora (Re-abierto)

      Bien....... y ahora realiza lo siguiente, descarga e instala este programa >> Manual de Revo Uninstaller, lee y revisa bien su funcionamiento.

      Y úsalo para desinstalar todos los programas que encuentres que se llamen o tengan en su nombre

      Y úsalo para desinstalar todos los programas que encuentres que se llamen o tengan en su nombre, cualquiera de estas denominaciones :

      Java 7 Update 9
      webplugin.exe version 3.0.0.1
      Cuando Revo te pida, que selecciones el método de desinstalación, seleccionas "Avanzado".

      Si durante el proceso te solicita "Reiniciar" NO lo hagas, dile que NO y deja que Revo siga trabajando.

      Después vuelve a verificar, reinstalar Java, >> descarga gratuita del software de Java, si te dice que ya lo tienes instalado fuerza la reinstalación, haces estos pasos en todos los navegadores que tengas instalados y al terminar >> comprueba en todos los navegadores si Java funciona en tu equipo.

      Y a continuacion sige estos otros pasos, MUY Importante ~ Realiza una copia de seguridad del registro :


      • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

      • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

      • Pulsar en Run.

      Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

      Y ahora inicia tu equipo desde el >> Modo Seguro – con funciones de Red, de Windows.

      Con los demás programas cerrados ve a >> Inicio >> Ejecutar >> y escribe notepad.exe.

      Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad: (Se excluye la palabra código)

      Código:
      START
      CREATERESTOREPOINT:
      CLOSEPROCESSES:
      HKLM-x32\...\Run: [] => [X]
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      HKU\S-1-5-21-795496770-4252586827-2317966144-1000\...\MountPoints2: {3861a169-a9a5-11e2-982a-002522f779c9} - H:\bahia.exe
      URLSearchHook: HKLM-x32 -> Default = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
      URLSearchHook: HKU\S-1-5-21-795496770-4252586827-2317966144-1000 -> Default = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
      URLSearchHook: HKU\S-1-5-21-795496770-4252586827-2317966144-1000 - (No Name) - {db131c55-60c8-4adc-84dc-9e76ab06e2dc} - No File
      DPF: HKLM-x32 {12193C65-F0E1-4DD1-AD4E-DB73C6911014} file:///C:/Users/victor/AppData/Local/Temp/Rar$EX94.512/DCS-942L_2523/activeX/DCP.cab
      DPF: HKLM-x32 {2D20E99C-1FD7-48EC-9FDF-CF3555B273D4} hxxp://192.168.1.9/VDControl.CAB
      DPF: HKLM-x32 {57AF0810-BDA7-47A5-B02D-FDA1073C04B0} hxxps://eu.mydlink.com/8D/activeX//TunnelX.ocx
      DPF: HKLM-x32 {721700FE-7F0E-49C5-BDED-CA92B7CB1245} hxxps://eu.mydlink.com/8D/activeX//dcsclictrl.cab
      FF user.js: detected! => C:\ProgramData\user.js [2013-09-11]
      FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-10-26] (Oracle Corporation)
      FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-10-26] (Oracle Corporation)
      FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
      CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
      S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
      S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
      S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
      S3 VGPU; System32\drivers\rdvgkmd.sys [X]
      2014-04-19 13:24 - 2014-04-19 13:24 - 000000044 _____ () C:\Users\victor\AppData\Roaming\WB.CFG
      2014-09-10 17:43 - 2014-09-10 17:47 - 000000070 _____ () C:\Users\victor\AppData\Local\Config.ini
      2014-12-26 13:53 - 2015-09-14 16:31 - 000005120 _____ () C:\Users\victor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      2014-08-17 13:31 - 2013-09-13 21:48 - 000425984 _____ () C:\ProgramData\addons.sqlite
      2016-09-07 16:34 - 2016-09-07 16:34 - 000000057 _____ () C:\ProgramData\Ament.ini
      2014-08-17 13:31 - 2013-09-13 21:10 - 000077745 _____ () C:\ProgramData\blocklist.xml
      2014-08-17 13:31 - 2013-09-14 14:42 - 000098304 _____ () C:\ProgramData\cert8.db
      2014-08-17 13:31 - 2013-09-09 05:53 - 000098304 _____ () C:\ProgramData\chromeappsstore.sqlite
      2014-08-17 13:31 - 2013-09-15 02:43 - 000000061 ____H () C:\ProgramData\cometbird.bat
      2014-08-17 13:31 - 2013-09-13 21:52 - 000000170 _____ () C:\ProgramData\compatibility.ini
      2014-08-17 13:31 - 2013-09-14 14:42 - 000229376 _____ () C:\ProgramData\content-prefs.sqlite
      2014-08-17 13:31 - 2013-09-14 14:42 - 000131072 _____ () C:\ProgramData\cookies.sqlite
      2014-08-17 13:31 - 2013-09-13 21:16 - 000065536 _____ () C:\ProgramData\downloads.sqlite
      2014-08-17 13:31 - 2013-12-08 04:55 - 000000869 ____H () C:\ProgramData\End.bat
      2014-08-17 13:31 - 2013-09-13 21:49 - 000000330 _____ () C:\ProgramData\extensions.ini
      2014-08-17 13:31 - 2013-09-13 21:49 - 000425984 _____ () C:\ProgramData\extensions.sqlite
      2014-08-17 13:31 - 2013-09-09 21:45 - 000163840 _____ () C:\ProgramData\formhistory.sqlite
      2014-08-17 13:31 - 2013-09-14 14:42 - 000016384 _____ () C:\ProgramData\key3.db
      2014-08-17 13:31 - 2013-12-07 20:56 - 000000046 ____H () C:\ProgramData\Leeme.txt
      2014-08-17 13:31 - 2013-09-14 14:42 - 000005819 _____ () C:\ProgramData\localstore.rdf
      2014-08-17 13:31 - 2013-09-09 20:37 - 000003184 _____ () C:\ProgramData\mimeTypes.rdf
      2014-08-17 13:30 - 2011-06-28 18:07 - 000036864 ____H (NirSoft) C:\ProgramData\nircmd.exe
      2014-08-17 13:30 - 2013-09-14 14:42 - 000065536 _____ () C:\ProgramData\permissions.sqlite
      2014-08-17 13:30 - 2013-09-14 14:42 - 001114112 _____ () C:\ProgramData\places.sqlite
      2014-08-17 13:30 - 2013-09-11 05:36 - 000003900 _____ () C:\ProgramData\pluginreg.dat
      2014-08-17 13:30 - 2013-09-10 04:39 - 000013670 _____ () C:\ProgramData\search.json
      2014-08-17 13:30 - 2013-09-10 05:29 - 000065536 _____ () C:\ProgramData\search.sqlite
      2014-08-17 13:30 - 2013-09-09 05:53 - 000016384 _____ () C:\ProgramData\secmod.db
      2014-08-17 13:30 - 2013-09-09 05:53 - 000294912 _____ () C:\ProgramData\signons.sqlite
      2014-08-17 13:30 - 2013-12-08 05:02 - 000003818 ____H () C:\ProgramData\tk.bat
      2014-08-17 13:30 - 2013-09-14 14:42 - 000000032 _____ () C:\ProgramData\urlclassifier.pset
      2014-08-17 13:30 - 2013-09-14 14:42 - 000262144 _____ () C:\ProgramData\urlclassifier3.sqlite
      2014-08-17 13:30 - 2013-09-11 06:01 - 000000188 _____ () C:\ProgramData\user.js
      2014-08-17 13:30 - 2013-09-09 21:45 - 000098304 _____ () C:\ProgramData\webappsstore.sqlite
      C:\ProgramData\cometbird.bat
      C:\ProgramData\End.bat
      C:\ProgramData\nircmd.exe
      C:\ProgramData\pluginreg.dat
      C:\ProgramData\tk.bat
      C:\ProgramData\user.js
      HOSTS:
      REMOVEPROXY:
      EMPTYTEMP:
      CMD: netsh winsock reset
      CMD: ipconfig /renew
      CMD: ipconfig /flushdns
      CMD: bitsadmin /reset /allusers
      CMD: netsh winsock reset
      CMD: ipconfig /renew
      CMD: ipconfig /flushdns
      CMD: bitsadmin /reset /allusers
      CMD: netsh advfirewall reset
      CMD: netsh advfirewall set allprofiles state ON
      CMD: netsh int ipv4 reset
      CMD: netsh int ipv6 reset
      END
      Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio <<< Esto es muy importante.

      Nota: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.
      ATENCION!!!! El siguiente Script de reparación fue hecho específicamente por un miembro del staff para este usuario, si tiene un problema similar por favor abra su propio tema para recibir ayuda personalizada. Usar Scripts de otros usuarios puede causar daños a su equipo



      • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas "Ejecutar como Administrador")
      • Presionar el botón FIX y aguardar a que termine.
      • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).


      Pegar el contenido de este fichero en tu próxima respuesta.

      Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo, ademas dinos que version de Java quedo instalada en tu equipo.

      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #37
      Usuario Avatar de JessCity7788
      Registrado
      jun 2015
      Ubicación
      España
      Mensajes
      40

      Re: Bloqueo y calculadora (Re-abierto)

      Hola, ya lo he hecho todo, espero haberlo hecho bien. Por un lado, la versión es java 8 update151. Y aquí el informe:

      Fix result of Farbar Recovery Scan Tool (x64) Version: 02-11-2017
      Ran by victor (08-11-2017 18:55:23) Run:1
      Running from C:\Users\victor\Desktop
      Loaded Profiles: victor (Available Profiles: victor)
      Boot Mode: Safe Mode (with Networking)
      ==============================================

      fixlist content:
      *****************
      START
      CREATERESTOREPOINT:
      CLOSEPROCESSES:
      HKLM-x32\...\Run: [] => [X]
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      HKU\S-1-5-21-795496770-4252586827-2317966144-1000\...\MountPoints2: {3861a169-a9a5-11e2-982a-002522f779c9} - H:\bahia.exe
      URLSearchHook: HKLM-x32 -> Default = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
      URLSearchHook: HKU\S-1-5-21-795496770-4252586827-2317966144-1000 -> Default = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
      URLSearchHook: HKU\S-1-5-21-795496770-4252586827-2317966144-1000 - (No Name) - {db131c55-60c8-4adc-84dc-9e76ab06e2dc} - No File
      DPF: HKLM-x32 {12193C65-F0E1-4DD1-AD4E-DB73C6911014} file:///C:/Users/victor/AppData/Local/Temp/Rar$EX94.512/DCS-942L_2523/activeX/DCP.cab
      DPF: HKLM-x32 {2D20E99C-1FD7-48EC-9FDF-CF3555B273D4} hxxp://192.168.1.9/VDControl.CAB
      DPF: HKLM-x32 {57AF0810-BDA7-47A5-B02D-FDA1073C04B0} hxxps://eu.mydlink.com/8D/activeX//TunnelX.ocx
      DPF: HKLM-x32 {721700FE-7F0E-49C5-BDED-CA92B7CB1245} hxxps://eu.mydlink.com/8D/activeX//dcsclictrl.cab
      FF user.js: detected! => C:\ProgramData\user.js [2013-09-11]
      FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-10-26] (Oracle Corporation)
      FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-10-26] (Oracle Corporation)
      FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
      CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
      S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
      S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
      S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
      S3 VGPU; System32\drivers\rdvgkmd.sys [X]
      2014-04-19 13:24 - 2014-04-19 13:24 - 000000044 _____ () C:\Users\victor\AppData\Roaming\WB.CFG
      2014-09-10 17:43 - 2014-09-10 17:47 - 000000070 _____ () C:\Users\victor\AppData\Local\Config.ini
      2014-12-26 13:53 - 2015-09-14 16:31 - 000005120 _____ () C:\Users\victor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      2014-08-17 13:31 - 2013-09-13 21:48 - 000425984 _____ () C:\ProgramData\addons.sqlite
      2016-09-07 16:34 - 2016-09-07 16:34 - 000000057 _____ () C:\ProgramData\Ament.ini
      2014-08-17 13:31 - 2013-09-13 21:10 - 000077745 _____ () C:\ProgramData\blocklist.xml
      2014-08-17 13:31 - 2013-09-14 14:42 - 000098304 _____ () C:\ProgramData\cert8.db
      2014-08-17 13:31 - 2013-09-09 05:53 - 000098304 _____ () C:\ProgramData\chromeappsstore.sqlite
      2014-08-17 13:31 - 2013-09-15 02:43 - 000000061 ____H () C:\ProgramData\cometbird.bat
      2014-08-17 13:31 - 2013-09-13 21:52 - 000000170 _____ () C:\ProgramData\compatibility.ini
      2014-08-17 13:31 - 2013-09-14 14:42 - 000229376 _____ () C:\ProgramData\content-prefs.sqlite
      2014-08-17 13:31 - 2013-09-14 14:42 - 000131072 _____ () C:\ProgramData\cookies.sqlite
      2014-08-17 13:31 - 2013-09-13 21:16 - 000065536 _____ () C:\ProgramData\downloads.sqlite
      2014-08-17 13:31 - 2013-12-08 04:55 - 000000869 ____H () C:\ProgramData\End.bat
      2014-08-17 13:31 - 2013-09-13 21:49 - 000000330 _____ () C:\ProgramData\extensions.ini
      2014-08-17 13:31 - 2013-09-13 21:49 - 000425984 _____ () C:\ProgramData\extensions.sqlite
      2014-08-17 13:31 - 2013-09-09 21:45 - 000163840 _____ () C:\ProgramData\formhistory.sqlite
      2014-08-17 13:31 - 2013-09-14 14:42 - 000016384 _____ () C:\ProgramData\key3.db
      2014-08-17 13:31 - 2013-12-07 20:56 - 000000046 ____H () C:\ProgramData\Leeme.txt
      2014-08-17 13:31 - 2013-09-14 14:42 - 000005819 _____ () C:\ProgramData\localstore.rdf
      2014-08-17 13:31 - 2013-09-09 20:37 - 000003184 _____ () C:\ProgramData\mimeTypes.rdf
      2014-08-17 13:30 - 2011-06-28 18:07 - 000036864 ____H (NirSoft) C:\ProgramData\nircmd.exe
      2014-08-17 13:30 - 2013-09-14 14:42 - 000065536 _____ () C:\ProgramData\permissions.sqlite
      2014-08-17 13:30 - 2013-09-14 14:42 - 001114112 _____ () C:\ProgramData\places.sqlite
      2014-08-17 13:30 - 2013-09-11 05:36 - 000003900 _____ () C:\ProgramData\pluginreg.dat
      2014-08-17 13:30 - 2013-09-10 04:39 - 000013670 _____ () C:\ProgramData\search.json
      2014-08-17 13:30 - 2013-09-10 05:29 - 000065536 _____ () C:\ProgramData\search.sqlite
      2014-08-17 13:30 - 2013-09-09 05:53 - 000016384 _____ () C:\ProgramData\secmod.db
      2014-08-17 13:30 - 2013-09-09 05:53 - 000294912 _____ () C:\ProgramData\signons.sqlite
      2014-08-17 13:30 - 2013-12-08 05:02 - 000003818 ____H () C:\ProgramData\tk.bat
      2014-08-17 13:30 - 2013-09-14 14:42 - 000000032 _____ () C:\ProgramData\urlclassifier.pset
      2014-08-17 13:30 - 2013-09-14 14:42 - 000262144 _____ () C:\ProgramData\urlclassifier3.sqlite
      2014-08-17 13:30 - 2013-09-11 06:01 - 000000188 _____ () C:\ProgramData\user.js
      2014-08-17 13:30 - 2013-09-09 21:45 - 000098304 _____ () C:\ProgramData\webappsstore.sqlite
      C:\ProgramData\cometbird.bat
      C:\ProgramData\End.bat
      C:\ProgramData\nircmd.exe
      C:\ProgramData\pluginreg.dat
      C:\ProgramData\tk.bat
      C:\ProgramData\user.js
      HOSTS:
      REMOVEPROXY:
      EMPTYTEMP:
      CMD: netsh winsock reset
      CMD: ipconfig /renew
      CMD: ipconfig /flushdns
      CMD: bitsadmin /reset /allusers
      CMD: netsh winsock reset
      CMD: ipconfig /renew
      CMD: ipconfig /flushdns
      CMD: bitsadmin /reset /allusers
      CMD: netsh advfirewall reset
      CMD: netsh advfirewall set allprofiles state ON
      CMD: netsh int ipv4 reset
      CMD: netsh int ipv6 reset
      END


      *****************

      Error: Restore point can only be created in normal mode.
      Processes closed successfully.
      HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => key removed successfully
      HKU\S-1-5-21-795496770-4252586827-2317966144-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3861a169-a9a5-11e2-982a-002522f779c9} => key removed successfully
      HKLM\Software\Classes\CLSID\{3861a169-a9a5-11e2-982a-002522f779c9} => key not found.
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\ => value removed successfully
      HKU\S-1-5-21-795496770-4252586827-2317966144-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => value removed successfully
      HKU\S-1-5-21-795496770-4252586827-2317966144-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{db131c55-60c8-4adc-84dc-9e76ab06e2dc} => value removed successfully
      HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{12193C65-F0E1-4DD1-AD4E-DB73C6911014} => key removed successfully
      HKLM\Software\Wow6432Node\Classes\CLSID\{12193C65-F0E1-4DD1-AD4E-DB73C6911014} => key removed successfully
      HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{2D20E99C-1FD7-48EC-9FDF-CF3555B273D4} => key removed successfully
      HKLM\Software\Wow6432Node\Classes\CLSID\{2D20E99C-1FD7-48EC-9FDF-CF3555B273D4} => key removed successfully
      HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{57AF0810-BDA7-47A5-B02D-FDA1073C04B0} => key removed successfully
      HKLM\Software\Wow6432Node\Classes\CLSID\{57AF0810-BDA7-47A5-B02D-FDA1073C04B0} => key removed successfully
      HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{721700FE-7F0E-49C5-BDED-CA92B7CB1245} => key removed successfully
      HKLM\Software\Wow6432Node\Classes\CLSID\{721700FE-7F0E-49C5-BDED-CA92B7CB1245} => key removed successfully
      C:\ProgramData\user.js => moved successfully
      HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
      HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.9.2 => key not found.
      C:\Windows\SysWOW64\npDeployJava1.dll => not found.
      HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2 => key not found.
      C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => not found.
      HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
      HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => key removed successfully
      HKLM\System\CurrentControlSet\Services\EagleX64 => key removed successfully
      EagleX64 => service removed successfully
      HKLM\System\CurrentControlSet\Services\Synth3dVsc => key removed successfully
      Synth3dVsc => service removed successfully
      HKLM\System\CurrentControlSet\Services\tsusbhub => key removed successfully
      tsusbhub => service removed successfully
      HKLM\System\CurrentControlSet\Services\VGPU => key removed successfully
      VGPU => service removed successfully
      C:\Users\victor\AppData\Roaming\WB.CFG => moved successfully
      C:\Users\victor\AppData\Local\Config.ini => moved successfully
      C:\Users\victor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
      C:\ProgramData\addons.sqlite => moved successfully
      C:\ProgramData\Ament.ini => moved successfully
      C:\ProgramData\blocklist.xml => moved successfully
      C:\ProgramData\cert8.db => moved successfully
      C:\ProgramData\chromeappsstore.sqlite => moved successfully
      C:\ProgramData\cometbird.bat => moved successfully
      C:\ProgramData\compatibility.ini => moved successfully
      C:\ProgramData\content-prefs.sqlite => moved successfully
      C:\ProgramData\cookies.sqlite => moved successfully
      C:\ProgramData\downloads.sqlite => moved successfully
      C:\ProgramData\End.bat => moved successfully
      C:\ProgramData\extensions.ini => moved successfully
      C:\ProgramData\extensions.sqlite => moved successfully
      C:\ProgramData\formhistory.sqlite => moved successfully
      C:\ProgramData\key3.db => moved successfully
      C:\ProgramData\Leeme.txt => moved successfully
      C:\ProgramData\localstore.rdf => moved successfully
      C:\ProgramData\mimeTypes.rdf => moved successfully
      C:\ProgramData\nircmd.exe => moved successfully
      C:\ProgramData\permissions.sqlite => moved successfully
      C:\ProgramData\places.sqlite => moved successfully
      C:\ProgramData\pluginreg.dat => moved successfully
      C:\ProgramData\search.json => moved successfully
      C:\ProgramData\search.sqlite => moved successfully
      C:\ProgramData\secmod.db => moved successfully
      C:\ProgramData\signons.sqlite => moved successfully
      C:\ProgramData\tk.bat => moved successfully
      C:\ProgramData\urlclassifier.pset => moved successfully
      C:\ProgramData\urlclassifier3.sqlite => moved successfully
      "C:\ProgramData\user.js" => not found.
      C:\ProgramData\webappsstore.sqlite => moved successfully
      "C:\ProgramData\cometbird.bat" => not found.
      "C:\ProgramData\End.bat" => not found.
      "C:\ProgramData\nircmd.exe" => not found.
      "C:\ProgramData\pluginreg.dat" => not found.
      "C:\ProgramData\tk.bat" => not found.
      "C:\ProgramData\user.js" => not found.
      C:\Windows\System32\Drivers\etc\hosts => moved successfully
      Hosts restored successfully.

      ========= RemoveProxy: =========

      HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
      HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
      HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
      HKU\S-1-5-21-795496770-4252586827-2317966144-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
      HKU\S-1-5-21-795496770-4252586827-2317966144-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


      ========= End of RemoveProxy: =========


      ========= netsh winsock reset =========


      El cat*logo Winsock se restableci¢ correctamente.
      Debe reiniciar el equipo para completar el restablecimiento.


      ========= End of CMD: =========


      ========= ipconfig /renew =========


      Configuraci¢n IP de Windows


      Adaptador de Ethernet Conexi¢n de *rea local:

      Sufijo DNS espec¡fico para la conexi¢n. . :
      V¡nculo: direcci¢n IPv6 local. . . : fe80::b929:30bb:313:ea49%10
      Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.159
      M*scara de subred . . . . . . . . . . . . : 255.255.255.0
      Puerta de enlace predeterminada . . . . . : 192.168.0.1

      ========= End of CMD: =========


      ========= ipconfig /flushdns =========


      Configuraci¢n IP de Windows

      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

      ========= End of CMD: =========


      ========= bitsadmin /reset /allusers =========


      BITSADMIN version 3.0 [ 7.5.7601 ]
      BITS administration utility.
      (C) Copyright 2000-2006 Microsoft Corp.

      BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
      Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

      Unable to connect to BITS - 0x8007042c
      No se puede iniciar el servicio o grupo de dependencia.



      ========= End of CMD: =========


      ========= netsh winsock reset =========


      El cat*logo Winsock se restableci¢ correctamente.
      Debe reiniciar el equipo para completar el restablecimiento.


      ========= End of CMD: =========


      ========= ipconfig /renew =========


      Configuraci¢n IP de Windows


      Adaptador de Ethernet Conexi¢n de *rea local:

      Sufijo DNS espec¡fico para la conexi¢n. . :
      V¡nculo: direcci¢n IPv6 local. . . : fe80::b929:30bb:313:ea49%10
      Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.159
      M*scara de subred . . . . . . . . . . . . : 255.255.255.0
      Puerta de enlace predeterminada . . . . . : 192.168.0.1

      ========= End of CMD: =========


      ========= ipconfig /flushdns =========


      Configuraci¢n IP de Windows

      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

      ========= End of CMD: =========


      ========= bitsadmin /reset /allusers =========


      BITSADMIN version 3.0 [ 7.5.7601 ]
      BITS administration utility.
      (C) Copyright 2000-2006 Microsoft Corp.

      BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
      Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

      Unable to connect to BITS - 0x8007042c
      No se puede iniciar el servicio o grupo de dependencia.



      ========= End of CMD: =========


      ========= netsh advfirewall reset =========

      Aceptar


      ========= End of CMD: =========


      ========= netsh advfirewall set allprofiles state ON =========

      Aceptar


      ========= End of CMD: =========


      ========= netsh int ipv4 reset =========

      Global se restableci¢ correctamente.
      Interfaz se restableci¢ correctamente.
      Direcci¢n de unidifusi¢n se restableci¢ correctamente.
      Reinicie el equipo para completar esta acci¢n.


      ========= End of CMD: =========


      ========= netsh int ipv6 reset =========

      Interfaz se restableci¢ correctamente.
      Reinicie el equipo para completar esta acci¢n.


      ========= End of CMD: =========


      =========== EmptyTemp: ==========

      BITS transfer queue => 0 B
      DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10900118 B
      Java, Flash, Steam htmlcache => 523 B
      Windows/system/drivers => 6460 B
      Edge => 0 B
      Chrome => 0 B
      Firefox => 18710504 B
      Opera => 0 B

      Temp, IE cache, history, cookies, recent:
      Users => 0 B
      Default => 0 B
      Public => 0 B
      ProgramData => 0 B
      systemprofile => 1056567 B
      systemprofile32 => 917553653 B
      LocalService => 66228 B
      NetworkService => 66228 B
      victor => 8057361 B

      RecycleBin => 17667488 B
      EmptyTemp: => 929 MB temporary data Removed.

      ================================


      The system needed a reboot.

      ==== End of Fixlog 18:57:38 ====

      Ahora mismo no hay problemas, como la vez anterior que parecía ir todo bien y a los 10 días reapareció el problema. Espero que ya esté solucionado. Si tengo algo más que hacer, dímelo please.
      Gracias por tu tiempo de nuevo y saludos. Ya me dices.

    8. #38
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Via Lactea.
      Mensajes
      22.431

      Re: Bloqueo y calculadora (Re-abierto)

      Perfecto..... y ahora quiero que sigas estos pasos :

      - Desactivar temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus

      - Descarga la herramienta >>ComboFix y guárdala en el escritorio. <--- Importante.

      Nota: Antes de ejecutar ComboFix asegurarse de :

      Cerrar todos los programas y ventanas abiertas.

      Si está utilizando Windows Vista o Windows 7/8. Haga click derecho sobre el archivo ComboFix.exe y seleccionar Ejecutar como Administrador.

      PASO 1:
      • Ejecutar el archivo ComboFix.exe
      • Aceptar los términos de licencia.
      • Si ComboFix avisa que hay una versión nueva del programa deberás descargala.
      • Si ComboFix pide instalar la Consola de Recuperación (Recovery Console) hay que instalarla.

      PASO 2:
      • Copiar y pegar el reporte que ComboFix generó. Si no aparece lo encontraras en C:\ComboFix.txt.

      • Comentar cómo sigue su sistema, en relación al problema planteado.

      Importante :
      • Mientras esté trabajando ComboFix no ejecutar ningún software hasta que termine.
      • No reiniciar su PC, ComboFix lo hará de ser necesario.
      • Mientras ComboFix esté trabajando, no mover el mouse ya que pararía su proceso.

      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.
      NOTAS IMPORTANTES:

      ° Una vez Terminado el Trabajo de ComboFix, puedes activar Tu antivirus.

      ° No Pongas los Reportes Dentro de Etiquetas Code ni HTML.

      ° No vuelvas a ejecutar ningún otro programa antivirus hasta que vuelva con una respuesta.
      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #39
      Usuario Avatar de JessCity7788
      Registrado
      jun 2015
      Ubicación
      España
      Mensajes
      40

      Re: Bloqueo y calculadora (Re-abierto)

      Hecho:

      ComboFix 17-10-17.01 - victor 08/11/2017 19:28:15.1.4 - x64
      Microsoft Windows 7 Ultimate 6.1.7601.1.1252.34.3082.18.1719.913 [GMT 1:00]
      Running from: c:\users\victor\Downloads\ComboFix.exe
      AV: Avast Antivirus *Disabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
      SP: Avast Antivirus *Disabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
      SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\windows\security\logs\scecomp.log
      c:\windows\SysWow64\DEBUG.log
      .
      .
      ((((((((((((((((((((((((( Files Created from 2017-10-08 to 2017-11-08 )))))))))))))))))))))))))))))))
      .
      .
      2017-11-08 19:29 . 2017-11-08 19:29 -------- d-----w- c:\users\Default\AppData\Local\temp
      2017-11-08 18:24 . 2017-11-08 18:24 -------- d-----w- c:\programdata\SWCUTemp
      2017-11-08 17:33 . 2017-11-08 17:33 -------- d-----w- c:\program files (x86)\Common Files\Java
      2017-11-08 17:33 . 2017-11-08 17:32 97856 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
      2017-11-08 17:32 . 2017-11-08 17:33 -------- d-----w- c:\programdata\Oracle
      2017-11-08 17:32 . 2017-11-08 17:32 -------- d-----w- c:\program files (x86)\Java
      2017-11-08 17:07 . 2017-11-08 17:07 -------- d-----w- c:\program files\VS Revo Group
      2017-11-07 15:14 . 2017-11-08 17:59 -------- d-----w- C:\FRST
      2017-11-07 14:45 . 2017-11-07 14:46 -------- d-----w- C:\AdwCleaner
      2017-11-01 11:45 . 2017-11-08 18:00 252232 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
      2017-10-31 13:48 . 2017-10-31 13:48 192952 ----a-w- c:\windows\system32\drivers\MbamChameleon.sys
      2017-10-31 13:48 . 2017-10-31 13:50 110016 ----a-w- c:\windows\system32\drivers\farflt.sys
      2017-10-31 13:48 . 2017-10-31 22:02 84256 ----a-w- c:\windows\system32\drivers\mwac.sys
      2017-10-31 13:47 . 2017-10-31 13:50 45504 ----a-w- c:\windows\system32\drivers\mbam.sys
      2017-10-31 09:47 . 2017-10-04 12:15 77440 ----a-w- c:\windows\system32\drivers\mbae64.sys
      2017-10-31 09:43 . 2017-10-31 09:43 -------- d-----w- c:\program files\CCleaner
      2017-10-24 16:12 . 2017-10-24 16:12 -------- d-----w- c:\program files\Common Files\avast software
      2017-10-17 17:36 . 2017-10-17 17:36 -------- d-----w- c:\program files\Malwarebytes
      2017-10-17 17:33 . 2017-10-17 17:33 -------- d-----w- c:\windows\ERUNT
      2017-10-16 14:59 . 2017-10-16 14:59 -------- d-----w- C:\found.001
      2017-10-15 21:01 . 2017-10-15 21:47 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
      2017-10-12 16:11 . 2017-10-12 16:11 401488 ----a-w- c:\windows\system32\aswBoot.exe
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2017-10-27 08:17 . 2015-09-11 17:59 1029872 ----a-w- c:\windows\system32\drivers\aswsnx.sys
      2017-10-12 16:11 . 2015-09-11 18:13 201352 ----a-w- c:\windows\system32\drivers\aswStm.sys
      2017-10-12 16:11 . 2015-09-11 18:00 587168 ----a-w- c:\windows\system32\drivers\aswSP.sys
      2017-10-12 16:11 . 2015-09-11 17:59 363440 ----a-w- c:\windows\system32\drivers\aswVmm.sys
      2017-10-12 16:11 . 2015-09-11 18:13 47008 ----a-w- c:\windows\system32\drivers\aswHwid.sys
      2017-10-12 16:11 . 2015-09-11 17:59 110376 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
      2017-10-12 16:11 . 2015-09-11 17:59 84416 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
      2017-10-12 16:11 . 2015-09-11 17:59 147776 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
      2017-10-12 16:10 . 2017-03-17 21:52 57736 ----a-w- c:\windows\system32\drivers\aswbuniva.sys
      2017-10-12 16:10 . 2017-03-17 21:52 343288 ----a-w- c:\windows\system32\drivers\aswbloga.sys
      2017-10-12 16:10 . 2017-03-17 21:52 321032 ----a-w- c:\windows\system32\drivers\aswbidsdrivera.sys
      2017-10-12 16:10 . 2017-03-17 21:52 198976 ----a-w- c:\windows\system32\drivers\aswbidsha.sys
      2017-09-09 13:47 . 2016-07-11 18:03 41832 ----a-w- c:\windows\system32\drivers\aswKbd.sys
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2017-10-18 10021040]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2017-09-05 587288]
      .
      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
      "FlashPlayerUpdate"="c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe" [2013-10-09 829832]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      "SoftwareSASGeneration"= 1 (0x1)
      "EnableSecureUIAPath"= 1 (0x1)
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
      "LoadAppInit_DLLs"=1 (0x1)
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
      @="Service"
      .
      R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
      R2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [x]
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
      R3 aswbIDSAgent;aswbIDSAgent;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe [x]
      R3 aswHwid;aswHwid;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
      R3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
      R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
      R3 MBAMFarflt;MBAMFarflt;c:\windows\system32\DRIVERS\farflt.sys;c:\windows\SYSNATIVE\DRIVERS\farflt.sys [x]
      R3 MBAMProtection;MBAMProtection;c:\windows\system32\DRIVERS\mbam.sys;c:\windows\SYSNATIVE\DRIVERS\mbam.sys [x]
      R3 MBAMWebProtection;MBAMWebProtection;c:\windows\system32\DRIVERS\mwac.sys;c:\windows\SYSNATIVE\DRIVERS\mwac.sys [x]
      R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
      R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
      R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
      S0 aswbidsh;aswbidsh;c:\windows\\SystemRoot\system32\drivers\aswbidsha.sys;c:\windows\\SystemRoot\system32\drivers\aswbidsha.sys [x]
      S0 aswblog;aswblog;c:\windows\\SystemRoot\system32\drivers\aswbloga.sys;c:\windows\\SystemRoot\system32\drivers\aswbloga.sys [x]
      S0 aswbuniv;aswbuniv;c:\windows\\SystemRoot\system32\drivers\aswbuniva.sys;c:\windows\\SystemRoot\system32\drivers\aswbuniva.sys [x]
      S0 aswRvrt;aswRvrt;c:\windows\\SystemRoot\system32\drivers\aswRvrt.sys;c:\windows\\SystemRoot\system32\drivers\aswRvrt.sys [x]
      S0 aswVmm;aswVmm;c:\windows\\SystemRoot\system32\drivers\aswVmm.sys;c:\windows\\SystemRoot\system32\drivers\aswVmm.sys [x]
      S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
      S1 aswbidsdriver;aswbidsdriver;c:\windows\system32\drivers\aswbidsdrivera.sys;c:\windows\SYSNATIVE\drivers\aswbidsdrivera.sys [x]
      S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
      S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
      S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
      S1 ESProtectionDriver;Malwarebytes Anti-Exploit;c:\windows\system32\drivers\mbae64.sys;c:\windows\SYSNATIVE\drivers\mbae64.sys [x]
      S1 GUBootStartup;GUBootStartup;c:\windows\System32\drivers\GUBootStartup.sys;c:\windows\SYSNATIVE\drivers\GUBootStartup.sys [x]
      S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
      S2 MBAMChameleon;MBAMChameleon;c:\windows\System32\Drivers\MbamChameleon.sys;c:\windows\SYSNATIVE\Drivers\MbamChameleon.sys [x]
      S2 MBAMService;Malwarebytes Service;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe [x]
      S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\System32\Drivers\mbamswissarmy.sys;c:\windows\SYSNATIVE\Drivers\mbamswissarmy.sys [x]
      S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
      .
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw]
      @="{472083B0-C522-11CF-8763-00608CC02F24}"
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
      @="{472083B0-C522-11CF-8763-00608CC02F24}"
      [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
      2017-10-12 16:11 1789648 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw]
      @="{472083B0-C522-11CF-8763-00608CC02F24}"
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
      @="{472083B0-C522-11CF-8763-00608CC02F24}"
      [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
      2017-10-12 16:11 1789648 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-10 167704]
      "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-10 392984]
      "Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-10 417560]
      "AvastUI.exe"="c:\program files\AVAST Software\Avast\AvLaunch.exe" [2017-10-12 253344]
      .
      ------- Supplementary Scan -------
      .
      uLocal Page = c:\windows\system32\blank.htm
      uStart Page = hxxp://www.google.com/
      mStart Page = hxxp://www.google.com
      mLocal Page = c:\windows\SysWOW64\blank.htm
      IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
      Trusted Zone: localhost
      TCP: DhcpNameServer = 192.168.0.1
      FF - ProfilePath - c:\users\victor\AppData\Roaming\Mozilla\Firefox\Profiles\s5py71of.default-1426375829093\
      FF - prefs.js: browser.startup.homepage - google.es/
      .
      - - - - ORPHANS REMOVED - - - -
      .
      HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
      .
      .
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
      @Denied: (2) (LocalSystem)
      .
      [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
      @Denied: (2) (LocalSystem)
      "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
      d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,70,3a,fa,dc,1a,ce,06,48,83,27,34,\
      "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
      d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,70,3a,fa,dc,1a,ce,06,48,83,27,34,\
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.11"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
      @="?????????????????? v1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
      @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
      @="?????????????????? v2"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
      @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      Completion time: 2017-11-08 20:32:54
      ComboFix-quarantined-files.txt 2017-11-08 19:32
      .
      Pre-Run: 62.374.313.984 bytes libres
      Post-Run: 61.056.344.064 bytes libres
      .
      - - End Of File - - CB8AF029E6D6322CA2C9F4E209729C1A
      A36C5E4F47E84449FF07ED3517B43A31

      Ya me dices. Saludos.

    10. #40
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Via Lactea.
      Mensajes
      22.431

      Re: Bloqueo y calculadora (Re-abierto)

      Hola.

      Lo primero y mas IMPORTANTE, mueve(cortar y pegar) el ejecutable de COMBOFIX desde la carpeta de descargas(Downloads) a tu escritorio.
      Running from: c:\users\victor\Downloads\ComboFix.exe
      Y ahora..... :

      1.- Abre el Notepad (Bloc de notas)
      • En Windows XP
        Ve a Inicio >> Selecciona Ejecutar >> Escribe dentro Notepad.

      • En Windows Vista y/o Windows 7/8
        Ve a Inicio >> Todos los programas >> Accesorios >> Selecciona Ejecutar >> Escribe dentro Notepad.


      2.-
      Ahora copia y pega la información, del interior del siguiente recuadro, dentro del Notepad.

      Atención : la palabra "Código:" NO se copia.
      Código:
      KillAll::
      ClearJavaCache::
      RegLock::
      [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
      [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]

      3.-
      Guarda este archivo con el nombre CFScript.txt dentro del Escritorio.

      4.- Arrastra y suelta el archivo CFScript.txt dentro del archivo ComboFix.exe como muestra la animación aquí abajo. Esto activara ComboFix nuevamente.
      Antes de usar el CFScript....
      Súbenos el nuevo informe de ComboFix e indícanos como funciona tu equipo.

      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.