• Registrarse
  • Iniciar sesión


  • Resultados 1 al 7 de 7

    New Tab cambio del motor de busqueda en Chrome

    Hola, quisiera su ayuda también con este asunto, tengo exactamente el mismo problema que este usuario http://www.forospyware.com/t533769.html#post2603715 . Ya hice el SCAN con FRST64....

    1. #1
      Usuario Avatar de jhoanamichel
      Registrado
      nov 2015
      Ubicación
      mexico
      Mensajes
      5

      New Tab cambio del motor de busqueda en Chrome

      Hola, quisiera su ayuda también con este asunto, tengo exactamente el mismo problema que este usuario Adware "New Tab" cambio del motor de busqueda en Chrome (Solucionado) . Ya hice el SCAN con FRST64.

    2. #2
      Moderador
      Avatar de @JonathanM
      Registrado
      may 2006
      Ubicación
      Chile
      Mensajes
      11.711

      Re: New Tab cambio del motor de busqueda en Chrome

      Hola

      Descarga DelFix en el escritorio de windows.
      • Haz doble clic para ejecutarlo.
      • Ventana principal, marca solamente la casilla Remove disinfection tools
      • Clic en Run.

      Al terminar Se abrirá un reporte llamado DelFix.txt, pega el reporte en este mismo tema.

      Saludos
      <¡D3vIL!>

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de jhoanamichel
      Registrado
      nov 2015
      Ubicación
      mexico
      Mensajes
      5

      Re: New Tab cambio del motor de busqueda en Chrome

      Hola, gracias por contestar
      Este fue el reporte.

      # DelFix v1.013 - Logfile created 09/11/2017 at 09:22:37
      # Updated 17/04/2016 by Xplode
      # Username : jhoan_000 - ULTRAVIOLENCE
      # Operating System : Windows 10 Home Single Language (64 bits)

      ~ Removing disinfection tools ...

      Deleted : C:\FRST
      Deleted : C:\AdwCleaner
      Deleted : C:\Users\jhoan_000\Desktop\Addition.txt
      Deleted : C:\Users\jhoan_000\Desktop\FRST.txt
      Deleted : C:\Users\jhoan_000\Desktop\FRST64.exe
      Deleted : HKLM\SOFTWARE\AdwCleaner

      ########## - EOF - ##########

    4. #4
      Moderador
      Avatar de @JonathanM
      Registrado
      may 2006
      Ubicación
      Chile
      Mensajes
      11.711

      Re: New Tab cambio del motor de busqueda en Chrome

      Realiza lo siguiente:


      • Segun tu sistema operativo, descarga en el escritorio Farbar Recovery Scan Tool:
        1. FRST.exe - 32 Bits
        2. FRST64.exe - 64 Bits
      • Doble clic sobre la herramienta (FRST64.exe o FRST.exe) para ejecutarla.
        • Haga clic en Yes/Si para aceptar los términos de uso.
        • Haga clic en Scan y espera paciente a que este termine.

      *NOTA* Los reportes FRST.txt & Addition.txt quedaran guardados en donde la herramienta fue ejecutada, no los elimine.

      Para terminar solamente copie y pegue el contenido del archivo FRST.txt y Addition.txt en su siguiente respuesta.



      Saludos
      <¡D3vIL!>

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de jhoanamichel
      Registrado
      nov 2015
      Ubicación
      mexico
      Mensajes
      5

      Re: New Tab cambio del motor de busqueda en Chrome

      Este es el reporte FRST:

      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2017 03
      Ran by jhoan_000 (administrator) on ULTRAVIOLENCE (13-11-2017 1236)
      Running from C:\Users\jhoan_000\Desktop
      Loaded Profiles: jhoan_000 (Available Profiles: jhoan_000)
      Platform: Windows 10 Home Single Language Version 1703 15063.674 (X64) Language: Español (España, internacional)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
      (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
      (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
      (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avp.exe
      (Computación en Acción S.A. de C.V.) C:\Program Files (x86)\Compac\Servidor de Aplicaciones\saci.exe
      (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
      (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
      (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.COMPAC\MSSQL\Binn\sqlservr.exe
      (Microsoft Corporation) C:\Windows\System32\mqsvc.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
      (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
      (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
      (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
      (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
      (Intel Corporation) C:\Windows\System32\igfxHK.exe
      (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
      (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avpui.exe
      (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

      ==================== Registry (Whitelisted) ===========================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3351248 2015-09-09] (ELAN Microelectronics Corp.)
      HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-09-11] (Apple Inc.)
      HKU\S-1-5-21-4262794638-464061483-1675013985-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9856176 2017-09-20] (Piriform Ltd)
      Startup: C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SynRemoveUserSettings.bat [2017-04-18] ()
      GroupPolicy: Restriction - Chrome <==== ATTENTION

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      Tcpip\Parameters: [DhcpNameServer] 200.34.142.178
      Tcpip\..\Interfaces\{960e834d-efb9-4977-b4c3-e46a928aca17}: [DhcpNameServer] 10.41.6.93 10.32.1.103
      Tcpip\..\Interfaces\{d5cd9094-8255-4bef-9ff2-84396b0b52bf}: [NameServer] 8.8.8.8,8.8.4.4
      Tcpip\..\Interfaces\{d5cd9094-8255-4bef-9ff2-84396b0b52bf}: [DhcpNameServer] 200.34.142.178
      Tcpip\..\Interfaces\{e86106ea-8a10-42b1-b4d5-a89a3fda0238}: [DhcpNameServer] 172.20.10.1

      Internet Explorer:
      ==================
      HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
      HKU\S-1-5-21-4262794638-464061483-1675013985-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
      BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-08-24] (Microsoft Corporation)
      BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation)
      Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - No File
      Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
      Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
      Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
      Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)

      FireFox:
      ========
      FF DefaultProfile: 73a94ghk.default-1505417980979
      FF ProfilePath: C:\Users\jhoan_000\AppData\Roaming\Mozilla\Firefox\Profiles\73a94ghk.default-1505417980979 [2017-11-12]
      FF Extension: (Safe Browsing Version 4 (temporary add-on)) - C:\Users\jhoan_000\AppData\Roaming\Mozilla\Firefox\Profiles\73a94ghk.default-1505417980979\Extensions\[email protected] [2017-11-11]
      FF Extension: (Adblock Plus) - C:\Users\jhoan_000\AppData\Roaming\Mozilla\Firefox\Profiles\73a94ghk.default-1505417980979\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-11-11]
      FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi => not found
      FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
      FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-11-01]
      FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
      FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll [2017-11-10] ()
      FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
      FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-11-10] ()
      FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
      FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
      FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
      FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
      FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [No File]
      FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-11-07] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-11-07] (Google Inc.)

      Chrome:
      =======
      CHR HomePage: Default -> hxxps://www.google.com.mx/
      CHR Profile: C:\Users\jhoan_000\AppData\Local\Google\Chrome\User Data\Default [2017-11-13]
      CHR Extension: (Presentaciones) - C:\Users\jhoan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
      CHR Extension: (Documentos) - C:\Users\jhoan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
      CHR Extension: (Google Drive) - C:\Users\jhoan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-29]
      CHR Extension: (YouTube) - C:\Users\jhoan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-29]
      CHR Extension: (Adblock Plus) - C:\Users\jhoan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-30]
      CHR Extension: (Hojas*de*cálculo) - C:\Users\jhoan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
      CHR Extension: (Servibox Descarga CFDI SAT) - C:\Users\jhoan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gglajafleceohegiiegjinmfnomagiaf [2017-11-03]
      CHR Extension: (Documentos de Google sin conexión) - C:\Users\jhoan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-29]
      CHR Extension: (Kaspersky Protection) - C:\Users\jhoan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk [2017-11-01]
      CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\jhoan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-29]
      CHR Extension: (Gmail) - C:\Users\jhoan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-29]
      CHR Extension: (Chrome Media Router) - C:\Users\jhoan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-30]
      CHR Profile: C:\Users\jhoan_000\AppData\Local\Google\Chrome\User Data\System Profile [2017-11-10]
      CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
      CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
      CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
      R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-09-07] (Apple Inc.)
      R2 AVP18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avp.exe [354672 2017-01-24] (AO Kaspersky Lab)
      S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1473216 2016-11-17] (Disc Soft Ltd)
      R2 ETDService; C:\Program Files\Elantech\ETDService.exe [145624 2015-09-09] (ELAN Microelectronics Corp.)
      S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
      R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [328624 2015-10-07] (Intel Corporation)
      S4 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
      S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
      S3 klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\vssbridge64.exe [426416 2017-11-01] (AO Kaspersky Lab)
      R2 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)
      R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
      R2 MSSQL$COMPAC; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.COMPAC\MSSQL\Binn\sqlservr.exe [43044512 2015-04-03] (Microsoft Corporation)
      S4 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
      R2 Saci_CONTPAQi; C:\Program Files (x86)\Compac\Servidor de Aplicaciones\Saci.exe [179200 2016-10-28] (Computación en Acción S.A. de C.V.) [File not signed]
      S4 SQLAgent$COMPAC; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.COMPAC\MSSQL\Binn\SQLAGENT.EXE [380064 2015-04-03] (Microsoft Corporation)
      S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
      S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)

      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4317112 2017-04-17] (Qualcomm Atheros Communications, Inc.)
      R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [247008 2016-12-26] (AO Kaspersky Lab)
      R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-11-30] (Disc Soft Ltd)
      R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-11-30] (Disc Soft Ltd)
      S3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [175152 2017-04-18] (ELAN Microelectronic Corp.)
      R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [51128 2017-04-17] (Intel Corporation)
      R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554408 2016-10-01] (AO Kaspersky Lab)
      R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [70872 2017-10-15] (AO Kaspersky Lab)
      R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [89952 2017-10-15] (AO Kaspersky Lab)
      R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
      S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29816 2016-10-14] (AO Kaspersky Lab)
      R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [207576 2017-11-01] (AO Kaspersky Lab)
      R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [594144 2017-11-01] (AO Kaspersky Lab)
      R3 klids; C:\ProgramData\Kaspersky Lab\AVP18.0.0\Bases\klids.sys [186184 2017-11-01] (AO Kaspersky Lab)
      R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1055448 2017-11-01] (AO Kaspersky Lab)
      R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-10-12] (AO Kaspersky Lab)
      R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [57056 2016-12-23] (AO Kaspersky Lab)
      R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [58592 2016-12-07] (AO Kaspersky Lab)
      R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50672 2017-10-15] (AO Kaspersky Lab)
      R3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [44768 2017-01-20] (AO Kaspersky Lab)
      R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
      R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-11-01] (AO Kaspersky Lab)
      R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-11-10] (AO Kaspersky Lab)
      S3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [251656 2017-11-02] (AO Kaspersky Lab)
      R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [112912 2017-11-01] (AO Kaspersky Lab)
      R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173144 2017-11-01] (AO Kaspersky Lab)
      R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [93920 2016-12-20] (AO Kaspersky Lab)
      R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136176 2017-10-15] (AO Kaspersky Lab)
      R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199360 2017-10-15] (AO Kaspersky Lab)
      S3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
      R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [252232 2017-11-12] (Malwarebytes)
      S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [82072 2015-08-10] (McAfee, Inc.)
      R1 MpKsl4d96e930; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AD25738C-E73F-4FBE-9D8C-D3091EDE08E7}\MpKsl4d96e930.sys [58120 2017-11-10] (Microsoft Corporation)
      S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security, S.L.)
      S3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
      R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [954368 2017-04-18] (Realtek )
      R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [419296 2017-04-18] (Realsil Semiconductor Corporation)
      S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
      R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
      S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
      S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
      S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-11-13 12:10 - 2017-11-13 12:14 - 000019196 _____ C:\Users\jhoan_000\Desktop\FRST.txt
      2017-11-13 12:10 - 2017-11-13 12:10 - 000000000 ____D C:\FRST
      2017-11-13 12:06 - 2017-11-13 12:07 - 002392576 _____ (Farbar) C:\Users\jhoan_000\Desktop\FRST64.exe
      2017-11-12 15:35 - 2017-06-13 01:22 - 1912144461 _____ C:\Users\jhoan_000\Downloads\Nocturnal.animals.2016.1080p-dual-lat.mp4
      2017-11-12 14:56 - 2017-07-20 12:05 - 1625466439 _____ C:\Users\jhoan_000\Downloads\Money.monster.2016.1080p-dual-lat.mp4
      2017-11-12 14:20 - 2017-11-10 11:54 - 1909852409 _____ C:\Users\jhoan_000\Downloads\The.girl.with.all.the.gifts.2016.1080p-dual-lat.mp4
      2017-11-12 14:18 - 2017-07-21 11:37 - 1661218488 _____ C:\Users\jhoan_000\Downloads\Going.in.style.2017.1080p-dual-lat.mp4
      2017-11-10 13:49 - 2017-11-10 13:49 - 000004420 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
      2017-11-10 13:48 - 2017-11-10 13:48 - 000004620 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
      2017-11-10 13:33 - 2017-11-10 13:33 - 000087584 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
      2017-11-10 13:31 - 2017-11-10 13:35 - 000474316 _____ C:\WINDOWS\Minidump\111017-46640-01.dmp
      2017-11-10 13:31 - 2017-11-10 13:31 - 472938044 _____ C:\WINDOWS\MEMORY.DMP
      2017-11-10 13:31 - 2017-11-10 13:31 - 000000000 ____D C:\WINDOWS\Minidump
      2017-11-10 12:13 - 2017-11-10 12:15 - 015112147 _____ C:\Users\jhoan_000\Downloads\Arrendamiento.zip
      2017-11-10 12:13 - 2017-11-10 12:15 - 015057333 _____ C:\Users\jhoan_000\Downloads\Honorarios.zip
      2017-11-10 12:13 - 2017-11-10 12:14 - 012424824 _____ C:\Users\jhoan_000\Downloads\Propuesta asalariados.zip
      2017-11-10 12:13 - 2017-11-10 12:14 - 006808351 _____ C:\Users\jhoan_000\Downloads\Asalariados captura.zip
      2017-11-10 11:11 - 2017-11-10 11:11 - 000005200 _____ C:\Users\jhoan_000\Downloads\7EB5EF35-4178-4030-8AB3-2113DA0322E7.xml
      2017-11-10 09:50 - 2017-11-10 09:50 - 000010367 _____ C:\Users\jhoan_000\Downloads\Resultados (7).pdf
      2017-11-10 09:50 - 2017-11-10 09:50 - 000010360 _____ C:\Users\jhoan_000\Downloads\Resultados (8).pdf
      2017-11-10 09:50 - 2017-11-10 09:50 - 000005509 _____ C:\Users\jhoan_000\Downloads\7709C812-FFB4-4080-A499-F2D8CED2759B.xml
      2017-11-10 09:50 - 2017-11-10 09:50 - 000005505 _____ C:\Users\jhoan_000\Downloads\ADBCD9DC-7494-4900-A5DA-6A3C7A3A1411.xml
      2017-11-10 09:49 - 2017-11-10 09:50 - 000005337 _____ C:\Users\jhoan_000\Downloads\3EFED9F3-B0D4-4EE1-9E51-71B4AB046633.xml
      2017-11-10 09:49 - 2017-11-10 09:50 - 000005333 _____ C:\Users\jhoan_000\Downloads\3FBC7EBC-AD51-41C9-8829-8734C009D3A5.xml
      2017-11-09 10:08 - 2017-11-10 11:21 - 000000000 ____D C:\Users\jhoan_000\Desktop\Guadalupe Lopez Tejero
      2017-11-09 09:41 - 2017-11-09 09:41 - 000012499 _____ C:\Users\jhoan_000\Downloads\Resultados (6).pdf
      2017-11-09 09:41 - 2017-11-09 09:41 - 000010702 _____ C:\Users\jhoan_000\Downloads\Resultados (5).pdf
      2017-11-09 09:40 - 2017-11-09 09:40 - 000014635 _____ C:\Users\jhoan_000\Downloads\Resultados (4).pdf
      2017-11-09 09:39 - 2017-11-09 09:39 - 000012510 _____ C:\Users\jhoan_000\Downloads\Resultados (3).pdf
      2017-11-09 09:22 - 2017-11-09 09:22 - 000000494 _____ C:\DelFix.txt
      2017-11-07 23:42 - 2017-11-07 23:42 - 000888327 _____ C:\Users\jhoan_000\Downloads\Punto_de_equilibrio_web.pdf
      2017-11-07 16:51 - 2017-11-07 16:52 - 000183220 _____ C:\Users\jhoan_000\Downloads\Appsdiagnostic10.diagcab
      2017-11-07 12:41 - 2017-11-07 12:41 - 000002346 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2017-11-07 12:41 - 2017-11-07 12:41 - 000002334 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2017-11-07 12:40 - 2017-11-07 12:40 - 000003618 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
      2017-11-07 12:39 - 2017-11-07 12:39 - 000003494 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
      2017-11-07 12:37 - 2017-11-07 12:38 - 001130328 _____ (Google Inc.) C:\Users\jhoan_000\Downloads\ChromeSetup(2).exe
      2017-11-06 12:28 - 2017-11-06 12:29 - 000004777 _____ C:\Users\jhoan_000\Downloads\4B2F0333-73BF-424F-A177-CA53946656D7.xml
      2017-11-06 12:28 - 2017-11-06 12:29 - 000004777 _____ C:\Users\jhoan_000\Downloads\413CB117-1212-472B-B42A-7CE173A41756.xml
      2017-11-06 12:16 - 2017-11-06 19:24 - 000000000 ____D C:\Users\jhoan_000\Desktop\GENARO JAAZIEL
      2017-11-06 10:57 - 2017-11-06 10:55 - 000022289 _____ C:\Users\jhoan_000\Desktop\GENARO JAZIEL.xlsx
      2017-11-06 09:40 - 2017-11-06 09:40 - 001130328 _____ (Google Inc.) C:\Users\jhoan_000\Downloads\ChromeSetup(1).exe
      2017-11-06 09:38 - 2017-11-06 09:38 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
      2017-11-06 09:38 - 2017-11-06 09:38 - 000001220 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
      2017-11-06 09:38 - 2017-11-06 09:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
      2017-11-06 09:37 - 2017-11-06 09:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
      2017-11-06 09:30 - 2017-11-06 09:30 - 000245704 _____ (Mozilla) C:\Users\jhoan_000\Downloads\Firefox Installer.exe
      2017-11-03 12:11 - 2017-11-03 12:11 - 001130328 _____ (Google Inc.) C:\Users\jhoan_000\Downloads\ChromeSetup.exe
      2017-11-03 10:44 - 2017-11-03 10:44 - 000005335 _____ C:\Users\jhoan_000\Downloads\A532EDA5-C05D-4899-912B-FCB198C0032F (1).xml
      2017-11-03 10:37 - 2017-11-03 10:37 - 000009523 _____ C:\Users\jhoan_000\Downloads\D5DCCDC1-415E-4A6A-8696-043794623411.xml
      2017-11-03 10:37 - 2017-11-03 10:37 - 000007037 _____ C:\Users\jhoan_000\Downloads\5CDA91A2-E61F-4D10-A8A3-546429668AD1.xml
      2017-11-03 10:37 - 2017-11-03 10:37 - 000006285 _____ C:\Users\jhoan_000\Downloads\44AFCF4C-0A8E-4AF9-864D-2F6B9B30EFBC.xml
      2017-11-03 10:37 - 2017-11-03 10:37 - 000006260 _____ C:\Users\jhoan_000\Downloads\3294F881-D48A-43F0-ABF6-55A93D7E378B.xml
      2017-11-03 10:37 - 2017-11-03 10:37 - 000005782 _____ C:\Users\jhoan_000\Downloads\F754A726-B4B2-48DE-ACD4-A0F5569A8517.xml
      2017-11-03 10:37 - 2017-11-03 10:37 - 000005762 _____ C:\Users\jhoan_000\Downloads\4D7BEEA8-8D0E-4BFE-BD11-7359EE1BDA38.xml
      2017-11-03 10:37 - 2017-11-03 10:37 - 000005645 _____ C:\Users\jhoan_000\Downloads\1A3EEB66-EDAF-43AE-8BE4-6CAF399F496E.xml
      2017-11-03 10:37 - 2017-11-03 10:37 - 000005616 _____ C:\Users\jhoan_000\Downloads\076B230B-D558-46B1-A35D-BCD0B909D1B5.xml
      2017-11-03 10:37 - 2017-11-03 10:37 - 000005559 _____ C:\Users\jhoan_000\Downloads\87CC5BE3-E37B-471C-AB2A-F0B17F04228F.xml
      2017-11-03 10:37 - 2017-11-03 10:37 - 000005465 _____ C:\Users\jhoan_000\Downloads\DBEE3EDF-9870-43B6-8131-2238D987AA2E.xml
      2017-11-03 10:37 - 2017-11-03 10:37 - 000005349 _____ C:\Users\jhoan_000\Downloads\A94FC858-B997-44AF-9135-6EDDF249B23A.xml
      2017-11-03 10:37 - 2017-11-03 10:37 - 000005335 _____ C:\Users\jhoan_000\Downloads\A532EDA5-C05D-4899-912B-FCB198C0032F.xml
      2017-11-03 10:37 - 2017-11-03 10:37 - 000005301 _____ C:\Users\jhoan_000\Downloads\A81F81C0-F9E6-410F-9F79-967FA403D832.xml
      2017-11-03 10:37 - 2017-11-03 10:37 - 000005197 _____ C:\Users\jhoan_000\Downloads\8F7EB939-FE3F-48A6-80BB-420404E38C7D.xml
      2017-11-03 10:37 - 2017-11-03 10:37 - 000005197 _____ C:\Users\jhoan_000\Downloads\4CA79F22-91D2-4F87-B207-AE1FBCAF5332.xml
      2017-11-03 10:37 - 2017-11-03 10:37 - 000005190 _____ C:\Users\jhoan_000\Downloads\9B241C80-6E46-4D02-B9D3-8859C8578DAA.xml
      2017-11-03 10:37 - 2017-11-03 10:37 - 000004728 _____ C:\Users\jhoan_000\Downloads\7F2CF41F-9D4B-4431-BB00-7CEB3CB98ECB.xml
      2017-11-03 10:33 - 2017-11-03 10:33 - 000021388 _____ C:\Users\jhoan_000\Downloads\Resultados (2).pdf
      2017-11-03 09:47 - 2017-11-03 09:47 - 000010774 _____ C:\Users\jhoan_000\Downloads\6083C0B6-AFF4-4F6B-B45E-6BF4D82DFBA9 (3).xml
      2017-11-03 09:47 - 2017-11-03 09:47 - 000006774 _____ C:\Users\jhoan_000\Downloads\B44A5C39-2AA7-4565-AA5C-19B7224F5A07.xml
      2017-11-03 09:47 - 2017-11-03 09:47 - 000006448 _____ C:\Users\jhoan_000\Downloads\ECB0513A-4AB7-CDF0-681B-7272E1F41977.xml
      2017-11-03 09:47 - 2017-11-03 09:47 - 000006262 _____ C:\Users\jhoan_000\Downloads\8BCE2171-D6B3-44D1-BD14-7C5ECDB11B76.xml
      2017-11-03 09:47 - 2017-11-03 09:47 - 000005999 _____ C:\Users\jhoan_000\Downloads\E7721C5E-0FDA-4648-89AD-CEC4D4424C77.xml
      2017-11-03 09:47 - 2017-11-03 09:47 - 000005956 _____ C:\Users\jhoan_000\Downloads\3EF83C5E-04F8-4B6A-B813-EF5574C50525.xml
      2017-11-03 09:47 - 2017-11-03 09:47 - 000005940 _____ C:\Users\jhoan_000\Downloads\C6B6D331-812F-4316-A203-67AB10749D90.xml
      2017-11-03 09:47 - 2017-11-03 09:47 - 000005811 _____ C:\Users\jhoan_000\Downloads\7704B678-6E07-40FC-9E4F-29A5A94E4A0B.xml
      2017-11-03 09:47 - 2017-11-03 09:47 - 000005657 _____ C:\Users\jhoan_000\Downloads\9960C7F5-B95B-C5C7-8539-8EEC0CBDD468.xml
      2017-11-03 09:47 - 2017-11-03 09:47 - 000005649 _____ C:\Users\jhoan_000\Downloads\B10EBF9B-3274-4D06-96AF-6AA2B192BE64.xml
      2017-11-03 09:47 - 2017-11-03 09:47 - 000005644 _____ C:\Users\jhoan_000\Downloads\6EEE59EE-C422-4ECC-90A3-02D3DF25B610.xml
      2017-11-03 09:47 - 2017-11-03 09:47 - 000005530 _____ C:\Users\jhoan_000\Downloads\78CE41C3-9AB7-4214-8FF6-3D29268C8A77.xml
      2017-11-03 09:47 - 2017-11-03 09:47 - 000005516 _____ C:\Users\jhoan_000\Downloads\A0B37BAA-3057-409C-AC34-885F85DE8F57.xml
      2017-11-03 09:47 - 2017-11-03 09:47 - 000005503 _____ C:\Users\jhoan_000\Downloads\64690257-5167-4349-931C-C83FA03C5505.xml
      2017-11-03 09:47 - 2017-11-03 09:47 - 000005468 _____ C:\Users\jhoan_000\Downloads\1B1BA64B-4858-4589-8B70-4374BF8F735E (1).xml
      2017-11-03 09:47 - 2017-11-03 09:47 - 000005361 _____ C:\Users\jhoan_000\Downloads\CFEBE755-A82A-41F0-8A6C-0FEA921252F4.xml
      2017-11-03 09:47 - 2017-11-03 09:47 - 000005347 _____ C:\Users\jhoan_000\Downloads\0EE536D5-B437-4D98-B377-F5B8B5CD9D62.xml
      2017-11-03 09:47 - 2017-11-03 09:47 - 000005316 _____ C:\Users\jhoan_000\Downloads\2CB64EAA-2218-4E10-8A02-63A641CE304A.xml
      2017-11-03 09:47 - 2017-11-03 09:47 - 000005205 _____ C:\Users\jhoan_000\Downloads\FC6E354E-E88A-4CAA-89D7-2566784CE442.xml
      2017-11-03 09:47 - 2017-11-03 09:47 - 000005200 _____ C:\Users\jhoan_000\Downloads\58509E58-3FD7-4393-AED6-4B96DC8E3901.xml
      2017-11-03 09:47 - 2017-11-03 09:47 - 000005175 _____ C:\Users\jhoan_000\Downloads\61919E02-9C6A-4C41-A5EA-BA0CD0A5A50D (1).xml
      2017-11-03 09:32 - 2017-11-03 09:32 - 000024015 _____ C:\Users\jhoan_000\Downloads\Resultados (1).pdf
      2017-11-02 07:43 - 2017-11-02 07:43 - 000251656 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
      2017-11-01 22:00 - 2017-11-01 22:00 - 000229288 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
      2017-11-01 22:00 - 2017-11-01 22:00 - 000173144 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
      2017-11-01 22:00 - 2017-11-01 22:00 - 000112912 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
      2017-11-01 21:58 - 2017-11-01 21:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
      2017-11-01 21:57 - 2013-05-06 08:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
      2017-11-01 21:56 - 2017-11-01 21:56 - 001055448 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
      2017-11-01 21:56 - 2017-11-01 21:56 - 000594144 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
      2017-11-01 21:56 - 2017-11-01 21:56 - 000207576 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
      2017-11-01 21:56 - 2017-11-01 21:56 - 000149304 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\klhkum.dll
      2017-11-01 21:42 - 2017-11-01 21:43 - 002348080 _____ (Kaspersky Lab) C:\Users\jhoan_000\Downloads\kis18.0.0.405abes_12785.exe
      2017-11-01 21:00 - 2017-11-01 21:01 - 000000000 ____D C:\Users\jhoan_000\Downloads\KaInterSec2017
      2017-11-01 13:18 - 2017-11-09 10:09 - 000000000 ____D C:\Users\jhoan_000\Desktop\Honorio Dzul Gongora
      2017-11-01 10:36 - 2017-11-01 10:36 - 000000000 ____D C:\Users\jhoan_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DEM_14DIOTcompleta
      2017-11-01 10:36 - 2017-11-01 10:36 - 000000000 ____D C:\DEM_14
      2017-11-01 10:34 - 2017-11-01 13:02 - 000000000 ____D C:\Users\jhoan_000\Desktop\Clínica
      2017-11-01 10:22 - 2017-11-01 10:22 - 000010774 _____ C:\Users\jhoan_000\Downloads\6083C0B6-AFF4-4F6B-B45E-6BF4D82DFBA9 (2).xml
      2017-11-01 09:55 - 2017-11-01 09:55 - 000005175 _____ C:\Users\jhoan_000\Downloads\61919E02-9C6A-4C41-A5EA-BA0CD0A5A50D.xml
      2017-10-31 23:18 - 2017-11-01 09:34 - 000000000 ____D C:\Users\jhoan_000\Doctor Web
      2017-10-31 23:18 - 2017-10-31 23:18 - 000000000 ____D C:\ProgramData\Doctor Web
      2017-10-31 22:47 - 2017-10-31 22:47 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\jhoan_000\Downloads\iExplore.exe
      2017-10-31 18:56 - 2017-10-31 18:56 - 000000000 ____D C:\Users\jhoan_000\Desktop\access
      2017-10-31 18:53 - 2017-10-16 16:12 - 000515712 _____ C:\Users\jhoan_000\Desktop\AWESOME PET SENTENCE TRANSFORMATION.pdf
      2017-10-31 18:53 - 2015-09-25 16:22 - 000385024 _____ C:\Users\jhoan_000\Desktop\TALLER ACCESS.pdf
      2017-10-31 18:52 - 2017-10-30 10:51 - 000888350 _____ C:\Users\jhoan_000\Desktop\CUENTAS POR COBRAR II.pptx
      2017-10-31 10:41 - 2017-10-31 10:30 - 000027552 _____ C:\Users\jhoan_000\Desktop\POLIZA DE EGRESOS 2017.xlsx
      2017-10-31 09:53 - 2017-10-31 09:53 - 000010774 _____ C:\Users\jhoan_000\Downloads\6083C0B6-AFF4-4F6B-B45E-6BF4D82DFBA9 (1).xml
      2017-10-31 09:50 - 2017-10-31 09:51 - 000010774 _____ C:\Users\jhoan_000\Downloads\6083C0B6-AFF4-4F6B-B45E-6BF4D82DFBA9.xml
      2017-10-31 09:48 - 2017-10-31 09:48 - 000005468 _____ C:\Users\jhoan_000\Downloads\1B1BA64B-4858-4589-8B70-4374BF8F735E.xml
      2017-10-30 19:23 - 2017-11-06 19:26 - 000417792 _____ C:\Users\jhoan_000\Documents\Database1.accdb
      2017-10-30 12:31 - 2017-11-12 21:13 - 000252232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
      2017-10-30 12:31 - 2017-10-30 12:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
      2017-10-30 12:31 - 2017-10-04 13:15 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
      2017-10-30 12:23 - 2017-10-30 12:23 - 000030277 _____ C:\ProgramData\agent.uninstall.1509387763.bdinstall.bin
      2017-10-30 12:23 - 2017-10-30 12:23 - 000001593 _____ C:\ProgramData\agent.1509387784.bdinstall.bin
      2017-10-30 11:22 - 2017-10-30 11:22 - 000213296 _____ C:\ProgramData\cl.uninstall.1509383897.bdinstall.bin
      2017-10-28 12:19 - 2017-10-28 12:19 - 000010021 _____ C:\Users\jhoan_000\Downloads\Resultados.pdf
      2017-10-28 12:19 - 2017-10-28 12:19 - 000004158 _____ C:\Users\jhoan_000\Downloads\E27D1664-37EA-4286-A072-76E2DC522DD7.xml
      2017-10-28 10:54 - 2017-10-28 10:54 - 000000000 ____D C:\ProgramData\Atc
      2017-10-28 10:48 - 2017-10-28 10:48 - 000503398 _____ C:\ProgramData\cl.1509208330.bdinstall.bin
      2017-10-28 10:48 - 2017-10-28 10:48 - 000075381 _____ C:\ProgramData\cl.kit.1509208297.bdinstall.bin
      2017-10-28 10:23 - 2017-10-28 10:23 - 000049218 _____ C:\ProgramData\agent.1509207805.bdinstall.bin
      2017-10-27 10:25 - 2017-10-27 10:25 - 000005100 _____ C:\Users\jhoan_000\Downloads\7CDC73DF-A52F-4C06-A71F-7CEF33B19BFD.xml
      2017-10-27 09:14 - 2017-10-27 09:14 - 000005244 _____ C:\Users\jhoan_000\Downloads\838F3557-66DC-4DC7-87F6-85E795197C46.xml
      2017-10-26 11:30 - 2017-10-26 11:30 - 000041984 _____ C:\Users\jhoan_000\Desktop\INPC_2016.xls
      2017-10-25 09:14 - 2017-10-28 12:25 - 000000000 ____D C:\Users\jhoan_000\Desktop\DECLARACIONES ESTATALES
      2017-10-25 09:12 - 2017-10-25 09:12 - 000000000 ____D C:\Users\jhoan_000\Desktop\FORMATOS AFFY
      2017-10-24 10:27 - 2017-10-24 10:27 - 000004987 _____ C:\Users\jhoan_000\Downloads\0C333F50-AD3F-40F0-9D9A-EC2E46971D82.xml
      2017-10-24 10:05 - 2017-10-24 10:05 - 000005872 _____ C:\Users\jhoan_000\Downloads\D774436E-45D4-4D8E-BEDB-6CFAF42702D1.xml
      2017-10-24 09:47 - 2017-10-24 09:47 - 000005254 _____ C:\Users\jhoan_000\Downloads\F03CDF2E-FB5A-44F8-9C2C-865820460DCA.xml
      2017-10-24 09:08 - 2017-10-24 09:08 - 000004956 _____ C:\Users\jhoan_000\Downloads\99E3FD52-F4B3-4AE0-A718-DA695A1126CF.xml
      2017-10-24 09:07 - 2017-10-24 09:07 - 000004716 _____ C:\Users\jhoan_000\Downloads\0E9187C2-AE3B-4EFC-A13E-375FDA3D5F0A.xml
      2017-10-24 08:57 - 2017-10-24 08:57 - 000005841 _____ C:\Users\jhoan_000\Downloads\B8527137-CEB8-4FB4-B014-9206703FFA32.xml
      2017-10-23 13:05 - 2017-10-23 13:05 - 000009855 _____ C:\Users\jhoan_000\Downloads\acusecancelacion.pdf
      2017-10-23 12:21 - 2017-10-23 12:21 - 000004960 _____ C:\Users\jhoan_000\Downloads\A268564E-CEB1-4CF3-96D6-D90BE10BDFAB.xml
      2017-10-23 12:05 - 2017-10-23 12:06 - 000005159 _____ C:\Users\jhoan_000\Downloads\2C51A076-D69F-401E-9B97-DA520D797DF2.xml
      2017-10-18 14:19 - 2017-10-18 14:19 - 000948065 _____ C:\Users\jhoan_000\Desktop\Unidad_03.pdf
      2017-10-16 22:00 - 2017-10-16 22:33 - 000000000 ____D C:\Users\jhoan_000\Desktop\Excel H.T
      2017-10-15 08:06 - 2017-10-15 08:06 - 000199360 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\kneps.sys
      2017-10-15 08:06 - 2017-10-15 08:06 - 000136176 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys
      2017-10-15 08:06 - 2017-10-15 08:06 - 000089952 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klbackupflt.sys
      2017-10-15 08:06 - 2017-10-15 08:06 - 000070872 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klbackupdisk.sys
      2017-10-15 08:06 - 2017-10-15 08:06 - 000050672 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klpd.sys

      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-11-13 12:08 - 2017-09-29 13:24 - 000000000 ____D C:\ProgramData\Kaspersky Lab
      2017-11-13 12:06 - 2017-04-21 18:57 - 000004076 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8A072246-8CF1-4FD1-A907-858D77344C9C}
      2017-11-12 21:33 - 2017-04-21 18:28 - 000000000 ____D C:\Users\jhoan_000
      2017-11-12 21:21 - 2017-04-21 18:55 - 003526156 _____ C:\WINDOWS\system32\PerfStringBackup.INI
      2017-11-12 21:21 - 2017-03-19 23:09 - 001691836 _____ C:\WINDOWS\system32\perfh00A.dat
      2017-11-12 21:21 - 2017-03-19 23:09 - 000421422 _____ C:\WINDOWS\system32\perfc00A.dat
      2017-11-12 21:14 - 2015-11-03 15:51 - 000000000 __SHD C:\Users\jhoan_000\IntelGraphicsProfiles
      2017-11-12 21:13 - 2017-04-21 18:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
      2017-11-12 15:35 - 2016-12-12 09:51 - 000000000 ____D C:\Users\jhoan_000\AppData\LocalLow\Mozilla
      2017-11-12 11:48 - 2017-03-18 15:03 - 000000000 ___HD C:\Program Files\WindowsApps
      2017-11-12 11:48 - 2017-03-18 15:03 - 000000000 ____D C:\WINDOWS\AppReadiness
      2017-11-10 21:25 - 2017-03-18 05:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI
      2017-11-10 19:31 - 2017-04-21 18:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
      2017-11-10 18:45 - 2013-08-22 07:25 - 000000199 _____ C:\WINDOWS\win.ini
      2017-11-10 13:48 - 2017-03-18 15:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
      2017-11-10 13:48 - 2017-03-18 15:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
      2017-11-10 13:21 - 2015-12-08 01:47 - 000000000 ____D C:\Users\jhoan_000\AppData\Local\ElevatedDiagnostics
      2017-11-10 13:17 - 2015-11-03 15:51 - 000000000 ____D C:\Users\jhoan_000\AppData\Local\Packages
      2017-11-07 12:41 - 2015-11-03 16:10 - 000000000 ____D C:\Program Files (x86)\Google
      2017-11-07 12:24 - 2017-03-18 15:01 - 000000000 ____D C:\WINDOWS\INF
      2017-11-07 12:14 - 2017-09-29 13:08 - 000000000 ____D C:\Program Files\CCleaner
      2017-11-07 09:49 - 2017-03-18 14:51 - 000000000 ____D C:\WINDOWS\CbsTemp
      2017-11-06 23:17 - 2017-07-28 12:13 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4262794638-464061483-1675013985-1001
      2017-11-06 23:17 - 2016-07-19 10:25 - 000002454 _____ C:\Users\jhoan_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
      2017-11-06 23:17 - 2015-11-03 16:00 - 000000000 __RDO C:\Users\jhoan_000\OneDrive
      2017-11-02 20:18 - 2017-08-24 14:48 - 000000000 ____D C:\Users\jhoan_000\Desktop\Herramientas Tecnológicas
      2017-11-01 22:00 - 2017-02-07 11:46 - 000000000 ____D C:\Program Files\Common Files\AV
      2017-11-01 21:56 - 2017-09-29 13:24 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
      2017-11-01 21:56 - 2017-03-18 15:03 - 000000000 ____D C:\WINDOWS\ELAMBKUP
      2017-11-01 21:51 - 2017-02-07 11:42 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
      2017-11-01 20:54 - 2016-09-15 07:44 - 000000000 ____D C:\Users\jhoan_000\Downloads\Mantenimiento
      2017-10-30 19:46 - 2016-07-29 06:51 - 000000000 ____D C:\Users\jhoan_000\AppData\Local\Microsoft Help
      2017-10-30 12:31 - 2015-12-20 14:47 - 000000000 ____D C:\ProgramData\Malwarebytes
      2017-10-30 12:17 - 2016-11-30 22:12 - 000000282 __RSH C:\ProgramData\ntuser.pol
      2017-10-30 11:19 - 2016-01-27 16:24 - 000004976 _____ C:\bdlog.txt
      2017-10-28 10:56 - 2017-03-18 05:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
      2017-10-28 08:13 - 2015-12-01 17:55 - 000000000 ____D C:\Users\jhoan_000\AppData\Local\Adobe
      2017-10-24 15:14 - 2017-03-18 15:06 - 000835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
      2017-10-24 15:14 - 2017-03-18 15:06 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
      2017-10-16 21:56 - 2017-09-25 18:19 - 000000000 ____D C:\Users\jhoan_000\Desktop\Herramientas Tec. Jhoana Koo

      ==================== Files in the root of some directories =======

      2016-12-01 15:48 - 2017-01-14 00:54 - 000000310 _____ () C:\Users\jhoan_000\AppData\Roaming\WB.CFG
      2015-12-20 17:59 - 2016-09-05 10:08 - 000007605 _____ () C:\Users\jhoan_000\AppData\Local\resmon.resmoncfg
      2017-10-28 10:23 - 2017-10-28 10:23 - 000049218 _____ () C:\ProgramData\agent.1509207805.bdinstall.bin
      2017-10-30 12:23 - 2017-10-30 12:23 - 000001593 _____ () C:\ProgramData\agent.1509387784.bdinstall.bin
      2017-10-30 12:23 - 2017-10-30 12:23 - 000030277 _____ () C:\ProgramData\agent.uninstall.1509387763.bdinstall.bin
      2017-10-28 10:48 - 2017-10-28 10:48 - 000503398 _____ () C:\ProgramData\cl.1509208330.bdinstall.bin
      2017-10-28 10:48 - 2017-10-28 10:48 - 000075381 _____ () C:\ProgramData\cl.kit.1509208297.bdinstall.bin
      2017-10-30 11:22 - 2017-10-30 11:22 - 000213296 _____ () C:\ProgramData\cl.uninstall.1509383897.bdinstall.bin
      2017-04-21 18:26 - 2017-04-21 18:26 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
      2017-02-09 11:32 - 2017-02-09 11:32 - 000000120 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

      Files to move or delete:
      ====================
      C:\Windows\Tasks\{71EB1347-9390-34C8-7FC6-5BCABF15FC59}.job


      ==================== Bamital & volsnap ======================

      (There is no automatic fix for files that do not pass verification.)

      C:\WINDOWS\system32\winlogon.exe => File is digitally signed
      C:\WINDOWS\system32\wininit.exe => File is digitally signed
      C:\WINDOWS\explorer.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
      C:\WINDOWS\system32\svchost.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
      C:\WINDOWS\system32\services.exe => File is digitally signed
      C:\WINDOWS\system32\User32.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
      C:\WINDOWS\system32\userinit.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
      C:\WINDOWS\system32\rpcss.dll => File is digitally signed
      C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
      C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

      LastRegBack: 2017-11-12 13:31

      ==================== End of FRST.txt ============================

    6. #6
      Usuario Avatar de jhoanamichel
      Registrado
      nov 2015
      Ubicación
      mexico
      Mensajes
      5

      Re: New Tab cambio del motor de busqueda en Chrome

      Este es el addition:

      Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-11-2017 03
      Ran by jhoan_000 (13-11-2017 12:17:40)
      Running from C:\Users\jhoan_000\Desktop
      Windows 10 Home Single Language Version 1703 15063.674 (X64) (2017-04-22 01:27:52)
      Boot Mode: Normal
      ==========================================================


      ==================== Accounts: =============================

      Administrador (S-1-5-21-4262794638-464061483-1675013985-500 - Administrator - Disabled)
      DefaultAccount (S-1-5-21-4262794638-464061483-1675013985-503 - Limited - Disabled)
      Invitado (S-1-5-21-4262794638-464061483-1675013985-501 - Limited - Disabled)
      jhoan_000 (S-1-5-21-4262794638-464061483-1675013985-1001 - Administrator - Enabled) => C:\Users\jhoan_000

      ==================== Security Center ========================

      (If an entry is included in the fixlist, it will be removed.)

      AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
      AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
      AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

      ==================== Installed Programs ======================

      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

      Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3024 - Acer Incorporated)
      Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
      Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: - )
      Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated)
      Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated)
      Age of Empires III - The Asian Dynasties (HKLM-x32\...\{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
      Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
      Age of Empires III - The WarChiefs (HKLM-x32\...\{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
      Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
      Age of Empires III (HKLM-x32\...\{993908C2-50E1-4CCB-9846-D663D340896C}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
      Age of Empires III (HKLM-x32\...\InstallShield_{993908C2-50E1-4CCB-9846-D663D340896C}) (Version: 1.00.0000 - Microsoft Game Studios)
      Apple Application Support (32 bits) (HKLM-x32\...\{3D1290E6-1F77-46D5-A715-A56679C8D4E3}) (Version: 6.0.2 - Apple Inc.)
      Apple Application Support (64 bits) (HKLM\...\{D0E45DEC-F4B9-4370-A9DF-66837789C2EF}) (Version: 6.0.2 - Apple Inc.)
      Apple Mobile Device Support (HKLM\...\{E3C4B99B-BE71-4C27-8E3C-4FAE3C46E1D5}) (Version: 11.0.0.30 - Apple Inc.)
      Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
      Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
      CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform)
      Compac - ContPAQ 2004 (Local) (HKLM-x32\...\Compac - ContPAQw (Local)) (Version: - )
      CONTPAQ i® Administrador de Documentos Digitales (HKLM-x32\...\{3B64D508-2E57-4180-986F-56E9028C5B75}) (Version: 1.2.5 - CONTPAQ i®)
      CONTPAQ i® Formatos Digitales (HKLM-x32\...\{FAC18E82-B187-4C63-952C-539792E7D83A}) (Version: 1.2.5 - CONTPAQ i®)
      CONTPAQ i® Servidor de Aplicaciones (HKLM-x32\...\{3B5DB6C7-B962-4992-A958-7DED3F419EBB}) (Version: 1.2.5 - CONTPAQ i®)
      D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
      DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.0.0220 - Disc Soft Ltd)
      Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
      ELAN Touchpad 15.6.3.3_X64_WHQL (HKLM\...\Elantech) (Version: 15.6.3.3 - ELAN Microelectronic Corp.)
      Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
      Foxit PhantomPDF (HKLM-x32\...\{2DF18CA8-86F2-4F3A-A1BF-A2A7D39B9161}) (Version: 7.0.49.127 - Foxit Software Inc.)
      Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
      GDR 5538 para SQL Server 2008 (KB3045305) (HKLM-x32\...\KB3045305) (Version: 10.3.5538.0 - Microsoft Corporation)
      Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.89 - Google Inc.)
      Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
      Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
      GTA San Andreas versión 1.1 (HKLM-x32\...\{A91B799C-1403-4A7E-8905-F9BB6DD1061F}_is1) (Version: 1.1 - Master EGA, Inc.)
      Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
      Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
      Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
      Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
      iTunes (HKLM\...\{6135745D-1CE1-47D9-9731-48E7C73570E9}) (Version: 12.7.0.166 - Apple Inc.)
      Kaspersky Internet Security (HKLM-x32\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
      Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab)
      Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
      Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
      Malwarebytes versión 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
      Microsoft Games for Windows - LIVE (HKLM-x32\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation)
      Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation)
      Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
      Microsoft OneDrive (HKU\S-1-5-21-4262794638-464061483-1675013985-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
      Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
      Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
      Microsoft SQL Server 2008 Browser (HKLM-x32\...\{10E05081-646C-4130-A166-83283A3A0A45}) (Version: 10.3.5500.0 - Microsoft Corporation)
      Microsoft SQL Server 2008 Native Client (HKLM\...\{0ECCC2CC-F361-4325-A0FE-FAF1AD784BBD}) (Version: 10.3.5500.0 - Microsoft Corporation)
      Microsoft SQL Server 2008 Setup Support Files (HKLM-x32\...\{59C245FC-343C-4FEC-B3CB-B6F12B561C20}) (Version: 10.3.5538.0 - Microsoft Corporation)
      Microsoft SQL Server VSS Writer (HKLM\...\{DE63A8FE-80A6-4CA3-ACEA-F954B6370596}) (Version: 10.3.5500.0 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
      Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
      Mozilla Firefox 56.0.2 (x86 es-MX) (HKLM-x32\...\Mozilla Firefox 56.0.2 (x86 es-MX)) (Version: 56.0.2 - Mozilla)
      Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.2 - Mozilla)
      MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
      NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
      Project64 version 2.3.2.202 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.3.2.202 - )
      Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.322 - Qualcomm Atheros Communications)
      Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.33 - Qualcomm Atheros)
      Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31233 - Realtek Semiconductor Corp.)
      Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
      Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8098 - Realtek Semiconductor Corp.)
      Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
      Saints Row. The Third 1.0 (HKLM-x32\...\Saints Row. The Third_is1) (Version: 1.0 - THQ Inc)
      Service Pack 3 para SQL Server 2008 (KB2546951) (HKLM-x32\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
      Sql Server Customer Experience Improvement Program (HKLM-x32\...\{C965F01C-76EA-4BD7-973E-46236AE312D7}) (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
      Star Wars Galactic Battlegrounds - Clone Campaigns (HKLM-x32\...\Star Wars Galactic Battlegrounds - Clone Campaigns) (Version: - )
      Update for Skype for Business 2016 (KB4011238) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{F26F0631-BD36-41CC-80B8-4E90A43A2EE0}) (Version: - Microsoft)
      Update for Skype for Business 2016 (KB4011238) 64-Bit Edition (HKLM\...\{90160000-012B-0C0A-1000-0000000FF1CE}_Office16.PROPLUS_{F26F0631-BD36-41CC-80B8-4E90A43A2EE0}) (Version: - Microsoft)
      Usb Joypad (HKLM-x32\...\FT27B1) (Version: - )
      Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
      WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
      Your Uninstaller! 7 (HKLM-x32\...\YU2010_is1) (Version: 7.5.2014.3 - URSoft, Inc.)

      ==================== Custom CLSID (Whitelisted): ==========================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      CustomCLSID: HKU\S-1-5-21-4262794638-464061483-1675013985-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
      ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
      ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-01-27] (Foxit Software Inc.)
      ContextMenuHandlers1: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\ShellEx.dll [2017-11-01] (AO Kaspersky Lab)
      ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-24] (Alexander Roshal)
      ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-24] (Alexander Roshal)
      ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\ShellEx.dll [2017-11-01] (AO Kaspersky Lab)
      ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
      ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
      ContextMenuHandlers4: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\ShellEx.dll [2017-11-01] (AO Kaspersky Lab)
      ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
      ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-10-07] (Intel Corporation)
      ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2015-10-07] (Intel Corporation)
      ContextMenuHandlers6: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\ShellEx.dll [2017-11-01] (AO Kaspersky Lab)
      ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
      ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-24] (Alexander Roshal)
      ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-24] (Alexander Roshal)

      ==================== Scheduled Tasks (Whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      Task: {037E36F9-20C0-4C4D-8905-5A6A1298200D} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
      Task: {04CD9C05-4AE5-44EA-B7F9-90F360F7877E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
      Task: {0DAA6B5A-2693-4CCB-98AB-714DAF7E86ED} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-10] (Adobe Systems Incorporated)
      Task: {0E4D598B-A367-42FA-92A2-6C038F98ADE6} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
      Task: {13617B1F-24B7-4258-A967-64070C8C9FC4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-07] (Google Inc.)
      Task: {2174EFCB-02AE-4AA6-81CD-3A7F61FE3D29} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd)
      Task: {23CB912B-A52E-4875-A2BA-9FE6D2E97975} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
      Task: {23FC6BFF-4423-4ABE-9242-E5E61DBB565F} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2016-06-24] ()
      Task: {281A34BC-FF30-41F5-A3F5-616C3024DF30} - System32\Tasks\{71EB1347-9390-34C8-7FC6-5BCABF15FC59} => C:\Users\JHOAN_~1\AppData\Local\{4BAA7~1\UPDATE~1.EXE <==== ATTENTION
      Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
      Task: {37A9D9F9-5481-4F3E-812C-C995C9F2BA17} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
      Task: {3BCFD4C1-7BBE-4BA3-AF95-D060E0239C61} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-17] ()
      Task: {426CBB7F-0003-4E0E-8B26-44CADEA7F350} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
      Task: {43B3A46F-5F32-45C3-B310-201CA32A3116} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_183_pepper.exe [2017-11-10] (Adobe Systems Incorporated)
      Task: {4DAC5BA5-747D-4FCD-84C6-42DA1A7A1CE8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
      Task: {599480DA-BD82-4478-B9B0-2B322E271DE1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
      Task: {66BF9EDF-2FDD-40EF-86A8-0ADAB157A5F1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
      Task: {68776061-A3E1-4F96-AC48-4191878410B6} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
      Task: {74E6040C-7BC6-464D-A2DC-B410373979ED} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
      Task: {7A602269-048B-4DD2-91AF-4441BAD59A90} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
      Task: {7C1E4D8E-1CAF-4908-B416-58E8C38F172F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
      Task: {851A0750-C7AE-4D7C-A0A7-D8615F906E06} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-07] (Google Inc.)
      Task: {8AE4DAC6-4A72-411E-9324-6D4C0C01E0AB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
      Task: {93BD4802-644F-415E-BDA4-04558748D8CC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
      Task: {97979A79-D76E-45FD-AD12-70F495D1C3FB} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
      Task: {9F62D79B-2F9A-4AF8-8648-2DA3D16F2488} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
      Task: {B1343691-E8B1-4CA4-A1B3-764FF94C5EEF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
      Task: {B79F08FA-07C4-4887-B68D-6FD2A24A71A2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
      Task: {BF1DDE2F-15D3-4D5D-BD2E-AD6A403A27E0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-10-12] (Microsoft Corporation)
      Task: {C725AF74-3AE0-4358-8E0C-60770C8C9D94} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
      Task: {DE19DFB9-0682-4CC9-824D-8E0797020899} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
      Task: {E54AD470-E28F-48B5-A586-12C95207FE0C} - \WPD\SqmUpload_S-1-5-21-4262794638-464061483-1675013985-1001 -> No File <==== ATTENTION
      Task: {F55A044C-0CAD-4B3F-8945-DF9B0C39E889} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)

      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

      Task: C:\WINDOWS\Tasks\{71EB1347-9390-34C8-7FC6-5BCABF15FC59}.job => C:\Users\JHOAN_~1\AppData\Local\{4BAA7~1\UPDATE~1.EXE <==== ATTENTION

      ==================== Shortcuts & WMI ========================

      (The entries could be listed to be restored or removed.)


      ShortcutWithArgument: C:\Users\jhoan_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"

      ==================== Loaded Modules (Whitelisted) ==============

      2017-09-01 01:49 - 2017-09-01 01:49 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
      2017-09-01 01:49 - 2017-09-01 01:49 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
      2017-10-30 12:31 - 2017-10-04 13:15 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
      2017-03-18 14:58 - 2017-03-18 14:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
      2017-03-18 14:59 - 2017-03-19 23:10 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
      2016-06-24 17:54 - 2016-06-24 17:54 - 004644256 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
      2017-11-07 12:41 - 2017-11-05 03:12 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.89\libglesv2.dll
      2017-11-07 12:41 - 2017-11-05 03:12 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.89\libegl.dll
      2017-11-01 21:57 - 2017-11-01 21:57 - 000836968 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\kpcengine.2.3.dll

      ==================== Alternate Data Streams (Whitelisted) =========

      (If an entry is included in the fixlist, only the ADS will be removed.)

      AlternateDataStreams: C:\ProgramData\Temp:1CE11B51 [152]

      ==================== Safe Mode (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

      ==================== Association (Whitelisted) ===============

      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)

      HKU\S-1-5-21-4262794638-464061483-1675013985-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION

      ==================== Internet Explorer trusted/restricted ===============

      (If an entry is included in the fixlist, it will be removed from the registry.)


      ==================== Hosts content: ===============================

      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

      2017-04-15 22:50 - 2017-11-01 09:34 - 000000876 _____ C:\WINDOWS\system32\Drivers\etc\hosts


      ==================== Other Areas ============================

      (Currently there is no automatic fix for this section.)

      HKU\S-1-5-21-4262794638-464061483-1675013985-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jhoan_000\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\papel tapiz de visualizador de fotos de windows.jpg
      DNS Servers: 8.8.8.8 - 8.8.4.4
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
      Windows Firewall is enabled.

      ==================== MSCONFIG/TASK MANAGER disabled items ==

      MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
      MSCONFIG\Services: Apple Mobile Device Service => 2
      MSCONFIG\Services: AtherosSvc => 2
      MSCONFIG\Services: Bonjour Service => 2
      MSCONFIG\Services: CCDMonitorService => 2
      MSCONFIG\Services: cphs => 3
      MSCONFIG\Services: Disc Soft Lite Bus Service => 3
      MSCONFIG\Services: ePowerSvc => 3
      MSCONFIG\Services: GamesAppService => 3
      MSCONFIG\Services: gupdate => 2
      MSCONFIG\Services: gupdatem => 3
      MSCONFIG\Services: ICCS => 3
      MSCONFIG\Services: IDriverT => 3
      MSCONFIG\Services: igfxCUIService1.0.0.0 => 2
      MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
      MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
      MSCONFIG\Services: LMSvc => 2
      MSCONFIG\Services: MBAMScheduler => 2
      MSCONFIG\Services: MBAMService => 2
      MSCONFIG\Services: QASvc => 3
      MSCONFIG\Services: RichVideo => 2
      MSCONFIG\Services: RMSvc => 3
      MSCONFIG\Services: UEIPSvc => 3
      MSCONFIG\Services: vssbrigde64 => 3
      HKLM\...\StartupApproved\StartupFolder: => "SearchMoreKnowDesktopSearch.lnk"
      HKLM\...\StartupApproved\Run: => "RTHDVCPL"
      HKLM\...\StartupApproved\Run: => "iTunesHelper"
      HKLM\...\StartupApproved\Run: => "InstallerLauncher"
      HKLM\...\StartupApproved\Run32: => "Malwarebytes Anti-Exploit"
      HKU\S-1-5-21-4262794638-464061483-1675013985-1001\...\StartupApproved\StartupFolder: => "Enviar a OneNote.lnk"
      HKU\S-1-5-21-4262794638-464061483-1675013985-1001\...\StartupApproved\Run: => "Spotify Web Helper"
      HKU\S-1-5-21-4262794638-464061483-1675013985-1001\...\StartupApproved\Run: => "Spotify"
      HKU\S-1-5-21-4262794638-464061483-1675013985-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
      HKU\S-1-5-21-4262794638-464061483-1675013985-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
      HKU\S-1-5-21-4262794638-464061483-1675013985-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_A15B1EFDAFE7EC493C14203F078D6E20"
      HKU\S-1-5-21-4262794638-464061483-1675013985-1001\...\StartupApproved\Run: => "OneDrive"
      HKU\S-1-5-21-4262794638-464061483-1675013985-1001\...\StartupApproved\Run: => "pdiface"
      HKU\S-1-5-21-4262794638-464061483-1675013985-1001\...\StartupApproved\Run: => "Chromium"

      ==================== FirewallRules (Whitelisted) ===============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      FirewallRules: [TCP Query User{2B44A8A1-D53C-4A39-9DBF-F63BDE24B6ED}C:\program files (x86)\lionhead studios ltd\black & white\runblack.exe] => (Block) C:\program files (x86)\lionhead studios ltd\black & white\runblack.exe
      FirewallRules: [UDP Query User{182CD302-C5E5-4C7F-9C02-751CF9A63154}C:\program files (x86)\lionhead studios ltd\black & white\runblack.exe] => (Block) C:\program files (x86)\lionhead studios ltd\black & white\runblack.exe
      FirewallRules: [TCP Query User{5A3FE832-A67F-42B1-8386-15CAD480BC4E}C:\program files (x86)\r.g. catalyst\saints row. the third\saintsrowthethird_dx11.exe] => (Allow) C:\program files (x86)\r.g. catalyst\saints row. the third\saintsrowthethird_dx11.exe
      FirewallRules: [UDP Query User{BB2313CD-D4E6-4A52-AF50-E52B636B9ED6}C:\program files (x86)\r.g. catalyst\saints row. the third\saintsrowthethird_dx11.exe] => (Allow) C:\program files (x86)\r.g. catalyst\saints row. the third\saintsrowthethird_dx11.exe
      FirewallRules: [{D23419CF-649E-4511-98AA-F0C7C5FE46EB}] => (Block) C:\program files (x86)\r.g. catalyst\saints row. the third\saintsrowthethird_dx11.exe
      FirewallRules: [{4969B375-FF36-4FEE-9337-87448D029425}] => (Block) C:\program files (x86)\r.g. catalyst\saints row. the third\saintsrowthethird_dx11.exe
      FirewallRules: [TCP Query User{A1C08B8B-613B-4B71-BA1C-E2DE5452C0D2}C:\program files (x86)\r.g. catalyst\saints row. the third\saintsrowthethird.exe] => (Block) C:\program files (x86)\r.g. catalyst\saints row. the third\saintsrowthethird.exe
      FirewallRules: [UDP Query User{9F6E7122-D1FC-413D-A612-48D52543EC49}C:\program files (x86)\r.g. catalyst\saints row. the third\saintsrowthethird.exe] => (Block) C:\program files (x86)\r.g. catalyst\saints row. the third\saintsrowthethird.exe
      FirewallRules: [{8CDC7862-562A-4729-BBA8-976C4A0084E0}] => (Allow) C:\Users\jhoan_000\AppData\Roaming\LiquidSky\LiquidSkyClient.exe
      FirewallRules: [{DB4093CB-1198-4E5B-914D-94F7A2DC1DA2}] => (Allow) C:\Users\jhoan_000\AppData\Roaming\LiquidSky\LiquidSkyClient.exe
      FirewallRules: [{31123073-753D-4440-A5A6-6EC0C8BBFB94}] => (Allow) C:\Users\jhoan_000\AppData\Roaming\LiquidSky\lib\LiquidSky.exe
      FirewallRules: [{BA0360B4-E818-4A35-BE85-F799B041474F}] => (Allow) C:\Users\jhoan_000\AppData\Roaming\LiquidSky\lib\LiquidSky.exe
      FirewallRules: [TCP Query User{89245C6A-B049-4380-8C2E-1F30DD3F3F94}C:\users\jhoan_000\desktop\megadownloader_v1.7.1 parchado\megadownloader.exe] => (Allow) C:\users\jhoan_000\desktop\megadownloader_v1.7.1 parchado\megadownloader.exe
      FirewallRules: [UDP Query User{868CDBE8-B1C0-45B9-A2A8-0742A76FF62D}C:\users\jhoan_000\desktop\megadownloader_v1.7.1 parchado\megadownloader.exe] => (Allow) C:\users\jhoan_000\desktop\megadownloader_v1.7.1 parchado\megadownloader.exe
      FirewallRules: [{0109E243-0E12-48FC-AA22-C32F168B5AA5}] => (Allow) C:\Program Files\iTunes\iTunes.exe
      FirewallRules: [{4FA09613-F952-4B61-A7E2-0A850934EBA6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      FirewallRules: [{BDC3C554-07AA-4E5E-A5E9-A086F1F1D979}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      FirewallRules: [{90E2135E-9DD0-41D1-84A2-8EC66C365049}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

      ==================== Restore Points =========================

      27-10-2017 10:55:29 Punto de control programado
      31-10-2017 23:06:14 JRT Pre-Junkware Removal
      07-11-2017 09:47:24 Windows Update
      10-11-2017 13:39:26 Windows Update

      ==================== Faulty Device Manager Devices =============


      ==================== Event log errors: =========================

      Application errors:
      ==================
      Error: (11/13/2017 12:16:00 PM) (Source: Perflib) (EventID: 1023) (User: )
      Description: Windows no puede cargar el archivo DLL del contador extensible SQLAgent$COMPAC. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error de Windows.

      Error: (11/13/2017 12:15:26 PM) (Source: Perflib) (EventID: 1023) (User: )
      Description: Windows no puede cargar el archivo DLL del contador extensible MSSQL$COMPAC. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error de Windows.

      Error: (11/12/2017 06:53:22 PM) (Source: Perflib) (EventID: 1008) (User: )
      Description: Error del procedimiento de apertura para el servicio "BITS" en el archivo DLL "C:\Windows\System32\bitsperf.dll". Los datos de rendimiento para este servicio no estarán disponibles. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error.

      Error: (11/12/2017 12:48:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ULTRAVIOLENCE)
      Description: No se pudo activar la aplicación Microsoft.WindowsStore_8wekyb3d8bbwe!App debido al error: -2144927142. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

      Error: (11/12/2017 12:48:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: ULTRAVIOLENCE)
      Description: La aplicación Microsoft.WindowsStore_11710.1001.27.0_x64__8wekyb3d8bbwe+App no se inició dentro del tiempo asignado.

      Error: (11/12/2017 11:43:43 AM) (Source: Perflib) (EventID: 1023) (User: )
      Description: Windows no puede cargar el archivo DLL del contador extensible SQLAgent$COMPAC. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error de Windows.

      Error: (11/12/2017 11:43:32 AM) (Source: Perflib) (EventID: 1023) (User: )
      Description: Windows no puede cargar el archivo DLL del contador extensible MSSQL$COMPAC. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error de Windows.

      Error: (11/11/2017 04:18:47 PM) (Source: Perflib) (EventID: 1008) (User: )
      Description: Error del procedimiento de apertura para el servicio "BITS" en el archivo DLL "C:\Windows\System32\bitsperf.dll". Los datos de rendimiento para este servicio no estarán disponibles. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error.

      Error: (11/11/2017 08:50:12 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ULTRAVIOLENCE)
      Description: No se pudo activar la aplicación Microsoft.WindowsStore_8wekyb3d8bbwe!App debido al error: -2144927142. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

      Error: (11/11/2017 08:31:26 AM) (Source: Perflib) (EventID: 1023) (User: )
      Description: Windows no puede cargar el archivo DLL del contador extensible SQLAgent$COMPAC. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error de Windows.


      System errors:
      =============
      Error: (11/13/2017 12:05:59 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
      Description: El servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} no se registró con DCOM dentro del tiempo de espera requerido.

      Error: (11/12/2017 09:17:07 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
      Description: El servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} no se registró con DCOM dentro del tiempo de espera requerido.

      Error: (11/12/2017 09:13:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
      Description: El servicio CldFlt no pudo iniciarse debido al siguiente error:
      Solicitud no compatible.

      Error: (11/12/2017 09:13:18 PM) (Source: EventLog) (EventID: 6008) (User: )
      Description: El cierre anterior del sistema a las 20:58:23 del ‎12/‎11/‎2017 resultó inesperado.

      Error: (11/12/2017 06:51:45 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
      Description: El servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} no se registró con DCOM dentro del tiempo de espera requerido.

      Error: (11/12/2017 01:05:58 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
      Description: El servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} no se registró con DCOM dentro del tiempo de espera requerido.

      Error: (11/12/2017 01:03:51 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
      Description: El servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} no se registró con DCOM dentro del tiempo de espera requerido.

      Error: (11/12/2017 01:02:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
      Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
      {D63B10C5-BB46-4990-A94F-E40B9D520160}
      y APPID
      {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
      al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

      Error: (11/12/2017 12:52:32 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
      Description: El servidor {F3B4E234-7A68-4E43-B813-E4BA55A065F6} no se registró con DCOM dentro del tiempo de espera requerido.

      Error: (11/12/2017 11:38:25 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
      Description: El servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} no se registró con DCOM dentro del tiempo de espera requerido.


      CodeIntegrity:
      ===================================
      Date: 2017-11-11 08:20:08.664
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2017-11-11 08:20:08.653
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2017-11-10 19:43:17.183
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2017-11-10 19:43:17.156
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2017-11-10 13:50:12.184
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2017-11-10 13:50:12.178
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2017-11-01 21:51:59.590
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2017-11-01 21:51:59.582
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2017-11-01 21:28:54.351
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2017-11-01 21:28:54.291
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


      ==================== Memory info ===========================

      Processor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
      Percentage of memory in use: 83%
      Total physical RAM: 1929.98 MB
      Available physical RAM: 324.64 MB
      Total Virtual: 3657.98 MB
      Available Virtual: 1107.91 MB

      ==================== Drives ================================

      Drive c: (Acer) (Fixed) (Total:450.66 GB) (Free:259.7 GB) NTFS

      ==================== MBR & Partition Table ==================

      ========================================================
      Disk: 0 (Size: 465.8 GB) (Disk ID: 13E7EEF9)

      Partition: GPT.

      ==================== End of Addition.txt ============================

    7. #7
      Usuario Avatar de jhoanamichel
      Registrado
      nov 2015
      Ubicación
      mexico
      Mensajes
      5

      Re: New Tab cambio del motor de busqueda en Chrome

      Gracias por tu tiempo