• Registrarse
  • Iniciar sesión


  • Página 1 de 4 1234 ÚltimoÚltimo
    Resultados 1 al 10 de 35

    Limpieza de una notebook (Solucionado)

    ...

          
    1. #1
      Usuario Avatar de the rev
      Registrado
      dic 2016
      Ubicación
      Paraguay
      Mensajes
      63

      Investigación Limpieza de una notebook (Solucionado)

      Buenos dias a todos a todos los miembros y moderadores, como ya es costumbre los virus no asechan jajaja y una amigo me pidió que le ayude a revisar las posibles infecciones que obviamente se nota que esta infectada la pc ya que usualmente realiza descargas por internet e instalando un montón de programas que siempre vienen con algún regalíto inesperado y vengo a pedirles que me ayuden en esta tarea por favor, de ante mano muchas gracias a todos un saludo.

    2. #2
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      25.569

      Re: Limpieza de una notebook de un amigo

      Hola the rev

      Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

      1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.

      • Realiza un Análisis Completo, actualizando si te lo pide.
      • Pulsar en “Eliminar Seleccionados” para enviarlo a la cuarentena y Reinicias el sistema.
      • En el apartado del manual "Historial" >> Registros de Aplicación >> Scan Log/Registro de Análisis encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.



      2) Descargar Junkware Removal Tool

      • Desactiva temporalmente el Antivirus
      • Ejecuta JRT.exe, (en Windows 7 u 8 ejecutar como "Administrador")
      • Presiona cualquier tecla para continuar y espera pacientemente a que termine su proceso.
      • Al finalizar, un registro (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.
      • Copia y pega el contenido de JRT.txt en tu próximo mensaje de respuesta



      3) Descarga >> AdwCleaner | InfoSpyware en el escritorio.

      • Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
      • Cierra también todos los programas que tengas abiertos.
      • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botónLimpiar.
      • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistemaAceptas.
      • Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
      • El informe también se puede encontrar en "C:\AdwCleaner\AdwCleaner[C0].txt"



      4) Descarga CCleaner

      • Instala Ccleaner
      • Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine > clic en ejecutar limpiador
      • clic en la pestaña Registro > clic en buscar problemas esperas que termine > clic en Reparar Seleccionadas y haces una copia de seguridad
      • Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.


      Pega los reportes de Malwarebytes, AdwCleaner y JRT y comentas como va el problema.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de the rev
      Registrado
      dic 2016
      Ubicación
      Paraguay
      Mensajes
      63

      Re: Limpieza de una notebook de un amigo

      Hola Daniela gusto en encontrarnos de vuelta ahora procedo a descargar los programas y realizo las pruebas que acordamos y adjunto los reportes en la brevedad posible

    4. #4
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      25.569

      Re: Limpieza de una notebook de un amigo

      Hola

      De acuerdo, cuando puedas lo realizas, por aquí estaremos esperando los reportes y comentarios

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de the rev
      Registrado
      dic 2016
      Ubicación
      Paraguay
      Mensajes
      63

      Re: Limpieza de una notebook de un amigo

      Buen dia Daniela ya tengo los resultados de las pruebas adjunto el del Malwarebytes ahora

      Malwarebytes
      www.malwarebytes.com

      -Detalles del registro-
      Fecha del análisis: 30/11/17
      Hora del análisis: 9:27
      Archivo de registro: ce0ab98a-d5c9-11e7-90a3-00266c3fd83d.json
      Administrador: Sí

      -Información del software-
      Versión: 3.3.1.2183
      Versión de los componentes: 1.0.236
      Versión del paquete de actualización: 1.0.3380
      Licencia: Prueba

      -Información del sistema-
      SO: Windows 10 (Build 14393.1480)
      CPU: x64
      Sistema de archivos: NTFS
      Usuario: CHORIXLUI\Claudio Guanes

      -Resumen del análisis-
      Tipo de análisis: Análisis de amenazas
      Resultado: Completado
      Objetos analizados: 390222
      Amenazas detectadas: 160
      Amenazas en cuarentena: 159
      Tiempo transcurrido: 22 min, 53 seg

      -Opciones de análisis-
      Memoria: Activado
      Inicio: Activado
      Sistema de archivos: Activado
      Archivo: Activado
      Rootkits: Activado
      Heurística: Activado
      PUP: Detectar
      PUM: Detectar

      -Detalles del análisis-
      Proceso: 0
      (No hay elementos maliciosos detectados)

      Módulo: 0
      (No hay elementos maliciosos detectados)

      Clave del registro: 26
      Trojan.Agent.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B88A3DFE-B984-415F-809D-7DD38D734EA6}, Se eliminará al reiniciar, [467], [403569],1.0.3380
      PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\REI_AxControl.DLL, Se eliminará al reiniciar, [1071], [327193],1.0.3380
      PUP.Optional.Reimage, HKU\S-1-5-21-3944762021-2492775799-415220738-1000\SOFTWARE\REIMAGE\PC REPAIR, Se eliminará al reiniciar, [1071], [327204],1.0.3380
      PUP.Optional.Reimage, HKU\S-1-5-21-3944762021-2492775799-415220738-1000\SOFTWARE\Reimage, Se eliminará al reiniciar, [1071], [357494],1.0.3380
      PUP.Optional.Reimage, HKU\S-1-5-21-3944762021-2492775799-415220738-1000\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\Reimage - Windows Problem Relief., Se eliminará al reiniciar, [1071], [327203],1.0.3380
      PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\REI_AxControl.DLL, Se eliminará al reiniciar, [1071], [327193],1.0.3380
      PUP.Optional.Reimage, HKLM\SOFTWARE\REIMAGE\Reimage Repair, Se eliminará al reiniciar, [1071], [336077],1.0.3380
      PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}, Se eliminará al reiniciar, [1071], [327197],1.0.3380
      PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\REI_AxControl.ReiEngine.1, Se eliminará al reiniciar, [1071], [327197],1.0.3380
      PUP.Optional.Reimage, HKU\S-1-5-21-3944762021-2492775799-415220738-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{10ECCE17-29B5-4880-A8F5-EAD298611484}, Se eliminará al reiniciar, [1071], [327197],1.0.3380
      PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}, Se eliminará al reiniciar, [1071], [327197],1.0.3380
      PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\INTERFACE\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}, Se eliminará al reiniciar, [1071], [327197],1.0.3380
      PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\INTERFACE\{BD51A48E-EB5F-4454-8774-EF962DF64546}, Se eliminará al reiniciar, [1071], [327197],1.0.3380
      PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}, Se eliminará al reiniciar, [1071], [327197],1.0.3380
      PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{BD51A48E-EB5F-4454-8774-EF962DF64546}, Se eliminará al reiniciar, [1071], [327197],1.0.3380
      PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}, Se eliminará al reiniciar, [1071], [327197],1.0.3380
      PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{BD51A48E-EB5F-4454-8774-EF962DF64546}, Se eliminará al reiniciar, [1071], [327197],1.0.3380
      PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}, Se eliminará al reiniciar, [1071], [327197],1.0.3380
      PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}, Se eliminará al reiniciar, [1071], [327197],1.0.3380
      PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\REI_AxControl.ReiEngine, Se eliminará al reiniciar, [1071], [327197],1.0.3380
      PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\APPID\REI_AxControl.DLL, Se eliminará al reiniciar, [1071], [327193],1.0.3380
      Trojan.Agent.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\UPDATE\7178b873-c8f4-46fa-80c3-edd75abf93b8, Se eliminará al reiniciar, [467], [403570],1.0.3380
      PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, Se eliminará al reiniciar, [1071], [332494],1.0.3380
      PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, Se eliminará al reiniciar, [1071], [332494],1.0.3380
      PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, Se eliminará al reiniciar, [1071], [332494],1.0.3380
      PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}, Se eliminará al reiniciar, [1071], [327206],1.0.3380

      Valor del registro: 2
      Trojan.Agent.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B88A3DFE-B984-415F-809D-7DD38D734EA6}|PATH, Se eliminará al reiniciar, [467], [403569],1.0.3380
      PUP.Optional.Reimage, HKU\S-1-5-21-3944762021-2492775799-415220738-1000\SOFTWARE\REIMAGE\PC REPAIR|QUITMESSAGE, Se eliminará al reiniciar, [1071], [327204],1.0.3380

      Datos del registro: 0
      (No hay elementos maliciosos detectados)

      Secuencia de datos: 0
      (No hay elementos maliciosos detectados)

      Carpeta: 20
      PUP.Optional.MyWebShield, C:\Program Files\My Web Shield\cert\SSL, En cuarentena, [523], [308997],1.0.3380
      PUP.Optional.MyWebShield, C:\Program Files\My Web Shield\cert, En cuarentena, [523], [308997],1.0.3380
      PUP.Optional.MyWebShield, C:\Program Files\My Web Shield\nss, En cuarentena, [523], [308997],1.0.3380
      PUP.Optional.MyWebShield, C:\PROGRAM FILES\MY WEB SHIELD, En cuarentena, [523], [308997],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\_metadata, En cuarentena, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\config, En cuarentena, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\icons, En cuarentena, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\libs, En cuarentena, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\js, En cuarentena, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0, En cuarentena, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\KOHOEHGOAFBLAFJINHPLMHCBPHGAAOBC, En cuarentena, [851], [456843],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\js\official, En cuarentena, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\css\fonts, En cuarentena, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\_metadata, En cuarentena, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\vertical, En cuarentena, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\images, En cuarentena, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\css, En cuarentena, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\js, En cuarentena, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0, En cuarentena, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn, En cuarentena, [16455], [462335],1.0.3380

      Archivo: 112
      PUP.Optional.MyWebShield, C:\WINDOWS\System32\drivers\mwescontroller.sys, Se eliminará al reiniciar, [523], [326162],0.0.0
      PUP.Optional.NewTabTV, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_search.newtabtvsearch.com_0.localstorage, Se eliminará al reiniciar, [2427], [359410],1.0.3380
      PUP.Optional.NewTabTV, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_es.newtabtv.com_0.localstorage, Se eliminará al reiniciar, [2427], [359416],1.0.3380
      PUP.Optional.NewTabTV, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_es.newtabtv.com_0.localstorage-journal, Se eliminará al reiniciar, [2427], [359416],1.0.3380
      PUP.Optional.NewTabTV, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_search.newtabtvsearch.com_0.localstorage-journal, Se eliminará al reiniciar, [2427], [359410],1.0.3380
      PUP.Optional.NewTabTV, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_pt.newtabtv.com_0.localstorage, Se eliminará al reiniciar, [2427], [359416],1.0.3380
      PUP.Optional.NewTabTV, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_pt.newtabtv.com_0.localstorage-journal, Se eliminará al reiniciar, [2427], [359416],1.0.3380
      PUP.Optional.Reimage, C:\USERS\TEMP\APPDATA\LOCAL\TEMP\REIMAGE.LOG, Se eliminará al reiniciar, [1071], [334717],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_radiorage.dl.tb.ask.com_0.localstorage, Se eliminará al reiniciar, [851], [443123],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_radiorage.dl.tb.ask.com_0.localstorage-journal, Se eliminará al reiniciar, [851], [443123],1.0.3380
      PUP.Optional.MyWebShield, C:\Program Files\My Web Shield\cert\SSL\cert.db, Se eliminará al reiniciar, [523], [308997],1.0.3380
      PUP.Optional.MyWebShield, C:\Program Files\My Web Shield\cert\SSL\My Web Shield 2.cer, Se eliminará al reiniciar, [523], [308997],1.0.3380
      PUP.Optional.MyWebShield, C:\Program Files\My Web Shield\cert\SSL\xtls.db, Se eliminará al reiniciar, [523], [308997],1.0.3380
      PUP.Optional.MyWebShield, C:\Program Files\My Web Shield\nss\certutil.exe, Se eliminará al reiniciar, [523], [308997],1.0.3380
      PUP.Optional.MyWebShield, C:\Program Files\My Web Shield\nss\mozcrt19.dll, Se eliminará al reiniciar, [523], [308997],1.0.3380
      PUP.Optional.MyWebShield, C:\Program Files\My Web Shield\nss\nspr4.dll, Se eliminará al reiniciar, [523], [308997],1.0.3380
      PUP.Optional.MyWebShield, C:\Program Files\My Web Shield\nss\nss3.dll, Se eliminará al reiniciar, [523], [308997],1.0.3380
      PUP.Optional.MyWebShield, C:\Program Files\My Web Shield\nss\plc4.dll, Se eliminará al reiniciar, [523], [308997],1.0.3380
      PUP.Optional.MyWebShield, C:\Program Files\My Web Shield\nss\plds4.dll, Se eliminará al reiniciar, [523], [308997],1.0.3380
      PUP.Optional.MyWebShield, C:\Program Files\My Web Shield\nss\smime3.dll, Se eliminará al reiniciar, [523], [308997],1.0.3380
      PUP.Optional.MyWebShield, C:\Program Files\My Web Shield\nss\softokn3.dll, Se eliminará al reiniciar, [523], [308997],1.0.3380
      PUP.Optional.MyWebShield, C:\Program Files\My Web Shield\libeay32.dll, Se eliminará al reiniciar, [523], [308997],1.0.3380
      PUP.Optional.MyWebShield, C:\Program Files\My Web Shield\mwescontroller.sys, Se eliminará al reiniciar, [523], [308997],1.0.3380
      PUP.Optional.MyWebShield, C:\Program Files\My Web Shield\mweshield.exe, Se eliminará al reiniciar, [523], [308997],1.0.3380
      PUP.Optional.MyWebShield, C:\Program Files\My Web Shield\mweshieldup.exe, Se eliminará al reiniciar, [523], [308997],1.0.3380
      PUP.Optional.MyWebShield, C:\Program Files\My Web Shield\mwesmanager.exe, Se eliminará al reiniciar, [523], [308997],1.0.3380
      PUP.Optional.MyWebShield, C:\Program Files\My Web Shield\mwessweeper.exe, Se eliminará al reiniciar, [523], [308997],1.0.3380
      PUP.Optional.MyWebShield, C:\Program Files\My Web Shield\mwesuninstall.exe, Se eliminará al reiniciar, [523], [308997],1.0.3380
      PUP.Optional.MyWebShield, C:\Program Files\My Web Shield\My Web Shield.zip, Se eliminará al reiniciar, [523], [308997],1.0.3380
      PUP.Optional.MyWebShield, C:\Program Files\My Web Shield\ssleay32.dll, Se eliminará al reiniciar, [523], [308997],1.0.3380
      PUP.Optional.CrossRider, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage, Se eliminará al reiniciar, [221], [443427],1.0.3380
      PUP.Optional.CrossRider, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal, Se eliminará al reiniciar, [221], [443427],1.0.3380
      Trojan.Agent.Generic, C:\WINDOWS\SYSTEM32\TASKS\UPDATE\7178b873-c8f4-46fa-80c3-edd75abf93b8, Se eliminará al reiniciar, [467], [403571],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_gifables.dl.myway.com_0.localstorage, Se eliminará al reiniciar, [851], [443124],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_gifables.dl.myway.com_0.localstorage-journal, Se eliminará al reiniciar, [851], [443124],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_radiorage.dl.myway.com_0.localstorage, Se eliminará al reiniciar, [851], [443124],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_radiorage.dl.myway.com_0.localstorage-journal, Se eliminará al reiniciar, [851], [443124],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Sustituido, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\KOHOEHGOAFBLAFJINHPLMHCBPHGAAOBC\13.321.12.16092_0\MANIFEST.JSON, Se eliminará al reiniciar, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\config\config.json, Se eliminará al reiniciar, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\icons\icon128.png, Se eliminará al reiniciar, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\icons\icon16.png, Se eliminará al reiniciar, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\icons\icon19disabled.png, Se eliminará al reiniciar, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\icons\icon19on.png, Se eliminará al reiniciar, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\icons\icon48.png, Se eliminará al reiniciar, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\js\ajax.js, Se eliminará al reiniciar, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\js\background.js, Se eliminará al reiniciar, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\js\chrome.js, Se eliminará al reiniciar, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\js\content_script.js, Se eliminará al reiniciar, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\js\dlp.js, Se eliminará al reiniciar, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\js\dlpHelper.js, Se eliminará al reiniciar, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\js\extension_detect.js, Se eliminará al reiniciar, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\js\index.js, Se eliminará al reiniciar, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\js\logger.js, Se eliminará al reiniciar, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\js\pageUtils.js, Se eliminará al reiniciar, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\js\product.js, Se eliminará al reiniciar, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\js\storage.js, Se eliminará al reiniciar, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\js\TabManager.js, Se eliminará al reiniciar, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\js\TemplateParser.js, Se eliminará al reiniciar, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\js\ul.js, Se eliminará al reiniciar, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\js\urlFragmentActions.js, Se eliminará al reiniciar, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\js\urlUtils.js, Se eliminará al reiniciar, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\js\util.js, Se eliminará al reiniciar, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\js\webtooltabAPI.js, Se eliminará al reiniciar, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\libs\PartnerId.js, Se eliminará al reiniciar, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\_metadata\verified_contents.json, Se eliminará al reiniciar, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\dynamicNewTab.html, Se eliminará al reiniciar, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\product.html, Se eliminará al reiniciar, [851], [456843],1.0.3380
      PUP.Optional.MindSpark.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc\13.321.12.16092_0\stubby.html, Se eliminará al reiniciar, [851], [456843],1.0.3380
      PUP.Optional.Reimage, C:\WINDOWS\REIMAGE.INI, Se eliminará al reiniciar, [1071], [412667],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Error durante la eliminación, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\css\fonts\material-icons.css, Se eliminará al reiniciar, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\css\fonts\MaterialIcons-Regular.eot, Se eliminará al reiniciar, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\css\fonts\MaterialIcons-Regular.ijmap, Se eliminará al reiniciar, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\css\fonts\MaterialIcons-Regular.svg, Se eliminará al reiniciar, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\css\fonts\MaterialIcons-Regular.ttf, Se eliminará al reiniciar, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\css\fonts\MaterialIcons-Regular.woff, Se eliminará al reiniciar, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\css\fonts\MaterialIcons-Regular.woff2, Se eliminará al reiniciar, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\css\fonts\RobotoCondensed-Light.ttf, Se eliminará al reiniciar, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\css\fonts\RobotoCondensed-Regular.ttf, Se eliminará al reiniciar, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\css\style.css, Se eliminará al reiniciar, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\images\icon128.png, Se eliminará al reiniciar, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\images\icon16.png, Se eliminará al reiniciar, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\images\icon38.png, Se eliminará al reiniciar, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\js\official\bootstrap.min.js, Se eliminará al reiniciar, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\js\official\jquery.min.js, Se eliminará al reiniciar, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\js\official\material.min.js, Se eliminará al reiniciar, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\js\base.js, Se eliminará al reiniciar, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\js\init.js, Se eliminará al reiniciar, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\js\main.js, Se eliminará al reiniciar, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\vertical\440x280.jpg, Se eliminará al reiniciar, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\vertical\init.js, Se eliminará al reiniciar, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\vertical\pop.js, Se eliminará al reiniciar, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\_metadata\computed_hashes.json, Se eliminará al reiniciar, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\_metadata\verified_contents.json, Se eliminará al reiniciar, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn\1.0.5_0\popup.html, Se eliminará al reiniciar, [16455], [462335],1.0.3380
      PUP.Optional.Eanswers.Generic, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\IDDLIIHHBCNCEDKEJMFCEIJFBPOIEGGN\1.0.5_0\MANIFEST.JSON, Se eliminará al reiniciar, [16455], [462335],1.0.3380
      PUP.Optional.ASK, C:\USERS\CLAUDIO GUANES\DESKTOP\PARA MOVER\VARIOS SIN FILTRAR\ATUBECATCHER.EXE, Se eliminará al reiniciar, [528], [398182],1.0.3380
      PUP.Optional.Iminent, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [3116], [455248],1.0.3380
      PUP.Optional.Dsrlte, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [14127], [455075],1.0.3380
      PUP.Optional.SweetIM, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [1184], [455282],1.0.3380
      PUP.Optional.DefaultSearch.ShrtCln, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [9091], [455072],1.0.3380
      PUP.Optional.SweetIM, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [1184], [455282],1.0.3380
      PUP.Optional.Iminent, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [3116], [455248],1.0.3380
      PUP.Optional.Solvusoft, C:\USERS\CLAUDIO GUANES\DESKTOP\PARA MOVER\VARIOS SIN FILTRAR\TP-LINK_TD-W8901N_ACTUALIZACIóN_CONTROLADOR_02-2014.EXE, Se eliminará al reiniciar, [362], [331663],1.0.3380
      PUP.Optional.Dsrlte, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [14127], [455075],1.0.3380
      PUP.Optional.SweetIM, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [1184], [455282],1.0.3380
      PUP.Optional.Iminent, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [3116], [455248],1.0.3380
      PUP.Optional.SweetIM, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [1184], [455282],1.0.3380
      PUP.Optional.DefaultSearch.ShrtCln, C:\USERS\CLAUDIO GUANES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [9091], [455072],1.0.3380

      Sector físico: 0
      (No hay elementos maliciosos detectados)


      (end)

    6. #6
      Usuario Avatar de the rev
      Registrado
      dic 2016
      Ubicación
      Paraguay
      Mensajes
      63

      Re: Limpieza de una notebook de un amigo

      JRT

      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Junkware Removal Tool (JRT) by Malwarebytes
      Version: 8.1.4 (07.09.2017)
      Operating System: Windows 10 Home x64
      Ran by Claudio Guanes (Administrator) on jue. 30/11/2017 at 1008,32
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




      File System: 10

      Successfully deleted: C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio (Folder)
      Successfully deleted: C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam (Folder)
      Successfully deleted: C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gkojfkhlekighikafcpjkiklfbnlmeio (Folder)
      Successfully deleted: C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam (Folder)
      Successfully deleted: C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage-journal (File)
      Successfully deleted: C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage (File)
      Successfully deleted: C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pbjikboenpfhbbejgkoklgkhjpfogcam_0.localstorage-journal (File)
      Successfully deleted: C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pbjikboenpfhbbejgkoklgkhjpfogcam_0.localstorage (File)
      Successfully deleted: C:\WINDOWS\reimage.ini (File)
      Successfully deleted: C:\WINDOWS\wininit.ini (File)



      Registry: 2

      Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\hola_svc (Registry Key)
      Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\hola_updater (Registry Key)




      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on jue. 30/11/2017 at 10:14:58,84
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    7. #7
      Usuario Avatar de the rev
      Registrado
      dic 2016
      Ubicación
      Paraguay
      Mensajes
      63

      Re: Limpieza de una notebook de un amigo

      Y por ultimo el Adw

      # AdwCleaner 7.0.4.0 - Logfile created on Thu Nov 30 13:29:24 2017
      # Updated on 2017/27/10 by Malwarebytes
      # Running on Windows 10 Home (X64)
      # Mode: clean
      # Support: https://www.malwarebytes.com/support

      ***** [ Services ] *****

      Deleted: hola_svc
      Deleted: hola_updater
      Deleted: Update service


      ***** [ Folders ] *****

      Deleted: C:\Program Files\Hola
      Deleted: C:\Users\Claudio Guanes\AppData\Local\Hola
      Deleted: C:\Users\Claudio Guanes\AppData\Roaming\Hola


      ***** [ Files ] *****

      Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hola.lnk
      Deleted: C:\Users\TEMP\AppData\Local\Temp\reimage.log
      Deleted: C:\Windows\SysNative\drivers\mwescontroller.sys


      ***** [ DLL ] *****

      No malicious DLLs cleaned.

      ***** [ WMI ] *****

      No malicious WMI cleaned.

      ***** [ Shortcuts ] *****

      No malicious shortcuts cleaned.

      ***** [ Tasks ] *****

      No malicious tasks deleted.

      ***** [ Registry ] *****

      Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{125D9CB3-11F7-4D87-AA8D-DB7A9447437C}C:\program files (x86)\popcorn time\popcorntimedesktop.exe
      Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{964C0398-3BA1-4C2C-AA24-BE89B1A0F186}C:\program files (x86)\popcorn time\popcorntimedesktop.exe
      Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{33FC8D9A-3020-4030-8329-93100F594F35}C:\program files (x86)\popcorn time\chromecast\node.exe
      Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{B73D83CB-1477-4728-8A28-3504F62E25FA}C:\program files (x86)\popcorn time\chromecast\node.exe
      Deleted: [Key] - HKLM\SOFTWARE\Hola
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Hola
      Deleted: [Key] - HKU\.DEFAULT\Software\Hola
      Deleted: [Key] - HKU\S-1-5-21-3944762021-2492775799-415220738-1000\Software\Hola
      Deleted: [Key] - HKU\S-1-5-18\Software\Hola
      Deleted: [Key] - HKCU\Software\Hola
      Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{3E0DB45B-9FCC-4064-B48C-080BD03A99A4}
      Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{C81BED3B-31BD-491F-813D-78EFC2638CE1}
      Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|hola
      Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|hola
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services
      Deleted: [Key] - HKCU\Software\MozillaPlugins\@hola.org\vlc
      Deleted: [Key] - HKCU\Software\MozillaPlugins\@hola.org\FlashPlayer
      Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org
      Deleted: [Key] - HKLM\SOFTWARE\Reimage


      ***** [ Firefox (and derivatives) ] *****

      No malicious Firefox entries deleted.

      ***** [ Chromium (and derivatives) ] *****

      Plugin deleted: InternetSpeedTracker -
      SearchProvider deleted: SweetIM Search - sweetim.com
      SearchProvider deleted: SweetIM Search - sweetim.com
      SearchProvider deleted: utorrent.inspsearch.com - utorrent.inspsearch.com
      SearchProvider deleted: Iminent - search.iminent.com
      SearchProvider deleted: Search the web (Softonic) - softonic


      *************************

      ::Tracing keys deleted
      ::Winsock settings cleared
      ::Additional Actions: 0



      *************************

      C:/AdwCleaner/AdwCleaner[S0].txt - [4150 B] - [2017/11/30 13:27:23]


      ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

    8. #8
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      25.569

      Re: Limpieza de una notebook de un amigo

      Hola

      Tenía bichos como para montar un zoológico

      Descarga Farbar Recovery Scan Tool segun la arquitectura de tu sistema (32 o 64 bits)

      • La guardas en el escritorio >> Esto es muy importante..
      • Doble clic para ejecutar Frst.exe. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • En la ventana del Disclaimer, presiona Yes.

      • En la nueva ventana que se abre, presiona el botón Scan y espera paciente a que concluya el análisis.
      • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, estos estarán grabados en tu escritorio.

      • Para terminar abres los archivos Frst.txt y Addition.Txt copia y pega todo su contenido en tu próxima respuesta. Utiliza dos mensajes si te dice que es muy largo.


      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de the rev
      Registrado
      dic 2016
      Ubicación
      Paraguay
      Mensajes
      63

      Re: Limpieza de una notebook de un amigo

      jajajajajajaaaaaaaa me mataste con eso del zoológico muy buen chiste la verdad eso dije también cuando me mostró el log malwarebytes en 2 minutos ya me saltaron como 100 bichos que había detectado bueno pero no podemos esperar menos ya que mi amigo es usuario frecuente de utorrent y cosas así y como sabemos toda descarga o instalación viene con sorpresitas y según veo tiene solo windows defender y McAfee Security Scan Plus como métodos de defensa que no sirven de nada según veo ahora. Descargo el programa y te paso el reporte ya nomas

    10. #10
      Usuario Avatar de the rev
      Registrado
      dic 2016
      Ubicación
      Paraguay
      Mensajes
      63

      Re: Limpieza de una notebook de un amigo

      Adjunto resultados de FRST

      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-11-2017
      Ran by Claudio Guanes (administrator) on CHORIXLUI (30-11-2017 13:39:32)
      Running from C:\Users\Claudio Guanes\Desktop
      Loaded Profiles: Claudio Guanes (Available Profiles: Claudio Guanes)
      Platform: Windows 10 Home Version 1607 14393.1480 (X64) Language: Inglés (Estados Unidos)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
      (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
      (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
      (McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
      (McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
      (arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      (Intel Corporation) C:\Windows\System32\igfxtray.exe
      (Intel Corporation) C:\Windows\System32\hkcmd.exe
      (Intel Corporation) C:\Windows\System32\igfxpers.exe
      (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe
      (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
      () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
      (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
      (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
      (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
      (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
      (Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

      ==================== Registry (Whitelisted) ===========================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2014-08-06] (Synaptics Incorporated)
      HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-27] (Microsoft Corporation)
      HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
      HKLM-x32\...\Run: [] => [X]
      HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5885352 2017-06-29] (LogMeIn Inc.)
      Winlogon\Notify\igfxcui: C:\Windows\System32\igfxdev.dll (Intel Corporation)
      HKU\S-1-5-21-3944762021-2492775799-415220738-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [26424960 2016-06-29] (Skype Technologies S.A.)
      HKU\S-1-5-21-3944762021-2492775799-415220738-1000\...\Run: [Spotify Web Helper] => C:\Users\Claudio Guanes\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-14] (Spotify Ltd)
      HKU\S-1-5-21-3944762021-2492775799-415220738-1000\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2062208 2016-05-26] (Sony)
      HKU\S-1-5-21-3944762021-2492775799-415220738-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25624208 2017-11-10] (Google)
      HKU\S-1-5-21-3944762021-2492775799-415220738-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10021040 2017-10-18] (Piriform Ltd)
      HKU\S-1-5-21-3944762021-2492775799-415220738-1000\...\MountPoints2: {f6c6558d-84c3-11e6-bd6b-00266c3fd83d} - "G:\startme.exe"
      Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
      Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-09-26]
      ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe (McAfee, Inc.)

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      Hosts: 0.0.0.1 mssplus.mcafee.com
      Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
      Tcpip\..\Interfaces\{ad502dc1-a3fd-4d29-a746-89cd00c6d900}: [DhcpNameServer] 8.8.8.8 8.8.4.4
      Tcpip\..\Interfaces\{d7849053-9785-4cc5-bdf3-035278f7c5bc}: [DhcpNameServer] 8.8.8.8 8.8.4.4

      Internet Explorer:
      ==================
      SearchScopes: HKU\S-1-5-21-3944762021-2492775799-415220738-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
      BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-08-04] (Microsoft Corporation)
      BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-08-04] (Microsoft Corporation)
      BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
      Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
      Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
      Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-04] (Microsoft Corporation)
      Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-04] (Microsoft Corporation)
      Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-04] (Microsoft Corporation)
      Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-04] (Microsoft Corporation)

      FireFox:
      ========
      FF DefaultProfile: r4x874wq.default
      FF ProfilePath: C:\Users\Claudio Guanes\AppData\Roaming\Mozilla\Firefox\Profiles\r4x874wq.default [2017-11-30]
      FF Extension: (Firefox Hotfix) - C:\Users\Claudio Guanes\AppData\Roaming\Mozilla\Firefox\Profiles\r4x874wq.default\Extensions\[email protected] [2017-02-10] [Lagacy]
      FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll [2016-04-02] ()
      FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-04-02] ()
      FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-08-04] (Microsoft Corporation)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
      FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
      FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
      FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\Claudio Guanes\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [No File]
      FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\Claudio Guanes\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [No File]
      FF Plugin HKU\S-1-5-21-3944762021-2492775799-415220738-1000: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Claudio Guanes\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-23] (RocketLife, LLP)

      Chrome:
      =======
      CHR HomePage: Default -> hxxp://rts.dsrlte.com
      CHR StartupUrls: Default -> "hxxp://www.google.com/"
      CHR DefaultSearchKeyword: Default -> google.com.br
      CHR Session Restore: Default -> is enabled.
      CHR Profile: C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default [2017-11-30]
      CHR Extension: (Traductor de Google) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-23]
      CHR Extension: (Presentaciones) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
      CHR Extension: (Documentos) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
      CHR Extension: (Google Drive) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-13]
      CHR Extension: (Quick Maps) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgbojmobaekecckmomemopckmeipecij [2016-03-09]
      CHR Extension: (WhatsChrome) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgkodfmeijboinjdegggmkbkjfiagaan [2016-03-19]
      CHR Extension: (YouTube) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-13]
      CHR Extension: (Spotify - Music for every moment) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2017-07-15]
      CHR Extension: (Búsqueda de Google) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-13]
      CHR Extension: (Tampermonkey) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-09-20]
      CHR Extension: (Facebook App Launcher) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\dihbebhmaoagdpbcnfedokpfkkgmmpgc [2016-06-02]
      CHR Extension: (Polarr Photo Editor) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\djonnbgfieijldcieafgjcnhmpcfpmgg [2017-11-28]
      CHR Extension: (Facebook - Noticias sociales) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\edoadhjjfgeniilpmnoaddaihjkkhheb [2016-08-08]
      CHR Extension: (File Manager) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\egoilkobbnkdafmcllnicbohlpjcjegl [2016-03-09]
      CHR Extension: (Gmail sin conexión) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2016-03-09]
      CHR Extension: (PictaCast for Chromecast® - Trial) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekgaebaencakkggokbokmgojdbafnefi [2016-12-15]
      CHR Extension: (Google Play Música) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2017-11-24]
      CHR Extension: (Hojas de cálculo) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
      CHR Extension: (Notepad) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp [2017-08-30]
      CHR Extension: (Documentos de Google sin conexión) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
      CHR Extension: (AdBlock) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-11-28]
      CHR Extension: (TuneIn Radio) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhkolpgedpldcfmkgbdokgiljfbblpfj [2016-02-13]
      CHR Extension: (Pixlr Editor) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2016-05-26]
      CHR Extension: (EZbrowsing Search) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn [2017-11-30]
      CHR Extension: (Chrome to Mobile) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd [2016-05-26]
      CHR Extension: (Super Browse for Netflix) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iejponamigpndjgdmnpelkohnbpancjf [2017-11-07]
      CHR Extension: (PlayTo para Chromecast™) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\jngkenaoceimiimeokpdbmejeonaaami [2017-04-03]
      CHR Extension: (Cuevana Full Downloader) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\joplgpkbfbcdjidogkikhdbddahjclpc [2016-11-12]
      CHR Extension: (InternetSpeedTracker) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc [2017-11-30]
      CHR Extension: (Skype) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-07-31]
      CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-02-11]
      CHR Extension: (Cloud Drive, URL to ChromeCast™) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\mehfijocnmclokiknjjpcbddbekagnik [2017-04-03]
      CHR Extension: (Google Mail Checker) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2016-03-09]
      CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
      CHR Extension: (Deezer Shortcut) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\paccflbfblppaoidibhflahkogodngie [2016-04-07]
      CHR Extension: (Gmail) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-13]
      CHR Extension: (Chrome Media Router) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-17]
      CHR HKU\S-1-5-21-3944762021-2492775799-415220738-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4424392 2017-08-04] (Microsoft Corporation)
      R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3418024 2017-06-29] (LogMeIn Inc.)
      R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
      R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
      S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.599\McCHSvc.exe [404376 2017-09-05] (McAfee, Inc.)
      R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)
      R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1001920 2017-06-26] (McAfee, Inc.)
      R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2017-06-26] (McAfee, Inc.)
      S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2017-06-26] (McAfee, Inc.)
      R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-27] (Microsoft Corporation)
      R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-27] (Microsoft Corporation)

      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
      R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77432 2017-11-01] ()
      R3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2016-11-11] (LogMeIn Inc.)
      R0 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193464 2017-11-29] (Malwarebytes)
      R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2017-11-30] (Malwarebytes)
      R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [46008 2017-11-30] (Malwarebytes)
      R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2017-11-30] (Malwarebytes)
      R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2017-11-30] (Malwarebytes)
      R1 MpKsl073c6c02; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{01E8A81D-09FE-4924-88D7-6C28E5AB2FCB}\MpKsl073c6c02.sys [58120 2017-11-30] (Microsoft Corporation)
      R1 MpKslf7b86bb5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7CF08CB0-3C52-4762-8B92-35736E1B542C}\MpKslf7b86bb5.sys [58120 2017-11-29] (Microsoft Corporation)
      S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
      R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
      R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-08-06] (Synaptics Incorporated)
      S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
      R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [45720 2015-12-31] (Toshiba Corporation)
      S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
      R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
      R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
      S3 ew_usbenumfilter; \SystemRoot\System32\drivers\ew_usbenumfilter.sys [X]
      S3 huawei_cdcacm; \SystemRoot\system32\DRIVERS\ew_jucdcacm.sys [X]
      S3 huawei_enumerator; \SystemRoot\System32\drivers\ew_jubusenum.sys [X]
      S3 huawei_ext_ctrl; \SystemRoot\System32\drivers\ew_juextctrl.sys [X]
      S3 huawei_wwanecm; \SystemRoot\System32\drivers\ew_juwwanecm.sys [X]

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-11-30 13:39 - 2017-11-30 13:41 - 000020655 _____ C:\Users\Claudio Guanes\Desktop\FRST.txt
      2017-11-30 13:39 - 2017-11-30 13:39 - 000000000 ____D C:\FRST
      2017-11-30 13:37 - 2017-11-30 13:37 - 002391552 _____ (Farbar) C:\Users\Claudio Guanes\Desktop\FRST64.exe
      2017-11-30 10:52 - 2017-11-30 10:53 - 000000000 ____D C:\Program Files\CCleaner
      2017-11-30 10:52 - 2017-11-30 10:52 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
      2017-11-30 10:52 - 2017-11-30 10:52 - 000002876 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
      2017-11-30 10:52 - 2017-11-30 10:52 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
      2017-11-30 10:52 - 2017-11-30 10:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
      2017-11-30 10:16 - 2017-11-30 10:29 - 000000000 ____D C:\AdwCleaner
      2017-11-29 11:45 - 2017-11-30 10:31 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
      2017-11-29 11:45 - 2017-11-30 10:31 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
      2017-11-29 11:45 - 2017-11-30 10:31 - 000046008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
      2017-11-29 11:45 - 2017-11-30 10:30 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
      2017-11-29 11:45 - 2017-11-29 11:45 - 000193464 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
      2017-11-29 11:45 - 2017-11-29 11:45 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
      2017-11-29 11:45 - 2017-11-29 11:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
      2017-11-29 11:45 - 2017-11-01 08:54 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
      2017-11-29 11:44 - 2017-11-29 11:44 - 000000000 ____D C:\ProgramData\Malwarebytes
      2017-11-29 11:44 - 2017-11-29 11:44 - 000000000 ____D C:\Program Files\Malwarebytes
      2017-11-29 11:36 - 2017-11-30 10:53 - 000000000 ____D C:\Users\Claudio Guanes\Desktop\Gino
      2017-11-28 16:41 - 2017-11-28 16:46 - 000000000 ____D C:\ProgramData\Protexis64
      2017-11-28 16:38 - 2017-11-28 16:35 - 000002483 _____ C:\Users\Public\Desktop\Bitstream Font Navigator (64-Bit).lnk
      2017-11-28 16:38 - 2017-11-28 16:33 - 000002975 _____ C:\Users\Public\Desktop\Corel CAPTURE X7 (64-Bit).lnk
      2017-11-28 16:38 - 2017-11-28 16:33 - 000002974 _____ C:\Users\Public\Desktop\Corel PHOTO-PAINT X7 (64-Bit).lnk
      2017-11-28 16:38 - 2017-11-28 16:33 - 000002420 _____ C:\Users\Public\Desktop\Corel CONNECT X7 (64-Bit).lnk
      2017-11-28 16:38 - 2017-11-28 16:32 - 000002942 _____ C:\Users\Public\Desktop\CorelDRAW X7 (64-Bit).lnk
      2017-11-28 16:35 - 2017-11-28 16:35 - 000000000 ____D C:\Program Files\Common Files\Corel
      2017-11-28 16:34 - 2017-11-28 16:34 - 000000000 ____D C:\Program Files\Common Files\Protexis
      2017-11-28 16:33 - 2017-11-28 16:33 - 000000000 ____D C:\Users\Public\Documents\Corel
      2017-11-28 16:32 - 2017-11-28 16:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)
      2017-11-28 16:31 - 2017-11-28 16:32 - 000000000 ____D C:\Program Files\Corel
      2017-11-28 16:28 - 2017-11-28 16:38 - 000000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X7 x64
      2017-11-28 13:42 - 2017-11-28 14:25 - 000000000 ____D C:\Users\Claudio Guanes\Desktop\gati de gusti
      2017-11-28 13:42 - 2017-11-28 13:42 - 000000000 ____D C:\Users\Claudio Guanes\Desktop\Raquel Rivas
      2017-11-27 16:50 - 2017-11-30 10:37 - 000004224 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{14453DE8-0BC0-428C-99E4-6D2DD569B4C2}
      2017-11-26 19:36 - 2017-11-26 19:36 - 000000000 ____D C:\Users\Claudio Guanes\Documents\FeedbackHub
      2017-11-26 19:20 - 2017-11-27 16:22 - 000000000 ____D C:\Users\Claudio Guanes\Desktop\Para mover
      2017-11-24 17:08 - 2017-11-24 17:09 - 000008725 _____ C:\Users\Claudio Guanes\Documents\juanjo igui.xlsx

      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-11-30 13:23 - 2016-10-15 15:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
      2017-11-30 11:00 - 2017-07-21 17:21 - 000000000 ____D C:\Users\Claudio Guanes\AppData\Roaming\uTorrent
      2017-11-30 11:00 - 2017-02-01 15:59 - 000000000 ____D C:\Users\Claudio Guanes\AppData\Local\LogMeIn Hamachi
      2017-11-30 11:00 - 2016-10-15 20:41 - 000000000 ___DC C:\WINDOWS\Panther
      2017-11-30 11:00 - 2016-07-16 08:45 - 000000000 ____D C:\WINDOWS\INF
      2017-11-30 10:30 - 2016-10-15 16:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
      2017-11-30 09:20 - 2016-10-15 15:52 - 000000000 ____D C:\Users\Claudio Guanes
      2017-11-28 17:14 - 2016-07-16 03:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI
      2017-11-28 17:00 - 2016-03-23 16:16 - 000000000 ____D C:\ProgramData\Corel
      2017-11-28 16:46 - 2013-09-04 18:23 - 000000000 ____D C:\Users\Claudio Guanes\Documents\Corel
      2017-11-28 16:41 - 2016-05-25 14:53 - 000000000 ____D C:\Users\Claudio Guanes\AppData\Roaming\Corel
      2017-11-28 16:37 - 2016-07-16 08:47 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
      2017-11-28 16:37 - 2016-04-02 15:00 - 000000000 ____D C:\ProgramData\Package Cache
      2017-11-28 13:41 - 2016-05-24 18:53 - 000000476 _____ C:\WINDOWS\Tasks\HP Photo Creations Communicator.job
      2017-11-28 13:41 - 2016-02-25 14:26 - 000002037 _____ C:\Users\Claudio Guanes\Desktop\HP Photo Creations.lnk
      2017-11-28 13:41 - 2016-02-25 14:26 - 000000000 ___RD C:\Users\Claudio Guanes\Documents\RocketLifeNetwork
      2017-11-28 13:41 - 2016-02-25 14:26 - 000000000 ____D C:\Users\Claudio Guanes\AppData\Roaming\HP Photo Creations
      2017-11-27 16:53 - 2016-02-14 00:28 - 000545440 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
      2017-11-27 16:47 - 2016-06-20 18:52 - 000000000 ____D C:\Users\Claudio Guanes\AppData\Roaming\vlc
      2017-11-27 16:36 - 2016-10-18 18:57 - 000000000 ____D C:\WINDOWS\Minidump
      2017-11-27 15:51 - 2016-07-16 08:47 - 000000000 ____D C:\WINDOWS\LiveKernelReports
      2017-11-27 12:54 - 2017-07-21 14:24 - 000000000 ___RD C:\Users\Claudio Guanes\Documents\MEGA
      2017-11-26 19:28 - 2017-07-21 14:25 - 000000000 ____D C:\Users\Claudio Guanes\Documents\MEGAsync Downloads
      2017-11-25 23:43 - 2014-05-13 17:00 - 000000000 ____D C:\Users\Claudio Guanes\Desktop\e-liquid
      2017-11-25 22:56 - 2016-02-13 22:25 - 000000000 ____D C:\Users\Claudio Guanes\AppData\Local\Packages
      2017-11-25 22:15 - 2016-07-16 08:47 - 000000000 ____D C:\WINDOWS\AppReadiness
      2017-11-25 10:03 - 2016-10-15 20:28 - 001151606 _____ C:\WINDOWS\system32\perfh00A.dat
      2017-11-25 10:03 - 2016-10-15 20:28 - 000274082 _____ C:\WINDOWS\system32\perfc00A.dat
      2017-11-25 10:03 - 2016-02-13 22:13 - 003167770 _____ C:\WINDOWS\system32\PerfStringBackup.INI
      2017-11-18 10:55 - 2017-02-11 15:44 - 000002075 _____ C:\Users\Public\Desktop\Google Slides.lnk
      2017-11-18 10:55 - 2017-02-11 15:44 - 000002073 _____ C:\Users\Public\Desktop\Google Sheets.lnk
      2017-11-18 10:55 - 2017-02-11 15:44 - 000002063 _____ C:\Users\Public\Desktop\Google Docs.lnk
      2017-11-18 10:55 - 2017-02-11 15:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
      2017-11-17 11:42 - 2017-07-19 18:16 - 000003382 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3944762021-2492775799-415220738-1000
      2017-11-17 11:42 - 2016-02-13 22:30 - 000002390 _____ C:\Users\Claudio Guanes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
      2017-11-17 11:42 - 2016-02-13 22:30 - 000000000 ___RD C:\Users\Claudio Guanes\OneDrive
      2017-11-15 12:56 - 2016-02-13 22:40 - 000002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2017-11-15 12:56 - 2016-02-13 22:40 - 000002218 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2017-11-14 11:26 - 2017-10-17 13:54 - 000000000 ____D C:\Users\Claudio Guanes\AppData\LocalLow\uTorrent
      2017-11-13 15:40 - 2016-10-15 16:23 - 000003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
      2017-11-13 15:40 - 2016-10-15 16:23 - 000003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

      ==================== Files in the root of some directories =======

      2017-02-09 12:16 - 2017-02-09 12:16 - 000000068 ___SH () C:\Users\Claudio Guanes\AppData\Roaming\.Identifier
      2016-06-14 19:04 - 2016-06-14 19:06 - 045700992 _____ (Sony) C:\Users\Claudio Guanes\AppData\Local\pcc.exe

      ==================== Bamital & volsnap ======================

      (There is no automatic fix for files that do not pass verification.)

      C:\WINDOWS\system32\winlogon.exe => File is digitally signed
      C:\WINDOWS\system32\wininit.exe => File is digitally signed
      C:\WINDOWS\explorer.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
      C:\WINDOWS\system32\svchost.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
      C:\WINDOWS\system32\services.exe => File is digitally signed
      C:\WINDOWS\system32\User32.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
      C:\WINDOWS\system32\userinit.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
      C:\WINDOWS\system32\rpcss.dll => File is digitally signed
      C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
      C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

      LastRegBack: 2017-11-25 22:23

      ==================== End of FRST.txt ============================

    Página 1 de 4 1234 ÚltimoÚltimo