• Registrarse
  • Iniciar sesión


  • Resultados 1 al 5 de 5

    Notebook lenta y malwarebytes no se conecta con servidor

    buenas. hace un tiempo encuentro mi notebook muy lenta, tome la decisión de pasar malwarebytes para limpiarla pero el programa no puede contactarse con el servidor, por lo que no hace el análisis. periódicamente aplico ...

    1. #1
      Usuario Avatar de Federic
      Registrado
      abr 2017
      Ubicación
      argentina
      Mensajes
      3

      Notebook lenta y malwarebytes no se conecta con servidor

      buenas. hace un tiempo encuentro mi notebook muy lenta, tome la decisión de pasar malwarebytes para limpiarla pero el programa no puede contactarse con el servidor, por lo que no hace el análisis.
      periódicamente aplico ccleaner aunque me borre el historial y deba reconfigurar mi navegador. espero puedan darme una mano o un consejo. gracias de antemano.
      saludos

    2. #2
      Moderador
      Avatar de @MiguelRiaguel
      Registrado
      dic 2008
      Ubicación
      España
      Mensajes
      12.064

      Re: Notebook lenta y malwarebytes no se conecta con servidor

      Saludos Federic. al foro de InfoSpyware.

      Por favor, vas a probar con el siguiente procedimiento:

      Paso 1- Vamos a descargar en TU ESCRITORIO todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía):




      Paso 2- Ahora vamos a ejecutar las herramientas de una en una (cuando haya finalizado una, ejecutas la siguiente), y debes ejecutarlas en el mismo orden que te indico:


      AdwCleaner

      • El primer paso sería cerrar todos los programas que tengas abiertos.
      • Ejecutas Adwcleaner.exe. (Si usas Windows Vista/7 u 8 presionas clic derecho y seleccionas "Ejecutar como Administrador.")
      • A continuación, debes pulsar sobre el botón Escanear ]; el proceso de análisis se iniciará; esperas tranquilamente a que finalice.
      • Cuando termine, pulsas sobre el botón Limpiar.
      • Por último, te va a solicitar Reiniciar el sistema; como es evidente, debes Aceptar.
      • Ya solo queda, guardar el reporte que te aparecerá una vez que reinicies, para copiarlo y pegarlo en tu próxima respuesta.



      JRT.exe

      • Ejecutas Junkware Removal Tool (JRT.exe). (Si usas Windows Vista/7 u 8 presionas clic derecho y seleccionas "Ejecutar como Administrador.")
      • Ahora tienes que pulsar cualquier tecla para que el proceso continúe y esperas a que termine.
      • Cuando finalice, un registro (JRT.txt) se guardará en el escritorio y se abrirá automáticamente.
      • Este reporte debes copiarlo, para pegarlo también en tu próxima respuesta.



      Malwarebytes

      Comentas que este software ya lo tienes instalado en tu sistema pero no se conecta con el servidor. Por tanto, antes de utilizarlo vas a ejecutar Mbam-rules.exe que debes tener descargado en tu escritorio. Simplemente ejecutando este archivo, se va a actualizar Malwarebytes' automáticamente. Posteriormente, vas a ejecutar un Análisis Personalizado que realiza un escaner del sistema mucho más profundo que el Análisis de Amenazas que realiza el programa por defecto. Para ello, realiza lo siguiente:

      • Pulsa sobre Análisis y seleccionas Análisis Personalizado; a continuación pulsas sobre Configurar Análisis: seleccionas todas la unidades que tengas y pulsas sobre Analizar ahora.
      • Cuando Termine el análisis, Seleccionas "Eliminar Seleccionados".
      • Reinicias el sistema.
      • En el apartado "Historial" encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.




      CCleaner

      Debes usar, sus dos opciones principales, de acuerdo a su Manual:

      • "Limpiador": para borrar cookies, temporales de internet y todos los archivos que éste te muestre como obsoletos.
      • "Registro" para limpiar todo el Registro de Windows (haciendo copia de seguridad).
      • NO necesitamos este reporte.



      Paso 3- Por último vamos a ejecutar OTL que lo debes de tener descargado en tu escritorio:

      • Cierra todos programas que tengas abiertos ( msn, internet explorer,mozilla,Emule,Ares..) y hacer doble click en el ícono de OTL para ejecutarlo.
      • Ahora en el menú solo debes cambiar debajo de donde pone: "Tipo de Análisis" poner Resultado Mínimo.
      • Marcar las opciones: Buscar LOP y Buscar Purity.
      • Marcar las Opciones >> Omitir Archivos De Microsoft y Usar Listado de Compañías Reconocidas.
      • Copiar y Pegar el siguiente script bajo la casilla Análisis Personalizados/Código de Reparación:

        netsvcs
        msconfig
        %SYSTEMDRIVE%\*.*
        CREATERESTOREPOINT
      • Por favor No cambies el resto de la configuración a menos que te lo solicitemos.




      • Presionar el botón >> Analizar.
      • Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos archivos estarán grabados en el mismo lugar donde OTL.exe fue descargado.
      • Copiar y pegar el contenido del archivo OTL.txt en tu próxima respuesta.



      Paso 4.-: En tu próxima respuesta, pegas los reportes de las 4 Herramientas (AdwCleaner, JRT, Malwarebytes' y OTL) y no olvides comentar como sigue el problema.




      Saludos
      El problema de los virus es pasajero y durará un par de años / John McAfee - fundador de McAfee

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de Federic
      Registrado
      abr 2017
      Ubicación
      argentina
      Mensajes
      3

      Re: Notebook lenta y malwarebytes no se conecta con servidor

      hola MiguelRiaguel. gracias por tu respuesta. aplique todas las herramientas que me dajaste. dejo a continuación los reportes.

      REPORTE DE AdwCleaner[C0]:[/SIZE]

      # AdwCleaner 7.0.5.0 - Logfile created on Sat Dec 09 17:57:42 2017
      # Updated on 2017/29/11 by Malwarebytes
      # Running on Windows 8 Single Language (X64)
      # Mode: clean
      # Support: https://www.malwarebytes.com/support

      ***** [ Services ] *****

      No malicious services deleted.

      ***** [ Folders ] *****

      Deleted: C:\ProgramData\The AdBlocker
      Deleted: C:\ProgramData\Application Data\The AdBlocker
      Deleted: C:\Users\All Users\The AdBlocker
      Deleted: C:\Users\Administrador\AppData\Local\torch
      Deleted: C:\Users\HomeGroupUser$\AppData\Local\torch
      Deleted: C:\Users\Invitado\AppData\Local\torch
      Deleted: C:\Users\Usuario\AppData\Local\torch
      Deleted: C:\Users\Usuario\AppData\Local\VNT
      Deleted: C:\ProgramData\WorldAppIt
      Deleted: C:\ProgramData\Application Data\WorldAppIt
      Deleted: C:\Users\All Users\WorldAppIt
      Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free FLV Converter
      Deleted: C:\Program Files (x86)\Free FLV Converter
      Deleted: C:\Windows\System32\config\systemprofile\AppData\Roaming\ntsvc
      Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\ntsvc
      Deleted: C:\Users\Usuario\AppData\Roaming\ntsvc
      Deleted: C:\ProgramData\SNT
      Deleted: C:\ProgramData\Application Data\SNT
      Deleted: C:\Users\All Users\SNT
      Deleted: C:\ProgramData\4233945d6154f5e2


      ***** [ Files ] *****

      Deleted: C:\Users\Usuario\AppData\Roaming\\appdataFr2.bin


      ***** [ DLL ] *****

      No malicious DLLs cleaned.

      ***** [ WMI ] *****

      No malicious WMI cleaned.

      ***** [ Shortcuts ] *****

      No malicious shortcuts cleaned.

      ***** [ Tasks ] *****

      No malicious tasks deleted.

      ***** [ Registry ] *****

      Deleted: [Key] - HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
      Deleted: [Key] - HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
      Deleted: [Key] - HKU\S-1-5-19\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
      Deleted: [Key] - HKU\S-1-5-20\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
      Deleted: [Key] - HKU\S-1-5-21-731285059-2706312718-685700060-1001\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
      Deleted: [Key] - HKU\S-1-5-18\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
      Deleted: [Key] - HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
      Deleted: [Key] - HKLM\SOFTWARE\searchult
      Deleted: [Key] - HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
      Deleted: [Key] - HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
      Deleted: [Key] - HKU\S-1-5-21-731285059-2706312718-685700060-1001\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
      Deleted: [Key] - HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
      Deleted: [Key] - HKLM\SOFTWARE\hdcode
      Deleted: [Key] - HKU\S-1-5-21-731285059-2706312718-685700060-1001\Software\UpToDown
      Deleted: [Key] - HKCU\Software\UpToDown
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Free FLV Converter_is1
      Deleted: [Key] - HKU\S-1-5-21-731285059-2706312718-685700060-1001\Software\VNT
      Deleted: [Key] - HKCU\Software\VNT
      Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
      Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{58124A0B-DC32-4180-9BFF-E0E21AE34026}
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
      Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
      Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
      Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
      Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{7C5D7930-FACC-4A25-AE26-51DDA83F3D75}
      Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
      Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{A7C4DE54-D7A3-44DF-9C9D-26E08177C6FF}
      Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{DC97D932-ED6C-4AD3-A0D6-AA03C4C76A97}
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98FD652EB4839214E97B69DD8EEA1D29
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
      Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
      Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|VNT
      Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ApnTBMon
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
      Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
      Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
      Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
      Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{05660A04-00F1-3A04-AB3B-BC1074B84D67}
      Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{37AC0F3B-749F-3B22-811B-5A019EED2E85}
      Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{4392A6CC-7940-310E-8E16-799A8D93A438}
      Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{66DF7821-ED6D-3534-893C-0E89E74B0F91}
      Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{755CAFCC-F016-3B06-8F22-945EAA3AD10D}
      Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{76552F88-640C-314D-82B6-0D8A740907F7}
      Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{903F9872-E87F-3B74-83B0-DBE10073B29D}
      Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{9558EEB4-CDA6-3778-B53B-98076F0A1E90}
      Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{B25AA9BA-FD52-3E5E-BFE3-9B106779DA6E}
      Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{C852CF9F-37DC-35AC-926A-7E6CFFF7C501}
      Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{C9777796-4378-3C90-B52D-7238FFFC2A5C}
      Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{DB1BC8B2-FDBF-30E7-BE1C-AFF9160059E6}
      Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{F3D5729C-7DEB-3850-A026-D0E323ECFEF5}
      Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{FEC70973-CB8B-351C-8047-CAE1274CE249}
      Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext|DisableAddonLoadTimePerformanceNotifications
      Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A}
      Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95}
      Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
      Deleted: [Key] - HKU\S-1-5-21-731285059-2706312718-685700060-1001\Software\win
      Deleted: [Key] - HKCU\Software\win
      Deleted: [Key] - HKU\S-1-5-21-731285059-2706312718-685700060-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\DSite
      Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DSite
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services
      Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\TabbedBrowsing|bProtectShowTabsWelcome
      Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
      Deleted: [Key] - HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}


      ***** [ Firefox (and derivatives) ] *****

      No malicious Firefox entries deleted.

      ***** [ Chromium (and derivatives) ] *****

      SearchProvider deleted: Google - google
      SearchProvider deleted: Ask Search - ask search
      Startpage deleted: Google
      Startpage deleted: Delta Search
      Startpage deleted: Ask.com
      Startpage deleted: http://search.gboxapp.com/
      Startpage deleted: searchult.com
      Startpage deleted: Google
      Startpage deleted: Delta Search
      Startpage deleted: Ask.com
      Startpage deleted: http://search.gboxapp.com/
      Startpage deleted: searchult.com
      Startpage deleted: Google
      Startpage deleted: Delta Search
      Startpage deleted: Ask.com
      Startpage deleted: http://search.gboxapp.com/
      Startpage deleted: searchult.com
      Startpage deleted: Google
      Startpage deleted: Delta Search
      Startpage deleted: Ask.com
      Startpage deleted: http://search.gboxapp.com/
      Startpage deleted: searchult.com
      Startpage deleted: Google
      Startpage deleted: Delta Search
      Startpage deleted: Ask.com
      Startpage deleted: http://search.gboxapp.com/
      Startpage deleted: searchult.com
      Startpage deleted: Google
      Startpage deleted: Delta Search
      Startpage deleted: Ask.com
      Startpage deleted: http://search.gboxapp.com/
      Startpage deleted: searchult.com
      Startpage deleted: Google
      Startpage deleted: Delta Search
      Startpage deleted: Ask.com
      Startpage deleted: http://search.gboxapp.com/
      Startpage deleted: searchult.com
      Startpage deleted: Google
      Startpage deleted: Delta Search
      Startpage deleted: Ask.com
      Startpage deleted: http://search.gboxapp.com/
      Startpage deleted: searchult.com
      Startpage deleted: Google
      Startpage deleted: Delta Search
      Startpage deleted: Ask.com
      Startpage deleted: http://search.gboxapp.com/
      Startpage deleted: searchult.com
      Startpage deleted: Google
      Startpage deleted: Delta Search
      Startpage deleted: Ask.com
      Startpage deleted: http://search.gboxapp.com/
      Startpage deleted: searchult.com
      Startpage deleted: Google
      Startpage deleted: Delta Search
      Startpage deleted: Ask.com
      Startpage deleted: http://search.gboxapp.com/
      Startpage deleted: searchult.com
      Startpage deleted: Google
      Startpage deleted: Delta Search
      Startpage deleted: Ask.com
      Startpage deleted: http://search.gboxapp.com/
      Startpage deleted: searchult.com
      Startpage deleted: Google
      Startpage deleted: Delta Search
      Startpage deleted: Ask.com
      Startpage deleted: http://search.gboxapp.com/
      Startpage deleted: searchult.com
      Startpage deleted: Google
      Startpage deleted: Delta Search
      Startpage deleted: Ask.com
      Startpage deleted: http://search.gboxapp.com/
      Startpage deleted: searchult.com
      Startpage deleted: Google
      Startpage deleted: Delta Search
      Startpage deleted: Ask.com
      Startpage deleted: http://search.gboxapp.com/
      Startpage deleted: searchult.com
      Startpage deleted: Google
      Startpage deleted: Delta Search
      Startpage deleted: Ask.com
      Startpage deleted: http://search.gboxapp.com/
      Startpage deleted: searchult.com
      Startpage deleted: Google
      Startpage deleted: Delta Search
      Startpage deleted: Ask.com
      Startpage deleted: http://search.gboxapp.com/
      Startpage deleted: searchult.com
      Startpage deleted: Google
      Startpage deleted: Delta Search
      Startpage deleted: Ask.com
      Startpage deleted: http://search.gboxapp.com/
      Startpage deleted: searchult.com
      Startpage deleted: Google
      Startpage deleted: Delta Search
      Startpage deleted: Ask.com
      Startpage deleted: http://search.gboxapp.com/
      Startpage deleted: searchult.com
      Startpage deleted: Google
      Startpage deleted: Delta Search
      Startpage deleted: Ask.com
      Startpage deleted: http://search.gboxapp.com/
      Startpage deleted: searchult.com


      *************************

      ::Tracing keys deleted
      ::Winsock settings cleared
      ::Additional Actions: 0



      *************************

      C:/AdwCleaner/AdwCleaner[S0].txt - [15540 B] - [2017/12/9 17:51:26]


      ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########



      REPORTE DE JRT

      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Junkware Removal Tool (JRT) by Malwarebytes
      Version: 8.1.4 (07.09.2017)
      Operating System: Windows 8 Single Language x64
      Ran by Usuario (Administrator) on 09/12/2017 at 15:06:02,32
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




      File System: 15

      Successfully deleted: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ogminpmldncgcmokldnmmapddoccmhfl (Folder)
      Successfully deleted: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage (File)
      Successfully deleted: C:\ProgramData\BItSAvueer (Folder)
      Successfully deleted: C:\ProgramData\ExstraSaviNgss (Folder)
      Successfully deleted: C:\ProgramData\ExstreaSaviNgs (Folder)
      Successfully deleted: C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C9L3P3VL (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\REFOIUX2 (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WXIFDKC0 (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X0LDN92Z (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Usuario\AppData\Roaming\appdataFr25.bin (File)
      Successfully deleted: C:\Users\Usuario\AppData\Roaming\appdataFr3.bin (File)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C9L3P3VL (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\REFOIUX2 (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WXIFDKC0 (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X0LDN92Z (Temporary Internet Files Folder)



      Registry: 3

      Successfully deleted: HKLM\Software\Google\Chrome\Extensions\ifjgookacnmjghjfagggbkpebmndnbib (Registry Key)
      Successfully deleted: HKLM\Software\Google\Chrome\Extensions\khialnikbocfgkohdegnebhmmaifoglp (Registry Key)
      Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6FB69642-E8B8-4FED-B144-D4E06C14C6FF} (Registry Key)




      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on 09/12/2017 at 15:09:24,90
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    4. #4
      Usuario Avatar de Federic
      Registrado
      abr 2017
      Ubicación
      argentina
      Mensajes
      3

      Re: Notebook lenta y malwarebytes no se conecta con servidor

      REPORTE DE MBAM

      Malwarebytes
      www.malwarebytes.com

      -Detalles del registro-
      Fecha del análisis: 9/12/17
      Hora del análisis: 15:15
      Archivo de registro: edd0736e-dd0c-11e7-bcfc-606c662e9342.json
      Administrador: Sí

      -Información del software-
      Versión: 3.2.2.2029
      Versión de los componentes: 1.0.212
      Versión del paquete de actualización: 1.0.3453
      Licencia: Premium

      -Información del sistema-
      SO: Windows 8
      CPU: x64
      Sistema de archivos: NTFS
      Usuario: BanghoMOV\Usuario

      -Resumen del análisis-
      Tipo de análisis: Análisis personalizado
      Resultado: Completado
      Objetos analizados: 350061
      Amenazas detectadas: 31
      Amenazas en cuarentena: 30
      Tiempo transcurrido: 1 hr, 2 min, 30 seg

      -Opciones de análisis-
      Memoria: Activado
      Inicio: Activado
      Sistema de archivos: Activado
      Archivo: Activado
      Rootkits: Desactivado
      Heurística: Activado
      PUP: Detectar
      PUM: Detectar

      -Detalles del análisis-
      Proceso: 0
      (No hay elementos maliciosos detectados)

      Módulo: 0
      (No hay elementos maliciosos detectados)

      Clave del registro: 0
      (No hay elementos maliciosos detectados)

      Valor del registro: 0
      (No hay elementos maliciosos detectados)

      Datos del registro: 0
      (No hay elementos maliciosos detectados)

      Secuencia de datos: 0
      (No hay elementos maliciosos detectados)

      Carpeta: 0
      (No hay elementos maliciosos detectados)

      Archivo: 31
      PUP.Optional.ASK.Generic, C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\D254D4347365A600677A7A857BC0B100\12.27.0\IDCSRVSTUB_DLL, En cuarentena, [1274], [345551],1.0.3453
      PUP.Optional.ASK.Generic, C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\D254D4347365A600677A7A857BC0B100\12.27.0\IDCLDR_EXE, En cuarentena, [1274], [345551],1.0.3453
      PUP.Optional.ASK, C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\D254D4347365A600677A7A857BC0B100\12.27.0\TBNOTIFIER_EXE, En cuarentena, [474], [124638],1.0.3453
      PUP.Optional.ASK.Generic, C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\D254D4347365A600677A7A857BC0B100\12.27.0\IDCSRV_DLL, En cuarentena, [1274], [345551],1.0.3453
      PUP.Optional.ASK.Generic, C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\D254D4347365A600677A7A857BC0B100\12.27.0\APNMCP_EXE, En cuarentena, [1274], [345551],1.0.3453
      PUP.Optional.ASK.Generic, C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\D254D4347365A600677A7A857BC0B100\12.27.0\IDCSRV_DLL_X64, En cuarentena, [1274], [345551],1.0.3453
      PUP.Optional.ASK.Generic, C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\D254D4347365A600677A7A857BC0B100\12.27.0\IDCSRVSTUB_DLL_X64, En cuarentena, [1274], [345551],1.0.3453
      PUP.Optional.ASK.Generic, C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\D254D4347365A600677A7A857BC0B100\12.27.0\IDCLDR_EXE_X64, En cuarentena, [1274], [345551],1.0.3453
      PUP.Optional.ASK.Generic, C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\D254D4347365A600677A7A857BC0B100\12.27.0\UPDATEMANAGER_EXE, En cuarentena, [1274], [345551],1.0.3453
      PUP.Optional.ASK.Generic, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\ASKTOOLBARINSTALLER-CME-V7CAC9MDOS.7Z, En cuarentena, [1274], [345551],1.0.3453
      PUP.Optional.ASK.Generic, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\ASKTOOLBARINSTALLER-CME-V7CA20S9XL.7Z, En cuarentena, [1274], [345551],1.0.3453
      PUP.Optional.ASK.Generic, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\ASKTOOLBARINSTALLER-CME-V7[3].7Z, En cuarentena, [1274], [345551],1.0.3453
      PUP.Optional.ASK.Generic, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\ASKTOOLBARINSTALLER-CME-V7CAWHD8RV.7Z, En cuarentena, [1274], [345551],1.0.3453
      PUP.Optional.ASK.Generic, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\ASKTOOLBARINSTALLER-CME-V7CAHOA6U7.7Z, En cuarentena, [1274], [345551],1.0.3453
      PUP.Optional.ASK.Generic, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\ASKTOOLBARINSTALLER-CME-V7CACHXJDX.7Z, En cuarentena, [1274], [345551],1.0.3453
      PUP.Optional.ASK.Generic, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\ASKTOOLBARINSTALLER-CME-V7[9].7Z, En cuarentena, [1274], [345551],1.0.3453
      PUP.Optional.ASK.Generic, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\ASKTOOLBARINSTALLER-CME-V7CAHOUC17.7Z, En cuarentena, [1274], [345551],1.0.3453
      PUP.Optional.ASK.Generic, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\ASKTOOLBARINSTALLER-CME-V7[1].7Z, En cuarentena, [1274], [345551],1.0.3453
      PUP.Optional.ASK.Generic, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\ASKTOOLBARINSTALLER-CME-V7[4].7Z, En cuarentena, [1274], [345551],1.0.3453
      PUP.Optional.ASK.Generic, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\ASKTOOLBARINSTALLER-CME-V7[10].7Z, En cuarentena, [1274], [345551],1.0.3453
      PUP.Optional.ASK.Generic, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\ASKTOOLBARINSTALLER-CME-V7[5].7Z, En cuarentena, [1274], [345551],1.0.3453
      PUP.Optional.ASK.Generic, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\ASKTOOLBARINSTALLER-CME-V7[2].7Z, En cuarentena, [1274], [345551],1.0.3453
      PUP.Optional.ASK.Generic, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\ASKTOOLBARINSTALLER-CME-V7CA0SAFL0.7Z, En cuarentena, [1274], [345551],1.0.3453
      PUP.Optional.ASK.Generic, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\ASKTOOLBARINSTALLER-CME-V7[6].7Z, En cuarentena, [1274], [345551],1.0.3453
      PUP.Optional.Conduit, A:\DESCARGAR CUALQUIER VIDEO DE INTERNET\MOVIER-INSTALLER.EXE, En cuarentena, [520], [110576],1.0.3453
      PUP.Optional.Montiera, A:\EN CASO DE FORMATEO\MP3RINGTONEMAKERSETUP.EXE, Se eliminará al reiniciar, [104], [299417],1.0.3453
      Adware.Elex.ShrtCln, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Sustituido, [2119], [454730],1.0.3453
      Adware.Elex.ShrtCln, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Secure Preferences, Error durante la eliminación, [2119], [454730],1.0.3453
      PUP.Optional.Delta, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Sustituido, [3410], [455070],1.0.3453
      PUP.Optional.Babylon, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Sustituido, [1649], [455059],1.0.3453
      Adware.Elex.ShrtCln, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Sustituido, [2119], [454730],1.0.3453

      Sector físico: 0
      (No hay elementos maliciosos detectados)


      (end)


      REPORTE DE OTL

      OTL logfile created on: 09/12/2017 0558 p.m. - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Usuario\Desktop
      64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
      Internet Explorer (Version = 9.10.9200.17607)
      Locale: 00002C0A | Country: Argentina | Language: ESS | Date Format: dd/MM/yyyy

      3,88 Gb Total Physical Memory | 2,45 Gb Available Physical Memory | 63,04% Memory free
      5,50 Gb Paging File | 4,04 Gb Available in Paging File | 73,43% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 228,43 Gb Total Space | 108,59 Gb Free Space | 47,54% Space Free | Partition Type: NTFS
      Drive E: | 10,19 Gb Total Space | 3,40 Gb Free Space | 33,36% Space Free | Partition Type: NTFS

      Computer Name: BANGHOMOV | User Name: Usuario | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\Usuario\Desktop\OTL.exe (OldTimer Tools)
      PRC - C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Malwarebytes)
      PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      PRC - C:\Windows\SysWOW64\irstrtsv.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)


      ========== Modules (No Company Name) ==========

      MOD - C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf ()


      ========== Services (SafeList) ==========

      SRV:64bit: - (MBAMService) -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes)
      SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
      SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
      SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
      SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
      SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
      SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
      SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.)
      SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
      SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
      SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
      SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
      SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
      SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
      SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
      SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
      SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
      SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
      SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
      SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
      SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
      SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
      SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
      SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
      SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
      SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
      SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
      SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
      SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
      SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
      SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
      SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
      SRV:64bit: - (McAWFwk) -- c:\Program Files\McAfee\MSC\McAWFwk.exe (McAfee, Inc.)
      SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
      SRV - (iumsvc) -- C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe (Intel Corporation)
      SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
      SRV - (irstrtsv) -- C:\Windows\SysWOW64\irstrtsv.exe (Intel Corporation)
      SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
      SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
      SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
      SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
      SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
      SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
      SRV - (AxAutoMntSrv) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
      SRV - (StarWindServiceAE) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (MBAMWebProtection) -- C:\Windows\SysNative\Drivers\mwac.sys (Malwarebytes)
      DRV:64bit: - (MBAMFarflt) -- C:\Windows\SysNative\Drivers\farflt.sys (Malwarebytes)
      DRV:64bit: - (MBAMProtection) -- C:\Windows\SysNative\Drivers\mbam.sys (Malwarebytes)
      DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\Drivers\mbamswissarmy.sys (Malwarebytes)
      DRV:64bit: - (MBAMChameleon) -- C:\Windows\SysNative\Drivers\MbamChameleon.sys (Malwarebytes)
      DRV:64bit: - (ESProtectionDriver) -- C:\Windows\SysNative\Drivers\mbae64.sys ()
      DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswvmm.sys (AVAST Software)
      DRV:64bit: - (aswSP) -- C:\Windows\SysNative\Drivers\aswsp.sys (AVAST Software)
      DRV:64bit: - (aswStm) -- C:\Windows\SysNative\Drivers\aswStm.sys (AVAST Software)
      DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\Drivers\aswMonFlt.sys (AVAST Software)
      DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys (AVAST Software)
      DRV:64bit: - (aswHwid) -- C:\Windows\SysNative\Drivers\aswHwid.sys (AVAST Software)
      DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\Drivers\aswRdr2.sys (AVAST Software)
      DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\Drivers\aswSnx.sys (AVAST Software)
      DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\Drivers\aswKbd.sys (AVAST Software)
      DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
      DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
      DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\Drivers\dtsoftbus01.sys (Disc Soft Ltd)
      DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys (Duplex Secure Ltd.)
      DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
      DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
      DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
      DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\Drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
      DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\Drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
      DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
      DRV:64bit: - (usbser) -- C:\Windows\SysNative\Drivers\usbser.sys (Microsoft Corporation)
      DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
      DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
      DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
      DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
      DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
      DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
      DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
      DRV:64bit: - (tap0901) -- C:\Windows\SysNative\Drivers\tap0901.sys (The OpenVPN Project)
      DRV:64bit: - (RtlWlanu) -- C:\Windows\SysNative\Drivers\RTWlanU.sys (Realtek Semiconductor Corporation )
      DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
      DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
      DRV:64bit: - (usbrndis6) -- C:\Windows\SysNative\Drivers\usb80236.sys (Microsoft Corporation)
      DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\Drivers\usb8023x.sys (Microsoft Corporation)
      DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
      DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
      DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
      DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
      DRV:64bit: - (irstrtdv) -- C:\Windows\SysNative\Drivers\irstrtdv.sys (Intel Corporation)
      DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation)
      DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\Drivers\Rt630x64.sys (Realtek )
      DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\Drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
      DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
      DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\Drivers\iaStorA.sys (Intel Corporation)
      DRV:64bit: - (igfx) -- C:\Windows\SysNative\Drivers\igdkmd64.sys (Intel Corporation)
      DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
      DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
      DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
      DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
      DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
      DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
      DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
      DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
      DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
      DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
      DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
      DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
      DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
      DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
      DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
      DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
      DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
      DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
      DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
      DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
      DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
      DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
      DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
      DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
      DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
      DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
      DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
      DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
      DRV:64bit: - (RTL8192Ce) -- C:\Windows\SysNative\Drivers\rtwlane.sys (Realtek Semiconductor Corporation )
      DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\Drivers\IntcDAud.sys (Intel(R) Corporation)
      DRV:64bit: - (NETwNe64) -- C:\Windows\SysNative\Drivers\NETwNe64.sys (Intel Corporation)

      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
      IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
      IE:64bit: - HKLM\..\SearchScopes\{6FB69642-E8B8-4FED-B144-D4E06C14C6FF}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MANMJS
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
      IE - HKLM\..\SearchScopes,DefaultScope =
      IE - HKLM\..\SearchScopes\{6FB69642-E8B8-4FED-B144-D4E06C14C6FF}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MANMJS

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.bangho.com.ar [binary data]
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
      IE - HKCU\..\SearchScopes,DefaultScope = {6FB69642-E8B8-4FED-B144-D4E06C14C6FF}
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>


      ========== FireFox ==========

      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
      FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.)

      64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2016/07/23 20:50:07 | 000,000,000 | ---D | M]
      64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\SAFEPRICE\FF [2016/07/23 20:50:07 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2016/07/23 20:50:07 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016/07/23 20:50:07 | 000,000,000 | ---D | M]

      [2013/07/24 19:01:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
      [2014/01/15 18:04:30 | 000,005,137 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\ergative.xml

      ========== Chrome ==========

      CHR - plugin: Error reading preferences file
      CHR - Extension: No name found = C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc\31.2.2_0\
      CHR - Extension: No name found = C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\
      CHR - Extension: No name found = C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\3.22.1_0\
      CHR - Extension: No name found = C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndolbcaghkmhjhgggldkgjibdilpbdbm\2_0\
      CHR - Extension: No name found = C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6217.911.0.5_0\

      O1 HOSTS File: ([2016/03/26 11:32:09 | 000,001,584 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
      O1 - Hosts: 107.178.255.88 www.statcounter.com
      O1 - Hosts: 107.178.255.88 statcounter.com
      O1 - Hosts: 107.178.255.88 ssl.goo.88 partner.googleadservices.com
      O1 - Hosts: 107.178.255.88 google-analytics.com
      O1 - Hosts: 107.178.255.88 www.statcounter.com
      O1 - Hosts: 107.178.255.88 statcounter.com
      O1 - Hosts: 107.178.255.88 ssl.goo.88 partner.googleadservices.com
      O1 - Hosts: 107.178.255.88 google-analytics.com
      O1 - Hosts: 127.0.0.1 activate.adobe.com
      O1 - Hosts: 127.0.0.1 practivate.adobe.com
      O1 - Hosts: 127.0.0.1 lmlicenses.wip4.adobe.com
      O1 - Hosts: 127.0.0.1 lm.licenses.adobe.com
      O1 - Hosts: 127.0.0.1 na1r.services.adobe.com
      O1 - Hosts: 127.0.0.1 hlrcv.stage.adobe.com
      O1 - Hosts: 127.0.0.1 bandicam.com
      O1 - Hosts: 127.0.0.1 ssl.bandisoft.com
      O1 - Hosts: 0.0.0.0 keystone.mwbsys.com
      O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
      O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
      O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
      O4 - HKLM..\Run: [] File not found
      O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
      O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
      O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Usuario\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
      O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
      O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
      O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
      O4 - HKCU..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
      O8:64bit: - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
      O8:64bit: - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
      O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
      O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
      O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
      O1364bit: - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.115.192.89 181.47.254.164 200.115.192.30
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer =
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1EBD4AC5-80A5-463D-B084-915816781BC5}: DhcpNameServer = 10.0.0.2
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4C204ABD-D4AB-4055-ACBD-68B879355D55}: DhcpNameServer = 200.115.192.89 181.47.254.164 200.115.192.30
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4C204ABD-D4AB-4055-ACBD-68B879355D55}: NameServer =
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BADC9AEE-7A01-4F97-89D5-8700D117FF82}: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BADC9AEE-7A01-4F97-89D5-8700D117FF82}: NameServer =
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D841E7D4-6B52-4B7D-90E4-F5AC65C71B37}: NameServer =
      O18:64bit: - Protocol\Handler\livecall - No CLSID value found
      O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
      O18:64bit: - Protocol\Handler\msnim - No CLSID value found
      O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
      O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
      O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
      O30 - LSA: Security Packages - (livessp) - File not found
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2014/04/10 08:50:09 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
      O33 - MountPoints2\{0db09393-11a3-11e4-8014-606c662e9342}\Shell - "" = AutoRun
      O33 - MountPoints2\{0db09393-11a3-11e4-8014-606c662e9342}\Shell\AutoRun\command - "" = "G:\Setup.exe"
      O33 - MountPoints2\{317823eb-160f-11e5-8088-606c662e9342}\Shell - "" = AutoRun
      O33 - MountPoints2\{317823eb-160f-11e5-8088-606c662e9342}\Shell\AutoRun\command - "" = "F:\autorun.exe"
      O33 - MountPoints2\{317823eb-160f-11e5-8088-606c662e9342}\Shell\directx\command - "" = F:\DirectX9\dxsetup.exe
      O33 - MountPoints2\{317823eb-160f-11e5-8088-606c662e9342}\Shell\setup\command - "" = F:\instalar.exe
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
      NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
      NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
      NetSvcs:64bit: SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)

      MsConfig:64bit - State: "bootini" - Reg Error: Key error.
      MsConfig:64bit - State: "services" - Reg Error: Key error.

      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2017/12/09 16:55:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
      [2017/12/09 15:12:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
      [2017/12/09 14:46:32 | 008,187,336 | ---- | C] (Malwarebytes) -- C:\Users\Usuario\Desktop\adwcleaner_7.0.5.0.exe
      [2017/12/09 14:13:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Usuario\Desktop\OTL.exe
      [2017/12/09 14:02:21 | 010,427,120 | ---- | C] (Piriform Ltd) -- C:\Users\Usuario\Desktop\ccsetup536.exe
      [2017/12/09 13:59:29 | 000,000,000 | ---D | C] -- C:\AdwCleaner
      [2017/12/09 13:38:07 | 001,790,024 | ---- | C] (Malwarebytes) -- C:\Users\Usuario\Desktop\JunwareRenovalT.exe
      [2017/12/09 13:33:49 | 007,747,104 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Usuario\Desktop\mbam-rules.exe
      [2017/12/06 20:50:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\avast software
      [2017/12/03 20:32:33 | 000,000,000 | ---D | C] -- C:\Users\Usuario\Desktop\SELECCION DE PERSONAL trabajo de integración final
      [2017/11/30 07:24:45 | 000,192,952 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\MbamChameleon.sys
      [2017/11/30 07:24:42 | 000,110,016 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\farflt.sys
      [2017/11/30 07:24:42 | 000,094,144 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mwac.sys
      [2017/11/30 07:24:42 | 000,045,504 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbam.sys
      [2017/11/30 07:24:35 | 000,252,232 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbamswissarmy.sys
      [2017/11/30 07:24:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
      [2017/11/30 07:23:52 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes
      [8 C:\*.tmp files -> C:\*.tmp -> ]
      [2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2017/12/09 17:04:54 | 000,094,144 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\mwac.sys
      [2017/12/09 16:55:38 | 000,000,789 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
      [2017/12/09 15:02:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2017/12/09 15:01:50 | 000,110,016 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\farflt.sys
      [2017/12/09 15:01:50 | 000,045,504 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbam.sys
      [2017/12/09 15:01:33 | 000,252,232 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbamswissarmy.sys
      [2017/12/09 15:00:28 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
      [2017/12/09 15:00:25 | 3331,780,608 | -HS- | M] () -- C:\hiberfil.sys
      [2017/12/09 14:46:40 | 008,187,336 | ---- | M] (Malwarebytes) -- C:\Users\Usuario\Desktop\adwcleaner_7.0.5.0.exe
      [2017/12/09 14:29:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Usuario\Desktop\OTL.exe
      [2017/12/09 1424 | 010,427,120 | ---- | M] (Piriform Ltd) -- C:\Users\Usuario\Desktop\ccsetup536.exe
      [2017/12/09 13:38:10 | 001,790,024 | ---- | M] (Malwarebytes) -- C:\Users\Usuario\Desktop\JunwareRenovalT.exe
      [2017/12/09 13:36:52 | 007,747,104 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Usuario\Desktop\mbam-rules.exe
      [2017/12/09 12:46:23 | 001,801,978 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2017/12/09 12:46:23 | 000,800,318 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
      [2017/12/09 12:46:23 | 000,711,282 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2017/12/09 12:46:23 | 000,163,592 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
      [2017/12/09 12:46:23 | 000,133,150 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
      [2017/12/06 20:28:10 | 000,001,956 | ---- | M] () -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Supervisar alertas de tinta - HP Deskjet 1510 series.lnk
      [2017/11/30 07:24:45 | 000,192,952 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MbamChameleon.sys
      [2017/11/25 20:39:07 | 001,956,894 | ---- | M] () -- C:\Users\Usuario\Desktop\La Inteligencia Emocional - Daniel Goleman.pdf
      [8 C:\*.tmp files -> C:\*.tmp -> ]
      [2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2017/12/09 16:55:38 | 000,000,789 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
      [2017/11/30 07:24:05 | 000,077,440 | ---- | C] () -- C:\Windows\SysNative\drivers\mbae64.sys
      [2017/11/25 20:39:05 | 001,956,894 | ---- | C] () -- C:\Users\Usuario\Desktop\La Inteligencia Emocional - Daniel Goleman.pdf
      [2015/08/10 22:12:42 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
      [2015/04/19 21:30:40 | 000,000,282 | RHS- | C] () -- C:\ProgramData\ntuser.pol
      [2014/05/09 22:45:42 | 000,000,005 | ---- | C] () -- C:\Users\Usuario\AppData\Roaming\mbam.context.scan
      [2013/07/15 20:26:14 | 000,000,005 | ---- | C] () -- C:\Users\Usuario\AppData\Roaming\WBPU-TTL.DAT
      [2013/07/09 10:03:37 | 000,007,601 | ---- | C] () -- C:\Users\Usuario\AppData\Local\Resmon.ResmonCfg
      [2013/07/07 21:49:42 | 000,008,704 | ---- | C] () -- C:\Users\Usuario\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

      ========== ZeroAccess Check ==========

      [2013/06/22 18:15:32 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      "" = C:\Windows\SysNative\shell32.dll -- [2015/08/01 10:56:43 | 019,778,048 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2015/08/01 11:50:55 | 017,562,112 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 00:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 00:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 00:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

      ========== LOP Check ==========

      [2017/12/09 17:03:27 | 000,000,000 | ---D | M] -- C:\Users\Usuario\AppData\Roaming\AIMP3
      [2014/01/30 14:36:35 | 000,000,000 | ---D | M] -- C:\Users\Usuario\AppData\Roaming\Apowersoft
      [2017/06/22 22:51:41 | 000,000,000 | ---D | M] -- C:\Users\Usuario\AppData\Roaming\Audacity
      [2014/04/10 09:01:30 | 000,000,000 | ---D | M] -- C:\Users\Usuario\AppData\Roaming\Autodesk
      [2013/12/13 12:30:49 | 000,000,000 | ---D | M] -- C:\Users\Usuario\AppData\Roaming\AVAST Software
      [2015/02/21 12:36:00 | 000,000,000 | ---D | M] -- C:\Users\Usuario\AppData\Roaming\BitTorrent
      [2017/05/11 20:43:24 | 000,000,000 | ---D | M] -- C:\Users\Usuario\AppData\Roaming\DAEMON Tools Lite
      [2014/02/14 15:50:33 | 000,000,000 | ---D | M] -- C:\Users\Usuario\AppData\Roaming\Digiarty
      [2013/12/13 16:45:05 | 000,000,000 | ---D | M] -- C:\Users\Usuario\AppData\Roaming\DVDVideoSoft
      [2017/07/05 17:54:26 | 000,000,000 | ---D | M] -- C:\Users\Usuario\AppData\Roaming\EncryptStick
      [2015/04/22 21:41:05 | 000,000,000 | ---D | M] -- C:\Users\Usuario\AppData\Roaming\FreeFLVConverter
      [2016/03/10 22:35:41 | 000,000,000 | ---D | M] -- C:\Users\Usuario\AppData\Roaming\HMYGSetting
      [2013/07/25 01:44:32 | 000,000,000 | ---D | M] -- C:\Users\Usuario\AppData\Roaming\Mirillis
      [2013/07/24 23:48:58 | 000,000,000 | ---D | M] -- C:\Users\Usuario\AppData\Roaming\mkvtoolnix
      [2017/12/08 12:04:49 | 000,000,000 | ---D | M] -- C:\Users\Usuario\AppData\Roaming\Movier
      [2013/06/23 10:33:39 | 000,000,000 | ---D | M] -- C:\Users\Usuario\AppData\Roaming\mp3DirectCut
      [2016/11/06 12:12:49 | 000,000,000 | ---D | M] -- C:\Users\Usuario\AppData\Roaming\Searchult
      [2014/01/07 15:32:16 | 000,000,000 | ---D | M] -- C:\Users\Usuario\AppData\Roaming\Swifturn Free Sound Extractor
      [2016/05/19 09:47:45 | 000,000,000 | ---D | M] -- C:\Users\Usuario\AppData\Roaming\TP-LINK
      [2015/02/17 19:01:33 | 000,000,000 | ---D | M] -- C:\Users\Usuario\AppData\Roaming\uTorrent
      [2013/07/24 22:21:18 | 000,000,000 | ---D | M] -- C:\Users\Usuario\AppData\Roaming\WinAVI
      [2013/12/02 18:12:23 | 000,000,000 | ---D | M] -- C:\Users\Usuario\AppData\Roaming\Windows Live Writer
      [2016/04/23 22:21:40 | 000,000,000 | ---D | M] -- C:\Users\Usuario\AppData\Roaming\Wondershare

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2012/07/26 00:44:30 | 000,398,156 | RHS- | M] () -- C:\bootmgr
      [2012/06/02 11:30:55 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT
      [2017/12/09 15:00:25 | 3331,780,608 | -HS- | M] () -- C:\hiberfil.sys
      [2017/12/09 15:00:28 | 1744,830,464 | -HS- | M] () -- C:\pagefile.sys
      [2017/12/09 15:00:28 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
      [8 C:\*.tmp files -> C:\*.tmp -> ]

      < End of report >

    5. #5
      Moderador
      Avatar de @MiguelRiaguel
      Registrado
      dic 2008
      Ubicación
      España
      Mensajes
      12.064

      Re: Notebook lenta y malwarebytes no se conecta con servidor

      Ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro:

      • Para hacerlo descarga >> DelFix.exe en tu escritorio.

        • Doble clic para ejecutarlo.(Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")

        • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

      • Pulsar en Run.

        Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


      Ahora ejecuta de nuevo OTL.exe pero en Modo Seguro.



      1.- Copiar el siguiente texto (excluyendo la palabra Código):

      Código:
      :OTL
      IE:64bit: - HKLM\..\SearchScopes\{6FB69642-E8B8-4FED-B144-D4E06C14C6FF}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MANMJS
      IE - HKLM\..\SearchScopes\{6FB69642-E8B8-4FED-B144-D4E06C14C6FF}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MANMJS
      IE - HKCU\..\SearchScopes,DefaultScope = {6FB69642-E8B8-4FED-B144-D4E06C14C6FF}
      [2014/01/15 18:04:30 | 000,005,137 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\ergative.xml
      O4 - HKLM..\Run: [] File not found
      O8:64bit: - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
      O8:64bit: - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
      O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
      O1364bit: - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O18:64bit: - Protocol\Handler\livecall - No CLSID value found
      O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
      O18:64bit: - Protocol\Handler\msnim - No CLSID value found
      O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
      O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O33 - MountPoints2\{0db09393-11a3-11e4-8014-606c662e9342}\Shell - "" = AutoRun
      O33 - MountPoints2\{0db09393-11a3-11e4-8014-606c662e9342}\Shell\AutoRun\command - "" = "G:\Setup.exe" 
      O33 - MountPoints2\{317823eb-160f-11e5-8088-606c662e9342}\Shell - "" = AutoRun
      O33 - MountPoints2\{317823eb-160f-11e5-8088-606c662e9342}\Shell\AutoRun\command - "" = "F:\autorun.exe" 
      O33 - MountPoints2\{317823eb-160f-11e5-8088-606c662e9342}\Shell\directx\command - "" = F:\DirectX9\dxsetup.exe
      O33 - MountPoints2\{317823eb-160f-11e5-8088-606c662e9342}\Shell\setup\command - "" = F:\instalar.exe
      MsConfig:64bit - State: "bootini" - Reg Error: Key error.
      MsConfig:64bit - State: "services" - Reg Error: Key error.
      [8 C:\*.tmp files -> C:\*.tmp -> ]
      [2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
      
      :Files
      ipconfig /flushdns /c
      ipconfig /registerdns /c
      ipconfig /release /c
      ipconfig /renew /c
      
      :Commands
      [purity]
      [resethosts]
      [emptyflash]
      [emptytemp]
      [emptyjava]
      [createrestorepoint]
      [Reboot]

      2.- Pegar el contenido sobre el apartado: Análisis Personalizados /Código de Reparación.


      3.- Presionar el botón Reparar para comenzar el procedimiento. Presionar OK.


      OTL va a reiniciar el ordenador para completar el procedimiento.

      Guardar el nuevo reporte generado. Copiar y pegarlo en su próxima respuesta, comentando como funciona el Sistema.

      El problema de los virus es pasajero y durará un par de años / John McAfee - fundador de McAfee

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.