• Registrarse
  • Iniciar sesión


  • Resultados 1 al 8 de 8

    Navegador Chrome secuestrado por chromesearch.today (Solucionado)

    Buenas tardes, Desde hace un mes aproximadamente el navegador Chrome, no me permite cambiar el motor de busquedas por defecto. Me aparece "https://chromesearch.today/search....." . En el administrador de motores de busqueda no me permite desactivarlo ...

          
    1. #1
      Usuario Avatar de flyn
      Registrado
      may 2008
      Ubicación
      España
      Mensajes
      8

      Navegador Chrome secuestrado por chromesearch.today (Solucionado)

      Buenas tardes,

      Desde hace un mes aproximadamente el navegador Chrome, no me permite cambiar el motor de busquedas por defecto.
      Me aparece "https://chromesearch.today/search....." . En el administrador de motores de busqueda no me permite desactivarlo en los 3 puntos verticales que aparecen a la derecha. Tampoco me permite poner google por ejemplo como principal. He buscado en Inicio -> Panel de control -> Programas -> y no me aparece ningun "toolbar" ni nada parecido a desinstalar. He probado a desisntalar Chrome y hacer una limpieza con CCleaner. Reinicio el PC y desde Firefox descargo Chrome, lo instalo y vuelva a aparecer. He pasado MalwareBytes actualizado y AVG Free y no detectan nada.

      Como puedo eliminarlo?

      Muchas gracias

    2. #2
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      25.353

      Re: Navegador Chrome secuestrado por chromesearch.today

      Hola flyn

      Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

      1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.

      • Realiza un Análisis Completo, actualizando si te lo pide.
      • Pulsar en “Eliminar Seleccionados” para enviarlo a la cuarentena y Reinicias el sistema.
      • En el apartado del manual "Historial" >> Registros de Aplicación >> Scan Log/Registro de Análisis encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.



      2) Descargar Junkware Removal Tool

      • Desactiva temporalmente el Antivirus
      • Ejecuta JRT.exe, (en Windows 7 u 8 ejecutar como "Administrador")
      • Presiona cualquier tecla para continuar y espera pacientemente a que termine su proceso.
      • Al finalizar, un registro (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.
      • Copia y pega el contenido de JRT.txt en tu próximo mensaje de respuesta



      3) Descarga >> AdwCleaner | InfoSpyware en el escritorio.

      • Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
      • Cierra también todos los programas que tengas abiertos.
      • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botónLimpiar.
      • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistemaAceptas.
      • Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
      • El informe también se puede encontrar en "C:\AdwCleaner\AdwCleaner[C0].txt"



      4) Descarga CCleaner

      • Instala Ccleaner
      • Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine > clic en ejecutar limpiador
      • clic en la pestaña Registro > clic en buscar problemas esperas que termine > clic en Reparar Seleccionadas y haces una copia de seguridad
      • Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.


      Pega los reportes de Malwarebytes, AdwCleaner y JRT y comentas como va el problema.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de flyn
      Registrado
      may 2008
      Ubicación
      España
      Mensajes
      8

      Re: Navegador Chrome secuestrado por chromesearch.today

      Gracias Daniela por responder.
      Aqui te pego los reportes que me has pedido.
      Tras hacer todos los pasos indicados y reiniciar el PC, todo sigue igual.



      Malwarebytes
      www.malwarebytes.com

      -Detalles del registro-
      Fecha del análisis: 22/12/17
      Hora del análisis: 20:25
      Archivo de registro: dab958ae-e74d-11e7-9b87-0018f3c58fcb.json
      Administrador: Sí

      -Información del software-
      Versión: 3.3.1.2183
      Versión de los componentes: 1.0.262
      Versión del paquete de actualización: 1.0.3545
      Licencia: Gratis

      -Información del sistema-
      SO: Windows 7 Service Pack 1
      CPU: x86
      Sistema de archivos: NTFS
      Usuario: Atico\RinconPaladar

      -Resumen del análisis-
      Tipo de análisis: Análisis de amenazas
      Resultado: Completado
      Objetos analizados: 233682
      Amenazas detectadas: 0
      (No hay elementos maliciosos detectados)
      Amenazas en cuarentena: 0
      (No hay elementos maliciosos detectados)
      Tiempo transcurrido: 25 min, 1 seg

      -Opciones de análisis-
      Memoria: Activado
      Inicio: Activado
      Sistema de archivos: Activado
      Archivo: Activado
      Rootkits: Activado
      Heurística: Activado
      PUP: Detectar
      PUM: Detectar

      -Detalles del análisis-
      Proceso: 0
      (No hay elementos maliciosos detectados)

      Módulo: 0
      (No hay elementos maliciosos detectados)

      Clave del registro: 0
      (No hay elementos maliciosos detectados)

      Valor del registro: 0
      (No hay elementos maliciosos detectados)

      Datos del registro: 0
      (No hay elementos maliciosos detectados)

      Secuencia de datos: 0
      (No hay elementos maliciosos detectados)

      Carpeta: 0
      (No hay elementos maliciosos detectados)

      Archivo: 0
      (No hay elementos maliciosos detectados)

      Sector físico: 0
      (No hay elementos maliciosos detectados)


      (end)






      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Junkware Removal Tool (JRT) by Malwarebytes
      Version: 8.1.4 (07.09.2017)
      Operating System: Windows 7 Ultimate x86
      Ran by RinconPaladar (Administrator) on 22/12/2017 at 21:00:00,05
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




      File System: 26

      Failed to delete: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1IS8PK64 (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\RinconPaladar\AppData\Roaming\Mozilla\Firefox\Profiles\r3z2hvdu.default\user.js (File)
      Successfully deleted: C:\Users\RinconPaladar\AppData\Roaming\pdfforge (Folder)
      Successfully deleted: C:\Users\RinconPaladar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1BHNVQVH (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\RinconPaladar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1IS8PK64 (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\RinconPaladar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1JN6HOT3 (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\RinconPaladar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2T7Z9S3I (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\RinconPaladar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8AOKAKD5 (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\RinconPaladar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8TEQPEN (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\RinconPaladar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BKCQKC4W (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\RinconPaladar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C398RQU1 (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\RinconPaladar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FSFO8WIR (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\RinconPaladar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IAMTASPZ (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\RinconPaladar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OQBPK6FJ (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\RinconPaladar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YC0420FE (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1BHNVQVH (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1JN6HOT3 (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2T7Z9S3I (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8AOKAKD5 (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8TEQPEN (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BKCQKC4W (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C398RQU1 (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FSFO8WIR (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IAMTASPZ (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OQBPK6FJ (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YC0420FE (Temporary Internet Files Folder)



      Registry: 1

      Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711} (Registry Key)




      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on 22/12/2017 at 21:03:24,12
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






      # AdwCleaner 7.0.6.0 - Logfile created on Fri Dec 22 20:08:09 2017
      # Updated on 2017/21/12 by Malwarebytes
      # Database: 12-21-2017.1
      # Running on Windows 7 Ultimate (X86)
      # Mode: scan
      # Support: https://www.malwarebytes.com/support

      ***** [ Services ] *****

      No malicious services found.

      ***** [ Folders ] *****

      No malicious folders found.

      ***** [ Files ] *****

      No malicious files found.

      ***** [ DLL ] *****

      No malicious DLLs found.

      ***** [ WMI ] *****

      No malicious WMI found.

      ***** [ Shortcuts ] *****

      No malicious shortcuts found.

      ***** [ Tasks ] *****

      No malicious tasks found.

      ***** [ Registry ] *****

      No malicious registry entries found.

      ***** [ Firefox (and derivatives) ] *****

      No malicious Firefox entries.

      ***** [ Chromium (and derivatives) ] *****

      No malicious Chromium entries.

      *************************

      C:/AdwCleaner/AdwCleaner[C0].txt - [1455 B] - [2017/11/5 17:45:41]
      C:/AdwCleaner/AdwCleaner[C1].txt - [1271 B] - [2017/11/5 18:44:24]
      C:/AdwCleaner/AdwCleaner[S0].txt - [1506 B] - [2017/11/5 17:43:58]
      C:/AdwCleaner/AdwCleaner[S1].txt - [1084 B] - [2017/11/5 18:43:32]


      ########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt ##########

    4. #4
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      25.353

      Re: Navegador Chrome secuestrado por chromesearch.today

      Hola

      Descarga Farbar Recovery Scan Tool segun la arquitectura de tu sistema (32 o 64 bits)

      • La guardas en el escritorio >> Esto es muy importante..
      • Doble clic para ejecutar Frst.exe. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • En la ventana del Disclaimer, presiona Yes.

      • En la nueva ventana que se abre, presiona el botón Scan y espera paciente a que concluya el análisis.
      • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, estos estarán grabados en tu escritorio.

      • Para terminar abres los archivos Frst.txt y Addition.Txt copia y pega todo su contenido en tu próxima respuesta. Utiliza dos mensajes si te dice que es muy largo.


      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de flyn
      Registrado
      may 2008
      Ubicación
      España
      Mensajes
      8

      Re: Navegador Chrome secuestrado por chromesearch.today

      Hola @Daniela de nuevo,

      Te pego los reportes del FarBar Recovery



      Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-12-2017
      Ran by RinconPaladar (administrator) on ATICO (23-12-2017 09:37:11)
      Running from C:\Users\RinconPaladar\Desktop
      Loaded Profiles: RinconPaladar (Available Profiles: RinconPaladar)
      Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: Español (España, internacional)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
      (AMD) C:\Windows\System32\atiesrxx.exe
      (AMD) C:\Windows\System32\atieclxx.exe
      (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
      (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
      (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
      () C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe
      (pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
      (pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
      (Plex, Inc.) C:\Program Files\Plex\Plex Media Server\Plex Update Service.exe
      (Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
      (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
      (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
      (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
      (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
      (Google Inc.) C:\Program Files\Google\Update\1.3.33.7\GoogleCrashHandler.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
      (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
      (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
      (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
      (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
      (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
      (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
      (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe

      ==================== Registry (Whitelisted) ===========================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-02-19] (NVIDIA Corporation)
      HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-09-30] (Advanced Micro Devices, Inc.)
      HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [220288 2017-10-31] (AVG Technologies CZ, s.r.o.)
      HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [302744 2017-11-30] (AVG Technologies CZ, s.r.o.)
      HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-09-14] (Oracle Corporation)
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      HKU\S-1-5-21-4144964436-158748752-787051434-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5496600 2015-01-20] (Piriform Ltd)
      HKU\S-1-5-21-4144964436-158748752-787051434-1001\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-08-11] (Macrovision Corporation)
      HKU\S-1-5-21-4144964436-158748752-787051434-1001\...\MountPoints2: I - I:\HiSuiteDownLoader.exe
      HKU\S-1-5-21-4144964436-158748752-787051434-1001\...\MountPoints2: {274ebfab-9bcb-11e7-902d-806e6f6e6963} - I:\HiSuiteDownLoader.exe
      HKU\S-1-5-21-4144964436-158748752-787051434-1001\...\MountPoints2: {646b5f8a-f946-11e6-b3cf-0018f3c58fcb} - J:\HiSuiteDownLoader.exe
      HKU\S-1-5-21-4144964436-158748752-787051434-1001\...\MountPoints2: {7ed1cf36-66ba-11e6-b80c-0018f3c58fcb} - I:\HiSuiteDownLoader.exe
      HKU\S-1-5-21-4144964436-158748752-787051434-1001\...\MountPoints2: {921c909b-45c2-11e6-b575-0018f3c58fcb} - I:\HiSuiteDownLoader.exe
      HKU\S-1-5-21-4144964436-158748752-787051434-1001\...\MountPoints2: {921c910e-45c2-11e6-b575-0018f3c58fcb} - I:\HiSuiteDownLoader.exe
      HKU\S-1-5-21-4144964436-158748752-787051434-1001\...\MountPoints2: {d04ce75d-8873-11e6-b216-0018f3c58fcb} - I:\HiSuiteDownLoader.exe
      HKU\S-1-5-21-4144964436-158748752-787051434-1001\...\MountPoints2: {d04ce765-8873-11e6-b216-0018f3c58fcb} - I:\HiSuiteDownLoader.exe
      HKU\S-1-5-21-4144964436-158748752-787051434-1001\...\MountPoints2: {d04ce77e-8873-11e6-b216-0018f3c58fcb} - I:\HiSuiteDownLoader.exe
      HKU\S-1-5-21-4144964436-158748752-787051434-1001\...\MountPoints2: {d04ce785-8873-11e6-b216-0018f3c58fcb} - I:\HiSuiteDownLoader.exe
      HKU\S-1-5-21-4144964436-158748752-787051434-1001\...\MountPoints2: {d5788353-86cb-11e5-bd25-0018f3c58fcb} - G:\HiSuiteDownLoader.exe
      HKU\S-1-5-21-4144964436-158748752-787051434-1001\...\MountPoints2: {d578835e-86cb-11e5-bd25-0018f3c58fcb} - H:\HiSuiteDownLoader.exe
      HKU\S-1-5-21-4144964436-158748752-787051434-1001\...\MountPoints2: {f6bc4874-17b0-11e6-b18c-0018f3c58fcb} - I:\HiSuiteDownLoader.exe
      HKU\S-1-5-18\...\Run: [Plex Media Server] => C:\Program Files\Plex\Plex Media Server\Plex Media Server.exe [15947752 2017-06-28] (Plex, Inc.)
      GroupPolicy: Restriction - Chrome <==== ATTENTION
      CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      Tcpip\..\Interfaces\{05592B85-C5D9-41F4-9484-A37155BE2116}: [DhcpNameServer] 192.168.1.1
      Tcpip\..\Interfaces\{5EBC55EB-F503-4EA9-B141-29D8B0A47607}: [DhcpNameServer] 192.168.1.1
      Tcpip\..\Interfaces\{61CA07BB-BBAC-4706-B5E1-F2EFD51E579F}: [DhcpNameServer] 192.168.1.1
      Tcpip\..\Interfaces\{668D9279-FDC3-4DFA-9DA1-658042D2A0FD}: [DhcpNameServer] 192.168.1.1
      Tcpip\..\Interfaces\{997056A5-9F27-49F5-9BAB-BFD056C526C3}: [NameServer] 8.8.8.8,8.8.4.4
      Tcpip\..\Interfaces\{D388BEF7-F497-4573-BB8A-10DD61AAD6AA}: [DhcpNameServer] 192.168.1.1
      Tcpip\..\Interfaces\{D7B994AC-9A5B-400C-954F-6C73BAEA7A76}: [DhcpNameServer] 192.168.1.1
      Tcpip\..\Interfaces\{EDED0F3F-08CB-47F2-8091-8CB2F3300BC7}: [DhcpNameServer] 192.168.1.1

      Internet Explorer:
      ==================
      HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
      HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
      HKU\S-1-5-21-4144964436-158748752-787051434-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://es.msn.com/?ocid=iehp
      SearchScopes: HKLM -> DefaultScope value is missing
      BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-10-12] (Oracle Corporation)
      BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
      BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-10-12] (Oracle Corporation)
      DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab

      FireFox:
      ========
      FF DefaultProfile: r3z2hvdu.default
      FF ProfilePath: C:\Users\RinconPaladar\AppData\Roaming\Mozilla\Firefox\Profiles\t5gvij8v.default-1414874475595 [not found] <==== ATTENTION
      FF ProfilePath: C:\Users\RinconPaladar\AppData\Roaming\Mozilla\Firefox\Profiles\r3z2hvdu.default [2017-12-23]
      FF Homepage: Mozilla\Firefox\Profiles\r3z2hvdu.default -> Google
      FF Extension: (Firebug) - C:\Users\RinconPaladar\AppData\Roaming\Mozilla\Firefox\Profiles\r3z2hvdu.default\Extensions\[email protected] [2017-03-02] [Legacy]
      FF Extension: (MEGA) - C:\Users\RinconPaladar\AppData\Roaming\Mozilla\Firefox\Profiles\r3z2hvdu.default\Extensions\[email protected] [2017-11-17]
      FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\PDF Architect\FFPDFArchitectExt
      FF Extension: (PDF Architect Converter For Firefox) - C:\Program Files\PDF Architect\FFPDFArchitectExt [2014-09-14] [Legacy] [not signed]
      FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-12] ()
      FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1219159.dll [2015-06-26] (Adobe Systems, Inc.)
      FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
      FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2016-09-27] (DivX, LLC)
      FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
      FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-10-12] (Oracle Corporation)
      FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-10-12] (Oracle Corporation)
      FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
      FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
      FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
      FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
      FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-22] (Google Inc.)
      FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-22] (Google Inc.)
      FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
      FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
      FF Plugin HKU\S-1-5-21-4144964436-158748752-787051434-1001: @citrixonline.com/appdetectorplugin -> C:\Users\RinconPaladar\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-07-16] (Citrix Online)

      Chrome:
      =======
      CHR Profile: C:\Users\RinconPaladar\AppData\Local\Google\Chrome\User Data\Default [2017-12-23]
      CHR Extension: (Presentaciones) - C:\Users\RinconPaladar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-22]
      CHR Extension: (Documentos) - C:\Users\RinconPaladar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-22]
      CHR Extension: (Google Drive) - C:\Users\RinconPaladar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-22]
      CHR Extension: (YouTube) - C:\Users\RinconPaladar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-22]
      CHR Extension: (Hojas de cálculo) - C:\Users\RinconPaladar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-22]
      CHR Extension: (Documentos de Google sin conexión) - C:\Users\RinconPaladar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-22]
      CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\RinconPaladar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-22]
      CHR Extension: (Gmail) - C:\Users\RinconPaladar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-22]
      CHR Extension: (Chrome Media Router) - C:\Users\RinconPaladar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-22]
      CHR HKLM\...\Chrome\Extension: [nagnmfhgkjkplbhplkbicmpkfopmnefp] - hxxps://clients2.google.com/service/update2/crx
      CHR HKU\S-1-5-21-4144964436-158748752-787051434-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      S2 AODService; C:\Program Files\AMD\OverDrive\AODAssist.exe [137584 2014-09-19] ()
      R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [282536 2017-11-30] (AVG Technologies CZ, s.r.o.)
      R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [5954792 2017-11-30] (AVG Technologies CZ, s.r.o.)
      R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [1189720 2017-10-31] (AVG Technologies CZ, s.r.o.)
      S3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
      R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [35440 2016-11-28] (Dropbox, Inc.)
      R2 HuaweiHiSuiteService.exe; C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe [155848 2017-07-26] ()
      R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4563920 2017-11-01] (Malwarebytes)
      R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1335344 2014-01-23] (pdfforge GmbH)
      R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [856112 2014-01-23] (pdfforge GmbH)
      R2 PlexUpdateService; C:\Program Files\Plex\Plex Media Server\Plex Update Service.exe [1995240 2017-06-28] (Plex, Inc.)
      S3 VSStandardCollectorService150; C:\Program Files\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [110176 2017-11-09] (Microsoft Corporation)
      S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R2 AODDriver4.3.0; C:\Program Files\AMD\OverDrive\i386\AODDriver2.sys [50888 2014-09-19] (Advanced Micro Devices)
      R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW73.sys [101904 2010-08-16] (ATI Technologies, Inc.)
      R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [149592 2017-11-30] (AVG Technologies CZ, s.r.o.)
      R1 avgbdisk; C:\Windows\System32\drivers\avgbdiskx.sys [135872 2017-11-30] (AVG Technologies CZ, s.r.o.)
      R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriverx.sys [249232 2017-11-30] (AVG Technologies CZ, s.r.o.)
      R0 avgbidsh; C:\Windows\System32\drivers\avgbidshx.sys [151024 2017-11-30] (AVG Technologies CZ, s.r.o.)
      R0 avgblog; C:\Windows\System32\drivers\avgblogx.sys [270344 2017-11-30] (AVG Technologies CZ, s.r.o.)
      R0 avgbuniv; C:\Windows\System32\drivers\avgbunivx.sys [43992 2017-11-30] (AVG Technologies CZ, s.r.o.)
      S3 avgHwid; C:\Windows\System32\drivers\avgHwid.sys [35264 2017-11-30] (AVG Technologies CZ, s.r.o.)
      R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [117368 2017-11-30] (AVG Technologies CZ, s.r.o.)
      R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [91976 2017-11-30] (AVG Technologies CZ, s.r.o.)
      R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [63280 2017-11-30] (AVG Technologies CZ, s.r.o.)
      R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [775552 2017-11-30] (AVG Technologies CZ, s.r.o.)
      R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [381184 2017-11-30] (AVG Technologies CZ, s.r.o.)
      R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [143264 2017-11-30] (AVG Technologies CZ, s.r.o.)
      R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [290776 2017-11-30] (AVG Technologies CZ, s.r.o.)
      S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo32.sys [28304 2015-03-10] ()
      S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [21496 2016-01-14] ()
      R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [59896 2017-12-07] ()
      S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10208 2016-07-11] () [File not signed]
      S3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [91576 2017-11-05] (Malwarebytes)
      S3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [40376 2017-11-05] (Malwarebytes)
      R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [221112 2017-12-23] (Malwarebytes)
      S3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [65824 2017-11-05] (Malwarebytes)
      R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
      S3 dbx; system32\DRIVERS\dbx.sys [X]
      S3 EverestDriver; \??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [X]
      U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2017-07-26] (Huawei Technologies Co., Ltd.)
      S4 nvvad_WaveExtensible; system32\drivers\nvvad32v.sys [X]
      S3 VGPU; System32\drivers\rdvgkmd.sys [X]

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-12-23 09:37 - 2017-12-23 09:37 - 000018197 _____ C:\Users\RinconPaladar\Desktop\FRST.txt
      2017-12-23 09:35 - 2017-12-23 09:35 - 001752576 _____ (Farbar) C:\Users\RinconPaladar\Desktop\FRST.exe
      2017-12-22 21:05 - 2017-12-22 21:05 - 008198432 _____ (Malwarebytes) C:\Users\RinconPaladar\Desktop\adwcleaner_7.0.6.0.exe
      2017-12-22 21:03 - 2017-12-22 21:03 - 000004944 _____ C:\Users\RinconPaladar\Desktop\JRT.txt
      2017-12-22 20:57 - 2017-12-22 21:09 - 000000000 ____D C:\Users\RinconPaladar\Desktop\spyware
      2017-12-22 20:22 - 2017-12-22 20:22 - 008187336 _____ (Malwarebytes) C:\Users\RinconPaladar\Desktop\AdwCleaner.exe
      2017-12-22 20:21 - 2017-12-22 20:21 - 001790024 _____ (Malwarebytes) C:\Users\RinconPaladar\Desktop\JRT.exe
      2017-12-22 19:14 - 2017-12-22 19:14 - 000002211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2017-12-22 19:14 - 2017-12-22 19:14 - 000002199 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2017-12-22 19:08 - 2017-12-22 19:08 - 001129816 _____ (Google Inc.) C:\Users\RinconPaladar\Downloads\ChromeSetup.exe
      2017-12-22 18:55 - 2017-12-22 18:55 - 000001105 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
      2017-12-22 18:46 - 2017-12-22 18:46 - 000000000 ____D C:\Users\RinconPaladar\AppData\Local\Deployment
      2017-12-22 18:46 - 2017-12-22 18:46 - 000000000 ____D C:\Users\RinconPaladar\AppData\Local\Apps\2.0
      2017-12-22 18:31 - 2017-12-22 18:34 - 000000000 ____D C:\Users\RinconPaladar\Downloads\Marcadores Chrome
      2017-12-21 18:19 - 2017-12-21 18:19 - 000017410 _____ C:\Users\RinconPaladar\Downloads\Documento_2017-12-21-18.19.05.471000.pdf
      2017-12-21 17:33 - 2017-12-21 17:33 - 000000000 ____D C:\Program Files\Common Files\AVG
      2017-12-16 20:31 - 2017-12-16 20:31 - 000054784 _____ C:\Users\RinconPaladar\Downloads\plantilla-de-excel-para-nomina.xls
      2017-12-14 21:12 - 2017-12-14 21:12 - 000340293 _____ C:\Users\RinconPaladar\Downloads\White_Hernandez_Eduardo_SI_Tarea_02.pdf
      2017-12-12 19:23 - 2017-12-12 19:23 - 001918040 _____ (Adobe Systems Incorporated) C:\Users\RinconPaladar\Downloads\Photoshop_Set-Up.exe
      2017-12-12 17:45 - 2017-12-12 17:45 - 000000000 ____D C:\Users\RinconPaladar\Downloads\SI_Tarea02
      2017-12-12 17:43 - 2017-12-12 17:43 - 000229602 _____ C:\Users\RinconPaladar\Downloads\SI_Tarea02 (1).zip
      2017-12-11 19:44 - 2017-12-11 19:44 - 000161197 _____ C:\Users\RinconPaladar\Downloads\JMercantil 2 Málaga 19.05.14 (193-13).pdf
      2017-12-11 14:10 - 2017-12-11 14:10 - 000229602 _____ C:\Users\RinconPaladar\Downloads\SI_Tarea02.zip
      2017-12-10 19:06 - 2017-12-10 19:06 - 000000000 ____D C:\Users\RinconPaladar\source
      2017-12-10 19:00 - 2017-12-10 19:08 - 000000000 ____D C:\Users\RinconPaladar\AppData\Local\.IdentityService
      2017-12-09 01:17 - 2017-12-09 01:17 - 000000000 ____D C:\ProgramData\Microsoft Visual Studio
      2017-12-09 01:13 - 2017-12-10 19:05 - 000000000 ____D C:\Users\RinconPaladar\Documents\Visual Studio 2017
      2017-12-09 01:12 - 2017-12-09 01:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
      2017-12-09 01:04 - 2017-12-09 01:04 - 000000000 ____D C:\Program Files\VS2012Schemas
      2017-12-09 01:04 - 2017-12-09 01:04 - 000000000 ____D C:\Program Files\VS2010Schemas
      2017-12-09 01:03 - 2017-12-09 01:03 - 000000000 ____D C:\ProgramData\dftmp
      2017-12-09 01:02 - 2017-12-09 01:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Azure
      2017-12-09 00:50 - 2017-12-09 00:50 - 000000000 ____D C:\Windows\system32\3082
      2017-12-09 00:50 - 2017-12-09 00:50 - 000000000 ____D C:\Windows\system32\1033
      2017-12-09 00:34 - 2017-12-09 00:55 - 000000000 ____D C:\Program Files\Microsoft Web Tools
      2017-12-09 00:33 - 2017-12-09 00:33 - 000000000 ____D C:\Program Files\IIS
      2017-12-09 00:32 - 2017-12-09 00:56 - 000000000 ____D C:\Program Files\IIS Express
      2017-12-09 00:24 - 2017-12-09 00:24 - 000000000 ____D C:\Program Files\Entity Framework Tools
      2017-12-08 23:54 - 2017-12-08 23:54 - 000000000 ____D C:\Program Files\NuGet
      2017-12-08 23:46 - 2017-12-09 00:58 - 000000000 ____D C:\Program Files\Microsoft SQL Server
      2017-12-08 23:43 - 2017-12-08 23:43 - 000000000 ____D C:\Program Files\Microsoft ASP.NET Core Runtime Package Store
      2017-12-08 23:42 - 2017-12-08 23:42 - 000000000 ____D C:\Users\RinconPaladar\.dotnet
      2017-12-08 23:34 - 2017-12-08 23:43 - 000000000 ____D C:\Program Files\dotnet
      2017-12-08 23:31 - 2017-12-08 23:44 - 000000000 ____D C:\Program Files\Windows Kits
      2017-12-08 23:31 - 2017-12-08 23:31 - 000000000 ____D C:\Program Files\Common Files\Designer
      2017-12-08 23:29 - 2017-12-08 23:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017
      2017-12-08 23:25 - 2017-12-08 23:25 - 000001425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017.lnk
      2017-12-08 23:01 - 2017-12-08 23:01 - 003550208 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
      2017-12-08 22:10 - 2017-12-08 22:10 - 000001240 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
      2017-12-08 22:09 - 2017-12-09 01:26 - 000000000 ____D C:\Users\RinconPaladar\AppData\Roaming\Visual Studio Setup
      2017-12-08 22:09 - 2017-12-08 23:56 - 000000000 ____D C:\Program Files\Microsoft Visual Studio
      2017-12-08 22:09 - 2017-12-08 22:09 - 000000000 ____D C:\Users\RinconPaladar\AppData\Roaming\vstelemetry
      2017-12-08 22:09 - 2017-12-08 22:09 - 000000000 ____D C:\Users\RinconPaladar\AppData\Local\ServiceHub
      2017-12-08 21:17 - 2017-12-08 21:17 - 001617376 _____ C:\Users\RinconPaladar\Downloads\nbandroid-12-11-04-193200 (1).zip
      2017-12-08 20:59 - 2017-12-08 20:59 - 000015363 _____ C:\Users\RinconPaladar\Downloads\catalog.xml.gz
      2017-12-08 20:59 - 2017-12-08 20:59 - 000015363 _____ C:\Users\RinconPaladar\Downloads\catalog (1).xml.gz
      2017-12-08 14:37 - 2017-12-08 14:38 - 000000000 ____D C:\Users\RinconPaladar\Documents\NetBeansProjects
      2017-12-08 14:35 - 2017-12-08 14:35 - 000000000 ____D C:\Users\RinconPaladar\AppData\Roaming\NetBeans
      2017-12-08 14:35 - 2017-12-08 14:35 - 000000000 ____D C:\Users\RinconPaladar\AppData\Local\NetBeans
      2017-12-08 14:15 - 2017-12-08 14:16 - 000000000 ____D C:\Program Files\glassfish-4.1.1
      2017-12-08 14:08 - 2017-12-08 14:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
      2017-12-08 14:01 - 2017-12-08 14:21 - 000000000 ____D C:\Program Files\NetBeans 8.2
      2017-12-08 13:59 - 2017-12-08 14:35 - 000000000 ____D C:\Users\RinconPaladar\.nbi
      2017-12-08 13:31 - 2017-12-08 13:31 - 000000000 ____D C:\Users\RinconPaladar\.jmc
      2017-12-08 13:30 - 2017-12-08 13:30 - 000000000 ____D C:\Users\RinconPaladar\.eclipse
      2017-12-07 10:49 - 2017-12-23 09:19 - 000221112 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
      2017-11-30 09:54 - 2017-11-30 09:54 - 000000000 __SHD C:\found.001
      2017-11-30 05:44 - 2017-11-30 05:43 - 000149592 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
      2017-11-30 05:43 - 2017-11-30 05:42 - 000306448 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
      2017-11-24 13:20 - 2017-11-24 13:20 - 000138794 _____ C:\Users\RinconPaladar\Downloads\Ejemplos de requisitos (2).pdf
      2017-11-24 12:48 - 2017-11-24 12:48 - 000138794 _____ C:\Users\RinconPaladar\Downloads\Ejemplos de requisitos (1).pdf

      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-12-23 09:37 - 2017-11-05 18:51 - 000000000 ____D C:\FRST
      2017-12-23 09:34 - 2009-07-14 05:34 - 000034208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2017-12-23 09:34 - 2009-07-14 05:34 - 000034208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2017-12-23 09:18 - 2015-07-14 12:56 - 000000000 ____D C:\ProgramData\NVIDIA
      2017-12-23 09:18 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2017-12-22 21:15 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
      2017-12-22 21:08 - 2014-03-12 09:13 - 000000000 ____D C:\AdwCleaner
      2017-12-22 19:14 - 2014-07-29 02:26 - 000000000 ____D C:\Users\RinconPaladar\AppData\Local\Google
      2017-12-22 19:14 - 2014-07-29 02:26 - 000000000 ____D C:\Program Files\Google
      2017-12-22 19:13 - 2016-12-27 15:28 - 000000000 ____D C:\Users\RinconPaladar\AppData\LocalLow\Mozilla
      2017-12-12 19:19 - 2014-03-09 12:36 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
      2017-12-12 19:19 - 2014-03-09 12:36 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
      2017-12-12 19:19 - 2014-03-09 12:36 - 000000000 ____D C:\Windows\system32\Macromed
      2017-12-10 19:06 - 2014-03-08 18:35 - 000000000 ____D C:\Users\RinconPaladar
      2017-12-09 01:12 - 2014-03-10 11:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
      2017-12-09 01:10 - 2014-03-10 11:50 - 000000000 ____D C:\Program Files\Java
      2017-12-09 01:02 - 2014-03-16 10:32 - 000000000 ____D C:\Program Files\Microsoft SDKs
      2017-12-08 23:49 - 2016-11-30 11:47 - 000000000 ____D C:\ProgramData\Package Cache
      2017-12-08 23:31 - 2009-07-14 03:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
      2017-12-08 23:28 - 2009-07-14 05:52 - 000000000 ____D C:\Program Files\MSBuild
      2017-12-08 22:41 - 2016-11-27 13:33 - 000000000 ____D C:\Users\RinconPaladar\Downloads\El señor de los anillos 1 V.Extendida[BluRay 1080p H265][DTS 5.1-AC3 5.1 Castellano AC3 5.1-Ingles+Subs][ES-EN]
      2017-12-08 22:40 - 2016-11-27 17:13 - 000000000 ____D C:\Users\RinconPaladar\Downloads\El señor de los anillos 3 V.Extendida[BluRay 1080p H265][DTS 5.1-AC3 5.1 Castellano AC3 5.1-Ingles+Subs][ES-EN]
      2017-12-08 22:40 - 2016-11-27 17:13 - 000000000 ____D C:\Users\RinconPaladar\Downloads\El señor de los anillos 2 V.Extendida[BluRay 1080p H265][DTS 5.1-AC3 5.1 Castellano AC3 5.1-Ingles+Subs][ES-EN]
      2017-12-08 22:37 - 2016-10-30 17:51 - 000000000 ____D C:\Para Venta
      2017-12-08 22:37 - 2015-07-09 11:32 - 000000000 ____D C:\lightroom
      2017-12-08 13:29 - 2014-03-10 11:51 - 000000000 ____D C:\ProgramData\Oracle
      2017-12-07 14:19 - 2016-01-19 12:18 - 000000000 ____D C:\Nueva carpeta
      2017-12-07 10:49 - 2017-11-05 13:17 - 000059896 _____ C:\Windows\system32\Drivers\mbae.sys
      2017-12-01 13:01 - 2011-04-12 02:30 - 004904148 _____ C:\Windows\system32\perfh00A.dat
      2017-12-01 13:01 - 2011-04-12 02:30 - 001522050 _____ C:\Windows\system32\perfc00A.dat
      2017-12-01 13:01 - 2010-11-20 22:01 - 000006208 _____ C:\Windows\system32\PerfStringBackup.INI
      2017-11-30 05:44 - 2017-07-10 16:52 - 000381184 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
      2017-11-30 05:43 - 2017-07-10 16:52 - 000290776 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
      2017-11-30 05:43 - 2017-07-10 16:52 - 000143264 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
      2017-11-30 05:43 - 2017-07-10 16:52 - 000117368 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
      2017-11-30 05:43 - 2017-07-10 16:52 - 000063280 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
      2017-11-30 05:43 - 2017-07-10 16:52 - 000035264 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys
      2017-11-30 05:43 - 2017-07-10 16:51 - 000091976 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
      2017-11-30 05:42 - 2017-07-10 16:51 - 000775552 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
      2017-11-30 05:42 - 2017-07-10 16:51 - 000270344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgblogx.sys
      2017-11-30 05:42 - 2017-07-10 16:51 - 000249232 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriverx.sys
      2017-11-30 05:42 - 2017-07-10 16:51 - 000151024 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidshx.sys
      2017-11-30 05:42 - 2017-07-10 16:51 - 000135872 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbdiskx.sys
      2017-11-30 05:42 - 2017-07-10 16:51 - 000043992 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbunivx.sys
      2017-11-30 05:31 - 2015-05-27 08:41 - 000000000 ____D C:\Users\RinconPaladar\AppData\Local\Avg
      2017-11-30 05:31 - 2014-03-07 08:03 - 000000000 ____D C:\Users\UpdatusUser
      2017-11-30 05:31 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\registration

      ==================== Files in the root of some directories =======

      2015-05-13 10:26 - 2015-05-13 10:27 - 020380864 _____ (AEAT) C:\Users\RinconPaladar\Actualizacion_Renta2014_windows_1_20.exe
      2016-05-19 12:15 - 2016-05-19 12:15 - 035296808 _____ (AEAT) C:\Users\RinconPaladar\Renta2015_windows_1_20.exe
      2016-12-06 21:40 - 2016-12-06 22:05 - 000007593 _____ () C:\Users\RinconPaladar\AppData\Local\Resmon.ResmonCfg

      ==================== Bamital & volsnap ======================

      (There is no automatic fix for files that do not pass verification.)

      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

      LastRegBack: 2017-12-20 14:23

      ==================== End of FRST.txt ============================

    6. #6
      Usuario Avatar de flyn
      Registrado
      may 2008
      Ubicación
      España
      Mensajes
      8

      Re: Navegador Chrome secuestrado por chromesearch.today

      Y este es el reporte de Addition.txt


      Additional scan result of Farbar Recovery Scan Tool (x86) Version: 17-12-2017
      Ran by RinconPaladar (23-12-2017 09:38:18)
      Running from C:\Users\RinconPaladar\Desktop
      Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2014-03-08 17:47:44)
      Boot Mode: Normal
      ==========================================================


      ==================== Accounts: =============================

      Administrador (S-1-5-21-4144964436-158748752-787051434-500 - Administrator - Disabled)
      HomeGroupUser$ (S-1-5-21-4144964436-158748752-787051434-1004 - Limited - Enabled)
      Invitado (S-1-5-21-4144964436-158748752-787051434-501 - Limited - Disabled)
      RinconPaladar (S-1-5-21-4144964436-158748752-787051434-1001 - Administrator - Enabled) => C:\Users\RinconPaladar

      ==================== Security Center ========================

      (If an entry is included in the fixlist, it will be removed.)

      AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
      AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

      ==================== Installed Programs ======================

      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

      µTorrent (HKU\S-1-5-21-4144964436-158748752-787051434-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
      Actualización de NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
      Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
      Adobe Dreamweaver CS6 (HKLM\...\{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}) (Version: 12 - Adobe Systems Incorporated)
      Adobe Flash Player 28 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
      Adobe Help Manager (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
      Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.9.159 - Adobe Systems, Inc.)
      Adobe Widget Browser (HKLM\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
      AMD OverDrive (HKLM\...\{EEB605FD-C5F5-4946-90F3-D65C604A9187}) (Version: 4.3.1.0698 - Advanced Micro Devices, Inc.)
      ASUSUpdate (HKLM\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: - )
      ATI Catalyst Install Manager (HKLM\...\{865F8014-4DED-B63D-832A-3FB08FC38479}) (Version: 3.0.795.0 - ATI Technologies, Inc.)
      AVG (HKLM\...\{18B25CA1-A325-4ED8-A494-C764D914D57E}) (Version: 1.211.3 - AVG Technologies) Hidden
      AVG AntiVirus FREE (HKLM\...\AVG Antivirus) (Version: 17.8.3036 - AVG Technologies)
      Biblioteca autentic. de Active Directory para SQL Server (x86) (HKLM\...\{438E24A9-781B-4398-A3D5-4B5721645093}) (Version: 13.1.4001.0 - Microsoft Corporation) Hidden
      Brother MFL-Pro Suite DCP-J140W (HKLM\...\{2FF959E3-FFE4-46C4-96DA-03F26BCFEFCC}) (Version: 1.1.5.0 - Brother Industries, Ltd.)
      ccc-core-static (HKLM\...\{97D2408A-AC76-4ACA-F047-42180975A250}) (Version: 2010.0930.2237.38732 - Nombre de su organización) Hidden
      CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
      ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM\...\{D1844DC3-B378-47CC-AB40-7FC16C79A2CD}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
      Connect Label Design software (HKLM\...\Connect Label Design software) (Version: - )
      Corel Graphics - Windows Shell Extension (HKLM\...\_{761B6C00-A23A-4F17-9D23-CB7E48307314}) (Version: 16.1.0.843 - Corel Corporation)
      Corel Graphics - Windows Shell Extension (HKLM\...\{761B6C00-A23A-4F17-9D23-CB7E48307314}) (Version: 16.1.843 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - Capture (HKLM\...\{74FA94F1-9566-4252-9372-E7EAFFEFE209}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - Common (HKLM\...\{25D69CEE-3EE2-47FD-9A0E-5013240EC953}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - Connect (HKLM\...\{D4EFC6B7-3DA5-400D-9682-9BE287A5440E}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - Custom Data (HKLM\...\{603C6570-2BA1-4FC6-8735-7EFA6D1F6F61}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - Draw (HKLM\...\{C5262276-0075-498B-B80F-7D997482E4DB}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - ES (HKLM\...\{DF3C88FB-50BF-4C31-836F-5962DEFBD191}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - Filters (HKLM\...\{7A2FF332-E4F6-4D87-9EBD-EDFF1216490F}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - FontNav (HKLM\...\{579CA850-B2C3-43F3-A3F6-3A0AE42E8225}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - IPM (HKLM\...\{0084B0C3-F376-42E3-804A-885D249282BD}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - PHOTO-PAINT (HKLM\...\{6F53FB68-6620-423E-B7CD-B8205655B421}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - Photozoom Plugin (HKLM\...\{D4A17D31-2F7B-4682-AD57-467021452909}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - Redist (HKLM\...\{62BEC144-7029-4BF4-B3F2-FA231FB9F84B}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - Setup Files (HKLM\...\{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - VBA (HKLM\...\{879E2460-18F9-48F2-B736-4E814A699504}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - VideoBrowser (HKLM\...\{DDFEB503-D662-4224-82C9-37A5698FDC25}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - VSTA (HKLM\...\{7CCD75BD-5528-4FE1-90D2-392D661A2BF1}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - Writing Tools (HKLM\...\{318FF3D7-0C40-483B-AF92-AF36416B0AC6}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 (HKLM\...\_{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}) (Version: 16.1.0.843 - Corel Corporation)
      CorelDRAW Graphics Suite X6 (HKLM\...\{7F9F6864-8CAB-440C-AF44-030D0135666D}) (Version: 16.1 - Corel Corporation) Hidden
      CPUID CPU-Z 1.77 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
      D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
      DiagnosticsHub_CollectionService (HKLM\...\{23423E04-0600-42DF-922C-62719DE958CF}) (Version: 15.0.27128 - Microsoft Corporation) Hidden
      EaseUS Partition Master 12.5 Trial Edition (HKLM\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS)
      Entity Framework 6.1.3 Tools for Visual Studio 15 (HKLM\...\{F8C0447E-D45C-4E52-94E8-C6340AAC9DB8}) (Version: 6.1.60104.0 - Microsoft Corporation) Hidden
      FileZilla Client 3.7.4.1 (HKLM\...\FileZilla Client) (Version: 3.7.4.1 - Tim Kosse)
      FMW 1 (HKLM\...\{B9B474D5-8B52-4A05-8DA0-CFECB057E523}) (Version: 1.226.3 - AVG Technologies) Hidden
      Galería de fotos (HKLM\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
      Ghostscript GPL 8.64 (Msi Setup) (HKLM\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
      Ghostscript GPL 8.64 (Msi Setup) (HKLM\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
      GlassFish Server Open Source Edition 4.1.1 (HKLM\...\nbi-glassfish-mod-4.1.1.0.1) (Version: - )
      Google Chrome (HKLM\...\Google Chrome) (Version: 63.0.3239.108 - Google Inc.)
      Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
      Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
      HD Tune Pro 5.70 (HKLM\...\HD Tune Pro_is1) (Version: - EFD Software)
      HiSuite (HKLM\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
      Hofmann 10.0.3 (HKLM\...\{D97F86DC-69A7-4B3C-AB78-D6E424BC3D4E}) (Version: 10.0.3 - Hofmann)
      icecap_collection_neutral (HKLM\...\{9149432D-3BEE-4869-B6F5-7A5CF843A612}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
      icecap_collection_x86 (HKLM\...\{3E38CD45-63FB-4EDB-B79A-119BA6EDA8F5}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
      icecap_collectionresources (HKLM\...\{E3B6406A-1012-4169-B120-0842D3DF27C2}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
      IIS 10.0 Express (HKLM\...\{5A0F1F76-4209-42C5-845C-B0CC156CBBA4}) (Version: 10.0.1740 - Microsoft Corporation)
      IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Hidden
      Instalación de DivX (HKLM\...\DivX Setup) (Version: 3.0.0.99 - DivX, LLC)
      Java 8 Update 144 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
      Java SE Development Kit 8 Update 152 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0180152}) (Version: 8.0.1520.16 - Oracle Corporation)
      K-Lite Codec Pack 10.3.5 Full (HKLM\...\KLiteCodecPack_is1) (Version: 10.3.5 - )
      Malwarebytes versión 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
      MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
      Microsoft .NET Core SDK - 2.1.2 (x86) (HKLM\...\{77ab36fb-2add-468f-85ad-0bf72999845c}) (Version: 2.1.2 - Microsoft Corporation)
      Microsoft .NET Framework 4.7.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.02558 - Microsoft Corporation)
      Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
      Microsoft Azure Authoring Tools - v2.9.5.3 (HKLM\...\{086C537B-DE1A-4A11-8441-6AAF076174B8}) (Version: 2.9.8699.20 - Microsoft Corporation)
      Microsoft Azure Compute Emulator - v2.9.5.3 (HKLM\...\Microsoft Azure Compute Emulator - v2.9.5.3) (Version: 2.9.8699.20 - Microsoft Corporation)
      Microsoft Azure Libraries for .NET – v2.9 (HKLM\...\{1DD8FA39-A7B0-444C-984B-BD99CFFD035F}) (Version: 3.0.0127.060 - Microsoft Corporation)
      Microsoft Azure Storage Emulator - v5.2 (HKLM\...\Microsoft Azure Storage Emulator - v5.2) (Version: 5.2.17193.1427 - Microsoft Corporation)
      Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
      Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
      Microsoft SQL Server 2012 Native Client (HKLM\...\{FB413D76-0702-4F56-9A53-E423540515EB}) (Version: 11.3.6518.0 - Microsoft Corporation)
      Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{B73BA9F1-A4F3-45F1-9229-ECD7EFD46789}) (Version: 12.0.2000.8 - Microsoft Corporation)
      Microsoft System CLR Types para SQL Server 2017 CTP2.1 (HKLM\...\{7A891D71-0623-4597-A912-1FE534FA7383}) (Version: 14.0.600.250 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
      Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.14.151.1127 - Microsoft Corporation)
      Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual Studio Tools for Applications 2.0 Language Pack - ESN (HKLM\...\{6D972506-DC01-39BC-A5DD-06DA86E00031}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - ESN (HKLM\...\{4A28444E-0532-3264-B07D-5AFE590E30BE}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Web Deploy 3.6 (HKLM\...\{34105A8E-2F8F-45C2-922D-4D0394C893E2}) (Version: 10.0.1981 - Microsoft Corporation)
      Movie Maker (HKLM\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
      Movie Maker (HKLM\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
      Mozilla Firefox 54.0.1 (x86 es-ES) (HKLM\...\Mozilla Firefox 54.0.1 (x86 es-ES)) (Version: 54.0.1 - Mozilla)
      Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
      MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
      MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
      NetBeans IDE 8.2 (HKLM\...\nbi-nb-base-8.2.0.0.201610071157) (Version: 8.2 - NetBeans.org)
      Notepad++ (HKLM\...\Notepad++) (Version: 6.1.5 - )
      NVIDIA Controlador de 3D Vision 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
      NVIDIA Controlador de gráficos 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
      NVIDIA PhysX (HKLM\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)
      OpenOffice 4.0.1 (HKLM\...\{52F63384-0FE8-41F5-B9C1-3331BE2E74F1}) (Version: 4.01.9714 - Apache Software Foundation)
      Panel de control de NVIDIA 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 341.44 - NVIDIA Corporation) Hidden
      Paquete acumulativo de Intellisense de Microsoft .NET Framework para Visual Studio (español) (HKLM\...\{A8F7ACD7-A4E4-42FD-A978-DB6488DD6B3A}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
      PDF Architect (HKLM\...\{86D8A96B-1911-4C3F-AA16-0B47E053E492}) (Version: 1.2.97.14551 - pdfforge GmbH)
      PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
      PerformanceTest v8.0 (HKLM\...\PerformanceTest 8_is1) (Version: 8.0.1054.0 - Passmark Software)
      Plex Media Server (HKLM\...\{763A44F9-11ED-4C90-B79F-01077108135B}) (Version: 1.7.4035 - Plex, Inc.) Hidden
      Plex Media Server (HKLM\...\{d30c30f4-3b8f-4a97-83a8-ade21eb5089e}) (Version: 1.7.5.4035 - Plex, Inc.)
      Renta 2014 1.20 (HKLM\...\8330-1526-1221-2374) (Version: 1.20 - AEAT)
      Renta 2015 1.20 (HKLM\...\9648-5771-9114-3169) (Version: 1.20 - AEAT)
      Revisión para Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM\...\{6D972506-DC01-39BC-A5DD-06DA86E00031}.KB947789) (Version: 1 - Microsoft Corporation)
      Riot - Radical Image Optimization Tool (HKLM\...\Riot) (Version: - )
      SD Card Formatter (HKLM\...\{10C16E01-F739-4093-89A7-E570589FA0F6}) (Version: 5.0.0 - SD Association)
      SDK de Microsoft .NET Framework 4.6.1 (español) (HKLM\...\{07570008-8840-4A14-A752-1367157138A5}) (Version: 4.6.01055 - Microsoft Corporation) Hidden
      Spotify (HKU\S-1-5-21-4144964436-158748752-787051434-1001\...\Spotify) (Version: 1.0.62.508.g2c497f24 - Spotify AB)
      Stopping Plex (HKLM\...\{64DC32A4-FE15-4054-AC6C-421DE509BF51}) (Version: 1.7.4035 - Plex, Inc.) Hidden
      swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
      Telegram Desktop version 1.1.23 (HKU\S-1-5-21-4144964436-158748752-787051434-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.1.23 - Telegram Messenger LLP)
      TypeScript SDK (HKLM\...\{B08D05BC-7897-4616-B34C-95B58D07650C}) (Version: 2.5.4.0 - Microsoft Corporation) Hidden
      Universal Adb Driver (HKLM\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
      Update for (KB2504637) (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
      Update Manager (HKLM\...\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}) (Version: 4.60 - Corel Corporation) Hidden
      VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
      vcpp_crt.redist.clickonce (HKLM\...\{31B83FA2-E0F4-4155-B5DE-BEA2406E8B01}) (Version: 14.12.25830 - Microsoft Corporation) Hidden
      Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
      Visual Studio Community 2017 (HKLM\...\56c8cf42) (Version: 15.5.27130.2003 - Microsoft Corporation)
      VS Script Debugging Common (HKLM\...\{9D219D8F-0DE3-40F5-ADAD-C15A028CF0BB}) (Version: 16.0.76.0 - Microsoft Corporation) Hidden
      VS WCF Debugging (HKLM\...\{6FC12482-EF2E-4393-8302-D29264DA5264}) (Version: 16.0.76.0 - Microsoft Corporation) Hidden
      vs_clickoncebootstrappermsi (HKLM\...\{A68D7884-F036-4A0D-AE1A-410E0311E135}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
      vs_clickoncebootstrappermsires (HKLM\...\{91DDDFB5-1782-48C2-BA2A-8F4D9DE39D27}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
      vs_clickoncesigntoolmsi (HKLM\...\{6A1ECF65-2CBF-4B33-9D4A-D1C0A0E5FE45}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
      vs_communitymsi (HKLM\...\{595F5D63-8773-4182-A1E0-EC9ECF4B6EA4}) (Version: 15.0.27102 - Microsoft Corporation) Hidden
      vs_communitymsires (HKLM\...\{340226AB-D0EF-4715-A331-AB3A416B5018}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
      vs_devenvmsi (HKLM\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
      vs_filehandler_x86 (HKLM\...\{A57BD1C0-42AD-42F8-AFEB-FAC7E6ABB005}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
      vs_FileTracker_Singleton (HKLM\...\{70F69B4F-7950-4841-8139-5D0C7EDD2FE6}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
      vs_minshellinteropmsi (HKLM\...\{231C8ADB-BF59-458E-A909-CFA825F46388}) (Version: 15.0.27102 - Microsoft Corporation) Hidden
      vs_minshellmsi (HKLM\...\{9CDD69A2-765A-4970-AB6B-595A740C614F}) (Version: 15.0.27019 - Microsoft Corporation) Hidden
      vs_minshellmsires (HKLM\...\{E70CC1B8-7ED5-4495-9C52-603FE87F38F4}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
      vs_SQLClickOnceBootstrappermsi (HKLM\...\{5779B6DD-604A-41CE-BC3D-9D4BDDA22AD2}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
      vs_tipsmsi (HKLM\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
      Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
      WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
      XAMPP (HKLM\...\xampp) (Version: 1.8.3-4 - Bitnami)

      ==================== Custom CLSID (Whitelisted): ==========================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      CustomCLSID: HKU\S-1-5-21-4144964436-158748752-787051434-1001_Classes\CLSID\{037FB476-15E0-4ED1-B11A-E420B750B1A8}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
      CustomCLSID: HKU\S-1-5-21-4144964436-158748752-787051434-1001_Classes\CLSID\{2837E0FE-686B-4CB0-BE53-0EA097EAF71B}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
      CustomCLSID: HKU\S-1-5-21-4144964436-158748752-787051434-1001_Classes\CLSID\{5AFAFE48-7107-4FE5-B21A-86A4254541DD}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
      CustomCLSID: HKU\S-1-5-21-4144964436-158748752-787051434-1001_Classes\CLSID\{5B7524C8-2446-40E9-9474-94A779DBA224}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
      CustomCLSID: HKU\S-1-5-21-4144964436-158748752-787051434-1001_Classes\CLSID\{621D3650-F1D3-414C-97F9-03A02B211261}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
      CustomCLSID: HKU\S-1-5-21-4144964436-158748752-787051434-1001_Classes\CLSID\{623E415A-22EF-4DAA-A2FF-E68E77A673C9}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
      CustomCLSID: HKU\S-1-5-21-4144964436-158748752-787051434-1001_Classes\CLSID\{885BB46A-3F1E-44C3-A01B-A7D9260CC98B}\InprocServer32 -> C:\Windows\Downloaded Program Files\dwusplay.dll (InstallShield Software Corporation)
      CustomCLSID: HKU\S-1-5-21-4144964436-158748752-787051434-1001_Classes\CLSID\{915C2CEB-216B-4B7C-89E4-9ED3512D58D9}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
      CustomCLSID: HKU\S-1-5-21-4144964436-158748752-787051434-1001_Classes\CLSID\{92C5E738-7372-4CD6-BE57-15833624EBF3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
      CustomCLSID: HKU\S-1-5-21-4144964436-158748752-787051434-1001_Classes\CLSID\{9CAAD2EA-177B-4D07-871F-47255B5D30F3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
      CustomCLSID: HKU\S-1-5-21-4144964436-158748752-787051434-1001_Classes\CLSID\{B391A1DB-28C8-4506-A43C-5BD6051F16BA}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
      CustomCLSID: HKU\S-1-5-21-4144964436-158748752-787051434-1001_Classes\CLSID\{E42CE23D-69F9-480A-A15F-BFF5E4D170C3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
      CustomCLSID: HKU\S-1-5-21-4144964436-158748752-787051434-1001_Classes\CLSID\{E50C953D-311A-481B-8F8D-C55E65AF7417}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
      CustomCLSID: HKU\S-1-5-21-4144964436-158748752-787051434-1001_Classes\CLSID\{E9880553-B8A7-4960-A668-95C68BED571E}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
      CustomCLSID: HKU\S-1-5-21-4144964436-158748752-787051434-1001_Classes\CLSID\{E9A93328-79D4-4AED-A778-146E7191F8BC}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
      CustomCLSID: HKU\S-1-5-21-4144964436-158748752-787051434-1001_Classes\CLSID\{F1522EC1-F84F-4CE2-A38C-F9384B0DFD41}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
      CustomCLSID: HKU\S-1-5-21-4144964436-158748752-787051434-1001_Classes\CLSID\{FFF2D28F-E4EE-44D9-8104-8E71556757F6}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
      ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
      ContextMenuHandlers1: [ANotepad++] -> {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593} => C:\Program Files\Notepad++\NppShell_05.dll [2012-06-18] ()
      ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2017-11-30] (AVG Technologies CZ, s.r.o.)
      ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => -> No File
      ContextMenuHandlers1: [PDFArchitectExtension] -> {DBDB3433-0E01-40CE-A026-D9F54FAC3CA9} => C:\Program Files\PDF Architect\ContextMenuExt.dll [2014-01-23] (pdfforge GmbH)
      ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
      ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
      ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
      ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [2010-09-30] (Advanced Micro Devices, Inc.)
      ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-02-04] (NVIDIA Corporation)
      ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2017-11-30] (AVG Technologies CZ, s.r.o.)
      ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
      ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)

      ==================== Scheduled Tasks (Whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      Task: {11352F38-A4F9-4E4C-B0B9-E1AB2175A1CA} - System32\Tasks\Servicio de actualización del software de InstallShield => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11] (Macrovision Corporation)
      Task: {4272A32E-5256-45F9-B4FC-C85E6908CF19} - System32\Tasks\Programa de actualización online de InstallShield Software => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-08-11] (Macrovision Corporation)
      Task: {45680AAD-E4A4-43DE-AD9E-88193A09184B} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2017-12-21] (AVG Technologies CZ, s.r.o.)
      Task: {46E3099A-6C32-467F-AD5B-0EC834CBABB1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-12-22] (Google Inc.)
      Task: {481D070B-40CA-4F5A-B5FF-97DC71774B3B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-12] (Adobe Systems Incorporated)
      Task: {4A6A3DFA-FBE1-414B-B539-3FF09EFE7E0A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-12-22] (Google Inc.)
      Task: {55AB8F7B-7BE2-424F-A9FA-FEE27A83E6F8} - System32\Tasks\{86E80D63-853C-4EE9-9F15-1BBAE4D5B87D} => C:\Windows\system32\pcalua.exe -a C:\Users\RINCON~1\AppData\Local\Temp\jre-8u131-windows-au.exe -d "C:\Program Files\Common Files\Java\Java Update" -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
      Task: {69C38E8F-1D74-405E-96A4-2ACE9E0FFBA2} - System32\Tasks\Open Hardware Monitor\Startup => C:\Users\RinconPaladar\Downloads\openhardwaremonitor-v0.8.0-beta\OpenHardwareMonitor\OpenHardwareMonitor.exe [2016-11-06] ()
      Task: {6CC110C8-C47F-4131-8972-F2A568C6E706} - System32\Tasks\{9191123D-F3F3-4FC1-B107-8206EB264BF0} => C:\Windows\system32\pcalua.exe -a "D:\copia Iocean X7s\USB_VCOM_drivers\InstallDriver.exe" -d "D:\copia Iocean X7s\USB_VCOM_drivers"
      Task: {81379AB9-F08D-473E-95AF-B1570EE8EB4A} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
      Task: {81379AB9-F08D-473E-95AF-B1570EE8EB4A} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2015-12-08] (Microsoft Corporation)
      Task: {8669A78B-F4C1-4578-A9AC-2647ED9C37D8} - System32\Tasks\{E0B73CC7-3A83-405A-BCBC-FAD99D9A5968} => C:\Windows\system32\pcalua.exe -a "D:\copia Iocean X7s\Driver_Auto_Installer\Driver_Auto_Installer\SmartPhoneDriver\x86\spinstall.exe" -d "D:\copia Iocean X7s\Driver_Auto_Installer\Driver_Auto_Installer\SmartPhoneDriver\x86"
      Task: {8D6CE53B-FF2E-45CD-858C-CD40B30065AD} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2017-09-14] (Oracle Corporation)
      Task: {AC6BF6DD-9912-4F68-8F4A-F272B6B5DB3D} - System32\Tasks\{06B5AF53-8AD6-4FAE-BDE3-FEB9EAB82991} => C:\Windows\system32\pcalua.exe -a "G:\actualizacion X7S\Driver_Auto_Installer\Driver_Auto_Installer\FeaturePhoneDriver\v1.1032.1\InstallDriver.exe" -d "G:\actualizacion X7S\Driver_Auto_Installer\Driver_Auto_Installer"
      Task: {AE4D4EEC-F362-49FE-9F98-D1A00668D835} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
      Task: {AE4D4EEC-F362-49FE-9F98-D1A00668D835} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2015-12-08] (Microsoft Corporation)
      Task: {B3DD130F-CC6E-41EE-8C2D-E04D9E7C055E} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
      Task: {BB56EF38-0209-4358-BF68-B06A5FC4B6F5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
      Task: {D836964E-3FB8-4C5D-B5F3-D87591567741} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
      Task: {D836964E-3FB8-4C5D-B5F3-D87591567741} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2015-12-08] (Microsoft Corporation)
      Task: {E860883E-B6AB-4B46-8CAA-BD375E941EA2} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
      Task: {E860883E-B6AB-4B46-8CAA-BD375E941EA2} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
      Task: {E860883E-B6AB-4B46-8CAA-BD375E941EA2} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [2015-12-08] (Microsoft Corporation)
      Task: {EAF82B41-485D-46E9-A6AA-157384CD61C1} - System32\Tasks\DivXUpdate => C:\Program Files\Common Files\DivX Shared\Qt4.8\DivXUpdate.exe [2016-09-22] (DivX, LLC)
      Task: {F8A19B6B-9BB7-401E-B05F-D41B3B2889A5} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [2017-11-30] (AVG Technologies CZ, s.r.o.)

      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


      ==================== Shortcuts & WMI ========================

      (The entries could be listed to be restored or removed.)


      ==================== Loaded Modules (Whitelisted) ==============

      2017-11-30 05:42 - 2017-11-30 05:42 - 000060160 _____ () C:\Program Files\AVG\Antivirus\module_lifetime.dll
      2017-11-30 05:42 - 2017-11-30 05:42 - 000168216 _____ () C:\Program Files\AVG\Antivirus\JsonRpcServer.dll
      2017-11-30 05:42 - 2017-11-30 05:42 - 000238928 _____ () C:\Program Files\AVG\Antivirus\event_routing_rpc.dll
      2017-11-30 05:42 - 2017-11-30 05:42 - 000245704 _____ () C:\Program Files\AVG\Antivirus\tasks_core.dll
      2017-11-30 05:42 - 2017-11-30 05:42 - 000152224 _____ () C:\Program Files\AVG\Antivirus\network_notifications.dll
      2017-12-22 17:03 - 2017-12-22 17:03 - 005763384 _____ () C:\Program Files\AVG\Antivirus\defs\17122204\algo.dll
      2017-11-30 05:42 - 2017-11-30 05:42 - 000711176 _____ () C:\Program Files\AVG\Antivirus\ffl2.dll
      2017-11-30 05:42 - 2017-11-30 05:42 - 000246728 _____ () C:\Program Files\AVG\Antivirus\streamback.dll
      2017-07-26 08:58 - 2017-07-26 08:58 - 000155848 _____ () C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe
      2017-06-28 05:02 - 2017-06-28 05:02 - 000083432 _____ () C:\Program Files\Plex\Plex Media Server\zlib.dll
      2017-06-28 05:02 - 2017-06-28 05:02 - 000203240 _____ () C:\Program Files\Plex\Plex Media Server\libidn.dll
      2017-11-05 13:17 - 2017-12-07 10:49 - 001934792 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
      2017-11-30 05:42 - 2017-11-30 05:42 - 000143912 _____ () c:\Program Files\AVG\Antivirus\vaarclient.dll
      2014-02-11 20:29 - 2014-02-11 20:29 - 000093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
      2012-06-18 16:24 - 2012-06-18 16:24 - 000260096 _____ () C:\Program Files\Notepad++\NppShell_05.dll
      2017-07-10 16:47 - 2017-07-10 16:46 - 048920064 _____ () C:\Program Files\AVG\UiDll\2623\libcef.dll
      2015-01-21 03:06 - 2015-01-21 03:06 - 000061440 _____ () C:\Program Files\CCleaner\lang\lang-1034.dll
      2017-07-10 16:51 - 2017-07-10 16:51 - 067109376 _____ () C:\Program Files\AVG\Antivirus\libcef.dll
      2010-04-12 16:59 - 2010-04-12 16:59 - 000430080 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
      2010-09-30 22:36 - 2010-09-30 22:36 - 000270336 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

      ==================== Alternate Data Streams (Whitelisted) =========

      (If an entry is included in the fixlist, only the ADS will be removed.)

      AlternateDataStreams: C:\Users\RinconPaladar\Downloads\IMG-20160619-WA0030.jpg:com.dropbox.attributes [168]
      AlternateDataStreams: C:\Users\RinconPaladar\Downloads\IMG-20160626-WA0025.jpg:com.dropbox.attributes [168]
      AlternateDataStreams: C:\Users\RinconPaladar\Downloads\IMG-20160831-WA0007.jpg:com.dropbox.attributes [168]
      AlternateDataStreams: C:\Users\RinconPaladar\Downloads\IMG_20160904_160917.jpg:com.dropbox.attributes [168]

      ==================== Safe Mode (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"

      ==================== Association (Whitelisted) ===============

      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


      ==================== Internet Explorer trusted/restricted ===============

      (If an entry is included in the fixlist, it will be removed from the registry.)


      ==================== Hosts content: ===============================

      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

      2009-07-14 03:04 - 2017-11-05 21:21 - 000001022 _____ C:\Windows\system32\Drivers\etc\hosts


      ==================== Other Areas ============================

      (Currently there is no automatic fix for this section.)

      HKU\S-1-5-21-4144964436-158748752-787051434-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\RinconPaladar\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
      DNS Servers: 8.8.8.8 - 8.8.4.4
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
      Windows Firewall is enabled.

      ==================== MSCONFIG/TASK MANAGER disabled items ==

      MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
      MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
      MSCONFIG\startupreg: ISUSPM Startup => "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup

      ==================== FirewallRules (Whitelisted) ===============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      FirewallRules: [{45134D0F-3A8E-4F1C-A974-A36C85962AE7}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
      FirewallRules: [{DAB61A75-C06F-4A18-850F-00A32E786C97}] => (Allow) LPort=54925
      FirewallRules: [TCP Query User{2160A1D9-CB13-47A6-B3F4-5BCC8748C965}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
      FirewallRules: [UDP Query User{BBD752D3-6DBA-4FEC-9DF8-7912B6D70EB2}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
      FirewallRules: [TCP Query User{78DC5148-03AD-4E4C-AA37-CD0904BE360B}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
      FirewallRules: [UDP Query User{694D8CAA-7001-4E48-A6FC-8FAA34F91379}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
      FirewallRules: [TCP Query User{D4EA3CF6-F905-4A7C-8925-12E31F260B55}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
      FirewallRules: [UDP Query User{52BEE6DB-C1FC-421F-A391-4DA84335579C}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
      FirewallRules: [TCP Query User{9EFE97C5-4233-48D0-9A61-318F072E43B9}C:\users\rinconpaladar\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rinconpaladar\appdata\roaming\spotify\spotify.exe
      FirewallRules: [UDP Query User{161147C2-1C5B-4FC9-BD93-0A3D856EBE75}C:\users\rinconpaladar\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rinconpaladar\appdata\roaming\spotify\spotify.exe
      FirewallRules: [TCP Query User{227B161B-BF65-4314-A8CC-DADCAA37B316}C:\users\rinconpaladar\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rinconpaladar\appdata\roaming\spotify\spotify.exe
      FirewallRules: [UDP Query User{31F38057-14A9-455F-8842-823D55E3B0C5}C:\users\rinconpaladar\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rinconpaladar\appdata\roaming\spotify\spotify.exe
      FirewallRules: [{0BC003B4-71C0-4ADF-85AD-CE2DF6227181}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
      FirewallRules: [{107F1A37-DC5A-4802-9044-E16D51ADD867}] => (Allow) LPort=2869
      FirewallRules: [{B2970022-68F9-43AF-975E-602DECDFAD0B}] => (Allow) LPort=1900
      FirewallRules: [{687863D7-81D9-4059-BDB6-05046F8F900B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
      FirewallRules: [{AE63AE9F-7961-4F89-9AA9-9936E2E43F85}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
      FirewallRules: [TCP Query User{9948A6B6-E7DE-4C8E-8187-923D9CBE0CDB}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
      FirewallRules: [UDP Query User{C999E279-F56F-4492-A2F6-C1A7E6095A97}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
      FirewallRules: [TCP Query User{AA56F85C-7056-424D-AA9C-B6F375A4B6BB}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
      FirewallRules: [UDP Query User{3497B0FF-E149-4193-A05E-6889F9BD84E4}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
      FirewallRules: [TCP Query User{B0F4ADE3-DBE7-429F-8BB6-2ED6FA49807A}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
      FirewallRules: [UDP Query User{362E3484-0724-478D-A42B-D97F8A7B35D1}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
      FirewallRules: [{21177A3C-6DBF-4BEA-8573-4B73D10FED77}] => (Block) %ProgramFiles%\Common Files\Protexis\License Service\PsiService_2.exe
      FirewallRules: [{285C650C-37B6-4257-AFBF-E57B28A51910}] => (Block) %ProgramFiles%\Common Files\Protexis\License Service\PsiService_2.exe
      FirewallRules: [{7D515A87-7B50-4D02-AB4B-68A1EEA04E39}] => (Allow) C:\Users\RinconPaladar\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{83AD3EAE-FC4E-4ABA-9B37-4FDB4674D161}] => (Allow) C:\Users\RinconPaladar\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{3B13E535-19E2-487D-946F-434F67803A67}] => (Allow) C:\Users\RinconPaladar\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{2A8ADB98-4D8E-4BFE-A5D6-D7BCAEF6C508}] => (Allow) C:\Users\RinconPaladar\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{0BD7B9F1-377D-4ED9-816C-A461E09B4EF4}] => (Allow) C:\Users\RinconPaladar\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{8F81DFB2-DFCE-4E77-A029-71122E8F1765}] => (Allow) C:\Users\RinconPaladar\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{01A03747-4563-424C-A3FE-51AA76DAC2CA}] => (Allow) C:\Program Files\Plex\Plex Media Server\Plex Media Server.exe
      FirewallRules: [{3725B2F6-2413-4B98-A047-021B75CD219E}] => (Allow) C:\Program Files\Plex\Plex Media Server\PlexScriptHost.exe
      FirewallRules: [{F8C14304-CA8D-4F08-B35D-4536C2E1FECE}] => (Allow) C:\Program Files\Plex\Plex Media Server\Plex DLNA Server.exe
      FirewallRules: [{C359D3A5-F35C-46A5-A554-36A2EE503E7D}] => (Allow) C:\Program Files\Plex\Plex Media Server\Plex Tuner Service.exe
      FirewallRules: [TCP Query User{40DD4DF1-0247-41A4-B879-7162143EEDD8}C:\program files\divx\divx media server\divxmediaserver.exe] => (Allow) C:\program files\divx\divx media server\divxmediaserver.exe
      FirewallRules: [UDP Query User{1548CEBA-4FB3-408F-A30F-765F432ABD0B}C:\program files\divx\divx media server\divxmediaserver.exe] => (Allow) C:\program files\divx\divx media server\divxmediaserver.exe
      FirewallRules: [TCP Query User{5FE410A3-5004-4908-9D70-0EACB5F64143}C:\program files\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files\divx\divx media server\divxmediaserver.exe
      FirewallRules: [UDP Query User{128FCDC3-EE3E-42B5-9A61-C9EDEE28076B}C:\program files\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files\divx\divx media server\divxmediaserver.exe
      FirewallRules: [TCP Query User{FA33F8E5-7224-45A2-AB83-DBE764A43D08}C:\program files\java\jdk1.8.0_152\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_152\bin\jmc.exe
      FirewallRules: [UDP Query User{213F6BA3-860F-4D52-A736-CF609228CA3F}C:\program files\java\jdk1.8.0_152\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_152\bin\jmc.exe
      FirewallRules: [{8A784721-2F71-49F8-A64F-5EA7506D4CF1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

      ==================== Restore Points =========================

      08-12-2017 23:47:15 Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810
      08-12-2017 23:49:28 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
      09-12-2017 00:52:47 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
      16-12-2017 11:28:27 Punto de control programado
      22-12-2017 21:00:02 JRT Pre-Junkware Removal

      ==================== Faulty Device Manager Devices =============


      ==================== Event log errors: =========================

      Application errors:
      ==================
      Error: (12/23/2017 09:38:21 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
      Description: El Administrador de ventanas de escritorio detectó un error irrecuperable (0x8898009b)

      Error: (12/23/2017 09:29:27 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
      Description: .NET Runtime version 4.0.30319.0 - Error al inicializar la infraestructura de asociación de la API de generación de perfiles. Este proceso no permitirá que se asocie un generador de perfiles. HRESULT: 0x80004005. Id. de proceso (decimal): 880. Id. de mensaje: [0x2509].

      Error: (12/23/2017 09:27:02 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
      Description: .NET Runtime version 4.0.30319.0 - Error al inicializar la infraestructura de asociación de la API de generación de perfiles. Este proceso no permitirá que se asocie un generador de perfiles. HRESULT: 0x80004005. Id. de proceso (decimal): 5304. Id. de mensaje: [0x2509].

      Error: (12/23/2017 09:19:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
      Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

      Error: (12/23/2017 09:18:54 AM) (Source: DbxSvc) (EventID: 320) (User: )
      Description: Failed to connect to the driver: (-2147024894) El sistema no puede encontrar el archivo especificado.

      Error: (12/22/2017 09:47:07 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
      Description: .NET Runtime version 4.0.30319.0 - Error al inicializar la infraestructura de asociación de la API de generación de perfiles. Este proceso no permitirá que se asocie un generador de perfiles. HRESULT: 0x80004005. Id. de proceso (decimal): 2248. Id. de mensaje: [0x2509].

      Error: (12/22/2017 09:42:34 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
      Description: .NET Runtime version 4.0.30319.0 - Error al inicializar la infraestructura de asociación de la API de generación de perfiles. Este proceso no permitirá que se asocie un generador de perfiles. HRESULT: 0x80004005. Id. de proceso (decimal): 4468. Id. de mensaje: [0x2509].

      Error: (12/22/2017 09:42:29 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
      Description: .NET Runtime version 4.0.30319.0 - Error al inicializar la infraestructura de asociación de la API de generación de perfiles. Este proceso no permitirá que se asocie un generador de perfiles. HRESULT: 0x80004005. Id. de proceso (decimal): 3612. Id. de mensaje: [0x2509].

      Error: (12/22/2017 09:15:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
      Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

      Error: (12/22/2017 09:15:24 PM) (Source: DbxSvc) (EventID: 320) (User: )
      Description: Failed to connect to the driver: (-2147024894) El sistema no puede encontrar el archivo especificado.


      System errors:
      =============
      Error: (12/23/2017 09:23:58 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
      Description: El servicio Protocolo de resolución de nombres de mismo nivel se cerró con el siguiente error:
      %%-2140993535

      Error: (12/23/2017 09:23:58 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
      Description: El servicio Agrupación de red del mismo nivel depende del servicio Protocolo de resolución de nombres de mismo nivel, el cual no pudo iniciarse debido al siguiente error:
      %%-2140993535

      Error: (12/23/2017 09:23:58 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
      Description: El servicio Protocolo de resolución de nombres de mismo nivel se cerró con el siguiente error:
      %%-2140993535

      Error: (12/23/2017 09:23:58 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
      Description: El servicio Agrupación de red del mismo nivel depende del servicio Protocolo de resolución de nombres de mismo nivel, el cual no pudo iniciarse debido al siguiente error:
      %%-2140993535

      Error: (12/23/2017 09:23:58 AM) (Source: PNRPSvc) (EventID: 102) (User: )
      Description: El Protocolo de resolución de nombres de mismo nivel no se inició debido a un error de creación de la identidad predeterminada con código de error: 0x80630801.

      Error: (12/23/2017 09:23:58 AM) (Source: PNRPSvc) (EventID: 102) (User: )
      Description: El Protocolo de resolución de nombres de mismo nivel no se inició debido a un error de creación de la identidad predeterminada con código de error: 0x80630801.

      Error: (12/23/2017 09:23:46 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
      Description: El servicio Protocolo de resolución de nombres de mismo nivel se cerró con el siguiente error:
      %%-2140993535

      Error: (12/23/2017 09:23:46 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
      Description: El servicio Agrupación de red del mismo nivel depende del servicio Protocolo de resolución de nombres de mismo nivel, el cual no pudo iniciarse debido al siguiente error:
      %%-2140993535

      Error: (12/23/2017 09:23:46 AM) (Source: PNRPSvc) (EventID: 102) (User: )
      Description: El Protocolo de resolución de nombres de mismo nivel no se inició debido a un error de creación de la identidad predeterminada con código de error: 0x80630801.

      Error: (12/23/2017 09:19:07 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
      Description: El servicio Protocolo de resolución de nombres de mismo nivel se cerró con el siguiente error:
      %%-2140993535


      CodeIntegrity:
      ===================================
      Date: 2017-11-08 09:58:32.039
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22411_none_c04d416616480b5a\appidapi.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-11-08 09:58:31.908
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22411_none_c04d416616480b5a\appidapi.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-11-08 09:58:31.778
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22411_none_c04d416616480b5a\appidapi.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-11-08 09:58:31.562
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22411_none_c04d416616480b5a\appidapi.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-11-08 09:58:29.961
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_c0008ddc1681bb4c\appidapi.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-11-08 09:58:29.837
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_c0008ddc1681bb4c\appidapi.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-11-08 09:58:29.695
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_c0008ddc1681bb4c\appidapi.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-11-08 09:58:29.520
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_c0008ddc1681bb4c\appidapi.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-11-08 09:58:27.844
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-11-08 09:58:27.698
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.


      ==================== Memory info ===========================

      Processor: AMD Athlon(tm) 64 Processor 3800+
      Percentage of memory in use: 52%
      Total physical RAM: 2047.29 MB
      Available physical RAM: 972.86 MB
      Total Virtual: 4094.58 MB
      Available Virtual: 2965.07 MB

      ==================== Drives ================================

      Drive c: () (Fixed) (Total:127.99 GB) (Free:17.43 GB) NTFS ==>[drive with boot components (obtained from BCD)]
      Drive d: () (Fixed) (Total:104.89 GB) (Free:1.89 GB) NTFS
      Drive g: () (Fixed) (Total:102.88 GB) (Free:83.48 GB) NTFS
      Drive h: () (Fixed) (Total:83.42 GB) (Free:10.81 GB) NTFS
      Drive i: (USB WINDOW 7 ) (Removable) (Total:7.23 GB) (Free:4.86 GB) NTFS

      ==================== MBR & Partition Table ==================

      ========================================================
      Disk: 0 (MBR Code: Windows 7 or 8) (Size: 186.3 GB) (Disk ID: 46874687)
      Partition 1: (Active) - (Size=102.9 GB) - (Type=07 NTFS)
      Partition 2: (Not Active) - (Size=83.4 GB) - (Type=OF Extended)

      ========================================================
      Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 20D520D4)
      Partition 1: (Active) - (Size=128 GB) - (Type=07 NTFS)
      Partition 2: (Not Active) - (Size=104.9 GB) - (Type=OF Extended)

      ========================================================
      Disk: 2 (Size: 7.2 GB) (Disk ID: 009C0427)
      Partition 1: (Active) - (Size=7.2 GB) - (Type=07 NTFS)

      ==================== End of Addition.txt ============================

    7. #7
      Usuario Avatar de flyn
      Registrado
      may 2008
      Ubicación
      España
      Mensajes
      8

      Re: Navegador Chrome secuestrado por chromesearch.today

      Hola @Daniela,

      Haciendo un poco de búsqueda por mi cuenta, acabe dando con este hilo de Google:
      https://productforums.google.com/for...0/AeAYM8ThU6UJ

      En el apartado 6. Políticas en Chrome, indica que puede ser que el malware haya establecido algunas políticas en Chrome. Recomienda ejecutar un .bat que se descarga desde un enlace facilitado.
      Siguiendo los pasos, vuelves a tener a google como motor de búsqueda por defecto. Ademas al entrar en la configuración del administrador de motores ya si te deja pulsar sobre los 3 puntos verticales de chromesearch.today y elegir la opción de eliminar. Llevo varias reinicios de navegador y PC y ni rastro del problema.

      Muchas gracias por tu tiempo.


      Saludos

    8. #8
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      25.353

      Re: Navegador Chrome secuestrado por chromesearch.today

      Hola flyn

      Sigue estos pasos, para eliminar las herramientas utilizadas:

      • Utiliza de nuevo >> Descarga >> DelFix
        • Doble clic para ejecutarlo.(Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")
        • Marca todas las casillas.
      • Pulsar en Run.

        Se abrirá el informe (DelFix.txt), revisa que se hayan eliminado las herramientas utilizadas.


      Gracias a ti por confiar en ForoSpyware. Ha sido un placer ayudarte

      Nos alegramos que se te haya resuelto Damos el tema por solucionado.


      Si deseas REABRIR ESTE TEMA presiona para reportarlo Como Reportar Mensajes?.

      Como recomendación final, te invitamos a seguirnos en nuestros canales de difusión: Blog, Twitter, Facebook, para estar al tanto de los nuevos malwares y cómo prevenirlos.
      *** Tema solucionado ***


      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.