• Registrarse
  • Iniciar sesión


  • Página 1 de 3 123 ÚltimoÚltimo
    Resultados 1 al 10 de 30

    Conexión a Internet, actividad de enviados y recibidos + sfc / scannow

    ...

    1. #1
      Usuario Avatar de JManuel17
      Registrado
      mar 2018
      Ubicación
      Venezuela
      Mensajes
      15

      Conexión a Internet, actividad de enviados y recibidos + sfc / scannow

      Hola a todos, espero puedan orientarme, hace varias semanas note que mi Internet comenzó a ir un poco lento, sobre todo por las noches, tardaban en cargarse las paginas, las imágenes etc... Salvo algunas excepciones como los videos en youtube, revise el "Centro de redes y recursos compartidos" y los bytes enviados y recibidos me parecieron bastante elevados, anexo una captura que acabo de tomar:

      Trate de encontrarle arreglo, porque me pareció muy inusual, di con el post de esta pagina: http://www.forospyware.com/t460443.html y como vi que se presentaba un problema similar al mio, seguí las instrucciones. Hice todo igual, excepto que no ejecute el ESET SMART INSTALLER reiniciando en modo seguro con funciones de red, el Dr.Web CureIt! 8 no se si se ejecuto en modo de protección mejorada, según el manual, tenia que pulsar “Aceptar” sobre una ventana que se abriría cuando ejecutara el programa, pero sucede que esta ventana nunca se abrió, ni se oscureció levemente la pantalla como dice el manual... se supone también que el nombre del archivo era aleatorio, en mi caso se llamo "cureit.exe", imagino que se ejecuto en modo de protección mejorada, pero no sucedió como indica el manual: http://www.forospyware.com/t93472.html en cuanto al AT-Destroyer pude ejecutarlo en modo normal como se recomienda en el post.

      Mi pc tenia un par de documentos potencialmente sospechosos, observe la ruta y todos se habían alojado en mi pc desde hace un par de años, 2014, otros en el 2015 y algunos en el 2017. Procedí con los pasos, logre eliminarlos y algunos los coloque en cuarentena. Sin embargo, el problema con los bytes recibidos y enviados persistió, seguí con las instrucciones y cuando voy a ejecutar el comando sfc /scannow al final me aparece lo siguiente: "Protección de recursos de Windows encontró archivos dañados y no consiguió reparar algunos de ellos. Los detalles se incluyen en CBS. Registro % WinDir %\Logs\CBS\CBS.log." Ahora tengo un par de dudas, quisiera saber si hice los pasos bien, como puedo hacer parar reparar los archivos dañados en mi pc y ademas si es necesario que ejecute también el comando CHKDSK /F /R. De antemano muchas gracias.

    2. #2
      Usuario Avatar de Daniel0312
      Registrado
      ene 2018
      Ubicación
      Argentina
      Mensajes
      1.680

      Re: Conexión a Internet, actividad de enviados y recibidos + sfc / scannow

      Hola & Bienvenido al foro de InfoSpyware

      Paso 1 Vamos a descargar a TU ESCRITORIO todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía):

      ● IFS (InfoSpyware First Steps)
      ● AdwCleaner
      ● MalwareBytes Anti-Malware
      ● ZHP Cleaner (click en boton Telecharger de la pag.)
      ● Junkware Removal Tool
      ● Ccleaner

      En todas las HERRAMIENTAS que vamos a utilizar, hacer Click Derecho con el mouse y Ejecutar Como Administrador
      Paso 2 Ahora vamos a ejecutar las herramientas de una en una (cuando haya finalizado una, ejecutas la siguiente), y debes ejecutarlas en el mismo orden que te indico:

      IFS (InfoSpyware First Steps)
      ●Hay que deshabilitar tu antivirus: Cómo deshabilitar temporalmente su Antivirus
      ●Cierra todos los programas que tengas abiertos.
      ●Ejecuta IFS.exe como Administrador
      ●Pulsa en el boton Analizar , y espera a que termine el proceso
      ●Al terminar se abrirá un informe, que debes copiar y pegar (entero) en tu próxima respuesta.
      ●El informe también se puede encontrar en "C:\IFS.log"

      AdwCleaner
      ●Instala & Ejecuta AdwCleaner & Actualiza haciendo click en el boton Help >> Check for updates
      ●Cierra todos los programas y clickea en el boton "Scan"
      ●Una vez terminado el analisis, elimina lo encontrado
      ●Pegame su log haciendo click en "Logfiles" en tu siguiente respuesta

      MalwareBytes Anti-Malware
      ●Descarga & Ejecuta Malwarebytes Anti-Malware
      ●Actualiza dando click en la parte derecha "Estado de analisis" en "Actualizaciones:Actual" clickea en "actual" yespera a que termine de buscar y descargar las ultimas actualizaciones.
      ●Vamos a la seccion "Analizar" y seleccionamos "Analisis personalizado" y seguidamente en "Configurar analisis" y seleccionamos las casillas:
      →Analizar objetos en memoria
      →Analizar configuracion de inicio y de registro
      →Analizar dentro de los archivos
      →Analizar en busca de rootkits
      ●3: Seleccionamos todos los discos (incluidos cd/dvd) y esperamos a que termine de analizar
      ●4. Una vez terminado de analizar, seleccionamos todo lo detectado y enviamos a CUARENTENA y eliminamos (reiniciamos si se le pide)
      ●Pega su reporte → *fijese en fecha y hora*

      ZHPCleaner
      ●Descarga ZHPCleaner & Instala & Ejecuta el programa.
      ●Cierra todos los programas abiertos y clickea en el boton "Scanner" y espera a que termine
      ●Presiona en el boton "Reparar"
      ●Cierra todos los programas & reinicia la pc y pega el reporte que esta dentro del archivo llamado "ZHPCleaner"

      Junkware Removal Tool
      ●Deshabilita temporalmente tu antivirus -> Como deshabilitar temporalmente mi antivirus
      ●Ejecuta el archivo "JRT.exe" como administrador (en windows 7 y 8/8.1 click derecho ejecutar como administrador)
      ●Presiona cualquie tecla para que empieze el proceso Junkware Removal Tool
      ●Al finalizar, un registro (JRT.txt) se guardara en el escritorio y se abrirá automáticamente, pegas en tu siguiente respuesta

      Ccleaner
      ●Descarga & Instala Ccleaner
      ●Actualiza Ccleaner clickeando en el boton "Buscar actualizaciones"
      ●En la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine > clic en "[COLOR="#008000"]Ejecutar limpiador[/COLOR"
      ●Clic en la pestaña "Registro" > clic en "Buscar problemas" esperas que termine > clic en "Reparar seleccionadas."
      ●Haces una copia de seguridad dando en "Si"
      ●Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno

      Recuerda leer correctamente los pasos y realizarlos correctamente
      Recuerda pegarme los reportes (logs) de : AdwCleaner , MalwareBytes , ZHPCleaner , Junkware Removal Tool.

      No descargues/ejecutes ni inicies ningun programa hasta que vengas con las respuestas con los reportes y hasta que te lo indique ::.

    3. #3
      Usuario Avatar de JManuel17
      Registrado
      mar 2018
      Ubicación
      Venezuela
      Mensajes
      15

      Re: Conexión a Internet, actividad de enviados y recibidos + sfc / scannow

      Disculpen la demora, por cuestiones laborales me tomo un poco, pero acá están los reportes:

      1.- IFS (InfoSpyware First Steps)


      [CODE]~~~~~~~~~~~| Inicio:

      *IFS (InfoSpyware First Steps) v 1.3
      *www.InfoSpyware.com | www.ForoSpyware.com
      *Iniciado: 08/03/2018 a las 08h.48m.28s

      ~~~~~~~~~~~| Información del Sistema:

      OS: Microsoft Windows 8.1 Pro x86
      Idioma: Spanish (Bolivarian Republic of Venezuela) (Republica Bolivariana de Venezuela|es-VE)
      Permisos de Administrador / ON
      Windows se Inició en Modo Normal
      Drive: C:\Windows (Install: \Device\HarddiskVolume2)

      ~~~~~~~~~~~| Arquitectura Fisica:

      CPU: BIOSTAR Group
      CPU Modelo: N68S3B
      Procesador: AMD Athlon(tm) II X2 240 Processor (x64-BasedPC)
      Memoria RAM: 2 Gb. En Uso: 43 %
      Video: NVIDIA GeForce 7025 / NVIDIA nForce 630a
      Chip: GeForce 7025 / nForce 630a Capacidad video:32 MB (Integrated RAMDAC)

      ~~~~~~~~~~~| Unidades

      C: [FIXED|NTFS|] - [465.0 Gb][373.1 Gb][92.3 Gb]
      E: [CDROM]
      C:\ Fragmentación total 8.48% - Correcto

      ~~~~~~~~~~~| Seguridad del SO

      SafeBoot: Inicio en Modo seguro Correcto
      Security Center: Correcto (Servicio Activo)
      Windows Update: El servicio no está activo [LST: 2015-08-07 23:16:41][LD: 2015-08-07 23:23:40][LI: 2015-08-07 23:24:57]
      AV: Avast Antivirus *Protección Residente [OFF] / Actualizado*
      AV: Windows Defender *Protección Residente [ON] / Actualizado*
      SP: Windows Defender *Protección Residente [ON] / Actualizado*
      SP: Avast Antivirus *Protección Residente [OFF] / Actualizado*
      FW: Windows Firewall *Habilitado*

      ~~~~~~~~~~~| Update Check

      Internet Explorer Versión Instalada 11
      Mozilla FireFox Versión Instalada 45.0.1
      Google Chrome Versión Instalada 64.0.3282.186
      Adobe ShockWave Player Versión Instalada 12.2.8.198

      ~~~~~~~~~~~| Process List

      avastUI.exe (Productos Alwil Software Avast4)

      ~~~~~~~~~~~| Install Check


      Avast Free Antivirus [18.1.2326]
      ESET Online Scanner v3 []

      ~~~~~~~~~~~| Registry Check

      HKLM\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
      HKLM\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
      HKLM\Run: []
      HKLM\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
      HKCU\Run: [Voobly] "C:\Program Files\Voobly\voobly.exe" --startup
      Winlogon: Shell = explorer.exe
      Winlogon: Userinit = explorer.exe

      [HKCR\.\.open\command] -> Navegador Preferido es Google Chrome
      {"account_id_migration_state":2,"account_tracker_service_last_update":"13164929209491204","autofill":{"profile_use_dates_fixed":true},"browser":{"clear_data":{"browsing_history_basic":true,"cache_basic":true,"cookies_basic":true,"form_data":true,"hosted_apps_data":true,"media_licenses":true,"passwords":true,"preferences_migrated_to_basic":true,"site_settings":true,"time_period":4,"time_period_basic":0},"clear_lso_data_enabled":true,"last_clear_browsing_data_tab":1,"last_known_google_url":"https://www.google.co.ve/","window_placement":{"bottom":728,"left":-2,"maximized":false,"right":1361,"top":0,"work_area_bottom":728,"work_area_left":0,"work_area_right":1360,"work_area_top":0}},"cloud_print":{"email":""},"countryid_at_install":17747,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","559726338","624571099","280306491"],"daily_original_length_application":"8344885","daily_original_length_unknown":"6944","daily_original_length_via_data_reduction_proxy":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_original_length_via_data_reduction_proxy_application":"0","daily_original_length_via_data_reduction_proxy_unknown":"0","daily_original_length_via_data_reduction_proxy_video":"0","daily_original_length_video":"150169644","daily_original_length_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_original_length_with_data_reduction_proxy_enabled_application":"0","daily_original_length_with_data_reduction_proxy_enabled_unknown":"0","daily_original_length_with_data_reduction_proxy_enabled_video":"0","daily_received_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","559726338","624571099","280306491"],"daily_received_length_application":"8344885","daily_received_length_https_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_long_bypass_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_short_bypass_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_unknown":"6944","daily_received_length_unknown_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_via_data_reduction_proxy":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_via_data_reduction_proxy_application":"0","daily_received_length_via_data_reduction_proxy_unknown":"0","daily_received_length_via_data_reduction_proxy_video":"0","daily_received_length_video":"150169644","daily_received_length_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_with_data_reduction_proxy_enabled_application":"0","daily_received_length_with_data_reduction_proxy_enabled_unknown":"0","daily_received_length_with_data_reduction_proxy_enabled_video":"0","last_update_date":"13164951600000000"},"default_apps_install_state":2,"default_search_provider":{"enabled":true,"encodings":"UTF-8","icon_url":"hxxp//www.google.com/favicon.ico","id":"3","instant_url":"{google:baseURL}webhp?{google:RLZ}sourceid=chrome-instant&{google:instantFieldTrialGroupParameter}ie={inputEncoding}{google:instantEnabledParameter}{searchTerms}","prepopulate_id":"1","suggest_url":"{google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}"},"download":{"directory_upgrade":true,"extensions_to_open":""},"extensions":{"alerts":{"initialized":true},"autoupdate":{"last_check":"13164982907349707","next_check":"13165001105435707"},"chrome_url_overrides":{"bookmarks":[]},"install_signature":{"expire_date":"2018-05-29","ids":["aapocclcgogkmnckokdopfmhonfmgoek","aohghmighlieiainnegkcijnfilokake","djnhkfljnimcpelfndpcjcgngmefaobl","felcaaldnbdncclmgdcncolpebgiejap","ghbmnnjooekpmoecnnnilnnbdlolhkhi","gighmmpiobklfepjocnamgkkbiglidom","gkojfkhlekighikafcpjkiklfbnlmeio","gomekmidlodglbbmalcneegieacbdmki","hjnhcgkngeeahimbfhejeaiijecekhba","pkedcjkdefgpdelpbcmbmeomcjbeemfm"],"invalid_ids":[],"salt":"Jz8Bvf5vAFlnYt1akweayH7F/VYJ4SWekrnABq/UZTg=","signature":"FNc39Ce6RpwSunE/ts/C6Mw/5axONdTtNkAQ1GkYyUKICj5f/Swgut4Ysg8odlbaz22JB3oN5h3GB7VabELJnFGnlQXkh4iXgPXmSLBbEBt6hEQYQ1pvfhfa1FRGisKN/nardImYQI6sij+T/QnahH7bUz+Bunb+a6gLagGoLXqfNNewCrUGBxmgB+qQYQUTAUl9PLde89HG6j1ok/Y9urANR0pCBNEv2FX5/xAqFEZci8P7sbINhzEF/QMJcwyxQ2jItacgzZ/dTUh4pkocQHdFwOCNKV+T5pUCid5tGLmQC0Nw/FSVIGz1nqwc5fV/8mrpmp6UvR8ougfT3C7e6Q==","signature_format_version":2,"timestamp":"13164827599884619"},"last_chrome_version":"64.0.3282.186"},"gaia_cookie":{"changed_time":1520509520.981202,"hash":"eoGvPlkaxxP4HqHv6T3PNhV9g3Y="},"gcm":{"check_time":"13164982835360455","product_category_for_subtypes":"com.chrome.windows"},"homepage_changed":true,"http_original_content_length":"1464603928","http_received_content_length":"1464603928","http_throttling":{"enabled":true},"instant":{"enabled_time":"12981543089820074"},"invalidator":{"client_id":"Q9aTj5QnE5McZtaxQi+Rxg=="},"media":{"device_id_salt":"KTmC8U2ETLjAkctd5Z2BKA==","engagement":{"schema_version":3}},"net":{"network_qualities":{}},"ntp":{"app_page_names":["Aplicaciones"],"num_personal_suggestions":2,"promo_build":0,"promo_closed":false,"promo_end":1323071940,"promo_feature_mask":0,"promo_group":4,"promo_group_max":0,"promo_group_timeslice":0,"promo_is_logged_in_to_plus":false,"promo_line":"\u003Ca href=\"hxxp//www.google.es/chromebook/index.html#utm_campaign=es&utm_source=es-ntp-holidays-es-bkws&utm_medium=ntp-holidays\">Descubre los Chromebook\u003C/a> – ordenador que usa Chrome","promo_platform":0,"promo_resource_cache_update":"1337069494.837288","promo_start":1321862280,"promo_views":0,"promo_views_max":0,"sign_in_promo":{"group_max":100}},"partition":{"per_host_zoom_levels":{"x":{}}},"plugins":{"enabled_internal_pdf3":true,"enabled_nacl":true,"plugins_list":[]},"profile":{"avatar_index":0,"content_settings":{"exceptions":{"accessibility_events":{},"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"autoplay":{},"background_sync":{},"bluetooth_guard":{},"client_hints":{},"clipboard":{},"cookies":{},"durable_storage":{},"geolocation":{},"images":{},"important_site_info":{},"javascript":{},"media_engagement":{"https://accounts.google.com:443,*":{"last_modified":"13164983153629202","setting":{"audiblePlaybacks":0,"hasHighScore":false,"lastMediaPlaybackTime":0.0,"mediaPlaybacks":0,"significantPlaybacks":0,"visits":1,"visitsWithMediaTag":0}}},"media_stream_camera":{},"media_stream_mic":{},"midi_sysex":{},"mixed_script":{},"notifications":{},"password_protection":{},"permission_autoblocking_data":{},"plugins":{},"popups":{},"ppapi_broker":{},"prompt_no_decision_count":{},"protocol_handler":{},"sensors":{},"site_engagement":{},"sound":{},"ssl_cert_decisions":{},"subresource_filter":{},"subresource_filter_data":{},"usb_chooser_data":{}},"pref_version":1},"exit_type":"Normal","exited_cleanly":true,"icon_version":4,"last_engagement_time":"13164983145778202","managed_user_id":"","name":"Primer usuario","observed_session_time":{"incognito_window_in_product_help_observed_session_time_key":37960.0,"new_tab_in_product_help_observed_session_time_key":28575.0},"was_obsolete_http_data_cleaned":true},"safebrowsing":{"scout_group_selected":true,"unhandled_sync_password_reuses":{}},"savefile":{"default_directory":"C:\\Users\\Yamelis\\Downloads"},"selectfile":{"last_directory":"C:\\Users\\Yamelis\\Desktop"},"session":{"urls_to_restore_on_startup":["hxxp//www.google.com/"]},"spellcheck":{"dictionaries":["es"],"dictionary":""},"translate_accepted_count":{"en":0,"fr":0},"translate_denied_count_for_language":{"en":3,"fr":2},"translate_last_denied_time_for_language":{"en":[1520476684204.963],"fr":[1520468321892.962]},"translate_too_often_denied_for_language":{"en":true,"fr":true},"zerosuggest":{"cachedresults":""}}

      ~~~~~~~~~~~| PUPs Check

      HKCU\Software\pdfforge
      HKLM\Software\pdfforge


      ~~~~~~~~~~~| Listado 7 Días (Predeterminado)

      [05/03/2018 23:59] - C:\Windows\SECOH-QAD.exe
      [06/03/2018 17:17] - C:\Windows\setupact.log
      [06/03/2018 17:17] - C:\Windows\setuperr.log
      [06/03/2018 10:43] - C:\Windows\WindowsUpdate.log
      [06/03/2018 13:14] - C:\AdwCleaner
      [06/03/2018 13:08] - C:\AT-Destroyer.txt
      [07/03/2018 23:23] - C:\FSTool
      [07/03/2018 23:24] - C:\IFS.log
      [06/03/2018 13:08] - C:\_AT-Destroyer

      ~~~~~~~~~~~| C:\Windows\Tasks:


      2.- AdwCleaner


      # AdwCleaner 7.0.8.0 - Logfile created on Thu Mar 08 17:03:34 2018
      # Updated on 2018/08/02 by Malwarebytes
      # Database: 2018-03-07.1
      # Running on Windows 8.1 Pro (X86)
      # Mode: scan
      # Support: https://www.malwarebytes.com/support

      ***** [ Services ] *****

      PUP.Optional.ReviverSoft, Start Menu Logon Manager


      ***** [ Folders ] *****

      No malicious folders found.

      ***** [ Files ] *****

      No malicious files found.

      ***** [ DLL ] *****

      No malicious DLLs found.

      ***** [ WMI ] *****

      No malicious WMI found.

      ***** [ Shortcuts ] *****

      No malicious shortcuts found.

      ***** [ Tasks ] *****

      No malicious tasks found.

      ***** [ Registry ] *****

      No malicious registry entries found.

      ***** [ Firefox (and derivatives) ] *****

      No malicious Firefox entries.

      ***** [ Chromium (and derivatives) ] *****

      No malicious Chromium entries.

      *************************

      C:/AdwCleaner/AdwCleaner[C0].txt - [1392 B] - [2018/3/6 16:24:49]
      C:/AdwCleaner/AdwCleaner[S0].txt - [1474 B] - [2018/3/6 16:20:19]
      C:/AdwCleaner/AdwCleaner[S1].txt - [1079 B] - [2018/3/6 20:28:30]


      ########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt ##########


      3.- MalwareBytes Anti-Malware


      Malwarebytes
      www.malwarebytes.com

      -Detalles del registro-
      Fecha del análisis: 8/3/18
      Hora del análisis: 14:44
      Archivo de registro: 4d7804fe-22f8-11e8-a21a-00ac9976eaa1.json
      Administrador: Sí

      -Información del software-
      Versión: 3.4.4.2398
      Versión de los componentes: 1.0.322
      Versión del paquete de actualización: 1.0.4260
      Licencia: Prueba

      -Información del sistema-
      SO: Windows 8.1
      CPU: x86
      Sistema de archivos: NTFS
      Usuario: YamelisPC\Yamelis

      -Resumen del análisis-
      Tipo de análisis: Análisis personalizado
      Resultado: Completado
      Objetos analizados: 220425
      Amenazas detectadas: 30
      Amenazas en cuarentena: 30
      Tiempo transcurrido: 1 hr, 16 min, 31 seg

      -Opciones de análisis-
      Memoria: Activado
      Inicio: Activado
      Sistema de archivos: Activado
      Archivo: Activado
      Rootkits: Activado
      Heurística: Activado
      PUP: Detectar
      PUM: Detectar

      -Detalles del análisis-
      Proceso: 0
      (No hay elementos maliciosos detectados)

      Módulo: 0
      (No hay elementos maliciosos detectados)

      Clave del registro: 5
      PUP.Optional.ReviverSoft, HKU\S-1-5-21-298326368-2343544745-4123623987-1001\SOFTWARE\Start Menu Reviver, Se eliminará al reiniciar, [2754], [408096],1.0.4260
      PUP.Optional.ReviverSoft, HKLM\SOFTWARE\Start Menu Reviver, Se eliminará al reiniciar, [2754], [408095],1.0.4260
      PUP.Optional.ReviverSoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\REVIVERSOFT START MENU REVIVER RUN ONCE TASK, Se eliminará al reiniciar, [2754], [408082],1.0.4260
      PUP.Optional.ReviverSoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6E2111CA-2C0A-4E8B-A4A7-D60C69B39E45}, Se eliminará al reiniciar, [2754], [408082],1.0.4260
      PUP.Optional.ReviverSoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{6E2111CA-2C0A-4E8B-A4A7-D60C69B39E45}, Se eliminará al reiniciar, [2754], [408082],1.0.4260

      Valor del registro: 0
      (No hay elementos maliciosos detectados)

      Datos del registro: 0
      (No hay elementos maliciosos detectados)

      Secuencia de datos: 0
      (No hay elementos maliciosos detectados)

      Carpeta: 5
      PUP.Optional.ReviverSoft, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\REVIVERSOFT\START MENU REVIVER, Se eliminará al reiniciar, [2754], [408078],1.0.4260
      PUP.Optional.ReviverSoft, C:\ProgramData\ReviverSoft\Start Menu Reviver\S-1-5-21-298326368-2343544745-4123623987-1001\Artifacts, Se eliminará al reiniciar, [2754], [408077],1.0.4260
      PUP.Optional.ReviverSoft, C:\ProgramData\ReviverSoft\Start Menu Reviver\S-1-5-21-298326368-2343544745-4123623987-1001\Schemes, Se eliminará al reiniciar, [2754], [408077],1.0.4260
      PUP.Optional.ReviverSoft, C:\ProgramData\ReviverSoft\Start Menu Reviver\S-1-5-21-298326368-2343544745-4123623987-1001, Se eliminará al reiniciar, [2754], [408077],1.0.4260
      PUP.Optional.ReviverSoft, C:\PROGRAMDATA\REVIVERSOFT\START MENU REVIVER, Se eliminará al reiniciar, [2754], [408077],1.0.4260

      Archivo: 20
      PUP.Optional.ReviverSoft, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\REVIVERSOFT\START MENU REVIVER\START MENU REVIVER.LNK, Se eliminará al reiniciar, [2754], [408078],1.0.4260
      PUP.Optional.ReviverSoft, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft\Start Menu Reviver\Support.lnk, Se eliminará al reiniciar, [2754], [408078],1.0.4260
      PUP.Optional.ReviverSoft, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft\Start Menu Reviver\Uninstall.lnk, Se eliminará al reiniciar, [2754], [408078],1.0.4260
      PUP.Optional.ReviverSoft, C:\PROGRAMDATA\REVIVERSOFT\START MENU REVIVER\STORAGE.TXT, Se eliminará al reiniciar, [2754], [408077],1.0.4260
      PUP.Optional.ReviverSoft, C:\ProgramData\ReviverSoft\Start Menu Reviver\S-1-5-21-298326368-2343544745-4123623987-1001\Artifacts\additionalHeaders.txt, Se eliminará al reiniciar, [2754], [408077],1.0.4260
      PUP.Optional.ReviverSoft, C:\ProgramData\ReviverSoft\Start Menu Reviver\S-1-5-21-298326368-2343544745-4123623987-1001\Artifacts\lastRequest.xml, Se eliminará al reiniciar, [2754], [408077],1.0.4260
      PUP.Optional.ReviverSoft, C:\ProgramData\ReviverSoft\Start Menu Reviver\S-1-5-21-298326368-2343544745-4123623987-1001\Artifacts\lastResponse.xml, Se eliminará al reiniciar, [2754], [408077],1.0.4260
      PUP.Optional.ReviverSoft, C:\ProgramData\ReviverSoft\Start Menu Reviver\S-1-5-21-298326368-2343544745-4123623987-1001\Schemes\day.xml, Se eliminará al reiniciar, [2754], [408077],1.0.4260
      PUP.Optional.ReviverSoft, C:\ProgramData\ReviverSoft\Start Menu Reviver\S-1-5-21-298326368-2343544745-4123623987-1001\Schemes\night.xml, Se eliminará al reiniciar, [2754], [408077],1.0.4260
      PUP.Optional.ReviverSoft, C:\ProgramData\ReviverSoft\Start Menu Reviver\S-1-5-21-298326368-2343544745-4123623987-1001\Schemes\personal.xml, Se eliminará al reiniciar, [2754], [408077],1.0.4260
      PUP.Optional.ReviverSoft, C:\ProgramData\ReviverSoft\Start Menu Reviver\S-1-5-21-298326368-2343544745-4123623987-1001\dashboard.lnk, Se eliminará al reiniciar, [2754], [408077],1.0.4260
      PUP.Optional.ReviverSoft, C:\ProgramData\ReviverSoft\Start Menu Reviver\S-1-5-21-298326368-2343544745-4123623987-1001\log.log, Se eliminará al reiniciar, [2754], [408077],1.0.4260
      PUP.Optional.ReviverSoft, C:\ProgramData\ReviverSoft\Start Menu Reviver\S-1-5-21-298326368-2343544745-4123623987-1001\settings.xml, Se eliminará al reiniciar, [2754], [408077],1.0.4260
      PUP.Optional.ReviverSoft, C:\ProgramData\ReviverSoft\Start Menu Reviver\S-1-5-21-298326368-2343544745-4123623987-1001\tiles.xml, Se eliminará al reiniciar, [2754], [408077],1.0.4260
      PUP.Optional.ReviverSoft, C:\ProgramData\ReviverSoft\Start Menu Reviver\first_launch_users.conf, Se eliminará al reiniciar, [2754], [408077],1.0.4260
      PUP.Optional.ReviverSoft, C:\ProgramData\ReviverSoft\Start Menu Reviver\settings.xml, Se eliminará al reiniciar, [2754], [408077],1.0.4260
      PUP.Optional.ReviverSoft, C:\ProgramData\ReviverSoft\Start Menu Reviver\SMService.log, Se eliminará al reiniciar, [2754], [408077],1.0.4260
      PUP.Optional.OpenCandy, C:\USERS\YAMELIS\DESKTOP\RESPALDO DOWNLOAD\CHEATENGINE64.EXE, Se eliminará al reiniciar, [480], [101648],1.0.4260
      PUP.Optional.ReviverSoft, C:\WINDOWS\SYSTEM32\TASKS\REVIVERSOFT START MENU REVIVER RUN ONCE TASK, Se eliminará al reiniciar, [2754], [408082],1.0.4260
      HackTool.IdleKMS, C:\WINDOWS\SECOH-QAD.EXE, Se eliminará al reiniciar, [2388], [106788],1.0.4260

      Sector físico: 0
      (No hay elementos maliciosos detectados)


      (end)


      4.- ZHPCleaner


      <!DOCTYPE html>
      <HTML>
      <HEAD>
      <meta charset="UTF-8" />
      <h1 style="background-color: #1393ef; text-align: center; color: #ffffff; padding: 15px;">NEWS</h1>
      <A HREF="https://nicolascoolman.eu/2018/03/06/trojan-combojack-remplace-adresses-cryptocurrency-copiees-presse-papiers-windows/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/04/Cheval-de-Troie-trojan-e1493106332886.jpg"TITLE=Le trojan ComboJack espionne le presse-papiers Windows. width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2018/03/02/23-000-utilisateurs-perdent-leurs-certificat-ssl-trustico-digicert/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2018/03/Digicert-Zone-Antimalware.jpg"TITLE=23 000 utilisateurs perdent leurs certificat SSL width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2018/02/28/nouvelle-souche-spyware-android-reddrop/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/google-android.jpg"TITLE=Nouvelle souche du spyware Androïd RedDrop width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2018/02/26/luniversite-de-lausane-espionnee-keylogger/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2018/02/Unil-Universite-Lauzanne1.jpg"TITLE=L'université de Lausanne espionnée par un keylogger. width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2018/02/25/premieres-victimes-ransomware-data-keeper-raas/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/12/Ransomware-Zone-Anti-Malware-ZAM.jpg"TITLE=Premières victimes du ransomware Data Keeper RaaS. width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2018/02/21/faille-de-securite-microsoft-edge/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/google-project-zero-anti-malware-zone-e1511865211155.jpg"TITLE=Faille de sécurité dans Microsoft Edge width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2018/02/19/microsoft-prevoit-suppression-mots-de-passe-windows-10/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2018/02/Microsoft-Authenticator.png"TITLE=Microsoft supprime les mots de passe sur Windows 10 width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2018/02/17/sup-easypcoptimizer/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2018/02/Easy-PC-Optimizer-Zone-Antimalware.jpg"TITLE=EasyPC Optimizer,Logiciel Potentiellement Superflu width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2018/02/17/sup-errorfixkit/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2018/02/ErrorFix-Kit-Zone-Antimalware.jpg"TITLE=ErrorFix Kit,Logiciel Potentiellement Superflu width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2018/02/17/sup-registrynuke/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2018/02/RegistryNuke-Zone-Antimalware.png"TITLE=RegistryNuke,Logiciel Potentiellement Superflu width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2018/02/16/sup-dllescort/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2018/02/DLLescort-Zone-Antimalware.png"TITLE=DLLescort,Logiciel Potentiellement Superflu width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2018/02/17/sup-dllkitpro/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2018/02/DLLkit-Pro-Zone-Antimalware.png"TITLE=DllKit Pro,Logiciel Potentiellement Superflu width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2018/02/15/sup-advancedfilefixer/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2018/02/AdvancedFileFixer-zone-antimalware.png"TITLE=Advanced File Fixer,Logiciel Potentiellement Superflu width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2018/02/15/nouveau-microcode-intel-plateforme-skylake/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2018/01/intel-zone-antimalware-zam.jpg"TITLE=Nouveau microcode Intel pour la plateforme SkyLake width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2018/02/15/sup-wisefixer/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2018/02/WiseFixer-Zone-Antimalware.jpg"TITLE=WiseFixer,Logiciel Potentiellement Superflu width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2018/02/15/sup-advancedfix/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2018/02/AdvancedFix-Zone-Antimalware.jpg"TITLE=AdvancedFix,Logiciel Potentiellement Superflu width=200 height=200</A>
      <A></A><h1 style="background-color: #1393ef; text-align: center; color: #ffffff; padding: 15px;">Informe de ZHPCleaner</h1></HEAD>
      <BODY>
      <PRE>
      <SCRIPT LANGUAGE="Javascript">
      document.writeln("~ ZHPCleaner v2018.3.6.47 by Nicolas Coolman (2018/03/06)");
      document.writeln("~ Run by Yamelis (Administrator) (08/03/2018 16:45:40)");
      document.writeln("~ Web: https://www.nicolascoolman.com");
      document.writeln("~ Blog: https://nicolascoolman.eu/");
      document.writeln("~ Facebook : https://www.facebook.com/nicolascoolman1");
      document.writeln("~ State version : Version OK");
      document.writeln("~ Certificate ZHPCleaner: Legal");
      document.writeln("~ Type : Scanner");
      document.writeln("~ Report : C:\\Users\\Yamelis\\Desktop\\ZHPCleaner.txt");
      document.writeln("~ Quarantine : C:\\Users\\Yamelis\\AppData\\Roaming\\ZHP\\ZHPCleaner_Reg.txt");
      document.writeln("~ UAC : Activate");
      document.writeln("~ Boot Mode : Normal (Normal boot)");
      document.writeln("Windows 8.1 Pro, 32-bit (Build 9600)");
      document.writeln("");
      document.writeln("<b>---\\ Alternate Data Stream (ADS). (0)</b>");
      document.writeln("~ No malintencionados o innecesarios artículos encontrados. (ADS)");
      document.writeln("");
      document.writeln("<b>---\\ Servicios (0)</b>");
      document.writeln("~ No malintencionados o innecesarios artículos encontrados. (Servicio)");
      document.writeln("");
      document.writeln("<b>---\\ Navegadores de Internet (0)</b>");
      document.writeln("~ No malintencionados o innecesarios artículos encontrados. (Navegador)");
      document.writeln("");
      document.writeln("<b>---\\ Hosts carpeta (1)</b>");
      document.writeln("~ El archivo hosts es legítimo (21)");
      document.writeln("");
      document.writeln("<b>---\\ Tareas automáticas programadas. (0)</b>");
      document.writeln("~ No malintencionados o innecesarios artículos encontrados. (Tarea)");
      document.writeln("");
      document.writeln("<b>---\\ Explorador ( Archivos, Carpetas ) (19)</b>");
      document.writeln("ENCONTRADOS carpeta: C:\\Windows\\SECOH-QAD.dll =>HackTool.KMSpico".fontcolor("#f20d47"));
      document.writeln("ENCONTRADOS carpeta: C:\\Program Files\\KMSpico\\AutoPico.exe [@ByELDI - AutoPico] =>HackTool.KMSpico".fontcolor("#f20d47"));
      document.writeln("ENCONTRADOS carpeta: C:\\Program Files\\KMSpico\\DevComponents.DotNetBar2.dll [DevComponents.com - DevComponents.DotNetBar] =>HackTool.KMSpico".fontcolor("#f20d47"));
      document.writeln("ENCONTRADOS carpeta: C:\\Program Files\\KMSpico\\KMSELDI.exe [@ByELDI - KMS GUI ELDI] =>HackTool.KMSpico".fontcolor("#f20d47"));
      document.writeln("ENCONTRADOS carpeta: C:\\Program Files\\KMSpico\\unins000.dat =>HackTool.KMSpico".fontcolor("#f20d47"));
      document.writeln("ENCONTRADOS carpeta: C:\\Program Files\\KMSpico\\unins000.exe [ - Setup/Uninstall] =>HackTool.KMSpico".fontcolor("#f20d47"));
      document.writeln("ENCONTRADOS carpeta: C:\\Program Files\\KMSpico\\UninsHs.exe [Han-soft - Uninstall for InnoSetup by Han-soft] =>HackTool.KMSpico".fontcolor("#f20d47"));
      document.writeln("ENCONTRADOS carpeta: C:\\Program Files\\KMSpico\\Vestris.ResourceLib.dll [Vestris Inc. - ResourceLib] =>HackTool.KMSpico".fontcolor("#f20d47"));
      document.writeln("ENCONTRADOS archivo: C:\\Program Files\\KMSpico\\cert =>HackTool.KMSpico".fontcolor("#f20d47"));
      document.writeln("ENCONTRADOS archivo: C:\\Program Files\\KMSpico\\driver =>HackTool.KMSpico".fontcolor("#f20d47"));
      document.writeln("ENCONTRADOS archivo: C:\\Program Files\\KMSpico\\icons =>HackTool.KMSpico".fontcolor("#f20d47"));
      document.writeln("ENCONTRADOS archivo: C:\\Program Files\\KMSpico\\logs =>HackTool.KMSpico".fontcolor("#f20d47"));
      document.writeln("ENCONTRADOS archivo: C:\\Program Files\\KMSpico\\scripts =>HackTool.KMSpico".fontcolor("#f20d47"));
      document.writeln("ENCONTRADOS archivo: C:\\Program Files\\KMSpico\\sounds =>HackTool.KMSpico".fontcolor("#f20d47"));
      document.writeln("ENCONTRADOS archivo: C:\\Program Files\\KMSpico\\TokensBackup =>HackTool.KMSpico".fontcolor("#f20d47"));
      document.writeln("ENCONTRADOS archivo: C:\\Program Files\\KMSpico\\x64 =>HackTool.KMSpico".fontcolor("#f20d47"));
      document.writeln("ENCONTRADOS archivo: C:\\Program Files\\KMSpico\\x86 =>HackTool.KMSpico".fontcolor("#f20d47"));
      document.writeln("ENCONTRADOS archivo: C:\\Program Files\\KMSpico =>HackTool.KMSpico".fontcolor("#f20d47"));
      document.writeln("ENCONTRADOS archivo: C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\KMSpico =>HackTool.KMSpico".fontcolor("#f20d47"));
      document.writeln("");
      document.writeln("<b>---\\ Registro ( Claves, Valores, Datos) (4)</b>");
      document.writeln("ENCONTRADOS clave: HKEY_USERS\\S-1-5-21-298326368-2343544745-4123623987-1001\\SOFTWARE\\Magicbit [] =>.SUP.Magicbit".fontcolor("#0d1df4"));
      document.writeln("ENCONTRADOS clave: HKCU\\Software\\Magicbit [] =>.SUP.Magicbit".fontcolor("#0d1df4"));
      document.writeln("ENCONTRADOS clave: HKCU\\Software\\undefined [] =>.SUP.Downloader".fontcolor("#0d1df4"));
      document.writeln("ENCONTRADOS clave: HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 [KMSpico] =>HackTool.KMSpico".fontcolor("#f20d47"));
      document.writeln("");
      document.writeln("<b>---\\ Resumen de elementos en su estación de trabajo (3)</b>");
      document.writeln("https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico");
      document.writeln("https://nicolascoolman.eu/2017/12/23/sup-magicbit/ =>.SUP.Magicbit");
      document.writeln("https://nicolascoolman.eu/2017/12/22/sup-downloader/ =>.SUP.Downloader");
      document.writeln("");
      document.writeln("<b>---\\ Resultado de la reparación.</b>");
      document.writeln("~ ninguna reparación hecha");
      document.writeln("");
      document.writeln("<b>---\\ STATISTIQUES</b>");
      document.writeln("~ Items escaneado : 62126");
      document.writeln("~ Items encontrado : 40");
      document.writeln("~ artículos cancelados : 0");
      document.writeln("~ Items opciones : 0/7");
      document.writeln("~ Ahorro de espacio (bytes) : 0");
      document.writeln("~ End of search in 00h07mn26s");
      document.writeln("ZHPCleaner-[S]-08032018-16_53_06.txt");
      </SCRIPT>
      </PRE>
      <h1 style="background-color: #1393ef; text-align: center; color: #ffffff; padding: 15px;">items encontrados por ZHPCleaner </h1>
      <br><A HREF="https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ " TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2018/02/KMSpico-zone-antimalware.jpg"TITLE=HackTool.KMSpico width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2017/12/23/sup-magicbit/ " TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/03/Superflu-Logiciel-Publicitaire-Zone-Antimalware-ZAM.jpg"TITLE=.SUP.Magicbit width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2017/12/22/sup-downloader/ " TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/03/Superflu-Logiciel-Publicitaire-Zone-Antimalware-ZAM.jpg"TITLE=.SUP.Downloader width=200 height=200</A>
      <A></A><h1 style="background-color: #1393ef; text-align: center; color: #ffffff; padding: 15px;">Información sobre los módulos</h1><A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/20/zhpdiag-module-g0-gcsp/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/google-chrome-navigateur-anti-malware-zone.jpg"TITLE=G0 Google Chrome Page de démarrage width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/11/02/zhpdiag-module-g2-gce/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/11/google-chrome-store-zone-antimalware-nicolas-coolman.png"TITLE=G2 Google Chrome Extension width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/11/10/zhpdiag-module-m2-mfep/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/11/DoNotTrakMe-Mozilla-Firefox-Extensions-Zone-Antimalware.png"TITLE=M2 Mozilla Firefox Extension width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/26/zhpdiag-module-p2-fpn/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/extension_de_Mozilla_zone-antimalware.png"TITLE=P2 Mozilla Firefox Extension width=100 height=100</A>
      <A HREF="https://www.nicolascoolman.com/fr//r5-internet-explorer-proxy-management-iepm/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/04/proxy-server.jpg"TITLE=R5 Proxy Management width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/23/zhpdiag-module-o1-ush/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/hosts_dns_O1_ZHPDiag.png"TITLE=O1 Redirection du fichier Hosts width=100 height=100</A>
      <A HREF="https://www.nicolascoolman.com/fr//o2-browser-helper-objects-de-navigateur/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/IoT-internet-des-objets-anti-malware-zone.png"TITLE=O2 Browser Helper Objects de navigateur width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/11/26/zhpdiag-module-o3-barre-doutils-de-navigateurs/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/09/Toolbars-Anti-Malware-Zone.png"TITLE=O3 Internet Explorer Toolbars width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/11/02/zhpdiag-module-o4-adar/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/11/zhpdiag-module-O4-clé-run-zone-antimalware.png"TITLE=O4 Applications démarrées par le système width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/11/27/zhpdiag-module-o4-global-startup/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/11/zhpdiag-module-O4-clé-run-zone-antimalware.png"TITLE=O4G Raccourcis Global Startup width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/19/zhpdiag-module-o10-lsp/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/winsock-module-o10-zhpdiag.png"TITLE=O10 Winsock hijacker width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/19/zhpdiag-module-o17-mdad/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/DNS-Server-module-o17-zhpdiag.png"TITLE=O17 Modification Adresse/Domaine DNS width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/11/05/zhpdiag-module-o18-papp/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/11/protocoles-zhpdiag-module-o18-zone-antimalware.png"TITLE=O18 Protocoles Additionnels width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/30/zhpdiag-module-o22-sharedtaskscheduler-sts/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/sharedtaskscheduler-zhpdiag-module-o22-zone-antimalware.png"TITLE=O22 Clé Registre SharedTaskScheduler width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/20/zhpdiag-module-o23-smnd/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/services-windows-zhpdiag-module-o23.png"TITLE=O23 Services NT non Microsoft width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/27/zhpdiag-module-o34-bootexecute-bex/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/session-manager-zhpdiag-zone-antimalware.png"TITLE=O34 BootExecute width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/18/zhpdiag-module-o38-apt/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/windows10-taches-planifiées-module-o38-zhpdiag.png"TITLE=O38 Tâches planifiées Automatique width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/18/zhpdiag-module-o40-asic/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/activesetup-installed-components-asic-o40-zhpdiag.png"TITLE=O40 ActiveSetup Installed Components width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/11/01/zhpdiag-module-o42-loin/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/11/logiciels-applications-windows-ZAM-ZHPDiag3.png"TITLE=O42 Logiciels installés width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/11/12/zhpdiag-module-o43-cfd/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/windows10-laptop.png"TITLE=O43 Contenu des dossiers Programes width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/22/zhpdiag-module-o45-lfp/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/prefetch-ram-windows.png"TITLE=O45 Derniers fichiers Prefetcher width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/22/zhpdiag-module-o46-seh/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/Shell-Execute-hook2.png"TITLE=O46 ShellExecuteHooks width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/03/24/module-zhpdiag-o50/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/03/ifeo-image-file-execution-options-zhpdiag-o50.png"TITLE=O50 Image File Execution Options width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/31/zhpdiag-module-o53-smsr/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/msconfig-microsoft-zone-antimalware-nicolascoolman.png"TITLE=O53 ShareTools MSconfig StartupReg width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/21/zhpdiag-module-o58-sdl/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/Pilotes-module-058-zhpdiag.png"TITLE=O58 Pilotes du Système width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/21/zhpdiag-module-o68-smi/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/windows-registre-start-menu-inernet.png"TITLE=O68 Start Menu Internet width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/11/04/zhpdiag-module-o69-sbi/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/11/searchscopes-registre-module-o69-zone-antimalware.png"TITLE=O69 Search Browser Infection width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/24/zhpdiag-module-o83-sss/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/svchosts-services-zhpdiag-o83.jpg"TITLE=O83 Services démarrés par Svchost width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/24/zhpdiag-module-o87-fael/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/FirewallRules-zhpdiag-o87.jpg"TITLE=O87 Firewall Activ Exception List width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/ads-alternate-data-stream/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2018/01/ADS-NTFS.png"TITLE=O108 Raccourcis de menu contextuels width=100 height=100</A>
      <A></A><h1 style="background-color: #1393ef; text-align: center; color: #ffffff; padding: 15px;">ZHPCleaner Report end </h1></BODY>
      </HTML>


      5.- Junkware Removal Tool


      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Junkware Removal Tool (JRT) by Malwarebytes
      Version: 8.1.4 (07.09.2017)
      Operating System: Windows 8.1 Pro x86
      Ran by Yamelis (Administrator) on 08-03-2018 at 17:42:42,90
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




      File System: 8

      Successfully deleted: C:\ProgramData\reviversoft (Folder)
      Successfully deleted: C:\Users\Yamelis\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio (Folder)
      Successfully deleted: C:\Users\Yamelis\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gkojfkhlekighikafcpjkiklfbnlmeio (Folder)
      Successfully deleted: C:\Users\Yamelis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage (File)
      Successfully deleted: C:\Users\Yamelis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\hitleap viewer.lnk (Shortcut)
      Successfully deleted: C:\Users\Yamelis\Desktop\hitleap viewer.lnk (Shortcut)
      Successfully deleted: C:\Program Files\hitleap (Folder)
      Successfully deleted: C:\Program Files\reviversoft (Folder)



      Registry: 1

      Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} (Registry Value)




      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on 08-03-2018 at 17:47:52,04
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

      Nota: Cuando ejecute Ccleaner y seguí estas instrucciones:

      ●Clic en la pestaña "Registro" > clic en "Buscar problemas" esperas que termine > clic en "Reparar seleccionadas."
      ●Haces una copia de seguridad dando en "Si"
      ●Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno

      Todo muy bien, solo que cuando volví a dar clic en "buscar problemas" hasta no encontrar ninguno, no dejaron de aparecer, y eran los mismos de siempre una y otra vez, a pesar de que le daba clic en "reparar seleccionadas", lo intente alrededor de 20 veces. Anexo imagen: https://imgur.com/MAPGv3M

    4. #4
      Usuario Avatar de Daniel0312
      Registrado
      ene 2018
      Ubicación
      Argentina
      Mensajes
      1.680

      Re: Conexión a Internet, actividad de enviados y recibidos + sfc / scannow

      Cita Originalmente publicado por JManuel17 Ver Mensaje
      Nota: Cuando ejecute Ccleaner y seguí estas instrucciones:

      ●Clic en la pestaña "Registro" > clic en "Buscar problemas" esperas que termine > clic en "Reparar seleccionadas."
      ●Haces una copia de seguridad dando en "Si"
      ●Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno

      Todo muy bien, solo que cuando volví a dar clic en "buscar problemas" hasta no encontrar ninguno, no dejaron de aparecer, y eran los mismos de siempre una y otra vez, a pesar de que le daba clic en "reparar seleccionadas", lo intente alrededor de 20 veces. Anexo imagen: https://imgur.com/MAPGv3M
      Es que esos archivos corresponden a tu antivirus Avast

      AV: Avast Antivirus *Protección Residente [OFF] / Actualizado*
      AV: Windows Defender *Protección Residente [ON] / Actualizado*
      SP: Windows Defender *Protección Residente [ON] / Actualizado*
      SP: Avast Antivirus *Protección Residente [OFF] / Actualizado*
      Reinicia el sistema y comenta como va el problema si sigue o no salu2.

    5. #5
      Usuario Avatar de JManuel17
      Registrado
      mar 2018
      Ubicación
      Venezuela
      Mensajes
      15

      Re: Conexión a Internet, actividad de enviados y recibidos + sfc / scannow

      Bueno al parecer el problema persiste, a los 24 minutos de duración los bytes enviados son de 2.213.549 y los recibidos de 16.920.233. A los 31 minutos de conexión los enviados son: 2.746.539 y los recibidos 24.787.260. Mi Internet sigue lento, y no estoy haciendo descargas. ¿serán normales esos valores?

    6. #6
      Usuario Avatar de Daniel0312
      Registrado
      ene 2018
      Ubicación
      Argentina
      Mensajes
      1.680

      Re: Conexión a Internet, actividad de enviados y recibidos + sfc / scannow

      Cambia la contraseña de tu Wi-Fi y comprueba si sigue por favor.

    7. #7
      Usuario Avatar de JManuel17
      Registrado
      mar 2018
      Ubicación
      Venezuela
      Mensajes
      15

      Re: Conexión a Internet, actividad de enviados y recibidos + sfc / scannow

      No estoy seguro, en reposo (sin navegar en Internet) los niveles se mantienen bajos pero subiendo poco a poco, luego de 30 minutos los niveles están así: https://imgur.com/1TAeGti Después reinicie, accedí a facebook y abrí un video en youtube con duración de 14 minutos, los bytes subieron bastante rápido y a niveles muy elevados, a los 30 minutos estaban así: https://imgur.com/rZlgbTF No hice más descargas, solo deje esas 2 ventanas abiertas y no realice más actividad. ¿es normal que en reposo y actividad los niveles estén así de elevados? y otra pregunta ¿elimine todos los virus en mi pc? ¿no habrán más alojados en algún lado? leí que hay virus que pueden robar las contraseñas de mis transacciones bancarias por Internet y eso me tiene algo preocupado. Gracias por la asistencia que me han estado dando en este dilema.

    8. #8
      Usuario Avatar de Daniel0312
      Registrado
      ene 2018
      Ubicación
      Argentina
      Mensajes
      1.680

      Re: Conexión a Internet, actividad de enviados y recibidos + sfc / scannow

      Pues la amenazas fueron eliminado si reiniciaste el pc .

      Pasa nuevamente ZHPCleaner en modo seguro. Ya que el reporte no se ve puede leer bien

    9. #9
      Usuario Avatar de JManuel17
      Registrado
      mar 2018
      Ubicación
      Venezuela
      Mensajes
      15

      Re: Conexión a Internet, actividad de enviados y recibidos + sfc / scannow

      Entiendo, lo que me extraña es que persista el problema ¿será por algún daño que tiene el equipo?

      <!DOCTYPE html>
      <HTML>
      <HEAD>
      <meta charset="UTF-8" />
      <h1 style="background-color: #1393ef; text-align: center; color: #ffffff; padding: 15px;">NEWS</h1>
      <A HREF="https://nicolascoolman.eu/2018/03/06/trojan-combojack-remplace-adresses-cryptocurrency-copiees-presse-papiers-windows/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/04/Cheval-de-Troie-trojan-e1493106332886.jpg"TITLE=Le*trojan*ComboJack*espionne*le*presse-papiers*Windows. width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2018/03/02/23-000-utilisateurs-perdent-leurs-certificat-ssl-trustico-digicert/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2018/03/Digicert-Zone-Antimalware.jpg"TITLE=23*000*utilisateurs*perdent*leurs*certificat*SSL width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2018/02/28/nouvelle-souche-spyware-android-reddrop/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/google-android.jpg"TITLE=Nouvelle*souche*du*spyware*Androïd*RedDrop width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2018/02/26/luniversite-de-lausane-espionnee-keylogger/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2018/02/Unil-Universite-Lauzanne1.jpg"TITLE=L'université*de*Lausanne*espionnée*par*un*keylogger. width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2018/02/25/premieres-victimes-ransomware-data-keeper-raas/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/12/Ransomware-Zone-Anti-Malware-ZAM.jpg"TITLE=Premières*victimes*du*ransomware*Data*Keeper*RaaS. width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2018/02/21/faille-de-securite-microsoft-edge/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/google-project-zero-anti-malware-zone-e1511865211155.jpg"TITLE=Faille*de*sécurité*dans*Microsoft*Edge width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2018/02/19/microsoft-prevoit-suppression-mots-de-passe-windows-10/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2018/02/Microsoft-Authenticator.png"TITLE=Microsoft*supprime*les*mots*de*passe*sur*Windows*10 width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2018/02/17/sup-easypcoptimizer/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2018/02/Easy-PC-Optimizer-Zone-Antimalware.jpg"TITLE=EasyPC*Optimizer,Logiciel*Potentiellement*Superflu width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2018/02/17/sup-errorfixkit/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2018/02/ErrorFix-Kit-Zone-Antimalware.jpg"TITLE=ErrorFix*Kit,Logiciel*Potentiellement*Superflu width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2018/02/17/sup-registrynuke/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2018/02/RegistryNuke-Zone-Antimalware.png"TITLE=RegistryNuke,Logiciel*Potentiellement*Superflu width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2018/02/16/sup-dllescort/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2018/02/DLLescort-Zone-Antimalware.png"TITLE=DLLescort,Logiciel*Potentiellement*Superflu width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2018/02/17/sup-dllkitpro/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2018/02/DLLkit-Pro-Zone-Antimalware.png"TITLE=DllKit*Pro,Logiciel*Potentiellement*Superflu width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2018/02/15/sup-advancedfilefixer/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2018/02/AdvancedFileFixer-zone-antimalware.png"TITLE=Advanced*File*Fixer,Logiciel*Potentiellement*Superflu width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2018/02/15/nouveau-microcode-intel-plateforme-skylake/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2018/01/intel-zone-antimalware-zam.jpg"TITLE=Nouveau*microcode*Intel*pour*la*plateforme*SkyLake width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2018/02/15/sup-wisefixer/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2018/02/WiseFixer-Zone-Antimalware.jpg"TITLE=WiseFixer,Logiciel*Potentiellement*Superflu width=200 height=200</A>
      <A HREF="https://nicolascoolman.eu/2018/02/15/sup-advancedfix/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2018/02/AdvancedFix-Zone-Antimalware.jpg"TITLE=AdvancedFix,Logiciel*Potentiellement*Superflu width=200 height=200</A>
      <A></A><h1 style="background-color: #1393ef; text-align: center; color: #ffffff; padding: 15px;">Informe de ZHPCleaner</h1></HEAD>
      <BODY>
      <PRE>
      <SCRIPT LANGUAGE="Javascript">
      document.writeln("~ ZHPCleaner v2018.3.6.47 by Nicolas Coolman (2018/03/06)");
      document.writeln("~ Run by Yamelis (Administrator) (10/03/2018 02:00:50)");
      document.writeln("~ Web: https://www.nicolascoolman.com");
      document.writeln("~ Blog: https://nicolascoolman.eu/");
      document.writeln("~ Facebook : https://www.facebook.com/nicolascoolman1");
      document.writeln("~ State version : ");
      document.writeln("~ Certificate ZHPCleaner: Legal");
      document.writeln("~ Type : Scanner");
      document.writeln("~ Report : C:\\Users\\Yamelis\\Desktop\\ZHPCleaner.txt");
      document.writeln("~ Quarantine : C:\\Users\\Yamelis\\AppData\\Roaming\\ZHP\\ZHPCleaner_Reg.txt");
      document.writeln("~ UAC : Activate");
      document.writeln("~ Boot Mode : Sans échec (Fail-safe boot)");
      document.writeln("Windows 8.1 Pro, 32-bit (Build 9600)");
      document.writeln("");
      document.writeln("<b>---\\ Alternate Data Stream (ADS). (0)</b>");
      document.writeln("~ No malintencionados o innecesarios artículos encontrados. (ADS)");
      document.writeln("");
      document.writeln("<b>---\\ Servicios (0)</b>");
      document.writeln("~ No malintencionados o innecesarios artículos encontrados. (Servicio)");
      document.writeln("");
      document.writeln("<b>---\\ Navegadores de Internet (0)</b>");
      document.writeln("~ No malintencionados o innecesarios artículos encontrados. (Navegador)");
      document.writeln("");
      document.writeln("<b>---\\ Hosts carpeta (1)</b>");
      document.writeln("~ El archivo hosts es legítimo (21)");
      document.writeln("");
      document.writeln("<b>---\\ Tareas automáticas programadas. (0)</b>");
      document.writeln("~ No malintencionados o innecesarios artículos encontrados. (Tarea)");
      document.writeln("");
      document.writeln("<b>---\\ Explorador ( Archivos, Carpetas ) (0)</b>");
      document.writeln("~ No malintencionados o innecesarios artículos encontrados. (Explorer)");
      document.writeln("");
      document.writeln("<b>---\\ Registro ( Claves, Valores, Datos) (0)</b>");
      document.writeln("~ No malintencionados o innecesarios artículos encontrados. (Register)");
      document.writeln("");
      document.writeln("<b>---\\ Resultado de la reparación.</b>");
      document.writeln("~ ninguna reparación hecha");
      document.writeln("");
      document.writeln("<b>---\\ STATISTIQUES</b>");
      document.writeln("~ Items escaneado : 62107");
      document.writeln("~ Items encontrado : 0");
      document.writeln("~ artículos cancelados : 0");
      document.writeln("~ Items opciones : 0/7");
      document.writeln("~ Ahorro de espacio (bytes) : 0");
      document.writeln("~ End of search in 00h07mn27s");
      document.writeln("");
      document.writeln("<b>---\\ Reporte (5)</b>");
      document.writeln("ZHPCleaner-[R]-08032018-16_58_08.txt");
      document.writeln("ZHPCleaner-[S]-08032018-16_53_06.txt");
      document.writeln("ZHPCleaner-[S]-08032018-17_05_43.txt");
      document.writeln("ZHPCleaner-[S]-08032018-17_32_19.txt");
      document.writeln("ZHPCleaner-[S]-10032018-02_08_17.txt");
      </SCRIPT>
      </PRE>
      <h1 style="background-color: #1393ef; text-align: center; color: #ffffff; padding: 15px;">items encontrados por ZHPCleaner </h1>
      <br><A></A><h1 style="background-color: #1393ef; text-align: center; color: #ffffff; padding: 15px;">Información sobre los módulos</h1><A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/20/zhpdiag-module-g0-gcsp/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/google-chrome-navigateur-anti-malware-zone.jpg"TITLE=G0*Google*Chrome*Page*de*démarrage width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/11/02/zhpdiag-module-g2-gce/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/11/google-chrome-store-zone-antimalware-nicolas-coolman.png"TITLE=G2*Google*Chrome*Extension width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/11/10/zhpdiag-module-m2-mfep/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/11/DoNotTrakMe-Mozilla-Firefox-Extensions-Zone-Antimalware.png"TITLE=M2*Mozilla*Firefox*Extension width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/26/zhpdiag-module-p2-fpn/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/extension_de_Mozilla_zone-antimalware.png"TITLE=P2*Mozilla*Firefox*Extension* width=100 height=100</A>
      <A HREF="https://www.nicolascoolman.com/fr//r5-internet-explorer-proxy-management-iepm/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/04/proxy-server.jpg"TITLE=R5*Proxy*Management width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/23/zhpdiag-module-o1-ush/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/hosts_dns_O1_ZHPDiag.png"TITLE=O1*Redirection*du*fichier*Hosts width=100 height=100</A>
      <A HREF="https://www.nicolascoolman.com/fr//o2-browser-helper-objects-de-navigateur/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/IoT-internet-des-objets-anti-malware-zone.png"TITLE=O2*Browser*Helper*Objects*de*navigateur width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/11/26/zhpdiag-module-o3-barre-doutils-de-navigateurs/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/09/Toolbars-Anti-Malware-Zone.png"TITLE=O3*Internet*Explorer*Toolbars width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/11/02/zhpdiag-module-o4-adar/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/11/zhpdiag-module-O4-clé-run-zone-antimalware.png"TITLE=O4*Applications*démarrées*par*le*système* width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/11/27/zhpdiag-module-o4-global-startup/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/11/zhpdiag-module-O4-clé-run-zone-antimalware.png"TITLE=O4G*Raccourcis*Global*Startup width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/19/zhpdiag-module-o10-lsp/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/winsock-module-o10-zhpdiag.png"TITLE=O10*Winsock*hijacker* width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/19/zhpdiag-module-o17-mdad/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/DNS-Server-module-o17-zhpdiag.png"TITLE=O17*Modification*Adresse/Domaine*DNS width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/11/05/zhpdiag-module-o18-papp/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/11/protocoles-zhpdiag-module-o18-zone-antimalware.png"TITLE=O18*Protocoles*Additionnels width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/30/zhpdiag-module-o22-sharedtaskscheduler-sts/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/sharedtaskscheduler-zhpdiag-module-o22-zone-antimalware.png"TITLE=O22*Clé*Registre*SharedTaskScheduler* width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/20/zhpdiag-module-o23-smnd/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/services-windows-zhpdiag-module-o23.png"TITLE=O23*Services*NT*non*Microsoft width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/27/zhpdiag-module-o34-bootexecute-bex/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/session-manager-zhpdiag-zone-antimalware.png"TITLE=O34*BootExecute* width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/18/zhpdiag-module-o38-apt/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/windows10-taches-planifiées-module-o38-zhpdiag.png"TITLE=O38*Tâches*planifiées*Automatique width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/18/zhpdiag-module-o40-asic/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/activesetup-installed-components-asic-o40-zhpdiag.png"TITLE=O40*ActiveSetup*Installed*Components width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/11/01/zhpdiag-module-o42-loin/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/11/logiciels-applications-windows-ZAM-ZHPDiag3.png"TITLE=O42*Logiciels*installés width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/11/12/zhpdiag-module-o43-cfd/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/windows10-laptop.png"TITLE=O43*Contenu*des*dossiers*Programes width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/22/zhpdiag-module-o45-lfp/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/prefetch-ram-windows.png"TITLE=O45*Derniers*fichiers*Prefetcher width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/22/zhpdiag-module-o46-seh/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/Shell-Execute-hook2.png"TITLE=O46*ShellExecuteHooks width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/03/24/module-zhpdiag-o50/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/03/ifeo-image-file-execution-options-zhpdiag-o50.png"TITLE=O50*Image*File*Execution*Options width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/31/zhpdiag-module-o53-smsr/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/msconfig-microsoft-zone-antimalware-nicolascoolman.png"TITLE=O53*ShareTools*MSconfig*StartupReg width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/21/zhpdiag-module-o58-sdl/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/Pilotes-module-058-zhpdiag.png"TITLE=O58*Pilotes*du*Système width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/21/zhpdiag-module-o68-smi/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/windows-registre-start-menu-inernet.png"TITLE=O68*Start*Menu*Internet width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/11/04/zhpdiag-module-o69-sbi/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/11/searchscopes-registre-module-o69-zone-antimalware.png"TITLE=O69*Search*Browser*Infection width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/24/zhpdiag-module-o83-sss/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/svchosts-services-zhpdiag-o83.jpg"TITLE=O83*Services*démarrés*par*Svchost width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/2017/10/24/zhpdiag-module-o87-fael/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/FirewallRules-zhpdiag-o87.jpg"TITLE=O87*Firewall*Activ*Exception*List width=100 height=100</A>
      <A HREF="https://nicolascoolman.eu/wp-content/uploads/ads-alternate-data-stream/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2018/01/ADS-NTFS.png"TITLE=O108*Raccourcis*de*menu*contextuels width=100 height=100</A>
      <A></A><h1 style="background-color: #1393ef; text-align: center; color: #ffffff; padding: 15px;">ZHPCleaner Report end </h1></BODY>
      </HTML>

    10. #10
      Usuario Avatar de Daniel0312
      Registrado
      ene 2018
      Ubicación
      Argentina
      Mensajes
      1.680

      Re: Conexión a Internet, actividad de enviados y recibidos + sfc / scannow

      Pues, descarto problemas de virus. Podria ser problema de hardware ya que sube y baja

    Página 1 de 3 123 ÚltimoÚltimo