• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 20

    Ayuda con Virus ONCLICKREV

    ...

    1. #1
      Usuario Avatar de yolfry
      Registrado
      dic 2008
      Ubicación
      venezuela
      Mensajes
      59

      Ayuda con Virus ONCLICKREV

      Saludos la comunidad, desde el día viernes he venido presentando problemas con las paginas web que no tienen seguridad de sitio en sus dominios, y que apenas al entrar y cliqueo en alguna parte de la web me sale una ventana emergente a un sitio llamdo onclikrev, que solo redirecciona a publicidad o algo así, quisiera su colaboracion para eliminar el mismo, cabe destacar que ví un tema similar en el foro pero la solucion de ese tema no me funcionó:

      era descargar y ejecuttar lo sigiente

      ● IFS (InfoSpyware First Steps)
      ● AdwCleaner
      ● MalwareBytes Anti-Malware
      ● ZHP Cleaner (click en boton Telecharger de la pag.)
      ● Junkware Removal Tool
      ● Ccleaner


      voy a adjuntar los informes que poseo

      ~ ZHPCleaner v2018.3.10.49 by Nicolas Coolman (2018/03/10)
      ~ Run by salas (Administrator) (12/03/2018 17:20:40)
      ~ Web: https://www.nicolascoolman.com
      ~ Blog: https://nicolascoolman.eu/
      ~ Facebook : https://www.facebook.com/nicolascoolman1
      ~ State version :
      ~ Certificate ZHPCleaner: Legal
      ~ Type : Scanner
      ~ Report : C:\Users\salas\Desktop\ZHPCleaner.txt
      ~ Quarantine : C:\Users\salas\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
      ~ UAC : Activate
      ~ Boot Mode : Sans échec (Fail-safe boot)
      Windows 7 Professional, 32-bit Service Pack 1 (Build 7601)


      ---\\ Alternate Data Stream (ADS). (0)
      ~ No malintencionados o innecesarios artículos encontrados.


      ---\\ Servicios (0)
      ~ No malintencionados o innecesarios artículos encontrados.


      ---\\ Navegadores de Internet (0)
      ~ No malintencionados o innecesarios artículos encontrados.


      ---\\ Hosts carpeta (1)
      ~ El archivo hosts es legítimo (38)


      ---\\ Tareas automáticas programadas. (0)
      ~ No malintencionados o innecesarios artículos encontrados.


      ---\\ Explorador ( Archivos, Carpetas ) (0)
      ~ No malintencionados o innecesarios artículos encontrados.


      ---\\ Registro ( Claves, Valores, Datos) (0)
      ~ No malintencionados o innecesarios artículos encontrados.


      ---\\ Resultado de la reparación.
      ~ ninguna reparación hecha
      ~ falta este navegador! (Opera Software)


      ---\\ STATISTIQUES
      ~ Items escaneado : 59965
      ~ Items encontrado : 0
      ~ artículos cancelados : 0
      ~ Items opciones : 0/7
      ~ Ahorro de espacio (bytes) : 0


      ~ End of search in 00h06mn38s

      ---\\ Reporte (4)
      ZHPCleaner-[R]-12032018-16_57_24.txt
      ZHPCleaner-[S]-12032018-16_53_16.txt
      ZHPCleaner-[S]-12032018-17_04_17.txt
      ZHPCleaner-[S]-12032018-17_27_18.txt

      ------------------------------------------------------------------------------------------------

      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Junkware Removal Tool (JRT) by Malwarebytes
      Version: 8.1.4 (07.09.2017)
      Operating System: Windows 7 Professional x86
      Ran by salas (Administrator) on 12/03/2018 at 17:06:33,07
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




      File System: 25

      Successfully deleted: C:\Windows\wininit.ini (File)
      Successfully deleted: C:\Users\salas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\10QHH5LZ (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\salas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\144QYJG5 (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\salas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2RIUH2ZN (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\salas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5TUOATLA (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\salas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5Z98RBRU (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\salas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AQMURHAO (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\salas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CF3V3NPF (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\salas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IUI0XKWH (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\salas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MHI5QH45 (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\salas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O76UGT0L (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\salas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QHMLQMF2 (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\salas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TXAL7300 (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\10QHH5LZ (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\144QYJG5 (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2RIUH2ZN (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5TUOATLA (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5Z98RBRU (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AQMURHAO (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CF3V3NPF (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IUI0XKWH (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MHI5QH45 (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O76UGT0L (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QHMLQMF2 (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TXAL7300 (Temporary Internet Files Folder)



      Registry: 0





      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on 12/03/2018 at 17:08:50,00
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



      -------------------------

      MalwareBytes Anti-Malware

      lo pase como 4 veces y a no da amenaza. perdí el primer informe


      Espero puedan ayudar me con este tema

    2. #2
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      25.354

      Re: Ayuda con Virus ONCLICKREV

      Hola yolfry

      Pon el reporte de Malwarebytes aunque no detecte nada y si tienes el de AdwCleaner también nos lo pones para revisarlos.

      Descarga Farbar Recovery Scan Tool segun la arquitectura de tu sistema (32 o 64 bits)

      • La guardas en el escritorio >> Esto es muy importante..
      • Doble clic para ejecutar Frst.exe. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • En la ventana del Disclaimer, presiona Yes.

      • En la nueva ventana que se abre, presiona el botón Scan y espera paciente a que concluya el análisis.
      • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, estos estarán grabados en tu escritorio.

      • Para terminar abres los archivos Frst.txt y Addition.Txt copia y pega todo su contenido en tu próxima respuesta. Utiliza dos mensajes si te dice que es muy largo.


      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de yolfry
      Registrado
      dic 2008
      Ubicación
      venezuela
      Mensajes
      59

      Re: Ayuda con Virus ONCLICKREV

      ok, ya descargue delfix y me dió esto:

      # DelFix v1.013 - Logfile created 12/03/2018 at 20:03:53
      # Updated 17/04/2016 by Xplode
      # Username : salas - RSALAS
      # Operating System : Windows 7 Professional Service Pack 1 (32 bits)

      ~ Removing disinfection tools ...

      Deleted : C:\AdwCleaner
      Deleted : C:\Users\salas\Desktop\JRT.txt
      Deleted : C:\Users\salas\Desktop\ZHPCleaner.html
      Deleted : C:\Users\salas\Desktop\ZHPCleaner.lnk
      Deleted : C:\Users\salas\Desktop\ZHPCleaner.txt
      Deleted : C:\Users\salas\Downloads\AdwCleaner (1).exe
      Deleted : C:\Users\salas\Downloads\AdwCleaner.exe
      Deleted : C:\Users\salas\Downloads\JRT (1).exe
      Deleted : C:\Users\salas\Downloads\JRT.exe
      Deleted : C:\Users\salas\Downloads\log.txt
      Deleted : C:\Users\salas\Downloads\ZHPCleaner.exe

      ########## - EOF - ##########

    4. #4
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      25.354

      Re: Ayuda con Virus ONCLICKREV

      Yolfry, no vuelvas a realizar esos pasos, haz lo que te comento en mi respuesta anterior.
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de yolfry
      Registrado
      dic 2008
      Ubicación
      venezuela
      Mensajes
      59

      Re: Ayuda con Virus ONCLICKREV

      ok. voy a a eso, gracias

    6. #6
      Usuario Avatar de yolfry
      Registrado
      dic 2008
      Ubicación
      venezuela
      Mensajes
      59

      Re: Ayuda con Virus ONCLICKREV

      Malwarebytes
      www.malwarebytes.com

      -Detalles del registro-
      Fecha del análisis: 12/3/18
      Hora del análisis: 20:21
      Archivo de registro: 703f9b96-2654-11e8-a19d-00ff0d6318ab.json
      Administrador: Sí

      -Información del software-
      Versión: 3.4.4.2398
      Versión de los componentes: 1.0.322
      Versión del paquete de actualización: 1.0.4322
      Licencia: Prueba

      -Información del sistema-
      SO: Windows 7 Service Pack 1
      CPU: x86
      Sistema de archivos: NTFS
      Usuario: rsalas\salas

      -Resumen del análisis-
      Tipo de análisis: Análisis de amenazas
      Resultado: Completado
      Objetos analizados: 294468
      Amenazas detectadas: 0
      (No hay elementos maliciosos detectados)
      Amenazas en cuarentena: 0
      (No hay elementos maliciosos detectados)
      Tiempo transcurrido: 13 min, 52 seg

      -Opciones de análisis-
      Memoria: Activado
      Inicio: Activado
      Sistema de archivos: Activado
      Archivo: Activado
      Rootkits: Desactivado
      Heurística: Activado
      PUP: Detectar
      PUM: Detectar

      -Detalles del análisis-
      Proceso: 0
      (No hay elementos maliciosos detectados)

      Módulo: 0
      (No hay elementos maliciosos detectados)

      Clave del registro: 0
      (No hay elementos maliciosos detectados)

      Valor del registro: 0
      (No hay elementos maliciosos detectados)

      Datos del registro: 0
      (No hay elementos maliciosos detectados)

      Secuencia de datos: 0
      (No hay elementos maliciosos detectados)

      Carpeta: 0
      (No hay elementos maliciosos detectados)

      Archivo: 0
      (No hay elementos maliciosos detectados)

      Sector físico: 0
      (No hay elementos maliciosos detectados)


      (end)


      continuo con los otros.....

    7. #7
      Usuario Avatar de yolfry
      Registrado
      dic 2008
      Ubicación
      venezuela
      Mensajes
      59

      Re: Ayuda con Virus ONCLICKREV

      # AdwCleaner 7.0.8.0 - Logfile created on Tue Mar 13 00:40:30 2018
      # Updated on 2018/08/02 by Malwarebytes
      # Database: 2018-03-12.1
      # Running on Windows 7 Professional (X86)
      # Mode: scan
      # Support: https://www.malwarebytes.com/support

      ***** [ Services ] *****

      No malicious services found.

      ***** [ Folders ] *****

      No malicious folders found.

      ***** [ Files ] *****

      No malicious files found.

      ***** [ DLL ] *****

      No malicious DLLs found.

      ***** [ WMI ] *****

      No malicious WMI found.

      ***** [ Shortcuts ] *****

      No malicious shortcuts found.

      ***** [ Tasks ] *****

      No malicious tasks found.

      ***** [ Registry ] *****

      No malicious registry entries found.

      ***** [ Firefox (and derivatives) ] *****

      No malicious Firefox entries.

      ***** [ Chromium (and derivatives) ] *****

      No malicious Chromium entries.

      *************************



      ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########

    8. #8
      Usuario Avatar de yolfry
      Registrado
      dic 2008
      Ubicación
      venezuela
      Mensajes
      59

      Re: Ayuda con Virus ONCLICKREV

      FRST.TXT

      Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13.03.2018
      Ran by salas (administrator) on RSALAS (12-03-2018 20:42:45)
      Running from C:\Users\salas\Desktop
      Loaded Profiles: salas (Available Profiles: salas & Classic .NET AppPool & DefaultAppPool)
      Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Español (España, internacional)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (Microsoft Corporation) C:\Windows\System32\wlanext.exe
      (Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe
      (Google Inc.) C:\Program Files\Google\Update\1.3.33.7\GoogleCrashHandler.exe
      () C:\ProgramData\DIGITEL 3G\OnlineUpdate\ouc.exe
      () C:\ProgramData\DataCardService\HWDeviceService.exe
      (Huawei Technologies Co., Ltd.) C:\ProgramData\DataCardService\DCSHelper.exe
      (Intel Corporation) C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
      (Intel Corporation) C:\Windows\System32\igfxtray.exe
      (Intel Corporation) C:\Windows\System32\hkcmd.exe
      (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
      (Intel Corporation) C:\Windows\System32\igfxpers.exe
      (DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
      (Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
      () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
      (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
      (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
      (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
      () C:\Program Files\TunnelBear\TunnelBear.Maintenance.exe
      (McAfee Inc.) C:\Program Files\McAfee Safe Connect\McAfee Safe Connect.exe
      (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.690\SSScheduler.exe
      (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
      (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
      (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
      (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

      ==================== Registry (Whitelisted) ===========================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [AutoRun] => D:\Driver.exe
      HKLM\...\Run: [USB3MON] => C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
      HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
      HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
      HKLM\...\Run: [] => [X]
      HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499640 2016-12-17] (Adobe Systems Inc.)
      HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation)
      HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [350072 2012-03-09] ()
      HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [318128 2016-11-16] (Samsung Electronics Co., Ltd.)
      HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated)
      HKU\S-1-5-21-4015977857-1876642840-914190501-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7814656 2017-10-18] (Piriform Ltd)
      HKU\S-1-5-21-4015977857-1876642840-914190501-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27832264 2017-10-10] (Skype Technologies S.A.)
      HKU\S-1-5-21-4015977857-1876642840-914190501-1000\...\Run: [Globus] => C:\Users\salas\AppData\Local\Apps\2.0\2WAOXGZK.NRX\WYL7MO25.LC3\glob..tion_0e9bece345a75cf6_0003.0003_3ae3ea39d01bb3a3\Globus.exe [502816 2017-08-31] (GLOBUS INTERCOM Ltd)
      HKU\S-1-5-21-4015977857-1876642840-914190501-1000\...\Run: [McAfeeSafeConnect] => C:\Program Files\McAfee Safe Connect\McAfee Safe Connect.exe [1034160 2017-10-10] (McAfee Inc.)
      HKU\S-1-5-21-4015977857-1876642840-914190501-1000\...\MountPoints2: {8d927cbb-76d4-11e5-a1e4-40e230a4cf07} - E:\Controlador_USB_V1.003.exe
      HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
      Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2018-02-23]
      ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.690\SSScheduler.exe (McAfee, Inc.)

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      Tcpip\Parameters: [DhcpNameServer] 109.169.85.7 8.8.8.8
      Tcpip\..\Interfaces\{4C77D73D-EA88-4C35-BA02-DE63FBD69ABF}: [DhcpNameServer] 192.168.42.129
      Tcpip\..\Interfaces\{AFC22E74-DB19-4530-944B-1F9822CA38E4}: [NameServer] 8.8.8.8,8.8.4.4
      Tcpip\..\Interfaces\{B65CA1B9-393B-4570-A472-5ED35B4A513D}: [NameServer] 8.8.8.8,8.8.4.4
      Tcpip\..\Interfaces\{CD5BDF23-FB51-4B73-827C-612930DA7238}: [DhcpNameServer] 109.169.85.7 8.8.8.8
      Tcpip\..\Interfaces\{E9DCD167-1E49-4531-A762-E5B1F67860CF}: [DhcpNameServer] 192.168.42.129

      Internet Explorer:
      ==================
      BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
      BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
      BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-12-17] (Adobe Systems Incorporated)
      BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
      BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-12-17] (Adobe Systems Incorporated)
      Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-12-17] (Adobe Systems Incorporated)
      Toolbar: HKU\S-1-5-21-4015977857-1876642840-914190501-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-12-17] (Adobe Systems Incorporated)

      FireFox:
      ========
      FF ProfilePath: C:\Users\salas\AppData\Roaming\Mozilla\Firefox\Profiles\0kgr5n1g.default-1487275559851 [2018-03-12]
      FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
      FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2017-02-09] [Legacy]
      FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-06] ()
      FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
      FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
      FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
      FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
      FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
      FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
      FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)

      Chrome:
      =======
      CHR DefaultProfile: Profile 1
      CHR HomePage: Profile 1 -> presearch.org
      CHR NewTab: Profile 1 -> Active:"chrome-extension://fbknefhkjhbolemlchjhacbgckdjggod/newtab.html"
      CHR Profile: C:\Users\salas\AppData\Local\Google\Chrome\User Data\Default [2018-03-12]
      CHR Extension: (Presentaciones) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-22]
      CHR Extension: (Documentos) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-22]
      CHR Extension: (Google Drive) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-11]
      CHR Extension: (YouTube) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-11]
      CHR Extension: (Adobe Acrobat) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-09-13]
      CHR Extension: (Hojas de cálculo) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-26]
      CHR Extension: (Documentos de Google sin conexión) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-05]
      CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-08]
      CHR Extension: (Gmail) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-11]
      CHR Extension: (Chrome Media Router) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-26]
      CHR Profile: C:\Users\salas\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-03-12]
      CHR Profile: C:\Users\salas\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-03-12]
      CHR Extension: (Presentaciones) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
      CHR Extension: (Documentos) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
      CHR Extension: (Google Drive) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-10]
      CHR Extension: (YouTube) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-10]
      CHR Extension: (VK Messages Visual Statistics) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\chhkkciiljiehmmfgmodhaaljggikhmc [2017-08-04]
      CHR Extension: (Alexa Traffic Rank) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cknebhggccemgcnbidipinkifmmegdel [2017-06-12]
      CHR Extension: (Refind) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dlapbpopbcangbnjdhajdlanbfokjaja [2017-12-13]
      CHR Extension: (Adobe Acrobat) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-07]
      CHR Extension: (Presearch.org Start With Us) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fbknefhkjhbolemlchjhacbgckdjggod [2018-01-31]
      CHR Extension: (Toolkit For Facebook) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcachklhcihfinmagjnlomehfdhndhep [2018-02-02]
      CHR Extension: (Facebook Pixel Helper) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2017-10-11]
      CHR Extension: (Hojas de cálculo) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
      CHR Extension: (Authy Chrome Extension) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fhgenkpocbhhddlgkjnfghpjanffonno [2017-06-26]
      CHR Extension: (Authy) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gaedmjdfmmahhbjefcbgaolhhanlaolb [2017-12-21]
      CHR Extension: (Documentos de Google sin conexión) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-10]
      CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2018-03-12]
      CHR Extension: (Twitter Follower) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hcghlfjkhaigchnbbkbcgadlnckobaei [2018-03-12]
      CHR Extension: (SimilarWeb - Traffic Rank & Website Analysis) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp [2018-02-25]
      CHR Extension: (WavesLiteApp) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kfmcaklajknfekomaflnhkjjkcjabogm [2018-03-06]
      CHR Extension: (TubeBuddy for YouTube) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mhkhmbddkmdggbhaaaodilponhnccicb [2018-03-12]
      CHR Extension: (Screencastify - Screen Video Recorder) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mmeijimgabbpbgpdklnllpncmdofkcpn [2018-03-12]
      CHR Extension: (MetaMask) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2018-03-12]
      CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-29]
      CHR Extension: (Buffer) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\noojglkidnpfjbincgijbaiedldjfbhh [2018-03-12]
      CHR Extension: (Gmail) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-10]
      CHR Extension: (Chrome Media Router) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-10]
      CHR Extension: (FB Follower) - C:\Users\salas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ppdgkmjfplpmolgndoicmfiabhhcieik [2018-02-02]
      CHR Extension: (AutoFaucets v2: Автоматический сборщик c кранов) - C:\Users\salas\Documents\YOLFRY PERSONAL\NEGOCIOS INTERNET\autofaucets_dev [2017-04-22]
      CHR Profile: C:\Users\salas\AppData\Local\Google\Chrome\User Data\System Profile [2018-03-12]
      CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2016-12-17]

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R2 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)
      S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279024 2013-04-26] (Intel Corporation)
      S2 DIGITEL. RunOuc; C:\Program Files\DIGITEL 3G\UpdateDog\ouc.exe [655712 2011-05-28] ()
      R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] ()
      R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4675872 2018-03-03] (Malwarebytes)
      S3 McAfee Vpn Service; C:\Program Files\McAfee Safe Connect\service\VpnService.exe [320944 2017-10-10] ()
      S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.690\McCHSvc.exe [322792 2018-02-19] (McAfee, Inc.)
      R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
      R2 TunnelBearMaintenance; C:\Program Files\TunnelBear\TunnelBear.Maintenance.exe [37248 2017-09-06] ()
      R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
      S3 yate; C:\Program Files\Yate\yate-service.exe -w "C:\Program Files\Yate"

      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      S3 AVEO; C:\Windows\System32\DRIVERS\dcnt.sys [240896 2012-05-31] (UVC)
      S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [107648 2016-07-22] (Samsung Electronics Co., Ltd.)
      R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [58664 2018-01-18] ()
      S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [27040 2016-07-20] (LogMeIn, Inc.)
      S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [25856 2010-10-08] (Huawei Tech. Co., Ltd.)
      R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [524784 2013-01-31] (Intel Corporation)
      R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [26608 2013-01-31] (Intel Corporation)
      R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16880 2013-04-26] (Intel Corporation)
      R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [361968 2013-04-26] (Intel Corporation)
      R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [793072 2013-04-26] (Intel Corporation)
      R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [167648 2018-03-12] (Malwarebytes)
      R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [90856 2018-03-12] (Malwarebytes)
      R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [41352 2018-03-12] (Malwarebytes)
      R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [220896 2018-03-12] (Malwarebytes)
      R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [71800 2018-03-12] (Malwarebytes)
      R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [56432 2013-01-11] (Intel Corporation)
      R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1334856 2013-05-02] (Realtek Semiconductor Corporation )
      R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2013-11-26] (Samsung Electronics) [File not signed]
      S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [146048 2016-07-22] (Samsung Electronics Co., Ltd.)
      R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [23040 2017-10-10] (The OpenVPN Project)
      R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [36944 2017-06-15] (Anchorfree Inc.)
      S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [15872 2013-02-11] (Microsoft Corporation)
      S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2018-03-12 20:42 - 2018-03-12 20:43 - 000020307 _____ C:\Users\salas\Desktop\FRST.txt
      2018-03-12 20:42 - 2018-03-12 20:42 - 000000000 ____D C:\FRST
      2018-03-12 20:38 - 2018-03-12 20:40 - 000000000 ____D C:\AdwCleaner
      2018-03-12 20:20 - 2018-03-12 20:20 - 000220896 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
      2018-03-12 20:20 - 2018-03-12 20:20 - 000167648 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
      2018-03-12 20:20 - 2018-03-12 20:20 - 000090856 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
      2018-03-12 20:20 - 2018-03-12 20:20 - 000071800 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
      2018-03-12 20:20 - 2018-03-12 20:20 - 000041352 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
      2018-03-12 20:20 - 2018-03-12 20:20 - 000002020 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
      2018-03-12 20:20 - 2018-03-12 20:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
      2018-03-12 20:20 - 2018-01-18 09:03 - 000058664 _____ C:\Windows\system32\Drivers\mbae.sys
      2018-03-12 20:16 - 2018-03-12 20:17 - 001763840 _____ (Farbar) C:\Users\salas\Desktop\FRST.exe
      2018-03-12 20:09 - 2018-03-12 20:11 - 011201632 _____ (Piriform Ltd) C:\Users\salas\Desktop\ccsetup538.exe
      2018-03-12 20:09 - 2018-03-12 20:09 - 001790024 _____ (Malwarebytes) C:\Users\salas\Desktop\JRT.exe
      2018-03-12 20:08 - 2018-03-12 20:09 - 003099520 _____ C:\Users\salas\Desktop\ZHPCleaner.exe
      2018-03-12 20:07 - 2018-03-12 20:11 - 008222496 _____ (Malwarebytes) C:\Users\salas\Desktop\AdwCleaner.exe
      2018-03-12 20:03 - 2018-03-12 20:04 - 000000769 _____ C:\DelFix.txt
      2018-03-12 18:10 - 2018-03-12 18:10 - 000109672 _____ C:\Users\salas\AppData\Local\GDIPFONTCACHEV1.DAT
      2018-03-12 17:18 - 2018-03-12 17:50 - 000362304 _____ C:\Windows\ntbtlog.txt
      2018-03-12 17:17 - 2018-03-12 17:19 - 000408960 _____ C:\Windows\system32\FNTCACHE.DAT
      2018-03-12 16:46 - 2018-03-12 17:27 - 000000000 ____D C:\Users\salas\AppData\Roaming\ZHP
      2018-03-12 16:46 - 2018-03-12 16:46 - 000000000 ____D C:\Users\salas\AppData\Local\ZHP
      2018-03-12 16:06 - 2018-03-12 16:21 - 000000000 ____D C:\FSTool
      2018-03-12 15:54 - 2018-03-12 15:56 - 001599815 _____ C:\Users\salas\Desktop\IFS.exe
      2018-03-12 14:31 - 2018-03-12 14:31 - 000000000 ____D C:\Program Files\Malwarebytes
      2018-03-12 13:09 - 2018-03-12 13:26 - 069279448 _____ (Malwarebytes ) C:\Users\salas\Desktop\mb3-setup-consumer-3.4.4.2398-1.0.322-1.0.4298.exe
      2018-03-08 18:20 - 2018-03-08 18:20 - 000102698 _____ C:\Users\salas\Downloads\pago sobre manila.pdf
      2018-03-07 20:03 - 2018-03-07 20:03 - 000642364 _____ C:\Users\salas\Desktop\Appics_Bounty.pdf
      2018-03-07 16:01 - 2018-03-07 16:01 - 004854608 _____ C:\Users\salas\Downloads\DIAMOND GROUP GH DOMINGO.pdf
      2018-03-07 16:01 - 2018-03-07 16:01 - 004341827 _____ C:\Users\salas\Downloads\DIAMOND GROUP GH SABADO.pdf
      2018-03-06 05:49 - 2018-03-06 05:49 - 000231102 _____ C:\Users\salas\Desktop\ANTECEDENTES OMAR.pdf
      2018-03-06 05:47 - 2018-03-06 05:47 - 000226812 _____ C:\Users\salas\Downloads\mpdf.pdf
      2018-03-02 01:06 - 2018-03-02 01:07 - 000059252 _____ C:\Users\salas\Downloads\comprobante.pdf
      2018-02-28 13:55 - 2018-02-28 13:55 - 004448061 _____ C:\Users\salas\Downloads\Remates BriBri Domingo.pdf
      2018-02-28 13:54 - 2018-02-28 13:55 - 003934442 _____ C:\Users\salas\Downloads\Remates BriBri Sábado.pdf
      2018-02-28 12:25 - 2018-02-28 12:25 - 000122887 _____ C:\Users\salas\Downloads\Carreras 012 y 013.pdf
      2018-02-26 12:17 - 2018-02-26 12:17 - 000088719 _____ C:\Users\salas\Downloads\WhatsApp Image 2018-02-26 at 12.13.05 PM.jpeg
      2018-02-23 10:13 - 2018-03-09 10:13 - 000000000 ____D C:\ProgramData\McAfee Security Scan
      2018-02-23 10:13 - 2018-02-23 10:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
      2018-02-21 15:11 - 2018-02-21 15:11 - 005554403 _____ C:\Users\salas\Downloads\Remates BriBri Domingo 25-02.pdf
      2018-02-21 15:11 - 2018-02-21 15:11 - 004285415 _____ C:\Users\salas\Downloads\Remates BriBri Lunes 26-02.pdf
      2018-02-21 00:08 - 2018-02-21 00:08 - 000058493 _____ C:\Users\salas\Downloads\Corporaciones y fundaciones.pptx
      2018-02-20 22:23 - 2018-02-20 22:24 - 001121610 _____ C:\Users\salas\Downloads\EL-PETRO-CRONOLOGIA.pdf
      2018-02-20 10:37 - 2018-02-20 10:37 - 002600239 _____ C:\Users\salas\Downloads\minerone_whitepaper.pdf
      2018-02-19 12:30 - 2018-02-19 12:30 - 000014303 _____ C:\Users\salas\Desktop\calculos ICO (Autoguardado).xlsx
      2018-02-15 16:48 - 2018-02-15 16:48 - 005976296 _____ C:\Users\salas\Downloads\G.H DOMINGO REMATES BRIBRI.pdf
      2018-02-15 16:47 - 2018-02-15 16:48 - 005261536 _____ C:\Users\salas\Downloads\NuevoDocumento 2018-02-15.pdf
      2018-02-15 13:27 - 2018-02-15 13:28 - 001261691 _____ C:\Users\salas\Desktop\Analysis_of_Large-Scale_Bitcoin_Mining_Operations.pdf
      2018-02-13 21:55 - 2018-02-13 21:55 - 000001105 _____ C:\Users\Public\Desktop\Firefox.lnk
      2018-02-13 21:49 - 2018-02-13 21:50 - 000313520 _____ (Mozilla) C:\Users\salas\Downloads\Firefox Installer.exe
      2018-02-13 18:13 - 2018-02-13 18:14 - 001755159 _____ C:\Users\salas\Desktop\Informe-diseñado-CORPOELEC.pdf
      2018-02-13 16:16 - 2018-02-13 16:26 - 006165984 _____ C:\Users\salas\Downloads\Sin confirmar 407849.crdownload

      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2018-03-12 20:20 - 2017-06-12 21:16 - 000000000 ____D C:\ProgramData\Malwarebytes
      2018-03-12 18:18 - 2009-07-14 00:34 - 000019504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2018-03-12 18:18 - 2009-07-14 00:34 - 000019504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2018-03-12 18:16 - 2015-03-29 13:41 - 001835060 _____ C:\Windows\system32\PerfStringBackup.INI
      2018-03-12 18:16 - 2009-07-14 04:53 - 000809468 _____ C:\Windows\system32\perfh00A.dat
      2018-03-12 18:16 - 2009-07-14 04:53 - 000183132 _____ C:\Windows\system32\perfc00A.dat
      2018-03-12 18:16 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\inf
      2018-03-12 18:13 - 2015-09-15 23:13 - 000000000 ____D C:\Users\salas\AppData\Roaming\Skype
      2018-03-12 18:10 - 2017-02-01 12:02 - 000000000 ____D C:\Users\salas\AppData\Local\CrashDumps
      2018-03-12 18:09 - 2017-01-21 17:58 - 000065536 _____ C:\Windows\system32\Ikeext.etl
      2018-03-12 18:09 - 2015-05-24 16:33 - 003230208 ___SH C:\Users\salas\Desktop\Thumbs.db
      2018-03-12 18:09 - 2009-07-14 00:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2018-03-12 13:18 - 2017-10-10 09:37 - 000000000 ____D C:\Users\salas\AppData\LocalLow\Mozilla
      2018-03-12 09:40 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\system32\NDF
      2018-02-26 23:31 - 2017-10-16 13:16 - 000002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2018-02-26 23:31 - 2016-07-24 01:17 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2018-02-25 12:33 - 2016-07-25 10:41 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
      2018-02-23 10:13 - 2018-02-02 10:15 - 000002045 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
      2018-02-23 10:13 - 2016-07-25 10:42 - 000000000 ____D C:\Program Files\McAfee Security Scan
      2018-02-22 20:35 - 2015-03-29 14:09 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
      2018-02-19 12:43 - 2017-05-01 17:20 - 000000000 ____D C:\Users\salas\AppData\Roaming\FileZilla
      2018-02-19 12:40 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\ModemLogs
      2018-02-13 21:55 - 2017-10-04 23:53 - 000000000 ____D C:\Program Files\Mozilla Firefox
      2018-02-13 21:55 - 2015-03-29 14:09 - 000001117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk

      ==================== Files in the root of some directories =======

      2017-05-24 19:48 - 2009-09-13 21:58 - 000011776 _____ (Nattyware) C:\Users\salas\pixie.exe
      2017-04-26 15:06 - 2017-10-28 19:49 - 000000600 _____ () C:\Users\salas\AppData\Roaming\winscp.rnd
      2017-02-01 22:28 - 2017-08-01 15:32 - 000006656 _____ () C:\Users\salas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      2017-10-23 16:33 - 2017-10-23 19:26 - 000000600 _____ () C:\Users\salas\AppData\Local\PUTTY.RND

      ==================== Bamital & volsnap ======================

      (There is no automatic fix for files that do not pass verification.)

      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

      LastRegBack: 2018-03-09 02:12

      ==================== End of FRST.txt ============================

    9. #9
      Usuario Avatar de yolfry
      Registrado
      dic 2008
      Ubicación
      venezuela
      Mensajes
      59

      Re: Ayuda con Virus ONCLICKREV

      Adittion.txt

      Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13.03.2018
      Ran by salas (12-03-2018 20:44:07)
      Running from C:\Users\salas\Desktop
      Microsoft Windows 7 Professional Service Pack 1 (X86) (2015-03-29 17:36:47)
      Boot Mode: Normal
      ==========================================================


      ==================== Accounts: =============================

      Administrador (S-1-5-21-4015977857-1876642840-914190501-500 - Administrator - Disabled)
      HomeGroupUser$ (S-1-5-21-4015977857-1876642840-914190501-1002 - Limited - Enabled)
      Invitado (S-1-5-21-4015977857-1876642840-914190501-501 - Limited - Enabled)
      salas (S-1-5-21-4015977857-1876642840-914190501-1000 - Administrator - Enabled) => C:\Users\salas

      ==================== Security Center ========================

      (If an entry is included in the fixlist, it will be removed.)

      AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
      AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
      AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

      ==================== Installed Programs ======================

      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

      Adobe Acrobat Reader DC - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
      Adobe Acrobat XI Pro (HKLM\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.19 - Adobe Systems)
      Adobe Connect (HKU\S-1-5-21-4015977857-1876642840-914190501-1000\...\Adobe Connect App) (Version: 11.9.982.438 - Adobe Systems Inc.)
      Adobe Flash Player 28 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
      Adobe Flash Player 28 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
      aTube Catcher versión 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
      Camtasia Studio 8 (HKLM\...\{BFA04EE0-8240-4667-8D53-45496A901C33}) (Version: 8.1.2.1327 - TechSmith Corporation)
      CCleaner (HKLM\...\CCleaner) (Version: 5.36 - Piriform)
      Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
      Cisco LEAP Module (HKLM\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
      Cisco PEAP Module (HKLM\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
      Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
      Compresor WinRAR (HKLM\...\WinRAR archiver) (Version: - )
      D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
      Diagnóstico de impresoras Samsung (HKLM\...\Samsung Printer Diagnostics) (Version: 1.0.0.15 - Samsung Electronics Co., Ltd.)
      DIGITEL 3G (HKLM\...\DIGITEL 3G) (Version: DIGITEL 3G - )
      FileZilla Client 3.25.2 (HKLM\...\FileZilla Client) (Version: 3.25.2 - Tim Kosse)
      FUDVROCX V1.0.3.31 (HKLM\...\FUDVROCX_is1) (Version: - FUDVR)
      Galería de fotos (HKLM\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
      Google Chrome (HKLM\...\Google Chrome) (Version: 64.0.3282.186 - Google Inc.)
      Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
      Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3131 - Intel Corporation)
      Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
      Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
      Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
      Junk Mail filter update (HKLM\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
      Malwarebytes versión 3.4.4.2398 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.4.2398 - Malwarebytes)
      McAfee Safe Connect (HKLM\...\{F210DAEC-9E43-467E-87E8-B02DA469CFFC}) (Version: 1.4.1.150 - McAfee, Inc)
      McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.690.1 - McAfee, Inc.)
      Microsoft .NET Framework 4.7 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.02053 - Microsoft Corporation)
      Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
      Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0C0A-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
      Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
      Microsoft OneDrive (HKU\S-1-5-21-4015977857-1876642840-914190501-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
      Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
      Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
      Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
      Movie Maker (HKLM\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
      Movie Maker (HKLM\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
      Mozilla Firefox 58.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 58.0.2 (x86 en-US)) (Version: 58.0.2 - Mozilla)
      Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla)
      Notepad++ (HKLM\...\Notepad++) (Version: 6.8.7 - Notepad++ Team)
      Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x86) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
      Photo to Cartoon (HKLM\...\{C7DE53DF-A820-431B-9A24-F558C374C500}) (Version: 4.0.0 - Caricature Software)
      Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
      Realtek USB Card Reader (HKLM\...\{1E496A68-4943-424E-829D-5C3C85B7B8F2}) (Version: 6.2.9200.30150 - Realtek Semiconductor Corp.)
      REALTEK Wireless LAN Driver (HKLM\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0212 - REALTEK Semiconductor Corp.)
      Samsung Easy Printer Manager (HKLM\...\Samsung Easy Printer Manager) (Version: 1.05.29.04(12/09/2014) - Samsung Electronics Co., Ltd.)
      Samsung Easy Wireless Setup (HKLM\...\Easy Wireless Setup) (Version: 3.60.49.0 - Samsung Electronics Co., Ltd.)
      Samsung Kies (HKLM\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Hidden
      Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.)
      Samsung M2020 Series (HKLM\...\Samsung M2020 Series) (Version: 1.17 (23/09/2014) - Samsung Electronics Co., Ltd.)
      Samsung Printer Live Update (HKLM\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
      Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
      Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
      Skype™ 7.40 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.104 - Skype Technologies S.A.)
      SmartFTP Client (HKLM\...\{D38F49A7-85D5-4304-A80B-6B487216C9C5}) (Version: 8.0.2308.0 - SmartSoft Ltd.)
      SmartFTP Client Spanish (Spain, Traditional Sort) MUI (HKLM\...\{2FA0740E-0513-4A20-A63A-BE0A4269D12E}) (Version: 8.0.2308.0 - SmartSoft Ltd.)
      Technitium MAC Address Changer v6.0 (HKLM\...\TMACv6.0) (Version: 6.0 - Technitium)
      TunnelBear (HKLM\...\{8092fbe5-9e59-4729-a5de-5bb6a64873cc}) (Version: 3.0.37.12 - TunnelBear)
      TunnelBear (HKLM\...\{ABC9BE61-B890-4100-BCA4-5AC3BF1F3CB5}) (Version: 3.0.37.12 - TunnelBear) Hidden
      USB Master Clean versión 2.0.0.6 (HKLM\...\{3055FC6B-A890-41A5-AE6D-680696B00928}_is1) (Version: 2.0.0.6 - ElohimSoft, Inc.)
      Ver el Manual de Usuario (HKLM\...\View User Guide) (Version: 3.60.43.0 - )
      Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
      WinSCP 5.9.4 (HKLM\...\winscp3_is1) (Version: 5.9.4 - Martin Prikryl)
      Yate 5.4.0 - 1 (HKLM\...\Yet Another Telephony Engine_is1) (Version: 5.4.0 - Null Team Impex SRL)

      ==================== Custom CLSID (Whitelisted): ==========================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      CustomCLSID: HKU\S-1-5-21-4015977857-1876642840-914190501-1000_Classes\CLSID\{20DD1B9E-87C4-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-4015977857-1876642840-914190501-1000_Classes\CLSID\{232E456A-87C3-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-4015977857-1876642840-914190501-1000_Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\InprocServer32 -> C:\Windows\system32\msinet.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-4015977857-1876642840-914190501-1000_Classes\CLSID\{48E59294-9880-11CF-9754-00AA00C00908}\InprocServer32 -> C:\Windows\system32\msinet.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-4015977857-1876642840-914190501-1000_Classes\CLSID\{48E59295-9880-11CF-9754-00AA00C00908}\InprocServer32 -> C:\Windows\system32\msinet.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-4015977857-1876642840-914190501-1000_Classes\CLSID\{586A6352-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-4015977857-1876642840-914190501-1000_Classes\CLSID\{586A6353-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-4015977857-1876642840-914190501-1000_Classes\CLSID\{586A6354-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-4015977857-1876642840-914190501-1000_Classes\CLSID\{586A6355-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-4015977857-1876642840-914190501-1000_Classes\CLSID\{586A6356-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-4015977857-1876642840-914190501-1000_Classes\CLSID\{586A6357-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-4015977857-1876642840-914190501-1000_Classes\CLSID\{586A6359-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-4015977857-1876642840-914190501-1000_Classes\CLSID\{603C7E80-87C2-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-4015977857-1876642840-914190501-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\salas\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-4015977857-1876642840-914190501-1000_Classes\CLSID\{B09DE715-87C1-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-4015977857-1876642840-914190501-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\salas\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-4015977857-1876642840-914190501-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\salas\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-4015977857-1876642840-914190501-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\salas\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-4015977857-1876642840-914190501-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\salas\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\FileSyncApi.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-4015977857-1876642840-914190501-1000_Classes\CLSID\{FE38753A-44A3-11D1-B5B7-0000C09000C4}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
      ShellIconOverlayIdentifiers: [SmartFTP Drop] -> {EA5A76F7-8138-4B53-B0F5-ADCC730CAFBD} => C:\Program Files\SmartFTP Client\ShellTools.dll [2017-03-23] (SmartSoft Ltd.)
      ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim.dll [2012-09-23] (Adobe Systems Inc.)
      ContextMenuHandlers1: [ANotepad++] -> {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2015-04-15] ()
      ContextMenuHandlers1: [SmartFTP] -> {F87DED31-303F-4ED1-9BCE-D360FBC74E0A} => C:\Program Files\SmartFTP Client\ShellTools.dll [2017-03-23] (SmartSoft Ltd.)
      ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2006-09-13] ()
      ContextMenuHandlers4: [SmartFTP] -> {F87DED31-303F-4ED1-9BCE-D360FBC74E0A} => C:\Program Files\SmartFTP Client\ShellTools.dll [2017-03-23] (SmartSoft Ltd.)
      ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2006-09-13] ()
      ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-04-22] (Intel Corporation)
      ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim.dll [2012-09-23] (Adobe Systems Inc.)
      ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2006-09-13] ()

      ==================== Scheduled Tasks (Whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      Task: {15AE8AF6-5555-47DA-BE6A-9C263E6C8BF2} - System32\Tasks\{D768B580-30D0-47DE-99FF-717A464C9288} => C:\Windows\system32\pcalua.exe -a C:\Users\salas\Downloads\vcredist_x86.exe -d C:\Users\salas\Downloads
      Task: {2ED15053-721E-4200-9C16-52DD3DC509A2} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_28_0_0_161_pepper.exe [2018-02-07] (Adobe Systems Incorporated)
      Task: {470AA7D3-4635-494A-A0B5-D30F7F3E1A28} - System32\Tasks\{953EB071-148B-47E2-8C37-DF02F5CF3AE7} => C:\Windows\system32\pcalua.exe -a "C:\Users\salas\Desktop\Camtasia Studio 8 By Bladimir ARR\Camtasia Studio 8\Camtasia Studio 8.exe" -d "C:\Users\salas\Desktop\Camtasia Studio 8 By Bladimir ARR\Camtasia Studio 8"
      Task: {6E05B311-33FD-4091-9C63-62853C549B33} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-10-18] (Piriform Ltd)
      Task: {9373FDD1-FE17-4A79-9963-595BA60CCC06} - System32\Tasks\{ACB1EAF3-4BC1-416E-A375-420FF8E616DB} => C:\Windows\system32\pcalua.exe -a C:\Users\salas\Downloads\flash-disinfector-.exe -d C:\Users\salas\Downloads
      Task: {9BF1B5F2-7C9F-4C4C-87AD-F8A9B1D150F4} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation)
      Task: {9DC4E6C3-C101-4445-9105-7527BA301786} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
      Task: {9EDBF310-6EF1-4815-9DCA-E31FCFDBE720} - System32\Tasks\AdobeGCInvoker-1.0-rsalas-salas => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-01-05] (Adobe Systems, Incorporated)
      Task: {CF426BE8-1220-40D1-BE22-C8588AF2C159} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-07] (Adobe Systems Incorporated)
      Task: {E367AE46-14B8-4C82-9712-48F679CD828F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-07-24] (Google Inc.)
      Task: {ECADC0C7-0425-44BB-AA57-5E6C6BB66F6E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-10-18] (Piriform Ltd)
      Task: {ED59B5A4-8638-430E-A149-4950CDAA5CD0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-07-24] (Google Inc.)

      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


      ==================== Shortcuts & WMI ========================

      (The entries could be listed to be restored or removed.)


      ShortcutWithArgument: C:\Users\salas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Authy.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=gaedmjdfmmahhbjefcbgaolhhanlaolb
      ShortcutWithArgument: C:\Users\salas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\WavesLiteApp.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=kfmcaklajknfekomaflnhkjjkcjabogm
      ShortcutWithArgument: C:\Users\salas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->

      ==================== Loaded Modules (Whitelisted) ==============

      2013-09-05 00:44 - 2013-09-05 00:44 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
      2017-04-30 07:21 - 2017-04-30 07:21 - 000048296 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
      2015-03-29 14:09 - 2006-09-13 21:30 - 000126464 _____ () C:\Program Files\WinRAR\rarext.dll
      2015-04-15 16:13 - 2015-04-15 16:13 - 000260608 _____ () C:\Program Files\Notepad++\NppShell_06.dll
      2016-03-18 17:05 - 2013-05-29 07:58 - 000024064 _____ () C:\Windows\System32\ssj2mlm.dll
      2017-12-02 12:04 - 2011-05-28 03:44 - 000655712 _____ () C:\ProgramData\DIGITEL 3G\OnlineUpdate\ouc.exe
      2017-12-02 12:04 - 2009-01-10 06:32 - 000011362 _____ () C:\ProgramData\DIGITEL 3G\OnlineUpdate\mingwm10.dll
      2017-12-02 12:04 - 2009-06-22 14:42 - 000043008 _____ () C:\ProgramData\DIGITEL 3G\OnlineUpdate\libgcc_s_dw2-1.dll
      2017-12-02 12:04 - 2011-01-12 05:23 - 002415104 _____ () C:\ProgramData\DIGITEL 3G\OnlineUpdate\QtCore4.dll
      2017-12-02 12:04 - 2010-02-10 10:10 - 001148416 _____ () C:\ProgramData\DIGITEL 3G\OnlineUpdate\QtNetwork4.dll
      2017-12-02 12:04 - 2011-05-28 02:28 - 000835072 _____ () C:\ProgramData\DIGITEL 3G\OnlineUpdate\QueryStrategy.dll
      2017-12-02 12:04 - 2010-02-10 10:06 - 000398336 _____ () C:\ProgramData\DIGITEL 3G\OnlineUpdate\QtXml4.dll
      2011-03-14 11:27 - 2011-03-14 11:27 - 000271712 _____ () C:\ProgramData\DatacardService\HWDeviceService.exe
      2012-09-23 21:14 - 2012-09-23 21:14 - 000010240 _____ () C:\Program Files\Adobe\Acrobat 11.0\Acrobat\locale\es_es\acrotray.esp
      2012-03-09 10:28 - 2012-03-09 10:28 - 000350072 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
      2012-03-09 10:28 - 2012-03-09 10:28 - 000056696 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
      2017-09-26 21:22 - 2017-09-26 21:22 - 001984000 ____R () C:\Program Files\Skype\Phone\skypert.dll
      2017-10-18 12:19 - 2017-10-18 12:19 - 000098688 _____ () C:\Program Files\CCleaner\lang\lang-1034.dll
      2017-09-06 16:48 - 2017-09-06 16:48 - 000037248 _____ () C:\Program Files\TunnelBear\TunnelBear.Maintenance.exe
      2018-02-26 23:31 - 2018-02-22 00:12 - 003730264 _____ () C:\Program Files\Google\Chrome\Application\64.0.3282.186\libglesv2.dll
      2018-02-26 23:31 - 2018-02-22 00:12 - 000085848 _____ () C:\Program Files\Google\Chrome\Application\64.0.3282.186\libegl.dll
      2018-03-12 20:20 - 2018-03-01 11:31 - 001908512 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
      2018-03-12 20:20 - 2018-02-05 15:44 - 001935136 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll

      ==================== Alternate Data Streams (Whitelisted) =========

      (If an entry is included in the fixlist, only the ADS will be removed.)


      ==================== Safe Mode (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

      ==================== Association (Whitelisted) ===============

      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


      ==================== Internet Explorer trusted/restricted ===============

      (If an entry is included in the fixlist, it will be removed from the registry.)


      ==================== Hosts content: ===============================

      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

      2009-07-13 22:04 - 2018-03-12 16:57 - 000000885 _____ C:\Windows\system32\Drivers\etc\hosts


      ==================== Other Areas ============================

      (Currently there is no automatic fix for this section.)

      HKU\S-1-5-21-4015977857-1876642840-914190501-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\salas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
      DNS Servers: 109.169.85.7 - 8.8.8.8
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
      Windows Firewall is disabled.

      ==================== MSCONFIG/TASK MANAGER disabled items ==


      ==================== FirewallRules (Whitelisted) ===============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
      FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
      FirewallRules: [TCP Query User{1051DD2C-8E19-4341-B7AA-2EC6F240AB53}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
      FirewallRules: [UDP Query User{BF693DC6-9F72-4587-9099-EE3CB5A65B68}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
      FirewallRules: [TCP Query User{38DACC4E-6F3B-415D-B6FC-ED3E626B9C6D}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe
      FirewallRules: [UDP Query User{8610CB6B-ADD8-4E3F-A429-1E1EC72C549A}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe
      FirewallRules: [TCP Query User{138CAB95-5958-4030-84A2-90D8BF71D421}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe
      FirewallRules: [UDP Query User{CDA98E30-67B0-42AB-9845-14BA34BCA32F}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe
      FirewallRules: [TCP Query User{99E06EB3-F350-4899-AB05-598F9BBD4301}C:\program files\skype\phone\skype.exe] => (Block) C:\program files\skype\phone\skype.exe
      FirewallRules: [UDP Query User{8547EF62-61F0-4C7A-B341-025261210ED1}C:\program files\skype\phone\skype.exe] => (Block) C:\program files\skype\phone\skype.exe
      FirewallRules: [{54DE7B14-5D5D-427F-8F89-348C4971E612}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
      FirewallRules: [{65A56F54-7C10-49E4-A1B1-925BE42C6110}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      FirewallRules: [{FD84F146-4AB2-4C54-AE19-070C4B0BA509}] => (Allow) C:\Program Files\SmartFTP Client\SmartFTP.exe
      FirewallRules: [{E0CFC0E1-4AA5-44BA-8373-B135AE3B7106}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
      FirewallRules: [{A8963163-662E-4CDC-8570-2AFBE359CB5A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
      FirewallRules: [{1F5281EF-D538-4130-99D9-677D297B008A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
      FirewallRules: [{6559726C-BAC5-462B-B3F8-CEB0CC7C8C2C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

      ==================== Restore Points =========================

      15-02-2018 00:00:10 Punto de control programado
      22-02-2018 04:28:01 Punto de control programado
      02-03-2018 04:25:22 Punto de control programado
      10-03-2018 00:22:55 Punto de control programado
      12-03-2018 13:20:04 Windows Update
      12-03-2018 17:06:37 JRT Pre-Junkware Removal

      ==================== Faulty Device Manager Devices =============

      Name: Dispositivo periférico Bluetooth
      Description: Dispositivo periférico Bluetooth
      Class Guid:
      Manufacturer:
      Service:
      Problem: : The drivers for this device are not installed. (Code 28)
      Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

      Name: Dispositivo periférico Bluetooth
      Description: Dispositivo periférico Bluetooth
      Class Guid:
      Manufacturer:
      Service:
      Problem: : The drivers for this device are not installed. (Code 28)
      Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


      ==================== Event log errors: =========================

      Application errors:
      ==================
      Error: (03/12/2018 08:19:34 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: mbamservice.exe, versión: 3.1.0.634, marca de tiempo: 0x5a7e0545
      Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
      Código de excepción: 0xc0000005
      Desplazamiento de errores: 0x70002500
      Id. del proceso con errores: 0xc64
      Hora de inicio de la aplicación con errores: 0x01d3ba4eda08e81d
      Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
      Ruta de acceso del módulo con errores: unknown
      Id. del informe: 34c25b2e-2654-11e8-8c5f-40e230a4cf07

      Error: (03/12/2018 0614 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: Globus.exe, versión: 3.3.0.0, marca de tiempo: 0x59a706d6
      Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
      Código de excepción: 0xc0000005
      Desplazamiento de errores: 0x014ec64b
      Id. del proceso con errores: 0xb28
      Hora de inicio de la aplicación con errores: 0x01d3ba4ed77d5b02
      Ruta de acceso de la aplicación con errores: C:\Users\salas\AppData\Local\Apps\2.0\2WAOXGZK.NRX\WYL7MO25.LC3\glob..tion_0e9bece345a75cf6_0003.0003_3ae3ea39d01bb3a3\Globus.exe
      Ruta de acceso del módulo con errores: unknown
      Id. del informe: 22fdb2d5-2642-11e8-8c5f-40e230a4cf07

      Error: (03/12/2018 0613 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
      Description: Aplicación: Globus.exe
      Versión de Framework: v4.0.30319
      Descripción: el proceso terminó debido a una excepción no controlada.
      Información de la excepción: System.NullReferenceException
      en Globus.App.IsApplicationInstalled(System.String)
      en Globus.App.Application_Startup(System.Object, System.Windows.StartupEventArgs)
      en System.Windows.Application.OnStartup(System.Windows.StartupEventArgs)
      en System.Windows.Application.<.ctor>b__1_0(System.Object)
      en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
      en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
      en System.Windows.Threading.DispatcherOperation.InvokeImpl()
      en System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
      en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
      en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
      en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
      en MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
      en System.Windows.Threading.DispatcherOperation.Invoke()
      en System.Windows.Threading.Dispatcher.ProcessQueue()
      en System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
      en MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
      en MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
      en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
      en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
      en System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
      en MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
      en MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
      en System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
      en System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
      en System.Windows.Application.RunDispatcher(System.Object)
      en System.Windows.Application.RunInternal(System.Windows.Window)
      en System.Windows.Application.Run(System.Windows.Window)
      en Globus.App.Main()

      Error: (03/12/2018 0609 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
      Description: No se puede inicializar el índice.

      Detalles:
      El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)

      Error: (03/12/2018 0609 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
      Description: No se puede inicializar la aplicación.

      Contexto: aplicación Windows

      Detalles:
      El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)

      Error: (03/12/2018 0609 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
      Description: No se puede inicializar el objeto Recopilador.

      Contexto: aplicación Windows, catálogo SystemIndex

      Detalles:
      El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)

      Error: (03/12/2018 0609 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
      Description: No se puede inicializar el complemento <Search.TripoliIndexer>.

      Contexto: aplicación Windows, catálogo SystemIndex

      Detalles:
      No se ha encontrado el elemento. (HRESULT : 0x80070490) (0x80070490)

      Error: (03/12/2018 0608 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
      Description: No se puede inicializar el complemento <Search.JetPropStore>.

      Contexto: aplicación Windows, catálogo SystemIndex

      Detalles:
      El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)


      System errors:
      =============
      Error: (03/12/2018 08:40:28 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
      Description: Se recibió la siguiente alerta irrecuperable: 70.

      Error: (03/12/2018 08:40:27 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
      Description: Se recibió la siguiente alerta irrecuperable: 70.

      Error: (03/12/2018 08:19:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio Malwarebytes Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 5000 milisegundos: Reiniciar el servicio.

      Error: (03/12/2018 0649 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
      Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID
      {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
      y APPID
      {344ED43D-D086-4961-86A6-1106F4ACAD9B}
      al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

      Error: (03/12/2018 0609 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio Windows Search terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

      Error: (03/12/2018 0609 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
      Description: El servicio Windows Search se cerró con el error específico de servicio %%-1073473535.

      Error: (03/12/2018 06:09:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
      Description: El servicio DIGITEL. OUC no pudo iniciarse debido al siguiente error:
      El servicio no respondió a tiempo a la solicitud de inicio o de control.

      Error: (03/12/2018 06:09:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
      Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio DIGITEL. OUC.


      Windows Defender:
      ===================================
      Date: 2017-06-12 18:58:54.056
      Description:
      Windows Defender detectó spyware u otro software potencialmente no deseado.
      Para obtener más información, consulte lo siguiente:
      BrowserModifier:Win32/Heazycrome threat description - Windows Defender Security Intelligence
      Nombre:BrowserModifier:Win32/Heazycrome
      Id.:234061
      Gravedad:Alta
      Categoría:Modificador de explorador
      Ruta de acceso encontrada:file:C:\Users\salas\AppData\Local\Temp\00002497\service.exe;process:pid:3084
      Tipo de detección:Concreto
      Origen de detección:Protección en tiempo real
      Estado:Desconocido
      Usuario:\
      Nombre de proceso:

      Date: 2017-06-12 19:00:47.438
      Description:
      Windows Defender encontró un error al tomar medidas ante spyware u otro software potencialmente no deseado.
      Para obtener más información, consulte lo siguiente:
      BrowserModifier:Win32/Heazycrome threat description - Windows Defender Security Intelligence
      Usuario:rsalas\salas
      Nombre:BrowserModifier:Win32/Heazycrome
      Id.:234061
      Gravedad:Alta
      Categoría:Modificador de explorador
      Ruta de acceso:
      Acción:Quitar
      Código de error:0x80508023
      Descripción de error:El programa no encontró spyware ni cualquier otro software potencialmente no deseado en este equipo.
      Estado:

      CodeIntegrity:
      ===================================

      Date: 2017-01-16 09:59:00.512
      Description:
      Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Panda Security\Panda Security Protection\Drivers\psinreg\PSINReg.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-01-16 09:59:00.509
      Description:
      Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Panda Security\Panda Security Protection\Drivers\psinreg\PSINReg.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-01-16 09:59:00.506
      Description:
      Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Panda Security\Panda Security Protection\Drivers\psinreg\PSINReg.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-01-16 09:59:00.353
      Description:
      Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Panda Security\Panda Security Protection\Drivers\psinreg\PSINReg.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-01-16 09:59:00.348
      Description:
      Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Panda Security\Panda Security Protection\Drivers\psinreg\PSINReg.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-01-16 09:59:00.344
      Description:
      Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Panda Security\Panda Security Protection\Drivers\psinreg\PSINReg.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-01-16 09:58:59.095
      Description:
      Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Panda Security\Panda Security Protection\Drivers\NNStlsc\NNStlsc.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2017-01-16 09:58:59.092
      Description:
      Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Panda Security\Panda Security Protection\Drivers\NNStlsc\NNStlsc.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      ==================== Memory info ===========================

      Processor: Intel(R) Core(TM) i3-4000M CPU @ 2.40GHz
      Percentage of memory in use: 59%
      Total physical RAM: 1970.36 MB
      Available physical RAM: 789.36 MB
      Total Virtual: 3940.72 MB
      Available Virtual: 2277.79 MB

      ==================== Drives ================================

      Drive c: () (Fixed) (Total:465.66 GB) (Free:402.6 GB) NTFS

      \\?\Volume{f50416a3-d638-11e4-a6c1-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

      ==================== MBR & Partition Table ==================

      ========================================================
      Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: C1894023)
      Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
      Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

      ==================== End of Addition.txt ============================

    10. #10
      Usuario Avatar de yolfry
      Registrado
      dic 2008
      Ubicación
      venezuela
      Mensajes
      59

      Re: Ayuda con Virus ONCLICKREV

      listo Daniela, ya hice todos los pasos, aún el problema persiste espero puedas encontrar la anomalía en los informas

    Página 1 de 2 12 ÚltimoÚltimo