Ventanas emergentes impiden trabajar

aguasalada

Casi, casi, muda...
Miembro
Holaaaa....
Aquí estoy de nuevo; esta vez con ventanitas que se abren en la esquina inferior derecha y que no me dejan trabajar bien.
Por ejemplo, cuando se abre una de esas ventanas no me deja acceder a la barra de desplazamiento, o si estoy en photoshop no me deja acceder a la ventana de capas por estar debajo de dicha ventana, para poder trabajar tengo que minimizar el photoshop o lo que esté usando en ese momento.
¿Podríais echarme una mano por favor?

Aquí un ejemplo:

1ventanas emergentes.jpg
 

jbex

El que peca y reza empata
Administrador
Parece se te ha instalado con el navegador Chrome, mira donde dice Remove Ads si te deja deshabilitarlo o entrando configuración navegador Chrome.
Si no fuera el caso realiza los pasos que se señalan aquí Importante - Limpieza de spyware
Un saludo
 

aguasalada

Casi, casi, muda...
Miembro
Vale, no me deja deshabilitarlo en Remove Ads, me lleva a una pagina web; intenté hacerlo en Configuración el otro día pero sigo en las mismas.
Pasé el Malwarebytes y me detecta algo que ya puse en exclusiones, una cosa sé lo que es porque el propio nombre lo indica pero ¿y esto? "Generic.Malware/Suspicious, C:\WINDOWS\KMSERVICE.EXE"
Por otra parte el AdwCleaner no lo entiendo muy bien y no me atrevo a eliminar nada, por una parte me dice esto:

informe Adwcleaner.jpg

Di voy a los informes del programa y sigo la ruta me salen como dos logs con diferente nombre:

AdwCleaner_Debug.log

2019-10-22 09:49:00 : <INFO> [Application] AdwCleaner 7 . 4 . 2 launched
2019-10-22 09:49:02 : <INFO> [MBInstaller] Checking Iris
2019-10-22 09:49:02 : <INFO> [IRIS] Making request
2019-10-22 09:49:03 : <INFO> [Telemetry] Sending hello
ication updates
2019-10-22 09:49:04 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-10-22 09:49:04 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-10-22 09:49:04 : <INFO> [SslCert] Locality Name ("Santa Clara")
2019-10-22 09:49:04 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2019-10-22 09:49:04 : <INFO> [SslCert] Certificate EffectiveDate: "lu. oct. 2 00:00:00 2017 GMT"
2019-10-22 09:49:04 : <INFO> [SslCert] Certificate ExpirationDate: "ma. oct. 6 12:00:00 2020 GMT"
2019-10-22 09:49:04 : <INFO> [SslCert] ALPN: None
2019-10-22 09:49:04 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-10-22 09:49:04 : <INFO> [SslCert] KXE: "ECDH"
2019-10-22 09:49:04 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-10-22 09:49:04 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-10-22 09:49:04 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-10-22 09:49:04 : <INFO> [SslCert] Locality Name ("Santa Clara")
2019-10-22 09:49:04 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2019-10-22 09:49:04 : <INFO> [SslCert] Certificate EffectiveDate: "lu. oct. 2 00:00:00 2017 GMT"
2019-10-22 09:49:04 : <INFO> [SslCert] Certificate ExpirationDate: "ma. oct. 6 12:00:00 2020 GMT"
2019-10-22 09:49:04 : <INFO> [SslCert] ALPN: None
2019-10-22 09:49:04 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-10-22 09:49:04 : <INFO> [SslCert] KXE: "ECDH"
2019-10-22 09:49:04 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-10-22 09:49:04 : <INFO> [Telemetry] Status code: QVariant(int, 200)
2019-10-22 09:49:04 : <WARNING> [File Downloader] Error downloading ( QNetworkReply::NetworkError(ContentNotFoundError) )
2019-10-22 09:49:04 : <INFO> [IRIS] Failed
2019-10-22 09:49:11 : <INFO> [Button clicked] Close EULA
2019-10-22 09:49:17 : <INFO> [Application] AdwCleaner 7 . 4 . 2 launched
2019-10-22 09:49:19 : <INFO> [MBInstaller] Checking Iris
2019-10-22 09:49:19 : <INFO> [IRIS] Making request
2019-10-22 09:49:19 : <INFO> [AdwUpgrade] Checking application updates
2019-10-22 09:49:19 : <INFO> [Telemetry] Sending hello
2019-10-22 09:49:20 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-10-22 09:49:20 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-10-22 09:49:20 : <INFO> [SslCert] Locality Name ("Santa Clara")
2019-10-22 09:49:20 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2019-10-22 09:49:20 : <INFO> [SslCert] Certificate EffectiveDate: "lu. oct. 2 00:00:00 2017 GMT"
2019-10-22 09:49:20 : <INFO> [SslCert] Certificate ExpirationDate: "ma. oct. 6 12:00:00 2020 GMT"
2019-10-22 09:49:20 : <INFO> [SslCert] ALPN: None
2019-10-22 09:49:20 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-10-22 09:49:20 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-10-22 09:49:20 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-10-22 09:49:20 : <INFO> [SslCert] Locality Name ("Santa Clara")
2019-10-22 09:49:20 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2019-10-22 09:49:20 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-10-22 09:49:20 : <INFO> [SslCert] Certificate EffectiveDate: "lu. oct. 2 00:00:00 2017 GMT"
2019-10-22 09:49:20 : <INFO> [SslCert] Certificate ExpirationDate: "ma. oct. 6 12:00:00 2020 GMT"
2019-10-22 09:49:20 : <INFO> [SslCert] ALPN: None
2019-10-22 09:49:20 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-10-22 09:49:20 : <INFO> [SslCert] KXE: "ECDH"
2019-10-22 09:49:20 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-10-22 09:49:20 : <INFO> [Telemetry] Status code: QVariant(int, 200)
2019-10-22 09:49:21 : <WARNING> [File Downloader] Error downloading ( QNetworkReply::NetworkError(ContentNotFoundError) )
2019-10-22 09:49:21 : <INFO> [IRIS] Failed
2019-10-22 09:49:29 : <INFO> [Button clicked] EULA agreed
2019-10-22 09:49:33 : <INFO> [Button clicked] Scan
2019-10-22 09:49:33 : <INFO> [Scan] Started
2019-10-22 09:49:33 : <INFO> [Database] Downloading database
2019-10-22 09:49:41 : <INFO> [Database] Checking integrity
2019-10-22 09:49:41 : <INFO> [Database] Found 2588 families
2019-10-22 09:49:41 : <INFO> [Database] Database v "2019-10-21.1"
2019-10-22 09:49:42 : <INFO> [Loading paths] Local paths loaded
2019-10-22 09:49:42 : <INFO> [Loading paths] Chrome paths loaded
2019-10-22 09:49:42 : <INFO> [Loading paths] User Keys loaded
2019-10-22 09:49:42 : <INFO> [Module initialized] "File"
2019-10-22 09:49:42 : <INFO> [Module initialized] "Folder"
2019-10-22 09:49:42 : <INFO> [Module initialized] "RegistryKey"
2019-10-22 09:49:42 : <INFO> [Module initialized] "RegistryValue"
2019-10-22 09:49:43 : <INFO> [Module initialized] "TaskName"
2019-10-22 09:49:43 : <INFO> [Module initialized] "Service"
2019-10-22 09:49:43 : <INFO> [Module initialized] "Winlogon"
2019-10-22 09:49:52 : <INFO> [Module initialized] "URL"
2019-10-22 09:49:52 : <INFO> [Module initialized] "RegAppInit"
2019-10-22 09:49:52 : <INFO> [Module initialized] "RegClasses"
2019-10-22 09:49:52 : <INFO> [Module initialized] "DNS"
2019-10-22 09:49:52 : <INFO> [Module initialized] "RegFirewallPolicy"
2019-10-22 09:49:52 : <INFO> [Module initialized] "RegGuid"
2019-10-22 09:49:52 : <INFO> [Module initialized] "RegIEElevationPolicy"
2019-10-22 09:49:52 : <INFO> [Module initialized] "RegOther"
2019-10-22 09:49:52 : <INFO> [Module initialized] "RegProductID"
2019-10-22 09:49:53 : <INFO> [Module initialized] "RegSoftware"
2019-10-22 09:49:53 : <INFO> [Module initialized] "RegStartup"
2019-10-22 09:49:53 : <INFO> [Module initialized] "WMI"
2019-10-22 09:49:53 : <INFO> [Module initialized] "ChromiumExt"
2019-10-22 09:49:53 : <INFO> [Module initialized] "FirefoxExt"
2019-10-22 09:49:53 : <INFO> [Module initialize] Scan Browser
2019-10-22 09:49:58 : <INFO> [Module initialize] Scan Browser FF
2019-10-22 09:49:58 : <INFO> [Module initialize] FF start pages loaded
2019-10-22 09:49:58 : <INFO> [Module initialize] FF search providers loaded
2019-10-22 09:49:58 : <INFO> [Module initialize] FF plugin list loaded
2019-10-22 09:49:58 : <INFO> [Scan] Exclusions loaded
2019-10-22 09:50:07 : <INFO> [Scan] Item detected: "Preinstalled.HPMediaSmart" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" [ "Registry" ]
2019-10-22 09:50:07 : <INFO> [Scan] Item detected: "Preinstalled.HPMediaSmart" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{01FB4998-33C4-4431-85ED-079E3EEFE75D}" [ "Registry" ]
2019-10-22 09:50:08 : <INFO> [Scan] Item detected: "Preinstalled.LenovoPowerDVD" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" [ "Registry" ]
2019-10-22 09:50:08 : <INFO> [Scan] Item detected: "Preinstalled.LenovoPowerDVD" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" [ "Registry" ]
2019-10-22 09:50:08 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\WildTangent Games App - hp.lnk" [ "File" ]
2019-10-22 09:50:08 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDGAMES\\JEWEL MATCH 3" [ "Folder" ]
2019-10-22 09:50:08 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDGAMES\\POLAR BOWLER 1ST FRAME" [ "Folder" ]
2019-10-22 09:50:08 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDGAMES\\TRINKLIT SUPREME" [ "Folder" ]
2019-10-22 09:50:08 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDGAMES\\BEJEWELED 3" [ "Folder" ]
2019-10-22 09:50:08 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDGAMES\\BUILD-A-LOT" [ "Folder" ]
2019-10-22 09:50:08 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDGAMES\\YOUDA JEWEL SHOP" [ "Folder" ]
2019-10-22 09:50:08 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDGAMES\\BUILDING THE GREAT WALL OF CHINA COLLECTORS EDITION" [ "Folder" ]
2019-10-22 09:50:08 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDGAMES\\RUNEFALL" [ "Folder" ]
2019-10-22 09:50:08 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDGAMES\\RANCH RUSH 2 - PREMIUM EDITION" [ "Folder" ]
2019-10-22 09:50:08 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDGAMES\\CRAZY CHICKEN SOCCER" [ "Folder" ]
2019-10-22 09:50:08 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDGAMES\\WEDDING DASH" [ "Folder" ]
2019-10-22 09:50:08 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDGAMES\\DELICIOUS EMILYS WONDER WEDDING PREMIUM EDITION" [ "Folder" ]
2019-10-22 09:50:08 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDGAMES" [ "Folder" ]
2019-10-22 09:50:08 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDTANGENT GAMES\\APP" [ "Folder" ]
2019-10-22 09:50:08 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDTANGENT GAMES\\WEB LINK - SEAFIGHT" [ "Folder" ]
2019-10-22 09:50:08 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDTANGENT GAMES" [ "Folder" ]
2019-10-22 09:50:08 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKLM\\Software\\Wow6432Node\\\\Classes\\CLSID\\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}" [ "Registry" ]
2019-10-22 09:50:08 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Ext\\Preapproved\\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}" [ "Registry" ]
2019-10-22 09:50:08 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKU\\.DEFAULT\\Software\\Microsoft\\Internet Explorer\\Low Rights\\ElevationPolicy\\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}" [ "Registry" ]
2019-10-22 09:50:08 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKU\\S-1-5-18\\Software\\Microsoft\\Internet Explorer\\Low Rights\\ElevationPolicy\\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}" [ "Registry" ]
2019-10-22 09:50:09 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\WildTangent wildgames Master Uninstall" [ "Registry" ]
2019-10-22 09:50:09 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" [ "Registry" ]
2019-10-22 09:50:09 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" [ "Registry" ]
2019-10-22 09:50:09 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\WildTangentGDF-hp-seafight" [ "Registry" ]
2019-10-22 09:50:09 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\WildTangentGameProvider-hp-genres" [ "Registry" ]
2019-10-22 09:50:09 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\WildTangentGameProvider-hp-main" [ "Registry" ]
2019-10-22 09:50:10 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\WildTangentGDF-hp-mahjonggdarkdimensions" [ "Registry" ]
2019-10-22 09:50:10 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\WildTangentGDF-hp-edgeworld" [ "Registry" ]
2019-10-22 09:50:10 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\WildTangentGDF-hp-fifaworld" [ "Registry" ]
2019-10-22 09:50:10 : <INFO> [Scan] Item detected: "Preinstalled.CyberLinkShellExtension" , "HKLM\\Software\\Classes\\CLSID\\{3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2}" [ "Registry" ]
2019-10-22 09:50:10 : <INFO> [Scan] Item detected: "Preinstalled.HPCleanFLC" , "C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Microsoft Office.lnk" [ "File" ]
2019-10-22 09:50:10 : <INFO> [Scan] Item detected: "Preinstalled.LenovoPower2Go" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" [ "Registry" ]
2019-10-22 09:50:10 : <INFO> [Scan] Item detected: "Preinstalled.LenovoPower2Go" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" [ "Registry" ]
2019-10-22 09:50:12 : <INFO> [Scan] Item detected: "Preinstalled.HPSupportAssistant" , "C:\\Program Files (x86)\\HEWLETT-PACKARD\\HP CUSTOMER FEEDBACK" [ "Folder" ]
2019-10-22 09:50:12 : <INFO> [Scan] Item detected: "Preinstalled.HPSupportAssistant" , "C:\\Users\\Usuario\\AppData\\Roaming\\HEWLETT-PACKARD\\HP SUPPORT FRAMEWORK" [ "Folder" ]
2019-10-22 09:50:12 : <INFO> [Scan] Item detected: "Preinstalled.HPSupportAssistant" , "C:\\Users\\Usuario\\AppData\\Local\\HEWLETT-PACKARD\\HP SUPPORT FRAMEWORK" [ "Folder" ]
2019-10-22 09:50:12 : <INFO> [Scan] Item detected: "Preinstalled.HPSupportAssistant" , "C:\\Program Files (x86)\\HEWLETT-PACKARD\\HP SUPPORT FRAMEWORK" [ "Folder" ]
2019-10-22 09:50:12 : <INFO> [Scan] Item detected: "Preinstalled.HPSupportAssistant" , "C:\\ProgramData\\HEWLETT-PACKARD\\HP SUPPORT FRAMEWORK" [ "Folder" ]
2019-10-22 09:50:12 : <INFO> [Scan] Item detected: "Preinstalled.HPSupportAssistant" , "C:\\HP\\SUPPORT" [ "Folder" ]
2019-10-22 09:50:12 : <INFO> [Scan] Item detected: "Preinstalled.HPSupportAssistant" , "HKLM\\Software\\Classes\\CLSID\\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}" [ "Registry" ]
2019-10-22 09:50:12 : <INFO> [Scan] Item detected: "Preinstalled.HPSupportAssistant" , "HKLM\\Software\\Wow6432Node\\\\Classes\\CLSID\\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}" [ "Registry" ]
2019-10-22 09:50:12 : <INFO> [Scan] Item detected: "Preinstalled.HPSupportAssistant" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}" [ "Registry" ]
2019-10-22 09:50:12 : <INFO> [Scan] Item detected: "Preinstalled.HPSupportAssistant" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}" [ "Registry" ]
2019-10-22 09:50:12 : <INFO> [Scan] Item detected: "Preinstalled.HPSupportAssistant" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Stats\\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}" [ "Registry" ]
2019-10-22 09:50:12 : <INFO> [Scan] Item detected: "Preinstalled.HPSupportAssistant" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Settings\\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}" [ "Registry" ]
2019-10-22 09:50:12 : <INFO> [Scan] Item detected: "Preinstalled.HPSupportAssistant" , "HKLM\\Software\\Wow6432Node\\\\Classes\\CLSID\\{C0ABBA07-B636-47B8-B9E1-BB96D7CD4831}" [ "Registry" ]
2019-10-22 09:50:12 : <INFO> [Scan] Item detected: "Preinstalled.HPSupportAssistant" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{904822F1-6C7D-4B91-B936-6A1C0810544C}" [ "Registry" ]
2019-10-22 09:50:12 : <INFO> [Scan] Item detected: "Preinstalled.HPRegistrationService" , "C:\\Program Files (x86)\\HEWLETT-PACKARD\\HP REGISTRATION SERVICE" [ "Folder" ]
2019-10-22 09:50:12 : <INFO> [Scan] Item detected: "Preinstalled.HPRegistrationService" , "C:\\ProgramData\\HEWLETT-PACKARD\\HP REGISTRATION SERVICE" [ "Folder" ]
2019-10-22 09:50:12 : <INFO> [Scan] Item detected: "Preinstalled.HPRegistrationService" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{D1E8F2D7-7794-4245-B286-87ED86C1893C}" [ "Registry" ]
2019-10-22 09:50:12 : <INFO> [Scan] Item detected: "Preinstalled.HPHealthCheck" , "C:\\Program Files (x86)\\HEWLETT-PACKARD\\HP HEALTH CHECK" [ "Folder" ]
2019-10-22 09:50:12 : <INFO> [Scan] Item detected: "Preinstalled.HPHealthCheck" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{6F340107-F9AA-47C6-B54C-C3A19F11553F}" [ "Registry" ]
2019-10-22 09:50:14 : <INFO> [Telemetry] Sending to Influx
2019-10-22 09:50:16 : <INFO> [SslCert] Issued by ("Let's Encrypt Authority X3")
2019-10-22 09:50:16 : <INFO> [SslCert] Issued to ("telemetry-02.adwc.mb.fr33tux.org")
2019-10-22 09:50:16 : <INFO> [SslCert] Locality Name ()
2019-10-22 09:50:16 : <INFO> [SslCert] Organization ()
2019-10-22 09:50:16 : <INFO> [SslCert] Certificate EffectiveDate: "ju. oct. 17 14:50:26 2019 GMT"
2019-10-22 09:50:16 : <INFO> [SslCert] Certificate ExpirationDate: "mi. ene. 15 14:50:26 2020 GMT"
2019-10-22 09:50:16 : <INFO> [SslCert] ALPN: Yes
2019-10-22 09:50:16 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-10-22 09:50:16 : <INFO> [SslCert] KXE: "ECDH"
2019-10-22 09:50:16 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-10-22 09:50:16 : <INFO> [Telemetry] Status code: QVariant(int, 204)
2019-10-22 09:50:17 : <INFO> [Telemetry] Sending to DSE
2019-10-22 09:50:19 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-10-22 09:50:19 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-10-22 09:50:19 : <INFO> [SslCert] Locality Name ("San Jose")
2019-10-22 09:50:19 : <INFO> [SslCert] Organization ("Malwarebytes Inc.")
2019-10-22 09:50:19 : <INFO> [SslCert] Certificate EffectiveDate: "ju. feb. 22 00:00:00 2018 GMT"
2019-10-22 09:50:19 : <INFO> [SslCert] Certificate ExpirationDate: "mi. abr. 22 12:00:00 2020 GMT"
2019-10-22 09:50:19 : <INFO> [SslCert] ALPN: Yes
2019-10-22 09:50:19 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-10-22 09:50:19 : <INFO> [SslCert] KXE: "ECDH"
2019-10-22 09:50:19 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-10-22 09:50:19 : <INFO> [Telemetry] Status code: QVariant(int, 201)
2019-10-22 09:50:19 : <INFO> [Scan] Finished
2019-10-22 09:50:52 : <INFO> [Checkbox clicked] No threats detected "Don't show again": "Unchecked"
2019-10-22 09:51:03 : <INFO> [Button clicked] No threats detected ok button
2019-10-22 09:51:25 : <INFO> [Button clicked] Quarantine menu item
2019-10-22 09:51:27 : <INFO> [Button clicked] Log files menu item
2019-10-22 09:52:01 : <INFO> [Button clicked] Dashboard menu item
2019-10-22 09:52:06 : <INFO> [Button clicked] Log files menu item


AdwCleaner[S00].txt
# -------------------------------
# Malwarebytes AdwCleaner 7.4.2.0
# -------------------------------
# Build: 10-21-2019
# Database: 2019-10-21.1 (Cloud)
# Support: Customer Support & Help Center
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 10-22-2019
# Duration: 00:00:41
# OS: Windows 10 Home
# Scanned: 35182
# Detected: 57


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

Preinstalled.CyberLinkShellExtension Registry HKLM\Software\Classes\CLSID\{3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2}
Preinstalled.HPCleanFLC File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
Preinstalled.HPHealthCheck Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP HEALTH CHECK
Preinstalled.HPHealthCheck Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6F340107-F9AA-47C6-B54C-C3A19F11553F}
Preinstalled.HPMediaSmart Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
Preinstalled.HPMediaSmart Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{01FB4998-33C4-4431-85ED-079E3EEFE75D}
Preinstalled.HPRegistrationService Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP REGISTRATION SERVICE
Preinstalled.HPRegistrationService Folder C:\ProgramData\HEWLETT-PACKARD\HP REGISTRATION SERVICE
Preinstalled.HPRegistrationService Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D1E8F2D7-7794-4245-B286-87ED86C1893C}
Preinstalled.HPSupportAssistant Folder C:\HP\SUPPORT
Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK
Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Users\Usuario\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Users\Usuario\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{C0ABBA07-B636-47B8-B9E1-BB96D7CD4831}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{904822F1-6C7D-4B91-B936-6A1C0810544C}
Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Preinstalled.WildTangentGamesBundle File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - hp.lnk
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\BEJEWELED 3
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\BUILD-A-LOT
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\BUILDING THE GREAT WALL OF CHINA COLLECTORS EDITION
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\CRAZY CHICKEN SOCCER
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\DELICIOUS EMILYS WONDER WEDDING PREMIUM EDITION
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\JEWEL MATCH 3
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\POLAR BOWLER 1ST FRAME
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\RANCH RUSH 2 - PREMIUM EDITION
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\RUNEFALL
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\TRINKLIT SUPREME
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\WEDDING DASH
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\YOUDA JEWEL SHOP
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES\APP
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES\WEB LINK - SEAFIGHT
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-edgeworld
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-fifaworld
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-mahjonggdarkdimensions
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-seafight
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-hp-genres
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-hp-main
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp
Preinstalled.WildTangentGamesBundle Registry HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}


AdwCleaner_Debug.log - [18265 octets] - [22/10/2019 11:49:00]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########


De momento no voy a eliminar nada por si me cargo algo de interés
 

jbex

El que peca y reza empata
Administrador
Generic.Malware/Suspicious, C:\WINDOWS\KMSERVICE.EXE
Es el proceso de el activador de Microsoft Office 2010
WildTangent es un software que se instala frecuentemente en dispositivos informáticos como los de HP, DELL u otros fabricantes. Yo si no le das uso lo eliminaría.
Revisa el inicio de Windows y mira que inicia con el, escribe en la barra de búsqueda administrador de tareas vas a la pestaña Inicio y ves que inicia con Windows. Échale un vistazo a los procesos activos a ver si encontramos quien te muestra esos anuncios.
Un saludo
 

aguasalada

Casi, casi, muda...
Miembro
Vale, ¿Este software "WildTangent" es para los juegos no? No lo uso, al menos no de manera consciente, jajaja...
Las ventanas se abren aun sin tener abierto ningún navegador.
Aquí tienes lo del Inicio.

administrador tareas.png
 

aguasalada

Casi, casi, muda...
Miembro
Estuve mirando en "Panel de Control" -> "Programas y Características" y no encuentro el programa "WildTangent" para poder desinstalarlo. :rolleyes:

Estuve siguiendo las instrucciones del enlace que me dejaste sobre la limpieza de spyware en el sistema y me dio bastante trabajo usar el Modo a Prueba de fallos porque mi ordenador es un HP y no servía con la tecla F8.

Para Iniciar en Modo Seguro tuve que hacer lo siguiente:
1- Para Windows 10: En “Inicio” escribí Opciones de recuperación.

2- Fui a Inicio avanzado, hice clic en Reiniciar ahora.

3- A continuación en Solucionar problemas.

4- Clic en Opciones avanzadas.

5- En Windows 10: clic en Ver más opciones de recuperación y luego clic en Configuración de inicio.

6- Luego clic en Reiniciar.

Modo seguro-1.jpg
El equipo se reinicia y aparece otra pantalla de Configuración del inicio mostrando una lista con varias opciones.

7- Elegí la opción de Modo seguro que quise (en mi caso usé la tecla F 4) en el menú de Configuración del inicio:

- Presione la tecla F4 para Activar el modo seguro. El modo seguro inicia Windows con un conjunto mínimo de controladores y servicios.

- Presione la tecla F5 para activar el modo seguro con red. El Modo seguro con red inicia Windows en modo seguro y permite el acceso a Internet y a la red.

- Presione la tecla F6 para Activar el modo seguro con el símbolo del sistema. El Modo seguro con el símbolo del sistema inicia Windows en modo seguro con una ventana de línea de comandos. Por lo general, solo los profesionales de TI usan este modo.

modo seguro-2.jpg

8- Tuve que iniciar sesión con el nombre de mi cuenta y contraseña y el equipo ya se inicó en Modo Seguro.

9- Cuando terminó la “solución de problemas”, salí del Modo seguro presionando Inicio.

10- Clic en Iniciar/Apagar y luego seleccioné Reiniciar.
El equipo se inició normalmente.

Rkill 2.9.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2019 BleepingComputer.com
More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 10/22/2019 04:01:56 PM in x64 mode. (Safe Mode)
Windows Version: Windows 10 Home

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 22/10/19
Hora del análisis: 16:12
Archivo de registro: fa614b5d-f4d5-11e9-b6eb-000000000000.json

-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.613
Versión del paquete de actualización: 1.0.13005
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.418)
CPU: x64
Sistema de archivos: NTFS
Usuario: USUARIOPC\Usuario

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 348236
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 6 min, 47 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
HeurÃstica: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector fÃsico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)

(end)

anti-rootkit.png

En fin, que sigo en las mismas, voy a ir desinstalando todos esos programas que instalé para la desinfección. :rolleyes:

Un saludo y gracias por estar ahí siempre.

PD: No sé yo si el usar tanto Spoiler es bueno, si tal, editar lo que veáis, graciassss...
 

jbex

El que peca y reza empata
Administrador
Lo que me dejaste en la imagen el ultimo lo marcas y lo envías a cuarentena, cuando veas va todo ok lo eliminas de la cuarentena.
Un saludo
 

jbex

El que peca y reza empata
Administrador
Cuando salga la ventana, Control+Alt+Supr Abre administrador de tareas y mira pestaña procesos, a ver si encuentras el proceso que abre esa ventana de anuncio.
Si haces clic derecho sobre ellos podrás ver sus Propiedades o buscarlos en linea.Busca los que tu no veas claramente a que programa pertenecen.
Un saludo
 

jbex

El que peca y reza empata
Administrador
Gracias por la información y el manual aguasalada, seguro a mas de uno nos viene muy bien.
Un saludo
 
Arriba Pie