[icotonev]

I want to do the following:

 

To uninstall FRST and remove all its files, please do the following ...

 

• Rename FRST64.exe to Uninstall.exe
• Double click on Uninstall.exe to launch it.
  • Your computer will reboot, and on reboot will remove FRST and all its files

 

 

KpRm

Download KpRm by kernel-panik and save it to your desktop.

• Right-click kprm_(version).exe and select Run as Administrator.
• When the tool opens, ensure all boxes are checked, and select Run.
• Once complete, click OK.
• A log will open in Notepad titled kprm-(date).txt.
• Please copy and paste its contents in your next reply.

 

 

 

 

Please do a new full scan with Avast and write about the result ..!!!

 

 

+

 

Scanning with SecurityCheck by glax24
 

• Download SecurityCheck by glax24 from here and remember the tool on the desktop.
• Run the program right-click the administrator name
• Wait for the scan to finish. It will open in a text file named SecurityType.txt. Copy the contents of this file to your next post
• You can find this file in the root of the system disk in a folder called SecurityCheck, C: \\ SecurityCheck \\ SecurityCheck.txt

 

 

 

 

 

[Advertisements]

Here it is. As for the Avast, it didn't find anything as of today. I bet that by the afternoon it'll be different. 

 

# Run at 15/8/2020 13:43:34

# KpRm (Kernel-panik) version 2.8

# Website https://kernel-panik.me/tool/kprm/

# Run by Matoke from C:\Users\amd\Downloads

# Computer Name: DESKTOP-4LAFI5B

# OS: Windows 10 X64 (18363) 

# Number of passes: 1

 

- Checked options -

 

    ~ Registry Backup

    ~ Delete Tools

    ~ Restore System Settings

    ~ UAC Restore

    ~ Delete Restore Points

    ~ Create Restore Point

    ~ Delete Quarantines

 

- Create Registry Backup -

 

   ~ [OK] Hive C:\WINDOWS\System32\config\SOFTWARE backed up

   ~ [OK] Hive C:\Users\amd\NTUSER.dat backed up

 

     [OK] Registry Backup: C:\KPRM\backup\2020-08-15-13-43-34

 

- Delete Tools -

 

 

  ## AdwCleaner

     [OK] C:\Users\amd\Desktop\Para los Virus\AdwCleaner.exe deleted

     [OK] C:\AdwCleaner deleted

 

  ## CKScanner

     [OK] C:\Users\amd\Desktop\Kit salva compu\CKScanner.exe deleted

 

  ## FRST

     [OK] C:\Users\amd\Downloads\fixlist (1).txt deleted

     [OK] C:\Users\amd\Downloads\fixlist.txt deleted

 

  ## Malwarebytes Anti-Rootkit

     [OK] C:\Users\amd\Desktop\mbar deleted

 

  ## SecurityCheck

     [OK] C:\Users\amd\Desktop\SecurityCheck.exe deleted

     [OK] C:\Users\amd\Downloads\SecurityCheck.exe deleted

 

- Restore System Settings -

 

     [OK] Reset WinSock

     [OK] FLUSHDNS

     [OK] Hide Hidden file.

     [OK] Show Extensions for known file types

     [OK] Hide protected operating system files

 

- Restore UAC -

 

     [OK] Set EnableLUA with default (1) value

     [OK] Set ConsentPromptBehaviorAdmin with default (5) value

     [OK] Set ConsentPromptBehaviorUser with default (3) value

     [OK] Set EnableInstallerDetection with default (0) value

     [OK] Set EnableSecureUIAPaths with default (1) value

     [OK] Set EnableUIADesktopToggle with default (0) value

     [OK] Set EnableVirtualization with default (1) value

     [OK] Set FilterAdministratorToken with default (0) value

     [OK] Set PromptOnSecureDesktop with default (1) value

     [OK] Set ValidateAdminCodeSignatures with default (0) value

 

- Clear Restore Points -

 

   ~ [OK] RP named Windows Update created at 08/10/2020 04:38:09 deleted

     [OK] All system restore points have been successfully deleted

 

- Create Restore Point -

 

     [OK] System Restore Point created

 

- Display System Restore Point -

 

   ~ [I] RP named KpRm created at 08/15/2020 16:44:10

 

-- KPRM finished in 84.80s --

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

SecurityCheck by glax24 & Severnyj v.1.4.0.53 [27.10.17]

WebSite: www.safezone.cc

DateLog: 16.08.2020 14:15:59

Path starting: C:\Users\amd\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe

Log directory: C:\SecurityCheck\

IsAdmin: True

User: Matoke

VersionXML: 7.78is-13.08.2020

___________________________________________________________________________

 

Windows 10(6.3.18363) (x64) Professional Release: 1909 Lang: Spanish(080A)

Installation date OS: 17.03.2020 04:58:18

LicenseStatus: Windows®, Professional edition Volume activation will expire : 252388 minutes

LicenseStatus: Office 19, Office19ProPlus2019VL_KMS_Client_AE edition Volume activation will expire : 106852 minutes

LicenseStatus: Office 16, Office16ProPlusVL_KMS_Client edition Volume activation will expire : 106852 minutes

Boot Mode: Normal

Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

SystemDrive: C: FS: [NTFS] Capacity: [930.3 Gb] Used: [400.4 Gb] Free: [529.9 Gb]

------------------------------- [ Windows ] -------------------------------

Internet Explorer 11.1016.18362.0 [+]

User Account Control enabled

Security Center (wscsvc) - The service is running

Registro remoto (RemoteRegistry) - The service has stopped

Detección SSDP (SSDPSRV) - The service is running

Servicios de Escritorio remoto (TermService) - The service has stopped

Administración remota de Windows (WS-Management) (WinRM) - The service has stopped

---------------------------- [ Antivirus_WMI ] ----------------------------

Windows Defender (disabled and up to date)

Avast Antivirus (enabled and up to date)

Malwarebytes (enabled and up to date)

--------------------------- [ FirewallWindows ] ---------------------------

Firewall de Windows Defender (mpssvc) - The service is running

--------------------------- [ AntiSpyware_WMI ] ---------------------------

Windows Defender (enabled and up to date)

---------------------- [ AntiVirusFirewallInstall ] -----------------------

Malwarebytes version 4.1.2.73 v.4.1.2.73

Avast Free Antivirus v.20.6.2420

--------------------------- [ OtherUtilities ] ----------------------------

Microsoft Office Profesional Plus 2019 - es-es v.16.0.13029.20344 [+]

VLC media player v.3.0.10 Warning! Download Update

NVIDIA GeForce Experience 3.20.4.14 v.3.20.4.14

Zoom v.5.0 Warning! Download Update

K-Lite Codec Pack 15.2.0 Basic v.15.2.0 Warning! Download Update

Steam v.2.10.91.91

-------------------------------- [ Arch ] ---------------------------------

7-Zip 19.00 (x64) v.19.00

WinRAR 5.60 (32-bit) v.5.60.0 Warning! Download Update

--------------------------------- [ IM ] ----------------------------------

Discord v.0.0.306 Warning! Download Update

Microsoft Teams v.1.3.00.21759 [+]

WhatsApp v.2.2033.7

--------------------------------- [ P2P ] ---------------------------------

µTorrent v.3.5.5.45776 Warning! P2P-client.

-------------------------------- [ Java ] ---------------------------------

Java 8 Update 221 (64-bit) v.8.0.2210.11 Warning! Download Update

Uninstall old version and install new one (jre-8u261-windows-x64.exe).

------------------------------- [ Browser ] -------------------------------

Google Chrome v.84.0.4147.125

Microsoft Edge v.84.0.522.59

------------------ [ AntivirusFirewallProcessServices ] -------------------

aswbIDSAgent (aswbIDSAgent) - The service is running

C:\Program Files\Avast Software\Avast\aswidsagent.exe v.20.6.5495.0

C:\Program Files\Avast Software\Avast\aswEngSrv.exe v.20.6.5495.0

C:\Program Files\Avast Software\Avast\AvastUI.exe v.20.6.5495.0

AvastWscReporter (AvastWscReporter) - The service is running

C:\Program Files\Avast Software\Avast\wsc_proxy.exe v.20.6.5495.0

aswbIDSAgent (aswbIDSAgent) - The service is running

Avast Antivirus (avast! Antivirus) - The service is running

C:\Program Files\Avast Software\Avast\AvastSvc.exe v.20.6.5495.0

C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe v.4.0.0.766

Malwarebytes Service (MBAMService) - The service is running

C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe v.3.2.0.903

Servicio de antivirus de Windows Defender (WinDefend) - The service has stopped

Servicio de inspección de red de Antivirus de Windows Defender (WdNisSvc) - The service has stopped

----------------------------- [ End of Log ] ------------------------------

 

[Matias Cooke]

Here it is. As for the Avast, it didn't find anything as of today. I bet that by the afternoon it'll be different. 

 

# Run at 15/8/2020 13:43:34

# KpRm (Kernel-panik) version 2.8

# Website https://kernel-panik.me/tool/kprm/

# Run by Matoke from C:\Users\amd\Downloads

# Computer Name: DESKTOP-4LAFI5B

# OS: Windows 10 X64 (18363) 

# Number of passes: 1

 

- Checked options -

 

    ~ Registry Backup

    ~ Delete Tools

    ~ Restore System Settings

    ~ UAC Restore

    ~ Delete Restore Points

    ~ Create Restore Point

    ~ Delete Quarantines

 

- Create Registry Backup -

 

   ~ [OK] Hive C:\WINDOWS\System32\config\SOFTWARE backed up

   ~ [OK] Hive C:\Users\amd\NTUSER.dat backed up

 

     [OK] Registry Backup: C:\KPRM\backup\2020-08-15-13-43-34

 

- Delete Tools -

 

 

  ## AdwCleaner

     [OK] C:\Users\amd\Desktop\Para los Virus\AdwCleaner.exe deleted

     [OK] C:\AdwCleaner deleted

 

  ## CKScanner

     [OK] C:\Users\amd\Desktop\Kit salva compu\CKScanner.exe deleted

 

  ## FRST

     [OK] C:\Users\amd\Downloads\fixlist (1).txt deleted

     [OK] C:\Users\amd\Downloads\fixlist.txt deleted

 

  ## Malwarebytes Anti-Rootkit

     [OK] C:\Users\amd\Desktop\mbar deleted

 

  ## SecurityCheck

     [OK] C:\Users\amd\Desktop\SecurityCheck.exe deleted

     [OK] C:\Users\amd\Downloads\SecurityCheck.exe deleted

 

- Restore System Settings -

 

     [OK] Reset WinSock

     [OK] FLUSHDNS

     [OK] Hide Hidden file.

     [OK] Show Extensions for known file types

     [OK] Hide protected operating system files

 

- Restore UAC -

 

     [OK] Set EnableLUA with default (1) value

     [OK] Set ConsentPromptBehaviorAdmin with default (5) value

     [OK] Set ConsentPromptBehaviorUser with default (3) value

     [OK] Set EnableInstallerDetection with default (0) value

     [OK] Set EnableSecureUIAPaths with default (1) value

     [OK] Set EnableUIADesktopToggle with default (0) value

     [OK] Set EnableVirtualization with default (1) value

     [OK] Set FilterAdministratorToken with default (0) value

     [OK] Set PromptOnSecureDesktop with default (1) value

     [OK] Set ValidateAdminCodeSignatures with default (0) value

 

- Clear Restore Points -

 

   ~ [OK] RP named Windows Update created at 08/10/2020 04:38:09 deleted

     [OK] All system restore points have been successfully deleted

 

- Create Restore Point -

 

     [OK] System Restore Point created

 

- Display System Restore Point -

 

   ~ [I] RP named KpRm created at 08/15/2020 16:44:10

 

-- KPRM finished in 84.80s --

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

SecurityCheck by glax24 & Severnyj v.1.4.0.53 [27.10.17]

WebSite: www.safezone.cc

DateLog: 16.08.2020 14:15:59

Path starting: C:\Users\amd\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe

Log directory: C:\SecurityCheck\

IsAdmin: True

User: Matoke

VersionXML: 7.78is-13.08.2020

___________________________________________________________________________

 

Windows 10(6.3.18363) (x64) Professional Release: 1909 Lang: Spanish(080A)

Installation date OS: 17.03.2020 04:58:18

LicenseStatus: Windows®, Professional edition Volume activation will expire : 252388 minutes

LicenseStatus: Office 19, Office19ProPlus2019VL_KMS_Client_AE edition Volume activation will expire : 106852 minutes

LicenseStatus: Office 16, Office16ProPlusVL_KMS_Client edition Volume activation will expire : 106852 minutes

Boot Mode: Normal

Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

SystemDrive: C: FS: [NTFS] Capacity: [930.3 Gb] Used: [400.4 Gb] Free: [529.9 Gb]

------------------------------- [ Windows ] -------------------------------

Internet Explorer 11.1016.18362.0 [+]

User Account Control enabled

Security Center (wscsvc) - The service is running

Registro remoto (RemoteRegistry) - The service has stopped

Detección SSDP (SSDPSRV) - The service is running

Servicios de Escritorio remoto (TermService) - The service has stopped

Administración remota de Windows (WS-Management) (WinRM) - The service has stopped

---------------------------- [ Antivirus_WMI ] ----------------------------

Windows Defender (disabled and up to date)

Avast Antivirus (enabled and up to date)

Malwarebytes (enabled and up to date)

--------------------------- [ FirewallWindows ] ---------------------------

Firewall de Windows Defender (mpssvc) - The service is running

--------------------------- [ AntiSpyware_WMI ] ---------------------------

Windows Defender (enabled and up to date)

---------------------- [ AntiVirusFirewallInstall ] -----------------------

Malwarebytes version 4.1.2.73 v.4.1.2.73

Avast Free Antivirus v.20.6.2420

--------------------------- [ OtherUtilities ] ----------------------------

Microsoft Office Profesional Plus 2019 - es-es v.16.0.13029.20344 [+]

VLC media player v.3.0.10 Warning! Download Update

NVIDIA GeForce Experience 3.20.4.14 v.3.20.4.14

Zoom v.5.0 Warning! Download Update

K-Lite Codec Pack 15.2.0 Basic v.15.2.0 Warning! Download Update

Steam v.2.10.91.91

-------------------------------- [ Arch ] ---------------------------------

7-Zip 19.00 (x64) v.19.00

WinRAR 5.60 (32-bit) v.5.60.0 Warning! Download Update

--------------------------------- [ IM ] ----------------------------------

Discord v.0.0.306 Warning! Download Update

Microsoft Teams v.1.3.00.21759 [+]

WhatsApp v.2.2033.7

--------------------------------- [ P2P ] ---------------------------------

µTorrent v.3.5.5.45776 Warning! P2P-client.

-------------------------------- [ Java ] ---------------------------------

Java 8 Update 221 (64-bit) v.8.0.2210.11 Warning! Download Update

Uninstall old version and install new one (jre-8u261-windows-x64.exe).

------------------------------- [ Browser ] -------------------------------

Google Chrome v.84.0.4147.125

Microsoft Edge v.84.0.522.59

------------------ [ AntivirusFirewallProcessServices ] -------------------

aswbIDSAgent (aswbIDSAgent) - The service is running

C:\Program Files\Avast Software\Avast\aswidsagent.exe v.20.6.5495.0

C:\Program Files\Avast Software\Avast\aswEngSrv.exe v.20.6.5495.0

C:\Program Files\Avast Software\Avast\AvastUI.exe v.20.6.5495.0

AvastWscReporter (AvastWscReporter) - The service is running

C:\Program Files\Avast Software\Avast\wsc_proxy.exe v.20.6.5495.0

aswbIDSAgent (aswbIDSAgent) - The service is running

Avast Antivirus (avast! Antivirus) - The service is running

C:\Program Files\Avast Software\Avast\AvastSvc.exe v.20.6.5495.0

C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe v.4.0.0.766

Malwarebytes Service (MBAMService) - The service is running

C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe v.3.2.0.903

Servicio de antivirus de Windows Defender (WinDefend) - The service has stopped

Servicio de inspección de red de Antivirus de Windows Defender (WdNisSvc) - The service has stopped

----------------------------- [ End of Log ] ------------------------------

 

[Matias Cooke]

This is malwarebytes scan result (it detected 14 threats): 

 

Malwarebytes

www.malwarebytes.com

 

-Detalles del registro-

Fecha del análisis: 16/8/20

Hora del análisis: 14:15

Archivo de registro: 18cdf9e2-dfe4-11ea-80ed-88d7f6df9b61.json

 

-Información del software-

Versión: 4.1.2.73

Versión de los componentes: 1.0.1003

Versión del paquete de actualización: 1.0.28571

Licencia: Prueba

 

-Información del sistema-

SO: Windows 10 (Build 18362.1016)

CPU: x64

Sistema de archivos: NTFS

Usuario: System

 

-Resumen del análisis-

Tipo de análisis: Análisis de amenazas

Análisis iniciado por:: Programador de tareas

Resultado: Completado

Objetos analizados: 317856

Amenazas detectadas: 14

Amenazas en cuarentena: 0

Tiempo transcurrido: 12 min, 32 seg

 

-Opciones de análisis-

Memoria: Activado

Inicio: Activado

Sistema de archivos: Activado

Archivo: Activado

Rootkits: Desactivado

Heurística: Activado

PUP: Detectar

PUM: Detectar

 

-Detalles del análisis-

Proceso: 0

(No hay elementos maliciosos detectados)

 

Módulo: 0

(No hay elementos maliciosos detectados)

 

Clave del registro: 0

(No hay elementos maliciosos detectados)

 

Valor del registro: 0

(No hay elementos maliciosos detectados)

 

Datos del registro: 0

(No hay elementos maliciosos detectados)

 

Secuencia de datos: 0

(No hay elementos maliciosos detectados)

 

Carpeta: 3

PUP.Optional.PushNotifications.Generic, C:\USERS\AMD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Sin acciones por parte del usuario, 201, 838845, , , , , , 

PUP.Optional.PushNotifications.Generic, C:\USERS\AMD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Sin acciones por parte del usuario, 201, 838845, , , , , , 

PUP.Optional.PushNotifications.Generic, C:\USERS\AMD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Sin acciones por parte del usuario, 201, 838845, , , , , , 

 

Archivo: 11

PUP.Optional.PushNotifications.Generic, C:\Users\amd\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, Sin acciones por parte del usuario, 201, 838845, , , , , 6B13834A63619688B2DB183CFFA42032, B75B42B3A956CD1E90E17301BE776AD3888A3DA2663E28A21D3BC744CA5341E0

PUP.Optional.PushNotifications.Generic, C:\Users\amd\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.log, Sin acciones por parte del usuario, 201, 838845, , , , , FF9C076267407B22DCE259AB65C7AC3C, BD8AF1D3DD9D16B373C103A7FE55EF5B063B90039917E60FB9CA24B6F832224D

PUP.Optional.PushNotifications.Generic, C:\Users\amd\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000008.ldb, Sin acciones por parte del usuario, 201, 838845, , , , , E40811C83F8573AD19ABFBECBD347422, 86DF4AF0738F8CAA05C04330ACCD6FC93362FE8AE554679E60851CFAFC6365AF

PUP.Optional.PushNotifications.Generic, C:\Users\amd\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, Sin acciones por parte del usuario, 201, 838845, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443

PUP.Optional.PushNotifications.Generic, C:\Users\amd\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, Sin acciones por parte del usuario, 201, 838845, , , , , , 

PUP.Optional.PushNotifications.Generic, C:\Users\amd\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, Sin acciones por parte del usuario, 201, 838845, , , , , ADAEEC420F74C3E7CB23683C1E42AC99, 34D4D08DA6FA24978A0088D18BF0D2E7EBE4BA937A9AA571B3B5DD860EF85D5C

PUP.Optional.PushNotifications.Generic, C:\Users\amd\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, Sin acciones por parte del usuario, 201, 838845, , , , , F8BF4E492AA5775FCC0C9B58A43CBD1B, 2EF0A04DCC6CDBF48D888EC649E907E3266568F215DBDE08FF2FEE1FA43CEFB6

PUP.Optional.PushNotifications.Generic, C:\Users\amd\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, Sin acciones por parte del usuario, 201, 838845, , , , , 94531B7E17E3637B8D61C4B3EAE2C7FE, 1305458DBDAA8214DA11D6FC398ECCDABC6336B2C629E5A3AC1C49AE3735939E

PUP.Optional.PushNotifications.Generic, C:\USERS\AMD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sin acciones por parte del usuario, 201, 838845, 1.0.28571, , ame, , A250F52F4B2A48E62FEB52C129AE546F, 6B444F56612EA3B31AF2276722DD3069A8DD18ED9516CC6CF83AD0939E4CC60D

PUP.Optional.PushNotifications.Generic, C:\USERS\AMD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sin acciones por parte del usuario, 201, 838845, 1.0.28571, , ame, , A250F52F4B2A48E62FEB52C129AE546F, 6B444F56612EA3B31AF2276722DD3069A8DD18ED9516CC6CF83AD0939E4CC60D

PUP.Optional.PushNotifications.Generic, C:\USERS\AMD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sin acciones por parte del usuario, 201, 838845, 1.0.28571, , ame, , A250F52F4B2A48E62FEB52C129AE546F, 6B444F56612EA3B31AF2276722DD3069A8DD18ED9516CC6CF83AD0939E4CC60D

 

Sector físico: 0

(No hay elementos maliciosos detectados)

 

WMI: 0

(No hay elementos maliciosos detectados)

 

 

(end)

[icotonev]

Make sure that Google Sync is OFF...!  I recommended this in post 14 ..!
 

The issue you're experiencing is likely caused by the syncing mechanism associated with your Google account.
Malwarebytes is successfully removing items it has detected, but Google is replacing them from what Chrome Sync has stored on the cloud.  This is not an issue with the Malwarebytes product, but rather a Google Chrome/Chrome Sync convenience with unintended negative effects.
When Chrome Sync is turned on, most browser settings – including any unwanted extensions or search hooks – are stored in the Google Cloud, so that your Chrome browsing experience is consistent on all devices you log in to your Google account with.

 
The log shows this is coming from the Google Chrome folder structure.
 
 
C:\USERS\AMD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB

 
Are you sure you have not enabled or allowed Push Notifications on your browser?
 
Turn notifications on or off - Google Chrome
 
I highly recommend you follow the steps on this topic written by AdvancedSetup:
 
https://forums.malwa...xpected-issues/
 
 
Then do a new scan with Malwarebytes ..!

[Matias Cooke]

Okay, so I disabled Sync, reseted it, did a new scan and turned it on again. Also, I have some notifications but they are the usual (instagram, google calendar, that kind of official stuff, nothing weird). Here's the log for the scan I did after turning off sync. 

 

Malwarebytes

www.malwarebytes.com

 

-Detalles del registro-

Fecha del análisis: 18/8/20

Hora del análisis: 18:56

Archivo de registro: b14a6cae-e19d-11ea-8303-88d7f6df9b61.json

 

-Información del software-

Versión: 4.1.2.73

Versión de los componentes: 1.0.1003

Versión del paquete de actualización: 1.0.28693

Licencia: Prueba

 

-Información del sistema-

SO: Windows 10 (Build 18362.1016)

CPU: x64

Sistema de archivos: NTFS

Usuario: DESKTOP-4LAFI5B\Matoke

 

-Resumen del análisis-

Tipo de análisis: Análisis de amenazas

Análisis iniciado por:: Manual

Resultado: Completado

Objetos analizados: 318032

Amenazas detectadas: 4

Amenazas en cuarentena: 4

Tiempo transcurrido: 6 min, 42 seg

 

-Opciones de análisis-

Memoria: Activado

Inicio: Activado

Sistema de archivos: Activado

Archivo: Activado

Rootkits: Desactivado

Heurística: Activado

PUP: Detectar

PUM: Detectar

 

-Detalles del análisis-

Proceso: 0

(No hay elementos maliciosos detectados)

 

Módulo: 0

(No hay elementos maliciosos detectados)

 

Clave del registro: 0

(No hay elementos maliciosos detectados)

 

Valor del registro: 0

(No hay elementos maliciosos detectados)

 

Datos del registro: 0

(No hay elementos maliciosos detectados)

 

Secuencia de datos: 0

(No hay elementos maliciosos detectados)

 

Carpeta: 1

PUP.Optional.PushNotifications.Generic, C:\USERS\AMD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Sustituido, 201, 838845, , , , , , 

 

Archivo: 3

PUP.Optional.PushNotifications.Generic, C:\USERS\AMD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, 201, 838845, 1.0.28693, , ame, , A9924119D130EE5720B77E8EE962C23C, 4EBEC8F3F09F847EEE9E572AA9DB17D728E4CD791D8AA9AE49397D9620E46453

PUP.Optional.PushNotifications.Generic, C:\USERS\AMD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, 201, 838845, 1.0.28693, , ame, , A9924119D130EE5720B77E8EE962C23C, 4EBEC8F3F09F847EEE9E572AA9DB17D728E4CD791D8AA9AE49397D9620E46453

PUP.Optional.PushNotifications.Generic, C:\USERS\AMD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, 201, 838845, 1.0.28693, , ame, , A9924119D130EE5720B77E8EE962C23C, 4EBEC8F3F09F847EEE9E572AA9DB17D728E4CD791D8AA9AE49397D9620E46453

 

Sector físico: 0

(No hay elementos maliciosos detectados)

 

WMI: 0

(No hay elementos maliciosos detectados)

 

 

(end)