Cómo eliminar robot captcha2 info

Hola, probé en modo seguro y se apaga al encontrar 36 archivos infectados. El robotcaptcha sigue enviándome msj y la compu se apaga sola cada vez más seguido. Saludos

Hola @gich

1.- Realiza lo siguiente:

Análisis del PC con Eset Online Scaner : Manual de Uso lee las instrucciones para salvar el reporte.

Análisis del PC con Kasperky Virus Removal Tool: Manual de Uso

  • Este no da reporte cuando te encuentres, si es que lo hace con alguna infección, tomas una imagen y la subes.

Como subir imágenes al Foro ?

2.- Luego de reiniciar realiza lo siguiente:

3.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. >> Como saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

4.- En tu próxima respuesta, pega los reportes generados.

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2.

Hola, del Esset no pude encontrar el informe. Reparó 150 mas o menos. El Kasperky no detecto nada. Ahora voy por el último. Gracias de nuevo!

Les pego los del Farbar.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-08-2019
Ran by gladys (administrator) on GLADYS-NOTE (SAMSUNG ELECTRONICS CO., LTD. R430/R480/R440) (04-08-2019 19:57:08)
Running from C:\Users\gladys\A PSICOLOGIA UBA\Downloads
Loaded Profiles: gladys (Available Profiles: gladys & Zoe)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Windows\System32\Rezip.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Nokia -> Nokia) C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
(Nokia -> Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Nokia -> Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Nokia -> Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Samsung Electronics CO., LTD. -> SEC) [File not signed] C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1713448 2010-02-26] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink -> CyberLink Corp.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [225672 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [1058512 2018-12-17] (DivX, LLC. -> DivX, LLC)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2264253706-1617791975-327108488-1000\...\Run: [] => [X]
HKU\S-1-5-21-2264253706-1617791975-327108488-1000\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-04-19] (Nokia -> Nokia)
HKU\S-1-5-21-2264253706-1617791975-327108488-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2264253706-1617791975-327108488-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Ribbons.scr [220672 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKLM\...\Drivers32: [vidc.DIVX] => C:\windows\system32\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.yv12] => C:\windows\system32\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files\AVAST Software\Browser\Application\75.1.1528.100\Installer\chrmstp.exe [2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-15] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2009-10-02] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-10-01]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-2264253706-1617791975-327108488-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A35AB5C-2085-4805-A50E-D25364D49D9B} - System32\Tasks\DivXUpdate => C:\Program Files\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [68568 2017-08-02] (DivX, LLC -> DivX, LLC)
Task: {15F6BA87-812E-4FCA-B19A-FCDDBE7A17FA} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {15F6BA87-812E-4FCA-B19A-FCDDBE7A17FA} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\windows\system32\GWX\GWXDetector.exe [288768  [2015-09-30]] (Microsoft Windows -> Microsoft Corporation)
Task: {196C7CE8-36DF-4CFF-804E-E92DF3162BE4} - System32\Tasks\{1D8C6E9F-395C-4D44-A01D-06DC3E09992D} => C:\windows\system32\pcalua.exe -a "F:\Adobecs4\Adobe CS4\payloads\AdobeAIR1.0\AdobeAIRInstaller.exe" -d "C:\Program Files\Common Files\Adobe\Installers\b2d6abde968e6f277ddbfd501383e02" -c -silent
Task: {1B95E805-2F0E-4031-A193-EC2D96D9530C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {1BA571F0-A298-4C36-BBA7-C4CE654091D1} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [717312 2009-11-11] (Samsung Electronics Co., Ltd.) [File not signed]
Task: {1DEC4C1E-D206-4D13-A03E-F648B359EAB3} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {1DEC4C1E-D206-4D13-A03E-F648B359EAB3} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\windows\system32\GWX\GWXDetector.exe [288768  [2015-09-30]] (Microsoft Windows -> Microsoft Corporation)
Task: {24005E89-5FFA-43B1-80C1-1BA960EE3645} - System32\Tasks\BatteryLifeExtender => C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [567976 2009-11-18] (Samsung Electronics CO., LTD. -> Samsung Electronics. Co. Ltd.) [File not signed]
Task: {2EA9D221-7386-401B-8855-41082C90AC85} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {33C0B20F-84BD-40B1-AFF1-703DFEF2ED16} - System32\Tasks\{478D288D-D7EE-43D2-8CAB-330DB5C79F4B} => C:\windows\system32\pcalua.exe -a "C:\Users\gladys\Desktop\SetupNokiaMusic (1).exe" -d C:\Users\gladys\Desktop
Task: {35CD941B-16CE-4017-B20C-81C93D818F71} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {3B5D80E0-8FE9-402E-B05E-1E21E0C80E95} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\gladys\A PSICOLOGIA UBA\Downloads\ESETOnlineScanner_ESL.exe [7986200 2019-08-04] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {43758E3B-7B6B-4220-950F-58D37F289D24} - System32\Tasks\avastBCLRestart_chrome.exe => C:\Program Files\Google\Chrome\Application\chrome.exe 
Task: {451E48EF-CF2F-4E6B-BE5D-CDF7E9AC5269} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {48D9D809-A1EA-4B71-BCB0-5D982B669718} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {4D32950C-FE5D-4E84-A786-667D07CB6BBB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {4F66E656-A488-44F1-B703-8C10BEEC8E82} - System32\Tasks\{C067BBDF-4430-4666-96A3-CF6BBC726F8F} => C:\Users\gladys\Desktop\Ares\Ares.exe
Task: {5FDBFEBB-B57B-4CB9-A9F1-B2A5E68A40B1} - System32\Tasks\{CA656F7D-908B-4BC1-A663-6883BA83AD9A} => C:\windows\system32\pcalua.exe -a C:\Users\gladys\Pictures\EBOOK\qxp93_win\QuickTime7.0\QuickTimeInstaller.exe -d C:\Users\gladys\Pictures\EBOOK\qxp93_win\QuickTime7.0
Task: {61AE4FE1-9640-4AB7-A5BB-7878C6B48CDA} - System32\Tasks\advSRS4 => C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2201192 2010-01-18] (Samsung Electronics CO., LTD. -> SEC) [File not signed]
Task: {63BA5781-FA0E-4F5D-ABFD-2A675CA2FE60} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {692BF630-43A5-48C4-A181-9135DF858F7D} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-21] (AVAST Software s.r.o. -> AVAST Software)
Task: {698F5641-9015-4CE1-8262-D0675DEB50C9} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-09] (Adobe Inc. -> Adobe)
Task: {7F423A2D-F186-4AD2-BB18-2D5B0C431A4D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\windows\system32\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-09] (Adobe Inc. -> Adobe)
Task: {845788B1-FB44-4F28-ADE3-16521A81884E} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\gladys\A PSICOLOGIA UBA\Downloads\ESETOnlineScanner_ESL.exe [7986200 2019-08-04] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {95F7BDBC-90B8-4688-A6F5-102B9F5F68CA} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\system32\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-09] (Adobe Inc. -> Adobe)
Task: {9F06A1FB-8434-45C0-B096-3164CA8C956D} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-21] (AVAST Software s.r.o. -> AVAST Software)
Task: {A42614E7-990C-4BF3-9193-30DAA6776024} - System32\Tasks\Norton Security Scan for gladys => C:\Program Files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [606072 2011-01-14] (Symantec Corporation -> Symantec Corporation)
Task: {A5EFDAA4-A6EE-4169-8FC0-747FBDB466A6} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2385800 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
Task: {CAAA295F-EC4E-4A85-9156-A2BFE5363FB7} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [342016 2009-10-16] (SAMSUNG Electronics co., LTD.) [File not signed]
Task: {D6AA30D1-5F9A-4B72-BDAB-A04E57616214} - System32\Tasks\avastBCLRestartS-1-5-21-2264253706-1617791975-327108488-1000 => C:\Program Files\Google\Chrome\Application\chrome.exe 
Task: {F3868549-8828-466C-961E-D9111FF542FB} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [1693576 2019-07-30] (AVAST Software s.r.o. -> AVAST Software)
Task: {F71AEE59-8304-40A9-802E-A760E533219F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {F71AEE59-8304-40A9-802E-A760E533219F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {F71AEE59-8304-40A9-802E-A760E533219F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\windows\system32\GWX\GWXDetector.exe [288768  [2015-09-30]] (Microsoft Windows -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Norton Security Scan for gladys.job => C:\Program Files\Norton Security Scan\Engine\2.7.3.34\Nss.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1	mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 186.130.128.250 186.130.129.250
Tcpip\..\Interfaces\{50DD5EFD-FA60-494D-8B8D-BC759745A428}: [DhcpNameServer] 186.130.128.250 186.130.129.250
Tcpip\..\Interfaces\{774C0D3B-376D-4EA8-B8CA-09469323D9A3}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2264253706-1617791975-327108488-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-2264253706-1617791975-327108488-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_es___AR398
BHO: No Name -> {0877c1fc-19c6-4fe2-8e3d-699d8edb2964} -> No File
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-08-01] (Oracle America, Inc. -> Oracle Corporation)
BHO: Aplicación auxiliar de inicio de sesión de Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-08-01] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKU\S-1-5-21-2264253706-1617791975-327108488-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-2264253706-1617791975-327108488-1000 -> No Name - {9C905B42-976E-43C1-BC30-FC5937017909} -  No File
Toolbar: HKU\S-1-5-21-2264253706-1617791975-327108488-1000 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe 

FireFox:
========
FF ProfilePath: C:\Users\gladys\AppData\Roaming\Mozilla\Firefox\Profiles\c20ofsb0.default [2019-08-04]
FF Homepage: Mozilla\Firefox\Profiles\c20ofsb0.default -> hxxps://www.google.com/?bcutc=sp-006
FF NewTab: Mozilla\Firefox\Profiles\c20ofsb0.default -> about:newtab
FF Extension: (Firefox Synchronisation Extension) - C:\Users\gladys\AppData\Roaming\Mozilla\Firefox\Profiles\c20ofsb0.default\Extensions\[email protected] [2013-12-12] [Legacy] [not signed]
FF SearchPlugin: C:\Users\gladys\AppData\Roaming\Mozilla\Firefox\Profiles\c20ofsb0.default\searchplugins\avast-search.xml [2016-11-06]
FF SearchPlugin: C:\Users\gladys\AppData\Roaming\Mozilla\Firefox\Profiles\c20ofsb0.default\searchplugins\google-avast.xml [2018-12-18]
FF SearchPlugin: C:\Users\gladys\AppData\Roaming\Mozilla\Firefox\Profiles\c20ofsb0.default\searchplugins\yahoo-avast.xml [2016-03-15]
FF HKLM\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa => not found
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Ginger\Mozilla\[email protected]
FF Extension: (Ginger - Grammar and Spell Checker) - C:\Program Files\Ginger\Mozilla\[email protected] [2014-03-17] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-09] (Adobe Inc. -> )
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2017-11-21] (DivX, LLC -> DivX, LLC)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google Inc -> Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Users\gladys\Picasa3\npPicasa3.dll [2014-01-06] (Google Inc -> Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\windows\system32\npDeployJava1.dll [2013-08-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-08-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corporation -> Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-04-19] (Nokia ->  )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=1.1.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-01-25] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\.DEFAULT: gingersoftware.com/gingerPlugin -> C:\Program Files\Ginger\GingerServices\GingerServicesProxy.dll [No File]
FF Plugin HKU\S-1-5-21-2264253706-1617791975-327108488-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\gladys\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2012-10-12] (Skype Technologies SA -> Skype Limited)
FF Plugin HKU\S-1-5-21-2264253706-1617791975-327108488-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\gladys\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-01-10] (Unity Technologies ApS -> Unity Technologies ApS)
StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe 
FF ExtraCheck: C:\Program Files\mozilla firefox\firefox.cfg [2013-06-18] <==== ATTENTION

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/?trackid=sp-006
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006"
CHR DefaultSearchURL: Default -> hxxps://www.google.com/search?q={searchTerms}&trackid=sp-006
CHR DefaultSearchKeyword: Default -> google.com.ar
CHR DefaultSuggestURL: Default -> hxxps://www.google.com/complete/search?client=chrome&q={searchTerms}
CHR Profile: C:\Users\gladys\AppData\Local\Google\Chrome\User Data\Default [2019-08-04]
CHR Extension: (Avast Online Security) - C:\Users\gladys\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-10]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\gladys\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\gladys\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-21]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe [819976 2011-08-18] (ABBYY SOLUTIONS LIMITED -> ABBYY)
S3 Adobe Version Cue CS4; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5398416 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-21] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [317280 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-21] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files\AVAST Software\Browser\Application\75.1.1528.100\elevation_service.exe [978720 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5394136 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 Rezip; C:\windows\SYSTEM32\Rezip.exe [311296 2009-03-05] () [File not signed]
S3 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] (CyberLink -> )
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [34720 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [172424 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [220128 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [158240 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\windows\System32\drivers\aswblog.sys [255360 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [51264 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\windows\System32\drivers\aswHdsKe.sys [194680 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [40904 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [138480 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [101200 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [73008 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [783232 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [403408 2019-04-12] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\windows\System32\drivers\aswStm.sys [165464 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [312464 2019-04-17] (AVAST Software s.r.o. -> AVAST Software)
R3 athr; C:\windows\System32\DRIVERS\athr.sys [1245696 2009-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 btusbflt; C:\windows\System32\drivers\btusbflt.sys [43944 2009-07-01] (Broadcom Corporation -> Broadcom Corporation.)
R3 btwaudio; C:\windows\System32\drivers\btwaudio.sys [86056 2009-10-02] (Broadcom Corporation -> Broadcom Corporation.)
R3 btwavdt; C:\windows\System32\drivers\btwavdt.sys [108072 2009-08-29] (Broadcom Corporation -> Broadcom Corporation.)
R3 btwl2cap; C:\windows\System32\DRIVERS\btwl2cap.sys [29472 2009-04-07] (Broadcom Corporation -> Broadcom Corporation.)
R3 btwrchid; C:\windows\System32\DRIVERS\btwrchid.sys [18472 2009-08-29] (Broadcom Corporation -> Broadcom Corporation.)
R1 ESProtectionDriver; C:\windows\system32\drivers\mbae.sys [128552 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\windows\System32\Drivers\MbamChameleon.sys [173512 2019-08-01] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\windows\System32\DRIVERS\farflt.sys [190624 2019-08-04] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\windows\system32\DRIVERS\mbam.sys [64296 2019-08-04] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [241760 2019-08-04] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\windows\System32\DRIVERS\mwac.sys [86768 2019-08-04] (Malwarebytes Corporation -> Malwarebytes)
S3 nmwcd; C:\windows\System32\drivers\ccdcmb.sys [18560 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\windows\System32\drivers\ccdcmbo.sys [23168 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 pccsmcfd; C:\windows\System32\DRIVERS\pccsmcfd.sys [19072 2012-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 RTL8167; C:\windows\System32\DRIVERS\Rt86win7.sys [139776 2009-07-13] (Microsoft Windows -> Realtek Corporation )
R1 SABI; C:\windows\system32\Drivers\SABI.sys [10752 2009-05-28] (Microsoft Windows Hardware Compatibility Publisher -> SAMSUNG ELECTRONICS)
S3 upperdev; C:\windows\System32\DRIVERS\usbser_lowerflt.sys [8192 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 UsbserFilt; C:\windows\System32\DRIVERS\usbser_lowerfltj.sys [8192 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R3 yukonw7; C:\windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] (Microsoft Windows Hardware Compatibility Publisher -> )
S1 SASDIFSV; \??\C:\Users\gladys\Desktop\SASDIFSV.SYS [X]
S1 SASKUTIL; \??\C:\Users\gladys\Desktop\SASKUTIL.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-04 19:59 - 2019-08-04 19:59 - 000000679 _____ C:\Users\gladys\Gladys - Acceso directo (2).lnk
2019-08-04 19:56 - 2019-08-04 19:57 - 000000000 ____D C:\FRST
2019-08-04 19:28 - 2019-08-04 19:29 - 000000000 ____D C:\KVRT_Data
2019-08-04 16:27 - 2019-08-04 16:27 - 000001083 _____ C:\Users\gladys\Desktop\ESET Online Scanner.lnk
2019-08-04 16:26 - 2019-08-04 16:26 - 000000000 ____D C:\Users\gladys\AppData\Local\ESET
2019-08-04 16:19 - 2019-08-04 16:19 - 000064296 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2019-08-04 16:18 - 2019-08-04 16:18 - 000190624 _____ (Malwarebytes) C:\windows\system32\Drivers\farflt.sys
2019-08-04 16:18 - 2019-08-04 16:18 - 000086768 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys
2019-08-04 16:14 - 2019-08-04 16:14 - 000241760 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys
2019-08-01 10:11 - 2019-08-01 10:13 - 000080836 _____ C:\windows\ntbtlog.txt
2019-07-29 18:35 - 2019-07-29 18:54 - 000000000 ____D C:\Users\gladys\AppData\Roaming\ZHP
2019-07-29 18:35 - 2019-07-29 18:35 - 000000834 _____ C:\Users\gladys\Desktop\ZHPCleaner.lnk
2019-07-29 18:35 - 2019-07-29 18:35 - 000000000 ____D C:\Users\gladys\AppData\Local\ZHP
2019-07-29 18:14 - 2019-07-29 18:18 - 000000000 ____D C:\AdwCleaner
2019-07-29 16:48 - 2019-08-01 10:13 - 000173512 _____ (Malwarebytes) C:\windows\system32\Drivers\MbamChameleon.sys
2019-07-29 16:48 - 2019-07-29 16:48 - 000000000 ____D C:\Users\gladys\AppData\Local\mbamtray
2019-07-29 16:48 - 2019-07-29 16:48 - 000000000 ____D C:\Users\gladys\AppData\Local\mbam
2019-07-29 16:47 - 2019-07-29 16:47 - 000001980 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-07-29 16:47 - 2019-07-29 16:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-29 16:47 - 2019-07-29 16:47 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-07-29 16:47 - 2019-07-29 16:47 - 000000000 ____D C:\Program Files\Malwarebytes
2019-07-29 16:47 - 2019-01-08 16:32 - 000128552 _____ (Malwarebytes) C:\windows\system32\Drivers\mbae.sys
2019-07-29 16:41 - 2019-07-29 16:41 - 003072896 _____ (Nicolas Coolman) C:\Users\gladys\Desktop\ZHPCleaner.exe
2019-07-29 16:39 - 2019-07-29 16:40 - 007623880 _____ (Malwarebytes) C:\Users\gladys\Desktop\adwcleaner_7.4.exe
2019-07-29 16:38 - 2019-07-29 16:38 - 000020769 _____ C:\Users\gladys\Desktop\descarga.htm
2019-07-29 16:35 - 2019-07-29 16:35 - 064756040 _____ (Malwarebytes ) C:\Users\gladys\Desktop\mb3-setup-consumer-3.8.3.2965-1.0.613-1.0.11752.exe
2019-07-16 17:05 - 2019-07-23 10:33 - 000000000 ____D C:\Users\gladys\DOCENCIA

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-04 19:59 - 2010-10-01 08:59 - 000000000 ____D C:\Users\gladys
2019-08-04 18:13 - 2012-12-09 18:54 - 000000000 ____D C:\Users\gladys\QUARK
2019-08-04 18:04 - 2012-12-27 20:32 - 000000000 ____D C:\Users\gladys\Desktop\TODO
2019-08-04 16:29 - 2009-07-14 01:34 - 000023552 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-08-04 16:29 - 2009-07-14 01:34 - 000023552 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-08-04 16:23 - 2011-01-14 20:26 - 000000476 ____H C:\windows\Tasks\Norton Security Scan for gladys.job
2019-08-04 16:19 - 2018-03-21 08:30 - 000000000 ____D C:\Users\gladys\AppData\Local\AVAST Software
2019-08-04 16:14 - 2009-07-14 01:53 - 000000006 ____H C:\windows\Tasks\SA.DAT
2019-08-03 11:33 - 2013-03-26 10:29 - 001577984 ___SH C:\Users\gladys\Thumbs.db
2019-08-02 10:07 - 2018-11-06 13:19 - 000000000 ____D C:\Users\gladys\ZOE PSICO UBA
2019-08-01 10:12 - 2011-06-05 20:30 - 001464832 ___SH C:\Users\gladys\Desktop\Thumbs.db
2019-07-29 22:57 - 2016-05-12 18:46 - 000000000 ____D C:\Users\gladys\Desktop\TRABAJOS ZOE
2019-07-29 19:24 - 2009-07-13 23:37 - 000000000 ____D C:\windows\inf
2019-07-29 18:19 - 2018-03-25 16:35 - 000000000 ____D C:\Program Files\Lavasoft
2019-07-29 18:19 - 2018-03-25 16:34 - 000000000 ____D C:\ProgramData\Lavasoft
2019-07-29 18:19 - 2010-04-07 05:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2019-07-29 18:19 - 2010-04-07 05:59 - 000000000 ____D C:\Program Files\Samsung
2019-07-29 18:08 - 2010-10-01 09:19 - 000001397 _____ C:\Users\gladys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2019-07-29 18:07 - 2013-08-24 11:31 - 000002134 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-29 17:54 - 2013-06-06 13:31 - 000000000 ____D C:\windows\pss
2019-07-29 16:45 - 2016-01-16 12:45 - 000000000 ____D C:\Users\gladys\AppData\Roaming\uTorrent
2019-07-29 16:33 - 2013-10-11 14:33 - 000000925 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-07-29 16:25 - 2019-03-29 10:53 - 000000000 ____D C:\Users\gladys\AppData\Local\BitTorrentHelper
2019-07-29 11:35 - 2018-10-02 12:09 - 000000000 ____D C:\Users\gladys\A A INDESIGN CS4
2019-07-28 15:36 - 2010-04-07 22:39 - 000747986 _____ C:\windows\system32\perfh00A.dat
2019-07-28 15:36 - 2010-04-07 22:39 - 000159426 _____ C:\windows\system32\perfc00A.dat
2019-07-28 15:36 - 2009-07-26 17:06 - 001678290 _____ C:\windows\system32\PerfStringBackup.INI
2019-07-28 15:31 - 2016-12-18 18:33 - 000000000 ____D C:\Users\gladys\A ARTES ESCRITURA
2019-07-28 14:18 - 2019-02-18 19:18 - 000000000 ____D C:\Users\gladys\CUENTOS GLA 2019
2019-07-27 09:58 - 2016-07-07 21:11 - 000000000 ____D C:\Users\gladys\GLADYS CV
2019-07-24 15:46 - 2018-03-21 08:38 - 000002333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-07-24 15:46 - 2018-03-21 08:38 - 000002290 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2019-07-20 10:05 - 2019-05-09 15:08 - 000000000 ____D C:\Users\gladys\SIBILA
2019-07-16 10:54 - 2010-10-01 09:46 - 000000000 ____D C:\Users\gladys\AppData\Roaming\Google
2019-07-11 13:28 - 2017-12-05 16:10 - 000000000 ____D C:\Users\gladys\AppData\LocalLow\Mozilla
2019-07-09 20:46 - 2013-06-06 13:15 - 000842296 _____ (Adobe) C:\windows\system32\FlashPlayerApp.exe
2019-07-09 20:46 - 2013-06-06 13:15 - 000175160 _____ (Adobe) C:\windows\system32\FlashPlayerCPLApp.cpl
2019-07-09 20:46 - 2010-04-07 05:59 - 000000000 ____D C:\windows\system32\Macromed

==================== Files in the root of some directories ================

2014-08-02 12:29 - 2014-08-02 12:29 - 000021288 _____ () C:\Users\gladys\cc_20140802_122925.reg
2013-10-12 16:02 - 2013-10-12 16:02 - 050053120 _____ () C:\Program Files\GUTE37C.tmp
2011-08-18 23:39 - 2015-11-15 16:35 - 000018432 _____ () C:\Users\gladys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-06-17 19:53 - 2011-06-17 19:53 - 000000000 _____ () C:\Users\gladys\AppData\Local\{EF33A113-69D3-42B7-B9DE-C022A33665B9}

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-08-03 11:04
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-08-2019
Ran by gladys (04-08-2019 19:59:29)
Running from C:\Users\gladys\A PSICOLOGIA UBA\Downloads
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2010-10-01 11:59:02)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2264253706-1617791975-327108488-500 - Administrator - Disabled)
gladys (S-1-5-21-2264253706-1617791975-327108488-1000 - Administrator - Enabled) => C:\Users\gladys
HomeGroupUser$ (S-1-5-21-2264253706-1617791975-327108488-1002 - Limited - Enabled)
Invitado (S-1-5-21-2264253706-1617791975-327108488-501 - Limited - Disabled)
Zoe (S-1-5-21-2264253706-1617791975-327108488-1003 - Limited - Enabled) => C:\Users\Zoe

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3GP to MP3 Converter (HKLM\...\3GP to MP3 Converter_is1) (Version:  - Shiver)
ABBYY FineReader 11 (HKLM\...\{F1100000-0008-0000-0001-074957833700}) (Version: 11.0.289 - ABBYY)
Acrobat.com (HKLM\...\{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}) (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.2.443 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Adobe Creative Suite 4 Master Collection (HKLM\...\Adobe_b2d6abde968e6f277ddbfd501383e02) (Version: 4.0 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.223 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Any Media Converter (HKLM\...\Any Media Converter) (Version: 1.14 - Any Media Converter)
Atheros Client Installation Program (HKLM\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.2.1119 - Atheros)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.4.2374 - AVAST Software)
Avast Secure Browser (HKLM\...\Avast Secure Browser) (Version: 75.1.1528.100 - Los creadores de Avast Secure Browser)
Ayudante para el inicio de sesión de Windows Live ID (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
BatteryLifeExtender (HKLM\...\{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}) (Version: 1.0.1 - Samsung)
calibre (HKLM\...\{36E0CAAD-D410-4CA8-9AC0-BBE2691B4A19}) (Version: 0.8.56 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform)
Connect (HKLM\...\{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
CyberLink DVD Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2806 - CyberLink Corp.)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1916 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3108a - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3213 - CyberLink Corp.)
CyberLink PowerDVD 8 (HKLM\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.2815b - CyberLink Corp.)
CyberLink PowerProducer (HKLM\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.1.1812 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3625 - CyberLink Corp.)
DivX Setup (HKLM\...\DivX Setup) (Version: 10.8.7.0 - DivX, LLC)
DivX Setup (HKLM\...\DivX Setup.divx.com) (Version: 2.2.1.2 - DivX, LLC)
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.0 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM\...\{34B76DCB-BF7C-440F-B058-C84172C1E338}) (Version: 4.2.8 - Samsung)
Easy SpeedUp Manager (HKLM\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.6 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM\...\{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}) (Version: 4.0.0.3 - Samsung)
Eazel (HKLM\...\Eazel_is1) (Version:  - SILICOM INTERNET)
Facebook Video Calling 1.2.0.287 (HKLM\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
Farm Frenzy 2 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version:  - Oberon Media)
FileZilla Client 3.9.0.5 (HKLM\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
Galería fotográfica de Windows Live (HKLM\...\{25F6A201-C40C-4669-936D-473877CFEB4C}) (Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Earth Plug-in (HKLM\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Herramienta de carga de Windows Live (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2025 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{CCAFF072-4DDB-4846-963D-15F02A8E9472}) (Version: 13.00.0000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.01.00.1005 - Intel Corporation)
Java 7 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java(TM) 6 Update 26 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216026FF}) (Version: 6.0.260 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (HKLM\...\{E2DFE069-083E-4631-9B6C-43C48E991DE5}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
kuler (HKLM\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Marvell Miniport Driver (HKLM\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell)
Mi Simulador de Ambientes (HKLM\...\{C6E4B77B-5214-4D6F-ABDA-C42C49B11367}) (Version: 1.00.4038 - AkzoNobel)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM\...\{90120000-0016-0C0A-0000-0000000FF1CE}_PROPLUS_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version:  - Microsoft)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM\...\{90120000-001A-0C0A-0000-0000000FF1CE}_PROPLUS_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version:  - Microsoft)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM\...\{90120000-0018-0C0A-0000-0000000FF1CE}_PROPLUS_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version:  - Microsoft)
Microsoft Office PowerPoint Viewer 2007 (Spanish) (HKLM\...\{95120000-00AF-0C0A-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM\...\{90120000-001B-0C0A-0000-0000000FF1CE}_PROPLUS_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version:  - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Works (HKLM\...\{38BB21D5-B0D1-41DA-A0B0-1EFB5EF4AAC2}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 23.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 23.0.1 (x86 en-US)) (Version: 23.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.4.0 - Mozilla)
Mozilla Thunderbird 52.4.0 (x86 es-AR) (HKLM\...\Mozilla Thunderbird 52.4.0 (x86 es-AR)) (Version: 52.4.0 - Mozilla)
MSVC80_x86_v2 (HKLM\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NeoBook 5.8.4 (HKLM\...\{B111977A-E61A-4EA3-9F19-605E69C06D14}_is1) (Version: 5.8.4 - NeoSoft Corp.)
Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM\...\{0C808377-8C23-44ED-9016-05F42E6D4900}) (Version: 3.8.30.0 - Nokia) Hidden
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.8.30.0 - Nokia)
Norton Security Scan (HKLM\...\NSS) (Version: 2.7.3.34 - Symantec Corporation)
Notepad++ (HKLM\...\Notepad++) (Version: 6.3.3 - Notepad++ Team)
OGA Notifier 2.0.0048.0 (HKLM\...\{B2544A03-10D0-4E5E-BA69-0362FFC20D18}) (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OpenOffice.org 3.4 (HKLM\...\{5D3A23FA-06EF-4640-BC24-FFD687BF3D2E}) (Version: 3.4.9590 - OpenOffice.org)
Paquete de compatibilidad para 2007 Office system (HKLM\...\{90120000-0020-0C0A-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Paquete de controladores de Windows - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Reader (HKU\S-1-5-21-2264253706-1617791975-327108488-1000\...\PDF Reader) (Version:  - )
PDF Settings CS4 (HKLM\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (HKLM\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pixel Bender Toolkit (HKLM\...\{43509E18-076E-40FE-AF38-CA5ED400A5A9}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Quark Update (HKLM\...\{82154114-943B-4A6F-9B20-073C9573E93E}) (Version: 1.0.0.2 - Nombre de su organización)
QuarkXPress (HKLM\...\{CE949716-2A5A-40F2-BA31-54CE71B37FE5}) (Version: 9.5.0.1 - Quark Software Inc.)
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6003 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM\...\{0F796312-289C-40CA-856C-9FBCF5E83342}) (Version: 0133.09.1202 - REALTEK Semiconductor Corp.)
Samsung Recovery Solution 4 (HKLM\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung Support Center (HKLM\...\{7ACAF01A-FBF4-41F2-A7C9-991CC5ED1CA9}) (Version: 1.0.8 - Samsung)
Skype™ 7.40 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Stellarium 0.11.4 (HKLM\...\Stellarium_is1) (Version: 0.11.4 - Stellarium team)
Suite Shared Configuration CS4 (HKLM\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.10.0 - Synaptics Incorporated)
Unity Web Player (HKU\S-1-5-21-2264253706-1617791975-327108488-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
User Guide (HKLM\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.800 - Broadcom Corporation)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (09/11/2009 6.2.0.9407) (HKLM\...\755087041320E005CB1E8A67C5C55A260EB81B90) (Version: 09/11/2009 6.2.0.9407 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{953D4586-9A16-495E-BA1F-EE5AA66604DB}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.70 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\gladys\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook, Inc. -> Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\gladys\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS -> Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\gladys\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook, Inc. -> Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\gladys\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Technologies SA -> Skype Limited)
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1000_Classes\CLSID\{FF5939C9-3A4F-1990-738A-B17D2B34033D}\InprocServer32 -> C:\windows\system32\ole32.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> [CC]{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} =>  -> No File
ContextMenuHandlers1: [ANotepad++] -> {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593} => C:\Program Files\Notepad++\NppShell_05.dll [2012-06-18] () [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DivXShellExtensionItem] -> {48A8A3B0-57E8-4F2B-A49D-19E02B92377B} => C:\Program Files\Common Files\DivX Shared\DivXShellExtension.dll [2018-10-08] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers1: [DivXShellExtensionItem64] -> {6B49A276-0DBA-43F4-BC96-A841AD11B40B} => C:\Program Files\Common Files\DivX Shared\DivXShellExtension.dll [2018-10-08] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers1: [FineReader11ContextMenu] -> {79E48320-C6B5-49F1-992B-571D53586885} => C:\Program Files\ABBYY FineReader 11\FRIntegration.dll [2011-08-19] (ABBYY SOLUTIONS LIMITED -> ABBYY.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [ZIPProcessor] -> {E5C972BD-3890-4427-ABEA-A2AD8D88E7A6} => C:\Program Files\Eazel\ZPShellExt.dll -> No File
ContextMenuHandlers2: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> [CC]{C95FFEAE-A32E-4122-A5C4-49B5BFB69795} =>  -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> [CC]{C95FFEAE-A32E-4122-A5C4-49B5BFB69795} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [ZIPProcessor] -> {E5C972BD-3890-4427-ABEA-A2AD8D88E7A6} => C:\Program Files\Eazel\ZPShellExt.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2010-08-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> [CC]{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} =>  -> No File
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [FineReader11ContextMenu] -> {79E48320-C6B5-49F1-992B-571D53586885} => C:\Program Files\ABBYY FineReader 11\FRIntegration.dll [2011-08-19] (ABBYY SOLUTIONS LIMITED -> ABBYY.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [ZIPProcessor] -> {E5C972BD-3890-4427-ABEA-A2AD8D88E7A6} => C:\Program Files\Eazel\ZPShellExt.dll -> No File

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2014-09-06 13:44 - 2014-09-06 13:44 - 000035328 _____ () [File not signed] C:\Program Files\FileZilla FTP Client\fzshellext.dll
2014-05-24 13:41 - 2014-05-24 13:41 - 000091648 _____ () [File not signed] C:\Program Files\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 13:41 - 2014-05-24 13:41 - 000892416 _____ () [File not signed] C:\Program Files\FileZilla FTP Client\libstdc++-6.dll
2010-04-07 05:57 - 2009-03-05 06:54 - 000311296 _____ () [File not signed] C:\windows\SYSTEM32\Rezip.exe
2008-08-14 07:15 - 2008-08-14 07:15 - 000276992 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files\Common Files\Adobe\Adobe Drive CS4\BIB.dll
2008-09-04 03:02 - 2008-09-04 03:02 - 000131072 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files\Common Files\Adobe\Shell\CS4\idicon.dll
2010-04-07 05:53 - 2009-09-30 23:48 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2013-04-15 13:26 - 2013-04-15 13:26 - 000599552 _____ (Igor Pavlov) [File not signed] C:\Program Files\Nokia\Nokia Suite\7z.DLL
2010-04-07 05:53 - 2009-09-30 23:48 - 000077824 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\DTMessageLib.dll
2010-04-07 05:53 - 2009-09-30 23:45 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2011-06-15 22:05 - 2011-06-15 22:05 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2011-06-15 22:05 - 2011-06-15 22:05 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
2011-06-15 22:05 - 2011-06-15 22:05 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2014-05-24 13:41 - 2014-05-24 13:41 - 000047616 _____ (MingW-W64 Project. All rights reserved.) [File not signed] C:\Program Files\FileZilla FTP Client\libwinpthread-1.dll
2010-04-07 06:10 - 2010-01-18 23:34 - 002201192 _____ (Samsung Electronics CO., LTD. -> SEC) [File not signed] C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
2010-04-07 06:08 - 2009-11-11 01:21 - 000717312 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
2008-05-31 12:06 - 2007-03-15 03:00 - 001187840 _____ (SEIKO EPSON CORP.) [File not signed] C:\windows\system32\spool\DRIVERS\W32X86\3\E_FUICCDL.DLL
2013-04-15 13:24 - 2013-04-15 13:24 - 001106944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Nokia\Nokia Suite\libeay32.DLL

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720 [144]
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54 [248]
AlternateDataStreams: C:\ProgramData\Temp:A42A9F39 [276]
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE [250]
AlternateDataStreams: C:\ProgramData\Temp:DA868A70 [306]
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D [140]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:04 - 2019-03-27 12:59 - 000000878 _____ C:\windows\system32\drivers\etc\hosts

0.0.0.1	mssplus.mcafee.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\Calibre2\;C:\Program Files\Skype\Phone\
HKU\S-1-5-21-2264253706-1617791975-327108488-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\gladys\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 186.130.128.250 - 186.130.129.250
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeBridge => 
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Adobe_ID0ENQBO => C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: CLMLServer => "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: Google+ Auto Backup => "C:\Users\gladys\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DDA84CF4-E8DF-4F6F-BC35-54FF45582D2A}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{BB401A9A-BFA0-4AB0-8621-ED4DEA9B892C}] => (Allow) C:\Program Files\CyberLink\PowerDVD8\PowerDVD8.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{CFD25BB0-EFE6-47E6-BF10-86F1B321971B}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{58A3E882-725A-442F-969F-D0F817105E71}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{97645CFF-EA24-46B0-80F3-8127667C1500}] => (Allow) svchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{26B88C01-C945-4A36-B97E-5C90ED0E4EBA}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{61D46095-B375-4BD3-AC47-E241DD0C20B8}] => (Allow) C:\Program Files\Download Guru\Download Guru.exe () [File not signed]
FirewallRules: [{C234E199-A46C-4C9E-947F-D8E0D479978C}] => (Allow) C:\Program Files\Download Guru\Download Guru.exe () [File not signed]
FirewallRules: [{77976C87-B4BF-462D-9CDE-BB0E9C4D9B88}] => (Allow) C:\Windows\System32\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7F2492CB-2824-4805-B2CF-164A4CF9E38A}] => (Allow) C:\Windows\System32\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E9B2249D-0652-4BCA-BA6D-B0EE51AC2189}] => (Allow) C:\Users\gladys\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Technologies SA -> Skype Limited)
FirewallRules: [TCP Query User{F05B9587-7EFB-45F8-B377-01FB9CD00ED0}C:\users\gladys\desktop\programas y antivirus\ares\ares.exe] => (Block) C:\users\gladys\desktop\programas y antivirus\ares\ares.exe No File
FirewallRules: [UDP Query User{CC408DAE-37A8-46D0-B5C0-1135737BB1F2}C:\users\gladys\desktop\programas y antivirus\ares\ares.exe] => (Block) C:\users\gladys\desktop\programas y antivirus\ares\ares.exe No File
FirewallRules: [{0A83174C-5FA8-4339-BFE2-435B46B68B70}] => (Allow) C:\Program Files\GoforFiles\goforfilesdl.exe No File
FirewallRules: [{D5ACABB2-CDF8-4DA8-A6D3-D98FE0BF90D4}] => (Allow) C:\Program Files\GoforFiles\goforfilesdl.exe No File
FirewallRules: [{266CBDC4-1EB3-42F4-B2C8-47CAF7E5404F}] => (Allow) C:\Program Files\GoforFiles\GoforFiles.exe No File
FirewallRules: [{35E93612-1EC8-48B0-81C4-61CC460E0E3C}] => (Allow) C:\Program Files\GoforFiles\GoforFiles.exe No File
FirewallRules: [{32F6714A-E549-4EE9-81D8-D1B0211F1791}] => (Allow) C:\Program Files\nokia\nokia suite\nokiasuite.exe (Nokia -> Nokia)
FirewallRules: [{F05D05DA-17FD-4942-8131-DF084D253661}] => (Allow) LPort=5353
FirewallRules: [{042BF2A8-8C28-4654-BB00-BF86030E9654}] => (Allow) C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{0E41DE90-BD86-42F1-ABD0-24E1D376A76D}] => (Allow) C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{F1F385C4-CDBB-4C18-95D6-227E3B943FFB}] => (Allow) LPort=3703
FirewallRules: [{89023188-CEF9-4412-BBDA-F84134B5F7AE}] => (Allow) LPort=3704
FirewallRules: [{0D03A718-5C30-49CB-9A86-A5145C3A1735}] => (Allow) LPort=51000
FirewallRules: [{E4B215E0-40FC-40B7-8A62-87C8FFDF0135}] => (Allow) LPort=51001
FirewallRules: [{A8CC1F70-AF1F-4122-AB2B-80BF11FC1F5D}] => (Allow) C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{1CF665ED-BD63-4FE4-9BD8-DA90F45DE94C}] => (Allow) C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{136FD2B4-6CBE-470C-A7D1-90692038A417}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{21360DC8-5097-4249-A5B5-83FDD61F7C12}C:\users\gladys\desktop\programas y antivirus\ares\ares.exe] => (Allow) C:\users\gladys\desktop\programas y antivirus\ares\ares.exe No File
FirewallRules: [UDP Query User{FF123547-31B7-4ADD-A5B4-7465F6AC026C}C:\users\gladys\desktop\programas y antivirus\ares\ares.exe] => (Allow) C:\users\gladys\desktop\programas y antivirus\ares\ares.exe No File
FirewallRules: [{CB08F4CA-21DE-4F10-BE5F-9D5909046566}] => (Allow) C:\Program Files\nokia\nokia suite\nokiasuite.exe (Nokia -> Nokia)
FirewallRules: [{CC3D80E0-4C5B-4612-9F6F-1C996FB7D8E2}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{31E67AD0-D925-4B82-8448-07C899D58835}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe No File
FirewallRules: [UDP Query User{DBB4B610-CB87-4B3D-B1A3-567F87318AF7}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe No File
FirewallRules: [TCP Query User{6AFF188B-8373-40A2-82C2-A38DB349375A}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe No File
FirewallRules: [UDP Query User{81A3774E-42A1-48C2-90C7-441F94C9591B}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe No File
FirewallRules: [TCP Query User{EB0F1884-F45F-4570-9AE1-B59A8D51CF00}C:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe] => (Block) C:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [UDP Query User{B1D2D469-BC5C-4B0B-8AAA-E974E6FA1D34}C:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe] => (Block) C:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{439C257B-03EE-4101-9192-39659BBE8A38}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe No File
FirewallRules: [{60EDC12D-A059-43EA-BFD5-63E65168AB52}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe No File
FirewallRules: [{EC6B3EF7-0B85-4620-ADD0-DD89FA2313B4}] => (Allow) C:\Users\gladys\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{05709F4C-BA0A-4E9B-A9F3-7B164F2E786C}] => (Allow) C:\Users\gladys\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{B8496F9F-FD7D-4C55-AAE6-9CD7617DFB73}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{7985ACCB-57BF-4AF2-9B6D-890014A9D7EE}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{0E57EBE1-9D56-4BB8-9792-68A7AC44A27A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C7E89528-234E-4D49-91A3-2D7461B5CC39}] => (Allow) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

22-05-2019 15:47:57 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
30-05-2019 20:37:03 Punto de control programado
11-06-2019 10:44:45 Punto de control programado
21-06-2019 16:28:34 Punto de control programado
30-06-2019 14:05:52 Punto de control programado
09-07-2019 13:39:50 Punto de control programado
16-07-2019 14:16:21 Punto de control programado
24-07-2019 19:32:11 Punto de control programado
29-07-2019 18:51:19 ZHPcleaner

==================== Faulty Device Manager Devices =============

Name: SASDIFSV
Description: SASDIFSV
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: SASDIFSV
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: SASKUTIL
Description: SASKUTIL
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: SASKUTIL
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de tunelización Teredo de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/04/2019 07:36:37 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (08/04/2019 06:36:13 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (08/04/2019 05:36:33 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (08/04/2019 04:36:07 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (08/04/2019 04:24:23 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (08/04/2019 02:36:02 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (08/04/2019 01:36:02 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (08/04/2019 12:36:02 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.


System errors:
=============
Error: (08/04/2019 04:14:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
SASDIFSV
SASKUTIL

Error: (08/04/2019 11:35:35 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Windows Update no respondió después de iniciar.

Error: (08/04/2019 11:29:22 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
SASDIFSV
SASKUTIL

Error: (08/03/2019 08:03:47 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Windows Update no respondió después de iniciar.

Error: (08/03/2019 07:59:03 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
SASDIFSV
SASKUTIL

Error: (08/03/2019 10:32:54 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
SASDIFSV
SASKUTIL

Error: (08/02/2019 09:44:01 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
SASDIFSV
SASKUTIL

Error: (08/01/2019 06:31:01 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
SASDIFSV
SASKUTIL


Windows Defender:
===================================
Date: 2017-05-22 14:08:03.012
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/OmigaPlus!blnk&threatid=221912
Nombre:BrowserModifier:Win32/OmigaPlus!blnk
Id.:221912
Gravedad:Alta
Categoría:Modificador de explorador
Ruta de acceso encontrada:containerfile:C:\Users\gladys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk;file:C:\Users\gladys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk->[CMDEmbedded]
Tipo de detección:Concreto
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\Servicio de red
Nombre de proceso:c:\program files\windows defender\MpCmdRun.exe

Date: 2017-05-22 14:08:03.010
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/OmigaPlus!blnk&threatid=221912
Nombre:BrowserModifier:Win32/OmigaPlus!blnk
Id.:221912
Gravedad:Alta
Categoría:Modificador de explorador
Ruta de acceso encontrada:containerfile:C:\Users\gladys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk;file:C:\Users\gladys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk->[CMDEmbedded]
Tipo de detección:Concreto
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\Servicio de red
Nombre de proceso:c:\program files\windows defender\MpCmdRun.exe

Date: 2015-09-09 13:33:28.657
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{EBA13496-6311-4040-9D7A-F12A8CD24E77}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

Date: 2014-03-29 13:53:24.921
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{EA6E7379-0792-422E-917B-869F3096FFB1}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

CodeIntegrity:
===================================

Date: 2017-08-15 15:18:13.582
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-08-15 15:18:13.364
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-08-15 07:35:20.254
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-08-15 07:35:20.192
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-08-14 08:35:30.300
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-08-14 08:35:30.237
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-08-13 18:00:47.190
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-08-13 18:00:47.112
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

==================== Memory info =========================== 

BIOS: Phoenix Technologies Ltd. 04UZ.M003.20100327.XW 03/27/2010
Motherboard: SAMSUNG ELECTRONICS CO., LTD. R430/R480/R440
Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 92%
Total physical RAM: 2932.55 MB
Available physical RAM: 211.55 MB
Total Virtual: 5863.41 MB
Available Virtual: 2191.75 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:141.49 GB) (Free:15.06 GB) NTFS
Drive d: () (Fixed) (Total:141.5 GB) (Free:123.71 GB) NTFS

\\?\Volume{438a7ad1-42a8-11df-862a-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS
\\?\Volume{438a7ad0-42a8-11df-862a-806e6f6e6963}\ (RECOVERY) (Fixed) (Total:15 GB) (Free:3.31 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 1096B93F)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=141.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=141.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Hola @gich

1.- Necesitamos el Log de Eset , para ver el reporte te deje su Manual revisa especialmente donde dice Informe de análisis

Este Equipo\Disco C\Usuarios\ Tu Nombre de Usuario\AppData\Local\Temp\ Log.txt

Para poder ver esa ubicación, debe Mostrar archivos ocultos


2.- Ejecutaste FRST desde un ligar incorrecto:

  • Running from C:\Users\gladys\A PSICOLOGIA UBA\Downloads

Corta el ejecutable y pegalo en tu escritorio <<< Esto es Muy Importante.


Luego sigue estos pasos:

3.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

4.- Desactiva Temporalmente tu antivirus.

5.- Abre un nuevo archivo Notepad y copia y pega este contenido:


Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-2264253706-1617791975-327108488-1000\...\Run: [] => [X]
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKLM\...\Drivers32: [vidc.DIVX] => C:\windows\system32\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.yv12] => C:\windows\system32\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-2264253706-1617791975-327108488-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {0A35AB5C-2085-4805-A50E-D25364D49D9B} - System32\Tasks\DivXUpdate => C:\Program Files\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [68568 2017-08-02] (DivX, LLC -> DivX, LLC)
Task: {15F6BA87-812E-4FCA-B19A-FCDDBE7A17FA} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {15F6BA87-812E-4FCA-B19A-FCDDBE7A17FA} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\windows\system32\GWX\GWXDetector.exe [288768  [2015-09-30]] (Microsoft Windows -> Microsoft Corporation)
Task: {196C7CE8-36DF-4CFF-804E-E92DF3162BE4} - System32\Tasks\{1D8C6E9F-395C-4D44-A01D-06DC3E09992D} => C:\windows\system32\pcalua.exe -a "F:\Adobecs4\Adobe CS4\payloads\AdobeAIR1.0\AdobeAIRInstaller.exe" -d "C:\Program Files\Common Files\Adobe\Installers\b2d6abde968e6f277ddbfd501383e02" -c -silent
Task: {1DEC4C1E-D206-4D13-A03E-F648B359EAB3} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {1DEC4C1E-D206-4D13-A03E-F648B359EAB3} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\windows\system32\GWX\GWXDetector.exe [288768  [2015-09-30]] (Microsoft Windows -> Microsoft Corporation)
Task: {33C0B20F-84BD-40B1-AFF1-703DFEF2ED16} - System32\Tasks\{478D288D-D7EE-43D2-8CAB-330DB5C79F4B} => C:\windows\system32\pcalua.exe -a "C:\Users\gladys\Desktop\SetupNokiaMusic (1).exe" -d C:\Users\gladys\Desktop
Task: {3B5D80E0-8FE9-402E-B05E-1E21E0C80E95} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\gladys\A PSICOLOGIA UBA\Downloads\ESETOnlineScanner_ESL.exe [7986200 2019-08-04] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {5FDBFEBB-B57B-4CB9-A9F1-B2A5E68A40B1} - System32\Tasks\{CA656F7D-908B-4BC1-A663-6883BA83AD9A} => C:\windows\system32\pcalua.exe -a C:\Users\gladys\Pictures\EBOOK\qxp93_win\QuickTime7.0\QuickTimeInstaller.exe -d C:\Users\gladys\Pictures\EBOOK\qxp93_win\QuickTime7.0
Task: {845788B1-FB44-4F28-ADE3-16521A81884E} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\gladys\A PSICOLOGIA UBA\Downloads\ESETOnlineScanner_ESL.exe [7986200 2019-08-04] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {F71AEE59-8304-40A9-802E-A760E533219F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {F71AEE59-8304-40A9-802E-A760E533219F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {F71AEE59-8304-40A9-802E-A760E533219F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\windows\system32\GWX\GWXDetector.exe [288768  [2015-09-30]] (Microsoft Windows -> Microsoft Corporation)
Hosts: 0.0.0.1	mssplus.mcafee.com
HKU\S-1-5-21-2264253706-1617791975-327108488-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-2264253706-1617791975-327108488-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_es___AR398
BHO: No Name -> {0877c1fc-19c6-4fe2-8e3d-699d8edb2964} -> No File
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
Toolbar: HKU\S-1-5-21-2264253706-1617791975-327108488-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-2264253706-1617791975-327108488-1000 -> No Name - {9C905B42-976E-43C1-BC30-FC5937017909} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
FF HKLM\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa => not found
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2017-11-21] (DivX, LLC -> DivX, LLC)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin HKU\.DEFAULT: gingersoftware.com/gingerPlugin -> C:\Program Files\Ginger\GingerServices\GingerServicesProxy.dll [No File]
FF ExtraCheck: C:\Program Files\mozilla firefox\firefox.cfg [2013-06-18] <==== ATTENTION
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
S1 SASDIFSV; \??\C:\Users\gladys\Desktop\SASDIFSV.SYS [X]
S1 SASKUTIL; \??\C:\Users\gladys\Desktop\SASKUTIL.SYS [X]
2019-07-29 18:19 - 2018-03-25 16:35 - 000000000 ____D C:\Program Files\Lavasoft
2019-07-29 18:19 - 2018-03-25 16:34 - 000000000 ____D C:\ProgramData\Lavasoft
2013-10-12 16:02 - 2013-10-12 16:02 - 050053120 _____ () C:\Program Files\GUTE37C.tmp
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> [CC]{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} =>  -> No File
ContextMenuHandlers3: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> [CC]{C95FFEAE-A32E-4122-A5C4-49B5BFB69795} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers4: [ZIPProcessor] -> {E5C972BD-3890-4427-ABEA-A2AD8D88E7A6} => C:\Program Files\Eazel\ZPShellExt.dll -> No File
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> [CC]{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [144]
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54 [248]
AlternateDataStreams: C:\ProgramData\Temp:A42A9F39 [276]
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE [250]
AlternateDataStreams: C:\ProgramData\Temp:DA868A70 [306]
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D [140]
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
FirewallRules: [TCP Query User{F05B9587-7EFB-45F8-B377-01FB9CD00ED0}C:\users\gladys\desktop\programas y antivirus\ares\ares.exe] => (Block) C:\users\gladys\desktop\programas y antivirus\ares\ares.exe No File
FirewallRules: [UDP Query User{CC408DAE-37A8-46D0-B5C0-1135737BB1F2}C:\users\gladys\desktop\programas y antivirus\ares\ares.exe] => (Block) C:\users\gladys\desktop\programas y antivirus\ares\ares.exe No File
FirewallRules: [{0A83174C-5FA8-4339-BFE2-435B46B68B70}] => (Allow) C:\Program Files\GoforFiles\goforfilesdl.exe No File
FirewallRules: [{D5ACABB2-CDF8-4DA8-A6D3-D98FE0BF90D4}] => (Allow) C:\Program Files\GoforFiles\goforfilesdl.exe No File
FirewallRules: [{266CBDC4-1EB3-42F4-B2C8-47CAF7E5404F}] => (Allow) C:\Program Files\GoforFiles\GoforFiles.exe No File
FirewallRules: [{35E93612-1EC8-48B0-81C4-61CC460E0E3C}] => (Allow) C:\Program Files\GoforFiles\GoforFiles.exe No File
FirewallRules: [TCP Query User{21360DC8-5097-4249-A5B5-83FDD61F7C12}C:\users\gladys\desktop\programas y antivirus\ares\ares.exe] => (Allow) C:\users\gladys\desktop\programas y antivirus\ares\ares.exe No File
FirewallRules: [UDP Query User{FF123547-31B7-4ADD-A5B4-7465F6AC026C}C:\users\gladys\desktop\programas y antivirus\ares\ares.exe] => (Allow) C:\users\gladys\desktop\programas y antivirus\ares\ares.exe No File
FirewallRules: [TCP Query User{31E67AD0-D925-4B82-8448-07C899D58835}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe No File
FirewallRules: [UDP Query User{DBB4B610-CB87-4B3D-B1A3-567F87318AF7}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe No File
FirewallRules: [TCP Query User{6AFF188B-8373-40A2-82C2-A38DB349375A}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe No File
FirewallRules: [UDP Query User{81A3774E-42A1-48C2-90C7-441F94C9591B}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe No File
FirewallRules: [{439C257B-03EE-4101-9192-39659BBE8A38}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe No File
FirewallRules: [{60EDC12D-A059-43EA-BFD5-63E65168AB52}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe No File

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

**6.- ** Actualiza Java a su ultima versión.


7.- Se ve que eres muy usuario de P2P, imagino que sabes que son un coladero de virus, pero al margen de gustos te hago una pregunta tu antivirus Avast lo descargaste de Ares??

Nos comentas como sigue el problema

Salu2.

1 me gusta

Hola, encontré el informe de esset! se los pego acá y sigo con los otros pasos. Gracias!

16:26:47 # product=EOS
# version=8
# ESETOnlineScanner_ESL.exe=3.1.6.0
# country="Argentina"
# lang=13322
16:28:05 Updating
16:28:05 Update Init
16:28:06 Update Download
16:33:36 esets_scanner_reload returned 0
16:33:36 g_uiModuleBuild: 42309
16:33:36 Update Finalize
16:33:36 Call m_esets_charon_send
16:33:36 Call m_esets_charon_destroy
16:33:36 Updated modules version: 42309
16:33:48 Scanner engine: 42309
19:24:40 RecursiveRemoveDirectoryAndAllFiles: C:\Users\gladys\AppData\Local\ESET\ESETOnlineScanner\Quarantine\
19:24:42 Cleaning up
19:24:42 RecursiveRemoveDirectoryAndAllFiles: C:\Users\gladys\AppData\Local\ESET\ESETOnlineScanner\Modules\
19:24:43 RecursiveRemoveDirectoryAndAllFiles: C:\Users\gladys\AppData\Local\ESET\ESETOnlineScanner\OldModules\
19:24:43 DeleteEstsApi: C:\Users\gladys\AppData\Local\ESET\ESETOnlineScanner
19:24:43 # product=EOS
# version=8
# flags=0
# av=0
# fw=7
# admin=1
# ESETOnlineScanner_ESL.exe=3.1.6.0
# EOSSerial=ed0e598bb38d8744a2302b0d0a646189
# engine=42309
# end=finished
# bannerClicked=0
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# sfx_checked=true
# utc_time=2019-08-04 22:24:40
# local_time=2019-08-04 19:24:40 (-0300, Hora estándar de Argentina)
# country="Argentina"
# lang=13322
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avast Antivirus'
# compatibility_mode=815 16777213 83 97 0 23305934 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 63022090 316502271 0 0
# scanned=370389
# found=130
# cleaned=126
# scan_time=10218
# scan_type=2
# flow=2019-08-04 16:26:59|scr|eula|2019-08-04 16:27:04|promo|eis|2019-08-04 16:27:13|scr|welcome|2019-08-04 16:27:23|scr|consents|2019-08-04 16:27:47|scr|scan_type|2019-08-04 16:27:52|scr|pua|2019-08-04 16:28:05|scr|updating|2019-08-04 16:33:36|scr|scanning|2019-08-04 19:23:58|scr|not_cleaned|2019-08-04 19:24:07|scr|report_cleaned|2019-08-04 19:24:07|click|unresolved_detections|2019-08-04 19:24:13|scr|periodic_offer|2019-08-04 19:24:23|scr|upsell|2019-08-04 19:24:27|scr|thanks
# periodic=0,1
# stats_enabled=0
# rating=3
# feedback=
sh=32EEE1864E49A4FA06A68005D78A42202771D551 ft=1 fh=0000000000135530 vn="una variante de Win32/Toolbar.Perion.H aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\AdwCleaner\Quarantine\v1\20190729.181814\15\jmdp\lmrn.dll#5A66AE5B2F492588"
sh=1F4C2E6BCF89CECF7E57FCA218A3ED10A5879828 ft=1 fh=000000000010cb30 vn="una variante de Win32/Toolbar.Perion.H aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\AdwCleaner\Quarantine\v1\20190729.181814\15\jmdp\stij.exe#A24D2D7C6AD84D76"
sh=42D9BB0DC8CDE88027D97E634A5E9435CA47BB7D ft=1 fh=0000000000119828 vn="una variante de Win32/UniBlue.F aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\AdwCleaner\Quarantine\v1\20190729.181814\19\RPEng\E41D8AFA06944C48AE7BB1AFEB8FAF69\pcm_ar_p1v7.exe#51D0F945F0A435ED"
sh=181241E6431887DC27F4E2B92159F77D82831893 ft=1 fh=0000000000182330 vn="una variante de Win32/Toolbar.Perion.H aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\AdwCleaner\Quarantine\v1\20190729.181814\20\mjcm\5113\nsib.dll#C44CC5C881AEBBE5"
sh=C0A6EE22B75DAB50FA3B2C6C71B7F3A2A6F470DC ft=1 fh=0000000000180930 vn="una variante de Win32/Toolbar.Perion.H aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\AdwCleaner\Quarantine\v1\20190729.181814\20\mjcm\5119\nsib.dll#C44CC5C881AEBBE5"
sh=D589418ED5B785A121824C5F6B6B4D99BEE7AF36 ft=1 fh=000000000018db30 vn="una variante de Win32/Toolbar.Perion.H aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\AdwCleaner\Quarantine\v1\20190729.181814\20\mjcm\5123\nsib.dll#C44CC5C881AEBBE5"
sh=E1F78B4540FCC254BF66324F6A846411AD86F79B ft=1 fh=00000000001b1530 vn="una variante de Win32/Toolbar.Perion.H aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\AdwCleaner\Quarantine\v1\20190729.181814\20\mjcm\5131\nsib.dll#C44CC5C881AEBBE5"
sh=52D2E7000C51C535BE065DBC04697148F2A91DA7 ft=1 fh=00000000001b1930 vn="una variante de Win32/Toolbar.Perion.H aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\AdwCleaner\Quarantine\v1\20190729.181814\20\mjcm\5132\nsib.dll#C44CC5C881AEBBE5"
sh=636553DBD4D8839C3BB36F59A90C63F23BCD7504 ft=1 fh=00000000001b2330 vn="una variante de Win32/Toolbar.Perion.H aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\AdwCleaner\Quarantine\v1\20190729.181814\20\mjcm\5141\nsib.dll#C44CC5C881AEBBE5"
sh=B8E5C06400F0B76B15A8E354AC591E4AE0D63A14 ft=1 fh=0000000000192f30 vn="una variante de Win32/Toolbar.Perion.H aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\AdwCleaner\Quarantine\v1\20190729.181814\20\mjcm\5143\nsib.dll#C44CC5C881AEBBE5"
sh=343835935AFCB46A3F8B1DC4BF181B6AEA2F109D ft=1 fh=00000000001a1930 vn="una variante de Win32/Toolbar.Perion.H aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\AdwCleaner\Quarantine\v1\20190729.181814\20\mjcm\5154\nsib.dll#C44CC5C881AEBBE5"
sh=F2D83172D56E547255D9115BDCB869309F0EF581 ft=1 fh=00000000000bed30 vn="una variante de Win32/Toolbar.Perion.H aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\AdwCleaner\Quarantine\v1\20190729.181814\20\mjcm\dnkt.exe#C1E705B306E2D6BE"
sh=B123EEB386261C1E354EFC6FEB138F34BD8EE48C ft=1 fh=00000000000b8f30 vn="una variante de Win32/Toolbar.Perion.H aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\AdwCleaner\Quarantine\v1\20190729.181814\20\mjcm\trzC495.tmp#8B7DD6ED28478229"
sh=2578EE610A91084DB8CD9D0A0F64E8F714F2DCC6 ft=1 fh=0000000000018a68 vn="una variante de MSIL/WebCompanion.D aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\AdwCleaner\Quarantine\v1\20190729.181814\283\Web Companion\Application\Lavasoft.Utils.dll#9AD30F788DCE0961"
sh=9B8CF40026ED2D67A4D6A70F803853F42A491A1C ft=1 fh=0000000000006468 vn="una variante de MSIL/WebCompanion.D aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\AdwCleaner\Quarantine\v1\20190729.181814\283\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe#15B1301DF9C55566"
sh=619CF25D162EC7F041642DF26BA9C1962116282A ft=1 fh=000000000075c268 vn="una variante de MSIL/WebCompanion.D aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\AdwCleaner\Quarantine\v1\20190729.181814\283\Web Companion\Application\WebCompanion.exe#0A40221CF0E9D2C8"
sh=82F863429BE303829F3117548297A2BA4586B52C ft=1 fh=000000000004fc68 vn="una variante de MSIL/WebCompanion.C aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\AdwCleaner\Quarantine\v1\20190729.181814\283\Web Companion\Application\WebCompanionInstaller.exe#C4A30326681F81BC"
sh=ED32BD47BF5D7B2EFDCE5CC890C0EEBB11F118BD ft=1 fh=000000000004cd30 vn="una variante de Win32/SweetIM.L aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Config.Msi\537272f.rbf"
sh=37AF65E3CAFD4F088C35D62A1BDBEEB716AB5236 ft=1 fh=00000000002b53b8 vn="Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura (error al eliminando (Acceso denegado))" ac=I fn="C:\Program Files\AVAST Software\Avast\Setup\New_1302093c\aswOfferTool.exe"
sh=F6EC9C1C2B72056BD312280CF9265CBC84C2A6C7 ft=1 fh=00000000002ba3b8 vn="Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura (error al eliminando (Acceso denegado))" ac=I fn="C:\Program Files\AVAST Software\Avast\Setup\aswOfferTool.exe"
sh=F6EC9C1C2B72056BD312280CF9265CBC84C2A6C7 ft=1 fh=00000000002ba3b8 vn="Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura (error al eliminando (Acceso denegado))" ac=I fn="C:\Program Files\AVAST Software\Avast\Setup\offertool_ais-946.vpx"
sh=46A09929E3E567750702E766FC5E328401D1F17E ft=1 fh=00000000002bb1b8 vn="Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura (error al eliminando (Acceso denegado))" ac=I fn="C:\Program Files\AVAST Software\Avast\Setup\offertool_ais-94f.vpx"
sh=1FFCB29BBD6A810BAF497EE5841925FC90AA9C57 ft=1 fh=0000000000116910 vn="una variante de Win32/InstallCore.AZ aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Program Files\PDFReader\Uninstall\Uninstall.exe"
sh=1FFCB29BBD6A810BAF497EE5841925FC90AA9C57 ft=1 fh=0000000000116910 vn="una variante de Win32/InstallCore.AZ aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\A ARTES ESCRITURA\LIBROS\LIBROS BAJADOS\PDFReaderSetup.exe"
sh=249FA24F66F701B70E9F54858DE61E50FFF9FD50 ft=1 fh=00000000000562c8 vn="Win32/SoftonicDownloader.E aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\A PSICOLOGIA UBA\Downloads\INDESIGN\EBOOK\SoftonicDownloader_para_abbyy-finereader.exe"
sh=956BFD0E1C5D972F25CC9D3FE124CEC0CDB01B47 ft=1 fh=00000000000562b8 vn="Win32/SoftonicDownloader.D aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\A PSICOLOGIA UBA\Downloads\INDESIGN\EBOOK\SoftonicDownloader_para_calibre (1).exe"
sh=956BFD0E1C5D972F25CC9D3FE124CEC0CDB01B47 ft=1 fh=00000000000562b8 vn="Win32/SoftonicDownloader.D aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\A PSICOLOGIA UBA\Downloads\INDESIGN\EBOOK\SoftonicDownloader_para_calibre.exe"
sh=ADF2AD3B94EB35DC371AB7A1A49B004B7C76BFA5 ft=1 fh=000000000042ace0 vn="Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\A PSICOLOGIA UBA\Downloads\ccsetup406.exe"
sh=DD7454155F9067AB71FFFE51336731868D6655BE ft=1 fh=00000000000c51a0 vn="una variante de Win32/Bundled.Toolbar.Ask.G aplicación potencialmente no segura (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\A PSICOLOGIA UBA\Downloads\OffercastInstaller (1).exe"
sh=DD7454155F9067AB71FFFE51336731868D6655BE ft=1 fh=00000000000c51a0 vn="una variante de Win32/Bundled.Toolbar.Ask.G aplicación potencialmente no segura (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\A PSICOLOGIA UBA\Downloads\OffercastInstaller.exe"
sh=05C861870444E9686A4C2B522B6E52D7FD09027D ft=1 fh=00000000000562e8 vn="Win32/SoftonicDownloader.E aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\A PSICOLOGIA UBA\Downloads\SoftonicDownloader_para_alba-mi-simulador-de-ambientes.exe"
sh=132C5A98B132B41B5F928916FFDBCB21F732B292 ft=1 fh=000000000005ff58 vn="Win32/SoftonicDownloader.E aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\A PSICOLOGIA UBA\Downloads\SoftonicDownloader_para_express-scribe.exe"
sh=AF2C626C833758FDBE955706FF621D70554F15C4 ft=1 fh=0000000000059b68 vn="una variante de Win32/SoftonicDownloader.G aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\A PSICOLOGIA UBA\Downloads\SoftonicDownloader_para_utorrent-portable.exe"
sh=85AD589676BB7B7D3A25413FBF07FC350B19CEFD ft=1 fh=00000000002f8530 vn="MSIL/WebCompanion.A aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\A PSICOLOGIA UBA\Downloads\uTorrent (1).exe"
sh=A3045039009390F1A0A795CE9ED98275DB3433D6 ft=1 fh=00000000000e0e98 vn="una variante de Win32/Adware.ELEX.PQ aplicación (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\A PSICOLOGIA UBA\Downloads\yet_another_cleaner.exe"
sh=CDDDF795B844FAC1B0E25E26C924BD5CA03CBC40 ft=1 fh=00000000000de298 vn="una variante de Win32/Adware.ELEX.PQ aplicación (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\A PSICOLOGIA UBA\Downloads\yet_another_cleaner_ash.exe"
sh=953A4E92C9AB0D0A8F74A2784AA8232303ADC2C3 ft=1 fh=00000000000a3bd0 vn="una variante de Win32/InstallCore.JF aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\A PSICOLOGIA UBA\Downloads\ZipSetup.exe"
sh=D307BE2E9FB1259B72C3DD6A11FE08303A2134C0 ft=1 fh=0000000000099368 vn="Win32/VOPackage.BC aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Local\nsi3966.tmp"
sh=CEF8BAE91D4D3EC24FD95E5D614F12E61CD10245 ft=0 fh=000000000000007b vn="JS/SecurityDisabler.B aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\Mozilla\Firefox\Profiles\user.js"
sh=8FF4ACCE7E5269C961F3B60D38FBFCA904AA1CCB ft=0 fh=0000000000006cf7 vn="Win32/Bundled.Toolbar.Ask.P aplicación potencialmente no segura (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\aaaalipaokhkccgmgkdglfinfnfhflko\30.10_1\background\background.js"
sh=DA970646F2DC770A2167B9573F8F09B6E514B893 ft=1 fh=000000000000cfd0 vn="una variante de Win32/Bundled.Toolbar.Ask.F aplicación potencialmente no segura (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\aaaalipaokhkccgmgkdglfinfnfhflko\30.10_1\background\ChromeUtilPlugin.dll"
sh=C2DB8C71822AF314FF5037B0A5B7B98EFEDB6FBA ft=0 fh=0000000000001370 vn="Win32/Bundled.Toolbar.Ask.Q aplicación potencialmente no segura (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\aaaalipaokhkccgmgkdglfinfnfhflko\30.10_1\background\popup.js"
sh=AB2BD43A42E3765A1103D9B394ABEF13C3D3F571 ft=0 fh=0000000000000a54 vn="Win32/Bundled.Toolbar.Ask.P aplicación potencialmente no segura (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\aaaalipaokhkccgmgkdglfinfnfhflko\30.10_1\tb_ux\chrome-options.js"
sh=237CE9C4374249C2E99027E7FDB665D16CFC2F30 ft=0 fh=0000000000000419 vn="JS/Toolbar.Crossrider.J aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\102.js"
sh=00EA0EF83E9FE15A4C52DF7E70DFA993C27D47C0 ft=0 fh=0000000000000381 vn="JS/Toolbar.Crossrider.J aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\104.js"
sh=7C39FE0BD1EF44B15C43CAFE310F9C4327B63A0C ft=0 fh=00000000000003f9 vn="JS/Toolbar.Crossrider.J aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\123.js"
sh=943804A8971C223127655CF71B5B9381653B342D ft=0 fh=0000000000001b51 vn="JS/Toolbar.Crossrider.AE aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\13.js"
sh=F4868E75E21D37FCBC9A5871B6B120EB3E4600DF ft=0 fh=0000000000005110 vn="JS/Toolbar.Crossrider.O aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\14.js"
sh=38D00461C6AAE76E8D28F1B29256E854E240C868 ft=0 fh=00000000000137f8 vn="JS/Toolbar.Crossrider.AL aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\17.js"
sh=E9D045F5AAFAC0829540AF1CE69E62624A649D7F ft=0 fh=0000000000001cb0 vn="JS/Toolbar.Crossrider.K aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\175.js"
sh=3BB6CC913E5497628C1997E9382227DA8B318939 ft=0 fh=0000000000007970 vn="JS/Toolbar.Crossrider.AY aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\177.js"
sh=59418B96ED4D653FE8F4C66E5E95BAE9ED93C808 ft=0 fh=0000000000000569 vn="JS/Toolbar.Crossrider.J aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\180.js"
sh=752CD991CE8FEBF524934DF8B2D17E01A31CA81E ft=0 fh=0000000000003793 vn="JS/Toolbar.Crossrider.AW aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\182.js"
sh=334CE23BC9F2E71311764EA02065085E3C92886B ft=0 fh=0000000000000ab3 vn="JS/Toolbar.Crossrider.AA aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\183.js"
sh=32FE8D811A0CD3B7424FD03880F6FE6C32781264 ft=0 fh=0000000000001c9e vn="JS/Toolbar.Crossrider.G aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\19.js"
sh=8DD5C0227E055ED8086C0C2F51CBEE10B9EEB530 ft=0 fh=0000000000000389 vn="JS/Toolbar.Crossrider.J aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\192.js"
sh=D9E4F4EC06BBEF56D1CAFBB7205BEF7EF2C55F4A ft=0 fh=0000000000000389 vn="JS/Toolbar.Crossrider.J aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\193.js"
sh=73BB348077DE54C373977A1CCE42FD9735E85D29 ft=0 fh=000000000000019a vn="JS/Toolbar.Crossrider.K aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\195.js"
sh=59DD7276A5C17AAB4B4817B8E06AAF7E19E10ECA ft=0 fh=0000000000000601 vn="JS/Toolbar.Crossrider.AN aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\207.js"
sh=3D8FEB274B1F910633E0EE3966A82AE9DCBD406A ft=0 fh=0000000000000de8 vn="JS/Toolbar.Crossrider.F aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\21.js"
sh=358A8DFB422856A6D68CDA6BEBB8EE7A6B244C7E ft=0 fh=00000000000022fe vn="JS/Toolbar.Crossrider.AG aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\22.js"
sh=71C0C30BA6E116C0C37F0A78822D9C12C2BD2431 ft=0 fh=0000000000000339 vn="JS/Toolbar.Crossrider.J aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\223.js"
sh=69F3441DAAA26144ABB42DB33386C549E9F2231D ft=0 fh=0000000000000401 vn="JS/Toolbar.Crossrider.J aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\242.js"
sh=AC7CDFABE42ED0EB04E9EE39BB014020C9E2BFA6 ft=0 fh=0000000000000451 vn="JS/Toolbar.Crossrider.J aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\244.js"
sh=D54608C2C83E087E9AAB753DCEF1B4628906BB66 ft=0 fh=0000000000001c4a vn="JS/Toolbar.Crossrider.AV aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\246.js"
sh=6634CC4515F7A97D53296C1C6B6C7F853703D0BE ft=0 fh=0000000000000339 vn="JS/Toolbar.Crossrider.J aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\260.js"
sh=685B7C04665850FCCF11E3ED4B9C4756597E3AB2 ft=0 fh=0000000000000405 vn="JS/Toolbar.Crossrider.J aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\262.js"
sh=B3C76B172A99080AEFA5AC431190F64DC1D4DAE8 ft=0 fh=0000000000000405 vn="JS/Toolbar.Crossrider.J aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\263.js"
sh=BA2B61F97B433E61EB2DF4A6FBE657BA83BA4ADA ft=0 fh=00000000000001ed vn="JS/Toolbar.Crossrider.J aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\267.js"
sh=A61F2AB2BDA3DF4EA26FB96BFA4BAA4BEFA99E6A ft=0 fh=0000000000000218 vn="JS/Toolbar.Crossrider.F aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\28.js"
sh=E9DD2C03F93A35E32413CBB3B87CA74D1430D8D7 ft=0 fh=00000000000001e5 vn="JS/Toolbar.Crossrider.J aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\281.js"
sh=8E3EC4BDF15257918266275CBFFFD0BB0931DB50 ft=0 fh=00000000000003d1 vn="JS/Toolbar.Crossrider.J aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\286.js"
sh=D0C91B4ACE84473BFACA534FF1542F34C843F213 ft=0 fh=0000000000001d96 vn="JS/Toolbar.Crossrider.M aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\47.js"
sh=BDCFA8379825B1BC17A13BDF73B7384DE46E7C3B ft=0 fh=0000000000000898 vn="JS/Toolbar.Crossrider.P aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\64.js"
sh=FF0ABE1F033266A9AEC3C21D73BEF85E8A26D8BC ft=0 fh=00000000000002ad vn="JS/Toolbar.Crossrider.U aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\7.js"
sh=B47648E22D2DCFA841DE90CA8386AC036E4E3B10 ft=0 fh=000000000000b4a7 vn="JS/Toolbar.Crossrider.AX aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\72.js"
sh=89B0A0DFD4DF451FEEC433683868EE588C08EC51 ft=0 fh=0000000000000c73 vn="JS/Toolbar.Crossrider.AB aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\78.js"
sh=32B01DA7935985C20B1E441A4FB55E71B088A47A ft=0 fh=0000000000000953 vn="JS/Toolbar.Crossrider.Y aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\9.js"
sh=51E1DA38E6B3D3EFA3F99C0C8BB55195C28F1483 ft=0 fh=0000000000028464 vn="JS/Toolbar.Crossrider.AI aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\91.js"
sh=49BBE5AC7BA9C32FE3C5B24F1074385D2C60FA38 ft=0 fh=00000000000003b9 vn="JS/Toolbar.Crossrider.J aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\93.js"
sh=778B8C980A33D3679264BE3920E6F15D75731E06 ft=0 fh=0000000000000c55 vn="JS/Toolbar.Crossrider.N aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\extensionData\plugins\97.js"
sh=832ADA6E9B2673CA1DE314A566FF76316F0A2997 ft=0 fh=0000000000002ceb vn="JS/Toolbar.Crossrider.G aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\js\api\chrome.js"
sh=F4FE303A5886572113DF4DA3579956CEBB907F56 ft=0 fh=0000000000002ddf vn="JS/Toolbar.Crossrider.G aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\js\api\cookie.js"
sh=FD2A3FEFF97D325433D2011C5ED5755B6D6A8FAA ft=0 fh=0000000000000d12 vn="JS/Toolbar.Crossrider.G aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\js\api\message.js"
sh=480291E6360EDA2357DCDF48736AAB96C7722AEE ft=0 fh=0000000000000ab8 vn="JS/Toolbar.Crossrider.G aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\js\api\monitor.js"
sh=B7CF98A7E98785EE5C4412B62DA49AA2CCA5FC6E ft=0 fh=00000000000006c9 vn="JS/Toolbar.Crossrider.W aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\js\api\pageAction.js"
sh=40D8A5CBA5987152A8DFAC467C672EF1CC430939 ft=0 fh=00000000000009d7 vn="JS/Toolbar.Crossrider.Z aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\js\api\pageActionBG.js"
sh=8F30AFD1319EBF5F58B2F53EF737A26A92614C59 ft=0 fh=0000000000000028 vn="JS/Toolbar.Crossrider.AJ aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\js\lib\popupResource\newPopup.js"
sh=DB89F46344CECC785277E46A5AF6C0C2F7177E62 ft=0 fh=0000000000001a29 vn="JS/Toolbar.Crossrider.AC aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\js\lib\app_api.js"
sh=B3ABD3CAA6ADACF7A87576C3F949A2C023F51456 ft=0 fh=0000000000001279 vn="JS/Toolbar.Crossrider.G aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\js\lib\bg_app_api.js"
sh=08D58C3894EBE6ACECBBB854F1F2E05B7400A6C0 ft=0 fh=00000000000001ad vn="JS/Toolbar.Crossrider.AQ aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\js\lib\consts.js"
sh=6B8D57805A81A0C2A68E87C410FF89D15BB71CC9 ft=0 fh=0000000000001711 vn="JS/Toolbar.Crossrider.H aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\js\lib\cookie_store.js"
sh=CCE2C38E8E351E54EF7624D60D5C8E8943A8C1D9 ft=0 fh=0000000000002c66 vn="JS/Toolbar.Crossrider.F aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\js\lib\crossriderAPI.js"
sh=83D52B954331FF588BF95ACF190E40A9C28128A1 ft=0 fh=00000000000007d2 vn="JS/Toolbar.Crossrider.AS aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\js\lib\delegate.js"
sh=EDB82EF0A2AC160256F1A5C49F0778E3A42AC559 ft=0 fh=000000000000167d vn="JS/Toolbar.Crossrider.G aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\js\lib\events.js"
sh=87F0A95E563A9119567248A593244440843E134B ft=0 fh=0000000000001aa1 vn="JS/Toolbar.Crossrider.AD aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\js\lib\extensionDataStore.js"
sh=17A2876D4B9F9108CDEE3B9F698A5C054E7B3971 ft=0 fh=00000000000002fd vn="JS/Toolbar.Crossrider.V aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\js\lib\logFile.js"
sh=F60E85FECE253870FBF3E77FB088F546688FB9AF ft=0 fh=00000000000003b0 vn="JS/Toolbar.Crossrider.AO aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\js\lib\logging.js"
sh=902E327ADBC89F0A47999D10E7F6F6554CFCC0F4 ft=0 fh=00000000000001e0 vn="JS/Toolbar.Crossrider.G aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\js\lib\onBGDocumentLoad.js"
sh=3E6E49061DC4C0339624D1BD4C5972D2D6988DA4 ft=0 fh=0000000000001402 vn="JS/Toolbar.Crossrider.G aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\js\lib\reports.js"
sh=CAC2FC420F4819373AA1C871E7DDA0F33F11B9C5 ft=0 fh=0000000000000387 vn="JS/Toolbar.Crossrider.AP aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\js\lib\storageWrapper.js"
sh=BE5E761EC5162E55CA26A3D61D1871850C8D0E46 ft=0 fh=0000000000002103 vn="JS/Toolbar.Crossrider.AF aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\js\lib\updateManager.js"
sh=F7B2040B9EB935D0FFB1571CC0184FED6B7D7583 ft=0 fh=00000000000013e4 vn="JS/Toolbar.Crossrider.G aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\js\lib\util.js"
sh=D88F73897D0415B880A52D98AACBCBA8372956B2 ft=0 fh=0000000000000a8b vn="JS/Toolbar.Crossrider.G aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\js\lib\xhr.js"
sh=A33E167D3828FFAAFE430FBF245650989257C2A1 ft=0 fh=00000000000088f6 vn="JS/Toolbar.Crossrider.E aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\js\background.js"
sh=D7FE306EB39D64F7994917931E25229A5B156640 ft=0 fh=000000000000212b vn="JS/Toolbar.Crossrider.R aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\js\main.js"
sh=4F78B38FE908EEFC69AA8158452A2851CA63FD57 ft=0 fh=0000000000000199 vn="JS/Toolbar.Crossrider.AM aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\akjdheomplehjdgpjenoamnhhkcenlkf\13836.9590.7470_0\js\platformVersion.js"
sh=F39A1D9201D021180B9FC8543783D8CE69054DCE ft=1 fh=000000000037a0d8 vn="Win32/Bundled.Toolbar.Google.E aplicación potencialmente no segura (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\Desktop\TODO\ccsetup317.exe"
sh=8DB51595492609FFF73800174DDBC6363C1DA181 ft=1 fh=00000000000c97e0 vn="una variante de Win32/Toolbar.Iminent.K aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\Desktop\TODO\IminentSetup_2-KFRPtAWP-1_.exe"
sh=43DEA9566CA1D39BBB0AEFB2D766E11209A8BDE7 ft=1 fh=0000000000099398 vn="una variante de Win32/Bundled.Toolbar.Ask.E aplicación potencialmente no segura (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\Documents\APNSetup.exe"
sh=E1278C8803458F2A00F2B63B9B94F863B2246F9F ft=1 fh=0000000000096a20 vn="una variante de Win32/Toolbar.Conduit.AU aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\Pictures\LIBROS ONLINE\ebano.exe"
sh=18C26B11EA71AACAEF251B62D6D5B76579548D60 ft=1 fh=00000000000c9160 vn="Win32/Toolbar.SearchSuite aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\Pictures\LIBROS ONLINE\iLividSetupV1.exe"
sh=23A87415A7314D2EC63F0778DF0FB2537F2E5336 ft=1 fh=000000000005b2b0 vn="Win32/SoftonicDownloader.E aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\gladys\QUARK\SoftonicDownloader_for_quarkxpress.exe"
sh=7A5B168BB2B8C06B2A9134B656BBF195830D21C2 ft=1 fh=0000000000058578 vn="una variante de Win32/PriceGong.A aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\Zoe\AppData\LocalLow\shARES\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll"
sh=83DCF9E95024121ABA4D47E925DBE924B063CCA1 ft=0 fh=000000000007d000 vn="una variante de Win32/Bundled.Toolbar.Ask.M aplicación potencialmente no segura (eliminado)" ac=C fn="C:\Windows\Installer\9bcb8.msi"
sh=55E8009B20CB77445467908F0DCC9A461EC0387B ft=1 fh=00000000000deb88 vn="una variante de Win32/Toolbar.Perion.AF aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\52GTO5BN\SkywalkerSetup[1].exe"
sh=E6EB57D31EBB34333C7946B099CD30A2AF3A4BE0 ft=1 fh=00000000001402a0 vn="una variante de Win32/Toolbar.Perion.A aplicación potencialmente no deseada,una variante de Win64/Toolbar.Perion.A aplicación potencialmente no deseada,una variante de Win32/Toolbar.BitCocktail.B aplicación potencialmente no deseada,una variante de Win32/Toolbar.BitCocktail.A aplicación potencialmente no deseada,Win32/Toolbar.Perion.E aplicación potencialmente no deseada,JS/Toolbar.Perion.B aplicación potencialmente no deseada,una variante de Win32/Toolbar.Perion.J aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VEYLH5N6\update[1]"
sh=CDB613114BB1DF410EC6BB33A7E6345C2D57B679 ft=1 fh=0000000000361b6d vn="una variante de Win32/Toolbar.Perion.H aplicación potencialmente no deseada,una variante de Win64/Toolbar.Perion.D aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SkywalkerSetup4F6V4CGL.exe"
sh=CDB613114BB1DF410EC6BB33A7E6345C2D57B679 ft=1 fh=0000000000361b6d vn="una variante de Win32/Toolbar.Perion.H aplicación potencialmente no deseada,una variante de Win64/Toolbar.Perion.D aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SkywalkerSetup88OAKV9N.exe"
sh=274EBBF799CAA85F9C6BA708F38BCC7F7B399F3F ft=1 fh=00000000003620e5 vn="una variante de Win32/Toolbar.Perion.H aplicación potencialmente no deseada,una variante de Win64/Toolbar.Perion.D aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SkywalkerSetup9KIMDZFU.exe"
sh=CDB613114BB1DF410EC6BB33A7E6345C2D57B679 ft=1 fh=0000000000361b6d vn="una variante de Win32/Toolbar.Perion.H aplicación potencialmente no deseada,una variante de Win64/Toolbar.Perion.D aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SkywalkerSetupR72LQD9W.exe"
sh=CDB613114BB1DF410EC6BB33A7E6345C2D57B679 ft=1 fh=0000000000361b6d vn="una variante de Win32/Toolbar.Perion.H aplicación potencialmente no deseada,una variante de Win64/Toolbar.Perion.D aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SkywalkerSetupV0R4GC1J.exe"
sh=364F658EF5D2156550A6211BD012EF740BE92292 ft=1 fh=000000000034f1b8 vn="una variante de Win32/Toolbar.Perion.H aplicación potencialmente no deseada,una variante de Win64/Toolbar.Perion.D aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SkywalkerSetup[10].exe"
sh=274EBBF799CAA85F9C6BA708F38BCC7F7B399F3F ft=1 fh=00000000003620e5 vn="una variante de Win32/Toolbar.Perion.H aplicación potencialmente no deseada,una variante de Win64/Toolbar.Perion.D aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\trz16BA.tmp"
sh=274EBBF799CAA85F9C6BA708F38BCC7F7B399F3F ft=1 fh=00000000003620e5 vn="una variante de Win32/Toolbar.Perion.H aplicación potencialmente no deseada,una variante de Win64/Toolbar.Perion.D aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\trz208C.tmp"
sh=CDB613114BB1DF410EC6BB33A7E6345C2D57B679 ft=1 fh=0000000000361b6d vn="una variante de Win32/Toolbar.Perion.H aplicación potencialmente no deseada,una variante de Win64/Toolbar.Perion.D aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\trz6C87.tmp"
sh=CDB613114BB1DF410EC6BB33A7E6345C2D57B679 ft=1 fh=0000000000361b6d vn="una variante de Win32/Toolbar.Perion.H aplicación potencialmente no deseada,una variante de Win64/Toolbar.Perion.D aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\trz7BD.tmp"
sh=CDB613114BB1DF410EC6BB33A7E6345C2D57B679 ft=1 fh=0000000000361b6d vn="una variante de Win32/Toolbar.Perion.H aplicación potencialmente no deseada,una variante de Win64/Toolbar.Perion.D aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\trz8304.tmp"
sh=CDB613114BB1DF410EC6BB33A7E6345C2D57B679 ft=1 fh=0000000000361b6d vn="una variante de Win32/Toolbar.Perion.H aplicación potencialmente no deseada,una variante de Win64/Toolbar.Perion.D aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\trzCC91.tmp"
sh=F5E0B85D1080A86A759A30977F3EBE51AF85606E ft=1 fh=00000000003cbf88 vn="una variante de Win64/Toolbar.Perion.D aplicación potencialmente no deseada,una variante de Win32/Toolbar.Perion.G aplicación potencialmente no deseada,Win32/Toolbar.Perion.H aplicación potencialmente no deseada,Win32/Toolbar.Perion.I aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WSSetup[3].exe"
19:24:43 DeleteApiStgFile: C:\Users\gladys\AppData\Local\ESET\ESETOnlineScanner
19:24:43 RecursiveRemoveDirectoryAndAllFiles: C:\Users\gladys\AppData\Local\ESET\ESETOnlineScanner\Char_Cache\
19:24:44 Call m_esets_charon_send
19:24:44 Call m_esets_charon_destroy
19:41:19 # product=EOS
# version=8
# ESETOnlineScanner_ESL.exe=3.1.6.0
# country="Argentina"
# lang=13322

Les dejo el FIRST primero

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-08-2019 02
Ran by gladys (administrator) on GLADYS-NOTE (SAMSUNG ELECTRONICS CO., LTD. R430/R480/R440) (08-08-2019 09:39:11)
Running from C:\Users\gladys\Desktop
Loaded Profiles: gladys &  (Available Profiles: gladys & Zoe)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Windows\System32\Rezip.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Nokia -> Nokia) C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
(Nokia -> Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Nokia -> Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Nokia -> Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1713448 2010-02-26] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink -> CyberLink Corp.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [225672 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [1058512 2018-12-17] (DivX, LLC. -> DivX, LLC)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092347553\...\RunOnce: [SPReview] => "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092546567\...\RunOnce: [SPReview] => "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKU\S-1-5-21-2264253706-1617791975-327108488-1000\...\Run: [] => [X]
HKU\S-1-5-21-2264253706-1617791975-327108488-1000\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-04-19] (Nokia -> Nokia)
HKU\S-1-5-21-2264253706-1617791975-327108488-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2264253706-1617791975-327108488-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Ribbons.scr [220672 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092350724\...\Run: [] => [X]
HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092350724\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-04-19] (Nokia -> Nokia)
HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092350724\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092350724\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Ribbons.scr [220672 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092547265\...\Run: [] => [X]
HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092547265\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-04-19] (Nokia -> Nokia)
HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092547265\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092547265\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Ribbons.scr [220672 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677\...\Run: [swg] => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3883856 2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677\...\Run: [AvastBrowserAutoLaunch_504F43CC02CF1C7F16751311F9D27E8A] => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477\...\Run: [swg] => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3883856 2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477\...\Run: [AvastBrowserAutoLaunch_504F43CC02CF1C7F16751311F9D27E8A] => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKLM\...\Drivers32: [vidc.DIVX] => C:\windows\system32\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.yv12] => C:\windows\system32\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files\AVAST Software\Browser\Application\75.1.1528.100\Installer\chrmstp.exe [2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-15] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2009-10-02] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-10-01]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-2264253706-1617791975-327108488-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092350724\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092547265\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A35AB5C-2085-4805-A50E-D25364D49D9B} - System32\Tasks\DivXUpdate => C:\Program Files\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [68568 2017-08-02] (DivX, LLC -> DivX, LLC)
Task: {15F6BA87-812E-4FCA-B19A-FCDDBE7A17FA} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {15F6BA87-812E-4FCA-B19A-FCDDBE7A17FA} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\windows\system32\GWX\GWXDetector.exe [288768  [2015-09-30]] (Microsoft Windows -> Microsoft Corporation)
Task: {196C7CE8-36DF-4CFF-804E-E92DF3162BE4} - System32\Tasks\{1D8C6E9F-395C-4D44-A01D-06DC3E09992D} => C:\windows\system32\pcalua.exe -a "F:\Adobecs4\Adobe CS4\payloads\AdobeAIR1.0\AdobeAIRInstaller.exe" -d "C:\Program Files\Common Files\Adobe\Installers\b2d6abde968e6f277ddbfd501383e02" -c -silent
Task: {1B95E805-2F0E-4031-A193-EC2D96D9530C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {1BA571F0-A298-4C36-BBA7-C4CE654091D1} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [717312 2009-11-11] (Samsung Electronics Co., Ltd.) [File not signed]
Task: {1DEC4C1E-D206-4D13-A03E-F648B359EAB3} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {1DEC4C1E-D206-4D13-A03E-F648B359EAB3} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\windows\system32\GWX\GWXDetector.exe [288768  [2015-09-30]] (Microsoft Windows -> Microsoft Corporation)
Task: {24005E89-5FFA-43B1-80C1-1BA960EE3645} - System32\Tasks\BatteryLifeExtender => C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [567976 2009-11-18] (Samsung Electronics CO., LTD. -> Samsung Electronics. Co. Ltd.) [File not signed]
Task: {2EA9D221-7386-401B-8855-41082C90AC85} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {33C0B20F-84BD-40B1-AFF1-703DFEF2ED16} - System32\Tasks\{478D288D-D7EE-43D2-8CAB-330DB5C79F4B} => C:\windows\system32\pcalua.exe -a "C:\Users\gladys\Desktop\SetupNokiaMusic (1).exe" -d C:\Users\gladys\Desktop
Task: {35CD941B-16CE-4017-B20C-81C93D818F71} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {3B5D80E0-8FE9-402E-B05E-1E21E0C80E95} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\gladys\A PSICOLOGIA UBA\Downloads\ESETOnlineScanner_ESL.exe [7986200 2019-08-04] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {43758E3B-7B6B-4220-950F-58D37F289D24} - System32\Tasks\avastBCLRestart_chrome.exe => C:\Program Files\Google\Chrome\Application\chrome.exe 
Task: {451E48EF-CF2F-4E6B-BE5D-CDF7E9AC5269} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {48D9D809-A1EA-4B71-BCB0-5D982B669718} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {4D32950C-FE5D-4E84-A786-667D07CB6BBB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {4F66E656-A488-44F1-B703-8C10BEEC8E82} - System32\Tasks\{C067BBDF-4430-4666-96A3-CF6BBC726F8F} => C:\Users\gladys\Desktop\Ares\Ares.exe
Task: {5FDBFEBB-B57B-4CB9-A9F1-B2A5E68A40B1} - System32\Tasks\{CA656F7D-908B-4BC1-A663-6883BA83AD9A} => C:\windows\system32\pcalua.exe -a C:\Users\gladys\Pictures\EBOOK\qxp93_win\QuickTime7.0\QuickTimeInstaller.exe -d C:\Users\gladys\Pictures\EBOOK\qxp93_win\QuickTime7.0
Task: {60307985-7FAC-4862-A036-E6FEE21079D7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {60307985-7FAC-4862-A036-E6FEE21079D7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {60307985-7FAC-4862-A036-E6FEE21079D7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\windows\system32\GWX\GWXDetector.exe [288768  [2015-09-30]] (Microsoft Windows -> Microsoft Corporation)
Task: {61AE4FE1-9640-4AB7-A5BB-7878C6B48CDA} - System32\Tasks\advSRS4 => C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2201192 2010-01-18] (Samsung Electronics CO., LTD. -> SEC) [File not signed]
Task: {63BA5781-FA0E-4F5D-ABFD-2A675CA2FE60} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {692BF630-43A5-48C4-A181-9135DF858F7D} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-21] (AVAST Software s.r.o. -> AVAST Software)
Task: {698F5641-9015-4CE1-8262-D0675DEB50C9} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-09] (Adobe Inc. -> Adobe)
Task: {7F423A2D-F186-4AD2-BB18-2D5B0C431A4D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\windows\system32\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-09] (Adobe Inc. -> Adobe)
Task: {845788B1-FB44-4F28-ADE3-16521A81884E} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\gladys\A PSICOLOGIA UBA\Downloads\ESETOnlineScanner_ESL.exe [7986200 2019-08-04] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {95F7BDBC-90B8-4688-A6F5-102B9F5F68CA} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\system32\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-09] (Adobe Inc. -> Adobe)
Task: {9F06A1FB-8434-45C0-B096-3164CA8C956D} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-21] (AVAST Software s.r.o. -> AVAST Software)
Task: {A42614E7-990C-4BF3-9193-30DAA6776024} - System32\Tasks\Norton Security Scan for gladys => C:\Program Files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [606072 2011-01-14] (Symantec Corporation -> Symantec Corporation)
Task: {A5EFDAA4-A6EE-4169-8FC0-747FBDB466A6} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2385800 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
Task: {CAAA295F-EC4E-4A85-9156-A2BFE5363FB7} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [342016 2009-10-16] (SAMSUNG Electronics co., LTD.) [File not signed]
Task: {D6AA30D1-5F9A-4B72-BDAB-A04E57616214} - System32\Tasks\avastBCLRestartS-1-5-21-2264253706-1617791975-327108488-1000 => C:\Program Files\Google\Chrome\Application\chrome.exe 
Task: {F3868549-8828-466C-961E-D9111FF542FB} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [1693576 2019-07-30] (AVAST Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Norton Security Scan for gladys.job => C:\Program Files\Norton Security Scan\Engine\2.7.3.34\Nss.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1	mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 186.130.128.250 186.130.129.250
Tcpip\..\Interfaces\{50DD5EFD-FA60-494D-8B8D-BC759745A428}: [DhcpNameServer] 186.130.128.250 186.130.129.250
Tcpip\..\Interfaces\{774C0D3B-376D-4EA8-B8CA-09469323D9A3}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2264253706-1617791975-327108488-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092350724\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092547265\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-2264253706-1617791975-327108488-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_es___AR398
SearchScopes: HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092350724 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_es___AR398
SearchScopes: HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092547265 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_es___AR398
SearchScopes: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_es___AR398
SearchScopes: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_es___AR398
SearchScopes: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_es___AR398
SearchScopes: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_es___AR398
BHO: No Name -> {0877c1fc-19c6-4fe2-8e3d-699d8edb2964} -> No File
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-08-01] (Oracle America, Inc. -> Oracle Corporation)
BHO: Aplicación auxiliar de inicio de sesión de Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-08-01] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKU\S-1-5-21-2264253706-1617791975-327108488-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-2264253706-1617791975-327108488-1000 -> No Name - {9C905B42-976E-43C1-BC30-FC5937017909} -  No File
Toolbar: HKU\S-1-5-21-2264253706-1617791975-327108488-1000 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092350724 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092350724 -> No Name - {9C905B42-976E-43C1-BC30-FC5937017909} -  No File
Toolbar: HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092350724 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092547265 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092547265 -> No Name - {9C905B42-976E-43C1-BC30-FC5937017909} -  No File
Toolbar: HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092547265 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677 -> No Name - {9C905B42-976E-43C1-BC30-FC5937017909} -  No File
Toolbar: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477 -> No Name - {9C905B42-976E-43C1-BC30-FC5937017909} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe 

FireFox:
========
FF ProfilePath: C:\Users\gladys\AppData\Roaming\Mozilla\Firefox\Profiles\c20ofsb0.default [2019-08-08]
FF Homepage: Mozilla\Firefox\Profiles\c20ofsb0.default -> hxxps://www.google.com/?bcutc=sp-006
FF NewTab: Mozilla\Firefox\Profiles\c20ofsb0.default -> about:newtab
FF Extension: (Firefox Synchronisation Extension) - C:\Users\gladys\AppData\Roaming\Mozilla\Firefox\Profiles\c20ofsb0.default\Extensions\[email protected] [2013-12-12] [Legacy] [not signed]
FF SearchPlugin: C:\Users\gladys\AppData\Roaming\Mozilla\Firefox\Profiles\c20ofsb0.default\searchplugins\avast-search.xml [2016-11-06]
FF SearchPlugin: C:\Users\gladys\AppData\Roaming\Mozilla\Firefox\Profiles\c20ofsb0.default\searchplugins\google-avast.xml [2018-12-18]
FF SearchPlugin: C:\Users\gladys\AppData\Roaming\Mozilla\Firefox\Profiles\c20ofsb0.default\searchplugins\yahoo-avast.xml [2016-03-15]
FF HKLM\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa => not found
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Ginger\Mozilla\[email protected]
FF Extension: (Ginger - Grammar and Spell Checker) - C:\Program Files\Ginger\Mozilla\[email protected] [2014-03-17] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-09] (Adobe Inc. -> )
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2017-11-21] (DivX, LLC -> DivX, LLC)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google Inc -> Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Users\gladys\Picasa3\npPicasa3.dll [2014-01-06] (Google Inc -> Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\windows\system32\npDeployJava1.dll [2013-08-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-08-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corporation -> Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-04-19] (Nokia ->  )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=1.1.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-01-25] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\.DEFAULT: gingersoftware.com/gingerPlugin -> C:\Program Files\Ginger\GingerServices\GingerServicesProxy.dll [No File]
FF Plugin HKU\S-1-5-21-2264253706-1617791975-327108488-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\gladys\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2012-10-12] (Skype Technologies SA -> Skype Limited)
FF Plugin HKU\S-1-5-21-2264253706-1617791975-327108488-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\gladys\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-01-10] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092350724: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\gladys\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2012-10-12] (Skype Technologies SA -> Skype Limited)
FF Plugin HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092350724: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\gladys\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-01-10] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092547265: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\gladys\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2012-10-12] (Skype Technologies SA -> Skype Limited)
FF Plugin HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092547265: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\gladys\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-01-10] (Unity Technologies ApS -> Unity Technologies ApS)
StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe 
FF ExtraCheck: C:\Program Files\mozilla firefox\firefox.cfg [2013-06-18] <==== ATTENTION

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/?trackid=sp-006
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006"
CHR DefaultSearchURL: Default -> hxxps://www.google.com/search?q={searchTerms}&trackid=sp-006
CHR DefaultSearchKeyword: Default -> google.com.ar
CHR DefaultSuggestURL: Default -> hxxps://www.google.com/complete/search?client=chrome&q={searchTerms}
CHR Profile: C:\Users\gladys\AppData\Local\Google\Chrome\User Data\Default [2019-08-08]
CHR Extension: (Avast Online Security) - C:\Users\gladys\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-10]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\gladys\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\gladys\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-21]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe [819976 2011-08-18] (ABBYY SOLUTIONS LIMITED -> ABBYY)
S3 Adobe Version Cue CS4; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5398416 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-21] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [317280 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-21] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files\AVAST Software\Browser\Application\75.1.1528.100\elevation_service.exe [978720 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5394136 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 Rezip; C:\windows\SYSTEM32\Rezip.exe [311296 2009-03-05] () [File not signed]
S3 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] (CyberLink -> )
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [34720 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [172424 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [220128 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [158240 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\windows\System32\drivers\aswblog.sys [255360 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [51264 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\windows\System32\drivers\aswHdsKe.sys [194680 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [40904 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [138480 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [101200 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [73008 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [783232 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [403408 2019-04-12] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\windows\System32\drivers\aswStm.sys [165464 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [312464 2019-04-17] (AVAST Software s.r.o. -> AVAST Software)
R3 athr; C:\windows\System32\DRIVERS\athr.sys [1245696 2009-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 btusbflt; C:\windows\System32\drivers\btusbflt.sys [43944 2009-07-01] (Broadcom Corporation -> Broadcom Corporation.)
R3 btwaudio; C:\windows\System32\drivers\btwaudio.sys [86056 2009-10-02] (Broadcom Corporation -> Broadcom Corporation.)
R3 btwavdt; C:\windows\System32\drivers\btwavdt.sys [108072 2009-08-29] (Broadcom Corporation -> Broadcom Corporation.)
R3 btwl2cap; C:\windows\System32\DRIVERS\btwl2cap.sys [29472 2009-04-07] (Broadcom Corporation -> Broadcom Corporation.)
R3 btwrchid; C:\windows\System32\DRIVERS\btwrchid.sys [18472 2009-08-29] (Broadcom Corporation -> Broadcom Corporation.)
R1 ESProtectionDriver; C:\windows\system32\drivers\mbae.sys [128552 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\windows\System32\Drivers\MbamChameleon.sys [173512 2019-08-01] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\windows\System32\DRIVERS\farflt.sys [190624 2019-08-08] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\windows\system32\DRIVERS\mbam.sys [64296 2019-08-08] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [241760 2019-08-08] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\windows\System32\DRIVERS\mwac.sys [86768 2019-08-08] (Malwarebytes Corporation -> Malwarebytes)
S3 nmwcd; C:\windows\System32\drivers\ccdcmb.sys [18560 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\windows\System32\drivers\ccdcmbo.sys [23168 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 pccsmcfd; C:\windows\System32\DRIVERS\pccsmcfd.sys [19072 2012-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 RTL8167; C:\windows\System32\DRIVERS\Rt86win7.sys [139776 2009-07-13] (Microsoft Windows -> Realtek Corporation )
R1 SABI; C:\windows\system32\Drivers\SABI.sys [10752 2009-05-28] (Microsoft Windows Hardware Compatibility Publisher -> SAMSUNG ELECTRONICS)
S3 upperdev; C:\windows\System32\DRIVERS\usbser_lowerflt.sys [8192 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 UsbserFilt; C:\windows\System32\DRIVERS\usbser_lowerfltj.sys [8192 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R3 yukonw7; C:\windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] (Microsoft Windows Hardware Compatibility Publisher -> )
S1 SASDIFSV; \??\C:\Users\gladys\Desktop\SASDIFSV.SYS [X]
S1 SASKUTIL; \??\C:\Users\gladys\Desktop\SASKUTIL.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-08 09:35 - 2019-08-08 09:35 - 000000000 ____D C:\Users\gladys\Desktop\FRST-OlderVersion
2019-08-08 09:34 - 2019-08-08 09:35 - 001448448 _____ (Farbar) C:\Users\gladys\Desktop\FRST.exe
2019-08-08 09:23 - 2019-08-08 09:23 - 000064296 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2019-08-08 09:21 - 2019-08-08 09:21 - 000190624 _____ (Malwarebytes) C:\windows\system32\Drivers\farflt.sys
2019-08-08 09:21 - 2019-08-08 09:21 - 000086768 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys
2019-08-08 09:17 - 2019-08-08 09:17 - 000241760 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys
2019-08-04 20:03 - 2019-08-08 09:40 - 000042816 _____ C:\Users\gladys\Desktop\FRST.txt
2019-08-04 19:59 - 2019-08-04 19:59 - 000000679 _____ C:\Users\gladys\Gladys - Acceso directo (2).lnk
2019-08-04 19:56 - 2019-08-08 09:37 - 000000000 ____D C:\FRST
2019-08-04 19:28 - 2019-08-04 19:29 - 000000000 ____D C:\KVRT_Data
2019-08-04 16:27 - 2019-08-04 16:27 - 000001083 _____ C:\Users\gladys\Desktop\ESET Online Scanner.lnk
2019-08-04 16:26 - 2019-08-04 16:26 - 000000000 ____D C:\Users\gladys\AppData\Local\ESET
2019-08-01 10:11 - 2019-08-01 10:13 - 000080836 _____ C:\windows\ntbtlog.txt
2019-07-29 18:35 - 2019-07-29 18:54 - 000000000 ____D C:\Users\gladys\AppData\Roaming\ZHP
2019-07-29 18:35 - 2019-07-29 18:35 - 000000834 _____ C:\Users\gladys\Desktop\ZHPCleaner.lnk
2019-07-29 18:35 - 2019-07-29 18:35 - 000000000 ____D C:\Users\gladys\AppData\Local\ZHP
2019-07-29 18:14 - 2019-07-29 18:18 - 000000000 ____D C:\AdwCleaner
2019-07-29 16:48 - 2019-08-01 10:13 - 000173512 _____ (Malwarebytes) C:\windows\system32\Drivers\MbamChameleon.sys
2019-07-29 16:48 - 2019-07-29 16:48 - 000000000 ____D C:\Users\gladys\AppData\Local\mbamtray
2019-07-29 16:48 - 2019-07-29 16:48 - 000000000 ____D C:\Users\gladys\AppData\Local\mbam
2019-07-29 16:47 - 2019-07-29 16:47 - 000001980 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-07-29 16:47 - 2019-07-29 16:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-29 16:47 - 2019-07-29 16:47 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-07-29 16:47 - 2019-07-29 16:47 - 000000000 ____D C:\Program Files\Malwarebytes
2019-07-29 16:47 - 2019-01-08 16:32 - 000128552 _____ (Malwarebytes) C:\windows\system32\Drivers\mbae.sys
2019-07-29 16:41 - 2019-07-29 16:41 - 003072896 _____ (Nicolas Coolman) C:\Users\gladys\Desktop\ZHPCleaner.exe
2019-07-29 16:39 - 2019-07-29 16:40 - 007623880 _____ (Malwarebytes) C:\Users\gladys\Desktop\adwcleaner_7.4.exe
2019-07-29 16:38 - 2019-07-29 16:38 - 000020769 _____ C:\Users\gladys\Desktop\descarga.htm
2019-07-29 16:35 - 2019-07-29 16:35 - 064756040 _____ (Malwarebytes ) C:\Users\gladys\Desktop\mb3-setup-consumer-3.8.3.2965-1.0.613-1.0.11752.exe
2019-07-16 17:05 - 2019-07-23 10:33 - 000000000 ____D C:\Users\gladys\DOCENCIA

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-08 09:28 - 2009-07-14 01:34 - 000023552 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-08-08 09:28 - 2009-07-14 01:34 - 000023552 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-08-08 09:23 - 2018-03-21 08:30 - 000000000 ____D C:\Users\gladys\AppData\Local\AVAST Software
2019-08-08 09:17 - 2011-01-14 20:26 - 000000476 ____H C:\windows\Tasks\Norton Security Scan for gladys.job
2019-08-08 09:17 - 2009-07-14 01:53 - 000000006 ____H C:\windows\Tasks\SA.DAT
2019-08-07 17:19 - 2019-03-07 19:51 - 000000000 ____D C:\Users\gladys\CASA VIVA
2019-08-07 15:33 - 2018-10-02 12:09 - 000000000 ____D C:\Users\gladys\A A INDESIGN CS4
2019-08-04 19:59 - 2010-10-01 08:59 - 000000000 ____D C:\Users\gladys
2019-08-04 18:13 - 2012-12-09 18:54 - 000000000 ____D C:\Users\gladys\QUARK
2019-08-04 18:04 - 2012-12-27 20:32 - 000000000 ____D C:\Users\gladys\Desktop\TODO
2019-08-03 11:33 - 2013-03-26 10:29 - 001577984 ___SH C:\Users\gladys\Thumbs.db
2019-08-02 10:07 - 2018-11-06 13:19 - 000000000 ____D C:\Users\gladys\ZOE PSICO UBA
2019-08-01 10:12 - 2011-06-05 20:30 - 001464832 ___SH C:\Users\gladys\Desktop\Thumbs.db
2019-07-29 22:57 - 2016-05-12 18:46 - 000000000 ____D C:\Users\gladys\Desktop\TRABAJOS ZOE
2019-07-29 19:24 - 2009-07-13 23:37 - 000000000 ____D C:\windows\inf
2019-07-29 18:19 - 2018-03-25 16:35 - 000000000 ____D C:\Program Files\Lavasoft
2019-07-29 18:19 - 2018-03-25 16:34 - 000000000 ____D C:\ProgramData\Lavasoft
2019-07-29 18:19 - 2010-04-07 05:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2019-07-29 18:19 - 2010-04-07 05:59 - 000000000 ____D C:\Program Files\Samsung
2019-07-29 18:08 - 2010-10-01 09:19 - 000001397 _____ C:\Users\gladys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2019-07-29 18:07 - 2013-08-24 11:31 - 000002134 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-29 17:54 - 2013-06-06 13:31 - 000000000 ____D C:\windows\pss
2019-07-29 16:45 - 2016-01-16 12:45 - 000000000 ____D C:\Users\gladys\AppData\Roaming\uTorrent
2019-07-29 16:33 - 2013-10-11 14:33 - 000000925 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-07-29 16:25 - 2019-03-29 10:53 - 000000000 ____D C:\Users\gladys\AppData\Local\BitTorrentHelper
2019-07-28 15:36 - 2010-04-07 22:39 - 000747986 _____ C:\windows\system32\perfh00A.dat
2019-07-28 15:36 - 2010-04-07 22:39 - 000159426 _____ C:\windows\system32\perfc00A.dat
2019-07-28 15:36 - 2009-07-26 17:06 - 001678290 _____ C:\windows\system32\PerfStringBackup.INI
2019-07-28 15:31 - 2016-12-18 18:33 - 000000000 ____D C:\Users\gladys\A ARTES ESCRITURA
2019-07-28 14:18 - 2019-02-18 19:18 - 000000000 ____D C:\Users\gladys\CUENTOS GLA 2019
2019-07-27 09:58 - 2016-07-07 21:11 - 000000000 ____D C:\Users\gladys\GLADYS CV
2019-07-24 15:46 - 2018-03-21 08:38 - 000002333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-07-24 15:46 - 2018-03-21 08:38 - 000002290 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2019-07-20 10:05 - 2019-05-09 15:08 - 000000000 ____D C:\Users\gladys\SIBILA
2019-07-16 10:54 - 2010-10-01 09:46 - 000000000 ____D C:\Users\gladys\AppData\Roaming\Google
2019-07-11 13:28 - 2017-12-05 16:10 - 000000000 ____D C:\Users\gladys\AppData\LocalLow\Mozilla
2019-07-09 20:46 - 2013-06-06 13:15 - 000842296 _____ (Adobe) C:\windows\system32\FlashPlayerApp.exe
2019-07-09 20:46 - 2013-06-06 13:15 - 000175160 _____ (Adobe) C:\windows\system32\FlashPlayerCPLApp.cpl
2019-07-09 20:46 - 2010-04-07 05:59 - 000000000 ____D C:\windows\system32\Macromed

==================== Files in the root of some directories ================

2014-08-02 12:29 - 2014-08-02 12:29 - 000021288 _____ () C:\Users\gladys\cc_20140802_122925.reg
2013-10-12 16:02 - 2013-10-12 16:02 - 050053120 _____ () C:\Program Files\GUTE37C.tmp
2011-08-18 23:39 - 2015-11-15 16:35 - 000018432 _____ () C:\Users\gladys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-06-17 19:53 - 2011-06-17 19:53 - 000000000 _____ () C:\Users\gladys\AppData\Local\{EF33A113-69D3-42B7-B9DE-C022A33665B9}

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-08-03 11:04
==================== End of FRST.txt ============================

y el otro

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-08-2019 02
Ran by gladys (08-08-2019 09:40:44)
Running from C:\Users\gladys\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2010-10-01 11:59:02)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2264253706-1617791975-327108488-500 - Administrator - Disabled)
gladys (S-1-5-21-2264253706-1617791975-327108488-1000 - Administrator - Enabled) => C:\Users\gladys
HomeGroupUser$ (S-1-5-21-2264253706-1617791975-327108488-1002 - Limited - Enabled)
Invitado (S-1-5-21-2264253706-1617791975-327108488-501 - Limited - Disabled)
Zoe (S-1-5-21-2264253706-1617791975-327108488-1003 - Limited - Enabled) => C:\Users\Zoe

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3GP to MP3 Converter (HKLM\...\3GP to MP3 Converter_is1) (Version:  - Shiver)
ABBYY FineReader 11 (HKLM\...\{F1100000-0008-0000-0001-074957833700}) (Version: 11.0.289 - ABBYY)
Acrobat.com (HKLM\...\{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}) (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.2.443 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Adobe Creative Suite 4 Master Collection (HKLM\...\Adobe_b2d6abde968e6f277ddbfd501383e02) (Version: 4.0 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.223 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Any Media Converter (HKLM\...\Any Media Converter) (Version: 1.14 - Any Media Converter)
Atheros Client Installation Program (HKLM\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.2.1119 - Atheros)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.4.2374 - AVAST Software)
Avast Secure Browser (HKLM\...\Avast Secure Browser) (Version: 75.1.1528.100 - Los creadores de Avast Secure Browser)
Ayudante para el inicio de sesión de Windows Live ID (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
BatteryLifeExtender (HKLM\...\{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}) (Version: 1.0.1 - Samsung)
calibre (HKLM\...\{36E0CAAD-D410-4CA8-9AC0-BBE2691B4A19}) (Version: 0.8.56 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform)
Connect (HKLM\...\{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
CyberLink DVD Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2806 - CyberLink Corp.)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1916 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3108a - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3213 - CyberLink Corp.)
CyberLink PowerDVD 8 (HKLM\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.2815b - CyberLink Corp.)
CyberLink PowerProducer (HKLM\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.1.1812 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3625 - CyberLink Corp.)
DivX Setup (HKLM\...\DivX Setup) (Version: 10.8.7.0 - DivX, LLC)
DivX Setup (HKLM\...\DivX Setup.divx.com) (Version: 2.2.1.2 - DivX, LLC)
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.0 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM\...\{34B76DCB-BF7C-440F-B058-C84172C1E338}) (Version: 4.2.8 - Samsung)
Easy SpeedUp Manager (HKLM\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.6 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM\...\{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}) (Version: 4.0.0.3 - Samsung)
Eazel (HKLM\...\Eazel_is1) (Version:  - SILICOM INTERNET)
Facebook Video Calling 1.2.0.287 (HKLM\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
Farm Frenzy 2 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version:  - Oberon Media)
FileZilla Client 3.9.0.5 (HKLM\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
Galería fotográfica de Windows Live (HKLM\...\{25F6A201-C40C-4669-936D-473877CFEB4C}) (Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Earth Plug-in (HKLM\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Herramienta de carga de Windows Live (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2025 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{CCAFF072-4DDB-4846-963D-15F02A8E9472}) (Version: 13.00.0000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.01.00.1005 - Intel Corporation)
Java 7 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java(TM) 6 Update 26 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216026FF}) (Version: 6.0.260 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (HKLM\...\{E2DFE069-083E-4631-9B6C-43C48E991DE5}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
kuler (HKLM\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Marvell Miniport Driver (HKLM\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell)
Mi Simulador de Ambientes (HKLM\...\{C6E4B77B-5214-4D6F-ABDA-C42C49B11367}) (Version: 1.00.4038 - AkzoNobel)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM\...\{90120000-0016-0C0A-0000-0000000FF1CE}_PROPLUS_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version:  - Microsoft)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM\...\{90120000-001A-0C0A-0000-0000000FF1CE}_PROPLUS_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version:  - Microsoft)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM\...\{90120000-0018-0C0A-0000-0000000FF1CE}_PROPLUS_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version:  - Microsoft)
Microsoft Office PowerPoint Viewer 2007 (Spanish) (HKLM\...\{95120000-00AF-0C0A-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM\...\{90120000-001B-0C0A-0000-0000000FF1CE}_PROPLUS_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version:  - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Works (HKLM\...\{38BB21D5-B0D1-41DA-A0B0-1EFB5EF4AAC2}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 23.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 23.0.1 (x86 en-US)) (Version: 23.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.4.0 - Mozilla)
Mozilla Thunderbird 52.4.0 (x86 es-AR) (HKLM\...\Mozilla Thunderbird 52.4.0 (x86 es-AR)) (Version: 52.4.0 - Mozilla)
MSVC80_x86_v2 (HKLM\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NeoBook 5.8.4 (HKLM\...\{B111977A-E61A-4EA3-9F19-605E69C06D14}_is1) (Version: 5.8.4 - NeoSoft Corp.)
Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM\...\{0C808377-8C23-44ED-9016-05F42E6D4900}) (Version: 3.8.30.0 - Nokia) Hidden
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.8.30.0 - Nokia)
Norton Security Scan (HKLM\...\NSS) (Version: 2.7.3.34 - Symantec Corporation)
Notepad++ (HKLM\...\Notepad++) (Version: 6.3.3 - Notepad++ Team)
OGA Notifier 2.0.0048.0 (HKLM\...\{B2544A03-10D0-4E5E-BA69-0362FFC20D18}) (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OpenOffice.org 3.4 (HKLM\...\{5D3A23FA-06EF-4640-BC24-FFD687BF3D2E}) (Version: 3.4.9590 - OpenOffice.org)
Paquete de compatibilidad para 2007 Office system (HKLM\...\{90120000-0020-0C0A-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Paquete de controladores de Windows - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Reader (HKU\S-1-5-21-2264253706-1617791975-327108488-1000\...\PDF Reader) (Version:  - )
PDF Reader (HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092350724\...\PDF Reader) (Version:  - )
PDF Reader (HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092547265\...\PDF Reader) (Version:  - )
PDF Settings CS4 (HKLM\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (HKLM\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pixel Bender Toolkit (HKLM\...\{43509E18-076E-40FE-AF38-CA5ED400A5A9}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Quark Update (HKLM\...\{82154114-943B-4A6F-9B20-073C9573E93E}) (Version: 1.0.0.2 - Nombre de su organización)
QuarkXPress (HKLM\...\{CE949716-2A5A-40F2-BA31-54CE71B37FE5}) (Version: 9.5.0.1 - Quark Software Inc.)
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6003 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM\...\{0F796312-289C-40CA-856C-9FBCF5E83342}) (Version: 0133.09.1202 - REALTEK Semiconductor Corp.)
Samsung Recovery Solution 4 (HKLM\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung Support Center (HKLM\...\{7ACAF01A-FBF4-41F2-A7C9-991CC5ED1CA9}) (Version: 1.0.8 - Samsung)
Skype™ 7.40 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Stellarium 0.11.4 (HKLM\...\Stellarium_is1) (Version: 0.11.4 - Stellarium team)
Suite Shared Configuration CS4 (HKLM\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.10.0 - Synaptics Incorporated)
Unity Web Player (HKU\S-1-5-21-2264253706-1617791975-327108488-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092350724\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092547265\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
User Guide (HKLM\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.800 - Broadcom Corporation)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (09/11/2009 6.2.0.9407) (HKLM\...\755087041320E005CB1E8A67C5C55A260EB81B90) (Version: 09/11/2009 6.2.0.9407 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{953D4586-9A16-495E-BA1F-EE5AA66604DB}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.70 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092350724_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\gladys\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook, Inc. -> Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092350724_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\gladys\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS -> Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092350724_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\gladys\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook, Inc. -> Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092350724_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\gladys\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Technologies SA -> Skype Limited)
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092350724_Classes\CLSID\{FF5939C9-3A4F-1990-738A-B17D2B34033D}\InprocServer32 -> C:\windows\system32\ole32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092547265_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\gladys\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook, Inc. -> Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092547265_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\gladys\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS -> Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092547265_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\gladys\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook, Inc. -> Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092547265_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\gladys\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Technologies SA -> Skype Limited)
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092547265_Classes\CLSID\{FF5939C9-3A4F-1990-738A-B17D2B34033D}\InprocServer32 -> C:\windows\system32\ole32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\gladys\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook, Inc. -> Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\gladys\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS -> Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\gladys\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook, Inc. -> Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\gladys\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Technologies SA -> Skype Limited)
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1000_Classes\CLSID\{FF5939C9-3A4F-1990-738A-B17D2B34033D}\InprocServer32 -> C:\windows\system32\ole32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> "C:\Users\gladys\AppData\Local\Google\Update\GoogleUpdate.exe" => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Zoe\AppData\Local\Google\Update\1.3.21.99\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\Zoe\AppData\Local\Google\Update\1.3.21.57\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\gladys\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook, Inc. -> Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\Zoe\AppData\Local\Google\Update\1.3.21.69\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\gladys\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\Zoe\AppData\Local\Google\Update\1.2.183.39\goopdate.dll => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\gladys\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Zoe\AppData\Local\Google\Update\1.3.21.79\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\gladys\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> "C:\Users\gladys\AppData\Local\Google\Chrome\Application\22.0.1201.0\delegate_execute.exe" => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Zoe\AppData\Local\Facebook\Update\1.2.203.0\goopdate.dll => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Zoe\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Zoe\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Zoe\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\Zoe\AppData\Local\Google\Update\1.3.21.65\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\gladys\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Zoe\AppData\Local\Google\Update\1.3.21.79\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Zoe\AppData\Local\Google\Update\1.3.21.111\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677_Classes\CLSID\{FF5939C9-3A4F-1990-738A-B17D2B34033D}\InprocServer32 -> C:\windows\system32\ole32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> "C:\Users\gladys\AppData\Local\Google\Update\GoogleUpdate.exe" => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Zoe\AppData\Local\Google\Update\1.3.21.99\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\Zoe\AppData\Local\Google\Update\1.3.21.57\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\gladys\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook, Inc. -> Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\Zoe\AppData\Local\Google\Update\1.3.21.69\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\gladys\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\Zoe\AppData\Local\Google\Update\1.2.183.39\goopdate.dll => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\gladys\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Zoe\AppData\Local\Google\Update\1.3.21.79\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\gladys\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> "C:\Users\gladys\AppData\Local\Google\Chrome\Application\22.0.1201.0\delegate_execute.exe" => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Zoe\AppData\Local\Facebook\Update\1.2.203.0\goopdate.dll => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Zoe\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Zoe\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Zoe\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\Zoe\AppData\Local\Google\Update\1.3.21.65\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\gladys\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Zoe\AppData\Local\Google\Update\1.3.21.79\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Zoe\AppData\Local\Google\Update\1.3.21.111\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477_Classes\CLSID\{FF5939C9-3A4F-1990-738A-B17D2B34033D}\InprocServer32 -> C:\windows\system32\ole32.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> [CC]{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} =>  -> No File
ContextMenuHandlers1: [ANotepad++] -> {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593} => C:\Program Files\Notepad++\NppShell_05.dll [2012-06-18] () [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DivXShellExtensionItem] -> {48A8A3B0-57E8-4F2B-A49D-19E02B92377B} => C:\Program Files\Common Files\DivX Shared\DivXShellExtension.dll [2018-10-08] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers1: [DivXShellExtensionItem64] -> {6B49A276-0DBA-43F4-BC96-A841AD11B40B} => C:\Program Files\Common Files\DivX Shared\DivXShellExtension.dll [2018-10-08] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers1: [FineReader11ContextMenu] -> {79E48320-C6B5-49F1-992B-571D53586885} => C:\Program Files\ABBYY FineReader 11\FRIntegration.dll [2011-08-19] (ABBYY SOLUTIONS LIMITED -> ABBYY.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [ZIPProcessor] -> {E5C972BD-3890-4427-ABEA-A2AD8D88E7A6} => C:\Program Files\Eazel\ZPShellExt.dll -> No File
ContextMenuHandlers2: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> [CC]{C95FFEAE-A32E-4122-A5C4-49B5BFB69795} =>  -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> [CC]{C95FFEAE-A32E-4122-A5C4-49B5BFB69795} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [ZIPProcessor] -> {E5C972BD-3890-4427-ABEA-A2AD8D88E7A6} => C:\Program Files\Eazel\ZPShellExt.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2010-08-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> [CC]{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} =>  -> No File
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [FineReader11ContextMenu] -> {79E48320-C6B5-49F1-992B-571D53586885} => C:\Program Files\ABBYY FineReader 11\FRIntegration.dll [2011-08-19] (ABBYY SOLUTIONS LIMITED -> ABBYY.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [ZIPProcessor] -> {E5C972BD-3890-4427-ABEA-A2AD8D88E7A6} => C:\Program Files\Eazel\ZPShellExt.dll -> No File

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2014-09-06 13:44 - 2014-09-06 13:44 - 000035328 _____ () [File not signed] C:\Program Files\FileZilla FTP Client\fzshellext.dll
2014-05-24 13:41 - 2014-05-24 13:41 - 000091648 _____ () [File not signed] C:\Program Files\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 13:41 - 2014-05-24 13:41 - 000892416 _____ () [File not signed] C:\Program Files\FileZilla FTP Client\libstdc++-6.dll
2012-06-18 12:24 - 2012-06-18 12:24 - 000260096 _____ () [File not signed] C:\Program Files\Notepad++\NppShell_05.dll
2010-04-07 05:57 - 2009-03-05 06:54 - 000311296 _____ () [File not signed] C:\windows\SYSTEM32\Rezip.exe
2008-08-14 07:15 - 2008-08-14 07:15 - 000276992 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files\Common Files\Adobe\Adobe Drive CS4\BIB.dll
2008-09-04 03:02 - 2008-09-04 03:02 - 000131072 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files\Common Files\Adobe\Shell\CS4\idicon.dll
2010-04-07 05:53 - 2009-09-30 23:48 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2013-04-15 13:26 - 2013-04-15 13:26 - 000599552 _____ (Igor Pavlov) [File not signed] C:\Program Files\Nokia\Nokia Suite\7z.DLL
2010-04-07 05:53 - 2009-09-30 23:48 - 000077824 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\DTMessageLib.dll
2010-04-07 05:53 - 2009-09-30 23:45 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2011-06-15 22:05 - 2011-06-15 22:05 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2011-06-15 22:05 - 2011-06-15 22:05 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
2011-06-15 22:05 - 2011-06-15 22:05 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2014-05-24 13:41 - 2014-05-24 13:41 - 000047616 _____ (MingW-W64 Project. All rights reserved.) [File not signed] C:\Program Files\FileZilla FTP Client\libwinpthread-1.dll
2013-04-15 13:24 - 2013-04-15 13:24 - 001106944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Nokia\Nokia Suite\libeay32.DLL

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720 [144]
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54 [248]
AlternateDataStreams: C:\ProgramData\Temp:A42A9F39 [276]
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE [250]
AlternateDataStreams: C:\ProgramData\Temp:DA868A70 [306]
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D [140]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:04 - 2019-03-27 12:59 - 000000878 _____ C:\windows\system32\drivers\etc\hosts

0.0.0.1	mssplus.mcafee.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\Calibre2\;C:\Program Files\Skype\Phone\
HKU\S-1-5-21-2264253706-1617791975-327108488-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\gladys\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092350724\Control Panel\Desktop\\Wallpaper -> C:\Users\gladys\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092547265\Control Panel\Desktop\\Wallpaper -> C:\Users\gladys\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677\Control Panel\Desktop\\Wallpaper -> C:\Users\Zoe\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477\Control Panel\Desktop\\Wallpaper -> C:\Users\Zoe\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 186.130.128.250 - 186.130.129.250
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeBridge => 
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Adobe_ID0ENQBO => C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: CLMLServer => "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: Google+ Auto Backup => "C:\Users\gladys\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DDA84CF4-E8DF-4F6F-BC35-54FF45582D2A}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{BB401A9A-BFA0-4AB0-8621-ED4DEA9B892C}] => (Allow) C:\Program Files\CyberLink\PowerDVD8\PowerDVD8.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{CFD25BB0-EFE6-47E6-BF10-86F1B321971B}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{58A3E882-725A-442F-969F-D0F817105E71}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{97645CFF-EA24-46B0-80F3-8127667C1500}] => (Allow) svchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{26B88C01-C945-4A36-B97E-5C90ED0E4EBA}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{61D46095-B375-4BD3-AC47-E241DD0C20B8}] => (Allow) C:\Program Files\Download Guru\Download Guru.exe () [File not signed]
FirewallRules: [{C234E199-A46C-4C9E-947F-D8E0D479978C}] => (Allow) C:\Program Files\Download Guru\Download Guru.exe () [File not signed]
FirewallRules: [{77976C87-B4BF-462D-9CDE-BB0E9C4D9B88}] => (Allow) C:\Windows\System32\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7F2492CB-2824-4805-B2CF-164A4CF9E38A}] => (Allow) C:\Windows\System32\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E9B2249D-0652-4BCA-BA6D-B0EE51AC2189}] => (Allow) C:\Users\gladys\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Technologies SA -> Skype Limited)
FirewallRules: [TCP Query User{F05B9587-7EFB-45F8-B377-01FB9CD00ED0}C:\users\gladys\desktop\programas y antivirus\ares\ares.exe] => (Block) C:\users\gladys\desktop\programas y antivirus\ares\ares.exe No File
FirewallRules: [UDP Query User{CC408DAE-37A8-46D0-B5C0-1135737BB1F2}C:\users\gladys\desktop\programas y antivirus\ares\ares.exe] => (Block) C:\users\gladys\desktop\programas y antivirus\ares\ares.exe No File
FirewallRules: [{0A83174C-5FA8-4339-BFE2-435B46B68B70}] => (Allow) C:\Program Files\GoforFiles\goforfilesdl.exe No File
FirewallRules: [{D5ACABB2-CDF8-4DA8-A6D3-D98FE0BF90D4}] => (Allow) C:\Program Files\GoforFiles\goforfilesdl.exe No File
FirewallRules: [{266CBDC4-1EB3-42F4-B2C8-47CAF7E5404F}] => (Allow) C:\Program Files\GoforFiles\GoforFiles.exe No File
FirewallRules: [{35E93612-1EC8-48B0-81C4-61CC460E0E3C}] => (Allow) C:\Program Files\GoforFiles\GoforFiles.exe No File
FirewallRules: [{32F6714A-E549-4EE9-81D8-D1B0211F1791}] => (Allow) C:\Program Files\nokia\nokia suite\nokiasuite.exe (Nokia -> Nokia)
FirewallRules: [{F05D05DA-17FD-4942-8131-DF084D253661}] => (Allow) LPort=5353
FirewallRules: [{042BF2A8-8C28-4654-BB00-BF86030E9654}] => (Allow) C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{0E41DE90-BD86-42F1-ABD0-24E1D376A76D}] => (Allow) C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{F1F385C4-CDBB-4C18-95D6-227E3B943FFB}] => (Allow) LPort=3703
FirewallRules: [{89023188-CEF9-4412-BBDA-F84134B5F7AE}] => (Allow) LPort=3704
FirewallRules: [{0D03A718-5C30-49CB-9A86-A5145C3A1735}] => (Allow) LPort=51000
FirewallRules: [{E4B215E0-40FC-40B7-8A62-87C8FFDF0135}] => (Allow) LPort=51001
FirewallRules: [{A8CC1F70-AF1F-4122-AB2B-80BF11FC1F5D}] => (Allow) C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{1CF665ED-BD63-4FE4-9BD8-DA90F45DE94C}] => (Allow) C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{136FD2B4-6CBE-470C-A7D1-90692038A417}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{21360DC8-5097-4249-A5B5-83FDD61F7C12}C:\users\gladys\desktop\programas y antivirus\ares\ares.exe] => (Allow) C:\users\gladys\desktop\programas y antivirus\ares\ares.exe No File
FirewallRules: [UDP Query User{FF123547-31B7-4ADD-A5B4-7465F6AC026C}C:\users\gladys\desktop\programas y antivirus\ares\ares.exe] => (Allow) C:\users\gladys\desktop\programas y antivirus\ares\ares.exe No File
FirewallRules: [{CB08F4CA-21DE-4F10-BE5F-9D5909046566}] => (Allow) C:\Program Files\nokia\nokia suite\nokiasuite.exe (Nokia -> Nokia)
FirewallRules: [{CC3D80E0-4C5B-4612-9F6F-1C996FB7D8E2}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{31E67AD0-D925-4B82-8448-07C899D58835}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe No File
FirewallRules: [UDP Query User{DBB4B610-CB87-4B3D-B1A3-567F87318AF7}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe No File
FirewallRules: [TCP Query User{6AFF188B-8373-40A2-82C2-A38DB349375A}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe No File
FirewallRules: [UDP Query User{81A3774E-42A1-48C2-90C7-441F94C9591B}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe No File
FirewallRules: [TCP Query User{EB0F1884-F45F-4570-9AE1-B59A8D51CF00}C:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe] => (Block) C:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [UDP Query User{B1D2D469-BC5C-4B0B-8AAA-E974E6FA1D34}C:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe] => (Block) C:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{439C257B-03EE-4101-9192-39659BBE8A38}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe No File
FirewallRules: [{60EDC12D-A059-43EA-BFD5-63E65168AB52}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe No File
FirewallRules: [{EC6B3EF7-0B85-4620-ADD0-DD89FA2313B4}] => (Allow) C:\Users\gladys\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{05709F4C-BA0A-4E9B-A9F3-7B164F2E786C}] => (Allow) C:\Users\gladys\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{B8496F9F-FD7D-4C55-AAE6-9CD7617DFB73}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{7985ACCB-57BF-4AF2-9B6D-890014A9D7EE}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{0E57EBE1-9D56-4BB8-9792-68A7AC44A27A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C7E89528-234E-4D49-91A3-2D7461B5CC39}] => (Allow) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

22-05-2019 15:47:57 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
30-05-2019 20:37:03 Punto de control programado
11-06-2019 10:44:45 Punto de control programado
21-06-2019 16:28:34 Punto de control programado
30-06-2019 14:05:52 Punto de control programado
09-07-2019 13:39:50 Punto de control programado
16-07-2019 14:16:21 Punto de control programado
24-07-2019 19:32:11 Punto de control programado
29-07-2019 18:51:19 ZHPcleaner

==================== Faulty Device Manager Devices =============

Name: SASDIFSV
Description: SASDIFSV
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: SASDIFSV
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: SASKUTIL
Description: SASKUTIL
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: SASKUTIL
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de tunelización Teredo de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/08/2019 09:37:04 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (08/08/2019 12:36:02 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (08/07/2019 11:36:02 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (08/07/2019 10:36:03 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (08/07/2019 09:36:02 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (08/07/2019 08:36:03 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (08/07/2019 07:36:03 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (08/07/2019 06:36:05 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.


System errors:
=============
Error: (08/08/2019 09:17:27 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
SASDIFSV
SASKUTIL

Error: (08/07/2019 10:02:17 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
SASDIFSV
SASKUTIL

Error: (08/06/2019 10:42:05 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
SASDIFSV
SASKUTIL

Error: (08/06/2019 03:39:12 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Windows Update no respondió después de iniciar.

Error: (08/06/2019 03:34:26 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
SASDIFSV
SASKUTIL

Error: (08/06/2019 01:28:12 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Windows Update no respondió después de iniciar.

Error: (08/06/2019 01:23:11 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
SASDIFSV
SASKUTIL

Error: (08/06/2019 01:22:41 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: El cierre anterior del sistema a las 01:45:54 a.m. del ‎06/‎08/‎2019 resultó inesperado.


Windows Defender:
===================================
Date: 2017-05-22 14:08:03.012
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/OmigaPlus!blnk&threatid=221912
Nombre:BrowserModifier:Win32/OmigaPlus!blnk
Id.:221912
Gravedad:Alta
Categoría:Modificador de explorador
Ruta de acceso encontrada:containerfile:C:\Users\gladys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk;file:C:\Users\gladys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk->[CMDEmbedded]
Tipo de detección:Concreto
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\Servicio de red
Nombre de proceso:c:\program files\windows defender\MpCmdRun.exe

Date: 2017-05-22 14:08:03.010
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/OmigaPlus!blnk&threatid=221912
Nombre:BrowserModifier:Win32/OmigaPlus!blnk
Id.:221912
Gravedad:Alta
Categoría:Modificador de explorador
Ruta de acceso encontrada:containerfile:C:\Users\gladys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk;file:C:\Users\gladys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk->[CMDEmbedded]
Tipo de detección:Concreto
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\Servicio de red
Nombre de proceso:c:\program files\windows defender\MpCmdRun.exe

Date: 2015-09-09 13:33:28.657
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{EBA13496-6311-4040-9D7A-F12A8CD24E77}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

Date: 2014-03-29 13:53:24.921
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{EA6E7379-0792-422E-917B-869F3096FFB1}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

CodeIntegrity:
===================================

Date: 2017-08-15 15:18:13.582
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-08-15 15:18:13.364
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-08-15 07:35:20.254
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-08-15 07:35:20.192
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-08-14 08:35:30.300
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-08-14 08:35:30.237
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-08-13 18:00:47.190
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-08-13 18:00:47.112
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

==================== Memory info =========================== 

BIOS: Phoenix Technologies Ltd. 04UZ.M003.20100327.XW 03/27/2010
Motherboard: SAMSUNG ELECTRONICS CO., LTD. R430/R480/R440
Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 75%
Total physical RAM: 2932.55 MB
Available physical RAM: 728.71 MB
Total Virtual: 5863.41 MB
Available Virtual: 3225.64 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:141.49 GB) (Free:14.39 GB) NTFS
Drive d: () (Fixed) (Total:141.5 GB) (Free:123.71 GB) NTFS

\\?\Volume{438a7ad1-42a8-11df-862a-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS
\\?\Volume{438a7ad0-42a8-11df-862a-806e6f6e6963}\ (RECOVERY) (Fixed) (Total:15 GB) (Free:3.31 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 1096B93F)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=141.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=141.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

y acá vá el Fix. Muchas muchas gracias!!!

Fix result of Farbar Recovery Scan Tool (x86) Version: 07-08-2019 02
Ran by gladys (08-08-2019 09:50:46) Run:1
Running from C:\Users\gladys\Desktop
Loaded Profiles: gladys &  (Available Profiles: gladys & Zoe)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-2264253706-1617791975-327108488-1000\...\Run: [] => [X]
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKLM\...\Drivers32: [vidc.DIVX] => C:\windows\system32\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.yv12] => C:\windows\system32\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-2264253706-1617791975-327108488-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {0A35AB5C-2085-4805-A50E-D25364D49D9B} - System32\Tasks\DivXUpdate => C:\Program Files\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [68568 2017-08-02] (DivX, LLC -> DivX, LLC)
Task: {15F6BA87-812E-4FCA-B19A-FCDDBE7A17FA} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {15F6BA87-812E-4FCA-B19A-FCDDBE7A17FA} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\windows\system32\GWX\GWXDetector.exe [288768  [2015-09-30]] (Microsoft Windows -> Microsoft Corporation)
Task: {196C7CE8-36DF-4CFF-804E-E92DF3162BE4} - System32\Tasks\{1D8C6E9F-395C-4D44-A01D-06DC3E09992D} => C:\windows\system32\pcalua.exe -a "F:\Adobecs4\Adobe CS4\payloads\AdobeAIR1.0\AdobeAIRInstaller.exe" -d "C:\Program Files\Common Files\Adobe\Installers\b2d6abde968e6f277ddbfd501383e02" -c -silent
Task: {1DEC4C1E-D206-4D13-A03E-F648B359EAB3} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {1DEC4C1E-D206-4D13-A03E-F648B359EAB3} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\windows\system32\GWX\GWXDetector.exe [288768  [2015-09-30]] (Microsoft Windows -> Microsoft Corporation)
Task: {33C0B20F-84BD-40B1-AFF1-703DFEF2ED16} - System32\Tasks\{478D288D-D7EE-43D2-8CAB-330DB5C79F4B} => C:\windows\system32\pcalua.exe -a "C:\Users\gladys\Desktop\SetupNokiaMusic (1).exe" -d C:\Users\gladys\Desktop
Task: {3B5D80E0-8FE9-402E-B05E-1E21E0C80E95} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\gladys\A PSICOLOGIA UBA\Downloads\ESETOnlineScanner_ESL.exe [7986200 2019-08-04] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {5FDBFEBB-B57B-4CB9-A9F1-B2A5E68A40B1} - System32\Tasks\{CA656F7D-908B-4BC1-A663-6883BA83AD9A} => C:\windows\system32\pcalua.exe -a C:\Users\gladys\Pictures\EBOOK\qxp93_win\QuickTime7.0\QuickTimeInstaller.exe -d C:\Users\gladys\Pictures\EBOOK\qxp93_win\QuickTime7.0
Task: {845788B1-FB44-4F28-ADE3-16521A81884E} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\gladys\A PSICOLOGIA UBA\Downloads\ESETOnlineScanner_ESL.exe [7986200 2019-08-04] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {F71AEE59-8304-40A9-802E-A760E533219F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {F71AEE59-8304-40A9-802E-A760E533219F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {F71AEE59-8304-40A9-802E-A760E533219F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\windows\system32\GWX\GWXDetector.exe [288768  [2015-09-30]] (Microsoft Windows -> Microsoft Corporation)
Hosts: 0.0.0.1	mssplus.mcafee.com
HKU\S-1-5-21-2264253706-1617791975-327108488-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-2264253706-1617791975-327108488-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_es___AR398
BHO: No Name -> {0877c1fc-19c6-4fe2-8e3d-699d8edb2964} -> No File
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
Toolbar: HKU\S-1-5-21-2264253706-1617791975-327108488-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-2264253706-1617791975-327108488-1000 -> No Name - {9C905B42-976E-43C1-BC30-FC5937017909} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
FF HKLM\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa => not found
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2017-11-21] (DivX, LLC -> DivX, LLC)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin HKU\.DEFAULT: gingersoftware.com/gingerPlugin -> C:\Program Files\Ginger\GingerServices\GingerServicesProxy.dll [No File]
FF ExtraCheck: C:\Program Files\mozilla firefox\firefox.cfg [2013-06-18] <==== ATTENTION
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
S1 SASDIFSV; \??\C:\Users\gladys\Desktop\SASDIFSV.SYS [X]
S1 SASKUTIL; \??\C:\Users\gladys\Desktop\SASKUTIL.SYS [X]
2019-07-29 18:19 - 2018-03-25 16:35 - 000000000 ____D C:\Program Files\Lavasoft
2019-07-29 18:19 - 2018-03-25 16:34 - 000000000 ____D C:\ProgramData\Lavasoft
2013-10-12 16:02 - 2013-10-12 16:02 - 050053120 _____ () C:\Program Files\GUTE37C.tmp
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> [CC]{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} =>  -> No File
ContextMenuHandlers3: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> [CC]{C95FFEAE-A32E-4122-A5C4-49B5BFB69795} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers4: [ZIPProcessor] -> {E5C972BD-3890-4427-ABEA-A2AD8D88E7A6} => C:\Program Files\Eazel\ZPShellExt.dll -> No File
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> [CC]{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [144]
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54 [248]
AlternateDataStreams: C:\ProgramData\Temp:A42A9F39 [276]
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE [250]
AlternateDataStreams: C:\ProgramData\Temp:DA868A70 [306]
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D [140]
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
FirewallRules: [TCP Query User{F05B9587-7EFB-45F8-B377-01FB9CD00ED0}C:\users\gladys\desktop\programas y antivirus\ares\ares.exe] => (Block) C:\users\gladys\desktop\programas y antivirus\ares\ares.exe No File
FirewallRules: [UDP Query User{CC408DAE-37A8-46D0-B5C0-1135737BB1F2}C:\users\gladys\desktop\programas y antivirus\ares\ares.exe] => (Block) C:\users\gladys\desktop\programas y antivirus\ares\ares.exe No File
FirewallRules: [{0A83174C-5FA8-4339-BFE2-435B46B68B70}] => (Allow) C:\Program Files\GoforFiles\goforfilesdl.exe No File
FirewallRules: [{D5ACABB2-CDF8-4DA8-A6D3-D98FE0BF90D4}] => (Allow) C:\Program Files\GoforFiles\goforfilesdl.exe No File
FirewallRules: [{266CBDC4-1EB3-42F4-B2C8-47CAF7E5404F}] => (Allow) C:\Program Files\GoforFiles\GoforFiles.exe No File
FirewallRules: [{35E93612-1EC8-48B0-81C4-61CC460E0E3C}] => (Allow) C:\Program Files\GoforFiles\GoforFiles.exe No File
FirewallRules: [TCP Query User{21360DC8-5097-4249-A5B5-83FDD61F7C12}C:\users\gladys\desktop\programas y antivirus\ares\ares.exe] => (Allow) C:\users\gladys\desktop\programas y antivirus\ares\ares.exe No File
FirewallRules: [UDP Query User{FF123547-31B7-4ADD-A5B4-7465F6AC026C}C:\users\gladys\desktop\programas y antivirus\ares\ares.exe] => (Allow) C:\users\gladys\desktop\programas y antivirus\ares\ares.exe No File
FirewallRules: [TCP Query User{31E67AD0-D925-4B82-8448-07C899D58835}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe No File
FirewallRules: [UDP Query User{DBB4B610-CB87-4B3D-B1A3-567F87318AF7}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe No File
FirewallRules: [TCP Query User{6AFF188B-8373-40A2-82C2-A38DB349375A}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe No File
FirewallRules: [UDP Query User{81A3774E-42A1-48C2-90C7-441F94C9591B}C:\program files\ares\ares.exe] => (Block) C:\program files\ares\ares.exe No File
FirewallRules: [{439C257B-03EE-4101-9192-39659BBE8A38}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe No File
FirewallRules: [{60EDC12D-A059-43EA-BFD5-63E65168AB52}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe No File

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully.
"HKU\S-1-5-21-2264253706-1617791975-327108488-1000\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully.
"HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SPReview" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\vidc.DIVX" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\vidc.yv12" => removed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
HKU\S-1-5-21-2264253706-1617791975-327108488-1000\SOFTWARE\Policies\Google => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0A35AB5C-2085-4805-A50E-D25364D49D9B}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A35AB5C-2085-4805-A50E-D25364D49D9B}" => removed successfully.
C:\Windows\System32\Tasks\DivXUpdate => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DivXUpdate" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{15F6BA87-812E-4FCA-B19A-FCDDBE7A17FA}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15F6BA87-812E-4FCA-B19A-FCDDBE7A17FA}" => removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15F6BA87-812E-4FCA-B19A-FCDDBE7A17FA} => not found
"C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{196C7CE8-36DF-4CFF-804E-E92DF3162BE4}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{196C7CE8-36DF-4CFF-804E-E92DF3162BE4}" => removed successfully.
C:\Windows\System32\Tasks\{1D8C6E9F-395C-4D44-A01D-06DC3E09992D} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1D8C6E9F-395C-4D44-A01D-06DC3E09992D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1DEC4C1E-D206-4D13-A03E-F648B359EAB3}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1DEC4C1E-D206-4D13-A03E-F648B359EAB3}" => removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1DEC4C1E-D206-4D13-A03E-F648B359EAB3} => not found
"C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{33C0B20F-84BD-40B1-AFF1-703DFEF2ED16}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33C0B20F-84BD-40B1-AFF1-703DFEF2ED16}" => removed successfully.
C:\Windows\System32\Tasks\{478D288D-D7EE-43D2-8CAB-330DB5C79F4B} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{478D288D-D7EE-43D2-8CAB-330DB5C79F4B}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3B5D80E0-8FE9-402E-B05E-1E21E0C80E95}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B5D80E0-8FE9-402E-B05E-1E21E0C80E95}" => removed successfully.
C:\Windows\System32\Tasks\EOSv3 Scheduler onTime => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onTime" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5FDBFEBB-B57B-4CB9-A9F1-B2A5E68A40B1}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FDBFEBB-B57B-4CB9-A9F1-B2A5E68A40B1}" => removed successfully.
C:\Windows\System32\Tasks\{CA656F7D-908B-4BC1-A663-6883BA83AD9A} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CA656F7D-908B-4BC1-A663-6883BA83AD9A}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{845788B1-FB44-4F28-ADE3-16521A81884E}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{845788B1-FB44-4F28-ADE3-16521A81884E}" => removed successfully.
C:\Windows\System32\Tasks\EOSv3 Scheduler onLogOn => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onLogOn" => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F71AEE59-8304-40A9-802E-A760E533219F} => not found
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F71AEE59-8304-40A9-802E-A760E533219F} => not found
"C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F71AEE59-8304-40A9-802E-A760E533219F} => not found
"C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
HKU\S-1-5-21-2264253706-1617791975-327108488-1000\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => removed successfully.
HKLM\Software\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => not found
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => removed successfully.
HKLM\Software\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => not found
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => removed successfully.
HKLM\Software\Classes\CLSID\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => not found
HKU\S-1-5-21-2264253706-1617791975-327108488-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => removed successfully.
HKLM\Software\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0877c1fc-19c6-4fe2-8e3d-699d8edb2964} => removed successfully.
HKLM\Software\Classes\CLSID\{0877c1fc-19c6-4fe2-8e3d-699d8edb2964} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} => removed successfully.
HKLM\Software\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => not found
"HKU\S-1-5-21-2264253706-1617791975-327108488-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully.
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => not found
"HKU\S-1-5-21-2264253706-1617791975-327108488-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{9C905B42-976E-43C1-BC30-FC5937017909}" => removed successfully.
HKLM\Software\Classes\CLSID\{9C905B42-976E-43C1-BC30-FC5937017909} => not found
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93} => removed successfully.
HKLM\Software\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93} => removed successfully.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} => removed successfully.
HKLM\Software\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} => removed successfully.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} => removed successfully.
HKLM\Software\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} => removed successfully.
"HKLM\Software\Mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}" => removed successfully.
"HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2017-11-21] (DivX, LLC" => not found
C:\Program Files\DivX\DivX Web Player\npdivx32.dll => moved successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully.
HKU\.DEFAULT\Software\MozillaPlugins\gingersoftware.com/gingerPlugin => removed successfully.
"C:\Program Files\Ginger\GingerServices\GingerServicesProxy.dll" => not found
C:\Program Files\mozilla firefox\firefox.cfg => moved successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => removed successfully.
HKLM\System\CurrentControlSet\Services\SASDIFSV => removed successfully.
SASDIFSV => service removed successfully.
HKLM\System\CurrentControlSet\Services\SASKUTIL => removed successfully.
SASKUTIL => service removed successfully.
C:\Program Files\Lavasoft => moved successfully
C:\ProgramData\Lavasoft => moved successfully
C:\Program Files\GUTE37C.tmp => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Adobe.Acrobat.ContextMenu => removed successfully.
HKLM\Software\Classes\CLSID\[CC]{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => removed successfully.
HKLM\Software\Classes\CLSID\[CC]{C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully.
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ZIPProcessor => removed successfully.
HKLM\Software\Classes\CLSID\{E5C972BD-3890-4427-ABEA-A2AD8D88E7A6} => removed successfully.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Adobe.Acrobat.ContextMenu => removed successfully.
HKLM\Software\Classes\CLSID\[CC]{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully.
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => not found
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
C:\ProgramData\Temp => ":373E1720" ADS removed successfully.
C:\ProgramData\Temp => ":4CF61E54" ADS removed successfully.
C:\ProgramData\Temp => ":A42A9F39" ADS removed successfully.
C:\ProgramData\Temp => ":ABE89FFE" ADS removed successfully.
C:\ProgramData\Temp => ":DA868A70" ADS removed successfully.
C:\ProgramData\Temp => ":E1F04E8D" ADS removed successfully.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => removed successfully.
C:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F05B9587-7EFB-45F8-B377-01FB9CD00ED0}C:\users\gladys\desktop\programas y antivirus\ares\ares.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CC408DAE-37A8-46D0-B5C0-1135737BB1F2}C:\users\gladys\desktop\programas y antivirus\ares\ares.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0A83174C-5FA8-4339-BFE2-435B46B68B70}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D5ACABB2-CDF8-4DA8-A6D3-D98FE0BF90D4}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{266CBDC4-1EB3-42F4-B2C8-47CAF7E5404F}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{35E93612-1EC8-48B0-81C4-61CC460E0E3C}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{21360DC8-5097-4249-A5B5-83FDD61F7C12}C:\users\gladys\desktop\programas y antivirus\ares\ares.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FF123547-31B7-4ADD-A5B4-7465F6AC026C}C:\users\gladys\desktop\programas y antivirus\ares\ares.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{31E67AD0-D925-4B82-8448-07C899D58835}C:\program files\ares\ares.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DBB4B610-CB87-4B3D-B1A3-567F87318AF7}C:\program files\ares\ares.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6AFF188B-8373-40A2-82C2-A38DB349375A}C:\program files\ares\ares.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{81A3774E-42A1-48C2-90C7-441F94C9591B}C:\program files\ares\ares.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{439C257B-03EE-4101-9192-39659BBE8A38}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{60EDC12D-A059-43EA-BFD5-63E65168AB52}" => removed successfully.

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de red Bluetooth 3 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local mientras los medios
est‚n desconectados.

Adaptador de Ethernet Conexi¢n de red Bluetooth 3:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Direcci¢n IPv6 . . . . . . . . . . : 2802:8000:64a1:5e00:192c:b844:f43a:3233
   Direcci¢n IPv6 temporal. . . . . . : 2802:8000:64a1:5e00:19b1:9910:42bc:dcaf
   V¡nculo: direcci¢n IPv6 local. . . : fe80::192c:b844:f43a:3233%15
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.44
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : fe80::aec6:62ff:fec8:7828%15
                                       192.168.1.1

Adaptador de Ethernet Conexi¢n de  rea local:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.
"HKU\S-1-5-21-2264253706-1617791975-327108488-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-2264253706-1617791975-327108488-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.
"HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092350724\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092350724\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.
"HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092547265\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-2264253706-1617791975-327108488-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092547265\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.
"HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092355677\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.
"HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-2264253706-1617791975-327108488-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08082019092552477\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 35305549 B
Java, Flash, Steam htmlcache => 570 B
Windows/system/drivers => 152562 B
Edge => 0 B
Chrome => 451819581 B
Firefox => 4177279 B
Opera => 184150 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 31182818 B
LocalService => 132244 B
NetworkService => 71416 B
gladys => 12506942 B
Zoe => 15640713 B

RecycleBin => 342013 B
EmptyTemp: => 534 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 09:57:34 ====

Hola @gich

Falto que respondas a la preguntas y ademas comentar si sigue el problema.

Salu2

Hola, buen día. Los alertas de robotcaptcha ya no aparacen. Con respecto al antivirus Avast me lo instaló un amigo y no sé de dónde lo descargó. No soy usuaria de P2P, hace años atrás usaba el ares. Muchísimas gracias por salvarle la vida a mi notebook. Son unos genios!!! Saludos

1 me gusta

Hola @gich

Perfecto que bueno que este mejor :clap:

Vuelve a ejecutar FRST como la primera vez que lo hiciste y nos pegas reportes frescos de FRST y Addition, ya que vi entradas relacionadas a lo que te pregunte, así dejamos tu equipo 0 KM.

Salu2

1 me gusta

Hola, ¿cuando me decís que vuelva a ejecutar FRST como la primera vez te referís a que lo haga desde Running from C:\Users\gladys\A PSICOLOGIA UBA\Downloads o desde el que pegué en mi escritorio? Saludos.

Hola:

Lo ejecutas como la primera vez pero desde el escritorio, el fixlist no.

Salu2

Muchísimas gracias!!! Saludos

Hola @gich

Tuve que eliminar los reportes de FRST porque estaban mal pegados y no los puedo levantar, tu al seleccionarlo todo presionaste en el símbolo de las comillas " y tenias que presionar en el símbolo </>

Para que te sea mas fácil, prueba adjuntándolos al tema con el >>> Método 4

Salu2

Hola, esta vez me parece que lo hice bien. Saludos.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-08-2019
Ran by gladys (administrator) on GLADYS-NOTE (SAMSUNG ELECTRONICS CO., LTD. R430/R480/R440) (12-08-2019 11:58:17)
Running from C:\Users\gladys\Desktop
Loaded Profiles: gladys (Available Profiles: gladys & Zoe)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Windows\System32\Rezip.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Nokia -> Nokia) C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
(Nokia -> Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Nokia -> Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Nokia -> Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Samsung Electronics CO., LTD. -> SEC) [File not signed] C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1713448 2010-02-26] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [225672 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [1058512 2018-12-17] (DivX, LLC. -> DivX, LLC)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink -> CyberLink Corp.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2264253706-1617791975-327108488-1000\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-04-19] (Nokia -> Nokia)
HKU\S-1-5-21-2264253706-1617791975-327108488-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Ribbons.scr [220672 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files\AVAST Software\Browser\Application\75.1.1528.100\Installer\chrmstp.exe [2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-15] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2009-10-02] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-10-01]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1B95E805-2F0E-4031-A193-EC2D96D9530C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {1BA571F0-A298-4C36-BBA7-C4CE654091D1} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [717312 2009-11-11] (Samsung Electronics Co., Ltd.) [File not signed]
Task: {24005E89-5FFA-43B1-80C1-1BA960EE3645} - System32\Tasks\BatteryLifeExtender => C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [567976 2009-11-18] (Samsung Electronics CO., LTD. -> Samsung Electronics. Co. Ltd.) [File not signed]
Task: {2EA9D221-7386-401B-8855-41082C90AC85} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {35CD941B-16CE-4017-B20C-81C93D818F71} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {43758E3B-7B6B-4220-950F-58D37F289D24} - System32\Tasks\avastBCLRestart_chrome.exe => C:\Program Files\Google\Chrome\Application\chrome.exe 
Task: {451E48EF-CF2F-4E6B-BE5D-CDF7E9AC5269} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {48D9D809-A1EA-4B71-BCB0-5D982B669718} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {4D32950C-FE5D-4E84-A786-667D07CB6BBB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {4F66E656-A488-44F1-B703-8C10BEEC8E82} - System32\Tasks\{C067BBDF-4430-4666-96A3-CF6BBC726F8F} => C:\Users\gladys\Desktop\Ares\Ares.exe
Task: {60307985-7FAC-4862-A036-E6FEE21079D7} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {61AE4FE1-9640-4AB7-A5BB-7878C6B48CDA} - System32\Tasks\advSRS4 => C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2201192 2010-01-18] (Samsung Electronics CO., LTD. -> SEC) [File not signed]
Task: {63BA5781-FA0E-4F5D-ABFD-2A675CA2FE60} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {692BF630-43A5-48C4-A181-9135DF858F7D} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-21] (AVAST Software s.r.o. -> AVAST Software)
Task: {698F5641-9015-4CE1-8262-D0675DEB50C9} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-09] (Adobe Inc. -> Adobe)
Task: {7F423A2D-F186-4AD2-BB18-2D5B0C431A4D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\windows\system32\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-09] (Adobe Inc. -> Adobe)
Task: {95F7BDBC-90B8-4688-A6F5-102B9F5F68CA} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\system32\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-09] (Adobe Inc. -> Adobe)
Task: {9F06A1FB-8434-45C0-B096-3164CA8C956D} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-21] (AVAST Software s.r.o. -> AVAST Software)
Task: {A42614E7-990C-4BF3-9193-30DAA6776024} - System32\Tasks\Norton Security Scan for gladys => C:\Program Files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [606072 2011-01-14] (Symantec Corporation -> Symantec Corporation)
Task: {A5EFDAA4-A6EE-4169-8FC0-747FBDB466A6} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2385800 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
Task: {CAAA295F-EC4E-4A85-9156-A2BFE5363FB7} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [342016 2009-10-16] (SAMSUNG Electronics co., LTD.) [File not signed]
Task: {D6AA30D1-5F9A-4B72-BDAB-A04E57616214} - System32\Tasks\avastBCLRestartS-1-5-21-2264253706-1617791975-327108488-1000 => C:\Program Files\Google\Chrome\Application\chrome.exe 
Task: {F3868549-8828-466C-961E-D9111FF542FB} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [1695112 2019-08-08] (AVAST Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Norton Security Scan for gladys.job => C:\Program Files\Norton Security Scan\Engine\2.7.3.34\Nss.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{50DD5EFD-FA60-494D-8B8D-BC759745A428}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{774C0D3B-376D-4EA8-B8CA-09469323D9A3}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-08-01] (Oracle America, Inc. -> Oracle Corporation)
BHO: Aplicación auxiliar de inicio de sesión de Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-08-01] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKU\S-1-5-21-2264253706-1617791975-327108488-1000 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe 

FireFox:
========
FF ProfilePath: C:\Users\gladys\AppData\Roaming\Mozilla\Firefox\Profiles\c20ofsb0.default [2019-08-08]
FF Homepage: Mozilla\Firefox\Profiles\c20ofsb0.default -> hxxps://www.google.com/?bcutc=sp-006
FF NewTab: Mozilla\Firefox\Profiles\c20ofsb0.default -> about:newtab
FF Extension: (Firefox Synchronisation Extension) - C:\Users\gladys\AppData\Roaming\Mozilla\Firefox\Profiles\c20ofsb0.default\Extensions\[email protected] [2013-12-12] [Legacy] [not signed]
FF SearchPlugin: C:\Users\gladys\AppData\Roaming\Mozilla\Firefox\Profiles\c20ofsb0.default\searchplugins\avast-search.xml [2016-11-06]
FF SearchPlugin: C:\Users\gladys\AppData\Roaming\Mozilla\Firefox\Profiles\c20ofsb0.default\searchplugins\google-avast.xml [2018-12-18]
FF SearchPlugin: C:\Users\gladys\AppData\Roaming\Mozilla\Firefox\Profiles\c20ofsb0.default\searchplugins\yahoo-avast.xml [2016-03-15]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Ginger\Mozilla\[email protected]
FF Extension: (Ginger - Grammar and Spell Checker) - C:\Program Files\Ginger\Mozilla\[email protected] [2014-03-17] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-09] (Adobe Inc. -> )
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [No File]
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google Inc -> Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Users\gladys\Picasa3\npPicasa3.dll [2014-01-06] (Google Inc -> Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\windows\system32\npDeployJava1.dll [2013-08-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-08-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corporation -> Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-04-19] (Nokia ->  )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=1.1.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-01-25] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-2264253706-1617791975-327108488-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\gladys\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2012-10-12] (Skype Technologies SA -> Skype Limited)
FF Plugin HKU\S-1-5-21-2264253706-1617791975-327108488-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\gladys\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-01-10] (Unity Technologies ApS -> Unity Technologies ApS)
StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe 

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/?trackid=sp-006
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006"
CHR DefaultSearchURL: Default -> hxxps://www.google.com/search?q={searchTerms}&trackid=sp-006
CHR DefaultSearchKeyword: Default -> google.com.ar
CHR DefaultSuggestURL: Default -> hxxps://www.google.com/complete/search?client=chrome&q={searchTerms}
CHR Profile: C:\Users\gladys\AppData\Local\Google\Chrome\User Data\Default [2019-08-12]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\gladys\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\gladys\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-21]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe [819976 2011-08-18] (ABBYY SOLUTIONS LIMITED -> ABBYY)
S3 Adobe Version Cue CS4; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5398416 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-21] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [317280 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-21] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files\AVAST Software\Browser\Application\75.1.1528.100\elevation_service.exe [978720 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5394136 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 Rezip; C:\windows\SYSTEM32\Rezip.exe [311296 2009-03-05] () [File not signed]
S3 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] (CyberLink -> )
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [34720 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [172424 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [220128 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [158240 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\windows\System32\drivers\aswblog.sys [255360 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [51264 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\windows\System32\drivers\aswHdsKe.sys [194680 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [40904 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [138480 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [101200 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [73008 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [783232 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [403408 2019-04-12] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\windows\System32\drivers\aswStm.sys [165464 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [312464 2019-04-17] (AVAST Software s.r.o. -> AVAST Software)
R3 athr; C:\windows\System32\DRIVERS\athr.sys [1245696 2009-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 btusbflt; C:\windows\System32\drivers\btusbflt.sys [43944 2009-07-01] (Broadcom Corporation -> Broadcom Corporation.)
R3 btwaudio; C:\windows\System32\drivers\btwaudio.sys [86056 2009-10-02] (Broadcom Corporation -> Broadcom Corporation.)
R3 btwavdt; C:\windows\System32\drivers\btwavdt.sys [108072 2009-08-29] (Broadcom Corporation -> Broadcom Corporation.)
R3 btwl2cap; C:\windows\System32\DRIVERS\btwl2cap.sys [29472 2009-04-07] (Broadcom Corporation -> Broadcom Corporation.)
R3 btwrchid; C:\windows\System32\DRIVERS\btwrchid.sys [18472 2009-08-29] (Broadcom Corporation -> Broadcom Corporation.)
R1 ESProtectionDriver; C:\windows\system32\drivers\mbae.sys [128552 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\windows\System32\Drivers\MbamChameleon.sys [173512 2019-08-01] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\windows\System32\DRIVERS\farflt.sys [190624 2019-08-12] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\windows\system32\DRIVERS\mbam.sys [64296 2019-08-12] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [241760 2019-08-12] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\windows\System32\DRIVERS\mwac.sys [86768 2019-08-12] (Malwarebytes Corporation -> Malwarebytes)
S3 nmwcd; C:\windows\System32\drivers\ccdcmb.sys [18560 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\windows\System32\drivers\ccdcmbo.sys [23168 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 pccsmcfd; C:\windows\System32\DRIVERS\pccsmcfd.sys [19072 2012-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 RTL8167; C:\windows\System32\DRIVERS\Rt86win7.sys [139776 2009-07-13] (Microsoft Windows -> Realtek Corporation )
R1 SABI; C:\windows\system32\Drivers\SABI.sys [10752 2009-05-28] (Microsoft Windows Hardware Compatibility Publisher -> SAMSUNG ELECTRONICS)
S3 upperdev; C:\windows\System32\DRIVERS\usbser_lowerflt.sys [8192 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 UsbserFilt; C:\windows\System32\DRIVERS\usbser_lowerfltj.sys [8192 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R3 yukonw7; C:\windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] (Microsoft Windows Hardware Compatibility Publisher -> )

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-12 11:58 - 2019-08-12 11:59 - 000027902 _____ C:\Users\gladys\Desktop\FRST.txt
2019-08-12 10:45 - 2019-08-12 10:45 - 000000017 _____ C:\Users\gladys\AppData\Local\resmon.resmoncfg
2019-08-12 10:39 - 2019-08-12 10:39 - 001448960 _____ (Farbar) C:\Users\gladys\Desktop\FRST (1).exe
2019-08-12 06:43 - 2019-08-12 06:43 - 000064296 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2019-08-12 06:42 - 2019-08-12 06:42 - 000190624 _____ (Malwarebytes) C:\windows\system32\Drivers\farflt.sys
2019-08-12 06:42 - 2019-08-12 06:42 - 000086768 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys
2019-08-12 06:38 - 2019-08-12 06:38 - 000241760 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys
2019-08-08 10:20 - 2019-08-08 10:20 - 000004106 _____ C:\Users\gladys\cc_20190808_102028.reg
2019-08-08 10:20 - 2019-08-08 10:20 - 000004106 _____ C:\Users\gladys\cc_20190808_102007.reg
2019-08-08 10:19 - 2019-08-08 10:19 - 000004676 _____ C:\Users\gladys\cc_20190808_101859.reg
2019-08-08 10:19 - 2019-08-08 10:19 - 000004496 _____ C:\Users\gladys\cc_20190808_101924.reg
2019-08-08 10:19 - 2019-08-08 10:19 - 000004106 _____ C:\Users\gladys\cc_20190808_101946.reg
2019-08-08 10:18 - 2019-08-08 10:18 - 000300058 _____ C:\Users\gladys\cc_20190808_101757.reg
2019-08-08 10:10 - 2019-08-08 10:13 - 000000000 ____D C:\Users\gladys\AppData\LocalLow\uTorrent
2019-08-08 09:47 - 2019-08-08 09:47 - 000000265 _____ C:\DelFix.txt
2019-08-08 09:47 - 2019-08-08 09:47 - 000000000 ____D C:\windows\ERUNT
2019-08-08 09:46 - 2019-08-08 09:46 - 000797760 _____ C:\Users\gladys\Desktop\delfix.exe
2019-08-08 09:35 - 2019-08-12 11:39 - 000000000 ____D C:\Users\gladys\Desktop\FRST-OlderVersion
2019-08-04 19:59 - 2019-08-04 19:59 - 000000679 _____ C:\Users\gladys\Gladys - Acceso directo (2).lnk
2019-08-04 19:56 - 2019-08-12 11:58 - 000000000 ____D C:\FRST
2019-08-04 19:28 - 2019-08-04 19:29 - 000000000 ____D C:\KVRT_Data
2019-08-04 16:27 - 2019-08-04 16:27 - 000001083 _____ C:\Users\gladys\Desktop\ESET Online Scanner.lnk
2019-08-04 16:26 - 2019-08-04 16:26 - 000000000 ____D C:\Users\gladys\AppData\Local\ESET
2019-07-29 18:35 - 2019-07-29 18:54 - 000000000 ____D C:\Users\gladys\AppData\Roaming\ZHP
2019-07-29 18:35 - 2019-07-29 18:35 - 000000834 _____ C:\Users\gladys\Desktop\ZHPCleaner.lnk
2019-07-29 18:35 - 2019-07-29 18:35 - 000000000 ____D C:\Users\gladys\AppData\Local\ZHP
2019-07-29 18:14 - 2019-07-29 18:18 - 000000000 ____D C:\AdwCleaner
2019-07-29 16:48 - 2019-08-01 10:13 - 000173512 _____ (Malwarebytes) C:\windows\system32\Drivers\MbamChameleon.sys
2019-07-29 16:48 - 2019-07-29 16:48 - 000000000 ____D C:\Users\gladys\AppData\Local\mbamtray
2019-07-29 16:48 - 2019-07-29 16:48 - 000000000 ____D C:\Users\gladys\AppData\Local\mbam
2019-07-29 16:47 - 2019-07-29 16:47 - 000001980 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-07-29 16:47 - 2019-07-29 16:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-29 16:47 - 2019-07-29 16:47 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-07-29 16:47 - 2019-07-29 16:47 - 000000000 ____D C:\Program Files\Malwarebytes
2019-07-29 16:47 - 2019-01-08 16:32 - 000128552 _____ (Malwarebytes) C:\windows\system32\Drivers\mbae.sys
2019-07-29 16:41 - 2019-07-29 16:41 - 003072896 _____ (Nicolas Coolman) C:\Users\gladys\Desktop\ZHPCleaner.exe
2019-07-29 16:39 - 2019-07-29 16:40 - 007623880 _____ (Malwarebytes) C:\Users\gladys\Desktop\adwcleaner_7.4.exe
2019-07-29 16:38 - 2019-07-29 16:38 - 000020769 _____ C:\Users\gladys\Desktop\descarga.htm
2019-07-29 16:35 - 2019-07-29 16:35 - 064756040 _____ (Malwarebytes ) C:\Users\gladys\Desktop\mb3-setup-consumer-3.8.3.2965-1.0.613-1.0.11752.exe
2019-07-16 17:05 - 2019-07-23 10:33 - 000000000 ____D C:\Users\gladys\DOCENCIA

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-12 11:46 - 2013-03-26 10:29 - 001577984 ___SH C:\Users\gladys\Thumbs.db
2019-08-12 11:02 - 2009-07-14 01:34 - 000023552 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-08-12 11:02 - 2009-07-14 01:34 - 000023552 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-08-12 10:56 - 2011-01-14 20:26 - 000000476 ____H C:\windows\Tasks\Norton Security Scan for gladys.job
2019-08-12 06:38 - 2009-07-14 01:53 - 000000006 ____H C:\windows\Tasks\SA.DAT
2019-08-10 19:41 - 2019-03-07 19:51 - 000000000 ____D C:\Users\gladys\CASA VIVA
2019-08-08 10:22 - 2009-07-13 23:37 - 000000000 ____D C:\windows\inf
2019-08-08 10:20 - 2010-10-01 08:59 - 000000000 ____D C:\Users\gladys
2019-08-08 10:15 - 2016-01-16 12:45 - 000000000 ____D C:\Users\gladys\AppData\Roaming\uTorrent
2019-08-08 10:13 - 2019-03-29 10:53 - 000000000 ____D C:\Users\gladys\AppData\Local\BitTorrentHelper
2019-08-08 09:57 - 2011-01-31 23:53 - 000000000 ____D C:\Users\Zoe\AppData\LocalLow\Temp
2019-08-08 09:57 - 2010-11-08 09:07 - 000000000 ____D C:\Users\gladys\AppData\LocalLow\Temp
2019-08-08 09:52 - 2013-09-19 15:24 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-08-08 09:52 - 2013-06-06 13:31 - 000000000 ____D C:\windows\pss
2019-08-08 09:23 - 2018-03-21 08:30 - 000000000 ____D C:\Users\gladys\AppData\Local\AVAST Software
2019-08-07 15:33 - 2018-10-02 12:09 - 000000000 ____D C:\Users\gladys\A A INDESIGN CS4
2019-08-04 18:13 - 2012-12-09 18:54 - 000000000 ____D C:\Users\gladys\QUARK
2019-08-04 18:04 - 2012-12-27 20:32 - 000000000 ____D C:\Users\gladys\Desktop\TODO
2019-08-02 10:07 - 2018-11-06 13:19 - 000000000 ____D C:\Users\gladys\ZOE PSICO UBA
2019-07-29 22:57 - 2016-05-12 18:46 - 000000000 ____D C:\Users\gladys\Desktop\TRABAJOS ZOE
2019-07-29 18:19 - 2010-04-07 05:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2019-07-29 18:19 - 2010-04-07 05:59 - 000000000 ____D C:\Program Files\Samsung
2019-07-29 18:08 - 2010-10-01 09:19 - 000001397 _____ C:\Users\gladys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2019-07-29 18:07 - 2013-08-24 11:31 - 000002134 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-29 16:33 - 2013-10-11 14:33 - 000000925 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-07-28 15:36 - 2010-04-07 22:39 - 000747986 _____ C:\windows\system32\perfh00A.dat
2019-07-28 15:36 - 2010-04-07 22:39 - 000159426 _____ C:\windows\system32\perfc00A.dat
2019-07-28 15:36 - 2009-07-26 17:06 - 001678290 _____ C:\windows\system32\PerfStringBackup.INI
2019-07-28 15:31 - 2016-12-18 18:33 - 000000000 ____D C:\Users\gladys\A ARTES ESCRITURA
2019-07-28 14:18 - 2019-02-18 19:18 - 000000000 ____D C:\Users\gladys\CUENTOS GLA 2019
2019-07-27 09:58 - 2016-07-07 21:11 - 000000000 ____D C:\Users\gladys\GLADYS CV
2019-07-24 15:46 - 2018-03-21 08:38 - 000002333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-07-20 10:05 - 2019-05-09 15:08 - 000000000 ____D C:\Users\gladys\SIBILA
2019-07-16 10:54 - 2010-10-01 09:46 - 000000000 ____D C:\Users\gladys\AppData\Roaming\Google

==================== Files in the root of some directories ================

2014-08-02 12:29 - 2014-08-02 12:29 - 000021288 _____ () C:\Users\gladys\cc_20140802_122925.reg
2019-08-08 10:18 - 2019-08-08 10:18 - 000300058 _____ () C:\Users\gladys\cc_20190808_101757.reg
2019-08-08 10:19 - 2019-08-08 10:19 - 000004676 _____ () C:\Users\gladys\cc_20190808_101859.reg
2019-08-08 10:19 - 2019-08-08 10:19 - 000004496 _____ () C:\Users\gladys\cc_20190808_101924.reg
2019-08-08 10:19 - 2019-08-08 10:19 - 000004106 _____ () C:\Users\gladys\cc_20190808_101946.reg
2019-08-08 10:20 - 2019-08-08 10:20 - 000004106 _____ () C:\Users\gladys\cc_20190808_102007.reg
2019-08-08 10:20 - 2019-08-08 10:20 - 000004106 _____ () C:\Users\gladys\cc_20190808_102028.reg
2011-08-18 23:39 - 2015-11-15 16:35 - 000018432 _____ () C:\Users\gladys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-08-12 10:45 - 2019-08-12 10:45 - 000000017 _____ () C:\Users\gladys\AppData\Local\resmon.resmoncfg
2011-06-17 19:53 - 2011-06-17 19:53 - 000000000 _____ () C:\Users\gladys\AppData\Local\{EF33A113-69D3-42B7-B9DE-C022A33665B9}

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-08-03 11:04
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10-08-2019
Ran by gladys (12-08-2019 11:59:56)
Running from C:\Users\gladys\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2010-10-01 11:59:02)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2264253706-1617791975-327108488-500 - Administrator - Disabled)
gladys (S-1-5-21-2264253706-1617791975-327108488-1000 - Administrator - Enabled) => C:\Users\gladys
HomeGroupUser$ (S-1-5-21-2264253706-1617791975-327108488-1002 - Limited - Enabled)
Invitado (S-1-5-21-2264253706-1617791975-327108488-501 - Limited - Disabled)
Zoe (S-1-5-21-2264253706-1617791975-327108488-1003 - Limited - Enabled) => C:\Users\Zoe

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3GP to MP3 Converter (HKLM\...\3GP to MP3 Converter_is1) (Version:  - Shiver)
ABBYY FineReader 11 (HKLM\...\{F1100000-0008-0000-0001-074957833700}) (Version: 11.0.289 - ABBYY)
Acrobat.com (HKLM\...\{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}) (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.2.443 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Adobe Creative Suite 4 Master Collection (HKLM\...\Adobe_b2d6abde968e6f277ddbfd501383e02) (Version: 4.0 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.223 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Any Media Converter (HKLM\...\Any Media Converter) (Version: 1.14 - Any Media Converter)
Atheros Client Installation Program (HKLM\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.2.1119 - Atheros)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.4.2374 - AVAST Software)
Avast Secure Browser (HKLM\...\Avast Secure Browser) (Version: 75.1.1528.100 - Los creadores de Avast Secure Browser)
Ayudante para el inicio de sesión de Windows Live ID (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
BatteryLifeExtender (HKLM\...\{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}) (Version: 1.0.1 - Samsung)
calibre (HKLM\...\{36E0CAAD-D410-4CA8-9AC0-BBE2691B4A19}) (Version: 0.8.56 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform)
Connect (HKLM\...\{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
CyberLink DVD Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2806 - CyberLink Corp.)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1916 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3108a - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3213 - CyberLink Corp.)
CyberLink PowerDVD 8 (HKLM\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.2815b - CyberLink Corp.)
CyberLink PowerProducer (HKLM\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.1.1812 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3625 - CyberLink Corp.)
DivX Setup (HKLM\...\DivX Setup) (Version: 10.8.7.0 - DivX, LLC)
DivX Setup (HKLM\...\DivX Setup.divx.com) (Version: 2.2.1.2 - DivX, LLC)
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.0 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM\...\{34B76DCB-BF7C-440F-B058-C84172C1E338}) (Version: 4.2.8 - Samsung)
Easy SpeedUp Manager (HKLM\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.6 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM\...\{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}) (Version: 4.0.0.3 - Samsung)
Facebook Video Calling 1.2.0.287 (HKLM\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
Farm Frenzy 2 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version:  - Oberon Media)
FileZilla Client 3.9.0.5 (HKLM\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
Galería fotográfica de Windows Live (HKLM\...\{25F6A201-C40C-4669-936D-473877CFEB4C}) (Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Earth Plug-in (HKLM\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Herramienta de carga de Windows Live (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2025 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{CCAFF072-4DDB-4846-963D-15F02A8E9472}) (Version: 13.00.0000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.01.00.1005 - Intel Corporation)
Java 7 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java(TM) 6 Update 26 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216026FF}) (Version: 6.0.260 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (HKLM\...\{E2DFE069-083E-4631-9B6C-43C48E991DE5}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
kuler (HKLM\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Marvell Miniport Driver (HKLM\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell)
Mi Simulador de Ambientes (HKLM\...\{C6E4B77B-5214-4D6F-ABDA-C42C49B11367}) (Version: 1.00.4038 - AkzoNobel)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM\...\{90120000-0016-0C0A-0000-0000000FF1CE}_PROPLUS_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version:  - Microsoft)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM\...\{90120000-001A-0C0A-0000-0000000FF1CE}_PROPLUS_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version:  - Microsoft)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM\...\{90120000-0018-0C0A-0000-0000000FF1CE}_PROPLUS_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version:  - Microsoft)
Microsoft Office PowerPoint Viewer 2007 (Spanish) (HKLM\...\{95120000-00AF-0C0A-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM\...\{90120000-001B-0C0A-0000-0000000FF1CE}_PROPLUS_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version:  - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Works (HKLM\...\{38BB21D5-B0D1-41DA-A0B0-1EFB5EF4AAC2}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 23.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 23.0.1 (x86 en-US)) (Version: 23.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.4.0 - Mozilla)
Mozilla Thunderbird 52.4.0 (x86 es-AR) (HKLM\...\Mozilla Thunderbird 52.4.0 (x86 es-AR)) (Version: 52.4.0 - Mozilla)
MSVC80_x86_v2 (HKLM\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NeoBook 5.8.4 (HKLM\...\{B111977A-E61A-4EA3-9F19-605E69C06D14}_is1) (Version: 5.8.4 - NeoSoft Corp.)
Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM\...\{0C808377-8C23-44ED-9016-05F42E6D4900}) (Version: 3.8.30.0 - Nokia) Hidden
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.8.30.0 - Nokia)
Norton Security Scan (HKLM\...\NSS) (Version: 2.7.3.34 - Symantec Corporation)
Notepad++ (HKLM\...\Notepad++) (Version: 6.3.3 - Notepad++ Team)
OGA Notifier 2.0.0048.0 (HKLM\...\{B2544A03-10D0-4E5E-BA69-0362FFC20D18}) (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OpenOffice.org 3.4 (HKLM\...\{5D3A23FA-06EF-4640-BC24-FFD687BF3D2E}) (Version: 3.4.9590 - OpenOffice.org)
Paquete de compatibilidad para 2007 Office system (HKLM\...\{90120000-0020-0C0A-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Paquete de controladores de Windows - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Reader (HKU\S-1-5-21-2264253706-1617791975-327108488-1000\...\PDF Reader) (Version:  - )
PDF Settings CS4 (HKLM\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (HKLM\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pixel Bender Toolkit (HKLM\...\{43509E18-076E-40FE-AF38-CA5ED400A5A9}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Quark Update (HKLM\...\{82154114-943B-4A6F-9B20-073C9573E93E}) (Version: 1.0.0.2 - Nombre de su organización)
QuarkXPress (HKLM\...\{CE949716-2A5A-40F2-BA31-54CE71B37FE5}) (Version: 9.5.0.1 - Quark Software Inc.)
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6003 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM\...\{0F796312-289C-40CA-856C-9FBCF5E83342}) (Version: 0133.09.1202 - REALTEK Semiconductor Corp.)
Samsung Recovery Solution 4 (HKLM\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung Support Center (HKLM\...\{7ACAF01A-FBF4-41F2-A7C9-991CC5ED1CA9}) (Version: 1.0.8 - Samsung)
Skype™ 7.40 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Stellarium 0.11.4 (HKLM\...\Stellarium_is1) (Version: 0.11.4 - Stellarium team)
Suite Shared Configuration CS4 (HKLM\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.10.0 - Synaptics Incorporated)
Unity Web Player (HKU\S-1-5-21-2264253706-1617791975-327108488-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
User Guide (HKLM\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.800 - Broadcom Corporation)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (09/11/2009 6.2.0.9407) (HKLM\...\755087041320E005CB1E8A67C5C55A260EB81B90) (Version: 09/11/2009 6.2.0.9407 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{953D4586-9A16-495E-BA1F-EE5AA66604DB}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.70 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\gladys\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook, Inc. -> Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\gladys\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS -> Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\gladys\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook, Inc. -> Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\gladys\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Technologies SA -> Skype Limited)
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1000_Classes\CLSID\{FF5939C9-3A4F-1990-738A-B17D2B34033D}\InprocServer32 -> C:\windows\system32\ole32.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [ANotepad++] -> {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593} => C:\Program Files\Notepad++\NppShell_05.dll [2012-06-18] () [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DivXShellExtensionItem] -> {48A8A3B0-57E8-4F2B-A49D-19E02B92377B} => C:\Program Files\Common Files\DivX Shared\DivXShellExtension.dll [2018-10-08] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers1: [DivXShellExtensionItem64] -> {6B49A276-0DBA-43F4-BC96-A841AD11B40B} => C:\Program Files\Common Files\DivX Shared\DivXShellExtension.dll [2018-10-08] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers1: [FineReader11ContextMenu] -> {79E48320-C6B5-49F1-992B-571D53586885} => C:\Program Files\ABBYY FineReader 11\FRIntegration.dll [2011-08-19] (ABBYY SOLUTIONS LIMITED -> ABBYY.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [ZIPProcessor] -> {E5C972BD-3890-4427-ABEA-A2AD8D88E7A6} =>  -> No File
ContextMenuHandlers2: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> [CC]{C95FFEAE-A32E-4122-A5C4-49B5BFB69795} =>  -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2010-08-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [FineReader11ContextMenu] -> {79E48320-C6B5-49F1-992B-571D53586885} => C:\Program Files\ABBYY FineReader 11\FRIntegration.dll [2011-08-19] (ABBYY SOLUTIONS LIMITED -> ABBYY.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [ZIPProcessor] -> {E5C972BD-3890-4427-ABEA-A2AD8D88E7A6} =>  -> No File

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2014-09-06 13:44 - 2014-09-06 13:44 - 000035328 _____ () [File not signed] C:\Program Files\FileZilla FTP Client\fzshellext.dll
2014-05-24 13:41 - 2014-05-24 13:41 - 000091648 _____ () [File not signed] C:\Program Files\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 13:41 - 2014-05-24 13:41 - 000892416 _____ () [File not signed] C:\Program Files\FileZilla FTP Client\libstdc++-6.dll
2012-06-18 12:24 - 2012-06-18 12:24 - 000260096 _____ () [File not signed] C:\Program Files\Notepad++\NppShell_05.dll
2010-04-07 05:57 - 2009-03-05 06:54 - 000311296 _____ () [File not signed] C:\windows\SYSTEM32\Rezip.exe
2008-08-14 07:15 - 2008-08-14 07:15 - 000276992 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files\Common Files\Adobe\Adobe Drive CS4\BIB.dll
2008-09-04 03:02 - 2008-09-04 03:02 - 000131072 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files\Common Files\Adobe\Shell\CS4\idicon.dll
2010-04-07 05:53 - 2009-09-30 23:48 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2013-04-15 13:26 - 2013-04-15 13:26 - 000599552 _____ (Igor Pavlov) [File not signed] C:\Program Files\Nokia\Nokia Suite\7z.DLL
2010-04-07 05:53 - 2009-09-30 23:48 - 000077824 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\DTMessageLib.dll
2010-04-07 05:53 - 2009-09-30 23:45 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2011-06-15 22:05 - 2011-06-15 22:05 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2011-06-15 22:05 - 2011-06-15 22:05 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
2011-06-15 22:05 - 2011-06-15 22:05 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2014-05-24 13:41 - 2014-05-24 13:41 - 000047616 _____ (MingW-W64 Project. All rights reserved.) [File not signed] C:\Program Files\FileZilla FTP Client\libwinpthread-1.dll
2010-04-07 06:10 - 2010-01-18 23:34 - 002201192 _____ (Samsung Electronics CO., LTD. -> SEC) [File not signed] C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
2010-04-07 06:08 - 2009-11-11 01:21 - 000717312 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
2013-04-15 13:24 - 2013-04-15 13:24 - 001106944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Nokia\Nokia Suite\libeay32.DLL

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:04 - 2019-08-08 09:53 - 000000035 _____ C:\windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\Calibre2\;C:\Program Files\Skype\Phone\
HKU\S-1-5-21-2264253706-1617791975-327108488-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\gladys\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeBridge => 
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Adobe_ID0ENQBO => C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: CLMLServer => "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: Google+ Auto Backup => "C:\Users\gladys\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{4DCBA17F-84B9-41F3-B725-D9A900704F03}C:\users\gladys\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\gladys\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{4FDCC1BA-AC0F-48FA-8FA1-A4560BAC9F4A}C:\users\gladys\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\gladys\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{48D0BC35-1217-408E-9E46-A3A4B7630755}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{D6A0D89B-54F5-4428-8E6B-16E5B7011913}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{541A916D-B373-4412-AFB9-8E911338274A}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{506763DB-660B-4888-AB45-4D7B6AB24008}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

30-05-2019 20:37:03 Punto de control programado
11-06-2019 10:44:45 Punto de control programado
21-06-2019 16:28:34 Punto de control programado
30-06-2019 14:05:52 Punto de control programado
09-07-2019 13:39:50 Punto de control programado
16-07-2019 14:16:21 Punto de control programado
24-07-2019 19:32:11 Punto de control programado
29-07-2019 18:51:19 ZHPcleaner
08-08-2019 09:51:00 Restore Point Created by FRST

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de tunelización Teredo de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/12/2019 11:54:50 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (08/12/2019 10:54:49 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (08/12/2019 09:54:44 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (08/12/2019 08:51:53 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (08/12/2019 07:51:52 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (08/12/2019 06:51:52 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (08/12/2019 06:41:30 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (08/11/2019 11:08:35 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.


System errors:
=============
Error: (08/12/2019 06:40:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (08/12/2019 06:40:45 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Servicio de uso compartido de red del Reproductor de Windows Media.

Error: (08/11/2019 10:00:53 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Windows Update no respondió después de iniciar.

Error: (08/11/2019 09:55:37 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: El cierre anterior del sistema a las 11:54:41 p.m. del ‎10/‎08/‎2019 resultó inesperado.

Error: (08/10/2019 01:06:26 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: El servidor {995C996E-D918-4A8C-A302-45719A6F4EA7} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (08/08/2019 09:50:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

Error: (08/08/2019 09:50:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Live ID Sign-in Assistant terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.

Error: (08/08/2019 09:50:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) Management & Security Application User Notification Service se terminó de manera inesperada. Esto ha sucedido 1 veces.


Windows Defender:
===================================
Date: 2017-05-22 14:08:03.012
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/OmigaPlus!blnk&threatid=221912
Nombre:BrowserModifier:Win32/OmigaPlus!blnk
Id.:221912
Gravedad:Alta
Categoría:Modificador de explorador
Ruta de acceso encontrada:containerfile:C:\Users\gladys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk;file:C:\Users\gladys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk->[CMDEmbedded]
Tipo de detección:Concreto
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\Servicio de red
Nombre de proceso:c:\program files\windows defender\MpCmdRun.exe

Date: 2017-05-22 14:08:03.010
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/OmigaPlus!blnk&threatid=221912
Nombre:BrowserModifier:Win32/OmigaPlus!blnk
Id.:221912
Gravedad:Alta
Categoría:Modificador de explorador
Ruta de acceso encontrada:containerfile:C:\Users\gladys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk;file:C:\Users\gladys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk->[CMDEmbedded]
Tipo de detección:Concreto
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\Servicio de red
Nombre de proceso:c:\program files\windows defender\MpCmdRun.exe

Date: 2015-09-09 13:33:28.657
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{EBA13496-6311-4040-9D7A-F12A8CD24E77}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

Date: 2014-03-29 13:53:24.921
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{EA6E7379-0792-422E-917B-869F3096FFB1}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

CodeIntegrity:
===================================

Date: 2017-08-15 15:18:13.582
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-08-15 15:18:13.364
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-08-15 07:35:20.254
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-08-15 07:35:20.192
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-08-14 08:35:30.300
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-08-14 08:35:30.237
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-08-13 18:00:47.190
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2017-08-13 18:00:47.112
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

==================== Memory info =========================== 

BIOS: Phoenix Technologies Ltd. 04UZ.M003.20100327.XW 03/27/2010
Motherboard: SAMSUNG ELECTRONICS CO., LTD. R430/R480/R440
Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 91%
Total physical RAM: 2932.55 MB
Available physical RAM: 247.19 MB
Total Virtual: 5863.41 MB
Available Virtual: 1799.61 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:141.49 GB) (Free:16.13 GB) NTFS
Drive d: () (Fixed) (Total:141.5 GB) (Free:123.71 GB) NTFS

\\?\Volume{438a7ad1-42a8-11df-862a-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS
\\?\Volume{438a7ad0-42a8-11df-862a-806e6f6e6963}\ (RECOVERY) (Fixed) (Total:15 GB) (Free:3.31 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 1096B93F)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=141.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=141.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Por las dudas te mando el FRST otra vez

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-08-2019
Ran by gladys (administrator) on GLADYS-NOTE (SAMSUNG ELECTRONICS CO., LTD. R430/R480/R440) (12-08-2019 11:58:17)
Running from C:\Users\gladys\Desktop
Loaded Profiles: gladys (Available Profiles: gladys & Zoe)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Windows\System32\Rezip.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Nokia -> Nokia) C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
(Nokia -> Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Nokia -> Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Nokia -> Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Samsung Electronics CO., LTD. -> SEC) [File not signed] C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1713448 2010-02-26] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [225672 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [1058512 2018-12-17] (DivX, LLC. -> DivX, LLC)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink -> CyberLink Corp.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2264253706-1617791975-327108488-1000\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-04-19] (Nokia -> Nokia)
HKU\S-1-5-21-2264253706-1617791975-327108488-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Ribbons.scr [220672 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files\AVAST Software\Browser\Application\75.1.1528.100\Installer\chrmstp.exe [2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-15] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2009-10-02] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-10-01]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1B95E805-2F0E-4031-A193-EC2D96D9530C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {1BA571F0-A298-4C36-BBA7-C4CE654091D1} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [717312 2009-11-11] (Samsung Electronics Co., Ltd.) [File not signed]
Task: {24005E89-5FFA-43B1-80C1-1BA960EE3645} - System32\Tasks\BatteryLifeExtender => C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [567976 2009-11-18] (Samsung Electronics CO., LTD. -> Samsung Electronics. Co. Ltd.) [File not signed]
Task: {2EA9D221-7386-401B-8855-41082C90AC85} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {35CD941B-16CE-4017-B20C-81C93D818F71} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {43758E3B-7B6B-4220-950F-58D37F289D24} - System32\Tasks\avastBCLRestart_chrome.exe => C:\Program Files\Google\Chrome\Application\chrome.exe 
Task: {451E48EF-CF2F-4E6B-BE5D-CDF7E9AC5269} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {48D9D809-A1EA-4B71-BCB0-5D982B669718} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {4D32950C-FE5D-4E84-A786-667D07CB6BBB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {4F66E656-A488-44F1-B703-8C10BEEC8E82} - System32\Tasks\{C067BBDF-4430-4666-96A3-CF6BBC726F8F} => C:\Users\gladys\Desktop\Ares\Ares.exe
Task: {60307985-7FAC-4862-A036-E6FEE21079D7} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {61AE4FE1-9640-4AB7-A5BB-7878C6B48CDA} - System32\Tasks\advSRS4 => C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2201192 2010-01-18] (Samsung Electronics CO., LTD. -> SEC) [File not signed]
Task: {63BA5781-FA0E-4F5D-ABFD-2A675CA2FE60} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {692BF630-43A5-48C4-A181-9135DF858F7D} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-21] (AVAST Software s.r.o. -> AVAST Software)
Task: {698F5641-9015-4CE1-8262-D0675DEB50C9} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-09] (Adobe Inc. -> Adobe)
Task: {7F423A2D-F186-4AD2-BB18-2D5B0C431A4D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\windows\system32\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-09] (Adobe Inc. -> Adobe)
Task: {95F7BDBC-90B8-4688-A6F5-102B9F5F68CA} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\system32\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-09] (Adobe Inc. -> Adobe)
Task: {9F06A1FB-8434-45C0-B096-3164CA8C956D} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-21] (AVAST Software s.r.o. -> AVAST Software)
Task: {A42614E7-990C-4BF3-9193-30DAA6776024} - System32\Tasks\Norton Security Scan for gladys => C:\Program Files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [606072 2011-01-14] (Symantec Corporation -> Symantec Corporation)
Task: {A5EFDAA4-A6EE-4169-8FC0-747FBDB466A6} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2385800 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
Task: {CAAA295F-EC4E-4A85-9156-A2BFE5363FB7} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [342016 2009-10-16] (SAMSUNG Electronics co., LTD.) [File not signed]
Task: {D6AA30D1-5F9A-4B72-BDAB-A04E57616214} - System32\Tasks\avastBCLRestartS-1-5-21-2264253706-1617791975-327108488-1000 => C:\Program Files\Google\Chrome\Application\chrome.exe 
Task: {F3868549-8828-466C-961E-D9111FF542FB} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [1695112 2019-08-08] (AVAST Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Norton Security Scan for gladys.job => C:\Program Files\Norton Security Scan\Engine\2.7.3.34\Nss.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{50DD5EFD-FA60-494D-8B8D-BC759745A428}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{774C0D3B-376D-4EA8-B8CA-09469323D9A3}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-08-01] (Oracle America, Inc. -> Oracle Corporation)
BHO: Aplicación auxiliar de inicio de sesión de Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-08-01] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKU\S-1-5-21-2264253706-1617791975-327108488-1000 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe 

FireFox:
========
FF ProfilePath: C:\Users\gladys\AppData\Roaming\Mozilla\Firefox\Profiles\c20ofsb0.default [2019-08-08]
FF Homepage: Mozilla\Firefox\Profiles\c20ofsb0.default -> hxxps://www.google.com/?bcutc=sp-006
FF NewTab: Mozilla\Firefox\Profiles\c20ofsb0.default -> about:newtab
FF Extension: (Firefox Synchronisation Extension) - C:\Users\gladys\AppData\Roaming\Mozilla\Firefox\Profiles\c20ofsb0.default\Extensions\[email protected] [2013-12-12] [Legacy] [not signed]
FF SearchPlugin: C:\Users\gladys\AppData\Roaming\Mozilla\Firefox\Profiles\c20ofsb0.default\searchplugins\avast-search.xml [2016-11-06]
FF SearchPlugin: C:\Users\gladys\AppData\Roaming\Mozilla\Firefox\Profiles\c20ofsb0.default\searchplugins\google-avast.xml [2018-12-18]
FF SearchPlugin: C:\Users\gladys\AppData\Roaming\Mozilla\Firefox\Profiles\c20ofsb0.default\searchplugins\yahoo-avast.xml [2016-03-15]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Ginger\Mozilla\[email protected]
FF Extension: (Ginger - Grammar and Spell Checker) - C:\Program Files\Ginger\Mozilla\[email protected] [2014-03-17] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-09] (Adobe Inc. -> )
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [No File]
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google Inc -> Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Users\gladys\Picasa3\npPicasa3.dll [2014-01-06] (Google Inc -> Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\windows\system32\npDeployJava1.dll [2013-08-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-08-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corporation -> Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-04-19] (Nokia ->  )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=1.1.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-01-25] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-2264253706-1617791975-327108488-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\gladys\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2012-10-12] (Skype Technologies SA -> Skype Limited)
FF Plugin HKU\S-1-5-21-2264253706-1617791975-327108488-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\gladys\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-01-10] (Unity Technologies ApS -> Unity Technologies ApS)
StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe 

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/?trackid=sp-006
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006"
CHR DefaultSearchURL: Default -> hxxps://www.google.com/search?q={searchTerms}&trackid=sp-006
CHR DefaultSearchKeyword: Default -> google.com.ar
CHR DefaultSuggestURL: Default -> hxxps://www.google.com/complete/search?client=chrome&q={searchTerms}
CHR Profile: C:\Users\gladys\AppData\Local\Google\Chrome\User Data\Default [2019-08-12]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\gladys\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\gladys\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-21]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe [819976 2011-08-18] (ABBYY SOLUTIONS LIMITED -> ABBYY)
S3 Adobe Version Cue CS4; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5398416 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-21] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [317280 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-21] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files\AVAST Software\Browser\Application\75.1.1528.100\elevation_service.exe [978720 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5394136 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 Rezip; C:\windows\SYSTEM32\Rezip.exe [311296 2009-03-05] () [File not signed]
S3 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] (CyberLink -> )
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [34720 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [172424 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [220128 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [158240 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\windows\System32\drivers\aswblog.sys [255360 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [51264 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\windows\System32\drivers\aswHdsKe.sys [194680 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [40904 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [138480 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [101200 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [73008 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [783232 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [403408 2019-04-12] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\windows\System32\drivers\aswStm.sys [165464 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [312464 2019-04-17] (AVAST Software s.r.o. -> AVAST Software)
R3 athr; C:\windows\System32\DRIVERS\athr.sys [1245696 2009-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 btusbflt; C:\windows\System32\drivers\btusbflt.sys [43944 2009-07-01] (Broadcom Corporation -> Broadcom Corporation.)
R3 btwaudio; C:\windows\System32\drivers\btwaudio.sys [86056 2009-10-02] (Broadcom Corporation -> Broadcom Corporation.)
R3 btwavdt; C:\windows\System32\drivers\btwavdt.sys [108072 2009-08-29] (Broadcom Corporation -> Broadcom Corporation.)
R3 btwl2cap; C:\windows\System32\DRIVERS\btwl2cap.sys [29472 2009-04-07] (Broadcom Corporation -> Broadcom Corporation.)
R3 btwrchid; C:\windows\System32\DRIVERS\btwrchid.sys [18472 2009-08-29] (Broadcom Corporation -> Broadcom Corporation.)
R1 ESProtectionDriver; C:\windows\system32\drivers\mbae.sys [128552 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\windows\System32\Drivers\MbamChameleon.sys [173512 2019-08-01] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\windows\System32\DRIVERS\farflt.sys [190624 2019-08-12] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\windows\system32\DRIVERS\mbam.sys [64296 2019-08-12] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [241760 2019-08-12] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\windows\System32\DRIVERS\mwac.sys [86768 2019-08-12] (Malwarebytes Corporation -> Malwarebytes)
S3 nmwcd; C:\windows\System32\drivers\ccdcmb.sys [18560 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\windows\System32\drivers\ccdcmbo.sys [23168 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 pccsmcfd; C:\windows\System32\DRIVERS\pccsmcfd.sys [19072 2012-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 RTL8167; C:\windows\System32\DRIVERS\Rt86win7.sys [139776 2009-07-13] (Microsoft Windows -> Realtek Corporation )
R1 SABI; C:\windows\system32\Drivers\SABI.sys [10752 2009-05-28] (Microsoft Windows Hardware Compatibility Publisher -> SAMSUNG ELECTRONICS)
S3 upperdev; C:\windows\System32\DRIVERS\usbser_lowerflt.sys [8192 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 UsbserFilt; C:\windows\System32\DRIVERS\usbser_lowerfltj.sys [8192 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R3 yukonw7; C:\windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] (Microsoft Windows Hardware Compatibility Publisher -> )

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-12 11:58 - 2019-08-12 11:59 - 000027902 _____ C:\Users\gladys\Desktop\FRST.txt
2019-08-12 10:45 - 2019-08-12 10:45 - 000000017 _____ C:\Users\gladys\AppData\Local\resmon.resmoncfg
2019-08-12 10:39 - 2019-08-12 10:39 - 001448960 _____ (Farbar) C:\Users\gladys\Desktop\FRST (1).exe
2019-08-12 06:43 - 2019-08-12 06:43 - 000064296 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2019-08-12 06:42 - 2019-08-12 06:42 - 000190624 _____ (Malwarebytes) C:\windows\system32\Drivers\farflt.sys
2019-08-12 06:42 - 2019-08-12 06:42 - 000086768 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys
2019-08-12 06:38 - 2019-08-12 06:38 - 000241760 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys
2019-08-08 10:20 - 2019-08-08 10:20 - 000004106 _____ C:\Users\gladys\cc_20190808_102028.reg
2019-08-08 10:20 - 2019-08-08 10:20 - 000004106 _____ C:\Users\gladys\cc_20190808_102007.reg
2019-08-08 10:19 - 2019-08-08 10:19 - 000004676 _____ C:\Users\gladys\cc_20190808_101859.reg
2019-08-08 10:19 - 2019-08-08 10:19 - 000004496 _____ C:\Users\gladys\cc_20190808_101924.reg
2019-08-08 10:19 - 2019-08-08 10:19 - 000004106 _____ C:\Users\gladys\cc_20190808_101946.reg
2019-08-08 10:18 - 2019-08-08 10:18 - 000300058 _____ C:\Users\gladys\cc_20190808_101757.reg
2019-08-08 10:10 - 2019-08-08 10:13 - 000000000 ____D C:\Users\gladys\AppData\LocalLow\uTorrent
2019-08-08 09:47 - 2019-08-08 09:47 - 000000265 _____ C:\DelFix.txt
2019-08-08 09:47 - 2019-08-08 09:47 - 000000000 ____D C:\windows\ERUNT
2019-08-08 09:46 - 2019-08-08 09:46 - 000797760 _____ C:\Users\gladys\Desktop\delfix.exe
2019-08-08 09:35 - 2019-08-12 11:39 - 000000000 ____D C:\Users\gladys\Desktop\FRST-OlderVersion
2019-08-04 19:59 - 2019-08-04 19:59 - 000000679 _____ C:\Users\gladys\Gladys - Acceso directo (2).lnk
2019-08-04 19:56 - 2019-08-12 11:58 - 000000000 ____D C:\FRST
2019-08-04 19:28 - 2019-08-04 19:29 - 000000000 ____D C:\KVRT_Data
2019-08-04 16:27 - 2019-08-04 16:27 - 000001083 _____ C:\Users\gladys\Desktop\ESET Online Scanner.lnk
2019-08-04 16:26 - 2019-08-04 16:26 - 000000000 ____D C:\Users\gladys\AppData\Local\ESET
2019-07-29 18:35 - 2019-07-29 18:54 - 000000000 ____D C:\Users\gladys\AppData\Roaming\ZHP
2019-07-29 18:35 - 2019-07-29 18:35 - 000000834 _____ C:\Users\gladys\Desktop\ZHPCleaner.lnk
2019-07-29 18:35 - 2019-07-29 18:35 - 000000000 ____D C:\Users\gladys\AppData\Local\ZHP
2019-07-29 18:14 - 2019-07-29 18:18 - 000000000 ____D C:\AdwCleaner
2019-07-29 16:48 - 2019-08-01 10:13 - 000173512 _____ (Malwarebytes) C:\windows\system32\Drivers\MbamChameleon.sys
2019-07-29 16:48 - 2019-07-29 16:48 - 000000000 ____D C:\Users\gladys\AppData\Local\mbamtray
2019-07-29 16:48 - 2019-07-29 16:48 - 000000000 ____D C:\Users\gladys\AppData\Local\mbam
2019-07-29 16:47 - 2019-07-29 16:47 - 000001980 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-07-29 16:47 - 2019-07-29 16:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-29 16:47 - 2019-07-29 16:47 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-07-29 16:47 - 2019-07-29 16:47 - 000000000 ____D C:\Program Files\Malwarebytes
2019-07-29 16:47 - 2019-01-08 16:32 - 000128552 _____ (Malwarebytes) C:\windows\system32\Drivers\mbae.sys
2019-07-29 16:41 - 2019-07-29 16:41 - 003072896 _____ (Nicolas Coolman) C:\Users\gladys\Desktop\ZHPCleaner.exe
2019-07-29 16:39 - 2019-07-29 16:40 - 007623880 _____ (Malwarebytes) C:\Users\gladys\Desktop\adwcleaner_7.4.exe
2019-07-29 16:38 - 2019-07-29 16:38 - 000020769 _____ C:\Users\gladys\Desktop\descarga.htm
2019-07-29 16:35 - 2019-07-29 16:35 - 064756040 _____ (Malwarebytes ) C:\Users\gladys\Desktop\mb3-setup-consumer-3.8.3.2965-1.0.613-1.0.11752.exe
2019-07-16 17:05 - 2019-07-23 10:33 - 000000000 ____D C:\Users\gladys\DOCENCIA

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-12 11:46 - 2013-03-26 10:29 - 001577984 ___SH C:\Users\gladys\Thumbs.db
2019-08-12 11:02 - 2009-07-14 01:34 - 000023552 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-08-12 11:02 - 2009-07-14 01:34 - 000023552 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-08-12 10:56 - 2011-01-14 20:26 - 000000476 ____H C:\windows\Tasks\Norton Security Scan for gladys.job
2019-08-12 06:38 - 2009-07-14 01:53 - 000000006 ____H C:\windows\Tasks\SA.DAT
2019-08-10 19:41 - 2019-03-07 19:51 - 000000000 ____D C:\Users\gladys\CASA VIVA
2019-08-08 10:22 - 2009-07-13 23:37 - 000000000 ____D C:\windows\inf
2019-08-08 10:20 - 2010-10-01 08:59 - 000000000 ____D C:\Users\gladys
2019-08-08 10:15 - 2016-01-16 12:45 - 000000000 ____D C:\Users\gladys\AppData\Roaming\uTorrent
2019-08-08 10:13 - 2019-03-29 10:53 - 000000000 ____D C:\Users\gladys\AppData\Local\BitTorrentHelper
2019-08-08 09:57 - 2011-01-31 23:53 - 000000000 ____D C:\Users\Zoe\AppData\LocalLow\Temp
2019-08-08 09:57 - 2010-11-08 09:07 - 000000000 ____D C:\Users\gladys\AppData\LocalLow\Temp
2019-08-08 09:52 - 2013-09-19 15:24 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-08-08 09:52 - 2013-06-06 13:31 - 000000000 ____D C:\windows\pss
2019-08-08 09:23 - 2018-03-21 08:30 - 000000000 ____D C:\Users\gladys\AppData\Local\AVAST Software
2019-08-07 15:33 - 2018-10-02 12:09 - 000000000 ____D C:\Users\gladys\A A INDESIGN CS4
2019-08-04 18:13 - 2012-12-09 18:54 - 000000000 ____D C:\Users\gladys\QUARK
2019-08-04 18:04 - 2012-12-27 20:32 - 000000000 ____D C:\Users\gladys\Desktop\TODO
2019-08-02 10:07 - 2018-11-06 13:19 - 000000000 ____D C:\Users\gladys\ZOE PSICO UBA
2019-07-29 22:57 - 2016-05-12 18:46 - 000000000 ____D C:\Users\gladys\Desktop\TRABAJOS ZOE
2019-07-29 18:19 - 2010-04-07 05:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2019-07-29 18:19 - 2010-04-07 05:59 - 000000000 ____D C:\Program Files\Samsung
2019-07-29 18:08 - 2010-10-01 09:19 - 000001397 _____ C:\Users\gladys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2019-07-29 18:07 - 2013-08-24 11:31 - 000002134 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-29 16:33 - 2013-10-11 14:33 - 000000925 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-07-28 15:36 - 2010-04-07 22:39 - 000747986 _____ C:\windows\system32\perfh00A.dat
2019-07-28 15:36 - 2010-04-07 22:39 - 000159426 _____ C:\windows\system32\perfc00A.dat
2019-07-28 15:36 - 2009-07-26 17:06 - 001678290 _____ C:\windows\system32\PerfStringBackup.INI
2019-07-28 15:31 - 2016-12-18 18:33 - 000000000 ____D C:\Users\gladys\A ARTES ESCRITURA
2019-07-28 14:18 - 2019-02-18 19:18 - 000000000 ____D C:\Users\gladys\CUENTOS GLA 2019
2019-07-27 09:58 - 2016-07-07 21:11 - 000000000 ____D C:\Users\gladys\GLADYS CV
2019-07-24 15:46 - 2018-03-21 08:38 - 000002333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-07-20 10:05 - 2019-05-09 15:08 - 000000000 ____D C:\Users\gladys\SIBILA
2019-07-16 10:54 - 2010-10-01 09:46 - 000000000 ____D C:\Users\gladys\AppData\Roaming\Google

==================== Files in the root of some directories ================

2014-08-02 12:29 - 2014-08-02 12:29 - 000021288 _____ () C:\Users\gladys\cc_20140802_122925.reg
2019-08-08 10:18 - 2019-08-08 10:18 - 000300058 _____ () C:\Users\gladys\cc_20190808_101757.reg
2019-08-08 10:19 - 2019-08-08 10:19 - 000004676 _____ () C:\Users\gladys\cc_20190808_101859.reg
2019-08-08 10:19 - 2019-08-08 10:19 - 000004496 _____ () C:\Users\gladys\cc_20190808_101924.reg
2019-08-08 10:19 - 2019-08-08 10:19 - 000004106 _____ () C:\Users\gladys\cc_20190808_101946.reg
2019-08-08 10:20 - 2019-08-08 10:20 - 000004106 _____ () C:\Users\gladys\cc_20190808_102007.reg
2019-08-08 10:20 - 2019-08-08 10:20 - 000004106 _____ () C:\Users\gladys\cc_20190808_102028.reg
2011-08-18 23:39 - 2015-11-15 16:35 - 000018432 _____ () C:\Users\gladys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-08-12 10:45 - 2019-08-12 10:45 - 000000017 _____ () C:\Users\gladys\AppData\Local\resmon.resmoncfg
2011-06-17 19:53 - 2011-06-17 19:53 - 000000000 _____ () C:\Users\gladys\AppData\Local\{EF33A113-69D3-42B7-B9DE-C022A33665B9}

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-08-03 11:04
==================== End of FRST.txt ============================