Hola, ¿cuando me decís que vuelva a ejecutar FRST como la primera vez te referís a que lo haga desde Running from C:\Users\gladys\A PSICOLOGIA UBA\Downloads o desde el que pegué en mi escritorio? Saludos.
Hola:
Lo ejecutas como la primera vez pero desde el escritorio, el fixlist no.
Salu2
Muchísimas gracias!!! Saludos
Hola @gich
Tuve que eliminar los reportes de FRST porque estaban mal pegados y no los puedo levantar, tu al seleccionarlo todo presionaste en el símbolo de las comillas " y tenias que presionar en el símbolo </>
Para que te sea mas fácil, prueba adjuntándolos al tema con el >>> Método 4
Salu2
Hola, esta vez me parece que lo hice bien. Saludos.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-08-2019
Ran by gladys (administrator) on GLADYS-NOTE (SAMSUNG ELECTRONICS CO., LTD. R430/R480/R440) (12-08-2019 11:58:17)
Running from C:\Users\gladys\Desktop
Loaded Profiles: gladys (Available Profiles: gladys & Zoe)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Windows\System32\Rezip.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Nokia -> Nokia) C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
(Nokia -> Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Nokia -> Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Nokia -> Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Samsung Electronics CO., LTD. -> SEC) [File not signed] C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1713448 2010-02-26] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [225672 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [1058512 2018-12-17] (DivX, LLC. -> DivX, LLC)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink -> CyberLink Corp.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2264253706-1617791975-327108488-1000\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-04-19] (Nokia -> Nokia)
HKU\S-1-5-21-2264253706-1617791975-327108488-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Ribbons.scr [220672 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files\AVAST Software\Browser\Application\75.1.1528.100\Installer\chrmstp.exe [2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-15] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2009-10-02] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-10-01]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1B95E805-2F0E-4031-A193-EC2D96D9530C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {1BA571F0-A298-4C36-BBA7-C4CE654091D1} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [717312 2009-11-11] (Samsung Electronics Co., Ltd.) [File not signed]
Task: {24005E89-5FFA-43B1-80C1-1BA960EE3645} - System32\Tasks\BatteryLifeExtender => C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [567976 2009-11-18] (Samsung Electronics CO., LTD. -> Samsung Electronics. Co. Ltd.) [File not signed]
Task: {2EA9D221-7386-401B-8855-41082C90AC85} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {35CD941B-16CE-4017-B20C-81C93D818F71} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {43758E3B-7B6B-4220-950F-58D37F289D24} - System32\Tasks\avastBCLRestart_chrome.exe => C:\Program Files\Google\Chrome\Application\chrome.exe
Task: {451E48EF-CF2F-4E6B-BE5D-CDF7E9AC5269} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {48D9D809-A1EA-4B71-BCB0-5D982B669718} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {4D32950C-FE5D-4E84-A786-667D07CB6BBB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {4F66E656-A488-44F1-B703-8C10BEEC8E82} - System32\Tasks\{C067BBDF-4430-4666-96A3-CF6BBC726F8F} => C:\Users\gladys\Desktop\Ares\Ares.exe
Task: {60307985-7FAC-4862-A036-E6FEE21079D7} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {61AE4FE1-9640-4AB7-A5BB-7878C6B48CDA} - System32\Tasks\advSRS4 => C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2201192 2010-01-18] (Samsung Electronics CO., LTD. -> SEC) [File not signed]
Task: {63BA5781-FA0E-4F5D-ABFD-2A675CA2FE60} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {692BF630-43A5-48C4-A181-9135DF858F7D} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-21] (AVAST Software s.r.o. -> AVAST Software)
Task: {698F5641-9015-4CE1-8262-D0675DEB50C9} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-09] (Adobe Inc. -> Adobe)
Task: {7F423A2D-F186-4AD2-BB18-2D5B0C431A4D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\windows\system32\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-09] (Adobe Inc. -> Adobe)
Task: {95F7BDBC-90B8-4688-A6F5-102B9F5F68CA} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\system32\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-09] (Adobe Inc. -> Adobe)
Task: {9F06A1FB-8434-45C0-B096-3164CA8C956D} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-21] (AVAST Software s.r.o. -> AVAST Software)
Task: {A42614E7-990C-4BF3-9193-30DAA6776024} - System32\Tasks\Norton Security Scan for gladys => C:\Program Files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [606072 2011-01-14] (Symantec Corporation -> Symantec Corporation)
Task: {A5EFDAA4-A6EE-4169-8FC0-747FBDB466A6} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2385800 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
Task: {CAAA295F-EC4E-4A85-9156-A2BFE5363FB7} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [342016 2009-10-16] (SAMSUNG Electronics co., LTD.) [File not signed]
Task: {D6AA30D1-5F9A-4B72-BDAB-A04E57616214} - System32\Tasks\avastBCLRestartS-1-5-21-2264253706-1617791975-327108488-1000 => C:\Program Files\Google\Chrome\Application\chrome.exe
Task: {F3868549-8828-466C-961E-D9111FF542FB} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [1695112 2019-08-08] (AVAST Software s.r.o. -> AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Norton Security Scan for gladys.job => C:\Program Files\Norton Security Scan\Engine\2.7.3.34\Nss.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{50DD5EFD-FA60-494D-8B8D-BC759745A428}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{774C0D3B-376D-4EA8-B8CA-09469323D9A3}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-08-01] (Oracle America, Inc. -> Oracle Corporation)
BHO: Aplicación auxiliar de inicio de sesión de Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-08-01] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKU\S-1-5-21-2264253706-1617791975-327108488-1000 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\gladys\AppData\Roaming\Mozilla\Firefox\Profiles\c20ofsb0.default [2019-08-08]
FF Homepage: Mozilla\Firefox\Profiles\c20ofsb0.default -> hxxps://www.google.com/?bcutc=sp-006
FF NewTab: Mozilla\Firefox\Profiles\c20ofsb0.default -> about:newtab
FF Extension: (Firefox Synchronisation Extension) - C:\Users\gladys\AppData\Roaming\Mozilla\Firefox\Profiles\c20ofsb0.default\Extensions\[email protected] [2013-12-12] [Legacy] [not signed]
FF SearchPlugin: C:\Users\gladys\AppData\Roaming\Mozilla\Firefox\Profiles\c20ofsb0.default\searchplugins\avast-search.xml [2016-11-06]
FF SearchPlugin: C:\Users\gladys\AppData\Roaming\Mozilla\Firefox\Profiles\c20ofsb0.default\searchplugins\google-avast.xml [2018-12-18]
FF SearchPlugin: C:\Users\gladys\AppData\Roaming\Mozilla\Firefox\Profiles\c20ofsb0.default\searchplugins\yahoo-avast.xml [2016-03-15]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Ginger\Mozilla\[email protected]
FF Extension: (Ginger - Grammar and Spell Checker) - C:\Program Files\Ginger\Mozilla\[email protected] [2014-03-17] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-09] (Adobe Inc. -> )
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [No File]
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google Inc -> Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Users\gladys\Picasa3\npPicasa3.dll [2014-01-06] (Google Inc -> Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\windows\system32\npDeployJava1.dll [2013-08-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-08-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corporation -> Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-04-19] (Nokia -> )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=1.1.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-01-25] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-2264253706-1617791975-327108488-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\gladys\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2012-10-12] (Skype Technologies SA -> Skype Limited)
FF Plugin HKU\S-1-5-21-2264253706-1617791975-327108488-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\gladys\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-01-10] (Unity Technologies ApS -> Unity Technologies ApS)
StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/?trackid=sp-006
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006"
CHR DefaultSearchURL: Default -> hxxps://www.google.com/search?q={searchTerms}&trackid=sp-006
CHR DefaultSearchKeyword: Default -> google.com.ar
CHR DefaultSuggestURL: Default -> hxxps://www.google.com/complete/search?client=chrome&q={searchTerms}
CHR Profile: C:\Users\gladys\AppData\Local\Google\Chrome\User Data\Default [2019-08-12]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\gladys\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\gladys\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-21]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe [819976 2011-08-18] (ABBYY SOLUTIONS LIMITED -> ABBYY)
S3 Adobe Version Cue CS4; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5398416 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-21] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [317280 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-21] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files\AVAST Software\Browser\Application\75.1.1528.100\elevation_service.exe [978720 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5394136 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 Rezip; C:\windows\SYSTEM32\Rezip.exe [311296 2009-03-05] () [File not signed]
S3 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] (CyberLink -> )
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [34720 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [172424 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [220128 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [158240 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\windows\System32\drivers\aswblog.sys [255360 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [51264 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\windows\System32\drivers\aswHdsKe.sys [194680 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [40904 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [138480 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [101200 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [73008 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [783232 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [403408 2019-04-12] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\windows\System32\drivers\aswStm.sys [165464 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [312464 2019-04-17] (AVAST Software s.r.o. -> AVAST Software)
R3 athr; C:\windows\System32\DRIVERS\athr.sys [1245696 2009-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 btusbflt; C:\windows\System32\drivers\btusbflt.sys [43944 2009-07-01] (Broadcom Corporation -> Broadcom Corporation.)
R3 btwaudio; C:\windows\System32\drivers\btwaudio.sys [86056 2009-10-02] (Broadcom Corporation -> Broadcom Corporation.)
R3 btwavdt; C:\windows\System32\drivers\btwavdt.sys [108072 2009-08-29] (Broadcom Corporation -> Broadcom Corporation.)
R3 btwl2cap; C:\windows\System32\DRIVERS\btwl2cap.sys [29472 2009-04-07] (Broadcom Corporation -> Broadcom Corporation.)
R3 btwrchid; C:\windows\System32\DRIVERS\btwrchid.sys [18472 2009-08-29] (Broadcom Corporation -> Broadcom Corporation.)
R1 ESProtectionDriver; C:\windows\system32\drivers\mbae.sys [128552 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\windows\System32\Drivers\MbamChameleon.sys [173512 2019-08-01] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\windows\System32\DRIVERS\farflt.sys [190624 2019-08-12] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\windows\system32\DRIVERS\mbam.sys [64296 2019-08-12] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [241760 2019-08-12] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\windows\System32\DRIVERS\mwac.sys [86768 2019-08-12] (Malwarebytes Corporation -> Malwarebytes)
S3 nmwcd; C:\windows\System32\drivers\ccdcmb.sys [18560 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\windows\System32\drivers\ccdcmbo.sys [23168 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 pccsmcfd; C:\windows\System32\DRIVERS\pccsmcfd.sys [19072 2012-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 RTL8167; C:\windows\System32\DRIVERS\Rt86win7.sys [139776 2009-07-13] (Microsoft Windows -> Realtek Corporation )
R1 SABI; C:\windows\system32\Drivers\SABI.sys [10752 2009-05-28] (Microsoft Windows Hardware Compatibility Publisher -> SAMSUNG ELECTRONICS)
S3 upperdev; C:\windows\System32\DRIVERS\usbser_lowerflt.sys [8192 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 UsbserFilt; C:\windows\System32\DRIVERS\usbser_lowerfltj.sys [8192 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R3 yukonw7; C:\windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] (Microsoft Windows Hardware Compatibility Publisher -> )
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-08-12 11:58 - 2019-08-12 11:59 - 000027902 _____ C:\Users\gladys\Desktop\FRST.txt
2019-08-12 10:45 - 2019-08-12 10:45 - 000000017 _____ C:\Users\gladys\AppData\Local\resmon.resmoncfg
2019-08-12 10:39 - 2019-08-12 10:39 - 001448960 _____ (Farbar) C:\Users\gladys\Desktop\FRST (1).exe
2019-08-12 06:43 - 2019-08-12 06:43 - 000064296 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2019-08-12 06:42 - 2019-08-12 06:42 - 000190624 _____ (Malwarebytes) C:\windows\system32\Drivers\farflt.sys
2019-08-12 06:42 - 2019-08-12 06:42 - 000086768 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys
2019-08-12 06:38 - 2019-08-12 06:38 - 000241760 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys
2019-08-08 10:20 - 2019-08-08 10:20 - 000004106 _____ C:\Users\gladys\cc_20190808_102028.reg
2019-08-08 10:20 - 2019-08-08 10:20 - 000004106 _____ C:\Users\gladys\cc_20190808_102007.reg
2019-08-08 10:19 - 2019-08-08 10:19 - 000004676 _____ C:\Users\gladys\cc_20190808_101859.reg
2019-08-08 10:19 - 2019-08-08 10:19 - 000004496 _____ C:\Users\gladys\cc_20190808_101924.reg
2019-08-08 10:19 - 2019-08-08 10:19 - 000004106 _____ C:\Users\gladys\cc_20190808_101946.reg
2019-08-08 10:18 - 2019-08-08 10:18 - 000300058 _____ C:\Users\gladys\cc_20190808_101757.reg
2019-08-08 10:10 - 2019-08-08 10:13 - 000000000 ____D C:\Users\gladys\AppData\LocalLow\uTorrent
2019-08-08 09:47 - 2019-08-08 09:47 - 000000265 _____ C:\DelFix.txt
2019-08-08 09:47 - 2019-08-08 09:47 - 000000000 ____D C:\windows\ERUNT
2019-08-08 09:46 - 2019-08-08 09:46 - 000797760 _____ C:\Users\gladys\Desktop\delfix.exe
2019-08-08 09:35 - 2019-08-12 11:39 - 000000000 ____D C:\Users\gladys\Desktop\FRST-OlderVersion
2019-08-04 19:59 - 2019-08-04 19:59 - 000000679 _____ C:\Users\gladys\Gladys - Acceso directo (2).lnk
2019-08-04 19:56 - 2019-08-12 11:58 - 000000000 ____D C:\FRST
2019-08-04 19:28 - 2019-08-04 19:29 - 000000000 ____D C:\KVRT_Data
2019-08-04 16:27 - 2019-08-04 16:27 - 000001083 _____ C:\Users\gladys\Desktop\ESET Online Scanner.lnk
2019-08-04 16:26 - 2019-08-04 16:26 - 000000000 ____D C:\Users\gladys\AppData\Local\ESET
2019-07-29 18:35 - 2019-07-29 18:54 - 000000000 ____D C:\Users\gladys\AppData\Roaming\ZHP
2019-07-29 18:35 - 2019-07-29 18:35 - 000000834 _____ C:\Users\gladys\Desktop\ZHPCleaner.lnk
2019-07-29 18:35 - 2019-07-29 18:35 - 000000000 ____D C:\Users\gladys\AppData\Local\ZHP
2019-07-29 18:14 - 2019-07-29 18:18 - 000000000 ____D C:\AdwCleaner
2019-07-29 16:48 - 2019-08-01 10:13 - 000173512 _____ (Malwarebytes) C:\windows\system32\Drivers\MbamChameleon.sys
2019-07-29 16:48 - 2019-07-29 16:48 - 000000000 ____D C:\Users\gladys\AppData\Local\mbamtray
2019-07-29 16:48 - 2019-07-29 16:48 - 000000000 ____D C:\Users\gladys\AppData\Local\mbam
2019-07-29 16:47 - 2019-07-29 16:47 - 000001980 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-07-29 16:47 - 2019-07-29 16:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-29 16:47 - 2019-07-29 16:47 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-07-29 16:47 - 2019-07-29 16:47 - 000000000 ____D C:\Program Files\Malwarebytes
2019-07-29 16:47 - 2019-01-08 16:32 - 000128552 _____ (Malwarebytes) C:\windows\system32\Drivers\mbae.sys
2019-07-29 16:41 - 2019-07-29 16:41 - 003072896 _____ (Nicolas Coolman) C:\Users\gladys\Desktop\ZHPCleaner.exe
2019-07-29 16:39 - 2019-07-29 16:40 - 007623880 _____ (Malwarebytes) C:\Users\gladys\Desktop\adwcleaner_7.4.exe
2019-07-29 16:38 - 2019-07-29 16:38 - 000020769 _____ C:\Users\gladys\Desktop\descarga.htm
2019-07-29 16:35 - 2019-07-29 16:35 - 064756040 _____ (Malwarebytes ) C:\Users\gladys\Desktop\mb3-setup-consumer-3.8.3.2965-1.0.613-1.0.11752.exe
2019-07-16 17:05 - 2019-07-23 10:33 - 000000000 ____D C:\Users\gladys\DOCENCIA
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-08-12 11:46 - 2013-03-26 10:29 - 001577984 ___SH C:\Users\gladys\Thumbs.db
2019-08-12 11:02 - 2009-07-14 01:34 - 000023552 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-08-12 11:02 - 2009-07-14 01:34 - 000023552 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-08-12 10:56 - 2011-01-14 20:26 - 000000476 ____H C:\windows\Tasks\Norton Security Scan for gladys.job
2019-08-12 06:38 - 2009-07-14 01:53 - 000000006 ____H C:\windows\Tasks\SA.DAT
2019-08-10 19:41 - 2019-03-07 19:51 - 000000000 ____D C:\Users\gladys\CASA VIVA
2019-08-08 10:22 - 2009-07-13 23:37 - 000000000 ____D C:\windows\inf
2019-08-08 10:20 - 2010-10-01 08:59 - 000000000 ____D C:\Users\gladys
2019-08-08 10:15 - 2016-01-16 12:45 - 000000000 ____D C:\Users\gladys\AppData\Roaming\uTorrent
2019-08-08 10:13 - 2019-03-29 10:53 - 000000000 ____D C:\Users\gladys\AppData\Local\BitTorrentHelper
2019-08-08 09:57 - 2011-01-31 23:53 - 000000000 ____D C:\Users\Zoe\AppData\LocalLow\Temp
2019-08-08 09:57 - 2010-11-08 09:07 - 000000000 ____D C:\Users\gladys\AppData\LocalLow\Temp
2019-08-08 09:52 - 2013-09-19 15:24 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-08-08 09:52 - 2013-06-06 13:31 - 000000000 ____D C:\windows\pss
2019-08-08 09:23 - 2018-03-21 08:30 - 000000000 ____D C:\Users\gladys\AppData\Local\AVAST Software
2019-08-07 15:33 - 2018-10-02 12:09 - 000000000 ____D C:\Users\gladys\A A INDESIGN CS4
2019-08-04 18:13 - 2012-12-09 18:54 - 000000000 ____D C:\Users\gladys\QUARK
2019-08-04 18:04 - 2012-12-27 20:32 - 000000000 ____D C:\Users\gladys\Desktop\TODO
2019-08-02 10:07 - 2018-11-06 13:19 - 000000000 ____D C:\Users\gladys\ZOE PSICO UBA
2019-07-29 22:57 - 2016-05-12 18:46 - 000000000 ____D C:\Users\gladys\Desktop\TRABAJOS ZOE
2019-07-29 18:19 - 2010-04-07 05:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2019-07-29 18:19 - 2010-04-07 05:59 - 000000000 ____D C:\Program Files\Samsung
2019-07-29 18:08 - 2010-10-01 09:19 - 000001397 _____ C:\Users\gladys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2019-07-29 18:07 - 2013-08-24 11:31 - 000002134 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-29 16:33 - 2013-10-11 14:33 - 000000925 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-07-28 15:36 - 2010-04-07 22:39 - 000747986 _____ C:\windows\system32\perfh00A.dat
2019-07-28 15:36 - 2010-04-07 22:39 - 000159426 _____ C:\windows\system32\perfc00A.dat
2019-07-28 15:36 - 2009-07-26 17:06 - 001678290 _____ C:\windows\system32\PerfStringBackup.INI
2019-07-28 15:31 - 2016-12-18 18:33 - 000000000 ____D C:\Users\gladys\A ARTES ESCRITURA
2019-07-28 14:18 - 2019-02-18 19:18 - 000000000 ____D C:\Users\gladys\CUENTOS GLA 2019
2019-07-27 09:58 - 2016-07-07 21:11 - 000000000 ____D C:\Users\gladys\GLADYS CV
2019-07-24 15:46 - 2018-03-21 08:38 - 000002333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-07-20 10:05 - 2019-05-09 15:08 - 000000000 ____D C:\Users\gladys\SIBILA
2019-07-16 10:54 - 2010-10-01 09:46 - 000000000 ____D C:\Users\gladys\AppData\Roaming\Google
==================== Files in the root of some directories ================
2014-08-02 12:29 - 2014-08-02 12:29 - 000021288 _____ () C:\Users\gladys\cc_20140802_122925.reg
2019-08-08 10:18 - 2019-08-08 10:18 - 000300058 _____ () C:\Users\gladys\cc_20190808_101757.reg
2019-08-08 10:19 - 2019-08-08 10:19 - 000004676 _____ () C:\Users\gladys\cc_20190808_101859.reg
2019-08-08 10:19 - 2019-08-08 10:19 - 000004496 _____ () C:\Users\gladys\cc_20190808_101924.reg
2019-08-08 10:19 - 2019-08-08 10:19 - 000004106 _____ () C:\Users\gladys\cc_20190808_101946.reg
2019-08-08 10:20 - 2019-08-08 10:20 - 000004106 _____ () C:\Users\gladys\cc_20190808_102007.reg
2019-08-08 10:20 - 2019-08-08 10:20 - 000004106 _____ () C:\Users\gladys\cc_20190808_102028.reg
2011-08-18 23:39 - 2015-11-15 16:35 - 000018432 _____ () C:\Users\gladys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-08-12 10:45 - 2019-08-12 10:45 - 000000017 _____ () C:\Users\gladys\AppData\Local\resmon.resmoncfg
2011-06-17 19:53 - 2011-06-17 19:53 - 000000000 _____ () C:\Users\gladys\AppData\Local\{EF33A113-69D3-42B7-B9DE-C022A33665B9}
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-08-03 11:04
==================== End of FRST.txt ============================Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10-08-2019
Ran by gladys (12-08-2019 11:59:56)
Running from C:\Users\gladys\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2010-10-01 11:59:02)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-2264253706-1617791975-327108488-500 - Administrator - Disabled)
gladys (S-1-5-21-2264253706-1617791975-327108488-1000 - Administrator - Enabled) => C:\Users\gladys
HomeGroupUser$ (S-1-5-21-2264253706-1617791975-327108488-1002 - Limited - Enabled)
Invitado (S-1-5-21-2264253706-1617791975-327108488-501 - Limited - Disabled)
Zoe (S-1-5-21-2264253706-1617791975-327108488-1003 - Limited - Enabled) => C:\Users\Zoe
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3GP to MP3 Converter (HKLM\...\3GP to MP3 Converter_is1) (Version: - Shiver)
ABBYY FineReader 11 (HKLM\...\{F1100000-0008-0000-0001-074957833700}) (Version: 11.0.289 - ABBYY)
Acrobat.com (HKLM\...\{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}) (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.2.443 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Adobe Creative Suite 4 Master Collection (HKLM\...\Adobe_b2d6abde968e6f277ddbfd501383e02) (Version: 4.0 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.223 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Any Media Converter (HKLM\...\Any Media Converter) (Version: 1.14 - Any Media Converter)
Atheros Client Installation Program (HKLM\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.2.1119 - Atheros)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.4.2374 - AVAST Software)
Avast Secure Browser (HKLM\...\Avast Secure Browser) (Version: 75.1.1528.100 - Los creadores de Avast Secure Browser)
Ayudante para el inicio de sesión de Windows Live ID (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
BatteryLifeExtender (HKLM\...\{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}) (Version: 1.0.1 - Samsung)
calibre (HKLM\...\{36E0CAAD-D410-4CA8-9AC0-BBE2691B4A19}) (Version: 0.8.56 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform)
Connect (HKLM\...\{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
CyberLink DVD Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2806 - CyberLink Corp.)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1916 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3108a - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3213 - CyberLink Corp.)
CyberLink PowerDVD 8 (HKLM\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.2815b - CyberLink Corp.)
CyberLink PowerProducer (HKLM\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.1.1812 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3625 - CyberLink Corp.)
DivX Setup (HKLM\...\DivX Setup) (Version: 10.8.7.0 - DivX, LLC)
DivX Setup (HKLM\...\DivX Setup.divx.com) (Version: 2.2.1.2 - DivX, LLC)
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.0 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM\...\{34B76DCB-BF7C-440F-B058-C84172C1E338}) (Version: 4.2.8 - Samsung)
Easy SpeedUp Manager (HKLM\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.6 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM\...\{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}) (Version: 4.0.0.3 - Samsung)
Facebook Video Calling 1.2.0.287 (HKLM\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
Farm Frenzy 2 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version: - Oberon Media)
FileZilla Client 3.9.0.5 (HKLM\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
Galería fotográfica de Windows Live (HKLM\...\{25F6A201-C40C-4669-936D-473877CFEB4C}) (Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Earth Plug-in (HKLM\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Herramienta de carga de Windows Live (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2025 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{CCAFF072-4DDB-4846-963D-15F02A8E9472}) (Version: 13.00.0000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.01.00.1005 - Intel Corporation)
Java 7 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java(TM) 6 Update 26 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216026FF}) (Version: 6.0.260 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (HKLM\...\{E2DFE069-083E-4631-9B6C-43C48E991DE5}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
kuler (HKLM\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Marvell Miniport Driver (HKLM\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell)
Mi Simulador de Ambientes (HKLM\...\{C6E4B77B-5214-4D6F-ABDA-C42C49B11367}) (Version: 1.00.4038 - AkzoNobel)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM\...\{90120000-0016-0C0A-0000-0000000FF1CE}_PROPLUS_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version: - Microsoft)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM\...\{90120000-001A-0C0A-0000-0000000FF1CE}_PROPLUS_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version: - Microsoft)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM\...\{90120000-0018-0C0A-0000-0000000FF1CE}_PROPLUS_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version: - Microsoft)
Microsoft Office PowerPoint Viewer 2007 (Spanish) (HKLM\...\{95120000-00AF-0C0A-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM\...\{90120000-001B-0C0A-0000-0000000FF1CE}_PROPLUS_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version: - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Works (HKLM\...\{38BB21D5-B0D1-41DA-A0B0-1EFB5EF4AAC2}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 23.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 23.0.1 (x86 en-US)) (Version: 23.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.4.0 - Mozilla)
Mozilla Thunderbird 52.4.0 (x86 es-AR) (HKLM\...\Mozilla Thunderbird 52.4.0 (x86 es-AR)) (Version: 52.4.0 - Mozilla)
MSVC80_x86_v2 (HKLM\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NeoBook 5.8.4 (HKLM\...\{B111977A-E61A-4EA3-9F19-605E69C06D14}_is1) (Version: 5.8.4 - NeoSoft Corp.)
Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM\...\{0C808377-8C23-44ED-9016-05F42E6D4900}) (Version: 3.8.30.0 - Nokia) Hidden
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.8.30.0 - Nokia)
Norton Security Scan (HKLM\...\NSS) (Version: 2.7.3.34 - Symantec Corporation)
Notepad++ (HKLM\...\Notepad++) (Version: 6.3.3 - Notepad++ Team)
OGA Notifier 2.0.0048.0 (HKLM\...\{B2544A03-10D0-4E5E-BA69-0362FFC20D18}) (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OpenOffice.org 3.4 (HKLM\...\{5D3A23FA-06EF-4640-BC24-FFD687BF3D2E}) (Version: 3.4.9590 - OpenOffice.org)
Paquete de compatibilidad para 2007 Office system (HKLM\...\{90120000-0020-0C0A-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Paquete de controladores de Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Reader (HKU\S-1-5-21-2264253706-1617791975-327108488-1000\...\PDF Reader) (Version: - )
PDF Settings CS4 (HKLM\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (HKLM\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pixel Bender Toolkit (HKLM\...\{43509E18-076E-40FE-AF38-CA5ED400A5A9}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Quark Update (HKLM\...\{82154114-943B-4A6F-9B20-073C9573E93E}) (Version: 1.0.0.2 - Nombre de su organización)
QuarkXPress (HKLM\...\{CE949716-2A5A-40F2-BA31-54CE71B37FE5}) (Version: 9.5.0.1 - Quark Software Inc.)
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6003 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM\...\{0F796312-289C-40CA-856C-9FBCF5E83342}) (Version: 0133.09.1202 - REALTEK Semiconductor Corp.)
Samsung Recovery Solution 4 (HKLM\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung Support Center (HKLM\...\{7ACAF01A-FBF4-41F2-A7C9-991CC5ED1CA9}) (Version: 1.0.8 - Samsung)
Skype™ 7.40 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Stellarium 0.11.4 (HKLM\...\Stellarium_is1) (Version: 0.11.4 - Stellarium team)
Suite Shared Configuration CS4 (HKLM\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.10.0 - Synaptics Incorporated)
Unity Web Player (HKU\S-1-5-21-2264253706-1617791975-327108488-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
User Guide (HKLM\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.800 - Broadcom Corporation)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407) (HKLM\...\755087041320E005CB1E8A67C5C55A260EB81B90) (Version: 09/11/2009 6.2.0.9407 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{953D4586-9A16-495E-BA1F-EE5AA66604DB}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.70 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\gladys\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook, Inc. -> Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\gladys\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS -> Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\gladys\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook, Inc. -> Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\gladys\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Technologies SA -> Skype Limited)
CustomCLSID: HKU\S-1-5-21-2264253706-1617791975-327108488-1000_Classes\CLSID\{FF5939C9-3A4F-1990-738A-B17D2B34033D}\InprocServer32 -> C:\windows\system32\ole32.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [ANotepad++] -> {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593} => C:\Program Files\Notepad++\NppShell_05.dll [2012-06-18] () [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DivXShellExtensionItem] -> {48A8A3B0-57E8-4F2B-A49D-19E02B92377B} => C:\Program Files\Common Files\DivX Shared\DivXShellExtension.dll [2018-10-08] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers1: [DivXShellExtensionItem64] -> {6B49A276-0DBA-43F4-BC96-A841AD11B40B} => C:\Program Files\Common Files\DivX Shared\DivXShellExtension.dll [2018-10-08] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers1: [FineReader11ContextMenu] -> {79E48320-C6B5-49F1-992B-571D53586885} => C:\Program Files\ABBYY FineReader 11\FRIntegration.dll [2011-08-19] (ABBYY SOLUTIONS LIMITED -> ABBYY.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [ZIPProcessor] -> {E5C972BD-3890-4427-ABEA-A2AD8D88E7A6} => -> No File
ContextMenuHandlers2: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> [CC]{C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2010-08-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [FineReader11ContextMenu] -> {79E48320-C6B5-49F1-992B-571D53586885} => C:\Program Files\ABBYY FineReader 11\FRIntegration.dll [2011-08-19] (ABBYY SOLUTIONS LIMITED -> ABBYY.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [ZIPProcessor] -> {E5C972BD-3890-4427-ABEA-A2AD8D88E7A6} => -> No File
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2014-09-06 13:44 - 2014-09-06 13:44 - 000035328 _____ () [File not signed] C:\Program Files\FileZilla FTP Client\fzshellext.dll
2014-05-24 13:41 - 2014-05-24 13:41 - 000091648 _____ () [File not signed] C:\Program Files\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 13:41 - 2014-05-24 13:41 - 000892416 _____ () [File not signed] C:\Program Files\FileZilla FTP Client\libstdc++-6.dll
2012-06-18 12:24 - 2012-06-18 12:24 - 000260096 _____ () [File not signed] C:\Program Files\Notepad++\NppShell_05.dll
2010-04-07 05:57 - 2009-03-05 06:54 - 000311296 _____ () [File not signed] C:\windows\SYSTEM32\Rezip.exe
2008-08-14 07:15 - 2008-08-14 07:15 - 000276992 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files\Common Files\Adobe\Adobe Drive CS4\BIB.dll
2008-09-04 03:02 - 2008-09-04 03:02 - 000131072 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files\Common Files\Adobe\Shell\CS4\idicon.dll
2010-04-07 05:53 - 2009-09-30 23:48 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2013-04-15 13:26 - 2013-04-15 13:26 - 000599552 _____ (Igor Pavlov) [File not signed] C:\Program Files\Nokia\Nokia Suite\7z.DLL
2010-04-07 05:53 - 2009-09-30 23:48 - 000077824 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\DTMessageLib.dll
2010-04-07 05:53 - 2009-09-30 23:45 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2011-06-15 22:05 - 2011-06-15 22:05 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2011-06-15 22:05 - 2011-06-15 22:05 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
2011-06-15 22:05 - 2011-06-15 22:05 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2014-05-24 13:41 - 2014-05-24 13:41 - 000047616 _____ (MingW-W64 Project. All rights reserved.) [File not signed] C:\Program Files\FileZilla FTP Client\libwinpthread-1.dll
2010-04-07 06:10 - 2010-01-18 23:34 - 002201192 _____ (Samsung Electronics CO., LTD. -> SEC) [File not signed] C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
2010-04-07 06:08 - 2009-11-11 01:21 - 000717312 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
2013-04-15 13:24 - 2013-04-15 13:24 - 001106944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Nokia\Nokia Suite\libeay32.DLL
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 23:04 - 2019-08-08 09:53 - 000000035 _____ C:\windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\Calibre2\;C:\Program Files\Skype\Phone\
HKU\S-1-5-21-2264253706-1617791975-327108488-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\gladys\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeBridge =>
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Adobe_ID0ENQBO => C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: CLMLServer => "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: Google+ Auto Backup => "C:\Users\gladys\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{4DCBA17F-84B9-41F3-B725-D9A900704F03}C:\users\gladys\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\gladys\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{4FDCC1BA-AC0F-48FA-8FA1-A4560BAC9F4A}C:\users\gladys\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\gladys\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{48D0BC35-1217-408E-9E46-A3A4B7630755}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{D6A0D89B-54F5-4428-8E6B-16E5B7011913}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{541A916D-B373-4412-AFB9-8E911338274A}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{506763DB-660B-4888-AB45-4D7B6AB24008}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
30-05-2019 20:37:03 Punto de control programado
11-06-2019 10:44:45 Punto de control programado
21-06-2019 16:28:34 Punto de control programado
30-06-2019 14:05:52 Punto de control programado
09-07-2019 13:39:50 Punto de control programado
16-07-2019 14:16:21 Punto de control programado
24-07-2019 19:32:11 Punto de control programado
29-07-2019 18:51:19 ZHPcleaner
08-08-2019 09:51:00 Restore Point Created by FRST
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de tunelización Teredo de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/12/2019 11:54:50 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.
Error: (08/12/2019 10:54:49 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.
Error: (08/12/2019 09:54:44 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.
Error: (08/12/2019 08:51:53 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.
Error: (08/12/2019 07:51:52 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.
Error: (08/12/2019 06:51:52 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.
Error: (08/12/2019 06:41:30 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.
Error: (08/11/2019 11:08:35 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.
System errors:
=============
Error: (08/12/2019 06:40:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media no pudo iniciarse debido al siguiente error:
El servicio no respondió a tiempo a la solicitud de inicio o de control.
Error: (08/12/2019 06:40:45 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Servicio de uso compartido de red del Reproductor de Windows Media.
Error: (08/11/2019 10:00:53 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Windows Update no respondió después de iniciar.
Error: (08/11/2019 09:55:37 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: El cierre anterior del sistema a las 11:54:41 p.m. del 10/08/2019 resultó inesperado.
Error: (08/10/2019 01:06:26 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: El servidor {995C996E-D918-4A8C-A302-45719A6F4EA7} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (08/08/2019 09:50:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.
Error: (08/08/2019 09:50:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Live ID Sign-in Assistant terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.
Error: (08/08/2019 09:50:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) Management & Security Application User Notification Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Windows Defender:
===================================
Date: 2017-05-22 14:08:03.012
Description:
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/OmigaPlus!blnk&threatid=221912
Nombre:BrowserModifier:Win32/OmigaPlus!blnk
Id.:221912
Gravedad:Alta
Categoría:Modificador de explorador
Ruta de acceso encontrada:containerfile:C:\Users\gladys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk;file:C:\Users\gladys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk->[CMDEmbedded]
Tipo de detección:Concreto
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\Servicio de red
Nombre de proceso:c:\program files\windows defender\MpCmdRun.exe
Date: 2017-05-22 14:08:03.010
Description:
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/OmigaPlus!blnk&threatid=221912
Nombre:BrowserModifier:Win32/OmigaPlus!blnk
Id.:221912
Gravedad:Alta
Categoría:Modificador de explorador
Ruta de acceso encontrada:containerfile:C:\Users\gladys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk;file:C:\Users\gladys\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk->[CMDEmbedded]
Tipo de detección:Concreto
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\Servicio de red
Nombre de proceso:c:\program files\windows defender\MpCmdRun.exe
Date: 2015-09-09 13:33:28.657
Description:
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{EBA13496-6311-4040-9D7A-F12A8CD24E77}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red
Date: 2014-03-29 13:53:24.921
Description:
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{EA6E7379-0792-422E-917B-869F3096FFB1}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red
CodeIntegrity:
===================================
Date: 2017-08-15 15:18:13.582
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2017-08-15 15:18:13.364
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2017-08-15 07:35:20.254
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2017-08-15 07:35:20.192
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2017-08-14 08:35:30.300
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2017-08-14 08:35:30.237
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2017-08-13 18:00:47.190
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2017-08-13 18:00:47.112
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
==================== Memory info ===========================
BIOS: Phoenix Technologies Ltd. 04UZ.M003.20100327.XW 03/27/2010
Motherboard: SAMSUNG ELECTRONICS CO., LTD. R430/R480/R440
Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 91%
Total physical RAM: 2932.55 MB
Available physical RAM: 247.19 MB
Total Virtual: 5863.41 MB
Available Virtual: 1799.61 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:141.49 GB) (Free:16.13 GB) NTFS
Drive d: () (Fixed) (Total:141.5 GB) (Free:123.71 GB) NTFS
\\?\Volume{438a7ad1-42a8-11df-862a-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS
\\?\Volume{438a7ad0-42a8-11df-862a-806e6f6e6963}\ (RECOVERY) (Fixed) (Total:15 GB) (Free:3.31 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 1096B93F)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=141.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=141.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================Por las dudas te mando el FRST otra vez
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-08-2019
Ran by gladys (administrator) on GLADYS-NOTE (SAMSUNG ELECTRONICS CO., LTD. R430/R480/R440) (12-08-2019 11:58:17)
Running from C:\Users\gladys\Desktop
Loaded Profiles: gladys (Available Profiles: gladys & Zoe)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Windows\System32\Rezip.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Nokia -> Nokia) C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
(Nokia -> Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Nokia -> Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Nokia -> Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Samsung Electronics CO., LTD. -> SEC) [File not signed] C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1713448 2010-02-26] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [225672 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [1058512 2018-12-17] (DivX, LLC. -> DivX, LLC)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink -> CyberLink Corp.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2264253706-1617791975-327108488-1000\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-04-19] (Nokia -> Nokia)
HKU\S-1-5-21-2264253706-1617791975-327108488-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Ribbons.scr [220672 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files\AVAST Software\Browser\Application\75.1.1528.100\Installer\chrmstp.exe [2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-15] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2009-10-02] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-10-01]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1B95E805-2F0E-4031-A193-EC2D96D9530C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {1BA571F0-A298-4C36-BBA7-C4CE654091D1} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [717312 2009-11-11] (Samsung Electronics Co., Ltd.) [File not signed]
Task: {24005E89-5FFA-43B1-80C1-1BA960EE3645} - System32\Tasks\BatteryLifeExtender => C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [567976 2009-11-18] (Samsung Electronics CO., LTD. -> Samsung Electronics. Co. Ltd.) [File not signed]
Task: {2EA9D221-7386-401B-8855-41082C90AC85} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {35CD941B-16CE-4017-B20C-81C93D818F71} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {43758E3B-7B6B-4220-950F-58D37F289D24} - System32\Tasks\avastBCLRestart_chrome.exe => C:\Program Files\Google\Chrome\Application\chrome.exe
Task: {451E48EF-CF2F-4E6B-BE5D-CDF7E9AC5269} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {48D9D809-A1EA-4B71-BCB0-5D982B669718} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {4D32950C-FE5D-4E84-A786-667D07CB6BBB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {4F66E656-A488-44F1-B703-8C10BEEC8E82} - System32\Tasks\{C067BBDF-4430-4666-96A3-CF6BBC726F8F} => C:\Users\gladys\Desktop\Ares\Ares.exe
Task: {60307985-7FAC-4862-A036-E6FEE21079D7} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {61AE4FE1-9640-4AB7-A5BB-7878C6B48CDA} - System32\Tasks\advSRS4 => C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2201192 2010-01-18] (Samsung Electronics CO., LTD. -> SEC) [File not signed]
Task: {63BA5781-FA0E-4F5D-ABFD-2A675CA2FE60} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {692BF630-43A5-48C4-A181-9135DF858F7D} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-21] (AVAST Software s.r.o. -> AVAST Software)
Task: {698F5641-9015-4CE1-8262-D0675DEB50C9} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-09] (Adobe Inc. -> Adobe)
Task: {7F423A2D-F186-4AD2-BB18-2D5B0C431A4D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\windows\system32\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-09] (Adobe Inc. -> Adobe)
Task: {95F7BDBC-90B8-4688-A6F5-102B9F5F68CA} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\system32\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-09] (Adobe Inc. -> Adobe)
Task: {9F06A1FB-8434-45C0-B096-3164CA8C956D} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-21] (AVAST Software s.r.o. -> AVAST Software)
Task: {A42614E7-990C-4BF3-9193-30DAA6776024} - System32\Tasks\Norton Security Scan for gladys => C:\Program Files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [606072 2011-01-14] (Symantec Corporation -> Symantec Corporation)
Task: {A5EFDAA4-A6EE-4169-8FC0-747FBDB466A6} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2385800 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
Task: {CAAA295F-EC4E-4A85-9156-A2BFE5363FB7} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [342016 2009-10-16] (SAMSUNG Electronics co., LTD.) [File not signed]
Task: {D6AA30D1-5F9A-4B72-BDAB-A04E57616214} - System32\Tasks\avastBCLRestartS-1-5-21-2264253706-1617791975-327108488-1000 => C:\Program Files\Google\Chrome\Application\chrome.exe
Task: {F3868549-8828-466C-961E-D9111FF542FB} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [1695112 2019-08-08] (AVAST Software s.r.o. -> AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Norton Security Scan for gladys.job => C:\Program Files\Norton Security Scan\Engine\2.7.3.34\Nss.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{50DD5EFD-FA60-494D-8B8D-BC759745A428}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{774C0D3B-376D-4EA8-B8CA-09469323D9A3}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-08-01] (Oracle America, Inc. -> Oracle Corporation)
BHO: Aplicación auxiliar de inicio de sesión de Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-08-01] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKU\S-1-5-21-2264253706-1617791975-327108488-1000 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\gladys\AppData\Roaming\Mozilla\Firefox\Profiles\c20ofsb0.default [2019-08-08]
FF Homepage: Mozilla\Firefox\Profiles\c20ofsb0.default -> hxxps://www.google.com/?bcutc=sp-006
FF NewTab: Mozilla\Firefox\Profiles\c20ofsb0.default -> about:newtab
FF Extension: (Firefox Synchronisation Extension) - C:\Users\gladys\AppData\Roaming\Mozilla\Firefox\Profiles\c20ofsb0.default\Extensions\[email protected] [2013-12-12] [Legacy] [not signed]
FF SearchPlugin: C:\Users\gladys\AppData\Roaming\Mozilla\Firefox\Profiles\c20ofsb0.default\searchplugins\avast-search.xml [2016-11-06]
FF SearchPlugin: C:\Users\gladys\AppData\Roaming\Mozilla\Firefox\Profiles\c20ofsb0.default\searchplugins\google-avast.xml [2018-12-18]
FF SearchPlugin: C:\Users\gladys\AppData\Roaming\Mozilla\Firefox\Profiles\c20ofsb0.default\searchplugins\yahoo-avast.xml [2016-03-15]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Ginger\Mozilla\[email protected]
FF Extension: (Ginger - Grammar and Spell Checker) - C:\Program Files\Ginger\Mozilla\[email protected] [2014-03-17] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-09] (Adobe Inc. -> )
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [No File]
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google Inc -> Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Users\gladys\Picasa3\npPicasa3.dll [2014-01-06] (Google Inc -> Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\windows\system32\npDeployJava1.dll [2013-08-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-08-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corporation -> Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-04-19] (Nokia -> )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=1.1.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-01-25] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-2264253706-1617791975-327108488-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\gladys\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2012-10-12] (Skype Technologies SA -> Skype Limited)
FF Plugin HKU\S-1-5-21-2264253706-1617791975-327108488-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\gladys\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-01-10] (Unity Technologies ApS -> Unity Technologies ApS)
StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/?trackid=sp-006
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006"
CHR DefaultSearchURL: Default -> hxxps://www.google.com/search?q={searchTerms}&trackid=sp-006
CHR DefaultSearchKeyword: Default -> google.com.ar
CHR DefaultSuggestURL: Default -> hxxps://www.google.com/complete/search?client=chrome&q={searchTerms}
CHR Profile: C:\Users\gladys\AppData\Local\Google\Chrome\User Data\Default [2019-08-12]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\gladys\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\gladys\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-21]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe [819976 2011-08-18] (ABBYY SOLUTIONS LIMITED -> ABBYY)
S3 Adobe Version Cue CS4; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5398416 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-21] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [317280 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-21] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files\AVAST Software\Browser\Application\75.1.1528.100\elevation_service.exe [978720 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5394136 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 Rezip; C:\windows\SYSTEM32\Rezip.exe [311296 2009-03-05] () [File not signed]
S3 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] (CyberLink -> )
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [34720 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [172424 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [220128 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [158240 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\windows\System32\drivers\aswblog.sys [255360 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [51264 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\windows\System32\drivers\aswHdsKe.sys [194680 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [40904 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [138480 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [101200 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [73008 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [783232 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [403408 2019-04-12] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\windows\System32\drivers\aswStm.sys [165464 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [312464 2019-04-17] (AVAST Software s.r.o. -> AVAST Software)
R3 athr; C:\windows\System32\DRIVERS\athr.sys [1245696 2009-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 btusbflt; C:\windows\System32\drivers\btusbflt.sys [43944 2009-07-01] (Broadcom Corporation -> Broadcom Corporation.)
R3 btwaudio; C:\windows\System32\drivers\btwaudio.sys [86056 2009-10-02] (Broadcom Corporation -> Broadcom Corporation.)
R3 btwavdt; C:\windows\System32\drivers\btwavdt.sys [108072 2009-08-29] (Broadcom Corporation -> Broadcom Corporation.)
R3 btwl2cap; C:\windows\System32\DRIVERS\btwl2cap.sys [29472 2009-04-07] (Broadcom Corporation -> Broadcom Corporation.)
R3 btwrchid; C:\windows\System32\DRIVERS\btwrchid.sys [18472 2009-08-29] (Broadcom Corporation -> Broadcom Corporation.)
R1 ESProtectionDriver; C:\windows\system32\drivers\mbae.sys [128552 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\windows\System32\Drivers\MbamChameleon.sys [173512 2019-08-01] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\windows\System32\DRIVERS\farflt.sys [190624 2019-08-12] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\windows\system32\DRIVERS\mbam.sys [64296 2019-08-12] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [241760 2019-08-12] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\windows\System32\DRIVERS\mwac.sys [86768 2019-08-12] (Malwarebytes Corporation -> Malwarebytes)
S3 nmwcd; C:\windows\System32\drivers\ccdcmb.sys [18560 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\windows\System32\drivers\ccdcmbo.sys [23168 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 pccsmcfd; C:\windows\System32\DRIVERS\pccsmcfd.sys [19072 2012-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 RTL8167; C:\windows\System32\DRIVERS\Rt86win7.sys [139776 2009-07-13] (Microsoft Windows -> Realtek Corporation )
R1 SABI; C:\windows\system32\Drivers\SABI.sys [10752 2009-05-28] (Microsoft Windows Hardware Compatibility Publisher -> SAMSUNG ELECTRONICS)
S3 upperdev; C:\windows\System32\DRIVERS\usbser_lowerflt.sys [8192 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 UsbserFilt; C:\windows\System32\DRIVERS\usbser_lowerfltj.sys [8192 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R3 yukonw7; C:\windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] (Microsoft Windows Hardware Compatibility Publisher -> )
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-08-12 11:58 - 2019-08-12 11:59 - 000027902 _____ C:\Users\gladys\Desktop\FRST.txt
2019-08-12 10:45 - 2019-08-12 10:45 - 000000017 _____ C:\Users\gladys\AppData\Local\resmon.resmoncfg
2019-08-12 10:39 - 2019-08-12 10:39 - 001448960 _____ (Farbar) C:\Users\gladys\Desktop\FRST (1).exe
2019-08-12 06:43 - 2019-08-12 06:43 - 000064296 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2019-08-12 06:42 - 2019-08-12 06:42 - 000190624 _____ (Malwarebytes) C:\windows\system32\Drivers\farflt.sys
2019-08-12 06:42 - 2019-08-12 06:42 - 000086768 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys
2019-08-12 06:38 - 2019-08-12 06:38 - 000241760 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys
2019-08-08 10:20 - 2019-08-08 10:20 - 000004106 _____ C:\Users\gladys\cc_20190808_102028.reg
2019-08-08 10:20 - 2019-08-08 10:20 - 000004106 _____ C:\Users\gladys\cc_20190808_102007.reg
2019-08-08 10:19 - 2019-08-08 10:19 - 000004676 _____ C:\Users\gladys\cc_20190808_101859.reg
2019-08-08 10:19 - 2019-08-08 10:19 - 000004496 _____ C:\Users\gladys\cc_20190808_101924.reg
2019-08-08 10:19 - 2019-08-08 10:19 - 000004106 _____ C:\Users\gladys\cc_20190808_101946.reg
2019-08-08 10:18 - 2019-08-08 10:18 - 000300058 _____ C:\Users\gladys\cc_20190808_101757.reg
2019-08-08 10:10 - 2019-08-08 10:13 - 000000000 ____D C:\Users\gladys\AppData\LocalLow\uTorrent
2019-08-08 09:47 - 2019-08-08 09:47 - 000000265 _____ C:\DelFix.txt
2019-08-08 09:47 - 2019-08-08 09:47 - 000000000 ____D C:\windows\ERUNT
2019-08-08 09:46 - 2019-08-08 09:46 - 000797760 _____ C:\Users\gladys\Desktop\delfix.exe
2019-08-08 09:35 - 2019-08-12 11:39 - 000000000 ____D C:\Users\gladys\Desktop\FRST-OlderVersion
2019-08-04 19:59 - 2019-08-04 19:59 - 000000679 _____ C:\Users\gladys\Gladys - Acceso directo (2).lnk
2019-08-04 19:56 - 2019-08-12 11:58 - 000000000 ____D C:\FRST
2019-08-04 19:28 - 2019-08-04 19:29 - 000000000 ____D C:\KVRT_Data
2019-08-04 16:27 - 2019-08-04 16:27 - 000001083 _____ C:\Users\gladys\Desktop\ESET Online Scanner.lnk
2019-08-04 16:26 - 2019-08-04 16:26 - 000000000 ____D C:\Users\gladys\AppData\Local\ESET
2019-07-29 18:35 - 2019-07-29 18:54 - 000000000 ____D C:\Users\gladys\AppData\Roaming\ZHP
2019-07-29 18:35 - 2019-07-29 18:35 - 000000834 _____ C:\Users\gladys\Desktop\ZHPCleaner.lnk
2019-07-29 18:35 - 2019-07-29 18:35 - 000000000 ____D C:\Users\gladys\AppData\Local\ZHP
2019-07-29 18:14 - 2019-07-29 18:18 - 000000000 ____D C:\AdwCleaner
2019-07-29 16:48 - 2019-08-01 10:13 - 000173512 _____ (Malwarebytes) C:\windows\system32\Drivers\MbamChameleon.sys
2019-07-29 16:48 - 2019-07-29 16:48 - 000000000 ____D C:\Users\gladys\AppData\Local\mbamtray
2019-07-29 16:48 - 2019-07-29 16:48 - 000000000 ____D C:\Users\gladys\AppData\Local\mbam
2019-07-29 16:47 - 2019-07-29 16:47 - 000001980 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-07-29 16:47 - 2019-07-29 16:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-29 16:47 - 2019-07-29 16:47 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-07-29 16:47 - 2019-07-29 16:47 - 000000000 ____D C:\Program Files\Malwarebytes
2019-07-29 16:47 - 2019-01-08 16:32 - 000128552 _____ (Malwarebytes) C:\windows\system32\Drivers\mbae.sys
2019-07-29 16:41 - 2019-07-29 16:41 - 003072896 _____ (Nicolas Coolman) C:\Users\gladys\Desktop\ZHPCleaner.exe
2019-07-29 16:39 - 2019-07-29 16:40 - 007623880 _____ (Malwarebytes) C:\Users\gladys\Desktop\adwcleaner_7.4.exe
2019-07-29 16:38 - 2019-07-29 16:38 - 000020769 _____ C:\Users\gladys\Desktop\descarga.htm
2019-07-29 16:35 - 2019-07-29 16:35 - 064756040 _____ (Malwarebytes ) C:\Users\gladys\Desktop\mb3-setup-consumer-3.8.3.2965-1.0.613-1.0.11752.exe
2019-07-16 17:05 - 2019-07-23 10:33 - 000000000 ____D C:\Users\gladys\DOCENCIA
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-08-12 11:46 - 2013-03-26 10:29 - 001577984 ___SH C:\Users\gladys\Thumbs.db
2019-08-12 11:02 - 2009-07-14 01:34 - 000023552 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-08-12 11:02 - 2009-07-14 01:34 - 000023552 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-08-12 10:56 - 2011-01-14 20:26 - 000000476 ____H C:\windows\Tasks\Norton Security Scan for gladys.job
2019-08-12 06:38 - 2009-07-14 01:53 - 000000006 ____H C:\windows\Tasks\SA.DAT
2019-08-10 19:41 - 2019-03-07 19:51 - 000000000 ____D C:\Users\gladys\CASA VIVA
2019-08-08 10:22 - 2009-07-13 23:37 - 000000000 ____D C:\windows\inf
2019-08-08 10:20 - 2010-10-01 08:59 - 000000000 ____D C:\Users\gladys
2019-08-08 10:15 - 2016-01-16 12:45 - 000000000 ____D C:\Users\gladys\AppData\Roaming\uTorrent
2019-08-08 10:13 - 2019-03-29 10:53 - 000000000 ____D C:\Users\gladys\AppData\Local\BitTorrentHelper
2019-08-08 09:57 - 2011-01-31 23:53 - 000000000 ____D C:\Users\Zoe\AppData\LocalLow\Temp
2019-08-08 09:57 - 2010-11-08 09:07 - 000000000 ____D C:\Users\gladys\AppData\LocalLow\Temp
2019-08-08 09:52 - 2013-09-19 15:24 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-08-08 09:52 - 2013-06-06 13:31 - 000000000 ____D C:\windows\pss
2019-08-08 09:23 - 2018-03-21 08:30 - 000000000 ____D C:\Users\gladys\AppData\Local\AVAST Software
2019-08-07 15:33 - 2018-10-02 12:09 - 000000000 ____D C:\Users\gladys\A A INDESIGN CS4
2019-08-04 18:13 - 2012-12-09 18:54 - 000000000 ____D C:\Users\gladys\QUARK
2019-08-04 18:04 - 2012-12-27 20:32 - 000000000 ____D C:\Users\gladys\Desktop\TODO
2019-08-02 10:07 - 2018-11-06 13:19 - 000000000 ____D C:\Users\gladys\ZOE PSICO UBA
2019-07-29 22:57 - 2016-05-12 18:46 - 000000000 ____D C:\Users\gladys\Desktop\TRABAJOS ZOE
2019-07-29 18:19 - 2010-04-07 05:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2019-07-29 18:19 - 2010-04-07 05:59 - 000000000 ____D C:\Program Files\Samsung
2019-07-29 18:08 - 2010-10-01 09:19 - 000001397 _____ C:\Users\gladys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2019-07-29 18:07 - 2013-08-24 11:31 - 000002134 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-29 16:33 - 2013-10-11 14:33 - 000000925 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-07-28 15:36 - 2010-04-07 22:39 - 000747986 _____ C:\windows\system32\perfh00A.dat
2019-07-28 15:36 - 2010-04-07 22:39 - 000159426 _____ C:\windows\system32\perfc00A.dat
2019-07-28 15:36 - 2009-07-26 17:06 - 001678290 _____ C:\windows\system32\PerfStringBackup.INI
2019-07-28 15:31 - 2016-12-18 18:33 - 000000000 ____D C:\Users\gladys\A ARTES ESCRITURA
2019-07-28 14:18 - 2019-02-18 19:18 - 000000000 ____D C:\Users\gladys\CUENTOS GLA 2019
2019-07-27 09:58 - 2016-07-07 21:11 - 000000000 ____D C:\Users\gladys\GLADYS CV
2019-07-24 15:46 - 2018-03-21 08:38 - 000002333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-07-20 10:05 - 2019-05-09 15:08 - 000000000 ____D C:\Users\gladys\SIBILA
2019-07-16 10:54 - 2010-10-01 09:46 - 000000000 ____D C:\Users\gladys\AppData\Roaming\Google
==================== Files in the root of some directories ================
2014-08-02 12:29 - 2014-08-02 12:29 - 000021288 _____ () C:\Users\gladys\cc_20140802_122925.reg
2019-08-08 10:18 - 2019-08-08 10:18 - 000300058 _____ () C:\Users\gladys\cc_20190808_101757.reg
2019-08-08 10:19 - 2019-08-08 10:19 - 000004676 _____ () C:\Users\gladys\cc_20190808_101859.reg
2019-08-08 10:19 - 2019-08-08 10:19 - 000004496 _____ () C:\Users\gladys\cc_20190808_101924.reg
2019-08-08 10:19 - 2019-08-08 10:19 - 000004106 _____ () C:\Users\gladys\cc_20190808_101946.reg
2019-08-08 10:20 - 2019-08-08 10:20 - 000004106 _____ () C:\Users\gladys\cc_20190808_102007.reg
2019-08-08 10:20 - 2019-08-08 10:20 - 000004106 _____ () C:\Users\gladys\cc_20190808_102028.reg
2011-08-18 23:39 - 2015-11-15 16:35 - 000018432 _____ () C:\Users\gladys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-08-12 10:45 - 2019-08-12 10:45 - 000000017 _____ () C:\Users\gladys\AppData\Local\resmon.resmoncfg
2011-06-17 19:53 - 2011-06-17 19:53 - 000000000 _____ () C:\Users\gladys\AppData\Local\{EF33A113-69D3-42B7-B9DE-C022A33665B9}
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-08-03 11:04
==================== End of FRST.txt ============================Hola @gich
*Desinstala con Revo Uninstaller en su Modo Avanzado:
- Norton Security Scan, Java 7 Update 25, 6 Update 26
Luego de reiniciar:
Posteriormente:
1.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.
- Descarga y/o Ejecuta DelFix en el escritorio de Windows.
- Clic Derecho, “Ejecutar como Administrador”.
- En la ventana principal, marca solamente la casilla “Create Registry Backup”.
- Clic en Run.
Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…
2.- Desactiva Temporalmente tu antivirus.
3.- Abre un nuevo archivo Notepad y copia y pega este contenido:
Start
CloseProcesses:
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {60307985-7FAC-4862-A036-E6FEE21079D7} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A42614E7-990C-4BF3-9193-30DAA6776024} - System32\Tasks\Norton Security Scan for gladys => C:\Program Files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [606072 2011-01-14] (Symantec Corporation -> Symantec Corporation)
Task: C:\windows\Tasks\Norton Security Scan for gladys.job => C:\Program Files\Norton Security Scan\Engine\2.7.3.34\Nss.exe
2019-08-08 10:10 - 2019-08-08 10:13 - 000000000 ____D C:\Users\gladys\AppData\LocalLow\uTorrent
2019-08-12 10:56 - 2011-01-14 20:26 - 000000476 ____H C:\windows\Tasks\Norton Security Scan for gladys.job
2019-08-08 10:15 - 2016-01-16 12:45 - 000000000 ____D C:\Users\gladys\AppData\Roaming\uTorrent
2019-08-08 10:13 - 2019-03-29 10:53 - 000000000 ____D C:\Users\gladys\AppData\Local\BitTorrentHelper
2019-08-08 09:57 - 2011-01-31 23:53 - 000000000 ____D C:\Users\Zoe\AppData\LocalLow\Temp
2019-08-08 09:57 - 2010-11-08 09:07 - 000000000 ____D C:\Users\gladys\AppData\LocalLow\Temp
2011-06-17 19:53 - 2011-06-17 19:53 - 000000000 _____ () C:\Users\gladys\AppData\Local\{EF33A113-69D3-42B7-B9DE-C022A33665B9}
ContextMenuHandlers1: [ZIPProcessor] -> {E5C972BD-3890-4427-ABEA-A2AD8D88E7A6} => -> No File
ContextMenuHandlers2: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> [CC]{C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => -> No File
ContextMenuHandlers6: [ZIPProcessor] -> {E5C972BD-3890-4427-ABEA-A2AD8D88E7A6} => -> No File
Task: {4F66E656-A488-44F1-B703-8C10BEEC8E82} - System32\Tasks\{C067BBDF-4430-4666-96A3-CF6BBC726F8F} => C:\Users\gladys\Desktop\Ares\Ares.exe
C:\Users\gladys\Desktop\Ares
RemoveProxy:
EmptyTemp:
END
- Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.
Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.
- Ejecutas Frst.exe.
- Presionas el botón Fix y aguardas a que termine.
- La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
- Lo pegas en tu próxima respuesta.
Nos comentas, luego de reiniciar si todo sigue en orden para dar por resuelto el tema.
Salu2.
Hola, disculpen por contestar tarde. Les pego a continuación el informe. Muchísimas gracias, un beso.
Fix result of Farbar Recovery Scan Tool (x86) Version: 25-08-2019
Ran by gladys (27-08-2019 10:43:33) Run:2
Running from C:\Users\gladys\Desktop
Loaded Profiles: gladys (Available Profiles: gladys & Zoe)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {60307985-7FAC-4862-A036-E6FEE21079D7} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A42614E7-990C-4BF3-9193-30DAA6776024} - System32\Tasks\Norton Security Scan for gladys => C:\Program Files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [606072 2011-01-14] (Symantec Corporation -> Symantec Corporation)
Task: C:\windows\Tasks\Norton Security Scan for gladys.job => C:\Program Files\Norton Security Scan\Engine\2.7.3.34\Nss.exe
2019-08-08 10:10 - 2019-08-08 10:13 - 000000000 ____D C:\Users\gladys\AppData\LocalLow\uTorrent
2019-08-12 10:56 - 2011-01-14 20:26 - 000000476 ____H C:\windows\Tasks\Norton Security Scan for gladys.job
2019-08-08 10:15 - 2016-01-16 12:45 - 000000000 ____D C:\Users\gladys\AppData\Roaming\uTorrent
2019-08-08 10:13 - 2019-03-29 10:53 - 000000000 ____D C:\Users\gladys\AppData\Local\BitTorrentHelper
2019-08-08 09:57 - 2011-01-31 23:53 - 000000000 ____D C:\Users\Zoe\AppData\LocalLow\Temp
2019-08-08 09:57 - 2010-11-08 09:07 - 000000000 ____D C:\Users\gladys\AppData\LocalLow\Temp
2011-06-17 19:53 - 2011-06-17 19:53 - 000000000 _____ () C:\Users\gladys\AppData\Local\{EF33A113-69D3-42B7-B9DE-C022A33665B9}
ContextMenuHandlers1: [ZIPProcessor] -> {E5C972BD-3890-4427-ABEA-A2AD8D88E7A6} => -> No File
ContextMenuHandlers2: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> [CC]{C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => -> No File
ContextMenuHandlers6: [ZIPProcessor] -> {E5C972BD-3890-4427-ABEA-A2AD8D88E7A6} => -> No File
Task: {4F66E656-A488-44F1-B703-8C10BEEC8E82} - System32\Tasks\{C067BBDF-4430-4666-96A3-CF6BBC726F8F} => C:\Users\gladys\Desktop\Ares\Ares.exe
C:\Users\gladys\Desktop\Ares
RemoveProxy:
EmptyTemp:
END
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{60307985-7FAC-4862-A036-E6FEE21079D7}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{60307985-7FAC-4862-A036-E6FEE21079D7}" => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A42614E7-990C-4BF3-9193-30DAA6776024} => not found
"C:\Windows\System32\Tasks\Norton Security Scan for gladys" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Security Scan for gladys => not found
"C:\windows\Tasks\Norton Security Scan for gladys.job" => not found
C:\Users\gladys\AppData\LocalLow\uTorrent => moved successfully
"C:\windows\Tasks\Norton Security Scan for gladys.job" => not found
C:\Users\gladys\AppData\Roaming\uTorrent => moved successfully
C:\Users\gladys\AppData\Local\BitTorrentHelper => moved successfully
C:\Users\Zoe\AppData\LocalLow\Temp => moved successfully
C:\Users\gladys\AppData\LocalLow\Temp => moved successfully
C:\Users\gladys\AppData\Local\{EF33A113-69D3-42B7-B9DE-C022A33665B9} => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ZIPProcessor => removed successfully.
HKLM\Software\Classes\CLSID\{E5C972BD-3890-4427-ABEA-A2AD8D88E7A6} => not found
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\{C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => removed successfully.
HKLM\Software\Classes\CLSID\[CC]{C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\ZIPProcessor => removed successfully.
HKLM\Software\Classes\CLSID\{E5C972BD-3890-4427-ABEA-A2AD8D88E7A6} => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4F66E656-A488-44F1-B703-8C10BEEC8E82}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F66E656-A488-44F1-B703-8C10BEEC8E82}" => removed successfully.
C:\Windows\System32\Tasks\{C067BBDF-4430-4666-96A3-CF6BBC726F8F} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C067BBDF-4430-4666-96A3-CF6BBC726F8F}" => removed successfully.
"C:\Users\gladys\Desktop\Ares" => not found
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-2264253706-1617791975-327108488-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-2264253706-1617791975-327108488-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.
========= End of RemoveProxy: =========
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11456169 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 2646876 B
Edge => 0 B
Chrome => 257119592 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
LocalService => 0 B
NetworkService => 1280 B
gladys => 14322558 B
Zoe => 23874326 B
RecycleBin => 0 B
EmptyTemp: => 303.1 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 10:48:33 ====Hola @gich
Para eliminar las herramientas utilizadas:
Descargas >> Delfix, a tu escritorio.
- Doble clic para ejecutarlo.(Si usas Windows Vista/7 /8 /10,presiona clic derecho y selecciona >> “Ejecutar como Administrador”)
- Marca las casilla Remove disinfection tools y Purgue Sistem Restore
- Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
Nos comentas si todo esta en orden para dar por Solucionado el tema.
Salu2.