Hola @Daniela
Perdon por la demora. Pasaron 10 dias de tu respuesta, en esos 10 dias aparecio otra pagina web bloqueada con otro nombre, lamentablemente no tenia tiempo para dedicarle a la limpieza de la pc. Si es necesario que comience desde el paso 1 nuevamente, avisame.
Ahora pego ambos reportes segun tus tindicaciones;
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01
Ran by Usuario (administrator) on PCPROF (Gigabyte Technology Co., Ltd. H81M-DS2) (19-07-2019 12:17:50)
Running from C:\Users\Usuario\Desktop
Loaded Profiles: Usuario & (Available Profiles: Usuario & Administrador)
Platform: Windows 8 Enterprise (X64) Language: Español (España, internacional)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ABBYY Production LLC -> ABBYY Production LLC) C:\Program Files (x86)\Common Files\ABBYY\FineReader\12.00\Licensing\CE\NetworkLicenseServer.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Users\Usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Users\Usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Users\Usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Users\Usuario\AppData\Roaming\Dropbox\bin\77.4.131\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Users\Usuario\AppData\Roaming\Dropbox\bin\77.4.131\QtWebEngineProcess.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola) [File not signed] C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(MyHeritage (USA) Inc. -> MyHeritage) C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(TeamViewer -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Visicom Media Inc. -> Visicom Media Inc.) C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13423688 2013-02-26] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2010-02-03] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-03-13] (CyberLink -> cyberlink)
HKLM-x32\...\Run: [Bonus.SSR.FR12] => C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [1517088 2014-07-19] (ABBYY Production LLC -> ABBYY Production LLC.) [File not signed]
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318248 2016-01-08] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [153296 2018-05-30] (Panda Security S.L. -> Panda Security, S.L.)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [17683056 2019-03-14] (MyHeritage (USA) Inc. -> MyHeritage)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152019190325206\...\RunOnce: [panda4_1dn] => reg.exe delete "HKCU\Software\AppDataLow\Software\panda4_1dn" /f
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152019190325206\...\RunOnce: [panda4_1dn_XP] => reg.exe delete "HKCU\Software\panda4_1dn" /f
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152019190325206\...\RunOnce: [panda4_1dn_DATA_FOLDER] => cmd.exe /c rmdir "C:\ProgramData\Panda Security URL Filtering" /s /q
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152019190325206\...\RunOnce: [panda4_1dn_INSTALL_FOLDER] => cmd.exe /c rmdir "C:\Windows\system32\config\systemprofile\AppData\Local\panda4_1dn" /s /q
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152019190325206\...\RunOnce: [panda] => reg.exe delete "HKCU\Software\AppDataLow\Software\panda" /f
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152019190325206\...\RunOnce: [panda_XP] => reg.exe delete "HKCU\Software\panda" /f
HKU\S-1-5-21-2150074114-3142378171-2394966631-1001\...\Run: [Dropbox Update] => C:\Users\Usuario\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-2150074114-3142378171-2394966631-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53646912 2019-07-02] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2150074114-3142378171-2394966631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152019190326472\...\Run: [Dropbox Update] => C:\Users\Usuario\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-2150074114-3142378171-2394966631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152019190326472\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53646912 2019-07-02] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2150074114-3142378171-2394966631-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152019190327206\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-18\...\RunOnce: [panda4_1dn] => reg.exe delete "HKCU\Software\AppDataLow\Software\panda4_1dn" /f
HKU\S-1-5-18\...\RunOnce: [panda4_1dn_XP] => reg.exe delete "HKCU\Software\panda4_1dn" /f
HKU\S-1-5-18\...\RunOnce: [panda4_1dn_DATA_FOLDER] => cmd.exe /c rmdir "C:\ProgramData\Panda Security URL Filtering" /s /q
HKU\S-1-5-18\...\RunOnce: [panda4_1dn_INSTALL_FOLDER] => cmd.exe /c rmdir "C:\Windows\system32\config\systemprofile\AppData\Local\panda4_1dn" /s /q
HKU\S-1-5-18\...\RunOnce: [panda] => reg.exe delete "HKCU\Software\AppDataLow\Software\panda" /f
HKU\S-1-5-18\...\RunOnce: [panda_XP] => reg.exe delete "HKCU\Software\panda" /f
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [183808 2010-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.YV12] => C:\Windows\SysWOW64\yv12vfw.dll [237568 2010-11-03] (www.helixcommunity.org) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [151552 2010-01-17] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [839680 2008-09-24] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [108032 2010-12-11] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4340}] -> regsvr32.exe /s /n /i:U %SystemRoot%\System32\shell32.dll
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-22] (Google LLC -> Google LLC)
Startup: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2019-07-19]
ShortcutTarget: Dropbox.lnk -> C:\Users\Usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
GroupPolicy-x32: Restriction ? <==== ATTENTION
GroupPolicyScripts: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {087FF02B-13BD-42E3-8179-7832B1B2E76C} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {0E9EE591-2962-4DA1-ADE6-EC4F2A0AA9A9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {2F225AC8-E0B5-4673-B447-49BDF8F78DD0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {330689F5-D226-4F3A-93A4-6D6E365A3C55} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2150074114-3142378171-2394966631-1001UA => C:\Users\Usuario\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc -> Dropbox, Inc.)
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage => {5F074BDF-4BA3-4E68-AE86-2A6B0B5963B0} C:\Windows\system32\wlroamextension.dll [543232 2013-02-02] (Microsoft Windows -> Microsoft Corporation)
Task: {4D11FAC3-C148-42B2-BE2F-6CDBB3AD0093} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\WatTask => C:\Windows Activation Technologies\wat.exe [22016 2006-04-21] () [File not signed]
Task: {4D655B41-572B-4B5D-9EFF-341DB602F52C} - System32\Tasks\Opera scheduled Autoupdate 1451254176 => C:\Program Files (x86)\Opera\launcher.exe [1348120 2019-07-11] (Opera Software AS -> Opera Software)
Task: {550B94F2-D8C4-4FE6-ABA2-C8F0B7C67572} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-10] (Piriform Ltd -> Piriform Ltd)
Task: {596AEC3E-2456-4A73-AD95-91EB8DD0C7FB} - System32\Tasks\NCH Software\PrismDowngrade => C:\Program Files (x86)\NCH Software\Prism\prism.exe [2031720 2018-04-13] (NCH Software -> NCH Software)
Task: {5FDBD6D6-238F-4905-B21A-ECF93E7E48B2} - System32\Tasks\NCH Software\DebutDowngrade => C:\Program Files (x86)\NCH Software\Debut\debut.exe [2355304 2018-04-11] (NCH Software -> NCH Software)
Task: {61EACA6C-BDBF-4799-804B-10AEB35804EA} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_Plugin.exe [1457208 2019-06-12] (Adobe Inc. -> Adobe)
Task: {73141A4A-6FDF-4E77-B440-F91CACAA3F10} - System32\Tasks\G2MUpdateTask-S-1-5-21-2150074114-3142378171-2394966631-1001 => C:\Users\Usuario\AppData\Local\GoToMeeting\13481\g2mupdate.exe [32256 2019-07-06] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {75E68055-63D4-4D4F-9CED-FF744C65A4F6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {7F478979-8544-44A6-84C8-54F4AE791B71} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-06-12] (Adobe Inc. -> Adobe)
Task: {8C97668F-D9BD-4EA8-8085-7B32F842CE27} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {923DC814-A8B8-4778-BCBC-633CEA8CBE8C} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask => {0AC1DBCA-7F9F-47FC-A090-34E5FEB291E8} C:\Windows\system32\wlroamextension.dll [543232 2013-02-02] (Microsoft Windows -> Microsoft Corporation)
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask => {59B9640B-3F70-4D1C-B159-F26EEB8A4C87} C:\Windows\system32\SettingSyncInfo.dll [128512 2015-08-04] (Microsoft Windows -> Microsoft Corporation)
Task: {C06A014E-54B4-4EE6-BB64-0B905A2F574E} - System32\Tasks\G2MUploadTask-S-1-5-21-2150074114-3142378171-2394966631-1001 => C:\Users\Usuario\AppData\Local\GoToMeeting\13481\g2mupload.exe [32256 2019-07-06] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {C831B6C9-AE2F-41B0-B22F-ABFE559456D6} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2150074114-3142378171-2394966631-1001Core => C:\Users\Usuario\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc -> Dropbox, Inc.)
Task: {D9820B1C-1A51-4CA5-8118-705A8EDDF931} - no filepath
Task: {F593789A-0E9C-4918-B253-EB341DEC0863} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_pepper.exe [1452600 2019-06-12] (Adobe Inc. -> Adobe)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2150074114-3142378171-2394966631-1001Core.job => C:\Users\Usuario\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2150074114-3142378171-2394966631-1001UA.job => C:\Users\Usuario\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2150074114-3142378171-2394966631-1001.job => C:\Users\Usuario\AppData\Local\GoToMeeting\13481\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2150074114-3142378171-2394966631-1001.job => C:\Users\Usuario\AppData\Local\GoToMeeting\13481\g2mupload.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{ABF5E7EB-AAEC-4C13-8380-DDD0253A311B}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-2150074114-3142378171-2394966631-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com.ar/
HKU\S-1-5-21-2150074114-3142378171-2394966631-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-ar/?ocid=iehp
HKU\S-1-5-21-2150074114-3142378171-2394966631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152019190326472\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com.ar/
HKU\S-1-5-21-2150074114-3142378171-2394966631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152019190326472\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-ar/?ocid=iehp
HKU\S-1-5-21-2150074114-3142378171-2394966631-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152019190327206\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-ar/?ocid=iehp
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152019190325972 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152019190326191 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2150074114-3142378171-2394966631-1001 -> {C6714760-0FD9-45AF-9349-CCAFEAC1E24F} URL = hxxps://ar.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-2150074114-3142378171-2394966631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152019190326472 -> {C6714760-0FD9-45AF-9349-CCAFEAC1E24F} URL = hxxps://ar.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 0lv0v0ii.default-1550281121292
FF ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\qhrwb4bd.default-release [2019-07-19]
FF ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\0lv0v0ii.default-1550281121292 [2019-07-17]
FF Extension: (Descarga videos con Ummy Video Downloader) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\0lv0v0ii.default-1550281121292\Extensions\{2bfc8e07-8df2-4600-a937-6bab8f954152}.xpi [2019-02-17]
FF Extension: (YouTube Downloader) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\0lv0v0ii.default-1550281121292\Extensions\{307f416a-39c0-49e0-8e96-cf802290e33c}.xpi [2019-02-17]
FF Extension: (ImTranslator: Traductor, Diccionario, Voz) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\0lv0v0ii.default-1550281121292\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2019-07-14]
FF ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\9uepmfoo.dev-edition-default [2019-07-08]
FF Extension: (ADB Helper) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\9uepmfoo.dev-edition-default\Extensions\[email protected] [2017-04-09] [Legacy]
FF Extension: (Valence) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\9uepmfoo.dev-edition-default\Extensions\[email protected] [2017-04-09] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_207.dll [2019-06-12] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_207.dll [2019-06-12] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google Inc -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-04-11] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-04-11] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Usuario\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall) [File not signed]
FF Plugin-x32: @raidcall.tw/RCplugin -> C:\Users\Usuario\AppData\Roaming\RCTW\plugins\nprcplugin.dll [2013-06-25] (Raidcall) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-20] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-20] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2150074114-3142378171-2394966631-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Usuario\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-11-02] (Citrix Online -> Citrix Online)
FF Plugin HKU\S-1-5-21-2150074114-3142378171-2394966631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152019190326472: @citrixonline.com/appdetectorplugin -> C:\Users\Usuario\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-11-02] (Citrix Online -> Citrix Online)
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://es.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://es.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default [2019-07-19]
CHR Extension: (Presentaciones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Documentos) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-06]
CHR Extension: (YouTube) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-06]
CHR Extension: (Adobe Acrobat) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-06-10]
CHR Extension: (Hojas de cálculo) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (Skype) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-02]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-02]
CHR Extension: (ImTranslator: Traductor, Diccionario, Voz) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\noaijdpnepcgjemiklgfkcfbkokogabh [2019-07-19]
CHR Extension: (Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-06]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-25]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\Usuario\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbkekonodcdmedgffkkbgmnnekbainbg [2019-04-19]
OPR Extension: (DuckDuckGo for Opera) - C:\Users\Usuario\AppData\Roaming\Opera Software\Opera Stable\Extensions\cfbekbndggmbdkfhjandenfihkdkndil [2016-05-01]
OPR Extension: (Translate) - C:\Users\Usuario\AppData\Roaming\Opera Software\Opera Stable\Extensions\ibnombjmjocaccigcefonnipcnlaeaed [2015-09-23]
OPR Extension: (Flash Video Downloader (FVD)) - C:\Users\Usuario\AppData\Roaming\Opera Software\Opera Stable\Extensions\neacgcjokggofibnbfapeaejhclmpple [2018-06-20]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.Corporate.12.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\12.00\Licensing\CE\NetworkLicenseServer.exe [961744 2014-07-17] (ABBYY Production LLC -> ABBYY Production LLC)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] (Giga-Byte Technology -> )
S3 aspnet_state; C:\Windows\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [32768 2004-07-15] (Microsoft Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation - pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-04-11] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility Inc. -> Motorola Mobility LLC)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109024 2017-11-08] (Panda Security S.L. -> Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [84176 2019-02-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 panda_url_filtering; C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe [287752 2015-11-06] (Visicom Media Inc. -> Visicom Media Inc.)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48784 2018-05-30] (Panda Security S.L. -> Panda Security, S.L.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer -> TeamViewer GmbH)
S3 wampapache64; c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [24576 2014-05-01] (Apache Software Foundation) [File not signed]
S3 wampmysqld64; c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [12942848 2014-05-01] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21584 2013-02-19] (Giga-Byte Technology -> )
S3 BTCFilterService; C:\Windows\system32\DRIVERS\motfilt.sys [6144 2013-07-23] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Inc)
R3 dc3d; C:\Windows\System32\drivers\dc3d.sys [47616 2011-05-18] (Hardware Group Test Cert -> Microsoft Corporation)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\Windows\system32\DRIVERS\dot4usb.sys [49056 2012-10-19] (Hewlett-Packard Company -> Microsoft Corporation)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-07-15] (Malwarebytes Corporation -> Malwarebytes)
S3 MotoSwitchService; C:\Windows\system32\DRIVERS\motswch.sys [8832 2013-07-23] (Microsoft Windows Hardware Compatibility Publisher -> Motorola)
S3 Motousbnet; C:\Windows\system32\DRIVERS\Motousbnet.sys [27648 2013-07-23] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Mobility Inc)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [107848 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [212360 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [121232 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [126352 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [99512 2017-09-26] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [118136 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [91392 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [135640 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [337520 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [249976 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [123304 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [281912 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [125840 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R3 panda_url_filteringd; C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [51288 2014-03-19] (Visicom Media Inc. -> Visicom Media Inc.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [190552 2017-11-08] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [153176 2018-01-23] (Panda Security S.L. -> Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [206424 2018-01-30] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [146976 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [159312 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [129448 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [72280 2017-05-22] (Panda Security S.L. -> Panda Security, S.L.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Research In Motion Limited)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-25] (Microsoft Windows -> Microsoft Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [21584 2013-05-06] (Giga-Byte Technology -> )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation -> Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\Windows\System32\drivers\WirelessKeyboardFilter.sys [49384 2016-03-29] (Microsoft Corporation -> Microsoft Corporation)
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [146928 2010-03-13] (CyberLink -> CyberLink Corp.)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-19 11:56 - 2019-07-19 12:10 - 000054459 _____ C:\Users\Usuario\Desktop\Addition.txt
2019-07-19 11:54 - 2019-07-19 12:18 - 000036804 _____ C:\Users\Usuario\Desktop\FRST.txt
2019-07-19 11:51 - 2019-07-19 11:51 - 002095104 _____ (Farbar) C:\Users\Usuario\Desktop\FRST64.exe
2019-07-19 11:51 - 2019-07-19 11:51 - 000000000 _____ C:\Users\Usuario\Desktop\Nuevo documento de texto (4).txt
2019-07-19 11:24 - 2019-07-19 11:24 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-07-15 19:06 - 2019-07-17 08:00 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-07-08 21:10 - 2019-07-15 19:02 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-07-08 21:10 - 2017-05-22 07:29 - 000072280 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2019-07-08 20:53 - 2019-07-08 20:53 - 000005884 _____ C:\cc_20190708_205330.reg
2019-07-08 20:28 - 2019-07-08 20:29 - 007025360 _____ (Malwarebytes) C:\Users\Usuario\Desktop\adwcleaner_7.3.exe
2019-07-06 18:57 - 2019-07-06 19:02 - 000000000 ____D C:\Users\Usuario\Desktop\Wireless Network Watcher
2019-07-06 18:57 - 2019-07-06 18:57 - 000001867 _____ C:\Users\Usuario\Desktop\Malwarebytes.lnk
2019-07-06 18:57 - 2019-07-06 18:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-06 18:57 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-07-01 00:49 - 2019-07-01 00:49 - 000058285 _____ C:\Users\Usuario\Downloads\pagos - 2019-07-01T004901.341.pdf
2019-07-01 00:49 - 2019-07-01 00:49 - 000058099 _____ C:\Users\Usuario\Downloads\pagos - 2019-07-01T004916.569.pdf
2019-07-01 00:49 - 2019-07-01 00:49 - 000057997 _____ C:\Users\Usuario\Downloads\pagos - 2019-07-01T004922.114.pdf
2019-07-01 00:49 - 2019-07-01 00:49 - 000057577 _____ C:\Users\Usuario\Downloads\pagos - 2019-07-01T004906.719.pdf
2019-07-01 00:49 - 2019-07-01 00:49 - 000057479 _____ C:\Users\Usuario\Downloads\pagos - 2019-07-01T004926.689.pdf
2019-07-01 00:48 - 2019-07-01 00:48 - 000058342 _____ C:\Users\Usuario\Downloads\pagos - 2019-07-01T004852.464.pdf
2019-07-01 00:34 - 2019-07-01 00:34 - 000036382 _____ C:\Users\Usuario\Downloads\27205746795_011_00002_00000053.pdf
2019-07-01 00:30 - 2019-07-01 00:30 - 000036023 _____ C:\Users\Usuario\Downloads\27205746795_011_00002_00000052.pdf
2019-07-01 00:27 - 2019-07-01 00:27 - 000035936 _____ C:\Users\Usuario\Downloads\27205746795_011_00002_00000051.pdf
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-19 12:17 - 2016-11-30 22:37 - 000000000 ____D C:\FRST
2019-07-19 11:24 - 2014-10-21 23:27 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Dropbox
2019-07-19 11:20 - 2016-11-15 23:45 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\Mozilla
2019-07-19 11:20 - 2016-01-27 08:23 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2150074114-3142378171-2394966631-1001
2019-07-19 11:17 - 2018-01-11 18:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-07-19 11:15 - 2014-11-07 14:36 - 000000000 __SHD C:\Users\Usuario\IntelGraphicsProfiles
2019-07-19 11:14 - 2015-05-15 16:37 - 000000000 ____D C:\ProgramData\panda_url_filtering
2019-07-18 09:19 - 2018-07-05 19:45 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\WhatsApp
2019-07-18 08:18 - 2018-07-05 19:45 - 000000000 ____D C:\Users\Usuario\AppData\Local\WhatsApp
2019-07-17 08:20 - 2017-06-30 09:33 - 000001080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2019-07-17 08:20 - 2016-03-17 17:53 - 000003836 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1451254176
2019-07-17 08:20 - 2014-10-06 09:04 - 000000000 ____D C:\Program Files (x86)\Opera
2019-07-17 08:00 - 2014-10-06 08:51 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-07-17 08:00 - 2014-10-06 08:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-07-17 07:58 - 2014-10-08 18:41 - 000000000 ____D C:\temp
2019-07-15 19:23 - 2014-10-03 22:04 - 000000000 ____D C:\Users\Usuario
2019-07-15 19:02 - 2012-07-26 04:22 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-08 21:15 - 2014-10-13 22:50 - 000300032 ___SH C:\Users\Usuario\Desktop\Thumbs.db
2019-07-08 21:09 - 2012-07-26 02:26 - 000262144 ___SH C:\Windows\system32\config\BBI
2019-07-08 20:58 - 2015-05-19 22:47 - 000000000 ____D C:\Users\Usuario\Desktop\reporte limpieza
2019-07-08 20:48 - 2014-12-16 19:42 - 000000000 ____D C:\Windows\Minidump
2019-07-08 20:48 - 2012-07-26 02:37 - 000000000 ____D C:\Windows\Inf
2019-07-08 20:38 - 2015-05-18 23:29 - 000000000 ____D C:\AdwCleaner
2019-07-08 20:27 - 2016-11-02 17:11 - 000000660 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2150074114-3142378171-2394966631-1001.job
2019-07-07 23:44 - 2015-06-17 21:00 - 000000982 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2150074114-3142378171-2394966631-1001UA.job
2019-07-07 23:35 - 2016-11-02 17:11 - 000000564 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2150074114-3142378171-2394966631-1001.job
2019-07-07 23:19 - 2014-10-17 04:04 - 000000000 ____D C:\ProgramData\PopCap Games
2019-07-07 22:36 - 2017-05-23 19:47 - 000000000 ____D C:\Users\Usuario\Documents\activador w10
2019-07-07 20:09 - 2012-07-26 05:12 - 000000000 ____D C:\Windows\system32\NDF
2019-07-07 20:02 - 2018-01-10 16:32 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-07-06 22:17 - 2017-07-09 15:50 - 000000000 ____D C:\Users\Usuario\AppData\Local\GoToMeeting
2019-07-06 22:17 - 2016-11-02 17:11 - 000003660 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-2150074114-3142378171-2394966631-1001
2019-07-06 22:17 - 2016-11-02 17:11 - 000003564 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-2150074114-3142378171-2394966631-1001
2019-07-06 18:56 - 2014-10-17 02:31 - 002236416 ___SH C:\Users\Usuario\Downloads\Thumbs.db
2019-07-01 00:19 - 2018-01-11 18:40 - 000001310 _____ C:\Users\Public\Desktop\Skype.lnk
2019-06-25 10:44 - 2015-06-17 21:00 - 000000930 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2150074114-3142378171-2394966631-1001Core.job
2019-06-22 23:20 - 2014-10-03 22:05 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Adobe
2019-06-22 22:20 - 2016-12-06 08:06 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-22 22:20 - 2016-12-06 08:06 - 000002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
==================== Files in the root of some directories ================
2017-05-23 21:11 - 2018-11-26 21:23 - 000000040 _____ () C:\Users\Usuario\AppData\Roaming\cdr.ini
2014-10-05 04:44 - 2017-05-23 21:03 - 000000668 _____ () C:\Users\Usuario\AppData\Roaming\vso_ts_preview.xml
2014-11-08 21:53 - 2018-06-24 21:08 - 000007680 _____ () C:\Users\Usuario\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-07 14:51 - 2017-07-02 16:22 - 000007594 _____ () C:\Users\Usuario\AppData\Local\resmon.resmoncfg
==================== FLock ================
2014-10-03 22:04 C:\Windows\CSC
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-05-11 21:44
==================== End of FRST.txt ============================