Buenos días! me alegra mucho la renovacion del espacio! he perdido mi usuario, pero no hay inconvenientes… vuelvo con otro!!! quisiera si pudieran ayudarme a seguir los pasos correctos y necesarios para limpiar mi pc, pues la encuentro por demas lenta!
Mil gracias a quien pueda ayudarme!!!
Buenas @kaborda bienvenido al Foro.
Para revisar tu máquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado. 
Desactiva temporalmente el Antivirus 
Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.
Vamos a descargar en TU ESCRITORIO(y NO en otro lugar 
) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :
Malwarebytes’ Anti-Malware + Manual. 
revisa en detalle el manual, para que sepas usarlo y configurarlo correctamente.
Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. [color=#FF8C00][size=1] ¿Cómo saber si mi Windows es de 32 o 64 bits.?[/size][/color]
Ejecutas las herramientas de una en una y en el orden indicado :
CCleaner.-
Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.
Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.
Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).
Malwarebytes.-
Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.
Realiza un Análisis Completo.
Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.
En el apartado del manual Historial 
encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.
AdwCleaner.-
Ejecuta Adwcleaner.exe.
Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.
Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.
El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt
Junkware Removal Tool.-
Ejecuta JRT.exe.
Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.
Si en algún momento te pide Reiniciar hazlo.
Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.
Copia y pega el contenido de JRT.txt en tu próxima respuesta.
Farbar Recovery Scan Tool.-
Ejecuta FRST.exe.
En el mensaje de la ventana del Disclaimer, pulsamos Yes
En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.
Poner los informes en tu próxima respuesta de :
Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).
Y nos cuentas como funciona tu equipo en relación al problema planteado.
Saludos Javier.
gracias Javier por tu ayuda!!!
aqui los reportes que pides:
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 15/5/19
Hora del análisis: 13:56
Archivo de registro: 670afb3a-7732-11e9-961a-c8600098208d.json
-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.586
Versión del paquete de actualización: 1.0.10597
Licencia: Gratis
-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: Kadi-PC\Kadi
-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 332232
Amenazas detectadas: 106
Amenazas en cuarentena: 106
Tiempo transcurrido: 9 min, 39 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 3
PUP.Optional.Conduit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{632F07F3-19A1-4D16-A23F-E6CE9486BAB5}, En cuarentena, [210], [236865],1.0.10597
PUP.Optional.Conduit, HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}, En cuarentena, [210], [236865],1.0.10597
PUP.Optional.WebCake, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WebCakeUpdaterService, En cuarentena, [200], [591930],1.0.10597
Valor del registro: 4
PUP.Optional.Conduit, HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}|URL, En cuarentena, [210], [236865],1.0.10597
PUP.Optional.BrowserProtect, HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TABBEDBROWSING|BPROTECTSHOWTABSWELCOME, En cuarentena, [931], [538248],1.0.10597
PUP.Optional.MindSpark.Generic, HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Profile 1\extensions.settings|khjpojamndoobgfcfnkjfncgjlcebpel, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.Spigot.Generic, HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Profile 1\extensions.settings|gmgiiocfodgcfaeilhgikbhhkplfolkf, En cuarentena, [216], [495178],1.0.10597
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 21
PUP.Optional.MindSpark.Generic, C:\USERS\KADI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Local Extension Settings\khjpojamndoobgfcfnkjfncgjlcebpel, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\_locales\en, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\_metadata, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\_locales, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\config, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\icons, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\USERS\KADI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\EXTENSIONS\KHJPOJAMNDOOBGFCFNKJFNCGJLCEBPEL, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.Spigot.Generic, C:\USERS\KADI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Sync Extension Settings\gmgiiocfodgcfaeilhgikbhhkplfolkf, En cuarentena, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmgiiocfodgcfaeilhgikbhhkplfolkf\1.0_0\_locales\en, En cuarentena, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmgiiocfodgcfaeilhgikbhhkplfolkf\1.0_0\html\popup, En cuarentena, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmgiiocfodgcfaeilhgikbhhkplfolkf\1.0_0\_metadata, En cuarentena, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmgiiocfodgcfaeilhgikbhhkplfolkf\1.0_0\js\popup, En cuarentena, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmgiiocfodgcfaeilhgikbhhkplfolkf\1.0_0\_locales, En cuarentena, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmgiiocfodgcfaeilhgikbhhkplfolkf\1.0_0\newtab, En cuarentena, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmgiiocfodgcfaeilhgikbhhkplfolkf\1.0_0\html, En cuarentena, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmgiiocfodgcfaeilhgikbhhkplfolkf\1.0_0\css, En cuarentena, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmgiiocfodgcfaeilhgikbhhkplfolkf\1.0_0\js, En cuarentena, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmgiiocfodgcfaeilhgikbhhkplfolkf\1.0_0, En cuarentena, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\USERS\KADI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\EXTENSIONS\GMGIIOCFODGCFAEILHGIKBHHKPLFOLKF, En cuarentena, [216], [495178],1.0.10597
Archivo: 78
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\khjpojamndoobgfcfnkjfncgjlcebpel\000003.log, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\khjpojamndoobgfcfnkjfncgjlcebpel\CURRENT, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\khjpojamndoobgfcfnkjfncgjlcebpel\LOCK, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\khjpojamndoobgfcfnkjfncgjlcebpel\LOG, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\khjpojamndoobgfcfnkjfncgjlcebpel\MANIFEST-000001, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\USERS\KADI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Sustituido, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\USERS\KADI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Preferences, Sustituido, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\USERS\KADI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\EXTENSIONS\KHJPOJAMNDOOBGFCFNKJFNCGJLCEBPEL\13.870.15.8467_0\MANIFEST.JSON, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\config\config.json, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\icons\icon128.png, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\icons\icon16.png, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\icons\icon19disabled.png, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\icons\icon19on.png, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\icons\icon48.png, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\meta.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\ajax.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\babAPI.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\babClickHandler.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\babContentScript.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\babContentScriptAPI.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\background.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\browserUtils.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\chrome.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\contentScriptConnectionManager.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\dateTimeUtils.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\dlp.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\dlpHelper.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\extensionDetect.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\index.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\localStorageContentScript.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\logger.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\offerService.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\pageUtils.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\PartnerId.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\polyfill.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\product.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\remoteConfigLoader.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\splashPageLocalStorageSetter.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\splashPageRedirectHandler.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\storageUtils.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\TemplateParser.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\ul.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\urlFragmentActions.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\urlUtils.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\util.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\webtooltabAPI.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\js\webTooltabAPIProxy.js, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\_locales\en\messages.json, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\_metadata\verified_contents.json, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.MindSpark.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel\13.870.15.8467_0\newtabpage.html, En cuarentena, [1756], [443121],1.0.10597
PUP.Optional.Spigot.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Extension Settings\gmgiiocfodgcfaeilhgikbhhkplfolkf\000003.log, En cuarentena, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Extension Settings\gmgiiocfodgcfaeilhgikbhhkplfolkf\CURRENT, En cuarentena, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Extension Settings\gmgiiocfodgcfaeilhgikbhhkplfolkf\LOCK, En cuarentena, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Extension Settings\gmgiiocfodgcfaeilhgikbhhkplfolkf\LOG, En cuarentena, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Extension Settings\gmgiiocfodgcfaeilhgikbhhkplfolkf\LOG.old, En cuarentena, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Extension Settings\gmgiiocfodgcfaeilhgikbhhkplfolkf\MANIFEST-000001, En cuarentena, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\USERS\KADI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Sustituido, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\USERS\KADI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Preferences, Sustituido, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\USERS\KADI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\EXTENSIONS\GMGIIOCFODGCFAEILHGIKBHHKPLFOLKF\1.0_0\BACKGROUND.JS, En cuarentena, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmgiiocfodgcfaeilhgikbhhkplfolkf\1.0_0\css\description.css, En cuarentena, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmgiiocfodgcfaeilhgikbhhkplfolkf\1.0_0\css\popup.css, En cuarentena, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmgiiocfodgcfaeilhgikbhhkplfolkf\1.0_0\html\popup\description.html, En cuarentena, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmgiiocfodgcfaeilhgikbhhkplfolkf\1.0_0\html\popup\popup.html, En cuarentena, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmgiiocfodgcfaeilhgikbhhkplfolkf\1.0_0\js\popup\popup.js, En cuarentena, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmgiiocfodgcfaeilhgikbhhkplfolkf\1.0_0\js\userNewTab.js, En cuarentena, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmgiiocfodgcfaeilhgikbhhkplfolkf\1.0_0\newtab\newtab.html, En cuarentena, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmgiiocfodgcfaeilhgikbhhkplfolkf\1.0_0\_locales\en\messages.json, En cuarentena, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmgiiocfodgcfaeilhgikbhhkplfolkf\1.0_0\_metadata\computed_hashes.json, En cuarentena, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmgiiocfodgcfaeilhgikbhhkplfolkf\1.0_0\_metadata\verified_contents.json, En cuarentena, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmgiiocfodgcfaeilhgikbhhkplfolkf\1.0_0\contentscript.js, En cuarentena, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmgiiocfodgcfaeilhgikbhhkplfolkf\1.0_0\icon.png, En cuarentena, [216], [495178],1.0.10597
PUP.Optional.Spigot.Generic, C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmgiiocfodgcfaeilhgikbhhkplfolkf\1.0_0\manifest.json, En cuarentena, [216], [495178],1.0.10597
PUP.Optional.OpenCandy, C:\USERS\KADI\APPDATA\ROAMING\BITTORRENT\UPDATES\7.9.1_31141.EXE, En cuarentena, [1154], [640283],1.0.10597
PUP.Optional.GameHack, C:\PROGRAM FILES (X86)\CHEAT ENGINE 6.7\STANDALONEPHASE1.DAT, En cuarentena, [8024], [393793],1.0.10597
Adware.Elex.ShrtCln, C:\USERS\KADI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Sustituido, [272], [454748],1.0.10597
Adware.Elex.ShrtCln, C:\USERS\KADI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Web Data, Sustituido, [272], [454748],1.0.10597
Adware.Elex.ShrtCln, C:\USERS\KADI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Sync Data\SyncData.sqlite3, Sustituido, [272], [454748],1.0.10597
Adware.Elex.ShrtCln, C:\USERS\KADI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Web Data, Sustituido, [272], [454748],1.0.10597
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-03.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-15-2019
# Duration: 00:00:07
# OS: Windows 7 Ultimate
# Cleaned: 42
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\AnyFlix
Deleted C:\Program Files (x86)\Carambis
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carambis
Deleted C:\Users\Kadi\AppData\LocalLow\HPAppData
Deleted C:\Users\Kadi\AppData\Local\VirtualStore\ProgramData\Tencent
Deleted C:\Users\Kadi\AppData\Roaming\Carambis
Deleted C:\Users\Kadi\AppData\Roaming\HPAppData
Deleted C:\Users\Kadi\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
Deleted C:\Users\Kadi\AppData\Roaming\WinZip\WinZipDU
Deleted C:\Users\Public\Documents\dmp
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\avg web tuneup
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\0116TBUPDATEINFO
Deleted C:\Windows\Tasks\0116TBUPDATEINFO.JOB
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B5D5DBD-C857-4377-A755-06E50B4AC2B0}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{639B74F1-0594-432C-97C8-68C8C17A1E1D}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{50F4150A-48B2-417A-BE4C-C83F580FB904}
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|BackgroundHost.exe
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD|BackgroundHost.exe
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E46BA27-A526-471B-AA5E-793076CE9985}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E46BA27-A526-471B-AA5E-793076CE9985}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0116TBUPDATEINFO
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced
Deleted HKLM\SYSTEM\CurrentControlSet\Control\iSafeKrnlBoot
Deleted HKLM\Software\1832BFF4F2BF43989682B0AF5ECB8F68
Deleted HKLM\Software\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Deleted HKLM\Software\Classes\qmgcfiles
Deleted HKLM\Software\DivX\Install\Setup\WizardLayout\UniblueDriverScanner
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B81759E6-5669-4DB3-A3A7-6CD76555DE1D}_is1
Deleted HKLM\Software\Wow6432Node\1832BFF4F2BF43989682B0AF5ECB8F68
Deleted HKLM\Software\Wow6432Node\MaxPower
Deleted HKLM\Software\Wow6432Node\\Loader|Iminent
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|BackgroundHost.exe
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD|BackgroundHost.exe
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\Iminent
Deleted HKU\.DEFAULT\SOFTWARE\83055D39AB3A713C1F4B8002FF2016B7
Deleted HKU\.DEFAULT\SOFTWARE\d4d68ce23eed48
Deleted HKU\S-1-5-18\SOFTWARE\83055D39AB3A713C1F4B8002FF2016B7
Deleted HKU\S-1-5-18\SOFTWARE\d4d68ce23eed48
***** [ Chromium (and derivatives) ] *****
Deleted Bing Search Engine
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [5430 octets] - [15/05/2019 14:39:25]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Ultimate x64
Ran by Kadi (Administrator) on 15/05/2019 at 14:56:19,99
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 9
Successfully deleted: C:\Users\Kadi\Documents\add-in express (Folder)
Successfully deleted: C:\Users\Kadi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ATNYKI5A (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Kadi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JRY2S2VM (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Kadi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S223F7TP (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Kadi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z2UI5175 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ATNYKI5A (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JRY2S2VM (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S223F7TP (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z2UI5175 (Temporary Internet Files Folder)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15/05/2019 at 15:00:36,00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-05.2019 01
Ran by Kadi (administrator) on KADI-PC (15-05-2019 15:06:13)
Running from C:\Users\Kadi\Desktop
Loaded Profiles: Kadi (Available Profiles: Kadi)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVG Netherlands B.V. -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\AVGBrowserCrashHandler.exe
(AVG Netherlands B.V. -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\AVGBrowserCrashHandler64.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files (x86)\CCleaner\CCleaner64.exe
(Protexis Inc. -> Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [308656 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\...\Run: [Octoshape Streaming Services] => C:\Users\Kadi\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [107800 2011-03-24] (Octoshape -> Octoshape ApS)
HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-07-21] (Glarysoft Ltd -> Glarysoft Ltd)
HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\...\Run: [deskPDF Creator] => C:\Program Files (x86)\Docudesk\deskPDF Studio X\deskPDFCreator.exe [2346664 2013-11-02] (Docudesk -> Docudesk Corporation)
HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\...\Run: [BingSvc] => C:\Users\Kadi\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53540200 2019-03-26] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files (x86)\CCleaner\CCleaner64.exe [22515488 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Drivers32: [vidc.tscc] => C:\Windows\SysWOW64\tsccvid.dll [411480 2010-03-04] (TechSmith Corporation -> TechSmith Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.131\Installer\chrmstp.exe [2019-05-02] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> C:\Program Files (x86)\AVG\Browser\Application\73.0.762.88\Installer\chrmstp.exe [2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-02] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-04-30]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAH\FAHConsole.exe (WinZip Computing LLC -> Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-04-30]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing LLC -> WinZip Computing, S.L.)
BootExecute: autocheck autochk * BootDefrag.exe
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04CF1E0B-5A5B-4A27-9723-8EAD78432910} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2408496 2019-04-05] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {2908128C-D59C-412C-A007-FC6738E6BFB6} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {2908128C-D59C-412C-A007-FC6738E6BFB6} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {2908128C-D59C-412C-A007-FC6738E6BFB6} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [355328 [355328 2016-03-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {2CCA1932-186A-4234-A631-38DFAA52645B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-14] (Adobe Inc. -> Adobe)
Task: {3656B5CC-6D81-48AB-BC25-C55D5EEA54AE} - System32\Tasks\Trojan Remover => C:\Program Files\Loaris\Trojan Remover\ltr.exe
Task: {3C62CAC6-2AED-4FD0-80B0-2660916411F7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {3C62CAC6-2AED-4FD0-80B0-2660916411F7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [355328 [355328 2016-03-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {4CB93F94-BEF8-4BE8-99B0-56A98E723A94} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [1956064 2019-04-11] (AVG Technologies USA, Inc. -> AVG Technologies)
Task: {5959D32E-E8C5-4FDA-B8F7-E8EA32433DDF} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_Plugin.exe [1457208 2019-05-14] (Adobe Inc. -> Adobe)
Task: {5E013F6A-7C8D-4F2F-B730-83702D6082C5} - System32\Tasks\{35EF8130-3EBB-44AA-A910-00E7BCFA3ECA} => C:\Windows\system32\pcalua.exe -a C:\Users\Kadi\Downloads\Evernote_5.2.1.3108.exe -d C:\Users\Kadi\Downloads
Task: {5E7B2E85-A448-42C7-AFC5-4D7BC848A63D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-11-16] (Google Inc -> Google Inc.)
Task: {61243E1C-AE54-45B8-BE37-48484BFD12A8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {71439002-ED37-46AC-A37C-77F8E32B65B6} - \{7A7E0E47-057D-7879-0B11-0E0F7E7A110D} -> No File <==== ATTENTION
Task: {8226F10A-D5A7-4C84-AEBD-43518B9AD5B6} - System32\Tasks\{E62F500C-EC60-459E-991E-0296C9CA0BB5} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Adobe\Acrobat 7.0\Setup Files\RdrBig705\ENU\setup.exe" -d "C:\Program Files (x86)\Adobe\Acrobat 7.0\Setup Files\RdrBig705\ENU"
Task: {92679049-800D-4EA0-AD69-BD12DA80F217} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-11-16] (Google Inc -> Google Inc.)
Task: {99F38B41-EBAA-4263-8DF1-77BC9E8AB34B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {99F38B41-EBAA-4263-8DF1-77BC9E8AB34B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [355328 [355328 2016-03-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {9C7C7558-3868-42AA-A545-07705A9F2E32} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [1956064 2019-04-11] (AVG Technologies USA, Inc. -> AVG Technologies)
Task: {9F1AD998-F716-4362-A3EA-4666D596BF71} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0BB5884-ECDA-469F-90F2-EB7755FF6E55} - System32\Tasks\{35D2BFDF-605B-4F7A-88A0-8039EAFF597D} => C:\Windows\system32\pcalua.exe -a D:\100-descargas\SetupDWGTrueView2014_ENU_64bit.sfx.exe -d D:\100-descargas
Task: {B0D8494D-986A-4075-A20B-7C9F4DB7C659} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3362957246-3994920205-2013797631-1000Core => C:\Users\Kadi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {B580556D-0B36-4E08-9E0B-24031CE5861C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {B8922CA2-2382-414D-B5B6-7A00B3C0AB26} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-08] (LENOVO -> Lenovo)
Task: {B924DC20-2A24-4E04-BD53-C3F7F49EBC45} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2018-12-02] (AVG Netherlands B.V. -> AVG Technologies)
Task: {BDC6D560-6B3A-4B58-97FC-344FBE223E46} - System32\Tasks\{4442066F-B891-47C9-909B-36BDD5781588} => C:\Windows\system32\pcalua.exe -a C:\Users\Kadi\Downloads\SetupDWGTrueView2013_32bit.exe -d C:\Users\Kadi\Downloads
Task: {C2B56D43-4EE7-4D11-A3B6-09777A45E401} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {C38599BA-0CDD-4D2D-99B6-5CBC6E6F4D65} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2970544 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {C5552996-FD41-40C3-81DA-C66EB9FB8C16} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {DA390D64-69BF-42EC-9223-464462D3E7C5} - System32\Tasks\CCleaner Update => C:\Program Files (x86)\CCleaner\CCUpdate.exe [619416 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DA877DC6-3298-4D82-877E-6A04F8314A95} - System32\Tasks\{34337A51-0D28-404D-AEA5-909CEDF1AB4A} => C:\Windows\system32\pcalua.exe -a D:\100-descargas\SetupDWGTrueView2013_32bit.exe -d D:\100-descargas
Task: {F5588BA2-DF9B-4AED-A20C-AB92ADF66373} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {F5588BA2-DF9B-4AED-A20C-AB92ADF66373} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [355328 [355328 2016-03-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {F5B89AA1-6AB2-4148-891D-0D3579F8DF03} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [16509040 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {FE52822C-2563-40F8-8C98-68953FA830E4} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2018-12-02] (AVG Netherlands B.V. -> AVG Technologies)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 181.47.254.164 200.115.192.90 200.115.192.29
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{1128A294-0FFC-41EF-AB6A-08B4C32614FA}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{1128A294-0FFC-41EF-AB6A-08B4C32614FA}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{559CB794-E8E5-40C3-AD0A-3D3160ECAF93}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{559CB794-E8E5-40C3-AD0A-3D3160ECAF93}: [DhcpNameServer] 181.47.254.164 200.115.192.90 200.115.192.29
Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{9C7E5F79-C617-4DF4-9E85-80AF789CE229}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{BD664F9F-3EBA-4081-9F2F-1355E3FEEAA6}: [NameServer] 8.8.8.8
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL =
SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3362957246-3994920205-2013797631-1000 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL =
SearchScopes: HKU\S-1-5-21-3362957246-3994920205-2013797631-1000 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-03-21] (Skype Technologies SA -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> D:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2010-05-28] (Hewlett-Packard Company -> Hewlett-Packard Co.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2015-01-15] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-01-15] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> D:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2010-05-28] (Hewlett-Packard Company -> Hewlett-Packard Co.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-03-21] (Skype Technologies SA -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: lc39amda.Firefox Default-1549661720219
FF ProfilePath: C:\Users\Kadi\AppData\Roaming\Mozilla\Firefox\Profiles\su6eelht.default [2019-05-15]
FF Homepage: Mozilla\Firefox\Profiles\su6eelht.default -> hxxps://www.malwarebytes.org/restorebrowser//?ts=AHEqAX0mA3EmAE..&v=20160425&uid=83055D39AB3A713C1F4B8002FF2016B7&ptid=wak&mode=ffseng
FF Extension: (Bing Search Engine) - C:\Users\Kadi\AppData\Roaming\Mozilla\Firefox\Profiles\su6eelht.default\Extensions\[email protected] [2017-09-08] [Legacy] [not signed]
FF Extension: (leethax.net extension) - C:\Users\Kadi\AppData\Roaming\Mozilla\Firefox\Profiles\su6eelht.default\Extensions\[email protected] [2015-10-06] [Legacy]
FF SearchPlugin: C:\Users\Kadi\AppData\Roaming\Mozilla\Firefox\Profiles\su6eelht.default\searchplugins\bing-.xml [2015-03-28]
FF ProfilePath: C:\Users\Kadi\AppData\Roaming\Mozilla\Firefox\Profiles\lc39amda.Firefox Default-1549661720219 [2019-05-15]
FF Homepage: Mozilla\Firefox\Profiles\lc39amda.Firefox Default-1549661720219 -> hxxps://www.google.com/
FF Extension: (hotfix-update-xpi-intermediate) - C:\Users\Kadi\AppData\Roaming\Mozilla\Firefox\Profiles\lc39amda.Firefox Default-1549661720219\Extensions\[email protected] [2019-05-12]
FF Extension: (dark_aurora 1) - C:\Users\Kadi\AppData\Roaming\Mozilla\Firefox\Profiles\lc39amda.Firefox Default-1549661720219\Extensions\{66bb1f8a-6ba6-4762-92cc-7b38691af3a4}.xpi [2019-02-08]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - D:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - D:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-05-01] [Legacy] [not signed]
FF HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\...\Firefox\Extensions: [[email protected]] - D:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_192.dll [2019-05-14] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_192.dll [2019-05-14] (Adobe Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-01-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll [2011-11-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3362957246-3994920205-2013797631-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Kadi\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1702150-0-npoctoshape.dll [2017-02-15] (Octoshape -> Octoshape ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\Kadi\AppData\Roaming\mozilla\plugins\npatgpc.dll [2016-06-16]
FF Plugin ProgramFiles/Appdata: C:\Users\Kadi\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2016-06-16]
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=es-xl
CHR StartupUrls: Profile 1 -> "hxxp://www.google.com.ar/","hxxp://www.yessearches.com/?mode=nnnb&ptid=wak&uid=83055D39AB3A713C1F4B8002FF2016B7&v=20160425&ts=AHEqAX0mA3EmAE..","hxxps://www.google.com/"
CHR DefaultSearchURL: Profile 1 -> hxxp://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t
CHR DefaultSearchKeyword: Profile 1 -> google.com__
CHR DefaultSuggestURL: Profile 1 -> hxxp://suggestqueries.google.com/complete/search?q={searchTerms}
CHR Session Restore: Profile 1 -> is enabled.
CHR Profile: C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Default [2019-05-15]
CHR Extension: (Documentos) - C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-21]
CHR Extension: (Google Drive) - C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-10]
CHR Extension: (YouTube) - C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-21]
CHR Extension: (Búsqueda de Google) - C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-28]
CHR Extension: (Adobe Acrobat) - C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-03-21]
CHR Extension: (MSN Homepage) - C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkcgfbgohboipdhliafmacjnhjbhmim [2019-03-21]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-21]
CHR Extension: (Skype) - C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2019-03-21]
CHR Extension: (AVG SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2019-03-21]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-03-21]
CHR Extension: (Gmail) - C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-21]
CHR Profile: C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-05-15]
CHR Extension: (Descargas) - C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ahigpjeolkfgjdaeodlmaceggigbpeoh [2015-09-30]
CHR Extension: (Documentos) - C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (Adobe Acrobat) - C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-05-15]
CHR Extension: (Booking.com for Chrome™) - C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fgkeilefmpmbamgcejhjpiecahcbipip [2019-01-19]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-03]
CHR Extension: (AdBlock) - C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-05-11]
CHR Extension: (Botón Guardar de Pinterest) - C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2019-05-11]
CHR Extension: (Cisco Webex Extension) - C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2018-07-29]
CHR Extension: (PlayTo para Chromecast™) - C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jngkenaoceimiimeokpdbmejeonaaami [2018-10-10]
CHR Extension: (VideoDownloadConverter) - C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjpojamndoobgfcfnkjfncgjlcebpel [2019-05-15]
CHR Extension: (TV para Google Chrome™) - C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe [2019-01-28]
CHR Extension: (AVG SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2019-03-19]
CHR Extension: (Drive Migrator) - C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nakklajdcijlkfagghhcdofbgbhddoed [2019-02-08]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Chrome Media Router) - C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-13]
CHR Extension: (uBlock Adblocker Plus) - C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pnhflmgomffaphmnbcogleagmloijbkd [2018-10-10]
CHR HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.T4P6NQVVLTWST7HKAQTJDONDMQ - C:\Users\Kadi\AppData\Local\Google\Chrome\Application\old_chrome.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [203776 2011-01-26] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2018-12-02] (AVG Netherlands B.V. -> AVG Technologies)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [362536 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [6709272 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2018-12-02] (AVG Netherlands B.V. -> AVG Technologies)
R3 hpqcxs08; D:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [254824 2010-05-27] (Hewlett Packard -> Hewlett-Packard Co.)
R2 hpqddsvc; D:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [138600 2010-05-28] (Hewlett Packard -> Hewlett-Packard Co.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RapiMgr; C:\Windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11446104 2019-04-24] (TeamViewer GmbH -> TeamViewer GmbH)
R2 WcesComm; C:\Windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S3 AVGSecureBrowserElevationService; "C:\Program Files (x86)\AVG\Browser\Application\73.0.762.88\elevation_service.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [9085952 2011-01-26] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [299520 2011-01-26] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [37368 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [205656 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [254680 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [196560 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\Windows\System32\drivers\avgblog.sys [320672 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [58152 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [42336 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [166896 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [112360 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [87992 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1030832 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [476824 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [220472 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [385904 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-07-18] (Glarysoft Ltd -> Glarysoft Ltd)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2014-07-22] (Glarysoft Ltd -> Glarysoft Ltd)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [44480 2013-09-23] (Akeo Consulting -> hxxp://libusb-win32.sourceforge.net)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-05-15] (Malwarebytes Corporation -> Malwarebytes)
S3 MHIKEY10; C:\Windows\System32\Drivers\MHIKEY10x64.sys [60288 2010-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Generic USB smartcard reader)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-05-15 15:06 - 2019-05-15 15:08 - 000039730 _____ C:\Users\Kadi\Desktop\FRST.txt
2019-05-15 15:05 - 2019-05-15 15:04 - 002434560 _____ (Farbar) C:\Users\Kadi\Desktop\FRST64.exe
2019-05-15 15:00 - 2019-05-15 15:00 - 000001929 _____ C:\Users\Kadi\Desktop\JRT.txt
2019-05-15 14:55 - 2019-05-15 14:55 - 000005430 _____ C:\Users\Kadi\Desktop\AdwCleaner[S00].txt
2019-05-15 14:55 - 2019-05-15 14:55 - 000004851 _____ C:\Users\Kadi\Desktop\AdwCleaner[C00].txt
2019-05-15 14:41 - 2019-05-15 14:41 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-05-15 14:34 - 2019-05-15 14:34 - 000022743 _____ C:\Users\Kadi\Desktop\Minforme.txt
2019-05-15 14:33 - 2019-05-15 14:33 - 000022740 _____ C:\Users\Kadi\Downloads\Minforme.txt
2019-05-15 13:56 - 2019-05-15 13:56 - 000000000 ____D C:\Users\Kadi\AppData\Local\mbamtray
2019-05-15 13:56 - 2019-05-15 13:56 - 000000000 ____D C:\Users\Kadi\AppData\Local\mbam
2019-05-15 13:55 - 2019-05-15 13:55 - 000001862 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-05-15 13:55 - 2019-05-15 13:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-05-15 13:55 - 2019-05-15 13:55 - 000000000 ____D C:\Program Files\Malwarebytes
2019-05-15 13:55 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-05-15 13:53 - 2019-05-15 14:49 - 000004140 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-05-15 13:53 - 2019-05-15 13:53 - 000001056 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-05-15 13:40 - 2019-05-15 13:40 - 007025360 _____ (Malwarebytes) C:\Users\Kadi\Desktop\adwcleaner_7.3.exe
2019-05-15 13:40 - 2019-05-15 13:40 - 001790024 _____ (Malwarebytes) C:\Users\Kadi\Desktop\JRT.exe
2019-05-15 13:39 - 2019-05-15 13:40 - 063304984 _____ (Malwarebytes ) C:\Users\Kadi\Desktop\mb3-setup-consumer-3.7.1.2839-1.0.586-1.0.10597.exe
2019-05-15 13:39 - 2019-05-15 13:39 - 021254208 _____ (Piriform Software Ltd) C:\Users\Kadi\Desktop\ccsetup556.exe
2019-05-09 17:21 - 2019-05-15 13:15 - 000000000 ____D C:\Users\Kadi\Desktop\Inteligencia emocional
2019-05-08 12:29 - 2019-05-08 12:29 - 000473584 _____ C:\Users\Kadi\Desktop\Ferraro Malena CV.pdf
2019-05-06 14:41 - 2019-05-06 14:41 - 002361653 _____ C:\Users\Kadi\Desktop\PDF13supresion_cronica_de_pensamientos.pdf
2019-04-25 13:25 - 2019-04-25 13:25 - 000003706 _____ C:\Windows\System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly)
2019-04-25 13:25 - 2019-04-25 13:25 - 000003124 _____ C:\Windows\System32\Tasks\AVG Secure Browser Heartbeat Task (Logon)
2019-04-24 18:31 - 2019-04-24 18:31 - 000362928 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2019-04-17 15:14 - 2019-04-17 15:14 - 000002003 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-05-15 15:06 - 2014-07-22 19:04 - 000000000 ____D C:\FRST
2019-05-15 14:50 - 2018-12-02 11:02 - 000004174 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
2019-05-15 14:48 - 2013-02-28 15:28 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-05-15 14:46 - 2009-07-14 01:45 - 000026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-05-15 14:46 - 2009-07-14 01:45 - 000026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-05-15 14:40 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-05-15 14:39 - 2014-07-19 20:25 - 000000000 ____D C:\AdwCleaner
2019-05-15 14:39 - 2013-11-22 14:23 - 000000000 ____D C:\Users\Kadi\AppData\Roaming\WinZip
2019-05-15 14:28 - 2014-07-22 08:59 - 000000000 ____D C:\Users\Kadi\AppData\Roaming\DiskDefrag
2019-05-15 13:56 - 2012-07-10 09:42 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-05-15 13:55 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
2019-05-15 13:54 - 2013-02-28 17:08 - 000000000 ____D C:\Users\Kadi\AppData\Roaming\TeamViewer
2019-05-15 13:53 - 2012-08-09 09:42 - 000000000 ____D C:\Program Files (x86)\CCleaner
2019-05-15 12:01 - 2017-12-18 12:09 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-15 11:51 - 2019-03-19 14:30 - 000003140 _____ C:\Windows\System32\Tasks\{35D2BFDF-605B-4F7A-88A0-8039EAFF597D}
2019-05-15 11:51 - 2019-03-19 14:18 - 000003124 _____ C:\Windows\System32\Tasks\{34337A51-0D28-404D-AEA5-909CEDF1AB4A}
2019-05-15 11:51 - 2018-12-20 08:32 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-05-15 11:51 - 2018-03-13 15:36 - 000004488 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-05-15 11:51 - 2016-11-16 13:00 - 000003470 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-15 11:51 - 2016-11-16 13:00 - 000003342 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-15 11:51 - 2016-05-25 11:59 - 000003702 _____ C:\Windows\System32\Tasks\AutoPico Daily Restart
2019-05-15 11:51 - 2016-05-03 19:04 - 000003126 _____ C:\Windows\System32\Tasks\Trojan Remover
2019-05-15 11:51 - 2015-10-06 16:16 - 000004320 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-05-15 11:51 - 2015-01-01 21:21 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-05-15 11:51 - 2014-04-02 21:52 - 000003138 _____ C:\Windows\System32\Tasks\{35EF8130-3EBB-44AA-A910-00E7BCFA3ECA}
2019-05-15 11:51 - 2013-05-01 20:21 - 000003152 _____ C:\Windows\System32\Tasks\{4442066F-B891-47C9-909B-36BDD5781588}
2019-05-15 11:51 - 2012-09-12 09:10 - 000003290 _____ C:\Windows\System32\Tasks\{E62F500C-EC60-459E-991E-0296C9CA0BB5}
2019-05-15 11:51 - 2012-09-10 09:25 - 000002798 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-05-14 12:36 - 2012-07-10 09:28 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-05-14 12:36 - 2012-07-10 09:28 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-14 12:36 - 2012-07-10 09:28 - 000000000 ____D C:\Windows\system32\Macromed
2019-05-14 12:36 - 2012-06-14 18:52 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-05-13 10:07 - 2017-11-25 16:49 - 000000000 ____D C:\Users\Kadi\AppData\LocalLow\Mozilla
2019-05-12 12:14 - 2019-03-28 09:38 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-05-03 06:30 - 2018-01-07 13:43 - 000001006 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk
2019-05-02 20:23 - 2015-04-08 01:29 - 000002257 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-25 13:25 - 2018-12-02 11:22 - 000002339 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk
2019-04-24 18:32 - 2019-04-12 15:18 - 000000077 _____ C:\Windows\system32\Drivers\avgSP.sys.sum
2019-04-24 18:32 - 2018-12-02 11:02 - 000476824 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2019-04-24 18:32 - 2018-12-02 11:02 - 000385904 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2019-04-24 18:31 - 2019-01-04 18:00 - 000037368 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArDisk.sys
2019-04-24 18:31 - 2018-12-02 11:02 - 001030832 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2019-04-24 18:31 - 2018-12-02 11:02 - 000220472 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2019-04-24 18:31 - 2018-12-02 11:02 - 000205656 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2019-04-24 18:31 - 2018-12-02 11:02 - 000166896 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2019-04-24 18:31 - 2018-12-02 11:02 - 000112360 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2019-04-24 18:31 - 2018-12-02 11:02 - 000087992 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2019-04-24 18:31 - 2018-12-02 11:02 - 000042336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys
2019-04-24 18:30 - 2019-01-15 23:36 - 000254680 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys
2019-04-24 18:30 - 2019-01-04 18:00 - 000320672 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgblog.sys
2019-04-24 18:30 - 2019-01-04 18:00 - 000196560 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsh.sys
2019-04-24 18:30 - 2019-01-04 18:00 - 000058152 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniv.sys
2019-04-18 18:41 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\system32\NDF
2019-04-17 15:07 - 2019-02-08 18:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-04-16 16:29 - 2019-04-03 15:22 - 000000000 ____D C:\Users\Kadi\Desktop\agenda
==================== Files in the root of some directories =======
2013-06-17 18:11 - 2012-10-04 07:30 - 006516280 _____ (AVAST Software) C:\Program Files\A
2016-04-30 09:51 - 2016-04-30 09:51 - 000005120 _____ () C:\Users\Kadi\AppData\Roaming\GiftBag.db
2012-07-08 11:59 - 2012-07-13 11:03 - 000000132 _____ () C:\Users\Kadi\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2016-04-30 20:32 - 2016-04-30 20:32 - 039550976 _____ (Tencent Inc.) C:\Users\Kadi\AppData\Roaming\TXQBINSTX2.EXE
2013-06-18 00:15 - 2013-06-18 00:15 - 000000005 _____ () C:\Users\Kadi\AppData\Roaming\WBPU-Q2-TTL.DAT
2013-06-17 23:14 - 2013-06-25 11:57 - 000000005 _____ () C:\Users\Kadi\AppData\Roaming\WBPU-TTL.DAT
2012-09-05 11:10 - 2016-11-05 21:37 - 000016384 _____ () C:\Users\Kadi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-05-19 14:45 - 2016-05-19 14:45 - 000000036 _____ () C:\Users\Kadi\AppData\Local\housecall.guid.cache
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-05-13 14:22
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-05.2019 01
Ran by Kadi (15-05-2019 15:08:47)
Running from C:\Users\Kadi\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2012-06-13 23:00:05)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-3362957246-3994920205-2013797631-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-3362957246-3994920205-2013797631-1006 - Limited - Enabled)
Invitado (S-1-5-21-3362957246-3994920205-2013797631-501 - Limited - Enabled)
Kadi (S-1-5-21-3362957246-3994920205-2013797631-1000 - Administrator - Enabled) => C:\Users\Kadi
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG Antivirus (Disabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Disabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3600_Help (HKLM-x32\...\{AFDAB4B7-E5CE-4277-9ABB-8D8C5E12853D}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.192 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.192 - Adobe)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Apowersoft Online Launcher versión 1.4.4 (HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.4.4 - APOWERSOFT LIMITED)
ATI AVIVO64 Codecs (HKLM\...\{D0CE4A83-018E-C14F-734C-6BEBF469C681}) (Version: 11.6.0.10126 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{2496B756-C386-B088-7644-55F16C18A6E7}) (Version: 3.0.812.0 - ATI Technologies, Inc.)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 19.4.3089 - AVG Technologies)
AVG Secure Browser (HKLM-x32\...\AVG Secure Browser) (Version: 73.0.762.88 - Los creadores de AVG Secure Browser)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
BPD_Scan (HKLM-x32\...\{8CE4CB34-8187-42A1-B597-517760BEE8EC}) (Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (HKLM-x32\...\{2965EB43-0543-459A-81D9-F4F7CD812075}) (Version: 140.0.000.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (HKLM-x32\...\{E593C3B6-6C5A-4AFC-A4F7-CCB94F60C888}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.213.000 - Hewlett-Packard) Hidden
ccc-core-static (HKLM-x32\...\{CA212D9E-EDFB-B0D8-B1D5-05ED5838F6B7}) (Version: 2011.0126.1749.31909 - Nombre de su organización) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.56 - Piriform)
Centro de dispositivos de Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{51DD370C-6690-424E-9674-5F14468B323F}) (Version: 15.0.0.487 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\{51DD370C-6690-424E-9674-5F14468B323F}) (Version: 15.0.487 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - BR (HKLM-x32\...\{FD8AE9E2-B61E-4826-9CE7-937E1E9A9EEC}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Capture (HKLM-x32\...\{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Common (HKLM-x32\...\{CA3861BA-1D96-4D66-B577-318E1602C4F3}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Connect (HKLM-x32\...\{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Custom Data (HKLM-x32\...\{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Draw (HKLM-x32\...\{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - EN (HKLM-x32\...\{E34C6AA4-AE8E-4677-912A-92FC2E039DD9}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - ES (HKLM-x32\...\{68EE5C41-2F79-4F36-BE85-22A814F55AF7}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Extra Content (HKLM-x32\...\_{D0291D38-D7AE-47B6-AD64-4FAB908FDB9F}) (Version: - Corel Corporation)
CorelDRAW Graphics Suite X5 - Extra Content (HKLM-x32\...\{D0291D38-D7AE-47B6-AD64-4FAB908FDB9F}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Filters (HKLM-x32\...\{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - FontNav (HKLM-x32\...\{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - FR (HKLM-x32\...\{8F18CFF8-8259-4148-AD00-2EE572754E92}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - IPM (HKLM-x32\...\{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - PHOTO-PAINT (HKLM-x32\...\{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Photozoom Plugin (HKLM-x32\...\{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Redist (HKLM-x32\...\{59123CCF-FED2-46FF-9293-D1DC80042219}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Setup Files (HKLM-x32\...\{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VBA (HKLM-x32\...\{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VideoBrowser (HKLM-x32\...\{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VSTA (HKLM-x32\...\{260ED378-2B8C-4831-ADAE-D0712D119AC5}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit (HKLM\...\{66C10F29-31F0-4A9B-B2CF-465F488AE086}) (Version: 15.0.487 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - WT (HKLM-x32\...\{9244E956-5939-4B88-930C-0699D4AB2B95}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 (HKLM-x32\...\{368FCA18-C510-4F87-B60E-192B9BDBAE3D}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X5 (HKLM-x32\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.0.0.486 - Corel Corporation)
CuteFTP 8 Home (HKLM-x32\...\{949DBB22-2FB7-4de1-804C-23D495A988D8}) (Version: 8.3.4 - GlobalSCAPE)
Debut, capturador de vídeo (HKLM-x32\...\Debut) (Version: 4.06 - NCH Software)
deskPDF Studio X (HKLM-x32\...\deskPDF Studio_is1) (Version: - Docudesk)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.213.000 - Hewlett-Packard) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 140.0.100.000 - Hewlett-Packard) Hidden
Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Fax (HKLM-x32\...\{9294F169-72EE-4D74-AE92-CA25F64B4FF8}) (Version: 140.0.213.000 - Hewlett-Packard) Hidden
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
FILEminimizer Suite (HKLM-x32\...\FILEminimizer Suite_is1) (Version: - balesio AG)
Folder Size 3.4.0.0 (HKLM-x32\...\{2DFA85ED-588F-4CE3-A175-29E52C3804A8}_is1) (Version: 3.4.0.0 - MindGems, Inc.)
Foxit PhantomPDF Standard (HKLM-x32\...\{D357F3E5-E140-4EA9-8751-4354FD7BAACD}) (Version: 7.0.5.1021 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.3.916 - Foxit Software Inc.)
Free Opener (HKLM\...\{A1F2C608-32D6-467D-B035-BBEF509042BA}_is1) (Version: 1.4 - EZ Freeware)
G Suite Migration For Microsoft Outlook® 4.0.117.0 (HKLM\...\{A192D75D-8490-405F-82C5-A29906B8DA95}) (Version: 4.0.117.0 - Google, Inc.)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Glary Utilities 5.4 (HKLM-x32\...\Glary Utilities 5) (Version: 5.4.0.11 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.131 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP OfficeJet J3600 (HKLM\...\{269402AB-D600-4961-80EF-779CB346D29E}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}) (Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.213.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
HydraVision (HKLM-x32\...\{DE9069FA-EF9E-25CD-67E7-0242935CCD49}) (Version: 4.2.184.0 - ATI Technologies Inc.) Hidden
InPixio Photo Clip 8 Demo (HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\...\{9F45A8A5-0487-4aa6-A67E-46E103C927AD}) (Version: 8.00 - InPixio)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
J3600 (HKLM-x32\...\{1356E5A2-D867-4C4F-BC67-E468AF8410E0}) (Version: 140.0.000.000 - Hewlett-Packard) Hidden
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JDiskReport 1.4.1 (HKLM-x32\...\JDiskReport 1.4.1) (Version: 1.4.1 (2014-02-26 11:50:44) - JGoodies Karsten Lentzsch)
KMSpico v9.0.2.20131020 (Beta) (HKLM\...\KMSpico & Ratiborus_is1) (Version: 9.0.2.20131020 - )
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.214.000 - Hewlett-Packard) Hidden
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.6 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - ESN (HKLM-x32\...\{6D972506-DC01-39BC-A5DD-06DA86E00031}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - ESN (HKLM-x32\...\{4A28444E-0532-3264-B07D-5AFE590E30BE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
Mozilla Firefox 66.0.3 (x64 es-AR) (HKLM\...\Mozilla Firefox 66.0.3 (x64 es-AR)) (Version: 66.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Noise Reduction Plug-in 2.0i (HKLM-x32\...\{DC35AABA-EA0A-41C1-8462-F60A201DFF9B}) (Version: 2.0.455 - Sony)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Octoshape Streaming Services (HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\...\Octoshape Streaming Services) (Version: - Octoshape ApS)
Online Video Converter version 1.0.6 (HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\...\{628BF902-EB66-4BDB-97CB-AE4AAAAA5A7F}_is1) (Version: 1.0.6 - APOWERSOFT LIMITED)
Oracle VM VirtualBox 4.3.20 (HKLM\...\{86401870-7AB7-4A8D-8AD6-12B27DF2E6E3}) (Version: 4.3.20 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (HKLM\...\{E237254B-36A1-3D27-815E-B37C13BE0796}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM-x32\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
ProductContext (HKLM-x32\...\{24F5EAD9-7D46-4ED6-9F61-085A76ADF523}) (Version: 140.0.000.000 - Hewlett-Packard) Hidden
Q-Dir (HKLM-x32\...\Q-Dir) (Version: - )
Q-Dir (HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\...\Q-Dir) (Version: - )
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6402 - Realtek Semiconductor Corp.)
Revisión para Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM-x32\...\{6D972506-DC01-39BC-A5DD-06DA86E00031}.KB947789) (Version: 1 - Microsoft Corporation)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.167.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype versión 8.42 (HKLM-x32\...\Skype_is1) (Version: 8.42 - Skype Technologies S.A.)
SmartWebPrinting (HKLM-x32\...\{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}) (Version: 140.0.213.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.214.000 - Hewlett-Packard) Hidden
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.256.000 - Hewlett-Packard) Hidden
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.36215 - TeamViewer)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.213.000 - Hewlett-Packard) Hidden
UltraISO Premium V9.36 (HKLM-x32\...\UltraISO_is1) (Version: - )
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.213.017 - Hewlett-Packard) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E9}) (Version: 19.5.11475 - WinZip Computing, S.L. )
WMV9/VC-1 Video Playback (HKLM\...\{3520B663-C056-D2F8-77E2-4F0CA41D3803}) (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
ZoneAlarm Free Antivirus + Firewall (HKLM-x32\...\ZoneAlarm Free Antivirus + Firewall) (Version: 15.4.062.17802 - Check Point)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (HKLM\...\{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM-x32\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\...\ChromeHTML: -> <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-3362957246-3994920205-2013797631-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll () [File not signed]
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll (Microsoft Windows -> Microsoft Corporation)
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWow64\webcheck.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2014-09-11] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2014-09-11] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2014-07-18] (Glarysoft Ltd -> Glarysoft Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2015-04-24] (WinZip Computing LLC -> WinZip Computing, S.L.)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2014-07-18] (Glarysoft Ltd -> Glarysoft Ltd)
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2015-04-24] (WinZip Computing LLC -> WinZip Computing, S.L.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2011-01-26] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2014-07-18] (Glarysoft Ltd -> Glarysoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2015-04-24] (WinZip Computing LLC -> WinZip Computing, S.L.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Kadi\AppData\Local\Google\Chrome\User Data\Selector de aplicaciones de Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
==================== Loaded Modules (Whitelisted) ==============
2013-06-14 10:28 - 2005-03-11 15:07 - 000087040 _____ () [File not signed] C:\Windows\System32\redmonnt.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2009-08-18 11:24 - 2009-08-18 11:24 - 000167424 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Kadi\AppData\Local\Archivos temporales de Internet:MvD1eeVFjIkCyE3i5lmbJqoz3 [2358]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice => FileAssociationManager
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 23:34 - 2018-12-10 19:55 - 000000280 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;%C_EM64T_REDIST11%bin\Intel64;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;%CommonProgramFiles%\Microsoft Shared\Windows Live;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\QuickTime\QTSystem;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;%PROGRAMFILES%\Internet Explorer;C:\Program Files\Google\Google Apps Migration;C:\Program Files\Google\Google Apps Migration\
HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kadi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{751F2A99-E0F9-40D0-8CA0-E2211703BCB8}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [UDP Query User{53BBD8E8-DD85-458F-8425-7F08E340E86F}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{CE1D7B9C-EFC5-48BA-9FDD-A2C422D33163}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{CE1AC2C0-D247-4059-B928-09CFF22E2E16}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{17D9CAE4-957B-434C-8117-6BA9AAFFAAA1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{22B2218B-33F8-4C68-8CAC-70EC44E208F4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{869B13C7-8353-4CC1-9CE4-E8BF78594C12}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9CEDAAA9-451B-44D6-ADBD-2BB681F2BDB9}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{178C88BA-84AA-4FAC-9EE4-B5BCC7B1F528}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CBC9150B-FDD5-4DDE-9684-153374792380}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E8943359-1FF8-42CA-B2AC-61A48FC40601}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3AB9F507-72A5-40D4-A86C-A4C9C661C15B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{03E49067-EC00-4389-B05E-6D8CB18BACEF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C1BCFA05-617E-4B71-BD42-D45B843CEFBB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{66551A8F-0FAD-44E4-B62B-EC5A2FE49156}] => (Allow) C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe (AVG Technologies USA, Inc. -> AVG Technologies)
FirewallRules: [{C407574B-F45A-45E5-8EA0-74A52B6ABAD1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{711B4CAC-A989-49CE-BD05-9089DABF4E38}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{9DBE5D89-77BD-49B7-9BA0-1C9383F488C5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{D8F9A564-05B4-4B1A-8503-E649AD8E4BE2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{FD09495C-16EA-4F24-9083-05753D040A87}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
==================== Restore Points =========================
15-05-2019 14:56:21 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/15/2019 02:42:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (05/15/2019 02:29:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (05/15/2019 02:23:44 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: AVG Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\GoogleUpdateHelper.msi
Error: (05/15/2019 01:23:53 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: AVG Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\GoogleUpdateHelper.msi
Error: (05/15/2019 12:23:43 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: AVG Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\GoogleUpdateHelper.msi
Error: (05/15/2019 11:23:43 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: AVG Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\GoogleUpdateHelper.msi
Error: (05/15/2019 10:42:21 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: AVG Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\GoogleUpdateHelper.msi
Error: (05/15/2019 10:42:19 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
System errors:
=============
Error: (05/15/2019 02:39:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Live ID Sign-in Assistant terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.
Error: (05/15/2019 02:39:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Protexis Licensing V2 se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (05/15/2019 02:39:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Instalador de módulos de Windows terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.
Error: (05/15/2019 02:39:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Adobe Acrobat Update Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (05/15/2019 02:39:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio AMD External Events Utility se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (05/15/2019 01:25:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio AVG Secure Browser Elevation Service no pudo iniciarse debido al siguiente error:
El sistema no puede encontrar el archivo especificado.
Error: (05/15/2019 12:25:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio AVG Secure Browser Elevation Service no pudo iniciarse debido al siguiente error:
El sistema no puede encontrar el archivo especificado.
Error: (05/15/2019 12:25:29 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Error de DCOM "2" al intentar iniciar el servicio AVGSecureBrowserElevationService con argumentos "" para ejecutar el servidor:
{CA348B59-06AD-4482-AD87-966302908F0F}
CodeIntegrity:
===================================
Date: 2018-01-04 08:26:26.783
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Program Files (x86)\Cheat Engine 6.7\dbk32.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2018-01-04 08:26:24.890
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Program Files (x86)\Cheat Engine 6.7\dbk64.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2018-01-03 11:35:14.286
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Program Files (x86)\Cheat Engine 6.7\dbk32.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2018-01-03 11:35:13.292
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Program Files (x86)\Cheat Engine 6.7\dbk64.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2018-01-03 10:26:14.142
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Program Files (x86)\Cheat Engine 6.7\dbk32.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2018-01-03 10:26:12.336
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Program Files (x86)\Cheat Engine 6.7\dbk64.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2014-07-21 20:33:52.595
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\ComboFix\catchme.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2014-07-21 20:33:52.575
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\ComboFix\catchme.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 3501 02/08/2012
Motherboard: ASUSTeK COMPUTER INC. P8H61-M LX
Processor: Intel(R) Core(TM) i5-2310 CPU @ 2.90GHz
Percentage of memory in use: 74%
Total physical RAM: 6111.14 MB
Available physical RAM: 1530.43 MB
Total Virtual: 12220.46 MB
Available Virtual: 7580.3 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:58.59 GB) (Free:6.15 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Disco local) (Fixed) (Total:90.45 GB) (Free:26.37 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: 0C8C0C8B)
Partition 1: (Active) - (Size=58.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=90.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Bien… y ahora sigue estos pasos, MUY Importante Realiza una copia de seguridad del registro :
Para hacerlo descarga DelFix.exe(en tu escritorio).
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
Atención, ahora marca/selecciona únicamente la casilla Create registry backup, las demás casillas NO.
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
Con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\...\ChromeHTML: -> <==== ATTENTION
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
AlternateDataStreams: C:\Users\Kadi\AppData\Local\Archivos temporales de Internet:MvD1eeVFjIkCyE3i5lmbJqoz3 [2358]
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\...\Run: [BingSvc] => C:\Users\Kadi\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
BootExecute: autocheck autochk * BootDefrag.exe
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {2908128C-D59C-412C-A007-FC6738E6BFB6} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {2908128C-D59C-412C-A007-FC6738E6BFB6} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {2908128C-D59C-412C-A007-FC6738E6BFB6} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [355328 [355328 2016-03-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {3656B5CC-6D81-48AB-BC25-C55D5EEA54AE} - System32\Tasks\Trojan Remover => C:\Program Files\Loaris\Trojan Remover\ltr.exe
Task: {3C62CAC6-2AED-4FD0-80B0-2660916411F7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {3C62CAC6-2AED-4FD0-80B0-2660916411F7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [355328 [355328 2016-03-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {71439002-ED37-46AC-A37C-77F8E32B65B6} - \{7A7E0E47-057D-7879-0B11-0E0F7E7A110D} -> No File <==== ATTENTION
Task: {99F38B41-EBAA-4263-8DF1-77BC9E8AB34B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {99F38B41-EBAA-4263-8DF1-77BC9E8AB34B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [355328 [355328 2016-03-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {A0BB5884-ECDA-469F-90F2-EB7755FF6E55} - System32\Tasks\{35D2BFDF-605B-4F7A-88A0-8039EAFF597D} => C:\Windows\system32\pcalua.exe -a D:\100-descargas\SetupDWGTrueView2014_ENU_64bit.sfx.exe -d D:\100-descargas
Task: {B0D8494D-986A-4075-A20B-7C9F4DB7C659} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3362957246-3994920205-2013797631-1000Core => C:\Users\Kadi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {BDC6D560-6B3A-4B58-97FC-344FBE223E46} - System32\Tasks\{4442066F-B891-47C9-909B-36BDD5781588} => C:\Windows\system32\pcalua.exe -a C:\Users\Kadi\Downloads\SetupDWGTrueView2013_32bit.exe -d C:\Users\Kadi\Downloads
Task: {DA877DC6-3298-4D82-877E-6A04F8314A95} - System32\Tasks\{34337A51-0D28-404D-AEA5-909CEDF1AB4A} => C:\Windows\system32\pcalua.exe -a D:\100-descargas\SetupDWGTrueView2013_32bit.exe -d D:\100-descargas
Task: {F5588BA2-DF9B-4AED-A20C-AB92ADF66373} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {F5588BA2-DF9B-4AED-A20C-AB92ADF66373} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [355328 [355328 2016-03-20]] (Microsoft Windows -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-01-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-15] (Oracle America, Inc. -> Oracle Corporation)
CHR StartupUrls: Profile 1 -> "hxxp://www.google.com.ar/","hxxp://www.yessearches.com/?mode=nnnb&ptid=wak&uid=83055D39AB3A713C1F4B8002FF2016B7&v=20160425&ts=AHEqAX0mA3EmAE..","hxxps://www.google.com/"
2013-06-17 18:11 - 2012-10-04 07:30 - 006516280 _____ (AVAST Software) C:\Program Files\A
2016-04-30 20:32 - 2016-04-30 20:32 - 039550976 _____ (Tencent Inc.) C:\Users\Kadi\AppData\Roaming\TXQBINSTX2.EXE
2019-05-15 11:51 - 2018-12-20 08:32 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
ENDGuárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.
Nota Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.
Y ahora inicia tu equipo desde el Modo Seguro – con funciones de Red, de Windows
Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
Presionar el botón FIX y aguardar a que termine.
La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).
Pegar el contenido de este fichero en tu próxima respuesta.
Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.
Saludos.
Muchas gracias Javier! aqui esta el reporte que me pides…
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-05.2019 01
Ran by Kadi (15-05-2019 19:38:57) Run:1
Running from C:\Users\Kadi\Desktop
Loaded Profiles: Kadi (Available Profiles: Kadi)
Boot Mode: Safe Mode (with Networking)
==============================================
fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\...\ChromeHTML: -> <==== ATTENTION
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
AlternateDataStreams: C:\Users\Kadi\AppData\Local\Archivos temporales de Internet:MvD1eeVFjIkCyE3i5lmbJqoz3 [2358]
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\...\Run: [BingSvc] => C:\Users\Kadi\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (Microsoft Corporation -> � 2015 Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
BootExecute: autocheck autochk * BootDefrag.exe
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {2908128C-D59C-412C-A007-FC6738E6BFB6} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {2908128C-D59C-412C-A007-FC6738E6BFB6} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {2908128C-D59C-412C-A007-FC6738E6BFB6} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [355328 [355328 2016-03-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {3656B5CC-6D81-48AB-BC25-C55D5EEA54AE} - System32\Tasks\Trojan Remover => C:\Program Files\Loaris\Trojan Remover\ltr.exe
Task: {3C62CAC6-2AED-4FD0-80B0-2660916411F7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {3C62CAC6-2AED-4FD0-80B0-2660916411F7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [355328 [355328 2016-03-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {71439002-ED37-46AC-A37C-77F8E32B65B6} - \{7A7E0E47-057D-7879-0B11-0E0F7E7A110D} -> No File <==== ATTENTION
Task: {99F38B41-EBAA-4263-8DF1-77BC9E8AB34B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {99F38B41-EBAA-4263-8DF1-77BC9E8AB34B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [355328 [355328 2016-03-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {A0BB5884-ECDA-469F-90F2-EB7755FF6E55} - System32\Tasks\{35D2BFDF-605B-4F7A-88A0-8039EAFF597D} => C:\Windows\system32\pcalua.exe -a D:\100-descargas\SetupDWGTrueView2014_ENU_64bit.sfx.exe -d D:\100-descargas
Task: {B0D8494D-986A-4075-A20B-7C9F4DB7C659} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3362957246-3994920205-2013797631-1000Core => C:\Users\Kadi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {BDC6D560-6B3A-4B58-97FC-344FBE223E46} - System32\Tasks\{4442066F-B891-47C9-909B-36BDD5781588} => C:\Windows\system32\pcalua.exe -a C:\Users\Kadi\Downloads\SetupDWGTrueView2013_32bit.exe -d C:\Users\Kadi\Downloads
Task: {DA877DC6-3298-4D82-877E-6A04F8314A95} - System32\Tasks\{34337A51-0D28-404D-AEA5-909CEDF1AB4A} => C:\Windows\system32\pcalua.exe -a D:\100-descargas\SetupDWGTrueView2013_32bit.exe -d D:\100-descargas
Task: {F5588BA2-DF9B-4AED-A20C-AB92ADF66373} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {F5588BA2-DF9B-4AED-A20C-AB92ADF66373} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [355328 [355328 2016-03-20]] (Microsoft Windows -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-01-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-15] (Oracle America, Inc. -> Oracle Corporation)
CHR StartupUrls: Profile 1 -> "hxxp://www.google.com.ar/","hxxp://www.yessearches.com/?mode=nnnb&ptid=wak&uid=83055D39AB3A713C1F4B8002FF2016B7&v=20160425&ts=AHEqAX0mA3EmAE..","hxxps://www.google.com/"
2013-06-17 18:11 - 2012-10-04 07:30 - 006516280 _____ (AVAST Software) C:\Program Files\A
2016-04-30 20:32 - 2016-04-30 20:32 - 039550976 _____ (Tencent Inc.) C:\Users\Kadi\AppData\Roaming\TXQBINSTX2.EXE
2019-05-15 11:51 - 2018-12-20 08:32 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************
Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKU\S-1-5-21-3362957246-3994920205-2013797631-1000_Classes\ChromeHTML => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing => removed successfully
HKLM\Software\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\###MegaContextMenuExt => removed successfully
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avg => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\###MegaContextMenuExt => removed successfully
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => not found
C:\Users\Kadi\AppData\Local\Archivos temporales de Internet => ":MvD1eeVFjIkCyE3i5lmbJqoz3" ADS could not remove.
"HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE" => removed successfully
"HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE" => removed successfully
"HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc" => removed successfully
"HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE" => removed successfully
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2908128C-D59C-412C-A007-FC6738E6BFB6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2908128C-D59C-412C-A007-FC6738E6BFB6}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2908128C-D59C-412C-A007-FC6738E6BFB6}" => not found
"C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2908128C-D59C-412C-A007-FC6738E6BFB6}" => not found
"C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3656B5CC-6D81-48AB-BC25-C55D5EEA54AE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3656B5CC-6D81-48AB-BC25-C55D5EEA54AE}" => removed successfully
C:\Windows\System32\Tasks\Trojan Remover => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Trojan Remover" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3C62CAC6-2AED-4FD0-80B0-2660916411F7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C62CAC6-2AED-4FD0-80B0-2660916411F7}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C62CAC6-2AED-4FD0-80B0-2660916411F7}" => not found
"C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{71439002-ED37-46AC-A37C-77F8E32B65B6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71439002-ED37-46AC-A37C-77F8E32B65B6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7A7E0E47-057D-7879-0B11-0E0F7E7A110D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{99F38B41-EBAA-4263-8DF1-77BC9E8AB34B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99F38B41-EBAA-4263-8DF1-77BC9E8AB34B}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99F38B41-EBAA-4263-8DF1-77BC9E8AB34B}" => not found
"C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A0BB5884-ECDA-469F-90F2-EB7755FF6E55}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0BB5884-ECDA-469F-90F2-EB7755FF6E55}" => removed successfully
C:\Windows\System32\Tasks\{35D2BFDF-605B-4F7A-88A0-8039EAFF597D} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{35D2BFDF-605B-4F7A-88A0-8039EAFF597D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B0D8494D-986A-4075-A20B-7C9F4DB7C659}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0D8494D-986A-4075-A20B-7C9F4DB7C659}" => removed successfully
C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3362957246-3994920205-2013797631-1000Core => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-3362957246-3994920205-2013797631-1000Core" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BDC6D560-6B3A-4B58-97FC-344FBE223E46}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDC6D560-6B3A-4B58-97FC-344FBE223E46}" => removed successfully
C:\Windows\System32\Tasks\{4442066F-B891-47C9-909B-36BDD5781588} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4442066F-B891-47C9-909B-36BDD5781588}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DA877DC6-3298-4D82-877E-6A04F8314A95}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA877DC6-3298-4D82-877E-6A04F8314A95}" => removed successfully
C:\Windows\System32\Tasks\{34337A51-0D28-404D-AEA5-909CEDF1AB4A} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{34337A51-0D28-404D-AEA5-909CEDF1AB4A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F5588BA2-DF9B-4AED-A20C-AB92ADF66373}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5588BA2-DF9B-4AED-A20C-AB92ADF66373}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5588BA2-DF9B-4AED-A20C-AB92ADF66373}" => not found
"C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => not found
"HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-01-15] (Oracle America, Inc." => not found
C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll => moved successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-15] (Oracle America, Inc." => not found
C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll => moved successfully
"Chrome StartupUrls" => removed successfully
C:\Program Files\A => moved successfully
C:\Users\Kadi\AppData\Roaming\TXQBINSTX2.EXE => moved successfully
C:\Windows\System32\Tasks\AVAST Software => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
========= RemoveProxy: =========
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3362957246-3994920205-2013797631-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
========= End of RemoveProxy: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= End of CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
Adaptador de Ethernet Conexi¢n de rea local:
Sufijo DNS espec¡fico para la conexi¢n. . : cpe.telecentro.net.ar
Direcci¢n IPv6 . . . . . . . . . . : 2800:810:44c:866e:9199:4d3e:5e34:6dd0
Direcci¢n IPv6 temporal. . . . . . : 2800:810:44c:866e:6115:93fd:3e2e:46b6
V¡nculo: direcci¢n IPv6 local. . . : fe80::9199:4d3e:5e34:6dd0%11
Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.14
M scara de subred . . . . . . . . . . . . : 255.255.255.0
Puerta de enlace predeterminada . . . . . : fe80::8e10:d4ff:fe94:e17c%11
192.168.0.1
========= End of CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= End of CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
Unable to connect to BITS - 0x8007042c
========= End of CMD: =========
========= netsh advfirewall reset =========
Aceptar
========= End of CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Aceptar
========= End of CMD: =========
========= netsh int ipv4 reset =========
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= End of CMD: =========
========= netsh int ipv6 reset =========
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= End of CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17216031 B
Java, Flash, Steam htmlcache => 1253 B
Windows/system/drivers => 6852 B
Edge => 0 B
Chrome => 190783897 B
Firefox => 25700173 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33186 B
systemprofile32 => 33253 B
LocalService => 99141 B
NetworkService => 33125 B
Kadi => 4928433 B
RecycleBin => 97743424 B
EmptyTemp: => 321 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:41:06 ====
Perfecto… 
Te falto comentar como sigue tu equipo en relación al problema planteado inicialmente. 
Disculpa la demora en responder Javier!!! estuve con una mano mal y no he podido sentarme al ordenador. Aparentemente se ha activado un poco la velocidad… con los días lo probaré y te cuento mejor. Muchísimas gracias por la disposición y la ayuda que me has dado! Maravillosas las respuestas y el tiempo. Un placer volver por aqui!!!
Hola.
No hay problema, pruebalo en 24-72 horas más y dinos si notas mejoría en los problemas planteados inicialmente.
No realices pasos/acciones que NOSOTROS no te hayamos indicado.
No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
No instales NADA (programas/software/complementos/extensiones del navegador…)
No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…)
No realices por tu cuenta otros procedimientos.
Usa tu equipo EXCLUSIVAMENTE para desinfectarlo/arreglarlo siguiendo nuestras indicaciones.
Y dinos también que antivirus tuviste instalados en TU equipo y como fueron desinstalados en su momento. 
Y cuando has realizado el ultimo cambio de antivirus al actual de AVG.
Saludos.
Mil gracias javier!!! Mi ordenador ya esta mucho más veloz!!! lo he podido usar y ya puedo confirmarte. Me resta saber si la lentitud en la banda es por causa de la empresa que la brinda o es mi ordenador…
La lentitud navegando…sigues notandola.
Faltaría que comentes lo que te había consultado en mi última respuesta . sobre los antivirus. ??
Javier, no lo se sinceramente! se que tengo el AVG, pero no recuerdo anteriores ni como los he desinstalado. No soy experta en esto, asi que no lo debo haber hecho de manera segura para eliminar todo tipo de rastros, tu diras. En cuanto al funcionamiento de la pc, ya lo noto muy bien. La banda, algo lenta… tal vez sea mi proveedor?
Hola.
Como proveedor de Internet tienes a “Telecentro S.A.” si yo NO estoy equivocado, pudes ponerte en contacto y que te verifiquen resultados, aunque suelen ser(todos los proveedores) bastante poco dados a reconocer sus problemas.
Antes de eso, el problema de rendimiento en Internet lo notas con TODOS los navegadores que tengas instalados o solo en alguno de ellos.