Hola Comunidad, alerta de mucho texto para el contexto: El computador de mi padre no encendia (se encontraba fuera de la ciudad por trabajo), y decidió llevarlo a un “técnico” que le instaló un disco duro nuevo a su PC. El computador ahora es Windows 10, sin embargo muchos programas ya no funcionaban como todos los de Office, y aparecía publicidad maliciosa en el escritorio. Decidí en primer lugar arreglar las actualizaciones de Windows, me llevó a error fatal. Luego desinstalé Office en su totalidad, nuevamente error fatal (BSOD). Analicé el PC con antivirus, resultados 32 amenazas por todos los archivos de su trabajo. Las desinfecté. Finalmente dejó de darme errores fatales, pero me apareció el famoso cuadrito pop up de AutoIt Error Line 0.
Seguí tutoriales de todas partes para poder solucionarlo, pero nada. Llevo todo el día intentando solucionar el problema, seguí este tutorial:
Y obtuve este error:
Luego seguí este tutorial:
Malware no detectó nada (porque el virus ya estaba eliminado, allegedly). Adjunto informes de Farbar Recovery Scan Tool:
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 28-02-2021
Ejecutado por Usuario (administrador) sobre DESKTOP-ML2C8JS (LENOVO IdeaPad Z470) (11-03-2021 15:00:45)
Ejecutado desde C:\Users\Usuario\Desktop
Perfiles cargados: Usuario
Platform: Windows 10 Enterprise Versión 1703 15063.1387 (X64) Idioma: Español (México)
Navegador predeterminado: Chrome
Modo de Inicio: Normal
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Autodesk, Inc.) [Archivo no firmado] C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(AutoIt Consulting Ltd -> AutoIt Team) C:\Users\Usuario\AppData\Local\Disk\AutoIt3\AutoIt3_x64.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdredline.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\Usuario\Desktop\adwcleaner_8.1.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realsil Microelectronics Inc.) [Archivo no firmado] C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKU\S-1-5-21-1138807519-1598937545-3056259847-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32726088 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1138807519-1598937545-3056259847-1001\...\Policies\Explorer: []
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc -> Autodesk, Inc.)
HKLM\...\Print\Monitors\IppMon: C:\Windows\system32\IPPMon.dll [225792 2017-03-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.190\Installer\chrmstp.exe [2021-02-28] (Google LLC -> Google LLC)
HKLM\Software\...\Winlogon\GPExtensions: [{9650FDBC-053A-4715-AD14-FC2DC65E8330}] -> C:\Windows\system32\hvsigpext.dll [2017-03-20] (Microsoft Windows -> )
HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {170E9815-AAAF-4106-8A66-8622706DAC82} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> Ningún archivo <==== ATENCIÓN
Task: {172D3657-8121-4E02-8950-DE2B74C82D0B} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [888232 2021-01-29] (Bitdefender SRL -> Bitdefender)
Task: {255BC410-EE47-4641-8015-2FCB2089B993} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f7014f5f-b05d-4d4e-ab9e-ac22fc7018c8 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
Task: {2FF488DE-869C-48A5-B00C-A919A01674A3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Task: {3C7D9A44-FFBA-4371-869F-558D2FFD0634} - \Lenovo\ImController\Lenovo iM Controller Monitor -> Ningún archivo <==== ATENCIÓN
Task: {498F8CCE-0843-4C56-95C3-2A5E276EF839} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {7EA49BD9-7B91-47D0-AB9A-AA20B790132E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2c03c0cc-4564-4378-ae90-16cdacea67fd => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
Task: {864FD982-C65A-4A29-AE91-C90C0F230183} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> Ningún archivo <==== ATENCIÓN
Task: {86B41381-6C11-4987-8344-A88124958620} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-05] (Piriform Software Ltd -> Piriform)
Task: {897191C8-A76B-46FC-8A51-946DB8B95D04} - System32\Tasks\Services\Diagnostic => C:\Users\Usuario\AppData\Local\Disk\AutoIt3\AutoIt3_x64.exe [1013928 2018-03-15] (AutoIt Consulting Ltd -> AutoIt Team) -> "C:\Users\Usuario\AppData\Local\Disk\AutoIt3\Settings.au3"
Task: {9A561290-97A5-4C90-965F-FD4C8A87C92D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\47076b00-94e9-4f88-bc8e-0d8774cf4279 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
Task: {A81FECCB-D865-421B-92D9-156E868DD19F} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe
Task: {D8C4AAB0-2840-476D-BAF9-838E48C140BE} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1138807519-1598937545-3056259847-1001 => C:\Users\Usuario\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe
Task: {E8EDA3CB-104D-4142-AFBE-048D4436FD56} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27168840 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {ED2473E4-893C-47A2-B99A-6E8118F1B77E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Tcpip\Parameters: [DhcpNameServer] 190.82.63.129 190.82.63.130
Tcpip\..\Interfaces\{c41eec30-0e34-4978-a95b-715bac2c6283}: [DhcpNameServer] 190.82.63.129 190.82.63.130
FireFox:
========
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default [2021-03-11]
CHR Notifications: Default -> hxxps://0.ro04.biz; hxxps://luckymedia.cyou
CHR Extension: (Presentaciones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-02-28]
CHR Extension: (Documentos) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-02-28]
CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-28]
CHR Extension: (YouTube) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-28]
CHR Extension: (uBlock Origin) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-03-11]
CHR Extension: (Hojas de cálculo) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-02-28]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-11]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-28]
CHR Extension: (Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-28]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-28]
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [83984 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [Archivo no firmado]
R2 bdredline; C:\Program Files\Bitdefender Antivirus Free\bdredline.exe [2500144 2019-03-27] (Bitdefender SRL -> Bitdefender)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8988552 2021-02-22] (Microsoft Corporation -> Microsoft Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [Archivo no firmado]
R2 ImControllerService; C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-03-11] (Malwarebytes Inc -> Malwarebytes)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1358248 2021-01-29] (Bitdefender SRL -> Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2021-03-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [242024 2020-11-26] (Bitdefender SRL -> Bitdefender)
R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [570208 2021-01-19] (Bitdefender SRL -> Bitdefender)
R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [242024 2020-11-26] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\NisSrv.exe [2483624 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MsMpEng.exe [128392 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R1 atc; C:\Windows\System32\DRIVERS\atc.sys [2718744 2021-02-26] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [802976 2020-12-04] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [22960 2019-03-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
S3 edrsensor; C:\Windows\System32\DRIVERS\edrsensor.sys [309120 2020-02-03] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2021-03-11] (Malwarebytes Corporation -> Malwarebytes)
R1 Gemma; C:\Windows\System32\DRIVERS\gemma.sys [488592 2021-02-16] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220616 2021-03-11] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-03-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [198248 2021-03-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77496 2021-03-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-03-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [142416 2021-03-11] (Malwarebytes Inc -> Malwarebytes)
R2 trufos; C:\Windows\System32\drivers\trufos.sys [641728 2021-02-26] (Bitdefender SRL -> Bitdefender)
R0 vlflt; C:\Windows\System32\DRIVERS\vlflt.sys [386800 2020-10-20] (Bitdefender SRL -> Bitdefender)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49544 2021-03-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [420088 2021-03-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-06] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) (Lista blanca) =========
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2021-03-11 14:57 - 2021-03-11 15:00 - 000025150 _____ C:\Users\Usuario\Desktop\Addition.txt
2021-03-11 14:49 - 2021-03-11 15:02 - 000014330 _____ C:\Users\Usuario\Desktop\FRST.txt
2021-03-11 14:47 - 2021-03-11 15:01 - 000000000 ____D C:\FRST
2021-03-11 14:41 - 2021-03-11 14:41 - 000198248 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2021-03-11 14:41 - 2021-03-11 14:41 - 000142416 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2021-03-11 14:41 - 2021-03-11 14:41 - 000077496 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2021-03-11 14:34 - 2021-03-11 14:37 - 000000000 ____D C:\AdwCleaner
2021-03-11 14:19 - 2021-03-11 14:19 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-03-11 14:19 - 2021-03-11 14:18 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-03-11 14:19 - 2021-03-11 14:18 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2021-03-11 14:15 - 2021-03-11 14:15 - 000042630 _____ C:\Users\Usuario\Desktop\cc_20210311_141456.reg
2021-03-11 14:09 - 2021-03-11 14:09 - 008463216 _____ (Malwarebytes) C:\Users\Usuario\Desktop\adwcleaner_8.1.exe
2021-03-11 14:09 - 2021-03-11 14:09 - 002301440 _____ (Farbar) C:\Users\Usuario\Desktop\FRST64.exe
2021-03-11 14:08 - 2021-03-11 14:09 - 002084016 _____ (Malwarebytes) C:\Users\Usuario\Desktop\MBSetup.exe
2021-03-11 14:08 - 2021-03-11 14:08 - 030972600 _____ (Piriform Software Ltd) C:\Users\Usuario\Desktop\ccsetup577.exe
2021-03-11 10:28 - 2021-03-11 10:28 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2021-03-11 10:11 - 2021-03-11 10:11 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-03-11 10:11 - 2021-03-11 10:11 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-03-11 03:18 - 2021-03-11 03:18 - 000087572 _____ C:\ProgramData\agent.update.1615447043.bdinstall.v2.bin
2021-03-11 03:10 - 2021-03-11 03:10 - 000001196 _____ C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free.lnk
2021-03-11 03:10 - 2021-03-11 03:10 - 000000000 ____D C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
2021-03-11 03:03 - 2019-03-21 00:12 - 000022960 _____ (Bitdefender) C:\Windows\system32\Drivers\bdelam.sys
2021-03-11 03:01 - 2021-03-11 03:01 - 000000000 ____D C:\ProgramData\Bitdefender
2021-03-11 03:01 - 2021-02-26 17:31 - 000641728 _____ (Bitdefender) C:\Windows\system32\Drivers\trufos.sys
2021-03-11 03:01 - 2020-02-03 15:53 - 000309120 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\edrsensor.sys
2021-03-11 03:00 - 2021-02-26 12:40 - 002718744 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\atc.sys
2021-03-11 03:00 - 2020-10-20 13:18 - 000386800 _____ (Bitdefender) C:\Windows\system32\Drivers\vlflt.sys
2021-03-11 02:59 - 2021-02-16 14:31 - 000488592 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\gemma.sys
2021-03-11 02:59 - 2020-12-04 15:15 - 000802976 _____ (Bitdefender) C:\Windows\system32\Drivers\bddci.sys
2021-03-11 02:58 - 2021-03-11 15:05 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2021-03-11 02:57 - 2021-03-11 02:57 - 000003802 _____ C:\Windows\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2021-03-11 02:55 - 2021-03-11 03:18 - 000000000 ____D C:\Program Files\Bitdefender Agent
2021-03-11 02:55 - 2021-03-11 02:55 - 000116732 _____ C:\ProgramData\agent.1615445709.bdinstall.v2.bin
2021-03-11 02:55 - 2021-03-11 02:55 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2021-03-11 02:17 - 2021-03-11 02:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2021-03-11 02:17 - 2021-03-11 02:17 - 000000000 ____D C:\Program Files\VS Revo Group
2021-03-11 02:07 - 2021-03-11 14:13 - 000000000 ____D C:\Windows\Minidump
2021-03-09 22:41 - 2021-03-09 22:41 - 000067656 _____ C:\Users\Usuario\Downloads\Foro_PreguntasRespuestas_08-03-2021-8_55.xlsx
2021-03-09 17:39 - 2021-03-09 17:39 - 000003469 _____ C:\Users\Usuario\Downloads\últimos movimientos de línea de crédito.xls
2021-03-09 09:27 - 2021-03-09 09:27 - 000000000 ____D C:\Users\Usuario\Documents\Plantillas personalizadas de Office
2021-03-08 15:29 - 2021-03-08 15:29 - 000106949 _____ C:\Users\Usuario\Documents\Pago Gastos Comunes 2207 (enero 2021).pdf
2021-03-08 15:19 - 2021-03-08 15:19 - 000106264 _____ C:\Users\Usuario\Documents\Pago Arriendo Oficina Marzo 2021.pdf
2021-03-08 14:50 - 2021-03-08 14:50 - 000068743 _____ C:\Users\Usuario\Documents\Pago Movistar Marzo 2021.pdf
2021-03-01 23:37 - 2021-03-01 23:37 - 000000000 ____D C:\Users\Usuario\AppData\Local\PeerDistRepub
2021-03-01 18:54 - 2021-03-07 23:13 - 000000000 ____D C:\Users\Usuario\Desktop\BOJANIC
2021-03-01 18:45 - 2021-03-01 18:45 - 000000000 ____D C:\Users\Usuario\AppData\Local\CEF
2021-03-01 11:37 - 2021-03-06 09:57 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-03-01 11:10 - 2021-03-01 11:11 - 000000000 ___SD C:\Windows\UpdateAssistantV2
2021-03-01 10:36 - 2021-03-01 10:36 - 004876800 _____ (Gracenote, Inc.) C:\Windows\system32\gnsdk_fp.dll
2021-03-01 10:36 - 2021-03-01 10:36 - 004171264 _____ (Gracenote, Inc.) C:\Windows\SysWOW64\gnsdk_fp.dll
2021-03-01 10:36 - 2021-03-01 10:36 - 001135616 ____R (The ICU Project) C:\Windows\SysWOW64\icuuc.dll
2021-03-01 10:36 - 2021-03-01 10:36 - 000646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl
2021-03-01 10:36 - 2021-03-01 10:36 - 000432128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2021-03-01 10:36 - 2021-03-01 10:36 - 000229376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2021-03-01 10:36 - 2021-03-01 10:36 - 000100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscript.ocx
2021-03-01 10:36 - 2021-03-01 10:36 - 000059904 _____ C:\Windows\SysWOW64\xboxgipsynthetic.dll
2021-03-01 10:36 - 2021-03-01 10:36 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2021-03-01 10:35 - 2021-03-01 10:35 - 002079744 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2021-03-01 10:35 - 2021-03-01 10:35 - 002011648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2021-03-01 10:35 - 2021-03-01 10:35 - 000571392 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2021-03-01 10:35 - 2021-03-01 10:35 - 000508416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2021-03-01 10:35 - 2021-03-01 10:35 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2021-03-01 10:35 - 2021-03-01 10:35 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2021-03-01 10:35 - 2021-03-01 10:35 - 000125015 ____R C:\Windows\system32\CaptureCountdown.hcp
2021-03-01 10:35 - 2021-03-01 10:35 - 000119017 ____R C:\Windows\system32\CaptureBrackets.hcp
2021-03-01 10:35 - 2021-03-01 10:35 - 000082944 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2021-03-01 10:35 - 2021-03-01 10:35 - 000072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2021-03-01 10:35 - 2021-03-01 10:35 - 000017806 ____R C:\Windows\system32\CaptureToast.hcp
2021-03-01 10:34 - 2021-03-01 10:34 - 000819712 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2021-03-01 10:34 - 2021-03-01 10:34 - 000753664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2021-03-01 10:34 - 2021-03-01 10:34 - 000547840 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-03-01 10:34 - 2021-03-01 10:34 - 000540160 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2021-03-01 10:34 - 2021-03-01 10:34 - 000494080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2021-03-01 10:34 - 2021-03-01 10:34 - 000411648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2021-03-01 10:34 - 2021-03-01 10:34 - 000382864 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2021-03-01 10:34 - 2021-03-01 10:34 - 000253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2021-03-01 10:34 - 2021-03-01 10:34 - 000047104 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2021-03-01 10:33 - 2021-03-01 10:33 - 002447360 _____ C:\Windows\system32\Windows.Mirage.dll
2021-03-01 10:33 - 2021-03-01 10:33 - 001859584 _____ C:\Windows\SysWOW64\Windows.Mirage.dll
2021-03-01 10:33 - 2021-03-01 10:33 - 001397712 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-03-01 10:33 - 2021-03-01 10:33 - 001321984 ____R (The ICU Project) C:\Windows\system32\icuuc.dll
2021-03-01 10:33 - 2021-03-01 10:33 - 001066128 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-03-01 10:33 - 2021-03-01 10:33 - 001018784 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2021-03-01 10:33 - 2021-03-01 10:33 - 000967168 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.efi
2021-03-01 10:33 - 2021-03-01 10:33 - 000778240 _____ C:\Windows\system32\MBR2GPT.EXE
2021-03-01 10:33 - 2021-03-01 10:33 - 000696320 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2021-03-01 10:33 - 2021-03-01 10:33 - 000649728 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2021-03-01 10:33 - 2021-03-01 10:33 - 000459776 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2021-03-01 10:33 - 2021-03-01 10:33 - 000311704 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2021-03-01 10:33 - 2021-03-01 10:33 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2021-03-01 10:33 - 2021-03-01 10:33 - 000273408 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2021-03-01 10:33 - 2021-03-01 10:33 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv
2021-03-01 10:33 - 2021-03-01 10:33 - 000209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdmaud.drv
2021-03-01 10:33 - 2021-03-01 10:33 - 000086016 _____ C:\Windows\system32\xboxgipsynthetic.dll
2021-03-01 10:33 - 2021-03-01 10:33 - 000038912 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2021-03-01 10:33 - 2021-03-01 10:33 - 000037376 _____ C:\Windows\system32\SpectrumSyncClient.dll
2021-03-01 10:33 - 2021-03-01 10:33 - 000035296 _____ C:\Windows\system32\SyncAppvPublishingServer.exe
2021-03-01 10:32 - 2021-03-01 10:32 - 000804272 _____ C:\Windows\SysWOW64\locale.nls
2021-03-01 10:32 - 2021-03-01 10:32 - 000804272 _____ C:\Windows\system32\locale.nls
2021-03-01 10:32 - 2021-03-01 10:32 - 000526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2021-03-01 10:32 - 2021-03-01 10:32 - 000518144 _____ C:\Windows\SysWOW64\msjetoledb40.dll
2021-03-01 10:32 - 2021-03-01 10:32 - 000031932 _____ C:\Windows\system32\edgehtmlpluginpolicy.bin
2021-03-01 07:03 - 2021-03-01 09:47 - 000000000 ____D C:\80cd44bd7899cb9056
2021-03-01 07:02 - 2021-03-11 02:03 - 000000004 _____ C:\ProgramData\rc.dat
2021-03-01 06:57 - 2021-03-06 09:55 - 000000004 _____ C:\ProgramData\lock.dat
2021-03-01 06:57 - 2021-03-03 17:39 - 000000020 _____ C:\ProgramData\lir.bats
2021-03-01 06:57 - 2021-03-01 06:57 - 000000008 _____ C:\ProgramData\ts.dat
2021-03-01 06:56 - 2021-03-11 14:19 - 000220616 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2021-03-01 06:47 - 2021-03-10 12:57 - 000000000 ____D C:\Users\Usuario\AppData\Local\cache
2021-03-01 06:28 - 2021-03-01 13:10 - 000000000 ____D C:\Users\Usuario\AppData\Local\MicrosoftEdge
2021-03-01 06:17 - 2021-03-01 07:03 - 000000000 ___HT C:\Windows\wusa.lock
2021-03-01 06:15 - 2021-03-11 02:07 - 000000000 ____D C:\ProgramData\TranslateService
2021-03-01 06:08 - 2021-03-01 06:08 - 000000000 __SHD C:\Users\Usuario\AppData\Local\Disk
2021-03-01 06:08 - 2021-03-01 06:08 - 000000000 ____D C:\Windows\system32\Tasks\Services
2021-03-01 06:08 - 2021-03-01 06:08 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Bazertu
2021-03-01 06:08 - 2021-03-01 06:08 - 000000000 ____D C:\ProgramData\Riate
2021-03-01 06:08 - 2021-03-01 06:08 - 000000000 ____D C:\ProgramData\Posse
2021-03-01 06:07 - 2021-03-01 06:07 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Darkstar
2021-03-01 06:05 - 2021-03-01 06:05 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\zsadsadsad
2021-03-01 06:04 - 2021-03-01 06:04 - 000000013 _____ C:\ProgramData\kaosdma.txt
2021-03-01 06:02 - 2021-03-11 14:13 - 000000000 ____D C:\Users\Usuario\AppData\Local\CrashDumps
2021-03-01 05:45 - 2021-03-01 06:38 - 000000000 ____D C:\ProgramData\FLEXnet
2021-03-01 05:40 - 2021-03-01 05:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap
2021-03-01 05:40 - 2021-03-01 05:40 - 000000000 ____D C:\ProgramData\FARO
2021-03-01 05:36 - 2021-03-01 05:36 - 000000153 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2021-03-01 05:36 - 2021-03-01 05:36 - 000000000 ____D C:\Program Files\Common Files\Macrovision Shared
2021-03-01 05:35 - 2021-03-01 05:45 - 000000000 ____D C:\Users\Usuario\AppData\Local\Autodesk
2021-03-01 05:35 - 2021-03-01 05:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2014 - Español (Spanish)
2021-03-01 05:33 - 2021-03-01 05:40 - 000000000 ____D C:\Program Files\Autodesk
2021-03-01 05:33 - 2021-03-01 05:37 - 000000000 ____D C:\Program Files\Common Files\Autodesk Shared
2021-03-01 05:32 - 2021-03-01 05:32 - 000000000 ____D C:\Program Files (x86)\Autodesk
2021-03-01 05:31 - 2021-03-01 05:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2021-03-01 05:29 - 2021-03-01 05:29 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer
2021-03-01 05:29 - 2021-03-01 05:29 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-03-01 05:29 - 2021-03-01 05:29 - 000000000 ____D C:\Program Files\MSBuild
2021-03-01 05:29 - 2021-03-01 05:29 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-03-01 05:29 - 2021-03-01 05:29 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-03-01 05:10 - 2021-03-01 06:34 - 000000000 ____D C:\Users\Usuario\Downloads\autocad 2014 español 64 bit
2021-03-01 04:49 - 2021-03-01 11:36 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Autodesk
2021-03-01 04:49 - 2021-03-01 11:36 - 000000000 ____D C:\ProgramData\Autodesk
2021-03-01 04:47 - 2021-03-01 05:20 - 000000000 ____D C:\Autodesk
2021-03-01 04:42 - 2021-03-01 04:43 - 000000000 ____D C:\Users\Usuario\Downloads\Autocad 2014 español 32 bit
2021-03-01 03:34 - 2021-03-11 14:47 - 000000000 ____D C:\Program Files\CCleaner
2021-03-01 03:34 - 2021-03-11 14:12 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-03-01 03:34 - 2021-03-01 03:34 - 000002892 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-03-01 03:34 - 2021-03-01 03:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-02-28 23:12 - 2021-03-01 00:09 - 000000000 ____D C:\Program Files\CUAssistant
2021-02-28 23:05 - 2021-02-28 23:05 - 000000000 ____D C:\Program Files\rempl
2021-02-28 23:01 - 2021-03-11 02:59 - 000000000 ____D C:\Windows\system32\MRT
2021-02-28 20:33 - 2021-02-28 20:33 - 000000000 ____D C:\ProgramData\USOShared
2021-02-28 20:32 - 2021-02-28 20:32 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-02-28 20:31 - 2021-02-28 20:31 - 000000000 ____D C:\Users\Usuario\AppData\Local\Publishers
2021-02-28 20:30 - 2021-03-11 10:24 - 000000000 ____D C:\Users\Usuario
2021-02-28 20:30 - 2021-03-10 10:15 - 000000000 ____D C:\Users\Usuario\AppData\Local\Packages
2021-02-28 20:30 - 2021-02-28 20:30 - 000000020 ___SH C:\Users\Usuario\ntuser.ini
2021-02-28 20:30 - 2021-02-28 20:30 - 000000000 ____D C:\Users\Usuario\AppData\Local\VirtualStore
2021-02-28 20:30 - 2021-02-28 20:30 - 000000000 ____D C:\Users\Usuario\AppData\Local\TileDataLayer
2021-02-28 20:30 - 2021-02-28 20:30 - 000000000 ____D C:\Users\Usuario\AppData\Local\ConnectedDevicesPlatform
2021-02-28 20:30 - 2021-02-28 17:20 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Adobe
2021-02-28 20:27 - 2021-03-11 14:03 - 002491680 _____ C:\Windows\system32\PerfStringBackup.INI
2021-02-28 20:26 - 2021-03-11 14:37 - 000000000 ____D C:\Users\Usuario\AppData\Local\Lenovo
2021-02-28 20:25 - 2021-02-28 20:25 - 000000000 ____D C:\Windows\Lenovo
2021-02-28 20:25 - 2021-02-28 20:25 - 000000000 ____D C:\Windows\CSC
2021-02-28 20:25 - 2021-02-23 18:24 - 000107936 _____ (Lenovo Group Ltd.) C:\Windows\system32\WudfUpdate_02000.dll
2021-02-28 20:25 - 2021-02-23 18:24 - 000107936 _____ (Lenovo Group Ltd.) C:\Windows\system32\ImController.CoInstaller.dll
2021-02-28 20:25 - 2021-02-23 18:24 - 000062368 _____ (Lenovo Group Ltd.) C:\Windows\system32\ImController.InfInstaller.exe
2021-02-28 20:25 - 2021-02-23 18:23 - 000429936 _____ (Lenovo Group Limited) C:\Windows\system32\iMDriverHelper.dll
2021-02-28 20:24 - 2021-03-11 14:40 - 000000000 ____D C:\ProgramData\Lenovo
2021-02-28 20:23 - 2021-02-28 20:30 - 000000000 ____D C:\Windows\TempInst
2021-02-28 20:17 - 2021-02-28 20:17 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2021-02-28 20:16 - 2021-03-11 14:39 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-02-28 20:16 - 2021-03-11 13:32 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-02-28 20:16 - 2021-03-01 11:18 - 000479088 _____ C:\Windows\system32\FNTCACHE.DAT
2021-02-28 20:16 - 2021-02-28 20:16 - 000000000 ____D C:\Windows\ServiceProfiles
2021-02-28 20:15 - 2021-03-01 03:42 - 000000000 ____D C:\Windows\Panther
2021-02-28 20:13 - 2021-02-28 20:13 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-02-28 20:13 - 2021-02-28 20:13 - 000000000 ____D C:\Windows\SysWOW64\sda
2021-02-28 20:13 - 2021-02-28 20:13 - 000000000 ____D C:\Program Files (x86)\Realtek
2021-02-28 20:13 - 2012-06-15 13:50 - 009888912 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsUVStoricon.dll
2021-02-28 20:13 - 2012-06-15 13:50 - 000315536 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUVStor.sys
2021-02-28 19:57 - 2021-02-28 19:57 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2021-02-28 19:57 - 2021-02-28 19:57 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2021-02-28 19:57 - 2021-02-28 19:57 - 000000000 ____D C:\Program Files\Synaptics
2021-02-28 19:54 - 2012-08-10 18:33 - 000090424 _____ (Synaptics Incorporated) C:\Windows\system32\SynSlidebar.dll
2021-02-28 19:54 - 2012-08-10 18:32 - 001046328 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2021-02-28 19:54 - 2012-08-10 18:32 - 000446264 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys
2021-02-28 19:54 - 2012-08-10 18:32 - 000228664 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2021-02-28 19:54 - 2012-08-10 18:32 - 000172856 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo13.dll
2021-02-28 19:54 - 2012-08-10 18:32 - 000043832 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2021-02-28 19:54 - 2011-09-14 18:11 - 001048576 _____ C:\Windows\system32\syndata.bin
2021-02-28 17:47 - 2021-03-11 14:20 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-02-28 17:47 - 2021-03-11 14:19 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-02-28 17:38 - 2021-02-28 17:38 - 000000000 ____D C:\Users\Usuario\AppData\Local\mbamtray
2021-02-28 17:38 - 2021-02-28 17:38 - 000000000 ____D C:\Users\Usuario\AppData\Local\mbam
2021-02-28 17:37 - 2021-02-28 17:37 - 000000000 ____D C:\Program Files\Malwarebytes
2021-02-28 17:28 - 2021-02-28 17:28 - 000004608 _____ C:\Windows\SECOH-QAD.exe
2021-02-28 17:28 - 2021-02-28 17:28 - 000003584 _____ C:\Windows\SECOH-QAD.dll
2021-02-28 17:26 - 2021-02-28 17:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2021-02-28 17:26 - 2021-02-28 17:26 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2021-02-28 17:20 - 2021-02-28 17:20 - 000000000 ____D C:\ProgramData\Adobe
2021-02-28 17:18 - 2021-03-09 16:17 - 000000000 ____D C:\Users\Usuario\AppData\Local\Adobe
2021-02-28 17:18 - 2021-03-08 17:57 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\Adobe
2021-02-28 16:58 - 2021-02-28 16:58 - 000000000 ____D C:\Users\Usuario\AppData\Local\DBG
2021-02-28 16:55 - 2021-02-28 16:55 - 000000000 ____D C:\Users\Usuario\AppData\Local\Comms
2021-02-28 16:54 - 2021-03-11 14:44 - 000000000 ____D C:\Windows\system32\Tasks\Lenovo
2021-02-28 16:54 - 2021-02-28 16:54 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2021-02-28 16:51 - 2021-03-06 10:10 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-28 16:50 - 2021-02-28 16:50 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-02-28 16:49 - 2021-02-28 16:49 - 000000000 ____D C:\Program Files (x86)\Intel
2021-02-28 16:49 - 2021-02-28 16:49 - 000000000 ____D C:\Intel
2021-02-28 16:48 - 2021-02-28 16:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2021-02-28 16:48 - 2021-02-28 16:48 - 000000000 ____D C:\Program Files\7-Zip
2021-02-28 16:45 - 2021-02-28 17:08 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-28 16:44 - 2021-02-28 20:14 - 000000000 ____D C:\Users\Usuario\AppData\Local\Google
2021-02-28 16:44 - 2021-02-28 20:10 - 000003556 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-28 16:44 - 2021-02-28 20:10 - 000003432 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-28 16:44 - 2021-02-28 16:51 - 000000000 ____D C:\Program Files (x86)\Google
2021-02-28 16:41 - 2021-02-28 21:35 - 000000000 ____D C:\Users\Usuario\Desktop\Respaldo HDD Dañado formato RAW
2021-02-28 16:36 - 2021-02-28 16:36 - 000003384 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1138807519-1598937545-3056259847-1001
2021-02-28 16:34 - 2021-02-28 16:36 - 000002373 _____ C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-28 16:34 - 2021-02-28 16:36 - 000000000 ___RD C:\Users\Usuario\OneDrive
2021-02-26 04:33 - 2021-02-26 04:33 - 001558496 _____ C:\Users\Usuario\AppData\Roaming\760302386
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2021-03-11 14:44 - 2017-03-18 07:40 - 000032768 _____ C:\Windows\system32\config\ELAM
2021-03-11 14:39 - 2017-03-18 07:40 - 001048576 _____ C:\Windows\system32\config\BBI
2021-03-11 14:19 - 2017-03-18 17:03 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-03-11 14:13 - 2017-03-18 17:01 - 000000000 ____D C:\Windows\INF
2021-03-11 14:03 - 2017-03-20 01:13 - 001149826 _____ C:\Windows\system32\perfh00A.dat
2021-03-11 14:03 - 2017-03-20 01:13 - 000257076 _____ C:\Windows\system32\perfc00A.dat
2021-03-11 10:11 - 2017-03-18 17:03 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-03-08 19:52 - 2017-03-18 17:03 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-08 19:52 - 2017-03-18 17:03 - 000000000 ____D C:\Windows\AppReadiness
2021-03-06 10:27 - 2017-03-18 17:03 - 000000000 ____D C:\Windows\rescache
2021-03-01 18:30 - 2017-03-18 17:03 - 000000000 ____D C:\Windows\system32\NDF
2021-03-01 11:40 - 2017-03-18 16:51 - 000000000 ____D C:\Windows\CbsTemp
2021-03-01 11:37 - 2017-03-18 17:03 - 000000000 ____D C:\Program Files\Windows Defender
2021-03-01 11:11 - 2017-03-18 17:03 - 000000000 ___SD C:\Windows\SysWOW64\F12
2021-03-01 11:11 - 2017-03-18 17:03 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2021-03-01 11:11 - 2017-03-18 17:03 - 000000000 ___SD C:\Windows\system32\F12
2021-03-01 11:11 - 2017-03-18 17:03 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2021-03-01 11:11 - 2017-03-18 17:03 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2021-03-01 11:11 - 2017-03-18 17:03 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-03-01 11:11 - 2017-03-18 17:03 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-03-01 11:11 - 2017-03-18 17:03 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2021-03-01 11:11 - 2017-03-18 17:03 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-03-01 11:11 - 2017-03-18 17:03 - 000000000 ____D C:\Windows\system32\WinMetadata
2021-03-01 11:11 - 2017-03-18 17:03 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-03-01 11:11 - 2017-03-18 17:03 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2021-03-01 11:11 - 2017-03-18 17:03 - 000000000 ____D C:\Windows\system32\setup
2021-03-01 11:11 - 2017-03-18 17:03 - 000000000 ____D C:\Windows\system32\oobe
2021-03-01 11:11 - 2017-03-18 17:03 - 000000000 ____D C:\Windows\system32\migwiz
2021-03-01 11:11 - 2017-03-18 17:03 - 000000000 ____D C:\Windows\system32\es-MX
2021-03-01 11:11 - 2017-03-18 17:03 - 000000000 ____D C:\Windows\system32\appraiser
2021-03-01 11:11 - 2017-03-18 07:40 - 000000000 ____D C:\Windows\system32\Dism
2021-03-01 11:10 - 2017-03-20 01:15 - 000000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents
2021-03-01 11:10 - 2017-03-20 01:15 - 000000000 ____D C:\Windows\HoloShell
2021-03-01 11:10 - 2017-03-20 01:15 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-03-01 11:10 - 2017-03-18 17:03 - 000000000 ___RD C:\Windows\PrintDialog
2021-03-01 11:10 - 2017-03-18 17:03 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-03-01 11:10 - 2017-03-18 17:03 - 000000000 ____D C:\Windows\ShellExperiences
2021-03-01 11:10 - 2017-03-18 17:03 - 000000000 ____D C:\Windows\Provisioning
2021-03-01 11:10 - 2017-03-18 17:03 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-03-01 11:10 - 2017-03-18 17:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-03-01 11:10 - 2017-03-18 17:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-03-01 11:10 - 2017-03-18 17:03 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-03-01 11:10 - 2017-03-18 17:03 - 000000000 ____D C:\PerfLogs
2021-03-01 11:10 - 2017-03-18 07:40 - 000000000 ____D C:\Windows\servicing
2021-03-01 10:40 - 2017-03-18 17:03 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2021-03-01 10:40 - 2017-03-18 17:03 - 000207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2021-03-01 05:37 - 2017-03-18 17:03 - 000000000 ___SD C:\Windows\Downloaded Program Files
2021-03-01 05:29 - 2017-03-18 17:03 - 000000000 ____D C:\Windows\SysWOW64\MUI
2021-03-01 05:29 - 2017-03-18 17:03 - 000000000 ____D C:\Windows\system32\MUI
2021-02-28 23:10 - 2017-03-18 17:03 - 000000000 ____D C:\Windows\appcompat
2021-02-28 20:33 - 2017-03-18 17:03 - 000000000 ____D C:\ProgramData\USOPrivate
2021-02-28 20:27 - 2017-03-18 17:03 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2021-02-28 20:25 - 2017-03-18 17:03 - 000000000 ____D C:\Windows\system32\spool
2021-02-28 20:25 - 2017-03-18 17:03 - 000000000 ____D C:\Windows\system32\FxsTmp
2021-02-28 20:21 - 2017-03-18 07:40 - 000000000 ____D C:\Windows\system32\Sysprep
2021-02-28 20:18 - 2017-03-18 17:03 - 000000000 ___RD C:\Windows\MiracastView
2021-02-28 20:15 - 2017-03-18 17:03 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2021-02-28 19:59 - 2017-03-18 17:03 - 000000000 ____D C:\Program Files\Common Files\System
==================== Archivos en la raíz de algunos directorios ========
2021-03-01 06:57 - 2021-03-06 09:55 - 000000004 _____ () C:\ProgramData\lock.dat
2021-03-01 07:02 - 2021-03-11 02:03 - 000000004 _____ () C:\ProgramData\rc.dat
2021-03-01 06:57 - 2021-03-01 06:57 - 000000008 _____ () C:\ProgramData\ts.dat
2021-02-26 04:33 - 2021-02-26 04:33 - 001558496 _____ () C:\Users\Usuario\AppData\Roaming\760302386
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
LastRegBack: 2021-03-11 12:53
==================== Final de FRST.txt ========================(Adjunto adicional en comentarios)
Respondes a:
Ahora debes de hacer una COPIA DE SEGURIDAD DEL REGISTRO, para ello:
El anterior Script de reparación es personalizado para la máquina en concreto para la cual se fabricó y está hecho específicamente por un miembro del Staff. Si se tiene un problema parecido, por favor abra su propio tema para recibir ayuda personalizada y específica. Utilizar Scripts de otros Sistemas puede causar daños graves en su ordenador.
Lamentablemente no me consultó antes de hacerlo.
No tiene muchos más programas instalados, asumo que Autocad y Autodesk están pirateados.
En seguida te mando el resto.
