Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 14/5/20
Hora del análisis: 18:51
Archivo de registro: 3060b2b4-9603-11ea-ae8a-001fd0a02380.json
-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.896
Versión del paquete de actualización: 1.0.23820
Licencia: Prueba
-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: GRUPODERED\Usuario
-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 265049
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 5 min, 14 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 0
(No hay elementos maliciosos detectados)
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 0
(No hay elementos maliciosos detectados)
Archivo: 0
(No hay elementos maliciosos detectados)
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)
# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build: 04-03-2020
# Database: 2020-04-03.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 05-14-2020
# Duration: 00:01:53
# OS: Windows 7 Home Premium
# Scanned: 32067
# Detected: 16
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.Legacy C:\Users\Usuario\AppData\Roaming\Yahoo!\Companion
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.Legacy HKCU\Software\AppDataLow\Software\Yahoo\Companion
PUP.Optional.Legacy HKCU\Software\Yahoo\Companion
PUP.Optional.Legacy HKCU\Software\Yahoo\YFriendsBar
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\YMERemote.DLL
PUP.Optional.Legacy HKLM\Software\Classes\AppID\{7D831388-D405-4272-9511-A07440AD2927}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{B722ED8B-0B38-408E-BB89-260C73BCF3D4}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Yahoo\Companion
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\YMERemote.DLL
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{7D831388-D405-4272-9511-A07440AD2927}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{B722ED8B-0B38-408E-BB89-260C73BCF3D4}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [2736 octets] - [25/09/2018 22:58:33]
AdwCleaner[C00].txt - [2628 octets] - [25/09/2018 23:00:29]
AdwCleaner[S01].txt - [1367 octets] - [26/09/2018 00:00:11]
AdwCleaner[S02].txt - [5426 octets] - [10/05/2020 22:01:04]
AdwCleaner[C02].txt - [4944 octets] - [10/05/2020 22:02:30]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Home Premium x64
Ran by Usuario (Administrator) on 14/05/2020 at 19:30:52,46
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 8
Successfully deleted: C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A54VY7D1 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OJ89DUIK (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SEUMBXMV (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VTYBX6P8 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A54VY7D1 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OJ89DUIK (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SEUMBXMV (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VTYBX6P8 (Temporary Internet Files Folder)
Deleted the following from C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\1qonkcos.default-1382181758671\prefs.js
user_pref(browser.uiCustomization.state, {\placements\:{\PanelUI-contents\:[\edit-controls\,\zoom-controls\,\new-window-button\,\privatebrowsing-button\,\save-
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14/05/2020 at 19:41:29,74
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 13-05-2020 01
Ejecutado por Usuario (administrador) sobre GRUPODERED (Gigabyte Technology Co., Ltd. Q35M-S2) (14-05-2020 19:45:00)
Ejecutado desde C:\Users\Usuario\Desktop
Perfiles cargados: Usuario
Platform: Windows 7 Home Premium Service Pack 1 (X64) Idioma: Español (España, internacional)
Internet Explorer Versión 11 (Navegador predeterminado: Chrome)
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(Adaware Software -> ) C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.6.997.11652\AdAwareService.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Golden Frog, GmbH.) [Archivo no firmado] C:\Program Files (x86)\VyprVPN\VyprVPNService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <20>
(Malwarebytes Corporation -> Malwarebytes) C:\Users\Usuario\Desktop\JRT.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\Usuario\Desktop\adwcleaner_8.0.4.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-02-20] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] (OOO Lightshot -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-407569174-766377459-50882906-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-407569174-766377459-50882906-1000\...\MountPoints2: {482a4255-9feb-11e8-8746-001fd0a02380} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-407569174-766377459-50882906-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-07] (Google LLC -> Google LLC)
Startup: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2018-06-29]
ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team) [Archivo no firmado]
Startup: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchost.exe [2016-07-21] (Microsoft Windows -> Microsoft Corporation) <==== ATENCIÓN
GroupPolicy: Restricción ? <==== ATENCIÓN
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {358DCBBF-A321-4587-9C93-3BA68624FEFD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-05-12] (Adobe Inc. -> Adobe)
Task: {3D707654-E879-4F1E-856A-DE161BAB62ED} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {502E0F1E-4420-4851-8C7B-F5D369A0869D} - System32\Tasks\Opera scheduled Autoupdate 1524832858 => c:\program files\opera\launcher.exe [1517592 2020-04-29] (Opera Software AS -> Opera Software)
Task: {52FB84F7-F945-40E0-96ED-B0760A77BBEE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-16] (Google Inc -> Google Inc.)
Task: {57271C37-8A95-409D-A0EF-78215A8E9C3D} - System32\Tasks\Microsoft\Windows\MemDiag => C:\Windows\system32\mdres.exe [88576 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
Task: {63D2B05F-AC71-4420-8B71-99C48922DFB2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-16] (Google Inc -> Google Inc.)
Task: {70945E1B-DB23-4157-9D7E-221014051ABF} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [3738624 2018-04-16] () [Archivo no firmado]
Task: {72DB7465-BC54-491B-A92A-4637A28C9BBF} - System32\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck => C:\Windows\system32\appidcertstorecheck.exe [17920 2018-03-31] () [Archivo no firmado]
Task: {76E31FC3-6A16-4A56-8CD9-B5C493C73AA9} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8256366E-8296-4049-A0A5-B90B01CBE76B} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-407569174-766377459-50882906-1000 => C:\Users\Usuario\AppData\Local\MEGAsync\MEGAupdater.exe [760696 2018-01-19] (Mega Limited -> Mega Limited)
Task: {9543DBA0-B4CA-41DD-B674-D5875A5B593B} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_pepper.exe [1454136 2020-05-12] (Adobe Inc. -> Adobe)
Task: {BF2375DA-C8B7-4D5A-8BB4-D147C318A6BC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {D3AAD34A-21AE-4D1C-BA1C-79ADD66B8CBE} - System32\Tasks\Opera scheduled assistant Autoupdate 1583266573 => c:\program files\opera\launcher.exe [1517592 2020-04-29] (Opera Software AS -> Opera Software)
Task: {EA846587-EAD0-4EA4-AD65-7850DF322CA6} - System32\Tasks\{09A952AF-28E2-93D1-8224-76300BFDCA1D} => C:\Users\Usuario\AppData\Local\Garec\SATIBU~1.EXE
Task: {EFD8998D-C6F5-46BA-BA5B-5D51A4360918} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
Task: C:\Windows\Tasks\{09A952AF-28E2-93D1-8224-76300BFDCA1D}.job => C:\Users\Usuario\AppData\Local\Garec\SATIBU~1.EXE
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{CBB1C77B-5277-4979-96F9-63C0C5B45442}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{CF7BBA5F-F954-4E22-863A-FE0F06F1045C}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-3e1a4e47d36f7809
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-3e1a4e47d36f7809
HKU\S-1-5-21-407569174-766377459-50882906-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://es.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10454__190119__yaie
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-407569174-766377459-50882906-1000 -> DefaultScope {904241BD-BB2B-4C47-BFEA-CD57AB96B6A9} URL = hxxp://www.qo-es.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-407569174-766377459-50882906-1000 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-3e1a4e47d36f7809&q={searchTerms}
SearchScopes: HKU\S-1-5-21-407569174-766377459-50882906-1000 -> {904241BD-BB2B-4C47-BFEA-CD57AB96B6A9} URL = hxxp://www.qo-es.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll [2019-05-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-05-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Company -> Hewlett-Packard Co.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll [2019-05-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-05-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Company -> Hewlett-Packard Co.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF DefaultProfile: 1qonkcos.default-1382181758671
FF ProfilePath: C:\Users\Usuario\AppData\Roaming\TomTom\HOME\Profiles\vynrvi3z.default [2018-04-16]
FF ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\1qonkcos.default-1382181758671 [2020-05-14]
FF Homepage: Mozilla\Firefox\Profiles\1qonkcos.default-1382181758671 -> hxxp://www.qo-es.com/
FF Extension: (Spanish (Venezuela) spell check dictionary) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\1qonkcos.default-1382181758671\Extensions\[email protected] [2018-04-16] [Heredado]
FF Extension: (IE Tab 2 (FF 3.6+)) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\1qonkcos.default-1382181758671\Extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} [2018-04-16] [Heredado]
FF SearchPlugin: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\1qonkcos.default-1382181758671\searchplugins\google-avast.xml [2015-04-16]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2020-05-11] [Heredado] [no firmado]
FF HKU\S-1-5-21-407569174-766377459-50882906-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-05-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-05-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [Archivo no firmado]
FF Plugin-x32: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-05-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-05-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Archivo no firmado]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Archivo no firmado]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default [2020-05-14]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR NewTab: Default -> Active:"chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html"
CHR Session Restore: Default -> está habilitado.
CHR Extension: (Presentaciones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-02-02]
CHR Extension: (Flash Video Downloader) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2020-02-22]
CHR Extension: (Documentos) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-02-02]
CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-02-02]
CHR Extension: (YouTube) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-02-02]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-06]
CHR Extension: (Adblock para Youtube™) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2020-04-19]
CHR Extension: (Adobe Acrobat) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-05-04]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-05-04]
CHR Extension: (Hojas de cálculo) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-02-02]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-22]
CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-04-15]
CHR Extension: (EverSync - Sync bookmarks, backup favorites) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\iohcojnlgnfbmjfjfkbhahhmppcggdog [2020-05-05]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2020-02-04]
CHR Extension: (AVG SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2020-05-04]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-26]
CHR Extension: (Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-02-02]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-23]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R2 adawareantivirusservice; C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.6.997.11652\AdAwareService.exe [587832 2018-12-19] (Adaware Software -> )
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [Archivo no firmado]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [Archivo no firmado]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [Archivo no firmado]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-05-14] (Malwarebytes Inc -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Archivo no firmado]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Archivo no firmado]
R2 VyprVPN; C:\Program Files (x86)\VyprVPN\VyprVPNService.exe [318976 2020-04-06] (Golden Frog, GmbH.) [Archivo no firmado]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2016-07-21] (Microsoft Windows -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2013-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Google Inc)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [120416 2017-03-17] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2018-09-28] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2018-09-28] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [9728 2018-02-10] () [Archivo no firmado]
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-05-14] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [214496 2020-05-14] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [195432 2020-05-14] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73368 2020-05-14] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-05-14] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [112752 2020-05-14] (Malwarebytes Inc -> Malwarebytes)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [213088 2017-03-17] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [28160 2020-04-06] (OpenVPN Inc. -> The OpenVPN Project)
S3 tapnordvpn; C:\Windows\System32\DRIVERS\tapnordvpn.sys [35592 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S3 tapvyprvpn; C:\Windows\System32\DRIVERS\tapvyprvpn.sys [44896 2019-08-06] (Golden Frog, GmbH -> The OpenVPN Project)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [442848 2018-05-02] (Bitdefender SRL -> BitDefender S.R.L.)
U3 avgbdisk; no ImagePath
S3 EverestDriver; \??\C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 [X]
U4 npcap_wifi; no ImagePath
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) ===================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-05-14 19:45 - 2020-05-14 19:45 - 000023990 _____ C:\Users\Usuario\Desktop\FRST.txt
2020-05-14 19:44 - 2020-05-14 19:45 - 000000000 ____D C:\FRST
2020-05-14 19:44 - 2020-05-14 19:44 - 002286080 _____ (Farbar) C:\Users\Usuario\Desktop\FRST64.exe
2020-05-14 19:43 - 2020-05-14 19:44 - 002286080 _____ (Farbar) C:\Users\Usuario\Downloads\FRST64.exe
2020-05-14 19:41 - 2020-05-14 19:41 - 000002165 _____ C:\Users\Usuario\Desktop\JRT.txt
2020-05-14 19:29 - 2020-05-14 19:29 - 000195432 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2020-05-14 19:29 - 2020-05-14 19:29 - 000112752 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2020-05-14 19:29 - 2020-05-14 19:29 - 000073368 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2020-05-14 19:28 - 2020-05-14 19:28 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-05-14 19:06 - 2020-05-14 19:06 - 000214496 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-05-14 19:06 - 2020-05-14 19:06 - 000001960 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-05-14 17:32 - 2020-05-14 17:34 - 173536667 _____ C:\Users\Usuario\Downloads\t_video5902084048880142191.mp4
2020-05-14 16:17 - 2020-05-14 16:17 - 000021083 _____ C:\Users\Usuario\Downloads\cuento unooooo.pdf
2020-05-14 16:17 - 2020-05-14 16:17 - 000021083 _____ C:\Users\Usuario\Downloads\cuento unooooo (1).pdf
2020-05-14 12:58 - 2020-05-14 12:58 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\TIDAL
2020-05-14 11:35 - 2020-05-14 11:35 - 000004030 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1583266573
2020-05-13 20:52 - 2020-05-13 20:52 - 000076588 _____ C:\Users\Usuario\Downloads\Armageddon_BDremux-1080p.torrent
2020-05-13 14:13 - 2020-05-13 14:13 - 412664814 _____ C:\Users\Usuario\Downloads\INSTALACION GTKING BUILD (convert-video-online.com).mp4
2020-05-13 13:25 - 2020-05-13 13:28 - 758045192 _____ C:\Users\Usuario\Downloads\VID_20200513_010754_640x360.mp4
2020-05-13 10:44 - 2020-05-13 10:44 - 000000000 ____D C:\Users\Usuario\Desktop\Billetes
2020-05-13 02:12 - 2020-05-13 02:12 - 000041451 _____ C:\Users\Usuario\Downloads\armageddon-microhd-1080-px.torrent
2020-05-12 16:10 - 2020-05-12 16:11 - 000189754 _____ C:\Users\Usuario\Downloads\ARTS_LANDSCAPE.pdf
2020-05-11 20:04 - 2020-05-11 20:04 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registro de I.R.I.S. OCR.lnk
2020-05-11 20:03 - 2020-05-11 20:03 - 000002167 _____ C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
2020-05-11 20:03 - 2020-05-11 20:03 - 000002167 _____ C:\ProgramData\Desktop\HP Photosmart Essential 3.5.lnk
2020-05-11 20:02 - 2020-05-11 20:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2020-05-11 20:02 - 2020-05-11 20:02 - 000001369 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Centro de soluciones HP.lnk
2020-05-11 20:02 - 2020-05-11 20:02 - 000001181 _____ C:\Users\Public\Desktop\Comprar consumibles HP.lnk
2020-05-11 20:02 - 2020-05-11 20:02 - 000001181 _____ C:\ProgramData\Desktop\Comprar consumibles HP.lnk
2020-05-11 20:02 - 2020-05-11 20:02 - 000000000 ____D C:\ProgramData\HP Product Assistant
2020-05-11 19:56 - 2020-05-11 20:10 - 000225970 _____ C:\Windows\hpoins18.dat
2020-05-11 19:56 - 2009-10-08 03:33 - 000005355 ____N C:\Windows\hpomdl18.dat
2020-05-11 19:43 - 2020-05-14 12:50 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\uTorrent
2020-05-10 22:58 - 2020-05-10 22:58 - 000887921 _____ C:\Users\Usuario\Downloads\SEMANA DEL 11 AL 15 DE MAYO.pdf
2020-05-10 22:32 - 2020-05-10 22:32 - 003204380 _____ C:\Users\Usuario\Downloads\t_video5893024214801188531.mp4
2020-05-10 22:32 - 2020-05-10 22:32 - 000000000 ____D C:\Users\Usuario\Desktop\Tareas de Lucia Musica
2020-05-10 22:18 - 2020-05-10 22:16 - 001790024 _____ (Malwarebytes) C:\Users\Usuario\Desktop\JRT.exe
2020-05-10 22:16 - 2020-05-10 22:16 - 001790024 _____ (Malwarebytes) C:\Users\Usuario\Downloads\JRT.exe
2020-05-10 22:07 - 2020-05-10 22:07 - 000000000 __SHD C:\found.011
2020-05-10 21:53 - 2020-05-10 21:52 - 008196784 _____ (Malwarebytes) C:\Users\Usuario\Desktop\adwcleaner_8.0.4.exe
2020-05-10 21:51 - 2020-05-10 21:52 - 008196784 _____ (Malwarebytes) C:\Users\Usuario\Downloads\adwcleaner_8.0.4.exe
2020-05-10 21:06 - 2020-05-10 21:06 - 000000000 ____D C:\Users\Usuario\AppData\Local\mbam
2020-05-10 21:05 - 2020-05-14 19:06 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-05-10 21:05 - 2020-05-14 19:06 - 000001948 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-05-10 21:05 - 2020-05-10 21:05 - 000000000 ____D C:\Users\Usuario\AppData\Local\mbamtray
2020-05-10 21:04 - 2020-05-14 19:05 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-05-10 21:04 - 2020-05-10 21:04 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-05-10 21:04 - 2020-05-10 21:04 - 000000000 ____D C:\Program Files\Malwarebytes
2020-05-10 21:01 - 2020-05-10 21:00 - 001980016 _____ (Malwarebytes) C:\Users\Usuario\Desktop\MBSetup.exe
2020-05-10 21:00 - 2020-05-10 21:00 - 001980016 _____ (Malwarebytes) C:\Users\Usuario\Downloads\MBSetup.exe
2020-05-10 20:59 - 2020-05-10 20:59 - 000000822 _____ C:\Users\Usuario\Desktop\CCleaner.lnk
2020-05-10 20:57 - 2020-05-14 19:31 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-05-10 20:57 - 2020-05-10 20:57 - 000002816 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-05-10 20:57 - 2020-05-10 20:57 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-05-10 20:57 - 2020-05-10 20:57 - 000000822 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-05-10 20:57 - 2020-05-10 20:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-05-10 20:57 - 2020-05-10 20:57 - 000000000 ____D C:\Program Files\CCleaner
2020-05-10 20:56 - 2020-05-10 20:55 - 022267336 _____ (Piriform Software Ltd) C:\Users\Usuario\Desktop\ccsetup565.exe
2020-05-10 20:55 - 2020-05-10 20:55 - 000000000 _____ C:\Users\Usuario\Downloads\ccsetup565.exe
2020-05-10 13:32 - 2020-05-10 13:59 - 3147651266 _____ C:\Users\Usuario\Downloads\Underwater BDR1080.www.pctreload.com.mkv
2020-05-09 23:13 - 2020-05-09 23:13 - 000051431 _____ C:\Users\Usuario\Downloads\Underwater_BDremux-1080p.torrent
2020-05-09 21:19 - 2020-05-09 21:19 - 000143537 _____ C:\Users\Usuario\Downloads\Underwater_FullBluRay-1080p.torrent
2020-05-07 12:42 - 2020-05-07 12:42 - 000530371 _____ C:\Users\Usuario\Downloads\VOCABULARIO_U6.pdf
2020-05-07 09:55 - 2020-05-07 09:55 - 000000000 __SHD C:\found.010
2020-05-06 22:55 - 2020-05-06 22:57 - 000000000 ____D C:\Users\Usuario\Torrenter
2020-05-05 23:06 - 2020-05-14 12:58 - 000000000 ____D C:\Users\Usuario\AppData\Local\TIDAL
2020-05-05 23:03 - 2020-05-05 23:04 - 092383984 _____ (TIDAL Music AS) C:\Users\Usuario\Downloads\TIDALSetup (1).exe
2020-05-05 13:22 - 2020-05-05 13:22 - 000424391 _____ C:\Users\Usuario\Downloads\TOYS_2.pdf
2020-05-04 22:58 - 2020-05-04 22:58 - 000000000 ____D C:\Users\Usuario\AppData\Local\Golden_Frog,_GmbH
2020-05-04 22:58 - 2020-05-04 22:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Golden Frog, GmbH
2020-05-04 22:58 - 2020-05-04 22:58 - 000000000 ____D C:\ProgramData\Golden Frog, GmbH
2020-05-04 22:55 - 2020-05-04 22:56 - 008454776 _____ (Golden Frog, GmbH) C:\Users\Usuario\Downloads\VyprVPN-3.3.1.10335-installer.exe
2020-05-04 21:06 - 2020-05-04 21:06 - 000000000 __SHD C:\found.009
2020-05-01 18:19 - 2020-05-01 18:19 - 000001572 _____ C:\Users\Usuario\Desktop\KodiPortable_18.6_x86.paf - Acceso directo.lnk
2020-05-01 17:54 - 2020-05-01 17:56 - 000000000 ____D C:\Users\Usuario\Desktop\KodiPortable
2020-05-01 17:53 - 2020-05-01 17:53 - 049278983 _____ (numerico.altervista.org) C:\Users\Usuario\Downloads\KodiPortable_18.6_x86.paf.exe
2020-05-01 17:28 - 2020-05-01 17:29 - 011840839 _____ C:\Users\Usuario\Downloads\Windows6.1-KB2670838-x64.msu
2020-05-01 17:24 - 2020-05-01 17:24 - 001983900 _____ C:\Users\Usuario\Downloads\plugin.Gt-king.build.david.zip
2020-05-01 17:23 - 2020-05-01 17:23 - 063087414 _____ (XBMC Foundation) C:\Users\Usuario\Downloads\kodi-18.6-Leia-x64.exe
2020-04-29 10:24 - 2020-04-29 10:24 - 000000000 __SHD C:\found.008
2020-04-26 22:50 - 2020-04-26 22:50 - 001906426 _____ C:\Users\Usuario\Downloads\1587905985306.mp4
2020-04-26 21:46 - 2020-04-26 21:46 - 000010696 _____ C:\Users\Usuario\Downloads\El_cabreo_de_un_sanitario_tras_las_imagenes_de_las_calles_-_No_queremos_aplausos-0_eooieeus-el-cabreo-de-un-sanitario-tras-las-imagenes-de-las-calles-no-queremos-aplausosuetv_pl=0_count=0.unknown_video
2020-04-26 13:55 - 2020-04-26 13:55 - 002247280 _____ C:\Users\Usuario\Downloads\CPU TEMP (1).apk
2020-04-26 12:51 - 2020-04-26 12:59 - 000000000 ____D C:\Users\Usuario\Desktop\FOTOS REFLEX
2020-04-25 22:44 - 2020-04-25 22:44 - 000020634 _____ C:\Users\Usuario\Downloads\CU017577.pdf
2020-04-25 19:54 - 2020-04-25 19:54 - 000019535 _____ C:\Users\Usuario\Downloads\132570_-1580203180-1917--2020---BluRay-Screeener.torrent
2020-04-25 19:22 - 2020-04-25 19:23 - 759583409 _____ C:\Users\Usuario\Downloads\GT-King_Pro_AT_V3.0A_ATV_C922H y SA9H.7z
2020-04-25 19:20 - 2020-04-25 19:20 - 004150439 _____ C:\Users\Usuario\Downloads\Burn_Card_Maker工具.rar
2020-04-25 19:17 - 2020-04-25 19:17 - 001295576 _____ (Google LLC) C:\Users\Usuario\Downloads\installbackupandsync.exe
2020-04-25 19:16 - 2020-04-25 19:25 - 000000000 ____D C:\Users\Usuario\Desktop\GT KING
2020-04-25 18:54 - 2020-04-25 18:54 - 000000000 __SHD C:\found.007
2020-04-25 18:42 - 2020-04-25 18:42 - 006875231 _____ C:\Users\Usuario\Downloads\La Gaceta de Salamanca-24_nodrm.pdf
2020-04-25 11:32 - 2020-04-25 11:32 - 000000000 __SHD C:\found.006
2020-04-19 22:52 - 2020-04-19 22:52 - 000073244 _____ C:\Users\Usuario\Downloads\E2_Astra_Hotbird_25_03_2020.rar
2020-04-19 22:07 - 2020-04-19 22:07 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DCC_E2
2020-04-19 21:44 - 2020-04-19 21:44 - 000001698 _____ C:\Users\Usuario\Downloads\CARLOS (1).rar
2020-04-19 21:38 - 2020-04-19 21:38 - 004760525 _____ C:\Users\Usuario\Downloads\guide_IPTV (3).xml.gz
2020-04-19 21:38 - 2020-04-19 21:38 - 004760525 _____ C:\Users\Usuario\Downloads\guide_IPTV (2).xml.gz
2020-04-19 21:36 - 2020-04-19 21:36 - 004760525 _____ C:\Users\Usuario\Downloads\guide_IPTV (1).xml.gz
2020-04-19 21:35 - 2020-04-19 21:35 - 004760525 _____ C:\Users\Usuario\Downloads\guide_IPTV.xml.gz
2020-04-19 11:39 - 2020-04-19 11:39 - 146713696 _____ C:\Users\Usuario\Downloads\BlackHole-3.0.9-vusolo2_usb_release_20190714_7bc68c8 (1).zip
2020-04-19 11:32 - 2020-04-19 12:03 - 000000000 ____D C:\Users\Usuario\DCC_E2
2020-04-19 11:31 - 2020-04-19 22:07 - 000000915 _____ C:\Users\Usuario\Desktop\DCC-E2.lnk
2020-04-19 11:31 - 2020-04-19 22:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DCC_E2
2020-04-19 11:31 - 2020-04-19 22:07 - 000000000 ____D C:\Program Files (x86)\DCC_E2
2020-04-19 11:31 - 2020-04-19 11:31 - 000000000 ____D C:\Users\Usuario\Desktop\DCC
2020-04-19 11:27 - 2020-04-19 11:30 - 132019208 _____ C:\Users\Usuario\Downloads\vuplus-image-vusolo2-20191218151100_usb.zip
2020-04-18 22:52 - 2020-04-18 22:52 - 000000000 ____D C:\Users\Usuario\Desktop\Nuevo DCC
2020-04-18 18:31 - 2012-07-01 00:51 - 006381568 _____ (BernyR) C:\Users\Usuario\Desktop\DCC_E2.exe
2020-04-18 14:32 - 2020-04-18 14:32 - 000000000 ____D C:\Users\Usuario\Downloads\CrystalDiskInfoPortable
2020-04-18 14:31 - 2020-04-18 14:31 - 006095328 _____ (PortableApps.com) C:\Users\Usuario\Downloads\crystaldiskinfo-portable-8-3-2.exe
2020-04-17 13:19 - 2020-04-17 13:19 - 000393478 _____ C:\Users\Usuario\Downloads\INGLES_NUMBERS.pdf
2020-04-15 22:10 - 2020-04-15 22:10 - 001862328 _____ C:\Users\Usuario\Downloads\plugin.GTKING-BUILD.zip
2020-04-15 11:53 - 2020-04-15 11:53 - 000263116 _____ C:\Users\Usuario\Downloads\NNSS_PLANTS.pdf
2020-04-15 11:46 - 2020-04-15 11:46 - 000000000 __SHD C:\found.005
2020-04-14 18:18 - 2020-05-14 11:36 - 000000000 ____D C:\Users\Usuario\Desktop\Tareas de Matematicas
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-05-14 19:36 - 2009-07-14 06:45 - 000021264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-05-14 19:36 - 2009-07-14 06:45 - 000021264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-05-14 19:30 - 2018-04-16 17:33 - 000003758 _____ C:\Windows\system32\Tasks\AutoKMS
2020-05-14 19:28 - 2018-04-16 20:04 - 000000000 ____D C:\ProgramData\NVIDIA
2020-05-14 19:28 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-05-14 19:26 - 2020-03-23 22:20 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Yahoo!
2020-05-14 19:06 - 2018-10-10 20:06 - 000000272 _____ C:\Windows\Tasks\{09A952AF-28E2-93D1-8224-76300BFDCA1D}.job
2020-05-14 18:57 - 2018-04-20 21:13 - 000000000 ____D C:\Users\Usuario\Documents\ShareX
2020-05-14 18:57 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-05-14 18:40 - 2019-01-19 21:32 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\uTorrent
2020-05-14 18:40 - 2018-04-16 17:37 - 000000000 ____D C:\Users\Usuario\AppData\Local\CrashDumps
2020-05-14 14:07 - 2020-04-03 12:27 - 000000000 ____D C:\Users\Usuario\Desktop\Tareas de lucia Relicion
2020-05-14 13:11 - 2020-04-12 20:53 - 000000000 ____D C:\Users\Usuario\AppData\Local\BitTorrentHelper
2020-05-14 12:58 - 2019-12-25 21:29 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TIDAL Music AS
2020-05-14 12:57 - 2018-08-09 21:44 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Wondershare
2020-05-14 12:57 - 2018-08-09 21:44 - 000000000 ____D C:\Program Files (x86)\Wondershare
2020-05-14 12:57 - 2018-08-09 21:37 - 000000000 ____D C:\Users\Usuario\.android
2020-05-14 12:37 - 2018-10-06 13:18 - 000000000 ____D C:\Program Files (x86)\Notepad++
2020-05-14 12:33 - 2018-07-06 14:49 - 000000000 ____D C:\Program Files (x86)\BlueStacks
2020-05-14 12:17 - 2018-08-10 21:55 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MobiKin
2020-05-14 12:17 - 2018-08-10 21:55 - 000000000 ____D C:\Program Files (x86)\MobiKin
2020-05-14 12:10 - 2018-04-16 17:37 - 000000000 ____D C:\Users\Usuario\AppData\Local\Bluestacks
2020-05-14 12:07 - 2020-03-23 22:20 - 000000000 ____D C:\Program Files (x86)\Yahoo!
2020-05-14 11:57 - 2020-04-03 13:01 - 000000000 ____D C:\Users\Usuario\Desktop\Tareas de Ingles
2020-05-14 11:47 - 2020-03-17 15:28 - 000000000 ____D C:\Users\Usuario\Desktop\Tarea de Lengua
2020-05-14 11:38 - 2020-04-03 13:03 - 000000000 ____D C:\Users\Usuario\Desktop\Tareas de Naturaleza
2020-05-13 17:41 - 2020-04-03 13:00 - 000000000 ____D C:\Users\Usuario\Desktop\Tareas Sociales
2020-05-13 10:02 - 2018-12-27 07:26 - 000000000 ____D C:\Windows\pss
2020-05-12 23:20 - 2018-11-11 20:02 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-05-12 23:20 - 2018-11-11 20:02 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-05-12 23:20 - 2018-11-11 20:02 - 000004508 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-05-12 23:20 - 2018-11-11 20:02 - 000004332 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-05-12 23:20 - 2018-11-11 20:02 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-05-12 23:20 - 2018-11-11 20:02 - 000000000 ____D C:\Windows\system32\Macromed
2020-05-12 20:27 - 2018-04-16 18:30 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-05-12 09:36 - 2020-03-12 15:35 - 000566048 _____ C:\Windows\system32\FNTCACHE.DAT
2020-05-11 20:11 - 2018-04-16 17:09 - 000147736 _____ C:\Users\Usuario\AppData\Local\GDIPFONTCACHEV1.DAT
2020-05-11 20:09 - 2011-04-12 11:10 - 000747166 _____ C:\Windows\system32\perfh00A.dat
2020-05-11 20:09 - 2011-04-12 11:10 - 000158638 _____ C:\Windows\system32\perfc00A.dat
2020-05-11 20:09 - 2009-07-14 07:13 - 001675958 _____ C:\Windows\system32\PerfStringBackup.INI
2020-05-11 20:07 - 2009-07-14 04:34 - 000000513 _____ C:\Windows\win.ini
2020-05-11 20:05 - 2020-03-23 21:56 - 000000000 ____D C:\Program Files (x86)\HP
2020-05-11 20:02 - 2020-03-23 22:08 - 000000000 ____D C:\ProgramData\HP
2020-05-10 22:02 - 2019-01-19 21:19 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Lavasoft
2020-05-10 22:02 - 2019-01-19 21:19 - 000000000 ____D C:\Users\Usuario\AppData\Local\Lavasoft
2020-05-10 22:02 - 2019-01-19 21:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2020-05-10 22:02 - 2019-01-19 21:19 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2020-05-10 22:02 - 2019-01-19 21:18 - 000000000 ____D C:\ProgramData\Lavasoft
2020-05-10 21:11 - 2018-04-20 07:27 - 000000000 ____D C:\Windows\Minidump
2020-05-10 11:27 - 2018-04-16 17:53 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\vlc
2020-05-07 10:09 - 2018-04-16 16:55 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-06 22:55 - 2018-04-16 16:44 - 000000000 ____D C:\Users\Usuario
2020-05-05 23:06 - 2018-04-16 17:50 - 000000000 ____D C:\Users\Usuario\AppData\Local\SquirrelTemp
2020-05-04 22:58 - 2019-11-08 20:29 - 000000000 ____D C:\Users\Usuario\AppData\Local\Golden Frog, GmbH
2020-05-04 22:58 - 2019-11-08 20:24 - 000000000 ____D C:\Program Files (x86)\VyprVPN
2020-05-04 22:35 - 2018-09-30 17:04 - 000000000 ____D C:\ProgramData\Package Cache
2020-05-02 10:39 - 2018-04-27 14:40 - 000000000 ____D C:\Program Files\Opera
2020-05-01 11:20 - 2018-04-27 14:40 - 000003846 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1524832858
2020-04-25 18:56 - 2019-09-29 13:37 - 000000000 ____D C:\ProgramData\AVG
2020-04-25 18:56 - 2018-04-16 17:51 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\AVG
2020-04-25 18:56 - 2018-04-16 17:37 - 000000000 ____D C:\Users\Usuario\AppData\Local\Avg
2020-04-25 18:29 - 2019-01-28 21:18 - 000000000 _____ C:\Windows\system32\last.dump
2020-04-23 20:56 - 2020-03-05 16:02 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-04-23 20:56 - 2018-07-06 14:55 - 000003872 _____ C:\Windows\system32\Tasks\BlueStacksHelper
2020-04-23 20:56 - 2018-04-16 18:31 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-04-23 20:56 - 2018-04-16 16:55 - 000003536 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-04-23 20:56 - 2018-04-16 16:55 - 000003408 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-04-20 20:28 - 2020-02-27 16:38 - 000000000 ____D C:\Users\Usuario\Desktop\Para VU+
2020-04-19 11:30 - 2018-05-01 20:06 - 000000466 _____ C:\Users\Usuario\Desktop\dcc.ini
2020-04-18 22:35 - 2018-04-16 17:51 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Notepad++
2020-04-18 17:26 - 2009-07-14 07:08 - 000032624 _____ C:\Windows\Tasks\SCHEDLGU.TXT
==================== Archivos en la raíz de algunos directorios ========
2018-04-16 17:53 - 2015-02-09 01:54 - 000000222 _____ () C:\Users\Usuario\AppData\Roaming\burnaware.ini
2018-04-23 00:42 - 2018-05-08 07:18 - 000000307 _____ () C:\Users\Usuario\AppData\Roaming\WB.CFG
2018-04-16 17:50 - 2013-04-07 18:31 - 000007666 _____ () C:\Users\Usuario\AppData\Local\Resmon.ResmonCfg
2018-04-16 17:50 - 2013-02-09 14:35 - 000000003 _____ () C:\Users\Usuario\AppData\Local\updater.log
2018-04-16 17:50 - 2019-01-07 20:18 - 000000425 _____ () C:\Users\Usuario\AppData\Local\UserProducts.xml
2019-02-01 09:23 - 2019-02-01 09:23 - 000000000 _____ () C:\Users\Usuario\AppData\Local\{A71D7BC8-6CAF-46F4-8459-822A4795AD4B}
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
LastRegBack: 2020-05-07 11:15
==================== Final de FRST.txt ========================