Eliminar virus/keyloggers de PC

Hola, estoy bastante seguro que tengo algun virus/keylogger en la PC ya que habia descargado algunos archivos medio dudosos y también tengo Zoom instalado (nose si sera eso) cuestion que hoy me quisieron entrar en algunas cuentas como Instagram (no pudieron por la verificacion en dos pasos) y pudieron entrar en otras como las cuentas propias de Reddit y Forospyware en las cuales cambiaron la contraseña pero pude recuperarlas,que deberia hacer para poder eliminar estos virus que tengo en la pc?

Sigo esta guia?

Hola @tngs

Sigue la Guia y nos pegas los reportes:

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2.

Hola, copio y pego aqui los logs de Malwarebytes:

PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 1
Malware.Generic.4201896386, E:\INTERNO WINDOWS\DESCARGAS\HACK + CONFIG.RAR, En cuarentena, 1000000, 0, 1.0.23052, A3E197A011DB97ACFA73D9C2, dds, 00695589

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

El programa “Rkill by Grinler” no encontro ninguna amenaza

Rkill 2.9.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2020 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 04/27/2020 10:50:00 PM in x64 mode.
Windows Version: Windows 10 Pro 

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

ESET Nod32 Online:

28/4/2020 13:18:21
Archivos explorados: 513409
Archivos detectados: 2
Archivos desinfectados: 2
Tiempo total de exploración 01:02:04
Estado de la exploración: Finalizado


E:\Interno Windows\Descargas\Monster.Hunter.World.Update.v166925-CODEX\Update\Setup.exe	una variante de Win32/HackTool.Crack.ES aplicación potencialmente no segura	desinfectado por eliminación
E:\Interno Windows\Descargas\Savage Pr0 v1 - By Nima Najafi (Iranian Crackers)\svhost.exe	Win32/GameHack.SV aplicación potencialmente no segura	desinfectado por eliminación

CCleaner, habia hecho anteriormente una limpieza en la cual no guarde los logs, asique no podria mandar ninguno.

Hola @tngs

El reporte de Malwarebytes esta incompleto le falta toda su cabecera.

Realiza lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. >> Como saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan/Analizar y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

3.- En tu próxima respuesta, pega los reportes generados.

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2

Buenos dias, tienes razon con el reporte de Malwarebytes te pido disculpas, pego aqui los reportes:

Malwarebytes completo:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 27/4/20
Hora del análisis: 22:48
Archivo de registro: 5d140c17-88f2-11ea-9232-408d5cb8acb8.json

-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.867
Versión del paquete de actualización: 1.0.23052
Licencia: Gratis

-Información del sistema-
SO: Windows 10 (Build 18362.778)
CPU: x64
Sistema de archivos: NTFS
Usuario: PC-GASTON\Gaston

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 290527
Amenazas detectadas: 1
Amenazas en cuarentena: 1
Tiempo transcurrido: 1 min, 18 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 1
Malware.Generic.4201896386, E:\INTERNO WINDOWS\DESCARGAS\HACK + CONFIG.RAR, En cuarentena, 1000000, 0, 1.0.23052, A3E197A011DB97ACFA73D9C2, dds, 00695589

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

FRST.txt

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 28-04-2020
Ejecutado por Gaston (administrador) sobre PC-GASTON (Gigabyte Technology Co., Ltd. Z170-Gaming K3) (29-04-2020 06:53:24)
Ejecutado desde C:\
Perfiles cargados: Gaston (Perfiles disponibles: Gaston)
Platform: Windows 10 Pro Versión 1909 18363.778 (X64) Idioma: Español (México)
Navegador predeterminado: Chrome
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Discord Inc. -> Discord Inc.) C:\Users\Gaston\AppData\Local\Discord\app-0.0.306\Discord.exe <6>
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <16>
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe
(Nota Inc. -> Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_87086da927dcdf63\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [iTunesHelper] => E:\iTunes\iTunesHelper.exe [302904 2019-10-03] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18723976 2018-08-08] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8844032 2016-01-26] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\Run: [Steam] => E:\Steam\steam.exe [3371296 2020-04-03] (Valve -> Valve Corporation)
HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\Run: [Epic Privacy Browser Installer] => C:\Users\Gaston\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe [509096 2019-09-09] (Google Inc (TEST) -> Epic Privacy Browser) [Archivo no firmado]
HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\Run: [EpicGamesLauncher] => E:\Epic Games Launcher\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [31734672 2020-03-27] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [913800 2019-12-03] (Nota Inc. -> Nota Inc.)
HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\Run: [utweb] => C:\Users\Gaston\AppData\Roaming\uTorrent Web\utweb.exe [5427840 2020-02-11] (Jenkins Win Client Build CA -> BitTorrent Inc.) [Archivo no firmado]
HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\Run: [Discord] => C:\Users\Gaston\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.122\Installer\chrmstp.exe [2020-04-23] (Google LLC -> Google LLC)

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {1132634E-9C38-404D-9853-C738B06F35F4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-18] (Google Inc -> Google LLC)
Task: {199C74D2-03F8-437B-BBE4-2B744804613C} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2020-03-04] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {25C23188-56E7-4660-A368-C16B65EC3EB4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2D55CE95-6CE3-4756-ABEF-414B1302C913} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2020-03-04] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {33368BAD-4924-49DE-BAFE-0242F313953E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3C3ADF28-73C2-41FE-98F2-BAF37F04BF70} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2019-12-03] (Nota Inc. -> Nota Inc.)
Task: {3F77B6ED-75B1-4DE8-8E86-7E2D9005A5CC} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2020-03-04] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {500C7C10-1C20-4124-928B-CB7F6C93AB63} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2020-03-04] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {50E3F842-2B40-4CAD-99F6-5F869C04655B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2020-03-04] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {585EF155-3909-48DC-8BCA-D1C70B1795B0} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2020-03-04] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5B3F835B-6584-4751-B2BB-4AD23B17AF71} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7673AC07-BBA4-41C8-A4F7-3FDBE7A8EB53} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2019-12-03] (Nota Inc. -> Nota Inc.)
Task: {77396624-30C9-41A1-A818-FEF089718879} - System32\Tasks\Driver Booster SkipUAC (Gaston) => E:\Iobit\Driver Booster\5.5.1\DriverBooster.exe
Task: {7B0653F5-FE27-4D04-9A92-03476FAAB8BE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9E196E45-C035-4373-B24E-6B7253EE23E6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {ABA14A56-A254-4C24-85A3-90797CFE4D1B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C02C502E-4514-486C-83C8-E6CFA4E14D53} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2020-03-04] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C143EE89-2C02-4336-A5C0-89E0292DD254} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C1C587A4-6CDE-4F29-9F26-6F8B86481DB7} - System32\Tasks\SidebarStartup => C:\Users\Gaston\AppData\Local\SidebarDiagnostics\app-3.5.3\SidebarDiagnostics.exe [1155072 2019-08-27] (ArcadeRenegade) [Archivo no firmado]
Task: {C5F8D0CB-43E7-4585-8F71-3DC4C97BD1FF} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C6E3D28E-46A0-42E5-9F41-FD7FCFC06281} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {CAA7B561-DBB0-4510-939A-DFBF977A0B1C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2020-03-04] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D178B29A-8FD6-4E13-B82D-2C06F397E0E6} - System32\Tasks\AdwCleaner_onReboot => E:\Interno Windows\Descargas\adwcleaner_8.0.4.exe
Task: {E95D5205-59AD-483C-ABE1-2D4BBC807150} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2020-03-04] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F1463EB8-5707-41C7-92C3-FD01A343190B} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {F7389701-7A9D-43C6-ACE4-16DD433F014D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2020-03-04] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FBED1499-89A8-4856-993E-CAC3BAB608D4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-18] (Google Inc -> Google LLC)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 200.42.4.207 200.49.130.47
Tcpip\..\Interfaces\{a9429496-b59e-44ea-b919-0f5d7e680f20}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{e6ee473f-4c82-4fc7-ad22-518c0c2c0f13}: [DhcpNameServer] 200.42.4.207 200.49.130.47

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKU\S-1-5-21-2553759803-4258861891-2583773945-1001 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2553759803-4258861891-2583773945-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\Gaston\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2019-09-09] (Google Inc (TEST) -> Epic Privacy Browser) [Archivo no firmado]
FF Plugin HKU\S-1-5-21-2553759803-4258861891-2583773945-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\Gaston\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2019-09-09] (Google Inc (TEST) -> Epic Privacy Browser) [Archivo no firmado]
FF Plugin HKU\S-1-5-21-2553759803-4258861891-2583773945-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Gaston\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-21] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Gaston\AppData\Local\Google\Chrome\User Data\Default [2020-04-29]
CHR DownloadDir: E:\Interno Windows\Descargas
CHR Notifications: Default -> hxxps://play.gll.gg
CHR StartupUrls: Default -> "hxxps://www.google.com.ar/","hxxps://www.google.com/","hxxps://www.google.com/"
CHR Extension: (Universal Bypass) - C:\Users\Gaston\AppData\Local\Google\Chrome\User Data\Default\Extensions\aihomhdbhpnpmcnnbckjjcebjoikpihj [2020-04-29]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\Gaston\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-07]
CHR Extension: (uBlock Origin) - C:\Users\Gaston\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-04-21]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Gaston\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (uBlock Origin Extra) - C:\Users\Gaston\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgdnlhfefecpicbbihgmbmffkjpaplco [2019-09-09]
CHR Extension: (Create Desktop Shortcuts using Chrome...) - C:\Users\Gaston\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkcompmllfhgfgnnonbknpkgloanffba [2020-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Gaston\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-21]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-08-26] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8402648 2019-12-02] (BattlEye Innovations e.K. -> )
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-08-08] (Logitech Inc -> Logitech Inc.)
S3 MBAMService; E:\Malwarebytes Anti Malware\MBAMService.exe [6933272 2020-04-09] (Malwarebytes Inc -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2020-03-04] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2020-03-04] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5930136 2020-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13206544 2020-03-09] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-06-26] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_87086da927dcdf63\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_87086da927dcdf63\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-12] (Microsoft Corporation) [Archivo no firmado]
R3 e2xw10x64; C:\WINDOWS\System32\drivers\e2xw10x64.sys [164840 2019-07-18] (Rivet Networks LLC -> Qualcomm Atheros, Inc.)
U5 GCSYS; C:\Users\Gaston\AppData\Local\Programs\gamers-club-anti-cheat\resources\GCSYS64.sys [3968120 2020-04-23] (Gamers Club (Gamers Club Ltda) -> )
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-07-18] (Martin Malik - REALiX -> REALiX(tm))
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [906160 2019-07-18] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45168 2018-08-08] (Logitech Inc -> Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-08-08] (Logitech Inc -> Logitech Inc.)
S3 logi_audio_surround; C:\WINDOWS\system32\drivers\logi_audio_surround.sys [44088 2019-10-03] (Logitech Inc -> Logitech)
S3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [38136 2019-07-19] (Logitech Inc -> Logitech)
S3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [20624 2019-07-19] (WDKTestCert sqa,131523902232810150 -> Logitech, Inc.)
S3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66808 2019-07-19] (Logitech Inc -> Logitech)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-04-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MEIx64; C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys [266128 2019-07-18] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2019-05-18] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_87086da927dcdf63\nvlddmkm.sys [23287696 2020-03-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2020-03-04] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2020-03-04] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2020-03-04] (NVIDIA Corporation -> NVIDIA Corporation)
R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [56840 2019-07-18] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166752 2019-07-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [391392 2020-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2020-01-02] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-04-29 06:53 - 2020-04-29 06:53 - 000024261 _____ C:\FRST.txt
2020-04-29 06:53 - 2020-04-29 06:53 - 000000000 ____D C:\FRST
2020-04-29 06:52 - 2020-04-29 06:52 - 002283008 _____ (Farbar) C:\FRST64.exe
2020-04-28 22:52 - 2020-04-28 22:52 - 000000000 ____D C:\Users\Gaston\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Halflife Logo Creator
2020-04-28 10:45 - 2020-04-28 10:45 - 000000666 _____ C:\Users\Gaston\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2020-04-28 10:45 - 2020-04-28 10:45 - 000000000 ____D C:\Users\Gaston\AppData\Local\ESET
2020-04-25 10:45 - 2020-04-25 22:02 - 000000000 ____D C:\Users\Gaston\AppData\Roaming\gamers-club-anti-cheat
2020-04-25 10:45 - 2020-04-25 10:45 - 000002567 _____ C:\Users\Gaston\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gamers Club Anti-Cheat.lnk
2020-04-25 10:45 - 2020-04-25 10:45 - 000000000 ____D C:\Users\Gaston\AppData\Roaming\Gamers Club Anti-Cheat
2020-04-25 10:45 - 2020-04-25 10:45 - 000000000 ____D C:\Users\Gaston\AppData\Local\gamers-club-anti-cheat-updater
2020-04-21 19:37 - 2020-04-21 19:37 - 000000000 ____D C:\Users\Gaston\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2020-04-21 19:36 - 2020-04-21 19:37 - 000000000 ____D C:\Users\Gaston\AppData\Roaming\Zoom
2020-04-19 15:35 - 2020-04-19 15:35 - 000000640 _____ C:\ProgramData\Escritorio\Tierras del Sur Fácil.lnk
2020-04-19 15:35 - 2020-04-19 15:35 - 000000568 _____ C:\ProgramData\Escritorio\Tierras del Sur.lnk
2020-04-19 15:35 - 2020-04-19 15:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tierras del Sur
2020-04-19 15:35 - 2016-12-06 23:14 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dx7vb.dll
2020-04-19 15:35 - 2015-11-24 11:59 - 000662288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCT2.OCX
2020-04-19 15:35 - 2012-06-06 08:49 - 001070152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCTL.OCX
2020-04-19 15:35 - 2010-02-16 15:22 - 000258880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFLXGRD.OCX
2020-04-19 15:35 - 2010-02-16 15:22 - 000218432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RICHTX32.OCX
2020-04-19 15:35 - 2010-02-16 15:22 - 000155984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COMDLG32.OCX
2020-04-19 15:35 - 2010-02-16 15:22 - 000136008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSINET.OCX
2020-04-19 15:35 - 2010-02-16 15:22 - 000126800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWINSCK.OCX
2020-04-19 15:35 - 2003-01-01 18:18 - 000107784 _____ (Catalyst Development Corporation) C:\WINDOWS\SysWOW64\CSWSK32.OCX
2020-04-19 15:35 - 2001-08-24 08:00 - 001355776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvbvm50.dll
2020-04-19 15:35 - 1998-06-25 00:00 - 000295514 _____ C:\WINDOWS\SysWOW64\VB6.OLB
2020-04-15 23:58 - 2020-04-15 23:58 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 022636544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 018027520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-04-15 23:58 - 2020-04-15 23:58 - 007756800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 006523048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 005910016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 004611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 004563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-04-15 23:58 - 2020-04-15 23:58 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 004129624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 003980800 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 003802624 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-04-15 23:58 - 2020-04-15 23:58 - 003587384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-04-15 23:58 - 2020-04-15 23:58 - 003512320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 003109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 002951832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
2020-04-15 23:58 - 2020-04-15 23:58 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-04-15 23:58 - 2020-04-15 23:58 - 002767928 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 002717184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-04-15 23:58 - 2020-04-15 23:58 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 002131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 002086656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 001999960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 001870408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 001665216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 001646048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 001603584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 001484384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-04-15 23:58 - 2020-04-15 23:58 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 001310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 001077064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-04-15 23:58 - 2020-04-15 23:58 - 001013000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-04-15 23:58 - 2020-04-15 23:58 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-04-15 23:58 - 2020-04-15 23:58 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-04-15 23:58 - 2020-04-15 23:58 - 000775696 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-04-15 23:58 - 2020-04-15 23:58 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-04-15 23:58 - 2020-04-15 23:58 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000673464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-04-15 23:58 - 2020-04-15 23:58 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000628616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-04-15 23:58 - 2020-04-15 23:58 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-04-15 23:58 - 2020-04-15 23:58 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-04-15 23:58 - 2020-04-15 23:58 - 000420152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-04-15 23:58 - 2020-04-15 23:58 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000339304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-04-15 23:58 - 2020-04-15 23:58 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000268008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-04-15 23:58 - 2020-04-15 23:58 - 000127280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-04-15 23:58 - 2020-04-15 23:58 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-04-15 23:58 - 2020-04-15 23:58 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumapi.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-04-15 23:58 - 2020-04-15 23:58 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumapi.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-04-15 23:58 - 2020-04-15 23:58 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
2020-04-15 23:58 - 2020-04-15 23:58 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-04-15 23:58 - 2020-04-15 23:58 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-04-15 23:58 - 2020-04-15 23:58 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-04-15 23:58 - 2020-04-15 23:58 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-04-15 23:58 - 2020-04-15 23:58 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-04-15 23:58 - 2020-04-15 23:58 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-04-15 23:58 - 2020-04-15 23:58 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-04-15 23:58 - 2020-04-15 23:58 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-04-15 23:58 - 2020-04-15 23:58 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-04-15 23:58 - 2020-04-15 23:58 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-04-15 23:58 - 2020-04-15 23:58 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-04-15 23:58 - 2020-04-15 23:58 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-04-15 23:58 - 2020-04-15 23:58 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-04-15 23:58 - 2020-04-15 23:58 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-04-15 23:52 - 2020-04-15 23:52 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-04-15 23:52 - 2020-04-15 23:52 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-04-14 22:32 - 2020-04-14 22:32 - 000000000 ____D C:\Users\Gaston\AppData\LocalLow\Ookla
2020-04-14 22:31 - 2020-04-14 22:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speedtest By Ookla
2020-04-14 22:31 - 2020-04-14 22:31 - 000000000 ____D C:\Program Files\Speedtest
2020-04-14 16:07 - 2020-04-14 16:07 - 000003646 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2020-04-11 22:19 - 2020-04-11 22:19 - 000000000 ____D C:\Users\Gaston\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnalogX
2020-04-11 22:19 - 2020-04-11 22:19 - 000000000 ____D C:\Program Files (x86)\AnalogX
2020-04-11 19:25 - 2020-04-11 19:25 - 000000000 ____D C:\WINDOWS\ERUNT
2020-04-09 20:24 - 2020-04-09 20:24 - 000003184 _____ C:\WINDOWS\system32\Tasks\AdwCleaner_onReboot
2020-04-09 20:07 - 2020-04-09 20:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2020-04-09 19:56 - 2020-04-09 19:56 - 000000000 ____D C:\Users\Gaston\AppData\Local\mbam
2020-04-09 19:56 - 2020-04-09 19:56 - 000000000 ____D C:\Users\Gaston\AppData\Local\cache
2020-04-09 19:55 - 2020-04-27 23:06 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-04-09 19:55 - 2020-04-09 19:55 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-04-09 19:55 - 2020-04-09 19:55 - 000000000 ____D C:\Users\Gaston\AppData\Local\mbamtray
2020-04-09 19:55 - 2020-04-09 19:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-04-09 19:55 - 2020-04-09 19:55 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-04-09 19:42 - 2020-04-09 19:42 - 000000000 ____D C:\Users\Gaston\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\sXe Injected
2020-04-09 08:20 - 2020-04-09 15:06 - 000013904 _____ C:\ProgramData\DisplaySessionContainer6.log_backup1
2020-04-08 22:11 - 2020-04-08 22:11 - 000000000 ____D C:\Users\Gaston\AppData\Local\Discord
2020-04-07 22:54 - 2020-04-07 22:54 - 000000000 ____D C:\Users\Gaston\AppData\Local\LogMeIn
2020-04-07 22:54 - 2020-04-07 22:54 - 000000000 ____D C:\ProgramData\LogMeIn

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-04-29 06:48 - 2019-07-18 22:20 - 000000000 ____D C:\ProgramData\NVIDIA
2020-04-29 06:47 - 2019-07-19 15:55 - 000000000 ____D C:\Users\Gaston\AppData\Roaming\Discord
2020-04-29 00:01 - 2020-03-15 23:17 - 000016623 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-04-29 00:01 - 2019-03-19 01:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-28 21:19 - 2019-09-13 08:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-04-28 13:28 - 2019-09-13 08:48 - 001767798 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-28 13:28 - 2019-03-19 08:49 - 000783316 _____ C:\WINDOWS\system32\perfh00A.dat
2020-04-28 13:28 - 2019-03-19 08:49 - 000152786 _____ C:\WINDOWS\system32\perfc00A.dat
2020-04-28 13:28 - 2019-03-19 01:50 - 000000000 ____D C:\WINDOWS\INF
2020-04-28 13:22 - 2020-03-20 21:04 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-04-28 13:22 - 2019-09-13 08:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-28 13:21 - 2020-03-15 23:17 - 000086272 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-04-28 13:21 - 2020-03-15 23:17 - 000052637 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-04-28 13:21 - 2019-03-19 01:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-04-28 10:44 - 2019-09-29 12:32 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-04-28 10:44 - 2019-09-29 12:32 - 000000870 _____ C:\ProgramData\Escritorio\CCleaner.lnk
2020-04-27 23:48 - 2019-03-19 01:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-27 23:48 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-04-27 22:59 - 2019-07-19 15:41 - 000000000 ____D C:\Users\Gaston\AppData\Local\CrashDumps
2020-04-27 01:36 - 2020-03-16 00:26 - 000010295 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2020-04-26 04:34 - 2019-09-12 23:47 - 000000000 ____D C:\Users\Gaston
2020-04-23 19:42 - 2019-07-18 22:18 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-23 19:42 - 2019-07-18 22:18 - 000002265 _____ C:\ProgramData\Escritorio\Google Chrome.lnk
2020-04-22 15:22 - 2020-03-15 23:17 - 000001209 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2020-04-22 00:59 - 2020-03-16 23:00 - 000012208 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1
2020-04-16 09:12 - 2019-09-13 08:42 - 000435024 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-16 00:46 - 2019-03-19 08:52 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-04-16 00:46 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2020-04-16 00:46 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-04-16 00:46 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-04-16 00:46 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2020-04-16 00:46 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-04-16 00:46 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-04-15 23:59 - 2019-03-19 01:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-04-14 22:59 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-04-11 22:20 - 2019-07-18 22:14 - 000000000 ____D C:\Users\Gaston\AppData\Local\VirtualStore
2020-04-11 19:46 - 2019-07-18 22:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-04-11 19:36 - 2019-09-13 10:49 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-04-11 19:32 - 2019-07-18 22:59 - 000000008 __RSH C:\ProgramData\ntuser.pol
2020-04-11 19:31 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2020-04-11 19:31 - 2018-04-11 20:38 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2020-04-09 20:21 - 2020-03-20 21:04 - 000000000 ____D C:\Users\Gaston\AppData\Roaming\TeamViewer
2020-04-09 20:21 - 2020-02-23 17:23 - 000000000 ____D C:\WINDOWS\Minidump
2020-04-09 19:55 - 2019-03-19 01:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-04-09 08:20 - 2020-03-18 22:08 - 000017711 _____ C:\ProgramData\DisplaySessionContainer5.log_backup1
2020-04-08 22:11 - 2019-07-19 15:55 - 000000000 ____D C:\Users\Gaston\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-04-08 22:11 - 2019-07-19 15:54 - 000000000 ____D C:\Users\Gaston\AppData\Local\SquirrelTemp
2020-04-08 00:46 - 2020-03-18 00:31 - 000011855 _____ C:\ProgramData\DisplaySessionContainer4.log_backup1
2020-04-07 22:18 - 2019-07-19 08:43 - 000000000 ____D C:\Users\Gaston\AppData\Local\NVIDIA
2020-04-01 12:12 - 2019-08-26 20:39 - 000000000 ____D C:\Users\Gaston\AppData\Local\SidebarDiagnostics

==================== Archivos en la raíz de algunos directorios ========

2020-04-09 19:40 - 2020-04-09 19:38 - 014932720 _____ (Alejandro Cortés) C:\Program Files (x86)\Common Files\InjectedSetup.exe

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Addition.txt

    Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 28-04-2020
    Ejecutado por Gaston (29-04-2020 06:54:11)
    Ejecutado desde C:\
    Windows 10 Pro Versión 1909 18363.778 (X64) (2019-09-13 11:47:39)
    Modo de Inicio: Normal
    ==========================================================


    ==================== Cuentas: =============================

    Administrador (S-1-5-21-2553759803-4258861891-2583773945-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-2553759803-4258861891-2583773945-503 - Limited - Disabled)
    Gaston (S-1-5-21-2553759803-4258861891-2583773945-1001 - Administrator - Enabled) => C:\Users\Gaston
    Invitado (S-1-5-21-2553759803-4258861891-2583773945-501 - Limited - Disabled)
    WDAGUtilityAccount (S-1-5-21-2553759803-4258861891-2583773945-504 - Limited - Disabled)

    ==================== Centro de Seguridad ========================

    (Si una entrada es incluida en el fixlist, será eliminada.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: Malwarebytes (Disabled - Out of date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Programas instalados ======================

    (Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

    Actualización de NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
    AnalogX PortMapper (HKLM-x32\...\AnalogX PortMapper) (Version:  - AnalogX)
    Apple Application Support (32 bits) (HKLM-x32\...\{FD52A2FF-4D16-49C4-A2CD-DAC752C18BA2}) (Version: 8.0 - Apple Inc.)
    Apple Application Support (64 bits) (HKLM\...\{9B061D60-4E2C-4987-BFFD-423E3D477660}) (Version: 8.0 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{6CECF0FB-EE71-4FE5-8AE0-FA007408934A}) (Version: 13.0.0.38 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
    ArroyoMU 0.97 (HKLM-x32\...\ArroyoMU 0.97) (Version:  - )
    Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version:  - Blizzard Entertainment)
    CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
    CPUID CPU-Z 1.91 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.91 - CPUID, Inc.)
    CPUID HWMonitor 1.41 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.41 - CPUID, Inc.)
    Discord (HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\Discord) (Version: 0.0.306 - Discord Inc.)
    Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
    Epic Games Launcher (HKLM-x32\...\{5D2C53C5-AA9C-493F-99B6-A8F458A62EAB}) (Version: 1.1.229.0 - Epic Games, Inc.)
    Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
    Epic Privacy Browser (HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\Epic Privacy Browser) (Version: 71.0.3578.98 - Epic)
    Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
    Gamers Club Anti-Cheat 3.1.16 (HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\5336d6e5-cfd5-580d-976b-0c07db708c28) (Version: 3.1.16 - Gamers Club Engeneering)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.122 - Google LLC)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
    Gyazo 4.1.0.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
    Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
    Injected Anti-cheat (HKLM-x32\...\Injected Anti-cheat) (Version: 17.2.0.0 - Alejandro Cortés)
    iTunes (HKLM\...\{00CF31D7-C80E-4C64-ABE4-5D96B314BB3E}) (Version: 12.10.1.4 - Apple Inc.)
    KeyTweak - Keyboard Remapper (remove only) (HKLM-x32\...\KeyTweak) (Version:  - )
    Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
    Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.61 - Logitech Inc.)
    Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
    Master PDF Editor 5.4.38 (HKLM\...\Master PDF Editor 5.4.38_is1) (Version: 5.4.38 - Code Industry Ltd.)
    Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
    Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
    Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
    Monster Hunter World (HKLM-x32\...\Monster Hunter World_is1) (Version:  - )
    NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
    NVIDIA Controlador de audio HD 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
    NVIDIA Controlador de gráficos 442.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 442.59 - NVIDIA Corporation)
    NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
    NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
    OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
    Paquete de controladores de Windows - HS Incorporated (massfilter_hs) USB  (10/20/2010 2.0.0.8) (HKLM\...\80E97631DA49E8B2E4C5B606C9597BC75EE612F5) (Version: 10/20/2010 2.0.0.8 - HS Incorporated)
    Paquete de controladores de Windows - PANTECH Co., Ltd.  (PSKTBUS) USB  (06/20/2012 4.0.21.0) (HKLM\...\31F11A15A3058696191A3708600383CAA429752E) (Version: 06/20/2012 4.0.21.0 - PANTECH Co., Ltd. )
    Paquete de controladores de Windows - SAMSUNG Electronics Co., Ltd.  (dg_ssudbus) USB  (06/10/2014 2.11.10.0) (HKLM\...\7C7D77F30DA293C8D56A9D5FB8C3E70F4E17DA7F) (Version: 06/10/2014 2.11.10.0 - SAMSUNG Electronics Co., Ltd. )
    Paquete de controladores de Windows - SAMSUNG Electronics Co., Ltd.  (ssadbus) USB  (11/30/2012 5.30.14.0) (HKLM\...\C9AEC81E4D365534AF50161EDA7C9CC56B205507) (Version: 11/30/2012 5.30.14.0 - SAMSUNG Electronics Co., Ltd. )
    Paquete de controladores de Windows - SAMSUNG Electronics Co., Ltd.  (ssaebus) USB  (02/05/2010 5.14.0.0) (HKLM\...\8CDE6EEFC346A059EC210060FC7B7DAA8279D584) (Version: 02/05/2010 5.14.0.0 - SAMSUNG Electronics Co., Ltd. )
    Paquete de controladores de Windows - SHARP (shu0bus) USB  (08/11/2011 5.28.4.0) (HKLM\...\8A1FC0FFE8E99DF8171E25D8C5AFF587290A67EF) (Version: 08/11/2011 5.28.4.0 - SHARP)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
    Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
    Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.)
    Sidebar Diagnostics (HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\SidebarDiagnostics) (Version: 3.5.3 - ArcadeRenegade)
    Sound Lock (HKLM-x32\...\{F84098A4-28E4-482F-A5A0-1BB29F2808DD}) (Version: 1.3.2 - 3 APPES) Hidden
    Sound Lock (HKLM-x32\...\Sound Lock 1.3.2) (Version: 1.3.2 - 3 APPES)
    Speedtest by Ookla (HKLM\...\{DF82FDC9-5957-448E-8AB0-22F3F2E9DA02}) (Version: 1.4.53.001 - Ookla)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.3.8497 - TeamViewer)
    Tierras del Sur (HKLM-x32\...\Tierras del Sur_is1) (Version:  - Tierras del Sur)
    TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
    Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
    Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 - Microsoft Corporation)
    uTorrent Web (HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\utweb) (Version: 1.0.8 - BitTorrent, Inc.)
    WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
    Zoom (HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)

    Packages:
    =========
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-07-18] (Microsoft Corporation) [MS Ad]
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-07-18] (Microsoft Corporation) [MS Ad]
    NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.956.0_x64__56jybvy8sckqj [2020-03-15] (NVIDIA Corp.)
    Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0 [2020-04-22] (Spotify AB) [Startup Task]

    ==================== Personalizado CLSID (Lista blanca): ==============

    (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

    ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Ningún archivo
    ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
    ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Ningún archivo
    ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
    ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
    ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => E:\Malwarebytes Anti Malware\mbshlext.dll [2020-04-09] (Malwarebytes Corporation -> Malwarebytes)
    ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Ningún archivo
    ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Ningún archivo
    ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
    ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_87086da927dcdf63\nvshext.dll [2020-03-05] (NVIDIA Corporation -> NVIDIA Corporation)
    ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => E:\Malwarebytes Anti Malware\mbshlext.dll [2020-04-09] (Malwarebytes Corporation -> Malwarebytes)
    ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
    ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)

    ==================== Codecs (Lista blanca) ====================

    ==================== Accesos directos & WMI ========================

    ==================== Módulos cargados (Lista blanca) =============

    2019-09-09 16:27 - 2018-05-14 22:34 - 000026112 _____ (Copyright (c) Code Industry Ltd ) [Archivo no firmado] C:\WINDOWS\System32\mpelocalmon.dll
    2018-04-06 15:29 - 2018-04-06 15:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files\Logitech Gaming Software\LIBEAY32.dll
    2018-04-06 15:29 - 2018-04-06 15:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files\Logitech Gaming Software\ssleay32.dll

    ==================== Alternate Data Streams (Lista blanca) ========

    ==================== Modo Seguro (Lista blanca) ==================

    (Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

    ==================== Asociación (Lista blanca) =================

    ==================== Internet Explorer sitios de confianza/restringidos ==========

    (Si una entrada es incluida en el fixlist, será eliminada del registro.)

    IE trusted site: HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\localhost -> localhost

    ==================== Hosts contenido: =========================

    (Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

    2018-04-11 20:38 - 2020-04-11 19:31 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
    127.0.0.1       localhost

    ==================== Otras Áreas ===========================

    (Actualmente no existe una corrección automática para esta sección.)

    HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\Control Panel\Desktop\\Wallpaper -> E:\Interno Windows\Descargas\1920x1080-2929113-mountains-forest-animals-firewatch-minimalism___animal-wallpapers.jpg
    DNS Servers: 200.42.4.207 - 200.49.130.47
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
    Firewall de Windows está deshabilitado.

    ==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

    (Si una entrada es incluida en el fixlist, será eliminada.)

    MSCONFIG\Services: GoogleChromeElevationService => 3
    MSCONFIG\Services: gupdate => 2
    MSCONFIG\Services: gupdatem => 3
    MSCONFIG\Services: NvContainerLocalSystem => 3
    MSCONFIG\Services: NvContainerNetworkService => 3
    MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
    MSCONFIG\Services: NvTelemetryContainer => 2
    MSCONFIG\Services: ssh-agent => 3
    MSCONFIG\Services: Steam Client Service => 3
    HKLM\...\StartupApproved\Run: => "SecurityHealth"
    HKLM\...\StartupApproved\Run: => "iTunesHelper"
    HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
    HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\StartupApproved\Run: => "Steam"
    HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
    HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\StartupApproved\Run: => "Epic Privacy Browser Installer"
    HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
    HKU\S-1-5-21-2553759803-4258861891-2583773945-1001\...\StartupApproved\Run: => "utweb"

    ==================== Reglas de firewall (Lista blanca) ================

    (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

    FirewallRules: [TCP Query User{A027DA0E-BBD0-4D9C-BCAE-5F3712F794E2}E:\counter-strike 1.6\hl.exe] => (Block) E:\counter-strike 1.6\hl.exe (Valve) [Archivo no firmado]
    FirewallRules: [UDP Query User{BC031533-01A7-4763-A833-2B5E7C804010}E:\counter-strike 1.6\hl.exe] => (Block) E:\counter-strike 1.6\hl.exe (Valve) [Archivo no firmado]
    FirewallRules: [TCP Query User{7817DC39-79A3-4596-A1F5-7E58A0E3CD64}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
    FirewallRules: [UDP Query User{3A80217E-642E-439C-AE53-A27BE098A71D}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
    FirewallRules: [TCP Query User{4EE9BAE3-1C32-4855-9D65-FCC4BF8E06A6}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
    FirewallRules: [UDP Query User{50559B38-4354-4D87-9EBA-D2B2DC78415F}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:**texto en negrita**\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
    FirewallRules: [{8BDE24AC-A182-4DCA-832D-768C30249FC3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{5E490324-4691-4B02-82B4-9E8511D9AB9B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{4D65FCB0-A2E5-4786-9F87-CF45A6D36FFE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{A5516FF0-1AC0-49D6-B10E-00351B9B99BD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{BE1B378E-602B-48B3-BE54-5DE4331509EE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{40D62F2D-46A6-4682-899E-9EB918EFED7C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{D5B01827-C086-4173-B1CF-C9678D4290D9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{792A8088-3250-4C88-A121-AA6170CE19FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{D8D4A2DF-FCB7-4874-8821-FAD8FC818923}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
    FirewallRules: [TCP Query User{E19704A6-A3C4-45C3-AC49-2E5FD9D7ACC7}E:\steam\steam.exe] => (Allow) E:\steam\steam.exe (Valve -> Valve Corporation)
    FirewallRules: [UDP Query User{2DF35F7A-2C48-4AAD-A721-423A6F1A5A35}E:\steam\steam.exe] => (Allow) E:\steam\steam.exe (Valve -> Valve Corporation)
    FirewallRules: [{C6A1E480-CE73-43B9-9869-666D107157C1}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
    FirewallRules: [{5CFD2F92-8EE5-4B56-8992-66BC8B4B42FA}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
    FirewallRules: [{02C06CF2-C70A-49FE-9C0D-BB6AB26406C3}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
    FirewallRules: [{A2544D54-A0C1-4D0D-98B7-D8A1CB58D71D}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
    FirewallRules: [{E8AE83AC-7200-42E5-9528-F0954DF38BAD}] => (Allow) C:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation )
    FirewallRules: [{A6D44A72-B72C-4C47-955B-3491D80BAE85}] => (Allow) C:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation )
    FirewallRules: [{BC0A2823-11EA-45D8-AB64-53451120AFB6}] => (Allow) E:\Steam\steamapps\common\Session\SessionGame.exe (Epic Games, Inc.) [Archivo no firmado]
    FirewallRules: [{0CFC06E6-B5E3-4832-B9A5-9A059D45B84A}] => (Allow) E:\Steam\steamapps\common\Session\SessionGame.exe (Epic Games, Inc.) [Archivo no firmado]

    ==================== Puntos de Restauración =========================

    24-04-2020 13:24:00 Punto de control programado

    ==================== Dispositivos defectuosos en el Administrador de dispositivos ============


    ==================== Errores del registro de eventos: ========================

    Errores de aplicación:
    ==================
    Error: (04/29/2020 06:54:31 AM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (10660,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

    Error: (04/28/2020 11:31:20 PM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (8916,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

    Error: (04/28/2020 11:19:47 PM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (10380,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

    Error: (04/28/2020 10:54:23 PM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (1828,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

    Error: (04/28/2020 10:47:50 PM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (7172,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

    Error: (04/28/2020 10:29:21 PM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (1844,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

    Error: (04/28/2020 04:28:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 5969

    Error: (04/28/2020 04:28:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 5969


    Errores del sistema:
    =============
    Error: (04/28/2020 10:53:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: 
    Se ha bloqueado la descarga de este controlador

    Error: (04/28/2020 10:53:13 AM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \??\C:\Users\Gaston\AppData\Local\Temp\ehdrv.sys

    Error: (04/28/2020 10:53:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: 
    Se ha bloqueado la descarga de este controlador

    Error: (04/28/2020 10:53:12 AM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \??\C:\Users\Gaston\AppData\Local\Temp\ehdrv.sys

    Error: (04/28/2020 10:53:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: 
    Se ha bloqueado la descarga de este controlador

    Error: (04/28/2020 10:53:12 AM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \??\C:\Users\Gaston\AppData\Local\Temp\ehdrv.sys

    Error: (04/28/2020 10:53:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: 
    Se ha bloqueado la descarga de este controlador

    Error: (04/28/2020 10:53:12 AM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \??\C:\Users\Gaston\AppData\Local\Temp\ehdrv.sys


    Windows Defender:
    ===================================
    Date: 2020-04-28 11:46:00.656
    Description: 
    Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
    Para más información, consulta lo siguiente:
    https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
    Nombre: Trojan:Win32/Occamy.C
    Id.: 2147726780
    Gravedad: Grave
    Categoría: Caballo de Troya
    Ruta de acceso: file:_E:\Interno Windows\Descargas\Vermillon2020.rar
    Origen de detección: Equipo local
    Tipo de detección: FastPath
    Origen de detección: Protección en tiempo real
    Usuario: PC-GASTON\Gaston
    Nombre de proceso: E:\Interno Windows\Descargas\esetonlinescanner.exe
    Versión de inteligencia de seguridad: AV: 1.313.2499.0, AS: 1.313.2499.0, NIS: 1.313.2499.0
    Versión de motor: AM: 1.1.16900.4, NIS: 1.1.16900.4

    Date: 2020-04-28 11:44:44.621
    Description: 
    Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
    Para más información, consulta lo siguiente:
    https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Casdet!rfn&threatid=2147727512&enterprise=0
    Nombre: Trojan:Win32/Casdet!rfn
    Id.: 2147727512
    Gravedad: Grave
    Categoría: Caballo de Troya
    Ruta de acceso: file:_E:\Interno Windows\Descargas\InstaladorTDS2020.exe
    Origen de detección: Equipo local
    Tipo de detección: FastPath
    Origen de detección: Protección en tiempo real
    Usuario: PC-GASTON\Gaston
    Nombre de proceso: E:\Interno Windows\Descargas\esetonlinescanner.exe
    Versión de inteligencia de seguridad: AV: 1.313.2499.0, AS: 1.313.2499.0, NIS: 1.313.2499.0
    Versión de motor: AM: 1.1.16900.4, NIS: 1.1.16900.4

    Date: 2020-04-28 11:42:41.574
    Description: 
    Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
    Para más información, consulta lo siguiente:
    https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
    Nombre: Trojan:Win32/Occamy.C
    Id.: 2147726780
    Gravedad: Grave
    Categoría: Caballo de Troya
    Ruta de acceso: file:_E:\Interno Windows\Descargas\Savage Pr0 v1 - By Nima Najafi (Iranian Crackers)\svhost.dll
    Origen de detección: Equipo local
    Tipo de detección: FastPath
    Origen de detección: Protección en tiempo real
    Usuario: PC-GASTON\Gaston
    Nombre de proceso: E:\Interno Windows\Descargas\esetonlinescanner.exe
    Versión de inteligencia de seguridad: AV: 1.313.2499.0, AS: 1.313.2499.0, NIS: 1.313.2499.0
    Versión de motor: AM: 1.1.16900.4, NIS: 1.1.16900.4

    Date: 2020-04-28 10:53:35.988
    Description: 
    Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
    Para más información, consulta lo siguiente:
    https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
    Nombre: Trojan:Win32/Occamy.C
    Id.: 2147726780
    Gravedad: Grave
    Categoría: Caballo de Troya
    Ruta de acceso: file:_C:\Program Files\Code Industry\Master PDF Editor 5\ProjectMasterPDF5.exe
    Origen de detección: Equipo local
    Tipo de detección: FastPath
    Origen de detección: Sistema
    Usuario: NT AUTHORITY\SYSTEM
    Nombre de proceso: Unknown
    Versión de inteligencia de seguridad: AV: 1.313.2499.0, AS: 1.313.2499.0, NIS: 1.313.2499.0
    Versión de motor: AM: 1.1.16900.4, NIS: 1.1.16900.4

    Date: 2020-04-23 10:41:20.572
    Description: 
    El examen de Antivirus de Windows Defender se detuvo antes de completarse.
    Id. de examen: {2042F801-3E4E-40BC-B0BC-74D39F28D095}
    Tipo de examen: Antimalware
    Parámetros de examen: Examen rápido
    Usuario: NT AUTHORITY\SYSTEM

    Date: 2020-04-14 22:18:11.691
    Description: 
    Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
    Nueva versión de inteligencia de seguridad: 
    Versión anterior de inteligencia de seguridad: 1.313.1456.0
    Origen de actualización: Servidor de Microsoft Update
    Tipo de inteligencia de seguridad: AntiVirus
    Tipo de actualización: Completa
    Usuario: NT AUTHORITY\SYSTEM
    Versión actual del motor: 
    Versión anterior del motor: 1.1.16900.4
    Código de error: 0x8024402c
    Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulta Ayuda y soporte técnico. 

    CodeIntegrity:
    ===================================

    Date: 2020-04-29 06:49:23.557
    Description: 
    Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-04-29 06:49:23.551
    Description: 
    Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-04-29 06:49:22.323
    Description: 
    Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-04-29 06:49:22.322
    Description: 
    Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-04-29 06:46:24.693
    Description: 
    Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-04-29 06:46:24.690
    Description: 
    Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-04-29 00:01:38.642
    Description: 
    Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-04-29 00:01:38.641
    Description: 
    Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

    ==================== Información de la memoria =========================== 

    BIOS: American Megatrends Inc. F23f 03/09/2018
    Placa base: Gigabyte Technology Co., Ltd. Z170-Gaming K3-CF
    Procesador: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
    Porcentaje de memoria en uso: 25%
    RAM física total: 16339.64 MB
    RAM física disponible: 12230.53 MB
    Virtual total: 18771.64 MB
    Virtual disponible: 12793.79 MB

    ==================== Unidades ================================

    Drive c: (WINDOWS) (Fixed) (Total:111.19 GB) (Free:38.63 GB) NTFS
    Drive e: (DATOS) (Fixed) (Total:931.51 GB) (Free:605.94 GB) NTFS
    Drive f: (DATOS 2) (Fixed) (Total:74.51 GB) (Free:74.32 GB) NTFS

    \\?\Volume{c445142c-940d-46ed-b815-c2085c0ed6ba}\ (Recuperación) (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS
    \\?\Volume{5e5db68d-75de-479d-81e0-bf5691d71822}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

    ==================== MBR & Tabla de particiones ====================

    ==========================================================
    Disk: 0 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)

    Partition: GPT.

    ==========================================================
    Disk: 1 (Size: 931.5 GB) (Disk ID: 17DE58A3)

    Partition: GPT.

    ==========================================================
    Disk: 2 (Size: 74.5 GB) (Disk ID: 2E222E21)

    Partition: GPT.

    ==================== Final de Addition.txt =======================

Hola @tngs

Paso 1:

Ejecutaste FRST desde un lugar incorrecto:

  • Ejecutado desde C:\

Corta el ejecutable y pegalo en tu escritorio <<< Esto es Muy Importante. (En el escritorio de C:)

Paso 2:

Desinstala con Revo Uninstaller en su Modo Avanzado:

  • Iobit\Driver Booster

Manual de Revo Uninstaller.

Paso 3:

Con mucha atención realiza lo siguiente:

1.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

2.- Desactiva Temporalmente tu antivirus.

3.- Abre un nuevo archivo Notepad/Bloc de Notas y copia y pega este contenido:

Start
CloseProcesses:
CreateRestorePoint:
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.122\Installer\chrmstp.exe [2020-04-23] (Google LLC -> Google LLC)
ask: {77396624-30C9-41A1-A818-FEF089718879} - System32\Tasks\Driver Booster SkipUAC (Gaston) => E:\Iobit\Driver Booster\5.5.1\DriverBooster.exe
Tcpip\..\Interfaces\{a9429496-b59e-44ea-b919-0f5d7e680f20}: [DhcpNameServer] 172.20.10.1
2020-04-28 10:45 - 2020-04-28 10:45 - 000000666 _____ C:\Users\Gaston\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2020-04-28 10:45 - 2020-04-28 10:45 - 000000000 ____D C:\Users\Gaston\AppData\Local\ESET
2020-04-14 16:07 - 2020-04-14 16:07 - 000003646 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Ningún archivo
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Ningún archivo
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Ningún archivo
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Ningún archivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix/Corregir y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

Luego de reiniciar, nos comentas como sigue el equipo.

Salu2.

Hola, que tal paso a informar

Paso 1: Lo puse en C:\ ya que alli tengo alojado mi Windows (Es un SSD que solo tiene el Windows) la carpeta “Escritorio” la movi a D:\ para que no ocupe espacio, anteriormente en otro post me habian dicho que este programa debia ejecutarlo en el disco/particion que tenga el Windows.

Paso 2: No pude encontrar Iobit\Driver Booster en el programa Revo Uninstaller

Paso 3: Pego los logs Fixlog.txt (9,5 KB)

Hola @tngs

Perfecto, solo restaría que comentes como sientes el equipo.

Salu2

Lo siento bien, pero nunca lo senti ‘mal’ solo que me han intentado hackear el IG y otras cuentas me cambiaron la password :smiley:

Hola @tngs

No se ven restos de nada malicioso en tu equipo.

Para eliminar las herramientas utilizadas:

Descargas/Ejecutas >> Delfix, desde tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7 /8 /10,presiona clic derecho y selecciona >> “Ejecutar como Administrador”)
  • Marca las casilla Remove disinfection tools y Purgue Sistem Restore
  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Nos comentas si todo esta en orden para dar por Solucionado el tema.

Salu2.

Hola, ya lo hice. Gracias por tu ayuda. Una duda que tengo es por ejemplo que herramientas deberia usar en un caso similar (que haya bajado algo sospechoso y piense que tengo virus) debo usar los mismos programas ?

Hola @tngs

Si utilizas la Guia de Eliminación y si aun no puedes con el bichejo, vuelves por aquí que seguramente te pediremos algún reporte mas.


Para otros problemas, ya sabes donde encontrarnos. :wink:

Tema Solucionado

Salu2.

1 me gusta