Hola, tengo dudas del proceso ICSant, de hecho no lo puedo terminar. Segun he leido es un virus, pero he aplicado varios programas como malware recomendados en esta pagina y no lo desintalan, volciendo a aparecer en el admnistrador de tareas
Puedes poner captura de donde ves ese proceso?
Si es en administrador de tareas, boton derecho. abrir ubicacion del archivo
Dime la ubicacion y el nombre extacto de ese proceso y ademas,
-
Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.
-
Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits)
¿Cómo saber si mi Windows es de 32 o 64 bits? -
Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Si.
-
En la nueva ventana que se abre, presiona el botón Analizar y espera a que concluya el análisis.
-
Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.
En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST
Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.
La ubicacion del archivo es en disco local C, archivos de programa(x86), digital communications, SAntivirus. Respecto del programa “fabar recovery sacn tool”, no lo puedo instalar y el archivo descargado desaparece
El programa que yo te indico no necesita instalación solo debe ser ejecutado desde el escritorio…
Solamente realiza botón derecho sobre el ejecutable y ejecutar como administrador, desactiva previamente tu antivirus
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 08-07-2020 01
Ejecutado por ADMIN (administrador) sobre DELL (Dell Inc. Inspiron 580s) (08-07-2020 14:13:45)
Ejecutado desde C:\Users\ADMIN\Desktop
Perfiles cargados: ADMIN
Platform: Windows 8.1 (Update) (X64) Idioma: Español (España, internacional)
Navegador predeterminado: FF
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(ITknowledge24.com) [Archivo no firmado] C:\Program Files\ITknowledge24\Windows Defender Status Manager\wdsmgr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17246_none_fa4ae8e99b1f603c\TiWorker.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <6>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Stardock Corporation -> Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(Stardock Corporation -> Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388928 2018-02-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [wdsmgr] => C:\Program Files\ITknowledge24\Windows Defender Status Manager\wdsmgr.exe [164352 2020-07-03] (ITknowledge24.com) [Archivo no firmado]
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2007-10-10] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-2879044780-3802597080-1009392579-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [28990136 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Windows x64\Print Processors\Canon G3000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCW.DLL [30208 2016-03-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor G3000 series: C:\Windows\system32\CNMLMCW.DLL [406528 2016-03-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {032D0DC6-6268-4E40-B075-9A27B7964F34} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\ADMIN\Downloads\esetonlinescanner.exe [14827616 2020-07-08] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {09A77250-1167-419F-9498-0D2362150A34} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-07-01] (Avast Software s.r.o. -> Avast Software)
Task: {0FD24D12-FB7F-4452-9ADF-BA0D2E37D35C} - System32\Tasks\{57A90AC5-9CC0-403C-AF8F-421B8FCFEACF} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\unins000.exe"
Task: {35A43452-D4BF-47CC-AA3A-7847BDED6FAF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4549C67B-6CB0-4027-8FEC-90B19E3EFA43} - System32\Tasks\easyxplore_chk => C:\Users\ADMIN\AppData\Local\Programs\easyxplore\EasyXplore.exe <==== ATENCIÓN
Task: {4A7B6D5B-4F4F-4332-B627-5174398A8C7A} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
Task: {525450B3-7360-4230-92D7-86C08E53233B} - System32\Tasks\easyxploreUpdateTaskUserS-1-5-21-2879044780-3802597080-1009392579-1001Core => C:\Users\ADMIN\AppData\Local\easyxplore\Update\easyxploreUpdate.exe <==== ATENCIÓN
Task: {52711317-4A73-4138-BA59-CDFE72CFAD71} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\ADMIN\Downloads\esetonlinescanner.exe [14827616 2020-07-08] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {5DEFF010-6AA2-4124-BE48-9E71E397C97E} - System32\Tasks\easyxploreUpdateTaskUserS-1-5-21-2879044780-3802597080-1009392579-1001UA => C:\Users\ADMIN\AppData\Local\easyxplore\Update\easyxploreUpdate.exe <==== ATENCIÓN
Task: {802078DF-77A2-4FCF-B9CC-A27E7D6943C7} - System32\Tasks\easyxplore_run => C:\Users\ADMIN\AppData\Local\Programs\easyxplore\EasyXplore.exe <==== ATENCIÓN
Task: {948B11FE-4EA5-436E-8C4C-A47D5F34204E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-02] (Google LLC -> Google LLC)
Task: {9FD87C24-4D75-4D6C-98CE-9DC5E674F6EF} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [124112 2020-06-30] (Mozilla Corporation -> Mozilla Foundation)
Task: {A2355EE0-E080-4786-886B-F7D2AB7C4856} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-02] (Google LLC -> Google LLC)
Task: {C2BFB2C4-3F2B-4CF6-9804-FE1F84924218} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24584376 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C68A5CA2-B2A6-487D-962A-9080B4F6952B} - System32\Tasks\Outbyte\PC Repair\Start PC Repair оn logon => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{0085B45F-F7AE-487D-AAA7-B9C846902E07}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://cl.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1
HKU\S-1-5-21-2879044780-3802597080-1009392579-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://cl.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1
HKU\S-1-5-21-2879044780-3802597080-1009392579-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-cl/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://cl.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://cl.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://cl.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://cl.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2879044780-3802597080-1009392579-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://cl.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2879044780-3802597080-1009392579-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://cl.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Aplicación auxiliar de vínculos de Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2008-05-23] (Microsoft Corporation) [Archivo no firmado]
FireFox:
========
FF DefaultProfile: nxj83lv1.default
FF ProfilePath: C:\Users\ADMIN\AppData\Roaming\Mozilla\Firefox\Profiles\nxj83lv1.default [2020-07-08]
FF ProfilePath: C:\Users\ADMIN\AppData\Roaming\Mozilla\Firefox\Profiles\gwr9dmra.default-release [2020-07-08]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [icmgebopaejnjlncllgmcenbbflikfjd]
CHR HKU\S-1-5-21-2879044780-3802597080-1009392579-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [icmgebopaejnjlncllgmcenbbflikfjd]
CHR HKLM-x32\...\Chrome\Extension: [icmgebopaejnjlncllgmcenbbflikfjd]
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
"SAntivirusIC" => servicio fue desbloqueado. <==== ATENCIÓN
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [6392728 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
S2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [348968 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [142960 2013-03-19] (Stardock Corporation -> Stardock Software, Inc)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-20] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-20] (Microsoft Corporation -> Microsoft Corporation)
S2 SAntivirusIC; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusIC.exe -service [X] <==== ATENCIÓN
S4 SAntivirusSvc; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusService.exe [X] <==== ATENCIÓN
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R3 AmUStor; C:\Windows\system32\drivers\AmUStor.SYS [90560 2017-02-23] (Alcorlink Corp. -> Alcorlink Corp.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37152 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205896 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [235088 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [178768 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [60496 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42784 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175208 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [506152 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
S3 aswNetNd6; C:\Windows\system32\DRIVERS\aswNetNd6.sys [38152 2020-07-01] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109280 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84856 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851608 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [462592 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [216824 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [322256 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
S3 EnigmaFileMonDriver; C:\Windows\System32\drivers\EnigmaFileMonDriver.sys [68424 2020-07-08] (EnigmaSoft Limited -> EnigmaSoft Limited)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [35856 2014-11-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [257880 2014-11-20] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-20] (Microsoft Windows -> Microsoft Corporation)
S0 MBAMSwissArmy; System32\Drivers\mbamswissarmy.sys [X]
S3 ObDrvMonPCRSrv; \??\C:\Program Files (x86)\Outbyte\PC Repair\DrvMonX64.sys [X]
S1 SANTIVIRUSKD; \??\C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusKD.sys [X] <==== ATENCIÓN
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) ===================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-07-08 14:13 - 2020-07-08 14:14 - 000019767 _____ C:\Users\ADMIN\Desktop\FRST.txt
2020-07-08 14:13 - 2020-07-08 14:14 - 000000000 ____D C:\FRST
2020-07-08 14:12 - 2020-07-08 14:12 - 002292736 _____ (Farbar) C:\Users\ADMIN\Desktop\FRST64.exe
2020-07-08 13:38 - 2020-07-08 13:38 - 007455016 _____ (VS Revo Group ) C:\Users\ADMIN\Downloads\revosetup.exe
2020-07-08 13:38 - 2020-07-08 13:38 - 000001010 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2020-07-08 13:38 - 2020-07-08 13:38 - 000001010 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2020-07-08 13:38 - 2020-07-08 13:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2020-07-08 13:38 - 2020-07-08 13:38 - 000000000 ____D C:\Program Files\VS Revo Group
2020-07-08 13:35 - 2020-07-08 13:35 - 000000099 _____ C:\Windows\Reimage.ini
2020-07-08 13:18 - 2020-07-08 13:18 - 000001244 _____ C:\Users\ADMIN\Documents\cc_20200708_131807.reg
2020-07-08 13:01 - 2020-07-08 13:01 - 000022934 _____ C:\Users\ADMIN\Documents\cc_20200708_130124.reg
2020-07-08 13:01 - 2020-07-08 13:01 - 000002360 _____ C:\Users\ADMIN\Documents\cc_20200708_130139.reg
2020-07-08 12:51 - 2020-07-08 12:51 - 000005108 _____ C:\Users\ADMIN\Desktop\scan esset.txt
2020-07-08 12:51 - 2020-07-08 12:51 - 000003700 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn
2020-07-08 12:51 - 2020-07-08 12:51 - 000003260 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime
2020-07-08 11:50 - 2020-07-08 11:50 - 000000754 _____ C:\Users\ADMIN\Desktop\ESET Online Scanner.lnk
2020-07-08 11:49 - 2020-07-08 11:49 - 014827616 _____ (ESET spol. s r.o.) C:\Users\ADMIN\Downloads\esetonlinescanner.exe
2020-07-08 11:38 - 2020-07-08 11:42 - 000000000 ____D C:\FSTool
2020-07-08 11:38 - 2020-07-08 11:38 - 001599815 _____ C:\Users\ADMIN\Downloads\IFS.exe
2020-07-08 11:35 - 2020-07-08 11:37 - 000000000 ____D C:\ProgramData\TEMP
2020-07-08 11:35 - 2020-07-08 11:35 - 004291320 _____ (BrightFort LLC ) C:\Users\ADMIN\Downloads\spywareblastersetup55.exe
2020-07-08 11:35 - 2012-05-02 12:17 - 001070152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2020-07-08 11:35 - 2009-03-24 13:52 - 000129872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSSTDFMT.DLL
2020-07-08 11:31 - 2020-07-08 12:34 - 000000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2020-07-08 11:15 - 2020-07-08 11:15 - 000012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2020-07-08 11:10 - 2020-07-08 11:29 - 000000000 ____D C:\ProgramData\HitmanPro
2020-07-08 11:09 - 2020-07-08 11:09 - 011429976 _____ (SurfRight B.V.) C:\Users\ADMIN\Downloads\hitmanpro_x64.exe
2020-07-08 11:09 - 2020-07-08 11:09 - 002033136 _____ (Malwarebytes ) C:\Users\ADMIN\Downloads\mbae-setup-1.13.1.186.exe
2020-07-08 10:25 - 2020-07-08 10:25 - 120636720 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-07-08 10:25 - 2020-07-08 10:25 - 031414424 _____ (Microsoft Corporation) C:\Users\ADMIN\Downloads\Windows-KB890830-x64-V5.82.exe
2020-07-08 10:21 - 2020-07-08 10:21 - 117472672 ____C (Microsoft Corporation) C:\Windows\SysWOW64\MRT.exe
2020-07-08 10:21 - 2020-07-08 10:21 - 030522408 _____ (Microsoft Corporation) C:\Users\ADMIN\Downloads\Windows-KB890830-V5.82.exe
2020-07-08 01:58 - 2020-07-08 11:24 - 000068424 _____ (EnigmaSoft Limited) C:\Windows\system32\Drivers\EnigmaFileMonDriver.sys
2020-07-08 01:57 - 2020-07-08 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2020-07-08 01:57 - 2020-07-08 01:57 - 006455520 _____ (EnigmaSoft Limited) C:\Users\ADMIN\Downloads\SpyHunter-Installer.exe
2020-07-08 01:57 - 2020-07-08 01:57 - 000000000 ____D C:\sh5ldr
2020-07-08 01:57 - 2020-07-08 01:57 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2020-07-08 01:57 - 2020-07-08 01:57 - 000000000 ____D C:\Program Files\EnigmaSoft
2020-07-08 00:46 - 2020-07-08 00:46 - 000000000 ____D C:\Windows\pss
2020-07-08 00:37 - 2020-07-08 00:38 - 000000000 ____D C:\Users\ADMIN\AppData\LocalLow\IObit
2020-07-08 00:37 - 2020-07-08 00:37 - 000000000 ____D C:\ProgramData\ProductData
2020-07-08 00:37 - 2020-07-08 00:37 - 000000000 ____D C:\Program Files (x86)\IObit
2020-07-08 00:36 - 2020-07-08 00:37 - 000000000 ____D C:\Users\ADMIN\AppData\Roaming\IObit
2020-07-08 00:36 - 2020-07-08 00:37 - 000000000 ____D C:\ProgramData\IObit
2020-07-08 00:33 - 2020-07-08 00:33 - 020569892 _____ C:\Users\ADMIN\Downloads\iobituninstaller.rar
2020-07-07 23:57 - 2020-07-07 23:57 - 051844984 _____ (SUPERAntiSpyware) C:\Users\ADMIN\Downloads\SUPERAntiSpyware.exe
2020-07-07 23:57 - 2020-07-07 23:57 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2020-07-07 23:51 - 2020-07-07 23:51 - 000062956 _____ C:\Users\ADMIN\Documents\cc_20200707_235109.reg
2020-07-07 23:51 - 2020-07-07 23:51 - 000007224 _____ C:\Users\ADMIN\Documents\cc_20200707_235125.reg
2020-07-07 23:47 - 2020-07-07 23:47 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-07-07 23:47 - 2020-07-07 23:47 - 000002800 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-07-07 23:47 - 2020-07-07 23:47 - 000000794 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-07-07 23:47 - 2020-07-07 23:47 - 000000794 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-07-07 23:47 - 2020-07-07 23:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-07-07 23:47 - 2020-07-07 23:47 - 000000000 ____D C:\Program Files\CCleaner
2020-07-07 23:46 - 2020-07-07 23:46 - 025838336 _____ (Piriform Software Ltd) C:\Users\ADMIN\Downloads\ccsetup568.exe
2020-07-07 23:22 - 2020-07-07 23:22 - 000003164 _____ C:\Windows\system32\Tasks\{57A90AC5-9CC0-403C-AF8F-421B8FCFEACF}
2020-07-07 23:11 - 2020-07-07 23:11 - 000000000 ____D C:\ProgramData\Wondershare
2020-07-07 22:54 - 2020-07-07 22:55 - 020503097 _____ C:\Users\ADMIN\Desktop\VERIFICADORES TRABAJO REALIZADO VIAMENSAJE whatsapp 12- 15 mayo 2020.pdf
2020-07-07 22:53 - 2020-07-07 22:54 - 000000000 ____D C:\Users\ADMIN\AppData\Roaming\UDC Profiles
2020-07-07 22:52 - 2020-07-08 10:37 - 000000000 ____D C:\Program Files (x86)\PDF Creator
2020-07-07 22:52 - 2020-07-07 22:52 - 000000000 ___RD C:\Users\ADMIN\Documents\PDF Creator
2020-07-07 22:51 - 2020-07-07 22:51 - 015283216 _____ (PDF Pro Ltd.) C:\Users\ADMIN\Downloads\pdfcreator_26353542412734684.exe
2020-07-07 22:38 - 2020-07-07 22:38 - 000000000 ____D C:\Users\ADMIN\AppData\Local\Wondershare
2020-07-07 22:37 - 2015-08-22 09:42 - 000901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2020-07-07 22:37 - 2015-08-22 09:42 - 000066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:42 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:42 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:42 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:42 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:42 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:42 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:42 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:42 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:42 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:42 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:42 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:42 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:42 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:42 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2020-07-07 22:36 - 2020-07-07 23:15 - 000000000 ____D C:\Users\ADMIN\AppData\Roaming\Wondershare
2020-07-07 22:35 - 2020-07-07 22:35 - 000000000 ____D C:\Program Files (x86)\Wondershare
2020-07-07 22:34 - 2020-07-07 23:15 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2020-07-07 22:34 - 2020-07-07 23:15 - 000000000 ____D C:\ProgramData\Documents\Wondershare
2020-07-07 22:34 - 2020-07-07 22:34 - 001058736 _____ C:\Users\ADMIN\Downloads\pdfelement-pro_setup_full5257.exe
2020-07-07 22:32 - 2020-07-07 22:36 - 027505688 _____ (Geek Software GmbH ) C:\Users\ADMIN\Downloads\pdf24-creator-9.1.1.exe
2020-07-07 22:30 - 2020-07-07 22:30 - 001021531 _____ C:\Users\ADMIN\Downloads\VERIFICADORES TRABAJO REALIZADO VIAMENSAJE whatsapp 1-11 mayo 2020.pdf
2020-07-07 21:55 - 2020-07-07 21:56 - 000000000 ____D C:\Users\ADMIN\AppData\Roaming\santivirusclient
2020-07-07 21:53 - 2020-07-07 23:15 - 000000000 ____D C:\Users\ADMIN\AppData\Local\chromium
2020-07-07 21:53 - 2020-07-07 21:53 - 000003590 _____ C:\Windows\system32\Tasks\easyxplore_chk
2020-07-07 21:53 - 2020-07-07 21:53 - 000002978 _____ C:\Windows\system32\Tasks\easyxplore_run
2020-07-07 21:52 - 2020-07-07 23:31 - 000000000 ____D C:\Users\ADMIN\AppData\Local\easyxplore
2020-07-07 21:52 - 2020-07-07 23:14 - 000000000 ____D C:\Program Files (x86)\Chromium
2020-07-07 21:52 - 2020-07-07 21:52 - 000003548 _____ C:\Windows\system32\Tasks\easyxploreUpdateTaskUserS-1-5-21-2879044780-3802597080-1009392579-1001UA
2020-07-07 21:52 - 2020-07-07 21:52 - 000003276 _____ C:\Windows\system32\Tasks\easyxploreUpdateTaskUserS-1-5-21-2879044780-3802597080-1009392579-1001Core
2020-07-07 21:52 - 2020-07-07 21:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAntivirus
2020-07-07 21:52 - 2020-07-07 21:52 - 000000000 ____D C:\Program Files (x86)\easyxplore
2020-07-07 21:51 - 2020-07-07 21:53 - 000000000 ____D C:\ProgramData\SAntivirus
2020-07-07 21:51 - 2020-07-07 21:51 - 004365055 _____ (www.amrplayer.com ) C:\Users\ADMIN\Downloads\amr_player.exe
2020-07-07 21:44 - 2020-07-07 21:57 - 000000000 ____D C:\Users\ADMIN\Desktop\EVIDENCIAS TELEFONICAS JULIO 2020
2020-07-07 21:43 - 2020-07-07 22:24 - 000000000 ____D C:\Users\ADMIN\Desktop\EVIDENCIAS TELEFONICAS JUNIO 2020
2020-07-07 21:23 - 2020-07-07 21:27 - 000000000 ____D C:\Users\ADMIN\Desktop\EVIDENCIAS WHATSAPP JUNIO 2020
2020-07-07 20:11 - 2020-07-07 20:11 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2020-07-07 00:10 - 2020-07-07 00:10 - 016532111 _____ C:\Users\ADMIN\Downloads\02.-Manejo_de_Praderas_en_Sistemas_de_Produccion_Bovina_y_Ovina.pdf
2020-07-07 00:10 - 2020-07-07 00:10 - 004195792 _____ C:\Users\ADMIN\Downloads\10_PresentacionOscarBalocchi.pdf
2020-07-07 00:03 - 2020-07-07 00:03 - 013028788 _____ C:\Users\ADMIN\Downloads\01.-Manejo_del_Pastoreo.pdf
2020-07-06 23:55 - 2020-07-06 23:55 - 007779604 _____ C:\Users\ADMIN\Downloads\Manejo_sostenible_de_praderas.pdf
2020-07-06 23:54 - 2020-07-06 23:54 - 000919942 _____ C:\Users\ADMIN\Downloads\articles-75613_archivo_01.pdf
2020-07-06 23:54 - 2020-07-06 23:54 - 000498974 _____ C:\Users\ADMIN\Downloads\fam386e.pdf
2020-07-06 23:51 - 2020-07-06 23:51 - 005789420 _____ C:\Users\ADMIN\Downloads\FichaPraderasEnInvierno2013.pdf
2020-07-06 23:51 - 2020-07-06 23:51 - 003165141 _____ C:\Users\ADMIN\Downloads\ficha-pradera-verano.pdf
2020-07-06 23:51 - 2020-07-06 23:51 - 003056602 _____ C:\Users\ADMIN\Downloads\ficha-pradera-otono.pdf
2020-07-06 23:51 - 2020-07-06 23:51 - 000656554 _____ C:\Users\ADMIN\Downloads\ficha-pradera-primavera.pdf
2020-07-06 23:51 - 2020-07-06 23:51 - 000109357 _____ C:\Users\ADMIN\Downloads\tecnicas-de-manejo-de-pastoreo-para-praderas-permanentes.pdf
2020-07-06 23:50 - 2020-07-06 23:50 - 013006071 _____ C:\Users\ADMIN\Downloads\2-Consorcio-Lechero-Frutillar.pdf
2020-07-06 23:50 - 2020-07-06 23:50 - 006220069 _____ C:\Users\ADMIN\Downloads\manejo-de-pastoreo-INDAP-2017.pdf
2020-07-06 23:50 - 2020-07-06 23:50 - 005508668 _____ C:\Users\ADMIN\Downloads\fertilizacion-otono(1).pdf
2020-07-06 23:50 - 2020-07-06 23:50 - 004923934 _____ C:\Users\ADMIN\Downloads\09-sep-2013-manejo-pastoreo-primavera-balocchi.pdf
2020-07-06 23:50 - 2020-07-06 23:50 - 001853256 _____ C:\Users\ADMIN\Downloads\1-Charla-Manejo-del-Pastoreo-Invernal-PG.pdf
2020-07-06 23:27 - 2020-07-06 23:27 - 024939055 _____ C:\Users\ADMIN\Downloads\Manejo-sustentable-de-praderas-Paulina-Etcheverria.pdf
2020-07-06 23:27 - 2020-07-06 23:27 - 020680976 _____ C:\Users\ADMIN\Downloads\11-Fertilizacion-de-Praderas-y-Pasturas.pdf
2020-07-06 23:27 - 2020-07-06 23:27 - 000894286 _____ C:\Users\ADMIN\Downloads\Guia-de-fertilizacion-completa.pdf
2020-07-06 23:27 - 2020-07-06 23:27 - 000686114 _____ C:\Users\ADMIN\Downloads\11_Charla_Dante_Pinochet.pdf
2020-07-06 23:27 - 2020-07-06 23:27 - 000431923 _____ C:\Users\ADMIN\Downloads\INFORMATIVO-76-2015CLAVES-PARA-ESTABLECIMIENTO-DE-PRADERAS-OVINOS.pdf
2020-07-06 23:26 - 2020-07-06 23:26 - 017786644 _____ C:\Users\ADMIN\Downloads\presentacion-praderas-en-otono-temuco-y-los-angeles.pdf
2020-07-06 23:26 - 2020-07-06 23:26 - 005508668 _____ C:\Users\ADMIN\Downloads\fertilizacion-otono.pdf
2020-07-06 23:26 - 2020-07-06 23:26 - 000588452 _____ C:\Users\ADMIN\Downloads\NR33835.pdf
2020-07-06 14:50 - 2020-07-06 14:50 - 000179577 _____ C:\Users\ADMIN\Downloads\TL4712_40889437.PDF
2020-07-06 01:59 - 2020-07-06 01:59 - 000180178 _____ C:\Users\ADMIN\Downloads\WB4458_40889456.PDF
2020-07-05 19:17 - 2020-07-05 19:17 - 000000000 ____D C:\Users\ADMIN\AppData\LocalLow\Temp
2020-07-04 02:01 - 2020-07-04 02:01 - 000001148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk
2020-07-04 02:01 - 2020-07-04 02:01 - 000001142 _____ C:\Users\Public\Desktop\BS.Player FREE.lnk
2020-07-04 02:01 - 2020-07-04 02:01 - 000001142 _____ C:\ProgramData\Desktop\BS.Player FREE.lnk
2020-07-04 02:01 - 2020-07-04 02:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player
2020-07-04 02:00 - 2020-07-04 02:02 - 000000000 ____D C:\Users\ADMIN\AppData\Roaming\BSplayer
2020-07-04 02:00 - 2020-07-04 02:00 - 011256936 _____ C:\Users\ADMIN\Downloads\bsplayer275.setup.exe
2020-07-04 02:00 - 2020-07-04 02:00 - 000000000 ____D C:\Users\ADMIN\AppData\Roaming\BSplayer Pro
2020-07-04 02:00 - 2020-07-04 02:00 - 000000000 ____D C:\Program Files (x86)\Webteh
2020-07-04 01:57 - 2020-07-04 02:01 - 000000000 ____D C:\Users\ADMIN\Downloads\Condor.S02E04.iNTERNAL.720p.HDTV.x264-SFM[rarbg]
2020-07-04 01:57 - 2020-07-04 02:00 - 000000000 ____D C:\Users\ADMIN\Downloads\Condor.S02E05.Out.Of.His.Exile.1080p.CMOR.WEBRip.AAC2.0.x264-JETIX[rartv]
2020-07-04 01:56 - 2020-07-04 01:56 - 000000000 ____D C:\Users\ADMIN\Downloads\The.Outpost.2020.1080p.WEBRip.AAC5.1.x264-CM
2020-07-03 15:55 - 2020-07-03 15:55 - 000000000 ____D C:\Program Files\ITknowledge24
2020-07-03 15:53 - 2020-07-03 15:53 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer
2020-07-03 15:53 - 2020-07-03 15:53 - 000000000 ____D C:\Program Files\Reference Assemblies
2020-07-03 15:53 - 2020-07-03 15:53 - 000000000 ____D C:\Program Files\MSBuild
2020-07-03 15:53 - 2020-07-03 15:53 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2020-07-03 15:52 - 2013-08-03 00:48 - 001166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2020-07-03 15:52 - 2013-08-03 00:48 - 000124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2020-07-03 15:52 - 2013-08-03 00:48 - 000035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2020-07-03 15:52 - 2013-08-03 00:41 - 000778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2020-07-03 15:52 - 2013-08-03 00:41 - 000102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2020-07-03 15:52 - 2013-08-03 00:41 - 000035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2020-07-03 15:24 - 2020-07-05 01:07 - 000000000 ____D C:\Users\ADMIN\AppData\Roaming\qBittorrent
2020-07-03 15:24 - 2020-07-03 15:24 - 000000000 ____D C:\Users\ADMIN\AppData\Local\qBittorrent
2020-07-03 15:24 - 2020-07-03 15:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2020-07-03 15:24 - 2020-07-03 15:24 - 000000000 ____D C:\Program Files\qBittorrent
2020-07-02 21:19 - 2020-07-02 21:19 - 025981603 _____ (The qBittorrent project) C:\Users\ADMIN\Downloads\qbittorrent_4.2.5_x64_setup.exe
2020-07-02 20:24 - 2020-07-02 20:24 - 000000000 ____D C:\Users\ADMIN\AppData\LocalLow\Google
2020-07-02 20:20 - 2020-07-07 22:52 - 000000000 ____D C:\ProgramData\Package Cache
2020-07-02 20:19 - 2020-07-02 20:19 - 014572000 _____ (Microsoft Corporation) C:\Users\ADMIN\Downloads\vc_redist.x64.exe
2020-07-02 20:17 - 2020-07-02 20:17 - 000000000 ____D C:\Windows\system32\Tasks\Outbyte
2020-07-02 20:13 - 2020-07-02 20:13 - 000002156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2020-07-02 20:13 - 2020-07-02 20:13 - 000002144 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2020-07-02 20:13 - 2020-07-02 20:13 - 000002144 _____ C:\ProgramData\Desktop\Google Earth Pro.lnk
2020-07-02 20:12 - 2020-07-08 10:41 - 000000000 ____D C:\Program Files (x86)\Google
2020-07-02 20:12 - 2020-07-02 20:12 - 001295576 _____ (Google LLC) C:\Users\ADMIN\Downloads\GoogleEarthProSetup(1).exe
2020-07-02 20:12 - 2020-07-02 20:12 - 000003472 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-07-02 20:12 - 2020-07-02 20:12 - 000003344 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-07-02 20:12 - 2020-07-02 20:12 - 000000000 ____D C:\Program Files\Google
2020-07-02 20:10 - 2020-07-08 10:41 - 000000000 ____D C:\Users\ADMIN\AppData\Local\Google
2020-07-02 20:10 - 2020-07-02 20:10 - 001295576 _____ (Google LLC) C:\Users\ADMIN\Downloads\GoogleEarthProSetup.exe
2020-07-02 15:13 - 2020-07-08 13:00 - 000000000 ____D C:\Users\ADMIN\AppData\Local\CrashDumps
2020-07-02 01:46 - 2020-07-02 21:08 - 000011557 _____ C:\Users\ADMIN\Desktop\Copia de FIRMAS DEPROYECTOS.xlsx
2020-07-01 23:42 - 2020-07-01 23:42 - 000000000 ___HD C:\ProgramData\CanonBJ
2020-07-01 23:42 - 2020-07-01 23:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2020-07-01 23:42 - 2020-07-01 23:42 - 000000000 ____D C:\Program Files (x86)\Canon
2020-07-01 23:42 - 2015-03-24 15:09 - 000088832 _____ C:\Windows\SysWOW64\CNC1794D.TBL
2020-07-01 23:42 - 2015-03-24 15:09 - 000088832 _____ C:\Windows\system32\CNC1794D.TBL
2020-07-01 23:42 - 2015-01-29 15:35 - 000312320 _____ (CANON INC.) C:\Windows\system32\CNC_CWC.dll
2020-07-01 23:42 - 2015-01-29 15:35 - 000123392 _____ (CANON INC.) C:\Windows\system32\CNC_CWI.dll
2020-07-01 23:42 - 2015-01-29 11:23 - 000387584 _____ (CANON INC.) C:\Windows\system32\CNC_CWL.dll
2020-07-01 23:42 - 2015-01-29 11:22 - 000353792 _____ (CANON INC.) C:\Windows\SysWOW64\CNC_CWL.dll
2020-07-01 23:42 - 2008-08-25 18:02 - 000017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll
2020-07-01 23:42 - 2008-08-25 18:02 - 000015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2020-07-01 23:41 - 2020-07-01 23:42 - 000000000 ___HD C:\Program Files\CanonBJ
2020-07-01 23:41 - 2020-07-01 23:41 - 038714248 _____ C:\Users\ADMIN\Downloads\mp68-win-g3000-1_02-ea34_2.exe
2020-07-01 23:41 - 2016-03-21 05:00 - 000406528 _____ (CANON INC.) C:\Windows\system32\CNMLMCW.DLL
2020-07-01 23:24 - 2020-07-01 23:24 - 000000000 ___SD C:\Users\ADMIN\Documents\Mis archivos de origen de datos
2020-07-01 18:29 - 2020-07-01 18:29 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2020-07-01 17:50 - 2020-04-01 19:49 - 000744808 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2020-07-01 17:35 - 2020-07-01 17:24 - 000335976 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-07-01 17:32 - 2020-07-01 17:32 - 000000000 ____D C:\Users\ADMIN\AppData\Local\mbam
2020-07-01 17:31 - 2020-07-01 17:31 - 002012560 _____ (Malwarebytes) C:\Users\ADMIN\Downloads\MBSetup.exe
2020-07-01 17:24 - 2020-07-01 17:25 - 000506152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-07-01 17:24 - 2020-07-01 17:25 - 000462592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-07-01 17:24 - 2020-07-01 17:25 - 000322256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-07-01 17:24 - 2020-07-01 17:24 - 000851608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-07-01 17:24 - 2020-07-01 17:24 - 000235088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-07-01 17:24 - 2020-07-01 17:24 - 000216824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-07-01 17:24 - 2020-07-01 17:24 - 000205896 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-07-01 17:24 - 2020-07-01 17:24 - 000178768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-07-01 17:24 - 2020-07-01 17:24 - 000175208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-07-01 17:24 - 2020-07-01 17:24 - 000109280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-07-01 17:24 - 2020-07-01 17:24 - 000084856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-07-01 17:24 - 2020-07-01 17:24 - 000060496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-07-01 17:24 - 2020-07-01 17:24 - 000042784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-07-01 17:24 - 2020-07-01 17:24 - 000038152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetNd6.sys
2020-07-01 17:24 - 2020-07-01 17:24 - 000037152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-07-01 17:24 - 2020-07-01 17:24 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2020-07-01 17:24 - 2020-07-01 17:24 - 000000000 ____D C:\Program Files\Avast Software
2020-07-01 17:02 - 2020-07-01 17:02 - 010709184 _____ (AVAST Software) C:\Users\ADMIN\Downloads\avastclear.exe
2020-07-01 16:59 - 2020-07-01 16:59 - 000233080 _____ (AVAST Software) C:\Users\ADMIN\Downloads\avast_internet_security_setup_online(2).exe
2020-07-01 16:51 - 2020-07-01 16:52 - 000003088 _____ C:\Users\ADMIN\Documents\online scaner con esset.txt
2020-07-01 16:04 - 2020-07-08 12:57 - 000000000 ____D C:\Users\ADMIN\AppData\Local\ESET
2020-07-01 14:55 - 2020-07-01 14:55 - 000231144 _____ (AVAST Software) C:\Users\ADMIN\Downloads\avast_free_antivirus_setup_online.exe
2020-07-01 14:54 - 2020-07-01 14:54 - 000233192 _____ (AVAST Software) C:\Users\ADMIN\Downloads\avast_internet_security_setup_online(1).exe
2020-07-01 14:46 - 2020-07-08 14:08 - 000000000 _____ C:\Windows\system32\last.dump
2020-07-01 14:43 - 2020-07-01 14:43 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2020-07-01 14:41 - 2020-07-01 17:23 - 000000000 ____D C:\ProgramData\Avast Software
2020-07-01 14:41 - 2020-07-01 14:41 - 000233192 _____ (AVAST Software) C:\Users\ADMIN\Downloads\avast_internet_security_setup_online.exe
2020-07-01 14:07 - 2020-07-08 14:11 - 000000000 ____D C:\Users\ADMIN\AppData\LocalLow\Mozilla
2020-07-01 14:07 - 2020-07-01 14:07 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-07-01 14:07 - 2020-07-01 14:07 - 000000936 _____ C:\Users\Public\Desktop\Firefox.lnk
2020-07-01 14:07 - 2020-07-01 14:07 - 000000936 _____ C:\ProgramData\Desktop\Firefox.lnk
2020-07-01 14:07 - 2020-07-01 14:07 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2020-07-01 14:07 - 2020-07-01 14:07 - 000000000 ____D C:\Users\ADMIN\AppData\Roaming\Mozilla
2020-07-01 14:07 - 2020-07-01 14:07 - 000000000 ____D C:\Users\ADMIN\AppData\Local\Mozilla
2020-07-01 14:07 - 2020-07-01 14:07 - 000000000 ____D C:\ProgramData\Mozilla
2020-07-01 14:07 - 2020-07-01 14:07 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-07-01 14:07 - 2020-07-01 14:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-07-01 14:05 - 2020-07-01 14:05 - 000000000 ____D C:\Program Files (x86)\Intel
2020-07-01 14:05 - 2020-07-01 14:05 - 000000000 ____D C:\Intel
2020-07-01 12:40 - 2020-07-08 09:58 - 000003962 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{AC9FF56D-0D4B-4C3D-BE43-42B5A27FBBC9}
2020-07-01 12:40 - 2020-07-01 12:40 - 000000000 __SHD C:\Users\ADMIN\AppData\LocalLow\EmieUserList
2020-07-01 12:40 - 2020-07-01 12:40 - 000000000 __SHD C:\Users\ADMIN\AppData\LocalLow\EmieSiteList
2020-07-01 12:40 - 2020-07-01 12:40 - 000000000 __SHD C:\Users\ADMIN\AppData\LocalLow\EmieBrowserModeList
2020-07-01 12:40 - 2020-07-01 12:40 - 000000000 __SHD C:\Users\ADMIN\AppData\Local\EmieUserList
2020-07-01 12:40 - 2020-07-01 12:40 - 000000000 __SHD C:\Users\ADMIN\AppData\Local\EmieSiteList
2020-07-01 12:40 - 2020-07-01 12:40 - 000000000 __SHD C:\Users\ADMIN\AppData\Local\EmieBrowserModeList
2020-07-01 12:40 - 2020-07-01 12:40 - 000000000 ____D C:\Users\ADMIN\AppData\Roaming\Macromedia
2020-07-01 11:10 - 2020-07-01 16:49 - 000000000 ____D C:\Program Files\KMSpico
2020-07-01 11:10 - 2020-07-01 16:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2020-07-01 11:10 - 2020-07-01 11:10 - 000000000 ____D C:\Users\Public\Documents\Stardock
2020-07-01 11:10 - 2020-07-01 11:10 - 000000000 ____D C:\Users\ADMIN\AppData\Roaming\WinRAR
2020-07-01 11:10 - 2020-07-01 11:10 - 000000000 ____D C:\ProgramData\Stardock
2020-07-01 11:10 - 2020-07-01 11:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2020-07-01 11:10 - 2020-07-01 11:10 - 000000000 ____D C:\ProgramData\Documents\Stardock
2020-07-01 11:10 - 2020-07-01 11:10 - 000000000 ____D C:\Program Files (x86)\Stardock
2020-07-01 11:10 - 2010-12-05 22:16 - 000090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll
2020-07-01 11:08 - 2020-07-01 11:08 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2020-07-01 11:08 - 2020-07-01 11:08 - 000000000 ____D C:\Program Files\Realtek
2020-07-01 11:08 - 2018-02-07 17:11 - 000532344 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2020-07-01 11:08 - 2018-02-07 17:11 - 000221928 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2020-07-01 11:08 - 2018-02-07 17:11 - 000209496 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2020-07-01 11:08 - 2018-02-07 17:11 - 000166168 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2020-07-01 11:08 - 2018-02-07 17:09 - 003452120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2020-07-01 11:08 - 2018-02-07 17:09 - 000392840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2020-07-01 11:08 - 2018-02-07 17:09 - 000343672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2020-07-01 11:08 - 2018-02-07 17:09 - 000192944 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2020-07-01 11:08 - 2018-02-07 17:09 - 000116504 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2020-07-01 11:08 - 2018-02-07 17:09 - 000093864 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2020-07-01 11:08 - 2018-02-07 17:08 - 006158784 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2020-07-01 11:08 - 2018-02-07 17:08 - 003677120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2020-07-01 11:08 - 2018-02-07 17:08 - 003632456 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2020-07-01 11:08 - 2018-02-07 17:08 - 003214672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2020-07-01 11:08 - 2018-02-07 17:08 - 001353288 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2020-07-01 11:08 - 2018-02-07 17:08 - 000691648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2020-07-01 11:08 - 2018-02-07 17:08 - 000327240 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2020-07-01 11:08 - 2018-02-07 17:08 - 000327232 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2020-07-01 11:08 - 2018-02-07 17:08 - 000220352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2020-07-01 11:08 - 2018-02-07 17:08 - 000023656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2020-07-01 11:08 - 2018-02-07 17:07 - 002939728 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2020-07-01 11:08 - 2018-02-07 17:07 - 000122280 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2020-07-01 11:08 - 2018-02-07 12:36 - 015971993 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2020-07-01 11:08 - 2013-10-29 17:15 - 000458960 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\k57nd60a.sys
2020-07-01 11:07 - 2017-07-09 16:25 - 000480800 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2020-07-01 11:06 - 2017-02-23 21:19 - 001083424 _____ C:\Windows\system32\AmRdrIco.icl
2020-07-01 11:06 - 2017-02-23 21:19 - 000090560 _____ (Alcorlink Corp.) C:\Windows\system32\Drivers\AmUStor.sys
2020-07-01 11:06 - 2017-02-23 21:19 - 000018464 _____ (Alcorlink Corp.) C:\Windows\system32\AmUStor2.dll
2020-07-01 11:06 - 2017-02-23 21:19 - 000005115 _____ C:\Windows\system32\AmUStor.ini
2020-07-01 11:06 - 2017-02-23 21:19 - 000000124 _____ C:\Windows\system32\VendorCmd6485_SetSSC.bin
2020-07-01 11:06 - 2017-02-23 21:19 - 000000032 _____ C:\Windows\system32\VendorCmd6485.bin
2020-07-01 11:06 - 2017-02-23 21:19 - 000000008 _____ C:\Windows\system32\CardDetect6485.bin
2020-07-01 11:05 - 2020-07-01 11:05 - 000000000 ____D C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-07-01 11:05 - 2020-07-01 11:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-07-01 11:05 - 2020-07-01 11:05 - 000000000 ____D C:\Program Files (x86)\WinRAR
2020-07-01 11:04 - 2020-07-05 11:51 - 000000000 ____D C:\Users\ADMIN\AppData\Local\Adobe
2020-07-01 11:04 - 2020-07-01 11:04 - 000002046 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 8.lnk
2020-07-01 11:04 - 2020-07-01 11:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2020-07-01 11:04 - 2020-07-01 11:04 - 000000000 ____D C:\ProgramData\Adobe
2020-07-01 11:04 - 2020-07-01 11:04 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2020-07-01 11:04 - 2020-07-01 11:04 - 000000000 ____D C:\Program Files (x86)\Adobe
2020-07-01 11:04 - 2007-12-24 13:49 - 000007680 _____ C:\Windows\SysWOW64\ff_vfw.dll
2020-07-01 11:04 - 2007-12-04 02:33 - 000682496 _____ (DivX, Inc.) C:\Windows\SysWOW64\divx.dll
2020-07-01 11:04 - 2007-11-29 23:30 - 003596288 _____ C:\Windows\SysWOW64\qt-dx331.dll
2020-07-01 11:04 - 2007-11-29 23:28 - 000081920 _____ (DivX, Inc.) C:\Windows\SysWOW64\dpl100.dll
2020-07-01 11:04 - 2007-10-03 16:03 - 000000414 _____ C:\Windows\SysWOW64\lame_acm.xml
2020-07-01 11:04 - 2007-09-21 01:52 - 000118784 _____ (fccHandler) C:\Windows\SysWOW64\ac3acm.acm
2020-07-01 11:04 - 2007-09-04 17:56 - 000164352 _____ C:\Windows\SysWOW64\unrar.dll
2020-07-01 11:04 - 2007-07-25 14:24 - 001559040 _____ C:\Windows\SysWOW64\xvidcore.dll
2020-07-01 11:04 - 2007-07-10 17:10 - 000000547 _____ C:\Windows\SysWOW64\ff_vfw.dll.manifest
2020-07-01 11:04 - 2007-03-10 12:51 - 000282624 _____ C:\Windows\SysWOW64\xvidvfw.dll
2020-07-01 11:04 - 2006-09-24 16:11 - 000389120 _____ (hxxp://www.mp3dev.org/) C:\Windows\SysWOW64\lameACM.acm
2020-07-01 11:04 - 2004-01-25 17:18 - 000217088 _____ (www.helixcommunity.org) C:\Windows\SysWOW64\yv12vfw.dll
2020-07-01 11:04 - 2004-01-11 23:00 - 000348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2020-07-01 11:02 - 2020-07-01 11:02 - 000000000 ____D C:\Windows\system32\Tasks\OfficeSoftwareProtectionPlatform
2020-07-01 11:02 - 2020-07-01 11:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2020-07-01 11:02 - 2020-07-01 11:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2020-07-01 11:02 - 2020-07-01 11:02 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2020-07-01 11:01 - 2020-07-08 14:11 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2879044780-3802597080-1009392579-1001
2020-07-01 11:01 - 2020-07-03 15:53 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-07-01 11:01 - 2020-07-01 11:01 - 000000000 ____D C:\Windows\PCHEALTH
2020-07-01 11:01 - 2020-07-01 11:01 - 000000000 ____D C:\Program Files\Microsoft Sync Framework
2020-07-01 11:00 - 2020-07-01 11:01 - 000000000 ____D C:\Program Files\Microsoft Office
2020-07-01 11:00 - 2020-07-01 11:00 - 000000000 __RHD C:\MSOCache
2020-07-01 11:00 - 2020-07-01 11:00 - 000000000 ____D C:\Users\ADMIN\AppData\Local\Microsoft Help
2020-07-01 11:00 - 2020-07-01 11:00 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2020-07-01 11:00 - 2020-07-01 11:00 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2020-07-01 11:00 - 2020-07-01 11:00 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-07-01 11:00 - 2020-07-01 11:00 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2020-07-01 10:56 - 2020-07-05 11:51 - 000000000 ____D C:\Users\ADMIN\AppData\Roaming\Adobe
2020-07-01 10:56 - 2020-07-01 11:04 - 000000000 ____D C:\Users\ADMIN\AppData\Local\VirtualStore
2020-07-01 10:56 - 2020-07-01 10:56 - 000001430 _____ C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2020-07-01 10:56 - 2020-07-01 10:56 - 000000000 ____D C:\Windows\system32\Tasks\WPD
2020-07-01 10:55 - 2020-07-08 13:51 - 000000000 ____D C:\Users\ADMIN
2020-07-01 10:55 - 2020-07-03 17:22 - 000000000 ____D C:\Users\ADMIN\AppData\Local\Packages
2020-07-01 10:55 - 2020-07-01 10:55 - 000000020 ___SH C:\Users\ADMIN\ntuser.ini
2020-07-01 10:55 - 2020-07-01 10:55 - 000000000 _SHDL C:\Users\ADMIN\Reciente
2020-07-01 10:55 - 2020-07-01 10:55 - 000000000 _SHDL C:\Users\ADMIN\Plantillas
2020-07-01 10:55 - 2020-07-01 10:55 - 000000000 _SHDL C:\Users\ADMIN\Mis documentos
2020-07-01 10:55 - 2020-07-01 10:55 - 000000000 _SHDL C:\Users\ADMIN\Menú Inicio
2020-07-01 10:55 - 2020-07-01 10:55 - 000000000 _SHDL C:\Users\ADMIN\Impresoras
2020-07-01 10:55 - 2020-07-01 10:55 - 000000000 _SHDL C:\Users\ADMIN\Entorno de red
2020-07-01 10:55 - 2020-07-01 10:55 - 000000000 _SHDL C:\Users\ADMIN\Documents\Mis vídeos
2020-07-01 10:55 - 2020-07-01 10:55 - 000000000 _SHDL C:\Users\ADMIN\Documents\Mis imágenes
2020-07-01 10:55 - 2020-07-01 10:55 - 000000000 _SHDL C:\Users\ADMIN\Documents\Mi música
2020-07-01 10:55 - 2020-07-01 10:55 - 000000000 _SHDL C:\Users\ADMIN\Datos de programa
2020-07-01 10:55 - 2020-07-01 10:55 - 000000000 _SHDL C:\Users\ADMIN\Configuración local
2020-07-01 10:55 - 2020-07-01 10:55 - 000000000 _SHDL C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2020-07-01 10:55 - 2020-07-01 10:55 - 000000000 _SHDL C:\Users\ADMIN\AppData\Local\Historial
2020-07-01 10:55 - 2020-07-01 10:55 - 000000000 _SHDL C:\Users\ADMIN\AppData\Local\Datos de programa
2020-07-01 10:55 - 2020-07-01 10:55 - 000000000 _SHDL C:\Users\ADMIN\AppData\Local\Archivos temporales de Internet
2020-07-01 10:55 - 2014-11-20 22:20 - 000000369 _____ C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2020-07-01 10:55 - 2014-11-20 22:20 - 000000369 _____ C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Public\Documents\Mis vídeos
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Public\Documents\Mis imágenes
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Public\Documents\Mi música
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default\Reciente
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default\Plantillas
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default\Mis documentos
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default\Menú Inicio
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default\Impresoras
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default\Entorno de red
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default\Documents\Mis vídeos
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default\Documents\Mis imágenes
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default\Documents\Mi música
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default\Datos de programa
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default\Configuración local
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default\AppData\Local\Historial
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default\AppData\Local\Datos de programa
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default\AppData\Local\Archivos temporales de Internet
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default User\Reciente
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default User\Plantillas
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default User\Mis documentos
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default User\Menú Inicio
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default User\Impresoras
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default User\Entorno de red
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default User\Documents\Mis vídeos
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default User\Documents\Mis imágenes
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default User\Documents\Mi música
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default User\Datos de programa
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default User\Configuración local
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Historial
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Datos de programa
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Archivos temporales de Internet
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\ProgramData\Plantillas
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\ProgramData\Menú Inicio
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\ProgramData\Escritorio
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\ProgramData\Documents\Mis vídeos
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\ProgramData\Documents\Mis imágenes
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\ProgramData\Documents\Mi música
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\ProgramData\Documentos
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\ProgramData\Datos de programa
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Program Files\Archivos comunes
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Archivos de programa
2020-07-01 10:51 - 2020-07-01 10:51 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2020-07-01 05:50 - 2020-07-07 23:49 - 000000000 ____D C:\Windows\Panther
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-07-08 14:06 - 2013-08-22 10:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-07-08 12:57 - 2013-08-22 09:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2020-07-08 11:11 - 2014-11-20 22:13 - 001829802 _____ C:\Windows\system32\PerfStringBackup.INI
2020-07-08 11:11 - 2014-11-20 21:24 - 000809912 _____ C:\Windows\system32\perfh00A.dat
2020-07-08 11:11 - 2014-11-20 21:24 - 000166708 _____ C:\Windows\system32\perfc00A.dat
2020-07-08 11:11 - 2013-08-22 09:36 - 000000000 ____D C:\Windows\Inf
2020-07-08 00:31 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\system32\NDF
2020-07-07 23:09 - 2013-08-22 10:44 - 000495408 _____ C:\Windows\system32\FNTCACHE.DAT
2020-07-07 22:38 - 2013-08-22 11:20 - 000000000 ____D C:\Windows\CbsTemp
2020-07-05 12:04 - 2013-08-22 11:36 - 000000000 ___HD C:\Program Files\WindowsApps
2020-07-05 12:04 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\AppReadiness
2020-07-04 03:03 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\rescache
2020-07-03 15:53 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\SysWOW64\MUI
2020-07-03 15:53 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\system32\MUI
2020-07-01 23:42 - 2013-08-22 11:36 - 000000000 __RSD C:\Windows\Media
2020-07-01 17:51 - 2013-08-22 09:25 - 000262144 ___SH C:\Windows\system32\config\ELAM
2020-07-01 11:10 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-07-01 11:02 - 2013-08-22 11:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-07-01 11:00 - 2014-11-20 21:51 - 000000000 ____D C:\Windows\ShellNew
2020-07-01 11:00 - 2013-08-22 11:36 - 000000000 ____D C:\Program Files\Common Files\System
2020-07-01 11:00 - 2013-08-22 09:25 - 000000167 _____ C:\Windows\win.ini
2020-07-01 10:53 - 2013-08-22 11:36 - 000000000 ____D C:\Program Files\Windows NT
2020-07-01 05:50 - 2013-08-22 11:36 - 000262144 _____ C:\Windows\system32\config\BCD-Template
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
==================== Final de FRST.txt ========================Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 08-07-2020 01
Ejecutado por ADMIN (08-07-2020 14:14:53)
Ejecutado desde C:\Users\ADMIN\Desktop
Windows 8.1 (Update) (X64) (2020-07-01 14:55:41)
Modo de Inicio: Normal
==========================================================
==================== Cuentas: =============================
ADMIN (S-1-5-21-2879044780-3802597080-1009392579-1001 - Administrator - Enabled) => C:\Users\ADMIN
Administrador (S-1-5-21-2879044780-3802597080-1009392579-500 - Administrator - Enabled)
Invitado (S-1-5-21-2879044780-3802597080-1009392579-501 - Limited - Disabled)
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
Adobe Reader 8.1.1 - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-A81000000003}) (Version: 8.1.1 - Adobe Systems Incorporated)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.75.1089 - AB Team, d.o.o.)
Canon G3000 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_G3000_series) (Version: 1.02 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.68 - Piriform)
Compresor WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
Google Earth Pro (HKLM\...\{7E57D9AD-0F6E-45BD-9CBB-CDA35343510E}) (Version: 7.3.3.7721 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
K-Lite Codec Pack 3.6.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 3.6.5 - )
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27024 (HKLM-x32\...\{2ff11a2a-f7ac-4a6c-8cd4-c7bb974f3642}) (Version: 14.16.27024.1 - Microsoft Corporation)
Mozilla Firefox 78.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 78.0.1 (x64 es-ES)) (Version: 78.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.0.1 - Mozilla)
qBittorrent 4.2.5 (HKLM-x32\...\qBittorrent) (Version: 4.2.5 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8366 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.1.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.5 - VS Revo Group, Ltd.)
Stardock Start8 (HKLM\...\Start8_is1) (Version: 1.30.1 - Stardock Software, Inc.)
Packages:
=========
Juegos -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-11-21] (Microsoft Corporation) [MS Ad]
MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2020-07-04] (Microsoft Corporation) [MS Ad]
MSN Dinero -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2020-07-02] (Microsoft Corporation) [MS Ad]
MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2020-07-04] (Microsoft Corporation) [MS Ad]
MSN Noticias -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2020-07-02] (Microsoft Corporation) [MS Ad]
MSN Recetas -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2020-07-02] (Microsoft Corporation) [MS Ad]
MSN Salud -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2020-07-02] (Microsoft Corporation) [MS Ad]
MSN Viajes -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2020-07-02] (Microsoft Corporation) [MS Ad]
Música -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2020-07-02] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2020-07-02] (Skype) [MS Ad]
Vídeo -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2020-07-02] (Microsoft Corporation) [MS Ad]
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6722448 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-07-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-07-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PeContextMenuExtension] -> {098A124A-AA1C-38C8-A65E-D1199A14516A} => C:\Program Files (x86)\Common Files\Wondershare\PDFelement\AddIns\PEShellExt_x64.dll [2020-07-01] (Wondershare Technology Co.,Ltd -> Wondershare)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2007-09-21] () [Archivo no firmado]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-09-21] () [Archivo no firmado]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-07-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2007-09-21] () [Archivo no firmado]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-09-21] () [Archivo no firmado]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-07-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2007-09-21] () [Archivo no firmado]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-09-21] () [Archivo no firmado]
==================== Codecs (Lista blanca) ====================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Drivers32: [VIDC.DIVX] => C:\Windows\SysWOW64\divx.dll [682496 2007-12-04] (DivX, Inc.) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [282624 2007-03-10] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.YV12] => C:\Windows\SysWOW64\yv12vfw.dll [217088 2004-01-25] (www.helixcommunity.org) [Archivo no firmado]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [118784 2007-09-21] (fccHandler) [Archivo no firmado]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [389120 2006-09-24] (hxxp://www.mp3dev.org/) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [7680 2007-12-24] () [Archivo no firmado]
==================== Accesos directos & WMI ========================
==================== Módulos cargados (Lista blanca) =============
2020-07-01 11:05 - 2007-09-21 10:00 - 000043008 _____ () [Archivo no firmado] C:\Program Files (x86)\WinRAR\rarext64.dll
2020-07-01 11:10 - 2013-10-17 17:49 - 000906864 _____ (Stardock Corporation -> Stardock Software, Inc) [Archivo no firmado] C:\Program Files (x86)\Stardock\Start8\Start8_64.dll
2020-07-01 11:10 - 2013-03-19 23:08 - 000133384 _____ (Stardock Corporation -> Stardock Software, Inc) [Archivo no firmado] C:\Program Files (x86)\Stardock\Start8\Start8Shell64.dll
2020-07-07 22:38 - 2020-03-21 17:16 - 000099840 _____ (Wondershare) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\Common Files\Wondershare\PDFelement\AddIns\PEShellBase.dll
2020-07-07 22:38 - 2020-03-30 17:21 - 000432128 _____ (Wondershare) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\Common Files\Wondershare\PDFelement\AddIns\PEShellBusiness.dll
==================== Alternate Data Streams (Lista blanca) ========
(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125]
==================== Modo Seguro (Lista blanca) ==================
==================== Asociación (Lista blanca) =================Vamos a poner orden en este pc que esta bastante desastre.
Primero hay restos de Avast, que no se ha desinstalado
Ejecuta su herramienta como se indica
Spyhunter es un falso antivirus, que veo que has usado y hay restos importantes…ya los eliminamos
Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :
-
Para hacerlo descarga Delfix en tu escritorio.
-
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")
-
Atención, ahora marca/selecciona únicamente las casillas Registry Backup, las demás NO
-
Pulsar en Run.
Se abrirá el informe (Delfix.txt), guárdalo por si fuera necesario y cierra la herramienta.
En el equipo con los demas programas cerrados:
Inicio >>> Ejecutar >>>Escribes notepad.exe.
Ahora copia y pega estos archivos dentro del Notepad:
Start
CreateRestorePoint:
CloseProcesses:
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
Task: {802078DF-77A2-4FCF-B9CC-A27E7D6943C7} - System32\Tasks\easyxplore_run => C:\Users\ADMIN\AppData\Local\Programs\easyxplore\EasyXplore.exe <==== ATENCIÓN
Task: {525450B3-7360-4230-92D7-86C08E53233B} - System32\Tasks\easyxploreUpdateTaskUserS-1-5-21-2879044780-3802597080-1009392579-1001Core => C:\Users\ADMIN\AppData\Local\easyxplore\Update\easyxploreUpdate.exe <==== ATENCIÓN
Task: {5DEFF010-6AA2-4124-BE48-9E71E397C97E} - System32\Tasks\easyxploreUpdateTaskUserS-1-5-21-2879044780-3802597080-1009392579-1001UA => C:\Users\ADMIN\AppData\Local\easyxplore\Update\easyxploreUpdate.exe <==== ATENCIÓN
Task: {802078DF-77A2-4FCF-B9CC-A27E7D6943C7} - System32\Tasks\easyxplore_run => C:\Users\ADMIN\AppData\Local\Programs\easyxplore\EasyXplore.exe <==== ATENCIÓN
Task: {4549C67B-6CB0-4027-8FEC-90B19E3EFA43} - System32\Tasks\easyxplore_chk => C:\Users\ADMIN\AppData\Local\Programs\easyxplore\EasyXplore.exe <==== ATENCIÓN
Task: {09A77250-1167-419F-9498-0D2362150A34} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-07-01] (Avast Software s.r.o. -> Avast Software)
C:\Program Files\Common Files\Avast Software
C:\Users\ADMIN\AppData\Local\Programs\easyxplore
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://cl.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1
HKU\S-1-5-21-2879044780-3802597080-1009392579-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://cl.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1
HKU\S-1-5-21-2879044780-3802597080-1009392579-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-cl/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://cl.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://cl.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://cl.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://cl.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2879044780-3802597080-1009392579-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://cl.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2879044780-3802597080-1009392579-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://cl.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
"SAntivirusIC" => servicio fue desbloqueado. <==== ATENCIÓN
S2 SAntivirusIC; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusIC.exe -service [X] <==== ATENCIÓN
S4 SAntivirusSvc; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusService.exe [X] <==== ATENCIÓN
C:\Program Files (x86)\Digital Communications
S0 MBAMSwissArmy; System32\Drivers\mbamswissarmy.sys [X]
S3 ObDrvMonPCRSrv; \??\C:\Program Files (x86)\Outbyte\PC Repair\DrvMonX64.sys [X]
S1 SANTIVIRUSKD; \??\C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusKD.sys [X] <==== ATENCIÓN
C:\Program Files (x86)\Outbyte
2020-07-08 01:58 - 2020-07-08 11:24 - 000068424 _____ (EnigmaSoft Limited) C:\Windows\system32\Drivers\EnigmaFileMonDriver.sys
2020-07-08 01:57 - 2020-07-08 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2020-07-08 01:57 - 2020-07-08 01:57 - 006455520 _____ (EnigmaSoft Limited) C:\Users\ADMIN\Downloads\SpyHunter-Installer.exe
2020-07-08 01:57 - 2020-07-08 01:57 - 000000000 ____D C:\sh5ldr
2020-07-08 01:57 - 2020-07-08 01:57 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2020-07-08 01:57 - 2020-07-08 01:57 - 000000000 ____D C:\Program Files\EnigmaSoft
2020-07-07 21:55 - 2020-07-07 21:56 - 000000000 ____D C:\Users\ADMIN\AppData\Roaming\santivirusclient
2020-07-07 21:53 - 2020-07-07 23:15 - 000000000 ____D C:\Users\ADMIN\AppData\Local\chromium
2020-07-07 21:53 - 2020-07-07 21:53 - 000003590 _____ C:\Windows\system32\Tasks\easyxplore_chk
2020-07-07 21:53 - 2020-07-07 21:53 - 000002978 _____ C:\Windows\system32\Tasks\easyxplore_run
2020-07-07 21:52 - 2020-07-07 23:31 - 000000000 ____D C:\Users\ADMIN\AppData\Local\easyxplore
2020-07-07 21:52 - 2020-07-07 23:14 - 000000000 ____D C:\Program Files (x86)\Chromium
2020-07-07 21:52 - 2020-07-07 21:52 - 000003548 _____ C:\Windows\system32\Tasks\easyxploreUpdateTaskUserS-1-5-21-2879044780-3802597080-1009392579-1001UA
2020-07-07 21:52 - 2020-07-07 21:52 - 000003276 _____ C:\Windows\system32\Tasks\easyxploreUpdateTaskUserS-1-5-21-2879044780-3802597080-1009392579-1001Core
2020-07-07 21:52 - 2020-07-07 21:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAntivirus
2020-07-07 21:52 - 2020-07-07 21:52 - 000000000 ____D C:\Program Files (x86)\easyxplore
2020-07-07 21:51 - 2020-07-07 21:53 - 000000000 ____D C:\ProgramData\SAntivirus
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<
Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.
-
Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro (Aplicable a Windows 10)?, para trabajar desde ese modo de windows. (Usa el Metodo 1 y si no puedes, usa el Metodo 2)
-
Ejecutas Frst.exe.
-
Presionas el botón Corregir y aguardas a que termine.
-
La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
Lo pegas en tu próxima respuesta, ademas de estos.
Realiza los siguientes pasos, , sin cambiar el orden
1) Descarga, instala y ejecuta Malwarebytes’ Anti-Malware.
-
Presiona clic en “Use Malewarebytes Free” (Usar Malewarebyte gratis).
-
Pulsa en el botón “Open Malewarebytes Free”.
- Presiona el botón “Scan” (Escaneo).
Una vez finalizado el escaneo aparecerá la siguiente pantalla:
-
Pulsa en “View report” (Ver informe).
-
Luego presionar el botón “Export” (Exportar). Elijes “Text file” (fichero de texto). Elijes un nombre y guardas ese archivo en el escritorio…
2) Descarga Adwcleaner en el escritorio.
-
Desactiva tu antivirus
Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad. -
Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")
-
Pulsar en el botón Analizar Ahora, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Iniciar Reparacion.
-
Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
-
Si no encuentra nada, pulsamos “Omitir Reparación”
-
El log lo encontramos en la pestaña “Informes”, volviendo a abrir el programa, si es necesario o en"C:\AdwCleaner\Logs\AdwCleaner[C0].txt"
Puedes mirar su manual >> Manual de Adwcleaner
Me pones log de Frst, Malwarebytes y Adwcleaner y comentas como va el pc
El usar actyivadores ilegales y demas,es lo que trae
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 08-07-2020 01
Ejecutado por ADMIN (administrador) sobre DELL (Dell Inc. Inspiron 580s) (08-07-2020 14:13:45)
Ejecutado desde C:\Users\ADMIN\Desktop
Perfiles cargados: ADMIN
Platform: Windows 8.1 (Update) (X64) Idioma: Español (España, internacional)
Navegador predeterminado: FF
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(ITknowledge24.com) [Archivo no firmado] C:\Program Files\ITknowledge24\Windows Defender Status Manager\wdsmgr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17246_none_fa4ae8e99b1f603c\TiWorker.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <6>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Stardock Corporation -> Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(Stardock Corporation -> Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388928 2018-02-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [wdsmgr] => C:\Program Files\ITknowledge24\Windows Defender Status Manager\wdsmgr.exe [164352 2020-07-03] (ITknowledge24.com) [Archivo no firmado]
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2007-10-10] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-2879044780-3802597080-1009392579-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [28990136 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Windows x64\Print Processors\Canon G3000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCW.DLL [30208 2016-03-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor G3000 series: C:\Windows\system32\CNMLMCW.DLL [406528 2016-03-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {032D0DC6-6268-4E40-B075-9A27B7964F34} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\ADMIN\Downloads\esetonlinescanner.exe [14827616 2020-07-08] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {09A77250-1167-419F-9498-0D2362150A34} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-07-01] (Avast Software s.r.o. -> Avast Software)
Task: {0FD24D12-FB7F-4452-9ADF-BA0D2E37D35C} - System32\Tasks\{57A90AC5-9CC0-403C-AF8F-421B8FCFEACF} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\unins000.exe"
Task: {35A43452-D4BF-47CC-AA3A-7847BDED6FAF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4549C67B-6CB0-4027-8FEC-90B19E3EFA43} - System32\Tasks\easyxplore_chk => C:\Users\ADMIN\AppData\Local\Programs\easyxplore\EasyXplore.exe <==== ATENCIÓN
Task: {4A7B6D5B-4F4F-4332-B627-5174398A8C7A} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
Task: {525450B3-7360-4230-92D7-86C08E53233B} - System32\Tasks\easyxploreUpdateTaskUserS-1-5-21-2879044780-3802597080-1009392579-1001Core => C:\Users\ADMIN\AppData\Local\easyxplore\Update\easyxploreUpdate.exe <==== ATENCIÓN
Task: {52711317-4A73-4138-BA59-CDFE72CFAD71} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\ADMIN\Downloads\esetonlinescanner.exe [14827616 2020-07-08] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {5DEFF010-6AA2-4124-BE48-9E71E397C97E} - System32\Tasks\easyxploreUpdateTaskUserS-1-5-21-2879044780-3802597080-1009392579-1001UA => C:\Users\ADMIN\AppData\Local\easyxplore\Update\easyxploreUpdate.exe <==== ATENCIÓN
Task: {802078DF-77A2-4FCF-B9CC-A27E7D6943C7} - System32\Tasks\easyxplore_run => C:\Users\ADMIN\AppData\Local\Programs\easyxplore\EasyXplore.exe <==== ATENCIÓN
Task: {948B11FE-4EA5-436E-8C4C-A47D5F34204E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-02] (Google LLC -> Google LLC)
Task: {9FD87C24-4D75-4D6C-98CE-9DC5E674F6EF} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [124112 2020-06-30] (Mozilla Corporation -> Mozilla Foundation)
Task: {A2355EE0-E080-4786-886B-F7D2AB7C4856} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-02] (Google LLC -> Google LLC)
Task: {C2BFB2C4-3F2B-4CF6-9804-FE1F84924218} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24584376 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C68A5CA2-B2A6-487D-962A-9080B4F6952B} - System32\Tasks\Outbyte\PC Repair\Start PC Repair оn logon => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{0085B45F-F7AE-487D-AAA7-B9C846902E07}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://cl.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1
HKU\S-1-5-21-2879044780-3802597080-1009392579-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://cl.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1
HKU\S-1-5-21-2879044780-3802597080-1009392579-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-cl/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://cl.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://cl.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://cl.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://cl.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2879044780-3802597080-1009392579-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://cl.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2879044780-3802597080-1009392579-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://cl.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Aplicación auxiliar de vínculos de Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2008-05-23] (Microsoft Corporation) [Archivo no firmado]
FireFox:
========
FF DefaultProfile: nxj83lv1.default
FF ProfilePath: C:\Users\ADMIN\AppData\Roaming\Mozilla\Firefox\Profiles\nxj83lv1.default [2020-07-08]
FF ProfilePath: C:\Users\ADMIN\AppData\Roaming\Mozilla\Firefox\Profiles\gwr9dmra.default-release [2020-07-08]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [icmgebopaejnjlncllgmcenbbflikfjd]
CHR HKU\S-1-5-21-2879044780-3802597080-1009392579-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [icmgebopaejnjlncllgmcenbbflikfjd]
CHR HKLM-x32\...\Chrome\Extension: [icmgebopaejnjlncllgmcenbbflikfjd]
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
"SAntivirusIC" => servicio fue desbloqueado. <==== ATENCIÓN
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [6392728 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
S2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [348968 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [142960 2013-03-19] (Stardock Corporation -> Stardock Software, Inc)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-20] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-20] (Microsoft Corporation -> Microsoft Corporation)
S2 SAntivirusIC; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusIC.exe -service [X] <==== ATENCIÓN
S4 SAntivirusSvc; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusService.exe [X] <==== ATENCIÓN
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R3 AmUStor; C:\Windows\system32\drivers\AmUStor.SYS [90560 2017-02-23] (Alcorlink Corp. -> Alcorlink Corp.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37152 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205896 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [235088 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [178768 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [60496 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42784 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175208 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [506152 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
S3 aswNetNd6; C:\Windows\system32\DRIVERS\aswNetNd6.sys [38152 2020-07-01] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109280 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84856 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851608 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [462592 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [216824 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [322256 2020-07-01] (Avast Software s.r.o. -> AVAST Software)
S3 EnigmaFileMonDriver; C:\Windows\System32\drivers\EnigmaFileMonDriver.sys [68424 2020-07-08] (EnigmaSoft Limited -> EnigmaSoft Limited)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [35856 2014-11-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [257880 2014-11-20] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-20] (Microsoft Windows -> Microsoft Corporation)
S0 MBAMSwissArmy; System32\Drivers\mbamswissarmy.sys [X]
S3 ObDrvMonPCRSrv; \??\C:\Program Files (x86)\Outbyte\PC Repair\DrvMonX64.sys [X]
S1 SANTIVIRUSKD; \??\C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusKD.sys [X] <==== ATENCIÓN
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) ===================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-07-08 14:13 - 2020-07-08 14:14 - 000019767 _____ C:\Users\ADMIN\Desktop\FRST.txt
2020-07-08 14:13 - 2020-07-08 14:14 - 000000000 ____D C:\FRST
2020-07-08 14:12 - 2020-07-08 14:12 - 002292736 _____ (Farbar) C:\Users\ADMIN\Desktop\FRST64.exe
2020-07-08 13:38 - 2020-07-08 13:38 - 007455016 _____ (VS Revo Group ) C:\Users\ADMIN\Downloads\revosetup.exe
2020-07-08 13:38 - 2020-07-08 13:38 - 000001010 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2020-07-08 13:38 - 2020-07-08 13:38 - 000001010 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2020-07-08 13:38 - 2020-07-08 13:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2020-07-08 13:38 - 2020-07-08 13:38 - 000000000 ____D C:\Program Files\VS Revo Group
2020-07-08 13:35 - 2020-07-08 13:35 - 000000099 _____ C:\Windows\Reimage.ini
2020-07-08 13:18 - 2020-07-08 13:18 - 000001244 _____ C:\Users\ADMIN\Documents\cc_20200708_131807.reg
2020-07-08 13:01 - 2020-07-08 13:01 - 000022934 _____ C:\Users\ADMIN\Documents\cc_20200708_130124.reg
2020-07-08 13:01 - 2020-07-08 13:01 - 000002360 _____ C:\Users\ADMIN\Documents\cc_20200708_130139.reg
2020-07-08 12:51 - 2020-07-08 12:51 - 000005108 _____ C:\Users\ADMIN\Desktop\scan esset.txt
2020-07-08 12:51 - 2020-07-08 12:51 - 000003700 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn
2020-07-08 12:51 - 2020-07-08 12:51 - 000003260 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime
2020-07-08 11:50 - 2020-07-08 11:50 - 000000754 _____ C:\Users\ADMIN\Desktop\ESET Online Scanner.lnk
2020-07-08 11:49 - 2020-07-08 11:49 - 014827616 _____ (ESET spol. s r.o.) C:\Users\ADMIN\Downloads\esetonlinescanner.exe
2020-07-08 11:38 - 2020-07-08 11:42 - 000000000 ____D C:\FSTool
2020-07-08 11:38 - 2020-07-08 11:38 - 001599815 _____ C:\Users\ADMIN\Downloads\IFS.exe
2020-07-08 11:35 - 2020-07-08 11:37 - 000000000 ____D C:\ProgramData\TEMP
2020-07-08 11:35 - 2020-07-08 11:35 - 004291320 _____ (BrightFort LLC ) C:\Users\ADMIN\Downloads\spywareblastersetup55.exe
2020-07-08 11:35 - 2012-05-02 12:17 - 001070152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2020-07-08 11:35 - 2009-03-24 13:52 - 000129872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSSTDFMT.DLL
2020-07-08 11:31 - 2020-07-08 12:34 - 000000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2020-07-08 11:15 - 2020-07-08 11:15 - 000012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2020-07-08 11:10 - 2020-07-08 11:29 - 000000000 ____D C:\ProgramData\HitmanPro
2020-07-08 11:09 - 2020-07-08 11:09 - 011429976 _____ (SurfRight B.V.) C:\Users\ADMIN\Downloads\hitmanpro_x64.exe
2020-07-08 11:09 - 2020-07-08 11:09 - 002033136 _____ (Malwarebytes ) C:\Users\ADMIN\Downloads\mbae-setup-1.13.1.186.exe
2020-07-08 10:25 - 2020-07-08 10:25 - 120636720 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-07-08 10:25 - 2020-07-08 10:25 - 031414424 _____ (Microsoft Corporation) C:\Users\ADMIN\Downloads\Windows-KB890830-x64-V5.82.exe
2020-07-08 10:21 - 2020-07-08 10:21 - 117472672 ____C (Microsoft Corporation) C:\Windows\SysWOW64\MRT.exe
2020-07-08 10:21 - 2020-07-08 10:21 - 030522408 _____ (Microsoft Corporation) C:\Users\ADMIN\Downloads\Windows-KB890830-V5.82.exe
2020-07-08 01:58 - 2020-07-08 11:24 - 000068424 _____ (EnigmaSoft Limited) C:\Windows\system32\Drivers\EnigmaFileMonDriver.sys
2020-07-08 01:57 - 2020-07-08 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2020-07-08 01:57 - 2020-07-08 01:57 - 006455520 _____ (EnigmaSoft Limited) C:\Users\ADMIN\Downloads\SpyHunter-Installer.exe
2020-07-08 01:57 - 2020-07-08 01:57 - 000000000 ____D C:\sh5ldr
2020-07-08 01:57 - 2020-07-08 01:57 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2020-07-08 01:57 - 2020-07-08 01:57 - 000000000 ____D C:\Program Files\EnigmaSoft
2020-07-08 00:46 - 2020-07-08 00:46 - 000000000 ____D C:\Windows\pss
2020-07-08 00:37 - 2020-07-08 00:38 - 000000000 ____D C:\Users\ADMIN\AppData\LocalLow\IObit
2020-07-08 00:37 - 2020-07-08 00:37 - 000000000 ____D C:\ProgramData\ProductData
2020-07-08 00:37 - 2020-07-08 00:37 - 000000000 ____D C:\Program Files (x86)\IObit
2020-07-08 00:36 - 2020-07-08 00:37 - 000000000 ____D C:\Users\ADMIN\AppData\Roaming\IObit
2020-07-08 00:36 - 2020-07-08 00:37 - 000000000 ____D C:\ProgramData\IObit
2020-07-08 00:33 - 2020-07-08 00:33 - 020569892 _____ C:\Users\ADMIN\Downloads\iobituninstaller.rar
2020-07-07 23:57 - 2020-07-07 23:57 - 051844984 _____ (SUPERAntiSpyware) C:\Users\ADMIN\Downloads\SUPERAntiSpyware.exe
2020-07-07 23:57 - 2020-07-07 23:57 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2020-07-07 23:51 - 2020-07-07 23:51 - 000062956 _____ C:\Users\ADMIN\Documents\cc_20200707_235109.reg
2020-07-07 23:51 - 2020-07-07 23:51 - 000007224 _____ C:\Users\ADMIN\Documents\cc_20200707_235125.reg
2020-07-07 23:47 - 2020-07-07 23:47 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-07-07 23:47 - 2020-07-07 23:47 - 000002800 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-07-07 23:47 - 2020-07-07 23:47 - 000000794 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-07-07 23:47 - 2020-07-07 23:47 - 000000794 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-07-07 23:47 - 2020-07-07 23:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-07-07 23:47 - 2020-07-07 23:47 - 000000000 ____D C:\Program Files\CCleaner
2020-07-07 23:46 - 2020-07-07 23:46 - 025838336 _____ (Piriform Software Ltd) C:\Users\ADMIN\Downloads\ccsetup568.exe
2020-07-07 23:22 - 2020-07-07 23:22 - 000003164 _____ C:\Windows\system32\Tasks\{57A90AC5-9CC0-403C-AF8F-421B8FCFEACF}
2020-07-07 23:11 - 2020-07-07 23:11 - 000000000 ____D C:\ProgramData\Wondershare
2020-07-07 22:54 - 2020-07-07 22:55 - 020503097 _____ C:\Users\ADMIN\Desktop\VERIFICADORES TRABAJO REALIZADO VIAMENSAJE whatsapp 12- 15 mayo 2020.pdf
2020-07-07 22:53 - 2020-07-07 22:54 - 000000000 ____D C:\Users\ADMIN\AppData\Roaming\UDC Profiles
2020-07-07 22:52 - 2020-07-08 10:37 - 000000000 ____D C:\Program Files (x86)\PDF Creator
2020-07-07 22:52 - 2020-07-07 22:52 - 000000000 ___RD C:\Users\ADMIN\Documents\PDF Creator
2020-07-07 22:51 - 2020-07-07 22:51 - 015283216 _____ (PDF Pro Ltd.) C:\Users\ADMIN\Downloads\pdfcreator_26353542412734684.exe
2020-07-07 22:38 - 2020-07-07 22:38 - 000000000 ____D C:\Users\ADMIN\AppData\Local\Wondershare
2020-07-07 22:37 - 2015-08-22 09:42 - 000901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2020-07-07 22:37 - 2015-08-22 09:42 - 000066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:42 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:42 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:42 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:42 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:42 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:42 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:42 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:42 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:42 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:42 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:42 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:42 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:42 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:42 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2020-07-07 22:37 - 2015-08-22 09:35 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2020-07-07 22:36 - 2020-07-07 23:15 - 000000000 ____D C:\Users\ADMIN\AppData\Roaming\Wondershare
2020-07-07 22:35 - 2020-07-07 22:35 - 000000000 ____D C:\Program Files (x86)\Wondershare
2020-07-07 22:34 - 2020-07-07 23:15 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2020-07-07 22:34 - 2020-07-07 23:15 - 000000000 ____D C:\ProgramData\Documents\Wondershare
2020-07-07 22:34 - 2020-07-07 22:34 - 001058736 _____ C:\Users\ADMIN\Downloads\pdfelement-pro_setup_full5257.exe
2020-07-07 22:32 - 2020-07-07 22:36 - 027505688 _____ (Geek Software GmbH ) C:\Users\ADMIN\Downloads\pdf24-creator-9.1.1.exe
2020-07-07 22:30 - 2020-07-07 22:30 - 001021531 _____ C:\Users\ADMIN\Downloads\VERIFICADORES TRABAJO REALIZADO VIAMENSAJE whatsapp 1-11 mayo 2020.pdf
2020-07-07 21:55 - 2020-07-07 21:56 - 000000000 ____D C:\Users\ADMIN\AppData\Roaming\santivirusclient
2020-07-07 21:53 - 2020-07-07 23:15 - 000000000 ____D C:\Users\ADMIN\AppData\Local\chromium
2020-07-07 21:53 - 2020-07-07 21:53 - 000003590 _____ C:\Windows\system32\Tasks\easyxplore_chk
2020-07-07 21:53 - 2020-07-07 21:53 - 000002978 _____ C:\Windows\system32\Tasks\easyxplore_run
2020-07-07 21:52 - 2020-07-07 23:31 - 000000000 ____D C:\Users\ADMIN\AppData\Local\easyxplore
2020-07-07 21:52 - 2020-07-07 23:14 - 000000000 ____D C:\Program Files (x86)\Chromium
2020-07-07 21:52 - 2020-07-07 21:52 - 000003548 _____ C:\Windows\system32\Tasks\easyxploreUpdateTaskUserS-1-5-21-2879044780-3802597080-1009392579-1001UA
2020-07-07 21:52 - 2020-07-07 21:52 - 000003276 _____ C:\Windows\system32\Tasks\easyxploreUpdateTaskUserS-1-5-21-2879044780-3802597080-1009392579-1001Core
2020-07-07 21:52 - 2020-07-07 21:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAntivirus
2020-07-07 21:52 - 2020-07-07 21:52 - 000000000 ____D C:\Program Files (x86)\easyxplore
2020-07-07 21:51 - 2020-07-07 21:53 - 000000000 ____D C:\ProgramData\SAntivirus
2020-07-07 21:51 - 2020-07-07 21:51 - 004365055 _____ (www.amrplayer.com ) C:\Users\ADMIN\Downloads\amr_player.exe
2020-07-07 21:44 - 2020-07-07 21:57 - 000000000 ____D C:\Users\ADMIN\Desktop\EVIDENCIAS TELEFONICAS JULIO 2020
2020-07-07 21:43 - 2020-07-07 22:24 - 000000000 ____D C:\Users\ADMIN\Desktop\EVIDENCIAS TELEFONICAS JUNIO 2020
2020-07-07 21:23 - 2020-07-07 21:27 - 000000000 ____D C:\Users\ADMIN\Desktop\EVIDENCIAS WHATSAPP JUNIO 2020
2020-07-07 20:11 - 2020-07-07 20:11 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2020-07-07 00:10 - 2020-07-07 00:10 - 016532111 _____ C:\Users\ADMIN\Downloads\02.-Manejo_de_Praderas_en_Sistemas_de_Produccion_Bovina_y_Ovina.pdf
2020-07-07 00:10 - 2020-07-07 00:10 - 004195792 _____ C:\Users\ADMIN\Downloads\10_PresentacionOscarBalocchi.pdf
2020-07-07 00:03 - 2020-07-07 00:03 - 013028788 _____ C:\Users\ADMIN\Downloads\01.-Manejo_del_Pastoreo.pdf
2020-07-06 23:55 - 2020-07-06 23:55 - 007779604 _____ C:\Users\ADMIN\Downloads\Manejo_sostenible_de_praderas.pdf
2020-07-06 23:54 - 2020-07-06 23:54 - 000919942 _____ C:\Users\ADMIN\Downloads\articles-75613_archivo_01.pdf
2020-07-06 23:54 - 2020-07-06 23:54 - 000498974 _____ C:\Users\ADMIN\Downloads\fam386e.pdf
2020-07-06 23:51 - 2020-07-06 23:51 - 005789420 _____ C:\Users\ADMIN\Downloads\FichaPraderasEnInvierno2013.pdf
2020-07-06 23:51 - 2020-07-06 23:51 - 003165141 _____ C:\Users\ADMIN\Downloads\ficha-pradera-verano.pdf
2020-07-06 23:51 - 2020-07-06 23:51 - 003056602 _____ C:\Users\ADMIN\Downloads\ficha-pradera-otono.pdf
2020-07-06 23:51 - 2020-07-06 23:51 - 000656554 _____ C:\Users\ADMIN\Downloads\ficha-pradera-primavera.pdf
2020-07-06 23:51 - 2020-07-06 23:51 - 000109357 _____ C:\Users\ADMIN\Downloads\tecnicas-de-manejo-de-pastoreo-para-praderas-permanentes.pdf
2020-07-06 23:50 - 2020-07-06 23:50 - 013006071 _____ C:\Users\ADMIN\Downloads\2-Consorcio-Lechero-Frutillar.pdf
2020-07-06 23:50 - 2020-07-06 23:50 - 006220069 _____ C:\Users\ADMIN\Downloads\manejo-de-pastoreo-INDAP-2017.pdf
2020-07-06 23:50 - 2020-07-06 23:50 - 005508668 _____ C:\Users\ADMIN\Downloads\fertilizacion-otono(1).pdf
2020-07-06 23:50 - 2020-07-06 23:50 - 004923934 _____ C:\Users\ADMIN\Downloads\09-sep-2013-manejo-pastoreo-primavera-balocchi.pdf
2020-07-06 23:50 - 2020-07-06 23:50 - 001853256 _____ C:\Users\ADMIN\Downloads\1-Charla-Manejo-del-Pastoreo-Invernal-PG.pdf
2020-07-06 23:27 - 2020-07-06 23:27 - 024939055 _____ C:\Users\ADMIN\Downloads\Manejo-sustentable-de-praderas-Paulina-Etcheverria.pdf
2020-07-06 23:27 - 2020-07-06 23:27 - 020680976 _____ C:\Users\ADMIN\Downloads\11-Fertilizacion-de-Praderas-y-Pasturas.pdf
2020-07-06 23:27 - 2020-07-06 23:27 - 000894286 _____ C:\Users\ADMIN\Downloads\Guia-de-fertilizacion-completa.pdf
2020-07-06 23:27 - 2020-07-06 23:27 - 000686114 _____ C:\Users\ADMIN\Downloads\11_Charla_Dante_Pinochet.pdf
2020-07-06 23:27 - 2020-07-06 23:27 - 000431923 _____ C:\Users\ADMIN\Downloads\INFORMATIVO-76-2015CLAVES-PARA-ESTABLECIMIENTO-DE-PRADERAS-OVINOS.pdf
2020-07-06 23:26 - 2020-07-06 23:26 - 017786644 _____ C:\Users\ADMIN\Downloads\presentacion-praderas-en-otono-temuco-y-los-angeles.pdf
2020-07-06 23:26 - 2020-07-06 23:26 - 005508668 _____ C:\Users\ADMIN\Downloads\fertilizacion-otono.pdf
2020-07-06 23:26 - 2020-07-06 23:26 - 000588452 _____ C:\Users\ADMIN\Downloads\NR33835.pdf
2020-07-06 14:50 - 2020-07-06 14:50 - 000179577 _____ C:\Users\ADMIN\Downloads\TL4712_40889437.PDF
2020-07-06 01:59 - 2020-07-06 01:59 - 000180178 _____ C:\Users\ADMIN\Downloads\WB4458_40889456.PDF
2020-07-05 19:17 - 2020-07-05 19:17 - 000000000 ____D C:\Users\ADMIN\AppData\LocalLow\Temp
2020-07-04 02:01 - 2020-07-04 02:01 - 000001148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk
2020-07-04 02:01 - 2020-07-04 02:01 - 000001142 _____ C:\Users\Public\Desktop\BS.Player FREE.lnk
2020-07-04 02:01 - 2020-07-04 02:01 - 000001142 _____ C:\ProgramData\Desktop\BS.Player FREE.lnk
2020-07-04 02:01 - 2020-07-04 02:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player
2020-07-04 02:00 - 2020-07-04 02:02 - 000000000 ____D C:\Users\ADMIN\AppData\Roaming\BSplayer
2020-07-04 02:00 - 2020-07-04 02:00 - 011256936 _____ C:\Users\ADMIN\Downloads\bsplayer275.setup.exe
2020-07-04 02:00 - 2020-07-04 02:00 - 000000000 ____D C:\Users\ADMIN\AppData\Roaming\BSplayer Pro
2020-07-04 02:00 - 2020-07-04 02:00 - 000000000 ____D C:\Program Files (x86)\Webteh
2020-07-04 01:57 - 2020-07-04 02:01 - 000000000 ____D C:\Users\ADMIN\Downloads\Condor.S02E04.iNTERNAL.720p.HDTV.x264-SFM[rarbg]
2020-07-04 01:57 - 2020-07-04 02:00 - 000000000 ____D C:\Users\ADMIN\Downloads\Condor.S02E05.Out.Of.His.Exile.1080p.CMOR.WEBRip.AAC2.0.x264-JETIX[rartv]
2020-07-04 01:56 - 2020-07-04 01:56 - 000000000 ____D C:\Users\ADMIN\Downloads\The.Outpost.2020.1080p.WEBRip.AAC5.1.x264-CM
2020-07-03 15:55 - 2020-07-03 15:55 - 000000000 ____D C:\Program Files\ITknowledge24
2020-07-03 15:53 - 2020-07-03 15:53 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer
2020-07-03 15:53 - 2020-07-03 15:53 - 000000000 ____D C:\Program Files\Reference Assemblies
2020-07-03 15:53 - 2020-07-03 15:53 - 000000000 ____D C:\Program Files\MSBuild
2020-07-03 15:53 - 2020-07-03 15:53 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2020-07-03 15:52 - 2013-08-03 00:48 - 001166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2020-07-03 15:52 - 2013-08-03 00:48 - 000124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2020-07-03 15:52 - 2013-08-03 00:48 - 000035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2020-07-03 15:52 - 2013-08-03 00:41 - 000778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2020-07-03 15:52 - 2013-08-03 00:41 - 000102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2020-07-03 15:52 - 2013-08-03 00:41 - 000035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe2020-07-03 15:24 - 2020-07-05 01:07 - 000000000 ____D C:\Users\ADMIN\AppData\Roaming\qBittorrent
2020-07-03 15:24 - 2020-07-03 15:24 - 000000000 ____D C:\Users\ADMIN\AppData\Local\qBittorrent
2020-07-03 15:24 - 2020-07-03 15:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2020-07-03 15:24 - 2020-07-03 15:24 - 000000000 ____D C:\Program Files\qBittorrent
2020-07-02 21:19 - 2020-07-02 21:19 - 025981603 _____ (The qBittorrent project) C:\Users\ADMIN\Downloads\qbittorrent_4.2.5_x64_setup.exe
2020-07-02 20:24 - 2020-07-02 20:24 - 000000000 ____D C:\Users\ADMIN\AppData\LocalLow\Google
2020-07-02 20:20 - 2020-07-07 22:52 - 000000000 ____D C:\ProgramData\Package Cache
2020-07-02 20:19 - 2020-07-02 20:19 - 014572000 _____ (Microsoft Corporation) C:\Users\ADMIN\Downloads\vc_redist.x64.exe
2020-07-02 20:17 - 2020-07-02 20:17 - 000000000 ____D C:\Windows\system32\Tasks\Outbyte
2020-07-02 20:13 - 2020-07-02 20:13 - 000002156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2020-07-02 20:13 - 2020-07-02 20:13 - 000002144 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2020-07-02 20:13 - 2020-07-02 20:13 - 000002144 _____ C:\ProgramData\Desktop\Google Earth Pro.lnk
2020-07-02 20:12 - 2020-07-08 10:41 - 000000000 ____D C:\Program Files (x86)\Google
2020-07-02 20:12 - 2020-07-02 20:12 - 001295576 _____ (Google LLC) C:\Users\ADMIN\Downloads\GoogleEarthProSetup(1).exe
2020-07-02 20:12 - 2020-07-02 20:12 - 000003472 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-07-02 20:12 - 2020-07-02 20:12 - 000003344 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-07-02 20:12 - 2020-07-02 20:12 - 000000000 ____D C:\Program Files\Google
2020-07-02 20:10 - 2020-07-08 10:41 - 000000000 ____D C:\Users\ADMIN\AppData\Local\Google
2020-07-02 20:10 - 2020-07-02 20:10 - 001295576 _____ (Google LLC) C:\Users\ADMIN\Downloads\GoogleEarthProSetup.exe
2020-07-02 15:13 - 2020-07-08 13:00 - 000000000 ____D C:\Users\ADMIN\AppData\Local\CrashDumps
2020-07-02 01:46 - 2020-07-02 21:08 - 000011557 _____ C:\Users\ADMIN\Desktop\Copia de FIRMAS DEPROYECTOS.xlsx
2020-07-01 23:42 - 2020-07-01 23:42 - 000000000 ___HD C:\ProgramData\CanonBJ
2020-07-01 23:42 - 2020-07-01 23:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2020-07-01 23:42 - 2020-07-01 23:42 - 000000000 ____D C:\Program Files (x86)\Canon
2020-07-01 23:42 - 2015-03-24 15:09 - 000088832 _____ C:\Windows\SysWOW64\CNC1794D.TBL
2020-07-01 23:42 - 2015-03-24 15:09 - 000088832 _____ C:\Windows\system32\CNC1794D.TBL
2020-07-01 23:42 - 2015-01-29 15:35 - 000312320 _____ (CANON INC.) C:\Windows\system32\CNC_CWC.dll
2020-07-01 23:42 - 2015-01-29 15:35 - 000123392 _____ (CANON INC.) C:\Windows\system32\CNC_CWI.dll
2020-07-01 23:42 - 2015-01-29 11:23 - 000387584 _____ (CANON INC.) C:\Windows\system32\CNC_CWL.dll
2020-07-01 23:42 - 2015-01-29 11:22 - 000353792 _____ (CANON INC.) C:\Windows\SysWOW64\CNC_CWL.dll
2020-07-01 23:42 - 2008-08-25 18:02 - 000017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll
2020-07-01 23:42 - 2008-08-25 18:02 - 000015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2020-07-01 23:41 - 2020-07-01 23:42 - 000000000 ___HD C:\Program Files\CanonBJ
2020-07-01 23:41 - 2020-07-01 23:41 - 038714248 _____ C:\Users\ADMIN\Downloads\mp68-win-g3000-1_02-ea34_2.exe
2020-07-01 23:41 - 2016-03-21 05:00 - 000406528 _____ (CANON INC.) C:\Windows\system32\CNMLMCW.DLL
2020-07-01 23:24 - 2020-07-01 23:24 - 000000000 ___SD C:\Users\ADMIN\Documents\Mis archivos de origen de datos
2020-07-01 18:29 - 2020-07-01 18:29 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2020-07-01 17:50 - 2020-04-01 19:49 - 000744808 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2020-07-01 17:35 - 2020-07-01 17:24 - 000335976 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-07-01 17:32 - 2020-07-01 17:32 - 000000000 ____D C:\Users\ADMIN\AppData\Local\mbam
2020-07-01 17:31 - 2020-07-01 17:31 - 002012560 _____ (Malwarebytes) C:\Users\ADMIN\Downloads\MBSetup.exe
2020-07-01 17:24 - 2020-07-01 17:25 - 000506152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-07-01 17:24 - 2020-07-01 17:25 - 000462592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-07-01 17:24 - 2020-07-01 17:25 - 000322256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-07-01 17:24 - 2020-07-01 17:24 - 000851608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-07-01 17:24 - 2020-07-01 17:24 - 000235088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-07-01 17:24 - 2020-07-01 17:24 - 000216824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-07-01 17:24 - 2020-07-01 17:24 - 000205896 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-07-01 17:24 - 2020-07-01 17:24 - 000178768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-07-01 17:24 - 2020-07-01 17:24 - 000175208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-07-01 17:24 - 2020-07-01 17:24 - 000109280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-07-01 17:24 - 2020-07-01 17:24 - 000084856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-07-01 17:24 - 2020-07-01 17:24 - 000060496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-07-01 17:24 - 2020-07-01 17:24 - 000042784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-07-01 17:24 - 2020-07-01 17:24 - 000038152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetNd6.sys
2020-07-01 17:24 - 2020-07-01 17:24 - 000037152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-07-01 17:24 - 2020-07-01 17:24 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2020-07-01 17:24 - 2020-07-01 17:24 - 000000000 ____D C:\Program Files\Avast Software
2020-07-01 17:02 - 2020-07-01 17:02 - 010709184 _____ (AVAST Software) C:\Users\ADMIN\Downloads\avastclear.exe
2020-07-01 16:59 - 2020-07-01 16:59 - 000233080 _____ (AVAST Software) C:\Users\ADMIN\Downloads\avast_internet_security_setup_online(2).exe
2020-07-01 16:51 - 2020-07-01 16:52 - 000003088 _____ C:\Users\ADMIN\Documents\online scaner con esset.txt
2020-07-01 16:04 - 2020-07-08 12:57 - 000000000 ____D C:\Users\ADMIN\AppData\Local\ESET
2020-07-01 14:55 - 2020-07-01 14:55 - 000231144 _____ (AVAST Software) C:\Users\ADMIN\Downloads\avast_free_antivirus_setup_online.exe
2020-07-01 14:54 - 2020-07-01 14:54 - 000233192 _____ (AVAST Software) C:\Users\ADMIN\Downloads\avast_internet_security_setup_online(1).exe
2020-07-01 14:46 - 2020-07-08 14:08 - 000000000 _____ C:\Windows\system32\last.dump
2020-07-01 14:43 - 2020-07-01 14:43 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2020-07-01 14:41 - 2020-07-01 17:23 - 000000000 ____D C:\ProgramData\Avast Software
2020-07-01 14:41 - 2020-07-01 14:41 - 000233192 _____ (AVAST Software) C:\Users\ADMIN\Downloads\avast_internet_security_setup_online.exe
2020-07-01 14:07 - 2020-07-08 14:11 - 000000000 ____D C:\Users\ADMIN\AppData\LocalLow\Mozilla
2020-07-01 14:07 - 2020-07-01 14:07 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-07-01 14:07 - 2020-07-01 14:07 - 000000936 _____ C:\Users\Public\Desktop\Firefox.lnk
2020-07-01 14:07 - 2020-07-01 14:07 - 000000936 _____ C:\ProgramData\Desktop\Firefox.lnk
2020-07-01 14:07 - 2020-07-01 14:07 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2020-07-01 14:07 - 2020-07-01 14:07 - 000000000 ____D C:\Users\ADMIN\AppData\Roaming\Mozilla
2020-07-01 14:07 - 2020-07-01 14:07 - 000000000 ____D C:\Users\ADMIN\AppData\Local\Mozilla
2020-07-01 14:07 - 2020-07-01 14:07 - 000000000 ____D C:\ProgramData\Mozilla
2020-07-01 14:07 - 2020-07-01 14:07 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-07-01 14:07 - 2020-07-01 14:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-07-01 14:05 - 2020-07-01 14:05 - 000000000 ____D C:\Program Files (x86)\Intel
2020-07-01 14:05 - 2020-07-01 14:05 - 000000000 ____D C:\Intel
2020-07-01 12:40 - 2020-07-08 09:58 - 000003962 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{AC9FF56D-0D4B-4C3D-BE43-42B5A27FBBC9}
2020-07-01 12:40 - 2020-07-01 12:40 - 000000000 __SHD C:\Users\ADMIN\AppData\LocalLow\EmieUserList
2020-07-01 12:40 - 2020-07-01 12:40 - 000000000 __SHD C:\Users\ADMIN\AppData\LocalLow\EmieSiteList
2020-07-01 12:40 - 2020-07-01 12:40 - 000000000 __SHD C:\Users\ADMIN\AppData\LocalLow\EmieBrowserModeList
2020-07-01 12:40 - 2020-07-01 12:40 - 000000000 __SHD C:\Users\ADMIN\AppData\Local\EmieUserList
2020-07-01 12:40 - 2020-07-01 12:40 - 000000000 __SHD C:\Users\ADMIN\AppData\Local\EmieSiteList
2020-07-01 12:40 - 2020-07-01 12:40 - 000000000 __SHD C:\Users\ADMIN\AppData\Local\EmieBrowserModeList
2020-07-01 12:40 - 2020-07-01 12:40 - 000000000 ____D C:\Users\ADMIN\AppData\Roaming\Macromedia
2020-07-01 11:10 - 2020-07-01 16:49 - 000000000 ____D C:\Program Files\KMSpico
2020-07-01 11:10 - 2020-07-01 16:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2020-07-01 11:10 - 2020-07-01 11:10 - 000000000 ____D C:\Users\Public\Documents\Stardock
2020-07-01 11:10 - 2020-07-01 11:10 - 000000000 ____D C:\Users\ADMIN\AppData\Roaming\WinRAR
2020-07-01 11:10 - 2020-07-01 11:10 - 000000000 ____D C:\ProgramData\Stardock
2020-07-01 11:10 - 2020-07-01 11:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2020-07-01 11:10 - 2020-07-01 11:10 - 000000000 ____D C:\ProgramData\Documents\Stardock
2020-07-01 11:10 - 2020-07-01 11:10 - 000000000 ____D C:\Program Files (x86)\Stardock
2020-07-01 11:10 - 2010-12-05 22:16 - 000090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll
2020-07-01 11:08 - 2020-07-01 11:08 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2020-07-01 11:08 - 2020-07-01 11:08 - 000000000 ____D C:\Program Files\Realtek
2020-07-01 11:08 - 2018-02-07 17:11 - 000532344 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2020-07-01 11:08 - 2018-02-07 17:11 - 000221928 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2020-07-01 11:08 - 2018-02-07 17:11 - 000209496 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2020-07-01 11:08 - 2018-02-07 17:11 - 000166168 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2020-07-01 11:08 - 2018-02-07 17:09 - 003452120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2020-07-01 11:08 - 2018-02-07 17:09 - 000392840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2020-07-01 11:08 - 2018-02-07 17:09 - 000343672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2020-07-01 11:08 - 2018-02-07 17:09 - 000192944 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2020-07-01 11:08 - 2018-02-07 17:09 - 000116504 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2020-07-01 11:08 - 2018-02-07 17:09 - 000093864 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2020-07-01 11:08 - 2018-02-07 17:08 - 006158784 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2020-07-01 11:08 - 2018-02-07 17:08 - 003677120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2020-07-01 11:08 - 2018-02-07 17:08 - 003632456 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2020-07-01 11:08 - 2018-02-07 17:08 - 003214672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2020-07-01 11:08 - 2018-02-07 17:08 - 001353288 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2020-07-01 11:08 - 2018-02-07 17:08 - 000691648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2020-07-01 11:08 - 2018-02-07 17:08 - 000327240 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2020-07-01 11:08 - 2018-02-07 17:08 - 000327232 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2020-07-01 11:08 - 2018-02-07 17:08 - 000220352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2020-07-01 11:08 - 2018-02-07 17:08 - 000023656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2020-07-01 11:08 - 2018-02-07 17:07 - 002939728 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2020-07-01 11:08 - 2018-02-07 17:07 - 000122280 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2020-07-01 11:08 - 2018-02-07 12:36 - 015971993 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2020-07-01 11:08 - 2013-10-29 17:15 - 000458960 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\k57nd60a.sys
2020-07-01 11:07 - 2017-07-09 16:25 - 000480800 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2020-07-01 11:06 - 2017-02-23 21:19 - 001083424 _____ C:\Windows\system32\AmRdrIco.icl
2020-07-01 11:06 - 2017-02-23 21:19 - 000090560 _____ (Alcorlink Corp.) C:\Windows\system32\Drivers\AmUStor.sys
2020-07-01 11:06 - 2017-02-23 21:19 - 000018464 _____ (Alcorlink Corp.) C:\Windows\system32\AmUStor2.dll
2020-07-01 11:06 - 2017-02-23 21:19 - 000005115 _____ C:\Windows\system32\AmUStor.ini
2020-07-01 11:06 - 2017-02-23 21:19 - 000000124 _____ C:\Windows\system32\VendorCmd6485_SetSSC.bin
2020-07-01 11:06 - 2017-02-23 21:19 - 000000032 _____ C:\Windows\system32\VendorCmd6485.bin
2020-07-01 11:06 - 2017-02-23 21:19 - 000000008 _____ C:\Windows\system32\CardDetect6485.bin
2020-07-01 11:05 - 2020-07-01 11:05 - 000000000 ____D C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-07-01 11:05 - 2020-07-01 11:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-07-01 11:05 - 2020-07-01 11:05 - 000000000 ____D C:\Program Files (x86)\WinRAR
2020-07-01 11:04 - 2020-07-05 11:51 - 000000000 ____D C:\Users\ADMIN\AppData\Local\Adobe
2020-07-01 11:04 - 2020-07-01 11:04 - 000002046 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 8.lnk
2020-07-01 11:04 - 2020-07-01 11:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2020-07-01 11:04 - 2020-07-01 11:04 - 000000000 ____D C:\ProgramData\Adobe
2020-07-01 11:04 - 2020-07-01 11:04 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2020-07-01 11:04 - 2020-07-01 11:04 - 000000000 ____D C:\Program Files (x86)\Adobe
2020-07-01 11:04 - 2007-12-24 13:49 - 000007680 _____ C:\Windows\SysWOW64\ff_vfw.dll
2020-07-01 11:04 - 2007-12-04 02:33 - 000682496 _____ (DivX, Inc.) C:\Windows\SysWOW64\divx.dll
2020-07-01 11:04 - 2007-11-29 23:30 - 003596288 _____ C:\Windows\SysWOW64\qt-dx331.dll
2020-07-01 11:04 - 2007-11-29 23:28 - 000081920 _____ (DivX, Inc.) C:\Windows\SysWOW64\dpl100.dll
2020-07-01 11:04 - 2007-10-03 16:03 - 000000414 _____ C:\Windows\SysWOW64\lame_acm.xml
2020-07-01 11:04 - 2007-09-21 01:52 - 000118784 _____ (fccHandler) C:\Windows\SysWOW64\ac3acm.acm
2020-07-01 11:04 - 2007-09-04 17:56 - 000164352 _____ C:\Windows\SysWOW64\unrar.dll
2020-07-01 11:04 - 2007-07-25 14:24 - 001559040 _____ C:\Windows\SysWOW64\xvidcore.dll
2020-07-01 11:04 - 2007-07-10 17:10 - 000000547 _____ C:\Windows\SysWOW64\ff_vfw.dll.manifest
2020-07-01 11:04 - 2007-03-10 12:51 - 000282624 _____ C:\Windows\SysWOW64\xvidvfw.dll
2020-07-01 11:04 - 2006-09-24 16:11 - 000389120 _____ (hxxp://www.mp3dev.org/) C:\Windows\SysWOW64\lameACM.acm
2020-07-01 11:04 - 2004-01-25 17:18 - 000217088 _____ (www.helixcommunity.org) C:\Windows\SysWOW64\yv12vfw.dll
2020-07-01 11:04 - 2004-01-11 23:00 - 000348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2020-07-01 11:02 - 2020-07-01 11:02 - 000000000 ____D C:\Windows\system32\Tasks\OfficeSoftwareProtectionPlatform
2020-07-01 11:02 - 2020-07-01 11:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2020-07-01 11:02 - 2020-07-01 11:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2020-07-01 11:02 - 2020-07-01 11:02 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2020-07-01 11:01 - 2020-07-08 14:11 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2879044780-3802597080-1009392579-1001
2020-07-01 11:01 - 2020-07-03 15:53 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-07-01 11:01 - 2020-07-01 11:01 - 000000000 ____D C:\Windows\PCHEALTH
2020-07-01 11:01 - 2020-07-01 11:01 - 000000000 ____D C:\Program Files\Microsoft Sync Framework
2020-07-01 11:00 - 2020-07-01 11:01 - 000000000 ____D C:\Program Files\Microsoft Office
2020-07-01 11:00 - 2020-07-01 11:00 - 000000000 __RHD C:\MSOCache
2020-07-01 11:00 - 2020-07-01 11:00 - 000000000 ____D C:\Users\ADMIN\AppData\Local\Microsoft Help
2020-07-01 11:00 - 2020-07-01 11:00 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2020-07-01 11:00 - 2020-07-01 11:00 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2020-07-01 11:00 - 2020-07-01 11:00 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-07-01 11:00 - 2020-07-01 11:00 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2020-07-01 10:56 - 2020-07-05 11:51 - 000000000 ____D C:\Users\ADMIN\AppData\Roaming\Adobe
2020-07-01 10:56 - 2020-07-01 11:04 - 000000000 ____D C:\Users\ADMIN\AppData\Local\VirtualStore
2020-07-01 10:56 - 2020-07-01 10:56 - 000001430 _____ C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2020-07-01 10:56 - 2020-07-01 10:56 - 000000000 ____D C:\Windows\system32\Tasks\WPD
2020-07-01 10:55 - 2020-07-08 13:51 - 000000000 ____D C:\Users\ADMIN
2020-07-01 10:55 - 2020-07-03 17:22 - 000000000 ____D C:\Users\ADMIN\AppData\Local\Packages
2020-07-01 10:55 - 2020-07-01 10:55 - 000000020 ___SH C:\Users\ADMIN\ntuser.ini
2020-07-01 10:55 - 2020-07-01 10:55 - 000000000 _SHDL C:\Users\ADMIN\Reciente
2020-07-01 10:55 - 2020-07-01 10:55 - 000000000 _SHDL C:\Users\ADMIN\Plantillas
2020-07-01 10:55 - 2020-07-01 10:55 - 000000000 _SHDL C:\Users\ADMIN\Mis documentos
2020-07-01 10:55 - 2020-07-01 10:55 - 000000000 _SHDL C:\Users\ADMIN\Menú Inicio
2020-07-01 10:55 - 2020-07-01 10:55 - 000000000 _SHDL C:\Users\ADMIN\Impresoras
2020-07-01 10:55 - 2020-07-01 10:55 - 000000000 _SHDL C:\Users\ADMIN\Entorno de red
2020-07-01 10:55 - 2020-07-01 10:55 - 000000000 _SHDL C:\Users\ADMIN\Documents\Mis vídeos
2020-07-01 10:55 - 2020-07-01 10:55 - 000000000 _SHDL C:\Users\ADMIN\Documents\Mis imágenes
2020-07-01 10:55 - 2020-07-01 10:55 - 000000000 _SHDL C:\Users\ADMIN\Documents\Mi música
2020-07-01 10:55 - 2020-07-01 10:55 - 000000000 _SHDL C:\Users\ADMIN\Datos de programa
2020-07-01 10:55 - 2020-07-01 10:55 - 000000000 _SHDL C:\Users\ADMIN\Configuración local
2020-07-01 10:55 - 2020-07-01 10:55 - 000000000 _SHDL C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2020-07-01 10:55 - 2020-07-01 10:55 - 000000000 _SHDL C:\Users\ADMIN\AppData\Local\Historial
2020-07-01 10:55 - 2020-07-01 10:55 - 000000000 _SHDL C:\Users\ADMIN\AppData\Local\Datos de programa
2020-07-01 10:55 - 2020-07-01 10:55 - 000000000 _SHDL C:\Users\ADMIN\AppData\Local\Archivos temporales de Internet
2020-07-01 10:55 - 2014-11-20 22:20 - 000000369 _____ C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2020-07-01 10:55 - 2014-11-20 22:20 - 000000369 _____ C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Public\Documents\Mis vídeos
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Public\Documents\Mis imágenes
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Public\Documents\Mi música
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default\Reciente
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default\Plantillas
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default\Mis documentos
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default\Menú Inicio
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default\Impresoras
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default\Entorno de red
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default\Documents\Mis vídeos
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default\Documents\Mis imágenes
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default\Documents\Mi música
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default\Datos de programa
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default\Configuración local
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default\AppData\Local\Historial
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default\AppData\Local\Datos de programa
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default\AppData\Local\Archivos temporales de Internet
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default User\Reciente
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default User\Plantillas
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default User\Mis documentos
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default User\Menú Inicio
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default User\Impresoras
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default User\Entorno de red
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default User\Documents\Mis vídeos
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default User\Documents\Mis imágenes
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default User\Documents\Mi música
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default User\Datos de programa
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default User\Configuración local
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Historial
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Datos de programa
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Archivos temporales de Internet
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\ProgramData\Plantillas
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\ProgramData\Menú Inicio
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\ProgramData\Escritorio
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\ProgramData\Documents\Mis vídeos
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\ProgramData\Documents\Mis imágenes
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\ProgramData\Documents\Mi música
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\ProgramData\Documentos
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\ProgramData\Datos de programa
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Program Files\Archivos comunes
2020-07-01 10:53 - 2020-07-01 10:53 - 000000000 _SHDL C:\Archivos de programa
2020-07-01 10:51 - 2020-07-01 10:51 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2020-07-01 05:50 - 2020-07-07 23:49 - 000000000 ____D C:\Windows\Panther
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-07-08 14:06 - 2013-08-22 10:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-07-08 12:57 - 2013-08-22 09:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2020-07-08 11:11 - 2014-11-20 22:13 - 001829802 _____ C:\Windows\system32\PerfStringBackup.INI
2020-07-08 11:11 - 2014-11-20 21:24 - 000809912 _____ C:\Windows\system32\perfh00A.dat
2020-07-08 11:11 - 2014-11-20 21:24 - 000166708 _____ C:\Windows\system32\perfc00A.dat
2020-07-08 11:11 - 2013-08-22 09:36 - 000000000 ____D C:\Windows\Inf
2020-07-08 00:31 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\system32\NDF
2020-07-07 23:09 - 2013-08-22 10:44 - 000495408 _____ C:\Windows\system32\FNTCACHE.DAT
2020-07-07 22:38 - 2013-08-22 11:20 - 000000000 ____D C:\Windows\CbsTemp
2020-07-05 12:04 - 2013-08-22 11:36 - 000000000 ___HD C:\Program Files\WindowsApps
2020-07-05 12:04 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\AppReadiness
2020-07-04 03:03 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\rescache
2020-07-03 15:53 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\SysWOW64\MUI
2020-07-03 15:53 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\system32\MUI
2020-07-01 23:42 - 2013-08-22 11:36 - 000000000 __RSD C:\Windows\Media
2020-07-01 17:51 - 2013-08-22 09:25 - 000262144 ___SH C:\Windows\system32\config\ELAM
2020-07-01 11:10 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-07-01 11:02 - 2013-08-22 11:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-07-01 11:00 - 2014-11-20 21:51 - 000000000 ____D C:\Windows\ShellNew
2020-07-01 11:00 - 2013-08-22 11:36 - 000000000 ____D C:\Program Files\Common Files\System
2020-07-01 11:00 - 2013-08-22 09:25 - 000000167 _____ C:\Windows\win.ini
2020-07-01 10:53 - 2013-08-22 11:36 - 000000000 ____D C:\Program Files\Windows NT
2020-07-01 05:50 - 2013-08-22 11:36 - 000262144 _____ C:\Windows\system32\config\BCD-Template
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
==================== Final de FRST.txt ========================Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 8/7/20
Hora del análisis: 18:47
Archivo de registro: 0dfc8e56-c16d-11ea-b22e-002564efee0a.json
-Información del software-
Versión: 4.1.2.73
Versión de los componentes: 1.0.976
Versión del paquete de actualización: 1.0.26585
Licencia: Prueba
-Información del sistema-
SO: Windows 8.1
CPU: x64
Sistema de archivos: NTFS
Usuario: DELL\ADMIN
-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 237689
Amenazas detectadas: 18
Amenazas en cuarentena: 18
Tiempo transcurrido: 1 min, 59 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 15
PUP.Optional.Outbyte, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Outbyte\PC Repair\Start PC Repair оn logon, En cuarentena, 1447, 799079, , , ,
PUP.Optional.Outbyte, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C68A5CA2-B2A6-487D-962A-9080B4F6952B}, En cuarentena, 1447, 799079, , , ,
PUP.Optional.Outbyte, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{C68A5CA2-B2A6-487D-962A-9080B4F6952B}, En cuarentena, 1447, 799079, , , ,
PUP.Optional.Segurazo, HKU\S-1-5-21-2879044780-3802597080-1009392579-1001\SOFTWARE\SegOption, En cuarentena, 5374, 752285, 1.0.26585, , ame,
PUP.Optional.SearchManager, HKU\S-1-5-21-2879044780-3802597080-1009392579-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\icmgebopaejnjlncllgmcenbbflikfjd, En cuarentena, 436, 521971, 1.0.26585, , ame,
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\icmgebopaejnjlncllgmcenbbflikfjd, En cuarentena, 436, 521972, 1.0.26585, , ame,
PUP.Optional.Segurazo, HKLM\SOFTWARE\MICROSOFT\WINDOWS\SAntivirus, En cuarentena, 5374, 783948, 1.0.26585, , ame,
PUP.Optional.Segurazo, HKLM\SOFTWARE\WOW6432NODE\SAntivirus, En cuarentena, 5374, 783949, 1.0.26585, , ame,
PUP.Optional.Segurazo, HKLM\SOFTWARE\WOW6432NODE\SAntivirusProduct, En cuarentena, 5374, 783951, 1.0.26585, , ame,
PUP.Optional.Segurazo, HKLM\SOFTWARE\MICROSOFT\TRACING\SAntivirusService_RASAPI32, En cuarentena, 5374, 783947, 1.0.26585, , ame,
PUP.Optional.Segurazo, HKLM\SOFTWARE\MICROSOFT\TRACING\SAntivirusService_RASMANCS, En cuarentena, 5374, 783947, 1.0.26585, , ame,
PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\icmgebopaejnjlncllgmcenbbflikfjd, En cuarentena, 436, 521972, 1.0.26585, , ame,
PUP.Optional.Segurazo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\SAntivirus, En cuarentena, 5374, 783948, 1.0.26585, , ame,
PUP.Optional.Segurazo, HKLM\SOFTWARE\SAntivirus, En cuarentena, 5374, 783949, 1.0.26585, , ame,
PUP.Optional.Segurazo, HKLM\SOFTWARE\SegOption, En cuarentena, 5374, 757809, 1.0.26585, , ame,
Valor del registro: 0
(No hay elementos maliciosos detectados)
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0# -------------------------------
# Malwarebytes AdwCleaner 8.0.6.0
# -------------------------------
# Build: 06-24-2020
# Database: 2020-06-15.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-08-2020
# Duration: 00:00:21
# OS: Windows 8.1
# Scanned: 31836
# Detected: 12
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.AdvancedSystemCare C:\Users\ADMIN\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.OutbytePCRepair C:\Windows\System32\Tasks\Outbyte
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
PUP.Optional.SAntivirus HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.exe
PUP.Optional.SAntivirus HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.vshost.exe
PUP.Optional.SAntivirus HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.exe
PUP.Optional.SAntivirus HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.vshost.exe
PUP.Optional.SAntivirus HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.exe
PUP.Optional.SAntivirus HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.vshost.exe
PUP.Optional.Segurazo HKLM\System\CurrentControlSet\Services\EventLog\Application\SAntivirusSvc
***** [ Chromium (and derivatives) ] *****Revisa mis indicaciones, pues con Fabar me has vuelto a poner un resultado de analizar…es decir, lo mismo quet e habia pedido al principio…
Vuelve a mirar mi respuesta para ejecutar el fix
Con Adwcleaner sii pulsaste en eliminar, tienes que tener otro log, pues este es el del analisis
Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 08-07-2020 01
Ejecutado por ADMIN (08-07-2020 18:06:56) Run:1
Ejecutado desde C:\Users\ADMIN\Desktop
Perfiles cargados: ADMIN
Modo de Inicio: Safe Mode (minimal)
==============================================
fixlist contenido:
*****************
Start
CreateRestorePoint:
CloseProcesses:
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricci�n <==== ATENCI�N
Task: {802078DF-77A2-4FCF-B9CC-A27E7D6943C7} - System32\Tasks\easyxplore_run => C:\Users\ADMIN\AppData\Local\Programs\easyxplore\EasyXplore.exe <==== ATENCI�N
Task: {525450B3-7360-4230-92D7-86C08E53233B} - System32\Tasks\easyxploreUpdateTaskUserS-1-5-21-2879044780-3802597080-1009392579-1001Core => C:\Users\ADMIN\AppData\Local\easyxplore\Update\easyxploreUpdate.exe <==== ATENCI�N
Task: {5DEFF010-6AA2-4124-BE48-9E71E397C97E} - System32\Tasks\easyxploreUpdateTaskUserS-1-5-21-2879044780-3802597080-1009392579-1001UA => C:\Users\ADMIN\AppData\Local\easyxplore\Update\easyxploreUpdate.exe <==== ATENCI�N
Task: {802078DF-77A2-4FCF-B9CC-A27E7D6943C7} - System32\Tasks\easyxplore_run => C:\Users\ADMIN\AppData\Local\Programs\easyxplore\EasyXplore.exe <==== ATENCI�N
Task: {4549C67B-6CB0-4027-8FEC-90B19E3EFA43} - System32\Tasks\easyxplore_chk => C:\Users\ADMIN\AppData\Local\Programs\easyxplore\EasyXplore.exe <==== ATENCI�N
Task: {09A77250-1167-419F-9498-0D2362150A34} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-07-01] (Avast Software s.r.o. -> Avast Software)
C:\Program Files\Common Files\Avast Software
C:\Users\ADMIN\AppData\Local\Programs\easyxplore
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://cl.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1
HKU\S-1-5-21-2879044780-3802597080-1009392579-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://cl.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1
HKU\S-1-5-21-2879044780-3802597080-1009392579-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-cl/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://cl.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://cl.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://cl.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://cl.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2879044780-3802597080-1009392579-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://cl.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2879044780-3802597080-1009392579-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://cl.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dpyqptgki1320_20_28_ssg75¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dcl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByDyCyE0E0F0E0EtD0Azz0EyEtAtN0D0Tzu0StAtCtCtDtN1L2XzuyDtFtBtFtDtFyBtBtN1L1Czu1ByE1VzztN1L1G1B1V1N2Y1L1Qzu2StDtA0CzztDtC0ByCtGyDtDyEzztGtByBzy0FtGtC0A0FtCtGyC0EtC0DyCyEyC0Ezy0EzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy1R1T1StDyCyE1OtGyByEzzyBtGyE1P1QtAtGzzyCyBtDtG1RyC1QyEtD1StDtB1T1RtBtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzyyEtCyBtAtDzytD%26cr%3D482966479%26a%3Dwsg_dpyqptgki1320_20_28_ssg75%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
"SAntivirusIC" => servicio fue desbloqueado. <==== ATENCI�N
S2 SAntivirusIC; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusIC.exe -service [X] <==== ATENCI�N
S4 SAntivirusSvc; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusService.exe [X] <==== ATENCI�N
C:\Program Files (x86)\Digital Communications
S0 MBAMSwissArmy; System32\Drivers\mbamswissarmy.sys [X]
S3 ObDrvMonPCRSrv; \??\C:\Program Files (x86)\Outbyte\PC Repair\DrvMonX64.sys [X]
S1 SANTIVIRUSKD; \??\C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusKD.sys [X] <==== ATENCI�N
C:\Program Files (x86)\Outbyte
2020-07-08 01:58 - 2020-07-08 11:24 - 000068424 _____ (EnigmaSoft Limited) C:\Windows\system32\Drivers\EnigmaFileMonDriver.sys
2020-07-08 01:57 - 2020-07-08 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2020-07-08 01:57 - 2020-07-08 01:57 - 006455520 _____ (EnigmaSoft Limited) C:\Users\ADMIN\Downloads\SpyHunter-Installer.exe
2020-07-08 01:57 - 2020-07-08 01:57 - 000000000 ____D C:\sh5ldr
2020-07-08 01:57 - 2020-07-08 01:57 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2020-07-08 01:57 - 2020-07-08 01:57 - 000000000 ____D C:\Program Files\EnigmaSoft
2020-07-07 21:55 - 2020-07-07 21:56 - 000000000 ____D C:\Users\ADMIN\AppData\Roaming\santivirusclient
2020-07-07 21:53 - 2020-07-07 23:15 - 000000000 ____D C:\Users\ADMIN\AppData\Local\chromium
2020-07-07 21:53 - 2020-07-07 21:53 - 000003590 _____ C:\Windows\system32\Tasks\easyxplore_chk
2020-07-07 21:53 - 2020-07-07 21:53 - 000002978 _____ C:\Windows\system32\Tasks\easyxplore_run
2020-07-07 21:52 - 2020-07-07 23:31 - 000000000 ____D C:\Users\ADMIN\AppData\Local\easyxplore
2020-07-07 21:52 - 2020-07-07 23:14 - 000000000 ____D C:\Program Files (x86)\Chromium
2020-07-07 21:52 - 2020-07-07 21:52 - 000003548 _____ C:\Windows\system32\Tasks\easyxploreUpdateTaskUserS-1-5-21-2879044780-3802597080-1009392579-1001UA
2020-07-07 21:52 - 2020-07-07 21:52 - 000003276 _____ C:\Windows\system32\Tasks\easyxploreUpdateTaskUserS-1-5-21-2879044780-3802597080-1009392579-1001Core
2020-07-07 21:52 - 2020-07-07 21:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAntivirus
2020-07-07 21:52 - 2020-07-07 21:52 - 000000000 ____D C:\Program Files (x86)\easyxplore
2020-07-07 21:51 - 2020-07-07 21:53 - 000000000 ____D C:\ProgramData\SAntivirus
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************
Error: El punto de restauración solamente puede ser creado en modo normal.
Procesos cerrados correctamente.
HKLM\SOFTWARE\Policies\Mozilla => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{802078DF-77A2-4FCF-B9CC-A27E7D6943C7}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{802078DF-77A2-4FCF-B9CC-A27E7D6943C7}" => eliminado correctamente
C:\Windows\System32\Tasks\easyxplore_run => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\easyxplore_run" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{525450B3-7360-4230-92D7-86C08E53233B}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{525450B3-7360-4230-92D7-86C08E53233B}" => eliminado correctamente
C:\Windows\System32\Tasks\easyxploreUpdateTaskUserS-1-5-21-2879044780-3802597080-1009392579-1001Core => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\easyxploreUpdateTaskUserS-1-5-21-2879044780-3802597080-1009392579-1001Core" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5DEFF010-6AA2-4124-BE48-9E71E397C97E}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5DEFF010-6AA2-4124-BE48-9E71E397C97E}" => eliminado correctamente
C:\Windows\System32\Tasks\easyxploreUpdateTaskUserS-1-5-21-2879044780-3802597080-1009392579-1001UA => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\easyxploreUpdateTaskUserS-1-5-21-2879044780-3802597080-1009392579-1001UA" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{802078DF-77A2-4FCF-B9CC-A27E7D6943C7}" => no encontrado
"C:\Windows\System32\Tasks\easyxplore_run" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\easyxplore_run" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4549C67B-6CB0-4027-8FEC-90B19E3EFA43}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4549C67B-6CB0-4027-8FEC-90B19E3EFA43}" => eliminado correctamente
C:\Windows\System32\Tasks\easyxplore_chk => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\easyxplore_chk" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{09A77250-1167-419F-9498-0D2362150A34}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09A77250-1167-419F-9498-0D2362150A34}" => eliminado correctamente
C:\Windows\System32\Tasks\Avast Software\Overseer => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software\Overseer" => eliminado correctamente
"C:\Program Files\Common Files\Avast Software" => no encontrado
"C:\Users\ADMIN\AppData\Local\Programs\easyxplore" => no encontrado
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => valor restaurado correctamente
HKU\S-1-5-21-2879044780-3802597080-1009392579-1001\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => valor restaurado correctamente
"HKU\S-1-5-21-2879044780-3802597080-1009392579-1001\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache" => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => valor restaurado correctamente
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => valor restaurado correctamente
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => eliminado correctamente
"HKU\S-1-5-21-2879044780-3802597080-1009392579-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => eliminado correctamente
HKU\S-1-5-21-2879044780-3802597080-1009392579-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => eliminado correctamente
"SAntivirusIC" => servicio fue desbloqueado. <==== ATENCI�N => Error: Ninguna corrección automática encontrada para esta entrada.
HKLM\System\CurrentControlSet\Services\SAntivirusIC => eliminado correctamente
SAntivirusIC => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\SAntivirusSvc => eliminado correctamente
SAntivirusSvc => servicio eliminado correctamente
"C:\Program Files (x86)\Digital Communications" => no encontrado
MBAMSwissArmy => servicio no encontrado.
HKLM\System\CurrentControlSet\Services\ObDrvMonPCRSrv => eliminado correctamente
ObDrvMonPCRSrv => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\SANTIVIRUSKD => eliminado correctamente
SANTIVIRUSKD => servicio eliminado correctamente
"C:\Program Files (x86)\Outbyte" => no encontrado
C:\Windows\system32\Drivers\EnigmaFileMonDriver.sys => movido correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft => movido correctamente
C:\Users\ADMIN\Downloads\SpyHunter-Installer.exe => movido correctamente
C:\sh5ldr => movido correctamente
C:\ProgramData\EnigmaSoft Limited => movido correctamente
C:\Program Files\EnigmaSoft => movido correctamente
C:\Users\ADMIN\AppData\Roaming\santivirusclient => movido correctamente
C:\Users\ADMIN\AppData\Local\chromium => movido correctamente
"C:\Windows\system32\Tasks\easyxplore_chk" => no encontrado
"C:\Windows\system32\Tasks\easyxplore_run" => no encontrado
C:\Users\ADMIN\AppData\Local\easyxplore => movido correctamente
C:\Program Files (x86)\Chromium => movido correctamente
"C:\Windows\system32\Tasks\easyxploreUpdateTaskUserS-1-5-21-2879044780-3802597080-1009392579-1001UA" => no encontrado
"C:\Windows\system32\Tasks\easyxploreUpdateTaskUserS-1-5-21-2879044780-3802597080-1009392579-1001Core" => no encontrado
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAntivirus => movido correctamente
C:\Program Files (x86)\easyxplore => movido correctamente
C:\ProgramData\SAntivirus => movido correctamente
C:\ProgramData\TEMP => ":5C321E34" ADS eliminado correctamente
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-2879044780-3802597080-1009392579-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-2879044780-3802597080-1009392579-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
========= Final de RemoveProxy: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= Final de CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
========= Final de CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
No se puede vaciar la cach‚ de resoluci¢n de DNS: Error de una funci¢n durante la ejecuci¢n.
========= Final de CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
Unable to connect to BITS - 0x8007042c
========= Final de CMD: =========
========= netsh advfirewall reset =========
Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est ejecutando e intente la solicitud de nuevo.
========= Final de CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est ejecutando e intente la solicitud de nuevo.
========= Final de CMD: =========
========= netsh int ipv4 reset =========
No hay valores configurados por el usuario para restablecer.
========= Final de CMD: =========Como va el pc ahora?
Va perfecto, ya no estan esos procesos que no podia cerrar en el admin de tareas.
Muchas gracias
Para eliminar las herramientas usadas en la desinfección, realizas:
-
Descargas y Ejecutas >> Delfix, en tu escritorio.
-
Doble clic para ejecutarlo.(Si usas Windows Vista/7 /8 /10,presiona clic derecho y selecciona >>;Ejecutar como Administrador.)
-
Marca solamente la casilla Remove Desinfection Tools
-
Pulsar en Run.
Se abrirá el informe (Delfix.txt), guárdalo por si fuera necesario y cierra la herramienta.
Si queda alguna herramienta, la desinstalas desde panel de Windows y aquellas que no estén listadas, se eliminan directamente.
Me alegro de haberte podido ayudar! 
TEMA SOLUCIONADO
Este tema se cerró automáticamente 2 días después de la última publicación. No se permiten nuevas respuestas.