Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x86) Versión: 08-03-2020
Ejecutado por Chisco (administrador) sobre CHISCO-PC (20-03-2020 13:53:45)
Ejecutado desde C:\Users\Chisco\Downloads
Perfiles cargados: Chisco (Perfiles disponibles: Chisco)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Idioma: Español (España, internacional)
Internet Explorer Versión 11 (Navegador predeterminado: Chrome)
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Cristi) [Archivo no firmado] C:\Program Files\Dual Monitor\DualMonitor.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome Remote Desktop\80.0.3987.18\remoting_host.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome Remote Desktop\80.0.3987.18\remoting_host.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Update\1.3.35.442\GoogleCrashHandler.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(NexusQA Pty Ltd -> NexusDB Pty Ltd) C:\gms\nexus\nxServer_Trial.exe
(NVIDIA Corporation -> Node.js) C:\Program Files\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Panda Security S.L -> Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security S.L -> Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe
(philandro Software GmbH -> ) C:\Program Files\AnyDesk\AnyDesk.exe
(philandro Software GmbH -> ) C:\Program Files\AnyDesk\AnyDesk.exe
(philandro Software GmbH -> ) C:\Program Files\AnyDesk\AnyDesk.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(The Firebird Project) [Archivo no firmado] C:\Program Files\Common Files\firebird\bin\fbguard.exe
(The Firebird Project) [Archivo no firmado] C:\Program Files\Common Files\firebird\bin\fbserver.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [PSUAMain] => C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe [109824 2016-08-05] (Panda Security S.L -> Panda Security, S.L.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [267576 2020-01-16] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3576664 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [43965064 2019-12-22] (Google LLC -> )
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-11-21] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\Run: [dualmonitor] => C:\Program Files\Dual Monitor\DualMonitor.exe [478720 2013-02-18] (Cristi) [Archivo no firmado]
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\MountPoints2: H - H:\Setup.exe -auto
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\MountPoints2: {c4888e49-527b-11e5-a4f9-00252239ad03} - H:\Setup.exe -auto
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\MountPoints2: {c4888e4c-527b-11e5-a4f9-00252239ad03} - H:\instapls.exe /AUTORUN
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\MountPoints2: {ef612835-5143-11e5-b00c-806e6f6e6963} - E:\DVDSetup.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-19] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2020-03-18]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {01FF42D6-531F-486A-850B-649C4AF71D7A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {0E64D64C-9CEC-46A8-9F57-88E2657ED84C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {12D5236C-66FD-4DE8-A1E5-2B775E6DA558} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} C:\Program Files\Windows Live\SOXE\wlsoxe.dll [192704 2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {191180EA-7E95-4C5D-8991-892033AE7131} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [282800 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {197D5D6A-4A54-445A-B942-3215BB8BD308} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater32.exe [554944 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1E6441F2-8675-4B08-BC08-CC55D4895FF5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {226821CF-0C10-42E4-B340-1607C4B5756F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-11-21] (Piriform Ltd -> Piriform Ltd)
Task: {254A565F-026A-4BF1-BCA4-570D6203D47E} - System32\Tasks\{B260C81F-2CED-4A0C-B41F-C8BD6644D364} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\iWebar\Uninstall.exe" -c /fcp=1
Task: {2927776E-0267-4C47-A5B6-E2A8CE87687C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2D383C52-36DF-4F92-8A39-F3161F0892A4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1051864 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {35E2C85B-BCA0-48FB-94E6-351B4A07D842} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [282800 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {44D64B91-C0B7-4461-ADF0-8A1D1F7D118D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-02] (Google Inc -> Google Inc.)
Task: {50AD2A7E-3CFF-42A0-AE8C-B16490D18494} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {52C329DF-00AF-4018-979F-06F0F27CA8B6} - System32\Tasks\{53ED4961-12A0-4D92-855B-2CC8CB1B895A} => C:\Windows\system32\pcalua.exe -a C:\Users\Chisco\AppData\Roaming\Easeware\DriverEasy\drivers\znk3jejw.4xl\nvusmb.exe -d C:\Users\Chisco\AppData\Roaming\Easeware\DriverEasy\drivers\znk3jejw.4xl
Task: {5888BCE1-CBE1-41BD-8F33-0980C26F5B05} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1410152 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {60D3BF2D-0C7B-43BC-A697-4E45F103FC95} - System32\Tasks\{EBFA842C-2DBC-4BAF-9A54-A8DC00470373} => C:\Windows\system32\pcalua.exe -a E:\DVDSetup.exe -d E:\
Task: {733D0B40-D3B5-4221-956F-E28B564B705A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {8C553A42-A47B-48FE-AC28-6CA202581F47} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {96C6DB91-A7B1-41A8-87C3-C2AB22862869} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater32.exe [554944 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9A531318-F848-4BA8-8D69-7FA8678EFBA5} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A3FAE56F-DCDA-4737-8CB2-0A3C68EE9360} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [1923584 2015-09-03] () [Archivo no firmado]
Task: {B4467F09-A46A-4851-93E6-80CEB703BD55} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {D355754B-E09A-45E7-902B-8F06F1C7A7B1} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [686592 2013-11-11] () [Archivo no firmado]
Task: {D6ABE2AE-7B5D-4D63-9BC4-1DFEB12AB0C7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-11] (Adobe Inc. -> Adobe)
Task: {DEAA5B67-34D8-484A-8E8A-64E8B25D7DC4} - System32\Tasks\{DA712A7B-E2CF-44F5-930F-715DE6EC62D3} => C:\Windows\system32\pcalua.exe -a "C:\Users\Chisco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NSRL36OY\JavaSetup8u131.exe" -d C:\Users\Chisco\Desktop
Task: {F41DBF28-D59B-449B-8020-A5F811477E2C} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FB00565A-2B04-434A-87AB-39DB67410A98} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-02] (Google Inc -> Google Inc.)
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Winsock: Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 80.58.61.254 80.58.61.250
Tcpip\..\Interfaces\{896A1512-5E58-416F-9558-9423ABCF0E5D}: [DhcpNameServer] 80.58.61.254 80.58.61.250
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130897574901708984&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.deporteadaptadocyl.org/
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.es/
hxxp://www.seg-social.es/wps/portal/wss/internet/Inicio
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3742766960-1559033760-2549734497-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll [2020-02-03] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-02-03] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3742766960-1559033760-2549734497-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: sagetp - {EB0D4937-D3F4-4CEC-9EB4-2B9DAA1676EC} - C:\GrupoSP\NOM2012\Contrata\SageProtocol.dll [2012-09-25] (SAGE SP) [Archivo no firmado]
FireFox:
========
FF DefaultProfile: jjafp8lg.default
FF ProfilePath: C:\Users\Chisco\AppData\Roaming\Mozilla\Firefox\Profiles\jjafp8lg.default [2020-03-20]
FF Extension: (Tab Reloader (page auto refresh)) - C:\Users\Chisco\AppData\Roaming\Mozilla\Firefox\Profiles\jjafp8lg.default\Extensions\[email protected] [2020-03-20]
FF Extension: (Mega.nz Button) - C:\Users\Chisco\AppData\Roaming\Mozilla\Firefox\Profiles\jjafp8lg.default\Extensions\[email protected] [2017-08-11] [Heredado]
FF Extension: (Google Translator for Firefox) - C:\Users\Chisco\AppData\Roaming\Mozilla\Firefox\Profiles\jjafp8lg.default\Extensions\[email protected] [2019-03-04]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-03-05]
FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-02-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-02-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default [2020-03-20]
CHR Notifications: Default -> hxxps://ntrasenioraconsolacion-am-valladolid.educamos.com
CHR HomePage: Default -> hxxps://www.google.es/
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.google.es/"
CHR Extension: (Presentaciones) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-17]
CHR Extension: (Documentos) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-17]
CHR Extension: (Google Drive) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Búsqueda de Google) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Hojas de cálculo) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-17]
CHR Extension: (Escritorio Remoto de Chrome) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-07-19]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-10]
CHR Extension: (Cisco Webex Extension) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2019-07-11]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-04-20]
CHR Extension: (LINE) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\menkifleemblimdogmoihpfopnplikde [2019-07-22]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Amigos Vigo) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnimalgojidacpollieoiidgjjmijnba [2019-08-09]
CHR Extension: (LINE) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\ophjlpahpchlmihnnnihgmmeilfjmjjc [2020-03-16]
CHR Extension: (Gmail) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-20]
CHR Profile: C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-20]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo]
CHR HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S4 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [88648 2020-02-25] (Adobe Inc. -> Adobe Systems)
R2 AGMService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AnyDesk; C:\Program Files\AnyDesk\AnyDesk.exe [3025872 2019-11-29] (philandro Software GmbH -> )
R2 chromoting; C:\Program Files\Google\Chrome Remote Desktop\80.0.3987.18\remoting_host.exe [73200 2019-12-17] (Google LLC -> Google Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1034584 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
R2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [9412320 2020-03-19] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 FirebirdGuardianDefaultInstance; C:\Program Files\Common Files\firebird\bin\fbguard.exe [65536 2004-12-13] (The Firebird Project) [Archivo no firmado]
R3 FirebirdServerDefaultInstance; C:\Program Files\Common Files\firebird\bin\fbserver.exe [1527893 2004-12-13] (The Firebird Project) [Archivo no firmado]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5073376 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
R2 NanoServiceMain; C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe [153096 2016-08-05] (Panda Security S.L -> Panda Security, S.L.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NXDBServerV4; C:\gms\nexus\nxServer_Trial.exe [12866952 2016-05-06] (NexusQA Pty Ltd -> NexusDB Pty Ltd)
R2 PandaAgent; C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe [84176 2019-02-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSUAService; C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe [47096 2017-04-26] (Panda Security S.L. -> Panda Security, S.L.)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [685568 2013-11-11] () [Archivo no firmado]
R2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [419040 2020-03-19] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36496 2016-10-20] (VIA Technologies Inc. -> VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [1713904 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugin"
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [25016 2015-09-02] (Disc Soft Ltd -> Disc Soft Ltd)
R3 EnigmaFileMonDriver; C:\Windows\System32\drivers\EnigmaFileMonDriver.sys [60232 2020-03-20] (EnigmaSoft Limited -> EnigmaSoft Limited)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [129248 2018-12-04] (Malwarebytes Corporation -> Malwarebytes)
R1 googledrivefs2985; C:\Windows\System32\DRIVERS\googledrivefs2985.sys [94504 2020-03-05] (Google LLC -> Google, Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [172280 2020-03-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [106144 2020-03-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [63760 2020-03-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [230120 2020-03-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [83648 2020-03-20] (Malwarebytes Corporation -> Malwarebytes)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [87032 2015-12-04] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [202104 2015-12-04] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [109688 2015-12-04] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [121720 2015-12-04] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [42256 2015-04-27] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [102392 2015-12-04] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [72400 2016-03-14] (Panda Security S.L -> Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [120568 2015-12-04] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [281720 2015-12-04] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [216208 2016-02-17] (Panda Security S.L -> Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [108408 2015-12-04] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [247568 2016-02-17] (Panda Security S.L -> Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [94968 2015-12-04] (Panda Security S.L. -> Panda Security, S.L.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28608 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [53616 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [51136 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [147728 2016-08-05] (Panda Security S.L -> Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [111376 2016-08-05] (Panda Security S.L -> Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [177240 2018-03-08] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [121616 2016-08-05] (Panda Security S.L -> Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132880 2016-08-05] (Panda Security S.L -> Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2016-08-05] (Panda Security S.L -> Panda Security, S.L.)
U3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [58288 2016-08-08] (Panda Security S.L -> Panda Security, S.L.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [15688 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10320 2013-09-30] (MiniTool Solution Ltd -> )
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [11232 2019-07-03] (SlimWare Utilities Inc. -> )
S3 tpg86win7; C:\Windows\System32\DRIVERS\tpg86win7.sys [491112 2012-02-22] (Realtek Semiconductor Corp -> TP-LINK TECHNOLOGIES CO., LTD)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [575696 2016-10-20] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 vncmirror; C:\Windows\System32\DRIVERS\vncmirror.sys [4608 2018-07-02] (Microsoft Windows Hardware Compatibility Publisher -> RealVNC Ltd.)
S3 eapihdrv; \??\C:\Users\Chisco\AppData\Local\Temp\ehdrv.sys [X] <==== ATENCIÓN
S3 NTIOLib_1_0_C; \??\E:\NTIOLib.sys [X]
S2 sbmntr; \??\C:\PROGRA~1\YTDOWN~1\sbmntr.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) ===================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-03-20 13:53 - 2020-03-20 13:55 - 000035056 _____ C:\Users\Chisco\Downloads\FRST.txt
2020-03-20 13:51 - 2020-03-20 13:54 - 000000000 ____D C:\FRST
2020-03-20 13:51 - 2020-03-20 13:51 - 002007552 _____ (Farbar) C:\Users\Chisco\Downloads\FRST.exe
2020-03-20 12:52 - 2020-03-20 12:52 - 000890472 _____ C:\Users\Chisco\Desktop\cc_20200320_125157.reg
2020-03-20 12:45 - 2020-03-20 12:45 - 000000000 ____D C:\Users\Chisco\AppData\Local\mbam
2020-03-20 12:44 - 2020-03-20 13:47 - 000083648 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2020-03-20 12:44 - 2020-03-20 12:44 - 000230120 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-03-20 12:44 - 2020-03-20 12:44 - 000172280 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-03-20 12:44 - 2020-03-20 12:44 - 000106144 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2020-03-20 12:44 - 2020-03-20 12:44 - 000063760 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2020-03-20 12:44 - 2020-03-20 12:44 - 000002024 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-03-20 12:44 - 2020-03-20 12:44 - 000002024 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-03-20 12:44 - 2020-03-20 12:44 - 000000000 ____D C:\Users\Chisco\AppData\Local\mbamtray
2020-03-20 12:44 - 2020-03-20 12:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-03-20 12:44 - 2018-12-04 08:09 - 000129248 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2020-03-20 12:43 - 2020-03-20 12:43 - 000000000 ____D C:\ProgramData\MB2Migration
2020-03-20 12:43 - 2020-03-20 12:43 - 000000000 ____D C:\Program Files\Malwarebytes
2020-03-20 11:31 - 2016-08-08 10:00 - 000058288 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2020-03-20 09:53 - 2020-03-20 09:53 - 127229528 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2020-03-20 09:51 - 2015-12-16 19:43 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2020-03-20 09:51 - 2015-12-16 19:43 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2020-03-20 09:51 - 2015-12-16 19:43 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2020-03-20 08:14 - 2020-03-20 09:29 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-03-19 13:15 - 2020-03-20 11:32 - 000060232 _____ (EnigmaSoft Limited) C:\Windows\system32\Drivers\EnigmaFileMonDriver.sys
2020-03-19 13:13 - 2020-03-19 13:13 - 000001167 _____ C:\Users\Public\Desktop\SpyHunter5.lnk
2020-03-19 13:13 - 2020-03-19 13:13 - 000001167 _____ C:\ProgramData\Desktop\SpyHunter5.lnk
2020-03-19 13:13 - 2020-03-19 13:13 - 000000000 ____D C:\sh5ldr
2020-03-19 13:13 - 2020-03-19 13:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2020-03-19 13:13 - 2020-03-19 13:13 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2020-03-19 13:12 - 2020-03-19 13:12 - 000000000 ____D C:\Program Files\EnigmaSoft
2020-03-19 13:11 - 2020-03-19 13:12 - 006455520 _____ (EnigmaSoft Limited) C:\Users\Chisco\Downloads\SpyHunter-Installer.exe
2020-03-18 16:11 - 2020-03-18 17:47 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2020-03-18 16:11 - 2020-03-18 17:47 - 000002007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2020-03-18 16:11 - 2020-03-18 16:11 - 000001984 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2020-03-18 16:11 - 2020-03-18 16:11 - 000001984 _____ C:\ProgramData\Desktop\Adobe Acrobat DC.lnk
2020-03-18 15:18 - 2020-03-18 15:19 - 022195736 _____ (Piriform Software Ltd) C:\Users\Chisco\Downloads\ccsetup564.exe
2020-03-18 08:40 - 2020-03-18 08:40 - 000000000 ____D C:\Users\Chisco\Desktop\colocar
2020-03-17 08:40 - 2020-03-18 13:47 - 000001741 _____ C:\Users\Public\Desktop\iTunes.lnk
2020-03-17 08:40 - 2020-03-18 13:47 - 000001741 _____ C:\ProgramData\Desktop\iTunes.lnk
2020-03-17 08:40 - 2020-03-17 08:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2020-03-17 08:40 - 2020-03-17 08:40 - 000000000 ____D C:\Program Files\iPod
2020-03-17 08:39 - 2020-03-17 08:40 - 000000000 ____D C:\Program Files\iTunes
2020-03-16 10:18 - 2020-03-18 16:08 - 000000000 ____D C:\Users\Chisco\Desktop\Cuarentena fedeacyl
2020-03-13 13:57 - 2020-03-13 13:57 - 000034206 _____ C:\Users\Chisco\Downloads\LlistatExcel (25).xls
2020-03-13 11:46 - 2020-03-13 11:46 - 008092288 _____ (Tim Kosse) C:\Users\Chisco\Downloads\FileZilla_3.47.2.1_win32-setup.exe
2020-03-13 09:19 - 2020-03-13 09:20 - 000014753 _____ C:\Users\Chisco\Downloads\SEPA 34-14 (XML)-Remesa 13-03-2020.xml
2020-03-13 08:28 - 2020-03-13 08:28 - 000119843 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (45).pdf
2020-03-13 08:00 - 2020-03-13 08:00 - 000152095 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (43).pdf
2020-03-13 08:00 - 2020-03-13 08:00 - 000119473 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (44).pdf
2020-03-13 08:00 - 2020-03-13 08:00 - 000002214 _____ C:\Users\Chisco\Downloads\7130_0001873995_12032020.n43
2020-03-11 14:45 - 2020-03-05 14:34 - 000094504 _____ (Google, Inc.) C:\Windows\system32\Drivers\googledrivefs2985.sys
2020-03-11 10:24 - 2020-03-11 10:24 - 000152106 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (42).pdf
2020-03-11 10:24 - 2020-03-11 10:24 - 000119843 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (41).pdf
2020-03-11 10:06 - 2020-03-11 10:06 - 000092985 _____ C:\Users\Chisco\Downloads\04-03-2020_FACTURA_TA6BV0088975.pdf
2020-03-11 08:41 - 2020-03-11 08:41 - 000001620 _____ C:\Users\Chisco\Downloads\LlistatExcel (24).xls
2020-03-11 08:38 - 2020-03-11 08:38 - 000001688 _____ C:\Users\Chisco\Downloads\LlistatExcel (23).xls
2020-03-11 08:36 - 2020-03-11 08:36 - 000001754 _____ C:\Users\Chisco\Downloads\LlistatExcel (22).xls
2020-03-11 08:25 - 2020-03-11 08:25 - 000005400 _____ C:\Users\Chisco\Downloads\LlistatExcel (21).xls
2020-03-11 08:16 - 2020-03-11 08:16 - 000119459 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (40).pdf
2020-03-11 08:09 - 2020-03-11 08:09 - 000197410 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (39).pdf
2020-03-11 08:09 - 2020-03-11 08:09 - 000152149 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (34).pdf
2020-03-11 08:09 - 2020-03-11 08:09 - 000152146 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (35).pdf
2020-03-11 08:09 - 2020-03-11 08:09 - 000152145 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (37).pdf
2020-03-11 08:09 - 2020-03-11 08:09 - 000152138 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (36).pdf
2020-03-11 08:09 - 2020-03-11 08:09 - 000119818 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (38).pdf
2020-03-11 08:09 - 2020-03-11 08:09 - 000004428 _____ C:\Users\Chisco\Downloads\7130_0001873995_10032020.n43
2020-03-10 13:43 - 2020-03-10 13:43 - 000052116 _____ C:\Users\Chisco\Downloads\SEPA 19-14 COR1 (XML)-Remesa Marzo 2020.xml
2020-03-09 07:42 - 2020-03-09 07:42 - 000046372 _____ C:\Users\Chisco\Downloads\LlistatExcel (20).xls
2020-03-06 19:40 - 2020-03-06 19:40 - 000021869 _____ C:\Users\Chisco\Downloads\LlistatExcel (19).xls
2020-03-06 10:45 - 2020-03-06 10:45 - 000004805 _____ C:\Users\Chisco\Downloads\LlistatExcel (18).xls
2020-03-05 23:11 - 2020-03-05 23:11 - 000059344 _____ (Adobe Systems Inc) C:\Windows\system32\AdobePDF.dll
2020-03-05 23:11 - 2020-03-05 23:11 - 000034768 _____ (Adobe Systems Inc.) C:\Windows\system32\AdobePDFUI.dll
2020-03-04 12:44 - 2020-03-04 12:44 - 000002603 _____ C:\Users\Chisco\Downloads\LlistatExcel (17).xls
2020-03-04 11:06 - 2020-03-04 11:06 - 000011398 _____ C:\Users\Chisco\Downloads\7130_0001873995_03032020.n43
2020-03-04 11:04 - 2020-03-04 11:04 - 000152138 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (30).pdf
2020-03-04 11:04 - 2020-03-04 11:04 - 000152127 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (31).pdf
2020-03-04 11:04 - 2020-03-04 11:04 - 000152110 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (32).pdf
2020-03-04 11:04 - 2020-03-04 11:04 - 000152085 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (33).pdf
2020-03-04 11:04 - 2020-03-04 11:04 - 000119949 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (29).pdf
2020-03-04 11:04 - 2020-03-04 11:04 - 000119936 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (27).pdf
2020-03-04 11:04 - 2020-03-04 11:04 - 000119935 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (25).pdf
2020-03-04 11:04 - 2020-03-04 11:04 - 000119921 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (28).pdf
2020-03-04 11:04 - 2020-03-04 11:04 - 000119921 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (22).pdf
2020-03-04 11:04 - 2020-03-04 11:04 - 000119917 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (21).pdf
2020-03-04 11:04 - 2020-03-04 11:04 - 000119905 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (26).pdf
2020-03-04 11:04 - 2020-03-04 11:04 - 000119903 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (23).pdf
2020-03-04 11:04 - 2020-03-04 11:04 - 000119899 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (24).pdf
2020-03-04 11:03 - 2020-03-04 11:03 - 000152136 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (15).pdf
2020-03-04 11:03 - 2020-03-04 11:03 - 000119949 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (19).pdf
2020-03-04 11:03 - 2020-03-04 11:03 - 000119928 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (20).pdf
2020-03-04 11:03 - 2020-03-04 11:03 - 000119924 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (17).pdf
2020-03-04 11:03 - 2020-03-04 11:03 - 000119919 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (16).pdf
2020-03-04 11:03 - 2020-03-04 11:03 - 000119918 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (18).pdf
2020-03-04 09:55 - 2020-03-04 09:55 - 000165266 _____ C:\Users\Chisco\Downloads\20-602 Convocatoria cerrada Curso de Entrenadores de Goalball- Barcelona.pdf
2020-03-02 14:12 - 2020-03-02 14:12 - 000217172 _____ C:\Users\Chisco\Downloads\20-056 Convocatoria cerrada 1o Campeonato Internacional Judo- Tblisi -Georgia.pdf
2020-03-02 09:30 - 2020-03-02 09:30 - 000008803 _____ C:\Users\Chisco\Desktop\Licencias Mujeres 19-20.xlsx
2020-03-02 09:30 - 2020-03-02 09:30 - 000000165 ____H C:\Users\Chisco\Desktop\~$Licencias Mujeres 19-20.xlsx
2020-03-02 08:41 - 2020-03-02 08:41 - 000696409 _____ C:\Users\Chisco\Downloads\INDEFINIDOFEBRERO OK 2020 2 (3).pdf
2020-03-02 08:31 - 2020-03-02 08:31 - 000696409 _____ C:\Users\Chisco\Downloads\INDEFINIDOFEBRERO OK 2020 2 (2).pdf
2020-03-02 08:31 - 2020-03-02 08:31 - 000696409 _____ C:\Users\Chisco\Downloads\INDEFINIDOFEBRERO OK 2020 2 (1).pdf
2020-03-02 08:31 - 2020-03-02 08:31 - 000122683 _____ C:\Users\Chisco\Downloads\Mod._191. Enero2020.pdf
2020-03-02 08:22 - 2020-03-02 08:22 - 000696409 _____ C:\Users\Chisco\Downloads\INDEFINIDOFEBRERO OK 2020 2.pdf
2020-02-28 10:34 - 2020-02-28 10:34 - 000016396 _____ C:\Users\Chisco\Downloads\LlistatExcel (16).xls
2020-02-28 10:21 - 2020-02-28 10:21 - 000006526 _____ C:\Users\Chisco\Downloads\Mod347_2019_FEDEACYL.txt
2020-02-28 08:54 - 2020-02-28 08:54 - 002070529 _____ C:\Users\Chisco\Downloads\Helveticas.zip
2020-02-28 08:53 - 2020-02-28 08:53 - 004538748 _____ C:\Users\Chisco\Downloads\Helvetica.rar
2020-02-28 08:40 - 2020-02-28 08:41 - 000233670 _____ C:\Users\Chisco\Downloads\helveticaneue.zip
2020-02-28 08:36 - 2020-02-28 08:36 - 000003607 _____ C:\Users\Chisco\Downloads\Balance de Situación (Abreviado).pdf
2020-02-28 08:35 - 2020-02-28 08:35 - 000006998 _____ C:\Users\Chisco\Downloads\Cuenta de explotación (4).pdf
2020-02-28 08:25 - 2020-02-28 08:25 - 000119498 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (13).pdf
2020-02-28 08:25 - 2020-02-28 08:25 - 000119498 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (12).pdf
2020-02-28 08:25 - 2020-02-28 08:25 - 000119459 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (14).pdf
2020-02-28 08:24 - 2020-02-28 08:24 - 000007544 _____ C:\Users\Chisco\Downloads\7130_0001873995_27022020.n43
2020-02-28 08:23 - 2020-02-28 08:23 - 000152124 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (10).pdf
2020-02-28 08:23 - 2020-02-28 08:23 - 000119995 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (7).pdf
2020-02-28 08:23 - 2020-02-28 08:23 - 000119933 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (9).pdf
2020-02-28 08:23 - 2020-02-28 08:23 - 000119927 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (6).pdf
2020-02-28 08:23 - 2020-02-28 08:23 - 000119923 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (8).pdf
2020-02-28 08:23 - 2020-02-28 08:23 - 000119843 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (11).pdf
2020-02-28 08:20 - 2020-02-28 08:20 - 000009515 _____ C:\Users\Chisco\Downloads\SEPA 34-14