Hola, acá van los informes solicitados…
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 4/4/19
Hora del análisis: 18:11
Archivo de registro: 3eec39e0-571e-11e9-82af-4c8093870621.json
-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.563
Versión del paquete de actualización: 1.0.10006
Licencia: Prueba
-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: PSOTO-PC\PSOTO
-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 492482
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 1 hr, 8 min, 2 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 0
(No hay elementos maliciosos detectados)
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 0
(No hay elementos maliciosos detectados)
Archivo: 0
(No hay elementos maliciosos detectados)
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-03.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 04-04-2019
# Duration: 00:00:33
# OS: Windows 7 Professional
# Scanned: 27198
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
AdwCleaner[S00].txt - [2240 octets] - [04/09/2018 19:16:03]
AdwCleaner[C00].txt - [2206 octets] - [04/09/2018 19:16:29]
AdwCleaner[S01].txt - [1681 octets] - [10/11/2018 12:13:24]
AdwCleaner[C01].txt - [1791 octets] - [10/11/2018 13:03:32]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Professional x64
Ran by PSOTO (Limited) on 04/04/2019 at 19:30:35.80
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 18
Successfully deleted: C:\Users\PSOTO\AppData\Local\{35EDF204-8450-497B-9AFA-39A6B3B6D46E} (Empty Folder)
Successfully deleted: C:\Windows\wininit.ini (File)
Successfully deleted: C:\Users\PSOTO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6HLA41RC (Temporary Internet Files Folder)
Successfully deleted: C:\Users\PSOTO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9G0ANCR7 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\PSOTO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C2CXGXAV (Temporary Internet Files Folder)
Successfully deleted: C:\Users\PSOTO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DWICA0K7 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\PSOTO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I18Y7OQH (Temporary Internet Files Folder)
Successfully deleted: C:\Users\PSOTO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LNTXHMEV (Temporary Internet Files Folder)
Successfully deleted: C:\Users\PSOTO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VZX97GY4 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\PSOTO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XMY72112 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6HLA41RC (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9G0ANCR7 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C2CXGXAV (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DWICA0K7 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I18Y7OQH (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LNTXHMEV (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VZX97GY4 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XMY72112 (Temporary Internet Files Folder)
Registry: 2
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04/04/2019 at 19:36:59.56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by PSOTO (administrator) on PSOTO-PC (04-04-2019 19:38:28)
Running from C:\Users\PSOTO\Desktop
Loaded Profiles: PSOTO & Gracielita & PGL & Invitado (Available Profiles: PSOTO & Gracielita & PGL & Invitado)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Validity Sensors, Inc -> Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Intel Corporation - Mobile Wireless Group -> Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel Corporation - Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(EASY SOLUTIONS, INC. -> Easy Solutions) C:\ProgramData\EasySolutions\DetectUpdate\DetectUpdate.exe
(EASY SOLUTIONS, INC. -> Easy Solutions Inc.) C:\Program Files (x86)\EasySolutions\Detect Safe Browsing\DSBServiceManager.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Freemake) [File not signed] C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SOSQL2012\MSSQL\Binn\sqlservr.exe
(PACE Anti-Piracy, Inc.) [File not signed] C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation - Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel(R) Software -> Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(EASY SOLUTIONS, INC. -> Easy Solutions Inc.) C:\Program Files (x86)\EasySolutions\Detect Safe Browsing\dsb.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [727664 2010-10-01] (STMicroelectronics -> )
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-879520919-2892092765-2935881487-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46504696 2018-12-07] (Google Inc -> )
HKU\S-1-5-21-879520919-2892092765-2935881487-1000\...\Run: [kksPgo7p] => C:\Users\Public\ZJV3M5T4Y7DWJM4\848U34FCQKJGNL1.exe [400872 2018-11-12] (VMware, Inc. -> VMware, Inc.)
HKU\S-1-5-21-879520919-2892092765-2935881487-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [7388488 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKU\S-1-5-21-879520919-2892092765-2935881487-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-879520919-2892092765-2935881487-1000\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-879520919-2892092765-2935881487-1000\...\MountPoints2: {69c1d309-0703-11e8-8cb5-848f69c33c11} - »ªÎªÊÖ»úÖúÊÖ°²×°Ïòµ¼.exe
HKU\S-1-5-21-879520919-2892092765-2935881487-1000\...\MountPoints2: {c1680323-d141-11e7-b109-848f69c33c11} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-879520919-2892092765-2935881487-1005\...\Run: [EPSON TX115 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFBB.EXE [223232 2008-09-26] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-879520919-2892092765-2935881487-1005\...\Run: [EPSON TX115 Series (Copiar 1)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFBB.EXE [223232 2008-09-26] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-879520919-2892092765-2935881487-1005\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46504696 2018-12-07] (Google Inc -> )
HKU\S-1-5-21-879520919-2892092765-2935881487-1005\...\MountPoints2: {69c1d309-0703-11e8-8cb5-848f69c33c11} - »ªÎªÊÖ»úÖúÊÖ°²×°Ïòµ¼.exe
HKU\S-1-5-21-879520919-2892092765-2935881487-501\...\Run: [EPSON TX115 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFBB.EXE [223232 2008-09-26] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-879520919-2892092765-2935881487-501\...\MountPoints2: E - »ªÎªÊÖ»úÖúÊÖ°²×°Ïòµ¼.exe
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [180224 2009-06-07] () [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2009-09-15] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.75\Installer\chrmstp.exe [2019-03-12] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{2A16DF2F-490B-4F2B-8C68-21EF46FCCC37}] -> C:\Windows\system32\dpcrprov.dll [2010-12-29] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{3ADC7042-51AF-4D0F-BD1D-4D6965A77323}] -> C:\Windows\system32\dpcrprov.dll [2010-12-29] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{4C0F0D42-DA2D-45da-85BC-B7A1AB53BF65}] -> C:\Windows\system32\dpcrprov.dll [2010-12-29] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{57E84B57-5533-4624-AB49-E29C8C5489D6}] -> C:\Windows\system32\dpcrprov.dll [2010-12-29] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{70099717-17C8-4BD0-B3D4-FAF721AB1A62}] -> C:\Windows\system32\dpcrprov.dll [2010-12-29] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{FD2AB138-F9A8-4ab6-9095-EEE7AF8B6C28}] -> C:\Windows\system32\dpcrprov.dll [2010-12-29] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
IFEO\cliconfg.exe: [VerifierDlls] Hibiki.dll
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\Gracielita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor de la tecnología Intel® Turbo Boost 2.0.lnk [2012-01-14]
ShortcutTarget: Monitor de la tecnología Intel® Turbo Boost 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel(R) Software -> Intel® Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [S-1-5-21-879520919-2892092765-2935881487-1000] => Proxy is enabled.
Tcpip\Parameters: [DhcpNameServer] 190.54.110.23 190.54.120.23
Tcpip\..\Interfaces\{071A8EC4-8E20-40F7-AD57-0731EE8FA6AD}: [DhcpNameServer] 190.54.110.23 190.54.120.23
Tcpip\..\Interfaces\{C5EBA788-D7A7-40F5-BEF1-39E004551A9F}: [DhcpNameServer] 190.54.110.23 190.54.120.23
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.infospyware.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-879520919-2892092765-2935881487-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-879520919-2892092765-2935881487-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.cl/
HKU\S-1-5-21-879520919-2892092765-2935881487-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-cl/?ocid=iehp
HKU\S-1-5-21-879520919-2892092765-2935881487-501\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-cl/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-07-05] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-07-05] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-879520919-2892092765-2935881487-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - No File
FireFox:
========
FF ProfilePath: C:\Users\PSOTO\AppData\Roaming\Mozilla\Firefox\Profiles\c5d3jvrv.default-1458685330127 [2019-04-04]
FF Homepage: Mozilla\Firefox\Profiles\c5d3jvrv.default-1458685330127 -> hxxps://www.malwarebytes.org/restorebrowser//general/newhometab.php?hometab=home&partner=14105&guid={AC10B31F-938F-4AF5-AF9E-9F69795AA977}&i=
FF Extension: (Avira Browser Safety) - C:\Users\PSOTO\AppData\Roaming\Mozilla\Firefox\Profiles\c5d3jvrv.default-1458685330127\Extensions\[email protected] [2017-11-08] [hxxps://download.avira.com/package/absnooffers/firefox/update_webext_no_offers.rdf]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2016-04-17] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\FirefoxExtension => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
FF Extension: (Extensión de DigitalPersona) - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2012-01-14] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-03-03] (Adobe Systems Incorporated -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-03-03] (Adobe Systems Incorporated -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-07-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-07-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc -> Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-879520919-2892092765-2935881487-1000: @citrixonline.com/appdetectorplugin -> C:\Users\PSOTO\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-04-06] (Citrix Online -> Citrix Online)
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxps://www.google.cl/
CHR StartupUrls: ChromeDefaultData -> "hxxps://www.google.cl/"
CHR Profile: C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2019-04-04] <==== ATTENTION
CHR Extension: (Google Drive) - C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-30]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-30]
CHR Extension: (Chrome Media Router) - C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-13]
CHR Profile: C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\Default [2019-04-04]
CHR Extension: (Presentaciones de Google) - C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-27]
CHR Extension: (Google Docs) - C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-27]
CHR Extension: (Google Drive) - C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-27]
CHR Extension: (YouTube) - C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-27]
CHR Extension: (Hojas de cálculo de Google) - C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-27]
CHR Extension: (Autocomplete on) - C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdhbgagnmhdafendedikgjimegoipbnk [2016-04-04]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-27]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-03-31]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Gmail) - C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-27]
CHR Extension: (Chrome Media Router) - C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-16]
CHR Profile: C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-04-04]
CHR Extension: (Presentaciones) - C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-25]
CHR Extension: (Documentos) - C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-25]
CHR Extension: (Google Drive) - C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-25]
CHR Extension: (YouTube) - C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-25]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-03-25]
CHR Extension: (Hojas de cálculo) - C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-25]
CHR Extension: (Avira Navegación segura) - C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-03-25]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-25]
CHR Extension: (Avast Online Security) - C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-03-25]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-03-25]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-03-25]
CHR Extension: (Gmail) - C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-25]
CHR Extension: (Chrome Media Router) - C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-25]
CHR Profile: C:\Users\PSOTO\AppData\Local\Google\Chrome\User Data\System Profile [2019-04-04]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-879520919-2892092765-2935881487-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-879520919-2892092765-2935881487-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6758976 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357304 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R2 DetectUpdate; C:\ProgramData\EasySolutions\DetectUpdate\DetectUpdate.exe [536080 2018-04-04] (EASY SOLUTIONS, INC. -> Easy Solutions)
S2 DSBProxy; C:\Program Files (x86)\EasySolutions\Detect Safe Browsing\DSBPRoxy.exe [3770064 2016-02-12] (EASY SOLUTIONS, INC. -> EasySol)
R2 DSBServiceManager; C:\Program Files (x86)\EasySolutions\Detect Safe Browsing\DSBServiceManager.exe [287440 2016-02-12] (EASY SOLUTIONS, INC. -> Easy Solutions Inc.)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2016-08-01] (Freemake) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 MSSQL$SOSQL2012; c:\Program Files\Microsoft SQL Server\MSSQL11.SOSQL2012\MSSQL\Binn\sqlservr.exe [191064 2012-02-11] (Microsoft Corporation -> Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-09-15] (Intel Corporation - Mobile Wireless Group -> )
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 PaceLicenseDServices; C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2938880 2012-05-18] (PACE Anti-Piracy, Inc.) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S4 SQLAgent$SOSQL2012; c:\Program Files\Microsoft SQL Server\MSSQL11.SOSQL2012\MSSQL\Binn\SQLAGENT.EXE [597080 2012-02-11] (Microsoft Corporation -> Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer -> TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Acceler; C:\Windows\System32\DRIVERS\Accelern.sys [27760 2010-09-29] (STMicroelectronics -> ST Microelectronics)
R3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [299008 2011-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\Windows\System32\DRIVERS\amppal.sys [299008 2011-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37320 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205608 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [254408 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196304 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320904 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58168 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [249152 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42496 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [169104 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88152 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034640 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [476256 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [220632 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380160 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [51712 2011-05-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [53760 2011-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [288768 2011-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 CtClsFlt; C:\Windows\System32\DRIVERS\CtClsFlt.sys [176096 2011-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
R1 dsbwncf; C:\Windows\System32\drivers\dsbwnc.sys [65040 2016-02-12] (EASY SOLUTIONS, INC. -> Easy Solutions Inc.)
R1 dsbwncfk; C:\Windows\System32\drivers\dsbwnck.sys [33808 2016-02-12] (EASY SOLUTIONS, INC. -> )
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-11-01] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-11-01] (Disc Soft Ltd -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R3 iBtFltCoex; C:\Windows\System32\DRIVERS\iBtFltCoex.sys [59904 2011-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [12287456 2011-07-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 Impcd; C:\Windows\system32\drivers\Impcd.sys [158976 2010-02-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 intaud_WaveExtensible; C:\Windows\System32\drivers\intelaud.sys [34200 2011-05-17] (Wireless Display -> Intel Corporation)
R3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [317440 2010-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel(R) Corporation)
R3 iwdbus; C:\Windows\System32\DRIVERS\iwdbus.sys [25496 2011-05-17] (Wireless Display -> Intel Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2019-04-04] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [127136 2019-04-04] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73912 2019-04-04] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-04-04] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [104784 2019-04-04] (Malwarebytes Corporation -> Malwarebytes)
S3 NETwNs64; C:\Windows\System32\DRIVERS\NETwNs64.sys [8604672 2011-09-18] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [82432 2011-02-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [181760 2011-02-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
S4 RsFx0200; C:\Windows\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation -> Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2017-11-01] () [File not signed]
R0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [21616 2010-08-20] (STMicroelectronics -> ST Microelectronics)
S3 andnetadb; System32\Drivers\lgandnetadb.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
S3 NAVENG; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\22.7.1.32\Definitions\SDSDefs\20170406.003\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\22.7.1.32\Definitions\SDSDefs\20170406.003\EX64.SYS [X]
S3 NPF; system32\drivers\NPF.sys [X]
S3 RTL8187; system32\DRIVERS\rtl8187.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-04 19:38 - 2019-04-04 19:40 - 000034879 _____ C:\Users\PSOTO\Desktop\FRST.txt
2019-04-04 19:38 - 2019-04-04 19:38 - 000000000 ____D C:\FRST
2019-04-04 19:36 - 2019-04-04 19:37 - 000003609 _____ C:\Users\PSOTO\Desktop\JRT.txt
2019-04-04 19:30 - 2019-04-04 19:30 - 000001501 _____ C:\Users\PSOTO\Desktop\AdwCleaner[S02].txt
2019-04-04 19:26 - 2019-04-04 19:26 - 000001542 _____ C:\Users\PSOTO\Desktop\informe MBAM.txt
2019-04-04 18:09 - 2019-04-04 18:09 - 000004150 _____ C:\Users\PSOTO\Documents\cc_20190404_180935.reg
2019-04-04 18:03 - 2019-04-04 18:03 - 000073912 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-04-04 18:02 - 2019-04-04 18:02 - 000274416 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-04-04 18:02 - 2019-04-04 18:02 - 000198512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-04-04 18:02 - 2019-04-04 18:02 - 000127136 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-04-04 18:02 - 2019-04-04 18:02 - 000104784 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-04-04 18:02 - 2019-04-04 18:02 - 000001869 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-04-04 18:02 - 2019-04-04 18:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-04 18:02 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-04-04 18:01 - 2019-04-04 18:01 - 000000824 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-04-04 18:01 - 2019-04-04 18:01 - 000000300 ____H C:\Windows\Tasks\CCleaner Update.job
2019-04-04 18:01 - 2019-04-04 18:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-04-04 18:01 - 2019-04-04 18:01 - 000000000 ____D C:\Program Files\CCleaner
2019-04-04 17:58 - 2019-04-04 17:58 - 002434048 _____ (Farbar) C:\Users\PSOTO\Downloads\FRST64.exe
2019-04-04 17:58 - 2019-04-04 17:58 - 002434048 _____ (Farbar) C:\Users\PSOTO\Desktop\FRST64.exe
2019-04-04 17:57 - 2019-04-04 17:57 - 007025360 _____ (Malwarebytes) C:\Users\PSOTO\Downloads\adwcleaner_7.3.exe
2019-04-04 17:57 - 2019-04-04 17:57 - 007025360 _____ (Malwarebytes) C:\Users\PSOTO\Desktop\adwcleaner_7.3.exe
2019-04-04 17:57 - 2019-04-04 17:57 - 001790024 _____ (Malwarebytes) C:\Users\PSOTO\Downloads\JRT.exe
2019-04-04 17:57 - 2019-04-04 17:57 - 001790024 _____ (Malwarebytes) C:\Users\PSOTO\Desktop\JRT.exe
2019-04-04 17:57 - 2019-04-04 17:56 - 062618552 _____ (Malwarebytes ) C:\Users\PSOTO\Desktop\mb3-setup-consumer-3.7.1.2839-1.0.563-1.0.10000.exe
2019-04-04 17:56 - 2019-04-04 17:56 - 062618552 _____ (Malwarebytes ) C:\Users\PSOTO\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.563-1.0.10000.exe
2019-04-04 17:55 - 2019-04-04 17:55 - 021205512 _____ (Piriform Software Ltd) C:\Users\PSOTO\Downloads\ccsetup555.exe
2019-04-04 17:55 - 2019-04-04 17:55 - 021205512 _____ (Piriform Software Ltd) C:\Users\PSOTO\Desktop\ccsetup555.exe
2019-04-03 18:20 - 2019-04-03 18:20 - 000042943 _____ C:\Users\PSOTO\Downloads\WhatsApp Image 2019-04-03 at 18.20.17.jpeg
2019-04-02 20:27 - 2019-04-02 20:27 - 003763858 _____ C:\Users\PSOTO\Downloads\file.pdf
2019-04-02 19:05 - 2019-04-02 19:05 - 000000218 _____ C:\Users\PSOTO\AppData\Local\recently-used.xbel
2019-04-02 18:52 - 2019-04-02 19:02 - 1830702183 _____ C:\Users\PSOTO\Downloads\Can.you.ever.forgive.me.2018.1080p-dual-lat-cinecalidad.is.mp4
2019-04-02 18:28 - 2019-04-02 18:28 - 000099451 _____ C:\Users\PSOTO\Downloads\WhatsApp Image 2019-04-02 at 18.12.46.jpeg
2019-04-02 16:20 - 2019-04-02 16:23 - 000098625 _____ C:\Users\PSOTO\Downloads\WhatsApp Image 2019-04-01 at 20.04.44.jpeg
2019-04-02 16:20 - 2019-04-02 16:23 - 000094340 _____ C:\Users\PSOTO\Downloads\WhatsApp Image 2019-04-01 at 20.04.46.jpeg
2019-04-02 16:20 - 2019-04-02 16:23 - 000094029 _____ C:\Users\PSOTO\Downloads\WhatsApp Image 2019-04-01 at 20.04.47.jpeg
2019-04-02 16:20 - 2019-04-02 16:23 - 000090353 _____ C:\Users\PSOTO\Downloads\WhatsApp Image 2019-04-01 at 20.04.42.jpeg
2019-04-02 16:20 - 2019-04-02 16:23 - 000084310 _____ C:\Users\PSOTO\Downloads\WhatsApp Image 2019-04-01 at 20.04.49.jpeg
2019-04-01 20:59 - 2019-04-01 20:59 - 005466460 _____ C:\Users\PSOTO\Downloads\liv2019xls.xlsx
2019-04-01 20:40 - 2019-04-01 20:47 - 1857641671 _____ C:\Users\PSOTO\Downloads\The.dirt.2019.1080p-dual-lat-cinecalidad.is.mp4
2019-04-01 09:10 - 2019-04-01 09:10 - 001161308 _____ C:\Users\PSOTO\Downloads\MODULO 3_Modelo de EA en modalidad online.pdf
2019-04-01 09:10 - 2019-04-01 09:10 - 000895261 _____ C:\Users\PSOTO\Downloads\MODULO 4_Competencias digitales para la docencia online.pdf
2019-04-01 09:10 - 2019-04-01 09:10 - 000878976 _____ C:\Users\PSOTO\Downloads\MODULO 1_Modalidad de Educación Online.pdf
2019-04-01 09:10 - 2019-04-01 09:10 - 000878976 _____ C:\Users\PSOTO\Downloads\MODULO 1_Modalidad de Educación Online (1).pdf
2019-04-01 09:10 - 2019-04-01 09:10 - 000798987 _____ C:\Users\PSOTO\Downloads\MODULO 2_Educación Adultos Modalidad Online.pdf
2019-04-01 09:10 - 2019-04-01 09:10 - 000580082 _____ C:\Users\PSOTO\Downloads\Plan_curso_educ_onlinev3.pdf
2019-04-01 08:39 - 2019-04-01 08:53 - 2275160523 _____ C:\Users\PSOTO\Downloads\The.highwaymen.2019.1080p-dual-lat-cinecalidad.is.mp4
2019-04-01 08:38 - 2019-04-01 08:50 - 1540050123 _____ C:\Users\PSOTO\Downloads\A.dogs.way.home.2019.1080p-dual-lat-cinecalidad.is.mp4
2019-03-31 22:23 - 2019-04-01 09:11 - 000000000 ____D C:\Users\PSOTO\Desktop\CURSO
2019-03-31 22:23 - 2019-03-31 22:23 - 000000000 ____D C:\Users\PSOTO\Documents\Nueva carpeta
2019-03-26 16:53 - 2019-03-26 16:53 - 000030677 _____ C:\Users\PSOTO\Downloads\voucher.pdf
2019-03-25 20:59 - 2019-03-25 21:05 - 000000000 ____D C:\Users\PSOTO\Desktop\feelings and emotions
2019-03-25 20:43 - 2019-03-25 20:43 - 000002399 _____ C:\Users\PSOTO\Desktop\MG - Chrome.lnk
2019-03-22 22:05 - 2019-03-22 22:08 - 000000000 ____D C:\Users\PSOTO\Desktop\emi
2019-03-22 20:03 - 2019-03-22 20:06 - 000000000 ____D C:\Users\PSOTO\Downloads\Bumblebee - 2018
2019-03-22 19:12 - 2019-03-22 19:15 - 000000000 ____D C:\Users\PSOTO\Downloads\The Mule - 2018
2019-03-20 19:50 - 2019-03-20 21:30 - 000000000 ____D C:\Users\PSOTO\Downloads\The Tenants - 2018
2019-03-20 19:47 - 2019-03-20 19:55 - 000000000 ____D C:\Users\PSOTO\Downloads\Five Feet Apart (OST) (Deluxe)
2019-03-20 16:31 - 2019-03-20 16:31 - 000094564 _____ C:\Users\PSOTO\Downloads\WhatsApp Image 2019-03-20 at 10.21.01.jpeg
2019-03-19 16:27 - 2019-03-19 16:28 - 000000000 ____D C:\Users\PSOTO\Downloads\Speed Kills - 2018
2019-03-19 06:58 - 2019-03-19 06:58 - 000362888 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-03-18 16:21 - 2019-03-18 16:21 - 000000000 ____D C:\Users\Gracielita\AppData\Roaming\NCH Software
2019-03-17 21:24 - 2019-03-17 21:27 - 000000000 ____D C:\Users\PSOTO\Downloads\Disney
2019-03-17 21:22 - 2019-03-18 21:10 - 000000000 ____D C:\Users\PSOTO\Downloads\Replicas - 2018
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-04 18:07 - 2017-12-15 12:43 - 000000000 ____D C:\Users\PSOTO\AppData\Local\CrashDumps
2019-04-04 18:07 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
2019-04-04 18:02 - 2015-05-14 21:22 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-04-04 17:53 - 2015-10-10 15:29 - 000000000 ____D C:\Program Files (x86)\CCleaner
2019-04-04 16:02 - 2009-07-14 01:45 - 000021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-04-04 16:02 - 2009-07-14 01:45 - 000021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-04-04 16:01 - 2019-01-03 11:59 - 000000000 ____D C:\Users\PSOTO\Desktop\01 FOTOS COLACIONES
2019-04-03 19:11 - 2014-09-02 11:30 - 000000000 ____D C:\Users\PSOTO\AppData\Roaming\PrimoPDF
2019-04-02 19:35 - 2010-11-21 04:09 - 000860098 _____ C:\Windows\system32\perfh00A.dat
2019-04-02 19:35 - 2010-11-21 04:09 - 000205166 _____ C:\Windows\system32\perfc00A.dat
2019-04-02 19:35 - 2009-07-14 02:13 - 001996886 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-02 19:23 - 2017-11-07 22:54 - 000001486 _____ C:\Windows\Tasks\Packet House.job
2019-04-02 19:23 - 2017-11-03 08:48 - 000000484 ____H C:\Windows\Tasks\Norton Product InstallerIdle.job
2019-04-02 19:05 - 2016-07-11 14:51 - 000000000 ____D C:\Users\PSOTO\AppData\Roaming\deluge
2019-04-01 20:49 - 2014-09-02 01:16 - 000000000 ___RD C:\Users\PSOTO\Google Drive
2019-03-26 17:33 - 2018-11-26 10:59 - 000000000 ____D C:\Users\PSOTO\Desktop\Fotos EVENTOS
2019-03-25 20:21 - 2017-12-17 15:27 - 000000000 ___RD C:\Users\Gracielita\Google Drive
2019-03-22 20:07 - 2014-11-01 23:06 - 000000000 ____D C:\Users\PSOTO\AppData\Roaming\vlc
2019-03-21 08:38 - 2016-08-01 21:39 - 000000132 _____ C:\Users\PSOTO\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2019-03-19 17:39 - 2014-09-23 16:00 - 000003488 _____ C:\Windows\System32\Tasks\PCDEventLauncher
2019-03-19 17:39 - 2009-07-14 02:08 - 000032654 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-03-19 16:00 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-03-19 06:59 - 2017-11-16 21:35 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-03-19 06:58 - 2019-02-19 19:56 - 000249152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-03-19 06:58 - 2018-10-22 17:04 - 000042496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-03-19 06:58 - 2017-11-07 17:23 - 000476256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-03-19 06:58 - 2017-11-07 17:23 - 000380160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-03-19 06:58 - 2017-11-07 17:23 - 000220632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-03-19 06:58 - 2017-11-07 17:23 - 000169104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-03-19 06:58 - 2017-11-07 17:23 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-03-19 06:58 - 2017-11-07 17:23 - 000088152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-03-19 06:57 - 2019-01-18 16:04 - 000254408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-03-19 06:57 - 2019-01-16 10:17 - 000320904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-03-19 06:57 - 2019-01-16 10:17 - 000196304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-03-19 06:57 - 2019-01-16 10:17 - 000058168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-03-19 06:57 - 2019-01-16 10:17 - 000037320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-03-19 06:57 - 2017-11-20 08:37 - 000205608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-03-19 06:57 - 2017-11-07 17:23 - 001034640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-03-18 16:22 - 2018-05-16 18:54 - 000000000 ____D C:\Users\Invitado\AppData\Local\CrashDumps
2019-03-14 16:31 - 2015-06-18 12:28 - 000000000 ____D C:\Users\PSOTO\AppData\Local\Dropbox
2019-03-14 16:31 - 2014-09-02 01:04 - 000000000 ____D C:\Users\PSOTO\AppData\Roaming\Dropbox
2019-03-13 22:19 - 2014-09-02 01:08 - 000000000 ___RD C:\Users\PSOTO\Dropbox
2019-03-13 19:07 - 2017-12-13 11:10 - 000004500 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-03-13 19:07 - 2014-09-02 12:42 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-03-13 19:07 - 2014-09-02 12:42 - 000004322 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-03-13 19:07 - 2014-08-28 10:19 - 000000000 ____D C:\Users\PSOTO\AppData\Local\Adobe
2019-03-13 19:07 - 2012-01-14 05:49 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-13 19:07 - 2012-01-14 05:49 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-03-13 19:07 - 2012-01-14 05:49 - 000000000 ____D C:\Windows\system32\Macromed
2019-03-13 10:59 - 2019-03-01 20:31 - 000000000 ____D C:\Windows\System32\Tasks\NCH Software
2019-03-12 21:54 - 2017-11-07 18:15 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-12 21:51 - 2017-11-07 17:23 - 000379952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswafab558366d73e75.tmp
2019-03-12 21:36 - 2014-09-03 11:49 - 000000000 ____D C:\Program Files\WinRAR
2019-03-11 20:39 - 2014-09-03 11:49 - 000000000 ____D C:\Users\PSOTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-03-11 20:39 - 2014-09-03 11:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
==================== Files in the root of some directories =======
2018-11-12 19:39 - 2018-11-12 19:39 - 000000000 _____ () C:\Users\Public\b1.dll
2017-01-30 19:42 - 2017-01-30 19:42 - 000000001 _____ () C:\Users\PSOTO\AppData\Roaming\plMMDy
2016-08-01 21:39 - 2019-03-21 08:38 - 000000132 _____ () C:\Users\PSOTO\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2018-11-13 09:36 - 2018-11-19 13:20 - 000013508 _____ () C:\Users\PSOTO\AppData\Local\5.txt
2018-11-12 19:40 - 2018-11-12 19:40 - 000000000 _____ () C:\Users\PSOTO\AppData\Local\848U34FCQKJGNL1.exe.doc
2019-04-02 19:05 - 2019-04-02 19:05 - 000000218 _____ () C:\Users\PSOTO\AppData\Local\recently-used.xbel
2014-11-10 17:53 - 2018-11-10 11:07 - 000007598 _____ () C:\Users\PSOTO\AppData\Local\Resmon.ResmonCfg
2018-11-13 09:36 - 2018-11-19 12:04 - 000000000 _____ () C:\Users\PSOTO\AppData\Local\xkdi4.txt
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2019-03-15 20:11
==================== End of FRST.txt ============================
Continua en mensaje siguiente…