Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 04-06-2021 Ejecutado por Matías (administrador) sobre CASA-ESCRITORIO (05-06-2021 01:53:11) Ejecutado desde C:\Users\Matías\Desktop Perfiles cargados: Matías Platform: Windows 10 Enterprise Versión 1909 18363.1556 (X64) Idioma: Español (España, internacional) Navegador predeterminado: Chrome Modo de Inicio: Normal ==================== Procesos (Lista blanca) ================= (Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atieclxx.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atiesrxx.exe (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <10> (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\Matías\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe <6> (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (SOSVIRUS (LE BOZEC CEDRIC, DOMINIQUE, MARIE) -> ) C:\Program Files (x86)\UsbFix\Modules\UsbFixMonitor.exe (SOSVIRUS (LE BOZEC CEDRIC, DOMINIQUE, MARIE) -> ) C:\Program Files (x86)\UsbFix\UsbFix.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Registro (Lista blanca) =================== (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard Company -> Hewlett-Packard) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN HKU\S-1-5-21-824706290-3614823676-1698890305-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50041472 2021-03-12] (Google LLC -> ) HKU\S-1-5-21-824706290-3614823676-1698890305-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3144824 2021-05-20] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-824706290-3614823676-1698890305-1001\...\Run: [GalaxyClient] => [X] HKU\S-1-5-21-824706290-3614823676-1698890305-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4087528 2021-05-19] (Valve -> Valve Corporation) HKU\S-1-5-21-824706290-3614823676-1698890305-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33770112 2021-05-20] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-824706290-3614823676-1698890305-1001\...\Run: [GoogleChromeAutoLaunch_837FAC31F91BC615D78F2DF9737D7946] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 HKU\S-1-5-21-824706290-3614823676-1698890305-1001\...\MountPoints2: {4b0de3c8-6603-11e8-bf3e-7427ead0cead} - "J:\setup.exe" HKU\S-1-5-21-824706290-3614823676-1698890305-1001\...\MountPoints2: {c7011605-a516-11e9-bf82-7427ead0cead} - "K:\Autorun.exe" HKU\S-1-5-21-824706290-3614823676-1698890305-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [807936 2019-03-19] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\HP E111 Status Monitor: C:\WINDOWS\system32\hpinkstsE111LM.dll [393352 2017-04-13] (Hewlett Packard -> HP Inc.) HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [46080 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\91.0.4472.77\Installer\chrmstp.exe [2021-06-02] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-08-28] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc. -> McAfee, Inc.) ==================== Tareas programadas (Lista blanca) ============ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) Task: {014F484B-16FF-4B00-98CC-540355D050C3} - System32\Tasks\{E23EEEC2-DEA8-4483-9217-EDFFD8CC8E88} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Picexa\uninstall.exe" Task: {033DA1BB-A7DB-4BCB-B3EE-1DAA6A9DFA7F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Ningún archivo <==== ATENCIÓN Task: {081A6BEE-BB2B-4EBA-A342-D24FF54B77BA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Ningún archivo <==== ATENCIÓN Task: {0D7819CC-AF00-44C4-82D5-62B8EDD6317E} - System32\Tasks\AdvancedUpdater => C:\Program Files (x86)\AW Manager\Windows Manager\Windows Updater.exe [1010800 2021-05-07] (Microleaves LTD -> AW Manager) <==== ATENCIÓN Task: {1A1D4E7D-9A05-4D3D-9F7C-2ADD2909A169} - System32\Tasks\AdvancedWindowsManager #1 => C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe <==== ATENCIÓN Task: {1B913C72-47D0-473F-BEE3-34DBA2205CA1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {2684CCC0-E03C-4BBE-88C8-42E2272C6B68} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {27337237-9B8E-4BFB-8548-098583004802} - System32\Tasks\AdvancedWindowsManager #6 => C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe <==== ATENCIÓN Task: {2E16813A-E61A-424B-8101-DA345784D8B2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.3-0\MpCmdRun.exe [644872 2021-05-29] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {2E236535-F43B-4AD8-97E1-00D68AC4AF6A} - System32\Tasks\AdvancedWindowsManager #4 => C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe <==== ATENCIÓN Task: {3206322F-3B00-4CDF-BA74-33F5CC312147} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {35D403D8-CB95-4799-A5E0-A2C134BB11F7} - \Microsoft\Windows\UNP\RunCampaignManager -> Ningún archivo <==== ATENCIÓN Task: {367E88A7-2CD2-4A14-AE8A-6289E4391203} - System32\Tasks\UsbFix Boot Scan => C:\Program Files (x86)\UsbFix\UsbFix.exe [2053256 2020-12-02] (SOSVIRUS (LE BOZEC CEDRIC, DOMINIQUE, MARIE) -> ) Task: {3935B5A6-6713-421A-B487-7DEBF56A7AED} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {3B78A505-916F-44B3-8FDB-BB14C5A76D8D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Ningún archivo <==== ATENCIÓN Task: {3C564E81-4241-414A-A9FD-7D2B241E3767} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Ningún archivo <==== ATENCIÓN Task: {3CCB67B0-5C95-4DC8-8955-39225C2E03C4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Ningún archivo <==== ATENCIÓN Task: {4409FD8C-1588-47AB-B696-080DFF883B12} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-824706290-3614823676-1698890305-1001 => C:\Users\Matías\AppData\Local\MEGAsync\MEGAupdater.exe Task: {45D83144-A9FA-4395-85B7-F4361EAA0520} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {5258A5C3-514E-418C-BD8D-52184DDFDAC3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-05-20] (Piriform Software Ltd -> Piriform) Task: {5286977A-1992-4E46-B43D-0BC68990FFD1} - \WPD\SqmUpload_S-1-5-21-824706290-3614823676-1698890305-1005 -> Ningún archivo <==== ATENCIÓN Task: {55A353AE-E054-4ECA-B613-16485E20B643} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.) Task: {6C3496EC-DC16-4B13-8A23-FC7BD421CD24} - System32\Tasks\UsbFix Monitor => C:\Program Files (x86)\UsbFix\Modules\UsbFixMonitor.exe [1239176 2020-12-02] (SOSVIRUS (LE BOZEC CEDRIC, DOMINIQUE, MARIE) -> ) Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Task: {7EACF1C7-001B-4EB6-9A01-CBF20E5ABEB1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {7EB771BB-3BEC-49C2-9D81-9CACF0C1EAF2} - System32\Tasks\AdvancedWindowsManager #3 => C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe <==== ATENCIÓN Task: {8346384C-69F3-43A6-AAE3-13265C622E1C} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Matías\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-06-02] (ESET, spol. s r.o. -> ESET) Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE} Task: {8A942B11-1756-43F0-9A14-01F2AD7A41CF} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {9C2D5F90-0C0F-4A28-9C16-D7D3778969D6} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {A2696BC6-37BB-4F4D-A779-6DF66914D383} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Ningún archivo <==== ATENCIÓN Task: {A278D66D-2966-4299-8341-D1E12288DE03} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.3-0\MpCmdRun.exe [644872 2021-05-29] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {ABF29ADD-5E51-4142-B4F5-06BFF8F9742E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Ningún archivo <==== ATENCIÓN Task: {ACD8A441-285A-47E7-BFB1-00D7137F22EE} - System32\Tasks\AdvancedWindowsManager #5 => C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe <==== ATENCIÓN Task: {AD9A9430-3DDC-4447-B88A-7847E9BA9F77} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA} Task: {B1B9A195-432A-43C3-82DF-07D1D7409A2D} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Matías\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-06-02] (ESET, spol. s r.o. -> ESET) Task: {B9A598C9-425C-4480-AEC9-5CDC45D6A81C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Ningún archivo <==== ATENCIÓN Task: {BF2F8768-0BD7-48E3-8D84-27217CC955AC} - System32\Tasks\AdvancedWindowsManager #2 => C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe <==== ATENCIÓN Task: {C924D6B8-CBEC-48E6-AF38-D26849BECB76} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Ningún archivo <==== ATENCIÓN Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {D44824D0-4096-4AA5-8DA7-28B05ED7E0C8} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {D4FDE14D-C402-4A8F-95C2-796398E1E144} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28158080 2021-05-20] (Piriform Software Ltd -> Piriform Software Ltd) Task: {DD1E6B84-58BC-4BDD-8F8A-131488947AE6} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\microsoft-windows-ndows-system-xstate-l1-1-0 => rundll32 C:\Users\Matías\AppData\Local\ModelResult\ProfeosxonabSigned\athq_prll_ue.dll,mjxop_Sezbripy_AzRolel Task: {E0BD8DDC-075B-457A-B461-F4B520FFAA6C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Ningún archivo <==== ATENCIÓN Task: {E229760A-8C68-448A-91EA-1EBA75B7B16C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.3-0\MpCmdRun.exe [644872 2021-05-29] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E58FECA7-148C-477B-849A-CFCE0022E815} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {E5DC9372-FA28-4802-B64C-ECD5E8AF4D80} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.3-0\MpCmdRun.exe [644872 2021-05-29] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F2DB3082-968D-41CC-ACA0-6F22FE52646B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {F4D7965C-4DB2-459E-918B-10BA8B73BDEC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN Task: {F59DFFBA-C7D9-4D93-A53D-625A3553AE83} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Ningún archivo <==== ATENCIÓN (Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (Lista blanca) ==================== (Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.) ProxyEnable: [S-1-5-21-824706290-3614823676-1698890305-1004] => Proxy está habilitado. ProxyServer: [S-1-5-21-824706290-3614823676-1698890305-1004] => http=127.0.0.1:14006;https=127.0.0.1:14006 Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{20dc7d9b-ebe3-4501-be35-8fb7cc53c700}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{d31edcb6-bbde-4efd-9f38-5b4463f52c93}: [DhcpNameServer] 192.168.0.1 Edge: ======= Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado] Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado] Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado] Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado] Edge DefaultProfile: Default Edge Profile: C:\Users\Matías\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-03] Edge StartupUrls: Default -> "hxxp://www.google.com/" Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Matías\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-06-02] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: u8miog1f.default-1437526231420 FF ProfilePath: C:\Users\Matías\AppData\Roaming\Mozilla\Firefox\Profiles\u8miog1f.default-1437526231420 [2021-06-04] FF Homepage: Mozilla\Firefox\Profiles\u8miog1f.default-1437526231420 -> hxxps://www.google.com FF Extension: (Malwarebytes Browser Guard) - C:\Users\Matías\AppData\Roaming\Mozilla\Firefox\Profiles\u8miog1f.default-1437526231420\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-06-02] FF HKU\S-1-5-21-824706290-3614823676-1698890305-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Extension: (McAfee Security Scan Plus) - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] [Heredado] [no firmado] FF HKU\S-1-5-21-824706290-3614823676-1698890305-1005\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] (Adobe Systems Incorporated -> ) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] (Adobe Systems Incorporated -> ) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-12] (VideoLAN) [Archivo no firmado] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default [2021-06-05] CHR Notifications: Default -> hxxps://web.movistar.com.ar CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Extension: (Sudoku) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\agdhembpgcpfegeigidembjopfhghnpj [2015-03-15] CHR Extension: (Documentos) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13] CHR Extension: (Google Drive) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-19] CHR Extension: (YouTube) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (Búsqueda de Google) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26] CHR Extension: (Adobe Acrobat) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-06] CHR Extension: (Documentos de Google sin conexión) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-30] CHR Extension: (DarkOrbit) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\igfellpkdddmaldkbohekiikcmadbdnj [2017-03-06] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-06-03] CHR Extension: (Hangouts de Google) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2019-05-23] CHR Extension: (Lazarus: Form Recovery) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\loljledaigphbcpfhfmgopdkppkifgno [2014-10-04] CHR Extension: (Into The Mist) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh [2018-08-15] CHR Extension: (WGT Golf Game) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpedbpkelbhcbkdaglillalioeeekbpb [2014-04-05] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30] CHR Extension: (Bola 9) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\oafdgpdaojfjhcolidaakebmnbibdbpb [2016-12-21] CHR Extension: (Gmail) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-25] CHR Extension: (Chrome Media Router) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-02] CHR Extension: (wNetHome) - C:\ProgramData\Ammrk\Uaevmq [2021-06-04] CHR HKU\S-1-5-21-824706290-3614823676-1698890305-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKU\S-1-5-21-824706290-3614823676-1698890305-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nfedoihopcjdfjihhhojdclnfdgomdho] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Servicios (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1874272 2021-04-13] (GOG Sp. z o.o. -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6840672 2021-04-13] (GOG Sp. z o.o. -> GOG.com) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-05-31] (Malwarebytes Inc -> Malwarebytes) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc. -> McAfee, Inc.) R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Archivo no firmado] S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2547344 2021-05-20] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3487384 2021-05-20] (Electronic Arts, Inc. -> Electronic Arts) R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Archivo no firmado] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13103632 2020-09-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) ===================== Controladores (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2020-02-24] (Microsoft Corporation) [Archivo no firmado] R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-05-31] (Malwarebytes Inc -> Malwarebytes) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-06-02] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-05-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-06-04] (Malwarebytes Inc -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-06-04] (Malwarebytes Inc -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-02] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [157944 2021-06-04] (Malwarebytes Inc -> Malwarebytes) S3 Secdrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [14368 1999-10-01] () [Archivo no firmado] S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr)) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-05-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76024 2021-05-29] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) ==================== Un mes (creado) (Lista blanca) ========= (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2021-06-05 01:53 - 2021-06-05 01:53 - 000027969 _____ C:\Users\Matías\Desktop\FRST.txt 2021-06-05 01:35 - 2021-06-05 01:53 - 000000000 ____D C:\FRST 2021-06-05 01:31 - 2021-06-05 01:31 - 002300928 _____ (Farbar) C:\Users\Matías\Desktop\FRST64.exe 2021-06-05 01:13 - 2021-06-05 01:13 - 000003249 _____ C:\Users\Matías\Desktop\Resultados Malwarebytes (BIS).txt 2021-06-04 22:59 - 2021-06-04 22:59 - 000002144 _____ C:\Users\Matías\Desktop\Resultados AdwCleanner.txt 2021-06-04 22:06 - 2021-06-04 22:06 - 000000000 ___HD C:\ProgramData\Ammrk 2021-06-04 22:03 - 2021-06-04 22:03 - 000008324 _____ C:\Users\Matías\Desktop\UsbFix_Report.txt 2021-06-04 21:59 - 2021-06-04 21:59 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2021-06-04 21:59 - 2021-06-04 21:59 - 000157944 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2021-06-04 21:59 - 2021-06-04 21:59 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2021-06-04 21:48 - 2021-06-04 21:48 - 000003458 _____ C:\Users\Matías\Desktop\Resultados Malwarebytes.txt 2021-06-03 17:32 - 2021-06-03 17:32 - 000045710 _____ C:\Users\Matías\Desktop\VEP-18046386_3-6-2021.pdf 2021-06-03 00:05 - 2021-06-03 19:36 - 000000000 ____D C:\KVRT2020_Data 2021-06-02 23:51 - 2021-06-02 23:53 - 000003862 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn 2021-06-02 23:51 - 2021-06-02 23:53 - 000003420 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime 2021-06-02 23:49 - 2021-06-02 23:49 - 000047922 _____ C:\Users\Matías\Desktop\Resultados ESET ONLINE SCANER.txt 2021-06-02 22:45 - 2021-06-02 22:45 - 000000778 _____ C:\Users\Public\Desktop\Malwarebytes.rar 2021-06-02 22:45 - 2021-06-02 22:45 - 000000778 _____ C:\ProgramData\Desktop\Malwarebytes.rar 2021-06-02 20:15 - 2021-06-02 23:58 - 000001432 _____ C:\Users\Matías\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2021-06-02 20:15 - 2021-06-02 23:58 - 000001326 _____ C:\Users\Matías\Desktop\ESET Online Scanner.lnk 2021-06-02 20:15 - 2021-06-02 20:15 - 000000000 ____D C:\Users\Matías\AppData\Local\ESET 2021-06-02 20:05 - 2021-06-02 20:05 - 000002324 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-06-02 20:05 - 2021-06-02 20:05 - 000002283 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2021-06-02 20:05 - 2021-06-02 20:05 - 000002283 _____ C:\ProgramData\Desktop\Google Chrome.lnk 2021-06-02 20:03 - 2021-06-02 20:03 - 104284528 _____ (AO Kaspersky Lab) C:\Users\Matías\Desktop\KVRT.exe 2021-06-02 20:00 - 2021-06-02 20:01 - 011697056 _____ (ESET) C:\Users\Matías\Desktop\esetonlinescanner.exe 2021-06-02 19:16 - 2021-06-02 19:16 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2021-06-02 00:31 - 2021-06-04 22:02 - 000001963 _____ C:\Users\Public\Desktop\UsbFix Anti-Malware.lnk 2021-06-02 00:31 - 2021-06-04 22:02 - 000001963 _____ C:\ProgramData\Desktop\UsbFix Anti-Malware.lnk 2021-06-01 16:39 - 2021-06-01 16:39 - 000003274 _____ C:\WINDOWS\system32\Tasks\UsbFix Boot Scan 2021-06-01 16:39 - 2021-06-01 16:39 - 000003272 _____ C:\WINDOWS\system32\Tasks\UsbFix Monitor 2021-06-01 16:39 - 2021-06-01 16:39 - 000000000 ____D C:\Program Files (x86)\UsbFix 2021-06-01 10:17 - 2021-06-01 16:42 - 000000000 ____D C:\Users\Matías\AppData\Local\CrashDumps 2021-05-31 20:55 - 2021-05-31 20:55 - 004868504 _____ (SOSVirus) C:\Users\Matías\Desktop\UsbFix_2020.exe 2021-05-31 20:52 - 2021-05-31 20:52 - 008534696 _____ (Malwarebytes) C:\Users\Matías\Desktop\adwcleaner_8.2.exe 2021-05-31 20:44 - 2021-06-02 19:18 - 000001051 _____ C:\Users\Public\Desktop\CCleaner.lnk 2021-05-31 20:44 - 2021-06-02 19:18 - 000001051 _____ C:\ProgramData\Desktop\CCleaner.lnk 2021-05-31 20:44 - 2021-05-31 20:44 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-05-31 20:44 - 2021-05-31 20:44 - 000002890 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC 2021-05-31 20:44 - 2021-05-31 20:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2021-05-31 20:43 - 2021-06-04 22:59 - 000000000 ____D C:\Program Files\CCleaner 2021-05-31 20:36 - 2021-06-05 00:03 - 000000160 _____ C:\Users\Matías\Desktop\DobleTilde.url 2021-05-31 19:48 - 2021-05-31 19:51 - 000010720 _____ C:\DT-kill.txt 2021-05-31 19:48 - 2021-05-31 19:48 - 000000000 ____D C:\_DT-Kill 2021-05-31 17:29 - 2021-05-31 17:29 - 000000000 _____ C:\Users\Matías\Desktop\xxx.txt 2021-05-31 01:46 - 2021-05-31 01:46 - 000000000 ____D C:\Users\Matías\AppData\Local\mbam 2021-05-31 01:45 - 2021-06-02 19:22 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-05-31 01:45 - 2021-06-02 19:16 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-05-31 01:45 - 2021-05-31 01:45 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2021-05-31 01:45 - 2021-05-31 01:45 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2021-05-31 01:45 - 2021-05-31 01:45 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-05-31 01:45 - 2021-05-31 01:45 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2021-05-31 01:45 - 2021-05-31 01:45 - 000002028 _____ C:\ProgramData\Desktop\Malwarebytes.lnk 2021-05-31 01:44 - 2021-05-31 01:44 - 000000000 ____D C:\Program Files\Malwarebytes 2021-05-30 22:08 - 2021-05-30 22:08 - 000000128 _____ C:\Users\Matías\Desktop\Guia BloodBowl.url 2021-05-30 16:21 - 2021-05-30 16:21 - 000000000 ____D C:\Users\Matías\AppData\Local\Steam 2021-05-30 16:14 - 2021-05-31 20:07 - 000000000 ____D C:\Program Files (x86)\Steam 2021-05-30 16:14 - 2021-05-30 16:14 - 000001039 _____ C:\Users\Public\Desktop\Steam.lnk 2021-05-30 16:14 - 2021-05-30 16:14 - 000001039 _____ C:\ProgramData\Desktop\Steam.lnk 2021-05-30 16:14 - 2021-05-30 16:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2021-05-30 16:08 - 2021-05-31 15:13 - 000000000 ____D C:\Users\Matías\Documents\BloodBowl2 2021-05-30 16:08 - 2021-05-30 16:41 - 000000775 _____ C:\Users\Matías\Desktop\Blood Bowl 2 Death Zone.lnk 2021-05-30 16:08 - 2021-05-30 16:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blood Bowl 2 Death Zone 2021-05-30 15:54 - 2021-05-30 15:54 - 000001035 _____ C:\Users\Public\Desktop\WinRAR.lnk 2021-05-30 15:54 - 2021-05-30 15:54 - 000001035 _____ C:\ProgramData\Desktop\WinRAR.lnk 2021-05-30 15:54 - 2021-05-30 15:54 - 000000000 ____D C:\Users\Matías\AppData\Roaming\WinRAR 2021-05-30 15:54 - 2021-05-30 15:54 - 000000000 ____D C:\Users\Matías\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2021-05-30 15:54 - 2021-05-30 15:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2021-05-30 15:54 - 2021-05-30 15:54 - 000000000 ____D C:\Program Files\WinRAR 2021-05-30 15:19 - 2021-05-31 08:13 - 000000000 ___HD C:\ProgramData\Windows Host 2021-05-30 15:18 - 2021-05-30 15:18 - 000003932 _____ C:\WINDOWS\system32\Tasks\AdvancedUpdater 2021-05-30 15:18 - 2021-05-30 15:18 - 000003928 _____ C:\WINDOWS\system32\Tasks\AdvancedWindowsManager #6 2021-05-30 15:18 - 2021-05-30 15:18 - 000003928 _____ C:\WINDOWS\system32\Tasks\AdvancedWindowsManager #5 2021-05-30 15:18 - 2021-05-30 15:18 - 000003928 _____ C:\WINDOWS\system32\Tasks\AdvancedWindowsManager #4 2021-05-30 15:18 - 2021-05-30 15:18 - 000003928 _____ C:\WINDOWS\system32\Tasks\AdvancedWindowsManager #3 2021-05-30 15:18 - 2021-05-30 15:18 - 000003928 _____ C:\WINDOWS\system32\Tasks\AdvancedWindowsManager #2 2021-05-30 15:18 - 2021-05-30 15:18 - 000003928 _____ C:\WINDOWS\system32\Tasks\AdvancedWindowsManager #1 2021-05-30 15:18 - 2021-05-30 15:18 - 000000000 ____D C:\Program Files (x86)\AW Manager 2021-05-30 15:14 - 2021-05-31 17:44 - 000000000 ____D C:\Users\Matías\AppData\Local\61c1b884-3182-4231-b18d-e24f9f4c087b 2021-05-30 15:14 - 2021-05-30 15:14 - 000000559 _____ C:\Users\Matías\AppData\Local\bowsakkdestx.txt 2021-05-30 15:14 - 2021-05-30 15:14 - 000000049 _____ C:\Users\Matías\AppData\Local\script.ps1 2021-05-30 15:14 - 2021-05-30 15:14 - 000000000 ____D C:\Users\Matías\AppData\Roaming\Serian 2021-05-30 15:14 - 2021-05-30 15:14 - 000000000 ____D C:\Users\Matías\AppData\Local\AdvinstAnalytics 2021-05-30 15:14 - 2021-05-30 15:14 - 000000000 ____D C:\SystemID 2021-05-30 15:13 - 2021-06-02 19:27 - 000000000 ___HD C:\Users\Matías\AppData\Roaming\WinSupport 2021-05-30 15:13 - 2021-05-30 15:35 - 000000000 ____D C:\Users\Matías\AppData\Local\625edb88-e251-496e-970d-8baa1dea4a53 2021-05-30 15:13 - 2021-05-30 15:13 - 000000000 ____D C:\Users\Matías\AppData\Local\NetSupport 2021-05-30 15:12 - 2021-06-01 16:27 - 000000000 ____D C:\Users\Matías\Documents\VlcpVideoV1.0.1 2021-05-30 15:06 - 2021-06-02 21:49 - 000000557 _____ C:\Users\Matías\Downloads\41a1e84c__blood-bowl-ii.zip 2021-05-12 13:43 - 2021-05-12 13:43 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-05-12 13:43 - 2021-05-12 13:43 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-05-12 13:43 - 2021-05-12 13:43 - 000140800 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll 2021-05-12 13:43 - 2021-05-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin 2021-05-12 13:43 - 2021-05-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin 2021-05-12 13:43 - 2021-05-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin 2021-05-12 13:43 - 2021-05-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin 2021-05-12 13:43 - 2021-05-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin 2021-05-12 13:43 - 2021-05-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin 2021-05-12 13:43 - 2021-05-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin 2021-05-12 13:43 - 2021-05-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin 2021-05-12 13:43 - 2021-05-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin 2021-05-12 13:43 - 2021-05-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin 2021-05-12 13:43 - 2021-05-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin 2021-05-12 13:43 - 2021-05-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin 2021-05-12 13:43 - 2021-05-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin 2021-05-12 13:43 - 2021-05-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin 2021-05-12 13:43 - 2021-05-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin 2021-05-12 13:43 - 2021-05-12 13:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin ==================== Un mes (modificado) ================== (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2021-06-05 00:57 - 2020-02-24 16:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-06-04 23:51 - 2019-03-19 01:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-06-04 23:01 - 2014-06-04 22:11 - 000000000 __SHD C:\Temp 2021-06-04 22:02 - 2020-11-17 19:56 - 000000000 ___RD C:\Users\Matías\Google Drive 2021-06-04 22:02 - 2014-12-31 09:29 - 000000000 ___RD C:\Users\Matías\OneDrive 2021-06-04 21:59 - 2020-02-24 16:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-06-04 21:59 - 2015-04-08 21:38 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2021-06-04 21:58 - 2019-03-19 01:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-06-04 17:38 - 2021-01-04 09:07 - 000001488 _____ C:\Users\Matías\Desktop\Gastos 2021.xlsx.lnk 2021-06-04 16:16 - 2017-11-28 20:23 - 000000000 ____D C:\Users\Matías\AppData\Roaming\WhatsApp 2021-06-04 16:12 - 2020-04-06 15:58 - 000002378 ____H C:\Users\Matías\Documents\Default.rdp 2021-06-04 12:13 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2021-06-03 19:27 - 2020-04-03 16:53 - 000000000 ____D C:\Users\Matías\AppData\Local\WhatsApp 2021-06-03 13:49 - 2019-01-23 20:52 - 000000000 ____D C:\Users\Matías\AppData\Local\D3DSCache 2021-06-03 07:42 - 2019-03-19 01:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2021-06-02 21:52 - 2020-02-24 16:31 - 000000000 ____D C:\Users\Matías 2021-06-02 21:47 - 2020-12-31 16:09 - 000000000 ____D C:\Users\Matías\Documents\MEGAsync Downloads 2021-06-02 21:30 - 2020-02-24 16:31 - 000000000 ____D C:\Users\Marcela 2021-06-02 21:30 - 2020-02-24 16:31 - 000000000 ____D C:\Users\Guada 2021-06-02 21:27 - 2015-10-30 03:28 - 000000000 ____D C:\Users\Default.migrated 2021-06-02 21:26 - 2016-01-13 00:30 - 000000000 ____D C:\System.sav 2021-06-02 21:26 - 2015-11-13 21:20 - 000000000 ____D C:\SAVEGAME 2021-06-02 21:05 - 2014-10-08 22:04 - 000000000 ____D C:\Program Files (x86)\Origin 2021-06-02 20:33 - 2020-04-28 11:04 - 000000000 ___HD C:\OneDriveTemp 2021-06-02 20:31 - 2019-05-18 20:42 - 000000000 ____D C:\GOG Games 2021-06-02 20:31 - 2015-11-13 20:56 - 000000000 ____D C:\MAPS 2021-06-02 20:22 - 2015-07-22 21:59 - 000000000 ____D C:\AdwCleaner 2021-06-02 20:22 - 2014-07-04 12:35 - 000000000 __SHD C:\found.000 2021-06-02 20:19 - 2014-12-09 21:24 - 000000000 ____D C:\467bf4382de8dae938b80d4e54f8c4 2021-06-02 20:15 - 2017-11-28 20:35 - 000000000 ____D C:\Users\Matías\AppData\LocalLow\Mozilla 2021-06-02 20:05 - 2018-02-13 12:27 - 000000000 ____D C:\Program Files\Google 2021-06-02 19:33 - 2020-02-20 21:12 - 000000000 ___DC C:\WINDOWS\Panther 2021-06-02 00:40 - 2013-01-02 09:11 - 000000000 ____D C:\Program Files (x86)\Google 2021-06-01 19:48 - 2016-01-13 00:31 - 000000000 ____D C:\Users\Matías\AppData\Roaming\Hewlett-Packard 2021-06-01 19:48 - 2016-01-13 00:31 - 000000000 ____D C:\Users\Matías\AppData\Local\Hewlett-Packard 2021-06-01 15:06 - 2016-07-22 15:34 - 000000000 ____D C:\Users\Matías\AppData\Roaming\vlc 2021-06-01 14:11 - 2016-07-22 15:34 - 000000000 ____D C:\Users\Matías\AppData\Roaming\dvdcss 2021-06-01 08:32 - 2014-10-08 22:06 - 000000000 ____D C:\Users\Matías\AppData\Roaming\Origin 2021-06-01 03:47 - 2019-03-19 01:50 - 000000000 ____D C:\WINDOWS\INF 2021-05-31 21:17 - 2014-12-10 22:34 - 000000000 ____D C:\Users\Matías\AppData\Roaming\FileZilla 2021-05-31 21:10 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-05-31 20:16 - 2014-10-08 22:09 - 000000000 ____D C:\Program Files (x86)\Origin Games 2021-05-31 20:16 - 2014-10-08 22:04 - 000000000 ____D C:\ProgramData\Origin 2021-05-31 20:15 - 2014-10-08 22:06 - 000000000 ____D C:\Users\Matías\AppData\Local\Origin 2021-05-31 17:44 - 2019-10-19 19:40 - 000000000 ____D C:\Program Files (x86)\The Elder Scrolls V Skyrim - Legendary Edition 2021-05-31 17:44 - 2019-03-19 01:52 - 000000000 ____D C:\Program Files (x86)\Windows NT 2021-05-31 01:45 - 2019-03-19 01:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-05-31 01:45 - 2015-07-23 20:05 - 000000000 ____D C:\ProgramData\Malwarebytes 2021-05-31 01:03 - 2019-03-19 01:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-05-30 15:18 - 2019-02-06 15:58 - 000000000 ____D C:\Program Files\Microsoft Office 2021-05-30 13:48 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-05-29 19:54 - 2021-01-16 20:21 - 000000000 ____D C:\Users\Matías\Desktop\JUEGOS 2021-05-29 14:19 - 2018-02-23 20:37 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-05-29 06:01 - 2020-06-04 11:37 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-05-29 06:01 - 2020-06-04 11:37 - 000002285 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-05-29 06:01 - 2020-06-04 11:37 - 000002285 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk 2021-05-29 04:22 - 2019-03-19 01:52 - 000000000 ___HD C:\Program Files\WindowsApps 2021-05-22 16:07 - 2020-02-24 16:57 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-824706290-3614823676-1698890305-1001 2021-05-22 16:07 - 2020-02-24 16:31 - 000002453 _____ C:\Users\Matías\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-05-12 19:12 - 2020-02-24 16:45 - 001773366 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-05-12 19:12 - 2019-03-19 08:59 - 000788560 _____ C:\WINDOWS\system32\perfh00A.dat 2021-05-12 19:12 - 2019-03-19 08:59 - 000155850 _____ C:\WINDOWS\system32\perfc00A.dat 2021-05-12 19:09 - 2019-01-21 21:44 - 000000000 ____D C:\Users\Matías\AppData\Local\PackageStaging 2021-05-12 19:09 - 2015-12-25 12:49 - 000000000 ___RD C:\Users\Matías\3D Objects 2021-05-12 19:09 - 2015-09-10 02:37 - 000000000 __RHD C:\Users\Public\AccountPictures 2021-05-12 19:05 - 2020-02-24 16:23 - 000464080 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-05-12 19:02 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\TextInput 2021-05-12 19:02 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-05-12 19:02 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2021-05-12 19:02 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-05-12 19:01 - 2020-11-17 15:45 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-05-12 19:01 - 2019-03-19 01:52 - 000000000 ___RD C:\WINDOWS\PrintDialog 2021-05-12 19:01 - 2019-03-19 01:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-05-12 19:01 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\SystemResources 2021-05-12 19:01 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\setup 2021-05-12 19:01 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2021-05-12 19:01 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-05-12 19:01 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\ShellExperiences 2021-05-12 19:01 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\Provisioning 2021-05-12 19:01 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-05-12 19:01 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\DiagTrack 2021-05-12 19:01 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-05-12 19:01 - 2019-03-19 01:52 - 000000000 ____D C:\Program Files\Windows Defender 2021-05-12 19:01 - 2019-03-19 01:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2021-05-12 19:01 - 2019-03-19 01:37 - 000000000 ____D C:\WINDOWS\servicing 2021-05-12 17:57 - 2021-04-14 14:58 - 000334551 _____ C:\Users\Matías\Desktop\Aquaria.xlsm 2021-05-12 14:02 - 2014-03-28 19:13 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-05-12 13:57 - 2012-12-27 12:27 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-05-12 04:48 - 2012-07-26 02:26 - 000000480 _____ C:\WINDOWS\win.ini 2021-05-11 11:21 - 2015-11-20 20:31 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk ==================== Archivos en la raíz de algunos directorios ======== 2021-05-30 15:14 - 2021-05-30 15:14 - 000000559 _____ () C:\Users\Matías\AppData\Local\bowsakkdestx.txt 2021-05-30 15:14 - 2021-05-30 15:14 - 000000049 _____ () C:\Users\Matías\AppData\Local\script.ps1 2018-12-14 19:36 - 2018-12-14 19:36 - 000000000 _____ () C:\Users\Matías\AppData\Local\{8B469074-9A35-4237-80AB-094237A1A1B1} ==================== SigCheck ============================ (No existe una corrección automática para los archivos que no pasan la verificación.) ==================== Final de FRST.txt ========================