Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 29-03-2020 Ejecutado por Administrador (administrador) sobre WIN-1I93FCTN6II (Gigabyte Technology Co., Ltd. To be filled by O.E.M.) (31-03-2020 21:13:28) Ejecutado desde C:\Users\Administrador\Desktop Perfiles cargados: Administrador (Perfiles disponibles: Administrador) Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Español (España, internacional) Internet Explorer Versión 8 (Navegador predeterminado: Chrome) Modo de Inicio: Normal Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesos (Lista blanca) ================= (Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Developed by Alejandro Cortés) [Archivo no firmado] C:\Users\Administrador\AppData\Roaming\sXe Injected\WinInjSrv.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe (LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe (MEDIATEK INC. -> Mediatek Inc.) C:\Program Files (x86)\Nexxt Solutions Wireless\Common\RaRegistry64.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\SOLIDWORKS Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe ==================== Registro (Lista blanca) =================== (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.) HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => - HKU\S-1-5-21-2950211697-1468767441-3156804741-500\...\Policies\system: [DisableLockWorkstation] 1 HKU\S-1-5-21-2950211697-1468767441-3156804741-500\...\Policies\Explorer: [AlwaysShowClassicMenu] 1 HKU\S-1-5-21-2950211697-1468767441-3156804741-500\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-2950211697-1468767441-3156804741-500\...\Policies\Explorer: [NoRecentDocsHistory] 1 HKU\S-1-5-21-2950211697-1468767441-3156804741-500\...\Policies\Explorer: [NoRecentDocsMenu] 1 HKU\S-1-5-21-2950211697-1468767441-3156804741-500\...\Policies\Explorer: [HideSCAHealth] 1 HKU\S-1-5-21-2950211697-1468767441-3156804741-500\...\Policies\Explorer: [NoCDBurning] 1 HKU\S-1-5-21-2950211697-1468767441-3156804741-500\...\MountPoints2: {6a3fb52c-b3b2-11e7-b3ac-94de80c43434} - L:\HiSuiteDownLoader.exe HKU\S-1-5-21-2950211697-1468767441-3156804741-500\...\MountPoints2: {6e486fb0-da4c-11e4-8f1f-94de80c43434} - H:\iLinker.exe HKU\S-1-5-21-2950211697-1468767441-3156804741-500\...\MountPoints2: {ac5d9ff9-f739-11e9-a20c-94de80c43434} - H:\LG_PC_Programs.exe HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201626352\...\Policies\system: [DisableLockWorkstation] 1 HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201626352\...\Policies\Explorer: [AlwaysShowClassicMenu] 1 HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201626352\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201626352\...\Policies\Explorer: [NoRecentDocsHistory] 1 HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201626352\...\Policies\Explorer: [NoRecentDocsMenu] 1 HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201626352\...\Policies\Explorer: [HideSCAHealth] 1 HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201626352\...\Policies\Explorer: [NoCDBurning] 1 HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201626352\...\MountPoints2: {6a3fb52c-b3b2-11e7-b3ac-94de80c43434} - L:\HiSuiteDownLoader.exe HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201626352\...\MountPoints2: {6e486fb0-da4c-11e4-8f1f-94de80c43434} - H:\iLinker.exe HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201626352\...\MountPoints2: {ac5d9ff9-f739-11e9-a20c-94de80c43434} - H:\LG_PC_Programs.exe HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201631050\...\Policies\system: [DisableLockWorkstation] 1 HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201631050\...\Policies\Explorer: [AlwaysShowClassicMenu] 1 HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201631050\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201631050\...\Policies\Explorer: [NoRecentDocsHistory] 1 HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201631050\...\Policies\Explorer: [NoRecentDocsMenu] 1 HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201631050\...\Policies\Explorer: [HideSCAHealth] 1 HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201631050\...\Policies\Explorer: [NoCDBurning] 1 HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201631050\...\MountPoints2: {6a3fb52c-b3b2-11e7-b3ac-94de80c43434} - L:\HiSuiteDownLoader.exe HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201631050\...\MountPoints2: {6e486fb0-da4c-11e4-8f1f-94de80c43434} - H:\iLinker.exe HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201631050\...\MountPoints2: {ac5d9ff9-f739-11e9-a20c-94de80c43434} - H:\LG_PC_Programs.exe HKLM\Software\...\AppCompatFlags\Custom\Audition.exe: [{75d2897c-87aa-4a06-8710-3ebda9f02de0}.sdb] -> Adobe Audition 3.0 Vista Compatibility HKLM\Software\...\AppCompatFlags\InstalledSDB\{75d2897c-87aa-4a06-8710-3ebda9f02de0}: [DatabasePath] -> C:\Windows\AppPatch\Custom\{75d2897c-87aa-4a06-8710-3ebda9f02de0}.sdb [2007-10-10] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-20] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN ==================== Tareas programadas (Lista blanca) ============ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) Task: {0590848B-9871-45AB-92A2-82C290DC8F89} - System32\Tasks\{156F4622-28DC-4D4C-616A-13B7D7C0E7BC}\bahagabe => C:\Program Files (x86)\Common Files\Cemofukoc\bahagabe.exe [476160 2013-05-05] () [Archivo no firmado] Task: {16B96871-A000-4A35-A137-BDE742E5FDB5} - System32\Tasks\{7FDF45E8-19EC-4EBB-83D2-420427A24E30} => C:\Windows\system32\pcalua.exe -a "E:\windows (XP、7、8、10)\setup.exe" -d "E:\windows (XP、7、8、10)" Task: {19C1AEF2-8631-4C15-AE98-1613B0100713} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-03-23] (Google Inc -> Google Inc.) Task: {1F645732-BED9-4BD8-B60F-ED402B524B64} - System32\Tasks\{156F4622-28DC-4D4C-616A-13B7D7C0E7BC}\laculik => C:\Program Files (x86)\Common Files\Degelahen\laculik.exe [609280 2013-04-18] () [Archivo no firmado] Task: {22A75FA6-0686-4E3A-803A-F37CE21A37FD} - System32\Tasks\{72D981E8-AD03-4168-9E7E-81701B44FB6F} => C:\Windows\system32\pcalua.exe -a C:\Users\Administrador\Downloads\com.activision.callofduty.shooter_900205109_NormalPackage_2384.exe -d C:\Users\Administrador\Downloads "C:\Windows\System32\Tasks\{2486AF5C-17EA-A885-6D85-6E98DE5A8CF5}" no pudo ser desbloqueado. <==== ATENCIÓN Task: {2774E1AE-47AE-4024-99FB-F7CA2140302E} - System32\Tasks\{2486AF5C-17EA-A885-6D85-6E98DE5A8CF5} Task: {2DEF167A-3F7A-4229-AEDC-6E37A8126625} - System32\Tasks\{2DE7156C-37E6-D178-5D20-22EE22323BB9}\pinotenar => C:\Program Files (x86)\Common Files\Goperasu\pinotenar.exe [498688 2013-04-15] () [Archivo no firmado] Task: {2FC1F994-1192-46BF-9A5D-82130E6E3206} - System32\Tasks\CCleaner Update => C:\Program Files (x86)\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd) Task: {3268DAE0-9BA2-4DA8-B27F-026F350E252C} - System32\Tasks\{67E0376A-6E98-5592-F1CE-1EC76888F026} => C:\Users\Administrador\AppData\Local\67e0376a6e985592f1ce1ec76888f026\Sidihohena.exe [2068992 2013-04-20] () [Archivo no firmado] Task: {35F075C8-E004-4F3A-A672-57095783A598} - System32\Tasks\{156F4622-28DC-4D4C-616A-13B7D7C0E7BC}\kimub => C:\Program Files (x86)\Common Files\Sotola\kimub.exe [684544 2013-04-14] () [Archivo no firmado] Task: {365B34B3-FB61-4715-B4E5-502808AD6522} - System32\Tasks\{156F4622-28DC-4D4C-616A-13B7D7C0E7BC}\tebomoc => C:\Program Files (x86)\Common Files\Lanosub\tebomoc.exe [2068992 2013-04-08] () [Archivo no firmado] Task: {36604D87-D6C2-42F6-B2DF-ACBDE570C227} - System32\Tasks\{2DE7156C-37E6-D178-5D20-22EE22323BB9}\pemega => C:\Program Files (x86)\Common Files\Seharoni\pemega.exe [2170880 2013-04-16] () [Archivo no firmado] Task: {3D3ADD37-24AB-4A2B-836D-2A1F12631EF6} - \Re-Markable Update -> Ningún archivo <==== ATENCIÓN Task: {40960A10-5994-44A5-921B-00C4972533A6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-03-23] (Google Inc -> Google Inc.) Task: {4C9BC620-9390-47CF-BA05-85E72888EAB1} - System32\Tasks\{156F4622-28DC-4D4C-616A-13B7D7C0E7BC}\coluriboke => C:\Program Files (x86)\Common Files\Kurocir\coluriboke.exe [968704 2013-04-15] () [Archivo no firmado] Task: {4E875CF5-2FB4-4DE2-B671-D22B551C27EC} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe <==== ATENCIÓN Task: {5AC3722E-9ADB-4AEC-9D43-7BC5BBA4DCE0} - System32\Tasks\{156F4622-28DC-4D4C-616A-13B7D7C0E7BC}\rotoba => C:\Program Files (x86)\Common Files\Pigocidab\rotoba.exe [2070016 2013-04-19] () [Archivo no firmado] Task: {6B250B08-3BFA-4111-8ACF-50ED88AB50D6} - System32\Tasks\{867430F7-AB77-4859-BFDF-95423A7CEB9C} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.27.0.101/es/abandoninstall?source=lightinstaller&page=tsInstall Task: {7984B238-1D1C-4CF9-BD01-976108CF5EFE} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3192080 2015-10-27] (Easeware Technology Limited -> Easeware) Task: {7CEEF6C9-8798-41D6-B41F-4C68C0BB372E} - System32\Tasks\{156F4622-28DC-4D4C-616A-13B7D7C0E7BC}\lobuk => C:\Program Files (x86)\Common Files\Cohina\lobuk.exe [610816 2013-04-12] () [Archivo no firmado] Task: {7CF2D249-E886-4B1A-9043-4A5F9B467832} - System32\Tasks\{156F4622-28DC-4D4C-616A-13B7D7C0E7BC}\pifotel => C:\Program Files (x86)\Common Files\Madobep\pifotel.exe [473088 2013-04-26] () [Archivo no firmado] Task: {7D0F01C6-FD2D-45ED-B4C1-070FA3EE7FCD} - System32\Tasks\{156F4622-28DC-4D4C-616A-13B7D7C0E7BC}\galalihuhu => C:\Program Files (x86)\Common Files\Gadebece\galalihuhu.exe [540672 2013-05-03] () [Archivo no firmado] Task: {8AD075E5-C08C-4473-AB85-5218886FA86E} - System32\Tasks\{156F4622-28DC-4D4C-616A-13B7D7C0E7BC}\kobeno => C:\Program Files (x86)\Common Files\Saganadid\kobeno.exe [660992 2013-04-21] () [Archivo no firmado] Task: {8D31212C-10A3-45F8-976B-33DA810B2B98} - \tortuga -> Ningún archivo <==== ATENCIÓN Task: {959FD19F-7AEA-45BC-8954-E0B450ACF6D2} - System32\Tasks\{0C094CD4-8C68-4030-AE4A-3C24655CEF0D} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.6.64.105/es/abandoninstall?page=tsProgressBar Task: {97F7A635-DAE4-4C09-AFE4-06C66CAE1330} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd) Task: {9EB1CAC6-FDEA-4F3D-B9AB-8E024B3689B0} - System32\Tasks\{156F4622-28DC-4D4C-616A-13B7D7C0E7BC}\relecalose => C:\Program Files (x86)\Common Files\Napake\relecalose.exe [615424 2013-04-29] () [Archivo no firmado] Task: {A23C98A2-4402-49A0-932A-0EE7B7A1C7A4} - System32\Tasks\{156F4622-28DC-4D4C-616A-13B7D7C0E7BC}\sakamihe => C:\Program Files (x86)\Common Files\Lococadotes\sakamihe.exe [879104 2013-04-30] () [Archivo no firmado] Task: {AB836F59-ADB6-48D6-B63A-2FFFAB5627A5} - System32\Tasks\{156F4622-28DC-4D4C-616A-13B7D7C0E7BC}\defone => C:\Program Files (x86)\Common Files\Kefusogomu\defone.exe [2237952 2013-04-23] () [Archivo no firmado] Task: {B21BE3EE-6CD7-42AF-9CFF-1E7CA372EE49} - System32\Tasks\{156F4622-28DC-4D4C-616A-13B7D7C0E7BC}\ripedocen => C:\Program Files (x86)\Common Files\Hoforet\ripedocen.exe [634368 2013-05-06] () [Archivo no firmado] Task: {B6C2053E-E76E-440C-9FA1-C839D0EA26A3} - System32\Tasks\{156F4622-28DC-4D4C-616A-13B7D7C0E7BC}\kifaneno => C:\Program Files (x86)\Common Files\Mosalebodaso\kifaneno.exe [2148352 2013-04-30] () [Archivo no firmado] Task: {BFB3DFA9-A759-4B62-915E-684D46CAD6D2} - System32\Tasks\{AD938F8A-0C45-4C09-A705-D1D82226CAB4} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.35.0.103/es/abandoninstall?page=tsInstall Task: {C565CFE1-7CE0-44B8-9DB0-6FF01D1CC828} - System32\Tasks\{156F4622-28DC-4D4C-616A-13B7D7C0E7BC}\semehalec => C:\Program Files (x86)\Common Files\Kiresamoh\semehalec.exe [619008 2013-04-15] () [Archivo no firmado] Task: {CD008209-A7D6-4721-AC38-33EEED55CDF5} - System32\Tasks\{F54438D8-302A-489A-BB2D-CFEB290B15ED} => C:\Windows\system32\pcalua.exe -a C:\Users\Administrador\Downloads\SFInstaller_ASG_aresgalaxy_11785577_.exe -d C:\Users\Administrador\Downloads Task: {D7019B12-C7C6-42F3-B87E-44CDA7D40003} - System32\Tasks\{2486AF5C-17EA-A885-6D85-6E98DE5A8CF5}\synhelper => C:\Users\Administrador\AppData\Roaming\Benibol\synhelper.exe [2107904 2013-04-21] () [Archivo no firmado] <==== ATENCIÓN Task: {DF94F8AB-2289-44EB-9865-9467BC1EC953} - System32\Tasks\{156F4622-28DC-4D4C-616A-13B7D7C0E7BC}\cobeta => C:\Program Files (x86)\Common Files\Hekadarogade\cobeta.exe [476160 2013-05-03] () [Archivo no firmado] Task: {FA880010-BFE7-4398-8D17-F900DD5F6864} - System32\Tasks\{156F4622-28DC-4D4C-616A-13B7D7C0E7BC}\sicorisebe => C:\Program Files (x86)\Common Files\Loragoponi\sicorisebe.exe [622080 2013-05-06] () [Archivo no firmado] (Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.) Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe Task: C:\Windows\Tasks\{2486AF5C-17EA-A885-6D85-6E98DE5A8CF5}.job => C:\Users\ADMINI~1\AppData\Roaming\DOCONO~1\synctask.exe <==== ATENCIÓN Task: C:\Windows\Tasks\{67E0376A-6E98-5592-F1CE-1EC76888F026}.job => C:\Users\ADMINI~1\AppData\Local\67E037~1\SIDIHO~1.EXE <==== ATENCIÓN ==================== Internet (Lista blanca) ==================== (Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.) Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.) Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{19EBE0BE-3E07-4829-86A2-0F2FC713D006}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{2A135057-DD3C-4DE7-9A89-55DBC24406E3}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{92366488-D62B-4C8D-A792-85CD79375B4A}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{EA8801EC-D9E9-485D-8066-71378F99914E}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{EA8801EC-D9E9-485D-8066-71378F99914E}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://ar.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wcg_mpcpfs_18_33_10¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dar%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzyyE0D0EzztD0CyEtAyEtAyEyDtDzy0CtN0D0Tzu0StByEtCzztN1L2XzuyEtFtByCtFtDtFtCtDzztN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyC0A0D0EtB0AyEyCtGtBtC0DtBtGzz0AtA0AtGtAtDzy0DtG0BzytByEtAyB0BtA0BtC0Bzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0EyCtCyC0D0FyDtGyB0ByD0EtGyEtByByEtG0AtB0ByDtGyDzz0DyEzz0F0EtByD0CtC0E2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtAyEtAyByBtBzzyB%26cr%3D1850684604%26a%3Dwcg_mpcpfs_18_33_10%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://ar.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wcg_mpcpfs_18_33_10¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dar%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzyyE0D0EzztD0CyEtAyEtAyEyDtDzy0CtN0D0Tzu0StByEtCzztN1L2XzuyEtFtByCtFtDtFtCtDzztN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyC0A0D0EtB0AyEyCtGtBtC0DtBtGzz0AtA0AtGtAtDzy0DtG0BzytByEtAyB0BtA0BtC0Bzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0EyCtCyC0D0FyDtGyB0ByD0EtGyEtByByEtG0AtB0ByDtGyDzz0DyEzz0F0EtByD0CtC0E2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtAyEtAyByBtBzzyB%26cr%3D1850684604%26a%3Dwcg_mpcpfs_18_33_10%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.bing.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = www.bing.com HKU\S-1-5-21-2950211697-1468767441-3156804741-500\Software\Microsoft\Internet Explorer\Main,Search Page = www.bing.com HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201626352\Software\Microsoft\Internet Explorer\Main,Search Page = www.bing.com HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201631050\Software\Microsoft\Internet Explorer\Main,Search Page = www.bing.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {6586d803-df30-46d3-a89a-4136c8571d45} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2950211697-1468767441-3156804741-500 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201626352 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201631050 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-30] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-30] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Sin Nombre -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Ningún archivo BHO-x32: Windows Live Aplicación auxiliar de inicio de sesión -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2014-04-19] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.) Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll [2005-09-23] (Microsoft Corporation) [Archivo no firmado] Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation) [Archivo no firmado] Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation -> Microsoft Corporation) Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF DefaultProfile: 27em5aya.default FF ProfilePath: C:\Users\Administrador\AppData\Roaming\Mozilla\Firefox\Profiles\27em5aya.default [2020-03-30] FF user.js: detected! => C:\Users\Administrador\AppData\Roaming\Mozilla\Firefox\Profiles\27em5aya.default\user.js [2017-05-10] FF Homepage: Mozilla\Firefox\Profiles\27em5aya.default -> hxxps://ar.search.yahoo.com/yhs/web?hspart=shnl&hsimp=yhs-001&type=c11045c094222110fb01a412b01¶m1=Firefox¶m2=1¶m3=campaignID%3D564%26UserID%3D1214485376¶m4=XPbueSzfBeG6K2MlxBpfEBg5afwJRzalH8Aq7yC7BPpHnKiTDD9G/hpZEcyVpqf9dL79x/bVzkSusqocVaAlBb2L19onUutVsrEU4Tv0GAr0XlkINxj/uvCh5vHXrvC7lk8miJIlh3RpDS2rThw5jrGv5sbpwzpwxEA3VR+MBSz+LS+/6PXKEbrZ258nxOKSgWKsNYH5pdjuF/OiUcvFztYHRH4lpUFFB2k8P5LGXmJQjJhIJh0JXdL/oynSAi37ZaZNbpo7Skyg0YoHyJchGdPFiClgVnFcBYSpIZMK7y82ofAfF5/w4ILJUS0yZO5bRN2ILZobAcyMUJgbznIiE4JRw27JWc8qWIvHiCh0wPeeijQJwNxAGZMmQOzmPfTTL6yR52gaBhUQgfWXpgzRbGGYtNtf23m+voYyEzfRUNPO2Sao2qwd5+56BjngR3SnzDBgvjCnYrPDOQ01OvAMUTOnoM2uJyzkDDOr64oleKQYjJo+mhKMAHLSVjbGYP1OF+ENoznZbq/y+YP6oRWRs9gI0YmSNlkUxQdcR/GdobiOz/VaRCzka5IBRlx54oONR524GXNQx01bVrPIeMxnMjumDYGmjrH/qiXw0KOFiI/wcTXJGPPGWvkQGSyHfK0LO05FMofmgJ+hCOLmo1ZVE31gybd4sGAyPsRsDXJEVJgO4ZEdgxLapbrE7Ku3uArQ FF Extension: (MEGA) - C:\Users\Administrador\AppData\Roaming\Mozilla\Firefox\Profiles\27em5aya.default\Extensions\firefox@mega.co.nz.xpi [2020-03-28] [UpdateUrl:hxxps://mega.nz/firefox-web-extension-updates.json] FF SearchPlugin: C:\Users\Administrador\AppData\Roaming\Mozilla\Firefox\Profiles\27em5aya.default\searchplugins\selafita.xml [2019-03-15] FF SearchPlugin: C:\Users\Administrador\AppData\Roaming\Mozilla\Firefox\Profiles\27em5aya.default\searchplugins\yahoo! provided.xml [2018-11-23] FF HKLM-x32\...\Firefox\Extensions: [bTG7@pOjMF5.net] - C:\Users\Administrador\AppData\Roaming\Mozilla\Firefox\Profiles\lh893hfb.default\extensions => no encontrado FF HKU\S-1-5-21-2950211697-1468767441-3156804741-500\...\Firefox\Extensions: [bTG7@pOjMF5.net] - C:\Users\Administrador\AppData\Roaming\Mozilla\Firefox\Profiles\lh893hfb.default\extensions => no encontrado FF HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201626352\...\Firefox\Extensions: [bTG7@pOjMF5.net] - C:\Users\Administrador\AppData\Roaming\Mozilla\Firefox\Profiles\lh893hfb.default\extensions => no encontrado FF HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201631050\...\Firefox\Extensions: [bTG7@pOjMF5.net] - C:\Users\Administrador\AppData\Roaming\Mozilla\Firefox\Profiles\lh893hfb.default\extensions => no encontrado FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] (Adobe Systems Incorporated -> ) FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-30] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-04-30] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] (Adobe Systems Incorporated -> ) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.) [Archivo no firmado] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Administrador\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall) [Archivo no firmado] FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc. -> RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.) [Archivo no firmado] FF Plugin HKU\S-1-5-21-2950211697-1468767441-3156804741-500: @zoom.us/ZoomVideoPlugin -> C:\Users\Administrador\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-03-26] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FF Plugin HKU\S-1-5-21-2950211697-1468767441-3156804741-500: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Ningún archivo] FF Plugin HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201626352: @zoom.us/ZoomVideoPlugin -> C:\Users\Administrador\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-03-26] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FF Plugin HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201626352: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Ningún archivo] FF Plugin HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201631050: @zoom.us/ZoomVideoPlugin -> C:\Users\Administrador\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-03-26] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FF Plugin HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201631050: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Ningún archivo] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default [2020-03-31] CHR HomePage: Default -> hxxps://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.soundcloud.com/" CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2020-02-17] CHR Extension: (Slither.io) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmplapbomebhmdffmlhgbelgcnfajapj [2016-04-25] CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-03-18] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-25] CHR Extension: (Chrome Media Router) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-20] CHR HKLM\...\Chrome\Extension: [afgeoapebnkefelmpoepnmjiflidjjce] CHR HKLM\...\Chrome\Extension: [bhdinjalofclbacjijgifpahcnjapclb] CHR HKU\S-1-5-21-2950211697-1468767441-3156804741-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [afgeoapebnkefelmpoepnmjiflidjjce] CHR HKU\S-1-5-21-2950211697-1468767441-3156804741-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bhdinjalofclbacjijgifpahcnjapclb] CHR HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201626352\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [afgeoapebnkefelmpoepnmjiflidjjce] CHR HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201626352\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bhdinjalofclbacjijgifpahcnjapclb] CHR HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201631050\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [afgeoapebnkefelmpoepnmjiflidjjce] CHR HKU\S-1-5-21-2950211697-1468767441-3156804741-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03312020201631050\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bhdinjalofclbacjijgifpahcnjapclb] CHR HKLM-x32\...\Chrome\Extension: [afgeoapebnkefelmpoepnmjiflidjjce] CHR HKLM-x32\...\Chrome\Extension: [bhdinjalofclbacjijgifpahcnjapclb] ==================== Servicios (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-04-30] (Adobe Systems) [Archivo no firmado] S4 AIPS; C:\Program Files (x86)\netcut\services\AIPS.exe [262144 2011-07-28] (Arcai.com) [Archivo no firmado] S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] (Giga-Byte Technology -> ) S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5708808 2018-04-05] (BattlEye Innovations e.K. -> ) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [775296 2018-04-05] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) R4 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation -> Intel Corporation) R4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.) S4 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-29] (Malwarebytes Inc -> Malwarebytes) R2 MediatekRegistryWriter64; C:\Program Files (x86)\Nexxt Solutions Wireless\Common\RaRegistry64.exe [454288 2016-02-18] (MEDIATEK INC. -> Mediatek Inc.) R2 MSSQL$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [191064 2012-02-11] (Microsoft Corporation -> Microsoft Corporation) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Archivo no firmado] S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3049608 2014-11-13] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) [Archivo no firmado] R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Archivo no firmado] R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc) S4 rtop; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [304456 2017-05-30] (Byte Technologies LLC -> ) <==== ATENCIÓN S4 SQLAgent$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [597080 2012-02-11] (Microsoft Corporation -> Microsoft Corporation) R2 Themes; C:\Windows\system32\themeservice.dll [44544 2014-04-19] (Microsoft Corporation) [Archivo no firmado] S4 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-03] (VIA Technologies Inc. -> VIA Technologies, Inc.) R4 Win I Service; C:\Users\Administrador\AppData\Roaming\sXe Injected\wininjsrv.exe [2065408 2016-12-13] (Developed by Alejandro Cortés) [Archivo no firmado] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Windows -> Microsoft Corporation) S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\WsAppService.exe [252816 2015-04-30] (Shenzhen Wondershare Information Technology Co., Ltd. -> Wondershare) S2 Mobizen plugin; C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe [X] S2 QMEmulatorService; "D:\Program Files\TxGameAssistant\AppMarket_2880215\QMEmulatorService.exe" [X] ===================== Controladores (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus64.sys [29184 2015-05-12] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [30720 2015-05-12] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2015-05-12] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] (Giga-Byte Technology -> ) S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.) S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [2215056 2016-02-18] (MEDIATEK INC. -> MediaTek Inc.) S4 RsFx0200; C:\Windows\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation -> Microsoft Corporation) S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [5095144 2017-12-22] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation ) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 SndTAudio; C:\Windows\System32\drivers\SndTAudio.sys [36064 2014-07-28] (cyan soft ltd -> Windows (R) Win 7 DDK provider) R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2016-04-21] () [Archivo no firmado] S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [2206352 2012-08-03] (VIA Technologies Inc. -> VIA Technologies, Inc.) S3 VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [198400 2009-03-11] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation) S3 vvftUVC; C:\Windows\System32\drivers\vvftUVC.sys [303616 2008-07-01] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation) U3 axv4f6m2; C:\Windows\System32\Drivers\axv4f6m2.sys [0 0000-00-00] (Microsoft Corporation) <==== ATENCIÓN (cero bytes Archivo/Carpeta) S3 gdrv; \??\C:\Windows\gdrv.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] S3 zlportio; \??\C:\Program Files (x86)\UltraStar Deluxe\zlportio.sys [X] ==================== NetSvcs (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) ==================== Un mes (creado) =================== (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2020-03-31 21:13 - 2020-03-31 21:14 - 000040379 _____ C:\Users\Administrador\Desktop\FRST.txt 2020-03-31 21:13 - 2020-03-31 21:14 - 000000000 ____D C:\FRST 2020-03-31 21:12 - 2020-03-31 21:12 - 002280448 _____ (Farbar) C:\Users\Administrador\Desktop\FRST64 (1).exe 2020-03-30 07:53 - 2020-03-30 07:53 - 000005371 _____ C:\Users\Administrador\Desktop\AdwCleaner[C00].txt 2020-03-30 07:37 - 2020-03-30 07:38 - 000116908 _____ C:\Users\Administrador\Desktop\malwarebytes.txt 2020-03-30 07:26 - 2020-03-30 07:33 - 000000282 __RSH C:\ProgramData\ntuser.pol 2020-03-29 20:37 - 2020-03-29 23:14 - 000000000 ____D C:\Users\Administrador\AppData\LocalLow\IGDump 2020-03-29 20:33 - 2020-03-31 20:34 - 000004140 _____ C:\Windows\system32\Tasks\CCleaner Update 2020-03-29 20:33 - 2020-03-29 20:33 - 000002850 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC 2020-03-29 20:33 - 2020-03-29 20:33 - 000000977 _____ C:\Users\Public\Desktop\CCleaner.lnk 2020-03-29 20:33 - 2020-03-29 20:33 - 000000977 _____ C:\ProgramData\Desktop\CCleaner.lnk 2020-03-29 20:33 - 2020-03-29 20:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2020-03-29 20:32 - 2020-03-29 20:32 - 000000000 ____D C:\Users\Administrador\AppData\Local\mbam 2020-03-29 20:32 - 2020-03-29 20:32 - 000000000 ____D C:\Users\Administrador\AppData\Local\cache 2020-03-29 20:31 - 2020-03-29 20:31 - 000001908 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2020-03-29 20:31 - 2020-03-29 20:31 - 000001908 _____ C:\ProgramData\Desktop\Malwarebytes.lnk 2020-03-29 20:31 - 2020-03-29 20:31 - 000000000 ____D C:\Users\Administrador\AppData\Local\mbamtray 2020-03-29 20:31 - 2020-03-29 20:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2020-03-29 20:31 - 2020-03-29 20:30 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2020-03-29 20:29 - 2020-03-30 07:51 - 000000000 ____D C:\AdwCleaner 2020-03-29 20:29 - 2020-03-29 20:31 - 022267336 _____ (Piriform Software Ltd) C:\Users\Administrador\Downloads\ccsetup565.exe 2020-03-29 20:29 - 2020-03-29 20:29 - 008199856 _____ (Malwarebytes) C:\Users\Administrador\Desktop\adwcleaner_8.0.3.exe 2020-03-29 20:29 - 2020-03-29 20:29 - 000000000 ____D C:\Program Files\Malwarebytes 2020-03-29 20:28 - 2020-03-29 20:28 - 001957784 _____ (Malwarebytes) C:\Users\Administrador\Downloads\MBSetup.exe 2020-03-29 18:12 - 2020-03-29 18:13 - 000000065 _____ C:\Users\Administrador\Desktop\clave forospyware.txt 2020-03-29 10:59 - 2020-03-29 11:00 - 016272887 _____ C:\Users\Administrador\Desktop\Sin título.mp4 2020-03-29 08:58 - 2020-03-29 08:58 - 000002033 _____ C:\Users\Administrador\Desktop\Chromium.lnk 2020-03-29 08:57 - 2020-03-29 08:57 - 000158438 _____ C:\Users\Administrador\AppData\Roaming\Nedeba 2020-03-29 08:57 - 2020-03-29 08:57 - 000158438 _____ C:\Users\Administrador\AppData\Roaming\Hufadu 2020-03-29 08:57 - 2020-03-29 08:57 - 000158438 _____ C:\Users\Administrador\AppData\Roaming\Bomula 2020-03-28 15:05 - 2020-03-28 15:05 - 001011120 _____ (Mixbyte Inc. ) C:\Users\Administrador\Downloads\FreemakeVideoConverterSetup_7e3f6ab1-73fe-538e-4b1b-1d111a8f31d1.exe 2020-03-28 14:59 - 2020-03-28 14:59 - 000331939 _____ C:\Users\Administrador\Desktop\asd (1).mp4 2020-03-28 14:36 - 2020-03-28 14:43 - 000266896 _____ C:\Users\Administrador\Downloads\SAINt JHN - Roses (Imanbek Remix) (Official Music Video) (320 kbps) (convertmp3.me).mp3.sfk 2020-03-28 14:32 - 2020-03-28 14:32 - 001653255 _____ C:\Users\Administrador\Downloads\WhatsApp Video 2020-03-28 at 14.00.21.mp4 2020-03-28 14:32 - 2020-03-28 14:32 - 001653255 _____ C:\Users\Administrador\Downloads\WhatsApp Video 2020-03-28 at 14.00.21(1).mp4 2020-03-28 14:30 - 2020-03-31 20:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2020-03-28 14:17 - 2020-03-28 14:45 - 132553997 _____ C:\Users\Administrador\Downloads\SonyVegasPBORIS 64Bits.rar 2020-03-28 13:56 - 2020-03-28 13:56 - 000000000 ____D C:\ProgramData\VEGAS Pro 2020-03-28 13:55 - 2020-03-28 14:44 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\VEGAS 2020-03-28 13:55 - 2020-03-28 13:55 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\VEGAS Pro 2020-03-28 13:55 - 2020-03-28 13:55 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\MAGIX 2020-03-28 13:55 - 2020-03-28 13:55 - 000000000 ____D C:\Users\Administrador\AppData\Local\VEGAS Pro 2020-03-28 13:55 - 2020-03-28 13:55 - 000000000 ____D C:\Users\Administrador\AppData\Local\Sony 2020-03-28 13:55 - 2020-03-28 13:55 - 000000000 ____D C:\Users\Administrador\AppData\Local\Plugin.VegasOfxStitch 2020-03-28 13:55 - 2020-03-28 13:55 - 000000000 ____D C:\Users\Administrador\AppData\Local\Plugin.MxOfxRotation 2020-03-28 13:55 - 2020-03-28 13:55 - 000000000 ____D C:\Users\Administrador\AppData\Local\MAGIX 2020-03-28 13:54 - 2020-03-28 13:54 - 000000000 ____D C:\ProgramData\Magix 2020-03-28 13:53 - 2020-03-28 13:53 - 000001005 _____ C:\Users\Public\Desktop\VEGAS Pro 16.0.lnk 2020-03-28 13:53 - 2020-03-28 13:53 - 000001005 _____ C:\ProgramData\Desktop\VEGAS Pro 16.0.lnk 2020-03-28 13:53 - 2020-03-28 13:53 - 000000000 ____D C:\Users\Administrador\AppData\Local\VEGAS 2020-03-28 13:53 - 2020-03-28 13:53 - 000000000 ____D C:\ProgramData\VEGAS 2020-03-28 13:53 - 2020-03-28 13:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS 2020-03-28 13:53 - 2020-03-28 13:53 - 000000000 ____D C:\Program Files\VEGAS 2020-03-28 13:53 - 2020-03-28 13:53 - 000000000 ____D C:\Program Files\Common Files\OFX 2020-03-28 13:53 - 2020-03-28 13:53 - 000000000 ____D C:\Program Files (x86)\VEGAS 2020-03-28 13:51 - 2020-03-28 13:51 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Sony 2020-03-28 13:49 - 2020-03-28 13:50 - 014553374 _____ C:\Users\Administrador\Downloads\twixtortutosweb88.rar 2020-03-28 13:48 - 2020-03-28 13:49 - 559718802 _____ C:\Users\Administrador\Downloads\vegas 16 Tutosweb88.rar 2020-03-26 19:51 - 2020-03-26 19:51 - 000000651 _____ C:\Users\Administrador\Desktop\Musica - Acceso directo.lnk 2020-03-26 18:01 - 2020-03-26 18:01 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2020-03-26 18:00 - 2020-03-26 18:00 - 000078168 _____ (Zoom Video Communications, Inc.) C:\Users\Administrador\Downloads\Zoom_o42l8sofizku_b359586862c1c845.exe 2020-03-26 17:58 - 2020-03-26 18:01 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Zoom 2020-03-26 16:40 - 2020-03-30 08:10 - 000000000 ____D C:\Users\Administrador\Desktop\Juegos 2020-03-26 16:40 - 2020-03-30 07:23 - 000000000 ____D C:\Users\Administrador\Desktop\Accesos sowtware 2020-03-23 14:04 - 2020-03-23 14:04 - 000000000 ____D C:\Users\Administrador\AppData\Local\Vivox 2020-03-21 01:01 - 2020-03-21 01:01 - 000202535 _____ C:\Users\Administrador\AppData\Roaming\Pakahucakil 2020-03-18 19:42 - 2020-03-18 19:42 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TP-Link 2020-03-18 19:42 - 2020-03-18 19:42 - 000000000 ____D C:\Program Files (x86)\TP-Link 2020-03-18 19:41 - 2017-12-22 01:04 - 005095144 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\rtwlanu.sys 2020-03-18 19:41 - 2017-12-22 01:04 - 005095144 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtwlanu.sys 2020-03-18 19:41 - 2017-12-22 01:04 - 001163496 _____ (Realtek Semiconductor Corp. ) C:\Windows\system32\Rtlihvs.dll 2020-03-18 19:41 - 2017-12-22 01:04 - 000105192 _____ (Realtek Semiconductor Corp. ) C:\Windows\system32\RtlExtUI.dll 2020-03-18 19:41 - 2017-12-22 01:04 - 000039144 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\system32\rtlCoInst.dll 2020-03-18 19:41 - 2017-12-22 01:03 - 000025308 _____ C:\Windows\system32\netrtwlanu.cat 2020-03-18 19:41 - 2017-12-22 00:55 - 000008351 _____ C:\Windows\system32\rtlCoInst.dat 2020-03-18 19:41 - 2017-12-22 00:55 - 000002083 _____ C:\Windows\system32\TP_TXPWR_LMT_Enc.txt 2020-03-18 19:41 - 2017-12-22 00:55 - 000002083 _____ C:\Windows\system32\Drivers\TP_TXPWR_LMT_Enc.txt 2020-03-18 19:41 - 2017-12-22 00:55 - 000000633 _____ C:\Windows\system32\TP_PHY_REG_PG_Enc.txt 2020-03-18 19:41 - 2017-12-22 00:55 - 000000633 _____ C:\Windows\system32\Drivers\TP_PHY_REG_PG_Enc.txt 2020-03-18 19:40 - 2020-03-18 19:42 - 000000000 ____D C:\Users\Administrador\AppData\Local\TP-Link 2020-03-18 19:40 - 2020-03-18 19:40 - 000000000 ____D C:\ProgramData\TP-LINK 2020-03-18 18:01 - 2020-03-18 18:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyTweak 2020-03-18 18:01 - 2020-03-18 18:01 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KeyTweak 2020-03-18 18:01 - 2020-03-18 18:01 - 000000000 ____D C:\Program Files (x86)\KeyTweak 2020-03-16 23:43 - 2020-03-16 23:43 - 000018042 _____ C:\Users\Administrador\Downloads\C1NC6.torrent 2020-03-16 00:10 - 2020-03-31 21:10 - 000000294 _____ C:\Windows\Tasks\{67E0376A-6E98-5592-F1CE-1EC76888F026}.job 2020-03-16 00:10 - 2020-03-16 00:10 - 000003264 _____ C:\Windows\system32\Tasks\{67E0376A-6E98-5592-F1CE-1EC76888F026} 2020-03-16 00:10 - 2020-03-16 00:10 - 000000000 ____D C:\Users\Administrador\AppData\Local\67e0376a6e985592f1ce1ec76888f026 2020-03-16 00:08 - 2020-03-16 00:08 - 000111316 _____ C:\Users\Administrador\AppData\Roaming\Daturoli 2020-03-08 09:55 - 2020-03-08 09:55 - 000294324 _____ C:\Users\Administrador\AppData\Roaming\Recudape 2020-03-03 14:28 - 2020-03-03 14:28 - 000029462 _____ C:\Users\Administrador\Downloads\pagoTarjeta (8).pdf 2020-03-03 14:27 - 2020-03-03 14:27 - 000004487 _____ C:\Users\Administrador\Downloads\transferencia (5).pdf ==================== Un mes (modificado) ================== (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2020-03-31 21:10 - 2018-11-01 17:52 - 000000000 ____D C:\Users\Administrador\AppData\Local\LogMeIn Hamachi 2020-03-31 20:53 - 2015-02-03 23:54 - 000004038 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{12FFC8EC-2D43-48AE-B855-D04D627036A2} 2020-03-31 20:23 - 2009-07-14 01:45 - 000014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2020-03-31 20:23 - 2009-07-14 01:45 - 000014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2020-03-31 20:22 - 2017-05-30 03:22 - 000000296 _____ C:\Windows\Tasks\{2486AF5C-17EA-A885-6D85-6E98DE5A8CF5}.job 2020-03-31 20:15 - 2016-04-12 15:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-03-31 20:15 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-03-31 00:58 - 2017-06-06 23:00 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\discord 2020-03-30 13:55 - 2020-02-17 15:56 - 000000000 ____D C:\Users\Administrador\AppData\LocalLow\Mozilla 2020-03-30 10:56 - 2009-07-14 06:31 - 000833980 _____ C:\Windows\system32\perfh00A.dat 2020-03-30 10:56 - 2009-07-14 06:31 - 000193730 _____ C:\Windows\system32\perfc00A.dat 2020-03-30 10:56 - 2009-07-14 02:13 - 001924748 _____ C:\Windows\system32\PerfStringBackup.INI 2020-03-30 10:56 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf 2020-03-30 08:11 - 2016-06-16 19:18 - 000000000 ____D C:\Users\Administrador\Desktop\Escritorio 2020-03-30 08:06 - 2018-08-15 20:55 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\MPC-HC 2020-03-30 08:06 - 2017-02-13 00:00 - 000000000 ____D C:\Program Files (x86)\Steam 2020-03-30 08:06 - 2016-09-26 04:29 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\TS3Client 2020-03-30 08:06 - 2016-04-20 11:59 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\uTorrent 2020-03-30 08:06 - 2015-06-03 18:35 - 000000000 ____D C:\Users\Administrador\Tracing 2020-03-30 08:06 - 2014-04-19 17:16 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Media Player Classic 2020-03-30 08:03 - 2014-05-01 08:52 - 000000000 ____D C:\Users\Administrador\AppData\Local\CrashDumps 2020-03-30 08:03 - 2014-04-19 11:18 - 000000000 ____D C:\Windows\Panther 2020-03-30 07:22 - 2018-12-10 12:07 - 000000000 ____D C:\Windows\system32\Tasks\{156F4622-28DC-4D4C-616A-13B7D7C0E7BC} 2020-03-30 07:22 - 2018-09-06 07:57 - 000000000 ____D C:\Windows\system32\Tasks\{2DE7156C-37E6-D178-5D20-22EE22323BB9} 2020-03-30 00:56 - 2015-11-10 13:43 - 000000561 _____ C:\Users\Administrador\AppData\Roaming\WB.CFG 2020-03-29 20:33 - 2014-04-19 15:38 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner 2020-03-29 20:33 - 2014-04-19 15:38 - 000000000 ____D C:\Program Files (x86)\CCleaner 2020-03-28 14:57 - 2014-04-19 15:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Video Converter 2020-03-28 13:57 - 2014-10-16 09:19 - 000000000 ____D C:\Users\Administrador\AppData\Local\Spotify 2020-03-28 13:48 - 2014-10-16 09:13 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Spotify 2020-03-26 22:07 - 2017-06-07 13:38 - 000004601 _____ C:\Windows\Cm108.ini.imi 2020-03-20 19:13 - 2014-04-19 15:48 - 000003472 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2020-03-20 19:13 - 2014-04-19 15:48 - 000003344 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2020-03-20 09:05 - 2015-03-23 21:45 - 000002182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-03-18 19:41 - 2014-04-19 15:33 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2020-03-17 00:49 - 2017-06-06 23:00 - 000002207 _____ C:\Users\Administrador\Desktop\Discord.lnk 2020-03-17 00:49 - 2017-06-06 22:59 - 000000000 ____D C:\Users\Administrador\AppData\Local\Discord 2020-03-03 14:19 - 2020-02-26 18:51 - 000000065 _____ C:\Users\Administrador\Desktop\Seguro a dar de baja banco santa fe.txt ==================== Archivos en la raíz de algunos directorios ======== 2015-11-10 17:47 - 2015-11-10 19:00 - 000002879 _____ () C:\ProgramData\24188e0da34438d7.dat 2019-11-02 11:55 - 2019-11-02 11:55 - 000278072 _____ () C:\Users\Administrador\AppData\Roaming\Biposofacoc 2019-02-08 11:55 - 2019-02-08 11:55 - 000214718 _____ () C:\Users\Administrador\AppData\Roaming\Bogebepi 2020-03-29 08:57 - 2020-03-29 08:57 - 000158438 _____ () C:\Users\Administrador\AppData\Roaming\Bomula 2019-08-27 04:55 - 2019-08-27 04:55 - 000218578 _____ () C:\Users\Administrador\AppData\Roaming\Cemak 2020-03-16 00:08 - 2020-03-16 00:08 - 000111316 _____ () C:\Users\Administrador\AppData\Roaming\Daturoli 2019-03-25 12:55 - 2019-03-25 12:55 - 000116206 _____ () C:\Users\Administrador\AppData\Roaming\Degakutab 2019-08-02 18:08 - 2019-08-02 18:08 - 000158009 _____ () C:\Users\Administrador\AppData\Roaming\Doceninem 2019-12-26 21:55 - 2019-12-26 21:55 - 000244780 _____ () C:\Users\Administrador\AppData\Roaming\Fecekokagime 2019-02-27 14:08 - 2019-02-27 14:08 - 000218699 _____ () C:\Users\Administrador\AppData\Roaming\Fekupufanip 2020-02-01 16:55 - 2020-02-01 16:55 - 000218008 _____ () C:\Users\Administrador\AppData\Roaming\Folepa 2020-02-01 16:55 - 2020-02-01 16:55 - 000184320 _____ () C:\Users\Administrador\AppData\Roaming\Folepa.exe 2019-03-07 14:55 - 2019-03-07 14:55 - 000297633 _____ () C:\Users\Administrador\AppData\Roaming\Fonicibot 2019-04-23 11:08 - 2019-04-23 11:08 - 000246801 _____ () C:\Users\Administrador\AppData\Roaming\Hefun 2019-07-23 19:08 - 2019-07-23 19:08 - 000168748 _____ () C:\Users\Administrador\AppData\Roaming\Hidega 2019-10-25 12:55 - 2019-10-25 12:55 - 000139363 _____ () C:\Users\Administrador\AppData\Roaming\Hipocefoha 2019-12-16 11:55 - 2019-12-16 11:55 - 000340975 _____ () C:\Users\Administrador\AppData\Roaming\Hohes 2020-03-29 08:57 - 2020-03-29 08:57 - 000158438 _____ () C:\Users\Administrador\AppData\Roaming\Hufadu 2019-08-19 00:55 - 2019-08-19 00:55 - 000134927 _____ () C:\Users\Administrador\AppData\Roaming\Kabofohor 2020-01-12 23:55 - 2020-01-12 23:55 - 000186689 _____ () C:\Users\Administrador\AppData\Roaming\Kohare 2019-02-17 10:08 - 2019-02-17 10:08 - 000212398 _____ () C:\Users\Administrador\AppData\Roaming\Lamoge 2020-02-25 18:56 - 2020-02-25 18:56 - 000331217 _____ () C:\Users\Administrador\AppData\Roaming\Milopur 2020-02-17 15:55 - 2020-02-17 15:55 - 000175769 _____ () C:\Users\Administrador\AppData\Roaming\Mucasocat 2020-03-29 08:57 - 2020-03-29 08:57 - 000158438 _____ () C:\Users\Administrador\AppData\Roaming\Nedeba 2020-03-21 01:01 - 2020-03-21 01:01 - 000202535 _____ () C:\Users\Administrador\AppData\Roaming\Pakahucakil 2019-06-29 13:55 - 2019-06-29 13:55 - 000311108 _____ () C:\Users\Administrador\AppData\Roaming\Papapisem 2020-03-08 09:55 - 2020-03-08 09:55 - 000294324 _____ () C:\Users\Administrador\AppData\Roaming\Recudape 2020-01-04 00:55 - 2020-01-04 00:55 - 000297784 _____ () C:\Users\Administrador\AppData\Roaming\Ritanukeda 2019-03-15 17:08 - 2019-03-15 17:08 - 000174146 _____ () C:\Users\Administrador\AppData\Roaming\Rufagimemaku 2019-09-06 21:55 - 2019-09-06 21:55 - 000304931 _____ () C:\Users\Administrador\AppData\Roaming\Secamaho 2019-09-15 23:55 - 2019-09-15 23:55 - 000246440 _____ () C:\Users\Administrador\AppData\Roaming\Tomiko 2015-11-10 13:43 - 2020-03-30 00:56 - 000000561 _____ () C:\Users\Administrador\AppData\Roaming\WB.CFG 2020-01-14 00:55 - 2020-01-14 00:55 - 000326427 _____ () C:\Users\Administrador\AppData\Local\AhUBiVCj 2017-12-18 17:22 - 2017-12-19 21:21 - 000000068 _____ () C:\Users\Administrador\AppData\Local\AhUBiVCjWD 2017-06-21 10:15 - 2017-06-21 10:15 - 000299008 ___SH () C:\Users\Administrador\AppData\Local\dwm.dll 2019-02-12 17:10 - 2019-08-28 15:55 - 000007594 _____ () C:\Users\Administrador\AppData\Local\Resmon.ResmonCfg 2017-05-30 03:21 - 2017-05-30 03:22 - 000000192 _____ () C:\Users\Administrador\AppData\Local\uts.ini 2015-05-06 12:56 - 2015-05-06 12:56 - 000000000 _____ () C:\Users\Administrador\AppData\Local\{1E137B4C-E8C4-4FAD-B16D-468E4F8AECD8} 2015-10-13 12:43 - 2015-10-13 12:43 - 000000000 _____ () C:\Users\Administrador\AppData\Local\{B1BD034B-2345-439B-9BA6-40B0D6DA59D5} 2018-02-04 15:40 - 2018-02-04 15:40 - 000000000 _____ () C:\Users\Administrador\AppData\Local\{C4E7027D-24CD-4C9C-8AE1-B84D9740317D} ==================== SigCheck ============================ (No existe una corrección automática para los archivos que no pasan la verificación.) LastRegBack: 2020-03-29 23:39 ==================== Final de FRST.txt ========================