Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 14-04-2020 Ejecutado por Gabriela Kary (administrador) sobre GABRIELAKARY-PC (ASUSTeK Computer Inc. K53E) (14-04-2020 11:09:31) Ejecutado desde C:\Users\Gabriela Kary\Desktop Perfiles cargados: Gabriela Kary (Perfiles disponibles: Gabriela Kary & Administrador) Platform: Windows 10 Home Versión 1909 18363.720 (X64) Idioma: Español (España, internacional) Navegador predeterminado: Chrome Modo de Inicio: Normal Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesos (Lista blanca) ================= (Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.) (Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\AvBugReport.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <2> (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Fork, Ltd.) [Archivo no firmado] C:\Windows\Prey\wpxsvc.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe (ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe (Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.4\Lightshot.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Users\Gabriela Kary\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2> (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12624.20368.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotification.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotificationUx.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WerFault.exe (Node.js Foundation -> Node.js) C:\Windows\Prey\versions\1.9.3\bin\node.exe (Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Prey SpA -> Fork, Ltd.) [Archivo no firmado] C:\Windows\Prey\versions\1.9.3\node_modules\os-triggers\bin\lightevt.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Slack Technologies, Inc. -> Slack Technologies Inc.) C:\Users\Gabriela Kary\AppData\Local\slack\app-4.4.2\slack.exe <5> Error al acceder al proceso -> explorer.exe ==================== Registro (Lista blanca) =================== (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391104 1999-12-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506368 1999-12-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [108216 2020-04-01] (Avast Software s.r.o. -> AVAST Software) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3500056 2017-07-27] (Adobe Systems, Incorporated -> Adobe Systems Inc.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6261248 2020-03-19] (Dropbox, Inc -> Dropbox, Inc.) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> ) HKU\S-1-5-21-770216848-1095929110-15174267-1000\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEMN.EXE [945856 2013-03-06] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-770216848-1095929110-15174267-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-770216848-1095929110-15174267-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd) HKU\S-1-5-21-770216848-1095929110-15174267-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44024 2020-01-18] (Glarysoft LTD -> Glarysoft Ltd) HKU\S-1-5-21-770216848-1095929110-15174267-1000\...\Run: [com.squirrel.slack.slack] => C:\Users\Gabriela Kary\AppData\Local\slack\slack.exe [306704 2020-04-06] (Slack Technologies, Inc. -> Slack Technologies Inc.) HKU\S-1-5-21-770216848-1095929110-15174267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142020105736781\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEMN.EXE [945856 2013-03-06] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-770216848-1095929110-15174267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142020105736781\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-770216848-1095929110-15174267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142020105736781\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd) HKU\S-1-5-21-770216848-1095929110-15174267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142020105736781\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44024 2020-01-18] (Glarysoft LTD -> Glarysoft Ltd) HKU\S-1-5-21-770216848-1095929110-15174267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142020105736781\...\Run: [com.squirrel.slack.slack] => C:\Users\Gabriela Kary\AppData\Local\slack\slack.exe [306704 2020-04-06] (Slack Technologies, Inc. -> Slack Technologies Inc.) HKU\S-1-5-21-770216848-1095929110-15174267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142020105736781\...\RunOnce: [Application Restart #0] => C:\Windows\System32\Taskmgr.exe [1071184 2020-03-11] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-770216848-1095929110-15174267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142020105751308\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEMN.EXE [945856 2013-03-06] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-770216848-1095929110-15174267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142020105751308\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-770216848-1095929110-15174267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142020105751308\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd) HKU\S-1-5-21-770216848-1095929110-15174267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142020105751308\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44024 2020-01-18] (Glarysoft LTD -> Glarysoft Ltd) HKU\S-1-5-21-770216848-1095929110-15174267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142020105751308\...\Run: [com.squirrel.slack.slack] => C:\Users\Gabriela Kary\AppData\Local\slack\slack.exe [306704 2020-04-06] (Slack Technologies, Inc. -> Slack Technologies Inc.) HKU\S-1-5-21-770216848-1095929110-15174267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142020105751308\...\RunOnce: [Application Restart #0] => C:\Windows\System32\Taskmgr.exe [1071184 2020-03-11] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-770216848-1095929110-15174267-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142020105731464\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session --flag-switches-begin --flag-switches-end - (la entrada de datos tiene 102 más caracteres). HKU\S-1-5-21-770216848-1095929110-15174267-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142020105746636\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session --flag-switches-begin --flag-switches-end - (la entrada de datos tiene 102 más caracteres). HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-06] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2020-04-01] ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software s.r.o. -> AVAST Software) BootExecute: autocheck autochk * FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN ==================== Tareas programadas (Lista blanca) ============ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) Task: {1B3AF3BB-8861-4835-948A-334DF652B011} - System32\Tasks\{4F70C83B-CACA-4FF0-AEFB-14252590040C} => C:\Users\Gabriela Kary\Desktop\Gisele\AtomSetup-x64.exe [187804192 2020-01-23] (GitHub, Inc. -> GitHub Inc.) Task: {2C02FC6D-1181-468C-A662-7F23E39117F0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems) Task: {33466E2E-0BB8-412F-9B7E-6A50F5202214} - System32\Tasks\{4DE5A624-A3F1-495E-8105-D6D15D50BB8A} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.40.0.104/es/go/help.faq.installer?LastError=1603 Task: {3B1EECAD-3E23-48F4-BA7F-8FC4288B7865} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {46A1DE2D-A10D-442A-B7F6-0795A3D65CC2} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-18] (Dropbox, Inc -> Dropbox, Inc.) Task: {4BB7CBD3-D64B-4569-960E-759954BA1A4F} - System32\Tasks\ACC => C:\Program Files\DriverSetupUtility\FUB\FUB_Send.bat Task: {4E2FD818-9312-4307-83D1-E7C4A32F3AF7} - System32\Tasks\{B6883D5C-3DE1-4E78-BF19-527C7BDBEF3E} => C:\Users\Gabriela Kary\Desktop\Gisele\AtomSetup-x64.exe [187804192 2020-01-23] (GitHub, Inc. -> GitHub Inc.) Task: {59DF4E26-FAC5-464C-AD54-D80604DB4E08} - System32\Tasks\{1268FA86-D8AF-489A-8C5E-0314587AF0BF} => C:\Users\Gabriela Kary\Desktop\Gisele\AtomSetup-x64.exe [187804192 2020-01-23] (GitHub, Inc. -> GitHub Inc.) Task: {5E678BEA-1DFE-4901-9B9D-A1544431E348} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-18] (Dropbox, Inc -> Dropbox, Inc.) Task: {7012DE04-50F9-4FEE-A903-CDFB4F0DF8CA} - System32\Tasks\{6263F325-B92F-49FA-9EFF-DE0D91264474} => C:\Users\Gabriela Kary\Desktop\Gisele\AtomSetup-x64.exe [187804192 2020-01-23] (GitHub, Inc. -> GitHub Inc.) Task: {7356C1AA-A484-4C37-B45C-729679FA0658} - System32\Tasks\G2MUpdateTask-S-1-5-21-770216848-1095929110-15174267-1000 => C:\Users\Gabriela Kary\AppData\Local\GoToMeeting\17052\g2mupdate.exe [32256 2020-03-03] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {81339B11-28CE-4CA8-930E-37248A1BF769} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software) Task: {8470B3B8-92CF-4851-A801-E324C6FEB8DD} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [124304 2017-11-23] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {8CBC541F-7A23-4745-9A7F-ED031F6C78D1} - System32\Tasks\Avast Cleanup Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [1659000 2020-04-01] (AVAST Software s.r.o. -> AVAST Software) Task: {8FAAFB0F-2E06-4774-9E71-F74C08DD7A7A} - System32\Tasks\GoogleUpdateTaskMachineUA1ced5648c45b62c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.) Task: {986A1806-FEBE-47E7-AE16-AD9E1B7936EA} - System32\Tasks\{6B1FD6A4-DFE9-497C-B7C7-A82EF288A14B} => C:\Users\Gabriela Kary\Desktop\Gisele\AtomSetup-x64.exe [187804192 2020-01-23] (GitHub, Inc. -> GitHub Inc.) Task: {9938523E-C1BA-46EF-95E2-C1CBD7FD55CF} - System32\Tasks\{239BA00A-8DFC-44C2-9729-67E764D82316} => C:\Users\Gabriela Kary\Desktop\Gisele\AtomSetup-x64.exe [187804192 2020-01-23] (GitHub, Inc. -> GitHub Inc.) Task: {A1A48A06-21C8-4EFB-97BB-51B3D9D1CC34} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3325032 2020-04-01] (Avast Software s.r.o. -> AVAST Software) Task: {A2B50C94-2333-4188-AEEE-5943A900F6CE} - System32\Tasks\{C6B83AE3-034E-4844-B7BE-5E71616CA141} => C:\Users\Gabriela Kary\Desktop\Gisele\AtomSetup-x64.exe [187804192 2020-01-23] (GitHub, Inc. -> GitHub Inc.) Task: {A2F001C3-981B-4340-A92C-83DBEAF56448} - System32\Tasks\G2MUploadTask-S-1-5-21-770216848-1095929110-15174267-1000 => C:\Users\Gabriela Kary\AppData\Local\GoToMeeting\17052\g2mupload.exe [32256 2020-03-03] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {A4A488E9-4EC3-4FD3-B126-F0A099B63C43} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [124304 2017-11-23] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {AAACD218-5FC1-485E-8DC7-F7B84E1875BF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd) Task: {B29A43C0-147F-4730-93E5-0361CB3197F3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-11] (Adobe Inc. -> Adobe) Task: {B7DB54DC-29DC-44EB-BC82-979735031739} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506368 1999-12-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {BBF0B6A3-0F22-4A86-BD14-F6691553FD50} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_Plugin.exe [1458232 2020-03-11] (Adobe Inc. -> Adobe) Task: {BD1611CF-D08F-4939-A391-2C60DCA2669F} - System32\Tasks\GoogleUpdateTaskMachineCore1ced5648adcab03 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.) Task: {C0427E62-DBC5-4776-B33C-32BEF40FA8D8} - System32\Tasks\{AA244116-27C3-430E-B92D-3E655B78268F} => C:\Users\Gabriela Kary\Desktop\Gisele\AtomSetup-x64.exe [187804192 2020-01-23] (GitHub, Inc. -> GitHub Inc.) Task: {C1346CAF-9DFC-4A87-A08A-321E16A609EF} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506368 1999-12-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {CF1BB3E6-BEE4-420E-8FCF-56D95996562C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd) Task: {E3C0AD47-8CD7-4A38-96A4-36A38FEE0E25} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Gabriela Kary\Desktop\Gisele\esetonlinescanner.exe [14566496 2020-04-03] (ESET, spol. s r.o. -> ESET spol. s r.o.) Task: {E763CC7A-A92A-4BC3-A0C2-B092E03EF765} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Gabriela Kary\Desktop\Gisele\esetonlinescanner.exe [14566496 2020-04-03] (ESET, spol. s r.o. -> ESET spol. s r.o.) Task: {EC918679-274E-49E2-AA65-6C26B08FFC69} - System32\Tasks\update-S-1-5-21-770216848-1095929110-15174267-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: ) Task: {EF69C488-6026-4EBD-BAD3-3E5D7CFBCBC5} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: ) (Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.) Task: C:\WINDOWS\Tasks\AWC Startup.job => C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-770216848-1095929110-15174267-1000.job => C:\Users\Gabriela Kary\AppData\Local\GoToMeeting\17052\g2mupdate.exe Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-770216848-1095929110-15174267-1000.job => C:\Users\Gabriela Kary\AppData\Local\GoToMeeting\17052\g2mupload.exe Task: C:\WINDOWS\Tasks\update-S-1-5-21-770216848-1095929110-15174267-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Internet (Lista blanca) ==================== (Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.) Tcpip\Parameters: [DhcpNameServer] 200.28.4.130 200.28.4.129 Tcpip\..\Interfaces\{2866F09E-B75B-4B37-9052-520242E426E6}: [DhcpNameServer] 200.28.4.130 200.28.4.129 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-770216848-1095929110-15174267-1000 -> DefaultScope {D89A518E-8771-4D77-8361-A3EBEDD6D4B2} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-770216848-1095929110-15174267-1000 -> {D89A518E-8771-4D77-8361-A3EBEDD6D4B2} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-770216848-1095929110-15174267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142020105736781 -> DefaultScope {D89A518E-8771-4D77-8361-A3EBEDD6D4B2} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-770216848-1095929110-15174267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142020105736781 -> {D89A518E-8771-4D77-8361-A3EBEDD6D4B2} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-770216848-1095929110-15174267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142020105751308 -> DefaultScope {D89A518E-8771-4D77-8361-A3EBEDD6D4B2} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-770216848-1095929110-15174267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142020105751308 -> {D89A518E-8771-4D77-8361-A3EBEDD6D4B2} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-770216848-1095929110-15174267-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142020105731464 -> DefaultScope {D89A518E-8771-4D77-8361-A3EBEDD6D4B2} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-770216848-1095929110-15174267-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142020105731464 -> {D89A518E-8771-4D77-8361-A3EBEDD6D4B2} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-770216848-1095929110-15174267-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142020105746636 -> DefaultScope {D89A518E-8771-4D77-8361-A3EBEDD6D4B2} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-770216848-1095929110-15174267-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142020105746636 -> {D89A518E-8771-4D77-8361-A3EBEDD6D4B2} URL = hxxps://www.google.com/search?q={searchTerms} BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-07-26] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-07-26] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-02-23] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-07-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-02-23] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-07-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-07-26] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-07-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) FireFox: ======== FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension => no encontrado FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2019-12-27] [Heredado] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll [2020-03-11] (Adobe Inc. -> ) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Ningún archivo] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_344.dll [2020-03-11] (Adobe Inc. -> ) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [Archivo no firmado] FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\WINDOWS\SysWOW64\npdeployJava1.dll [2020-02-23] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-02-23] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-02-23] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-08-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [Ningún archivo] FF Plugin HKU\S-1-5-21-770216848-1095929110-15174267-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Gabriela Kary\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc -> Google Inc.) FF Plugin HKU\S-1-5-21-770216848-1095929110-15174267-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Gabriela Kary\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc -> Google Inc.) FF Plugin HKU\S-1-5-21-770216848-1095929110-15174267-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\Gabriela Kary\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-09] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FF Plugin HKU\S-1-5-21-770216848-1095929110-15174267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142020105736781: @tools.google.com/Google Update;version=3 -> C:\Users\Gabriela Kary\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc -> Google Inc.) FF Plugin HKU\S-1-5-21-770216848-1095929110-15174267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142020105736781: @tools.google.com/Google Update;version=9 -> C:\Users\Gabriela Kary\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc -> Google Inc.) FF Plugin HKU\S-1-5-21-770216848-1095929110-15174267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142020105736781: @zoom.us/ZoomVideoPlugin -> C:\Users\Gabriela Kary\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-09] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FF Plugin HKU\S-1-5-21-770216848-1095929110-15174267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142020105751308: @tools.google.com/Google Update;version=3 -> C:\Users\Gabriela Kary\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc -> Google Inc.) FF Plugin HKU\S-1-5-21-770216848-1095929110-15174267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142020105751308: @tools.google.com/Google Update;version=9 -> C:\Users\Gabriela Kary\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc -> Google Inc.) FF Plugin HKU\S-1-5-21-770216848-1095929110-15174267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142020105751308: @zoom.us/ZoomVideoPlugin -> C:\Users\Gabriela Kary\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-09] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Gabriela Kary\AppData\Roaming\mozilla\plugins\npatgpc.dll [2020-02-14] Chrome: ======= CHR Profile: C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default [2020-04-14] CHR Notifications: Default -> hxxps://app.slack.com; hxxps://calendar.google.com; hxxps://tomato-timer.com; hxxps://trello.com CHR HomePage: Default -> hxxp://google.com.ar/ CHR StartupUrls: Default -> "hxxps://www.google.com.ar/" CHR Extension: (Presentaciones) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-02-23] CHR Extension: (Scope by SellerLabs) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\aifeflcmgbbjnkopdmliglhooofhgmld [2020-02-24] CHR Extension: (Documentos) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-02-23] CHR Extension: (PriceBlink Coupons and Price Comparison) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoiidodopnnhiflaflbfeblnojefhigh [2020-02-24] CHR Extension: (Google Drive) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-02-23] CHR Extension: (Mr. Rebates Quick Cash Button) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\bginpnanmddojfmhfgbepbibjkgcdepb [2020-03-17] CHR Extension: (WordPress Theme Detector and Plugin Detector) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjccepbfbikbpbgillfgicihhmpmjbjd [2020-04-10] CHR Extension: (YouTube) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-02-23] CHR Extension: (Honey) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2020-04-03] CHR Extension: (Rakuten: Get Cash Back For Shopping) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\chhjbpecpncaggjpdakmflnfcopglcmi [2020-03-28] CHR Extension: (Online Seller Addon) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmjihoeplpkmlmbbiiognkceoechmand [2020-02-24] CHR Extension: (WhatRuns) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmkdbmfndkfgebldhnkbfhlneefdaaip [2020-02-24] CHR Extension: (Google Tips) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnhacgcmhcgppboemgoobibkhlpglejb [2020-02-24] CHR Extension: (DSM Auto-Paste Chrome Extension) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecdbmkcphlholpojdglodopmlaficcji [2020-03-10] CHR Extension: (Session Buddy) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2020-02-24] CHR Extension: (Cashback Notifier - TopCashback.co.uk) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekeeeebmbhkkjcaoicinbdjmklipppkj [2020-02-24] CHR Extension: (Jump Send) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdflpocfdeacfjmpmhkmgnhgklbpebcm [2020-02-24] CHR Extension: (Hojas de cálculo) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-02-23] CHR Extension: (Documentos de Google sin conexión) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-06] CHR Extension: (Keywords Everywhere - Keyword Tool) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbapdpeemoojbophdfndmlgdhppljgmp [2020-04-10] CHR Extension: (Fast Search for eBay) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdilejbabibpfcgmpeflocbnkeckdfn [2020-02-24] CHR Extension: (Hipshipper Extension) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\jejpbkklmepgfeedgjnimfkflginlcim [2020-02-24] CHR Extension: (DS Amazon Quick View) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkompbllimaoekaogchhkmkdogpkhojg [2020-02-24] CHR Extension: (Search AliExpress by Image) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\jocnlahnjacckbiffghcopjfbifdjocj [2020-03-14] CHR Extension: (AliExpress: Search similar products) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\joghfdanngcpobcbmdapcemgbjphihag [2020-02-24] CHR Extension: (Find Hot Product and Keyword) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgdgnbneilgfnleamjohjimadmjgjfdg [2020-02-24] CHR Extension: (InvisibleHand) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\lghjfnfolmcikomdjmoiemllfnlmmoko [2020-03-26] CHR Extension: (Google Play Books) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2020-02-24] CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2020-02-24] CHR Extension: (Wikibuy from Capital One) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2020-04-08] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-02-23] CHR Extension: (Data Scraper - Easy Web Scraping) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\nndknepjnldbdbepjfgmncbggmopgden [2020-02-24] CHR Extension: (Earny - Up to 20% Cash Back) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogbhbgkiojdollpjbhbamafmedkeockb [2020-04-03] CHR Extension: (TunnelBear VPN) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\omdakjcmkglenbhjadbccaookpfjihpa [2020-02-24] CHR Extension: (Pipedrive CRM de ventas) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\oofakdmdcdjgmilfepadallikeeibfdm [2020-02-24] CHR Extension: (AliRadar Shopping Assistant) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfjibkklgpfcfdlhijfglamdnkjnpdeg [2020-02-24] CHR Extension: (Gmail) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-02-23] CHR Extension: (Chrome Media Router) - C:\Users\Gabriela Kary\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-03] ==================== Servicios (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated) S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5504928 2020-04-01] (Avast Software s.r.o. -> AVAST Software) S4 AtherosSvc; C:\Program Files (x86)\Qualcomm\Bluetooth Suite\adminservice.exe [347024 2017-06-01] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [345384 2020-04-01] (Avast Software s.r.o. -> AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [1005672 2020-04-01] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-04-01] (Avast Software s.r.o. -> AVAST Software) S4 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2012-07-31] (CobianSoft, Luis Cobian) [Archivo no firmado] S4 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\82.0.4085.24\remoting_host.exe [73200 2020-03-29] (Google LLC -> Google Inc.) R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [10287216 2019-07-24] (AVAST Software s.r.o. -> AVAST Software) R2 CronService; C:\Windows\Prey\wpxsvc.exe [611854 2018-03-20] (Fork, Ltd.) [Archivo no firmado] S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-18] (Dropbox, Inc -> Dropbox, Inc.) S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-18] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-03-19] (Dropbox, Inc -> Dropbox, Inc.) S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2013-01-03] (Macrovision Europe Ltd.) [Archivo no firmado] R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [806344 1999-12-31] (ICEpower a/s -> ICEpower) S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Archivo no firmado] S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [Archivo no firmado] R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-04-06] (Malwarebytes Inc -> Malwarebytes) S4 Sdl.ProductTelemetrics.v1; C:\Program Files (x86)\Common Files\SDL\Telemetrics\Sdl.Desktop.ProductTelemetrics.Host.Windows.exe [12288 2016-11-09] (SDL) [Archivo no firmado] S4 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [328992 2008-07-11] (SafeNet, Inc. -> SafeNet, Inc.) S4 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [226592 2008-07-11] (SafeNet, Inc. -> SafeNet, Inc) S4 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-08-29] () [Archivo no firmado] S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\NisSrv.exe [3284840 2020-02-03] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MsMpEng.exe [103168 2020-02-03] (Microsoft Windows Publisher -> Microsoft Corporation) S4 WinVNC4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2609016 2008-06-12] (RealVNC Limited -> RealVNC Ltd.) ===================== Controladores (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [206120 2020-04-01] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [234776 2020-04-01] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [178968 2020-04-01] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60696 2020-04-01] (Avast Software s.r.o. -> AVAST Software) R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2020-02-27] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42984 2020-04-01] (Avast Software s.r.o. -> AVAST Software) R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175920 2020-04-01] (Avast Software s.r.o. -> AVAST Software) R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [492144 2020-04-03] (Avast Software s.r.o. -> AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109480 2020-04-01] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85056 2020-04-01] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851808 2020-04-01] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [459608 2020-04-01] (Avast Software s.r.o. -> AVAST Software) S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [235696 2020-04-01] (Avast Software s.r.o. -> AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [317280 2020-04-01] (Avast Software s.r.o. -> AVAST Software) R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2019-03-19] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.) R1 ATKWMIACPIIO_; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2020-01-09] (Microsoft Corporation) [Archivo no firmado] R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [28936 2020-02-23] (Glarysoft LTD -> Glarysoft Ltd) R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2009-02-10] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.) R3 L1C; C:\WINDOWS\System32\drivers\L1C63x64.sys [121344 2019-03-19] (Microsoft Windows -> Qualcomm Atheros Co., Ltd.) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-02-21] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-04-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-04-14] (Malwarebytes Inc -> Malwarebytes) S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [119960 2020-02-25] (Malwarebytes Inc -> Malwarebytes) R2 Sentinel64; C:\WINDOWS\System32\Drivers\Sentinel64.sys [145448 2008-07-11] (SafeNet, Inc. -> SafeNet, Inc.) S3 vncmirror; C:\WINDOWS\System32\DRIVERS\vncmirror.sys [4608 2008-06-12] (RealVNC Ltd.) [Archivo no firmado] S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-02-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [376032 2020-02-03] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-02-03] (Microsoft Windows -> Microsoft Corporation) S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2020-03-30] (Nemea Mjukvaruutveckling AB -> Basil Projects) S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X] ==================== NetSvcs (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) ==================== Un mes (creado) =================== (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2020-04-14 11:08 - 2020-04-14 11:15 - 000046907 _____ C:\Users\Gabriela Kary\Desktop\FRST.txt 2020-04-14 11:06 - 2020-04-14 11:14 - 000000000 ____D C:\FRST 2020-04-14 10:57 - 2020-04-14 10:57 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2020-04-14 10:52 - 2020-04-14 10:52 - 002281472 _____ (Farbar) C:\Users\Gabriela Kary\Desktop\FRST64.exe 2020-04-13 22:46 - 2020-04-13 22:51 - 000000000 ____D C:\Users\Gabriela Kary\AppData\LocalLow\IGDump 2020-04-13 22:42 - 2020-04-13 22:42 - 000001166 _____ C:\Users\Gabriela Kary\Desktop\ecet.txt 2020-04-09 17:05 - 2020-04-09 17:05 - 000002004 _____ C:\Users\Gabriela Kary\Desktop\Zoom.lnk 2020-04-09 17:05 - 2020-04-09 17:05 - 000000000 ____D C:\Users\Gabriela Kary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2020-04-09 15:40 - 2020-04-09 15:47 - 000482912 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2020-04-08 00:08 - 2020-04-08 00:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot 2020-04-08 00:07 - 2020-04-08 00:07 - 002784344 _____ (Skillbrains ) C:\Users\Gabriela Kary\Downloads\setup-lightshot.exe 2020-04-07 01:07 - 2020-04-07 01:07 - 000017367 _____ C:\Users\Gabriela Kary\Desktop\ZHPCleaner (R).html 2020-04-07 01:07 - 2020-04-07 01:07 - 000008488 _____ C:\Users\Gabriela Kary\Desktop\ZHPCleaner (R).txt 2020-04-07 00:58 - 2020-04-07 00:58 - 000026796 _____ C:\Users\Gabriela Kary\Desktop\ZHPCleaner (S).html 2020-04-07 00:58 - 2020-04-07 00:58 - 000014998 _____ C:\Users\Gabriela Kary\Desktop\ZHPCleaner (S).txt 2020-04-07 00:33 - 2020-04-07 01:11 - 000000000 ____D C:\Users\Gabriela Kary\AppData\Roaming\ZHP 2020-04-07 00:33 - 2020-04-07 00:33 - 003295616 _____ (Nicolas Coolman) C:\Users\Gabriela Kary\Desktop\ZHPCleaner.exe 2020-04-07 00:33 - 2020-04-07 00:33 - 000000932 _____ C:\Users\Gabriela Kary\Desktop\ZHPCleaner.lnk 2020-04-07 00:33 - 2020-04-07 00:33 - 000000000 ____D C:\Users\Gabriela Kary\AppData\Local\ZHP 2020-04-07 00:11 - 2020-04-07 00:16 - 000000000 ____D C:\AdwCleaner 2020-04-07 00:09 - 2020-04-07 00:09 - 008196784 _____ (Malwarebytes) C:\Users\Gabriela Kary\Desktop\adwcleaner_8.0.4.exe 2020-04-06 23:58 - 2020-04-06 23:58 - 000001555 _____ C:\Users\Gabriela Kary\Desktop\malwarebytes.txt 2020-04-06 23:37 - 2020-04-06 23:40 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2020-04-06 23:33 - 2020-04-06 23:33 - 001957784 _____ (Malwarebytes) C:\Users\Gabriela Kary\Downloads\MBSetup.exe 2020-04-04 18:26 - 2020-04-07 10:36 - 000001166 _____ C:\Users\Gabriela Kary\Desktop\eset.txt 2020-04-03 23:21 - 2020-04-03 23:35 - 1279887515 _____ C:\Users\Gabriela Kary\Downloads\videoplayback.mp4 2020-04-03 23:02 - 2020-04-03 23:02 - 000000000 ____D C:\Users\Gabriela Kary\AppData\Local\Meltytech 2020-04-03 23:00 - 2020-04-03 23:00 - 000001713 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shotcut.lnk 2020-04-03 22:59 - 2020-04-03 23:00 - 000000000 ____D C:\Program Files\Shotcut 2020-04-03 22:56 - 2020-04-03 22:56 - 083415728 _____ C:\Users\Gabriela Kary\Downloads\shotcut-win64-200217.exe 2020-04-03 22:16 - 2020-04-13 18:29 - 000000788 _____ C:\Users\Gabriela Kary\Desktop\ESET Online Scanner.lnk 2020-04-03 22:16 - 2020-04-03 22:16 - 000000905 _____ C:\Users\Gabriela Kary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2020-04-03 22:12 - 2020-04-03 22:12 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\13A7B243.sys 2020-04-03 22:10 - 2020-04-03 23:30 - 000000000 ____D C:\Users\Gabriela Kary\Desktop\mbar 2020-04-01 21:42 - 2020-04-09 09:59 - 000004286 _____ C:\WINDOWS\system32\Tasks\Avast Cleanup Update 2020-04-01 21:42 - 2020-04-01 21:42 - 000001286 _____ C:\Users\Public\Desktop\Avast Cleanup Premium.lnk 2020-04-01 21:42 - 2020-04-01 21:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2020-04-01 21:42 - 2020-04-01 21:42 - 000000000 ____D C:\Program Files (x86)\AVAST Software 2020-04-01 21:40 - 2020-04-01 21:41 - 053148640 _____ (AVAST Software ) C:\Users\Gabriela Kary\Downloads\avast_cleanup_setup.exe 2020-04-01 20:00 - 2020-04-03 16:05 - 000492144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys 2020-04-01 20:00 - 2020-04-01 19:59 - 000235696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2020-04-01 20:00 - 2020-04-01 19:59 - 000175920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2020-04-01 20:00 - 2020-04-01 19:58 - 000337048 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2020-04-01 12:39 - 2020-04-01 22:12 - 000000000 __SHD C:\found.000 2020-03-30 21:53 - 2020-03-30 21:53 - 000000000 ____D C:\Users\Gabriela Kary\Downloads\Activador Office 2019 2020-03-20 22:13 - 2020-03-20 22:13 - 000000000 ____D C:\Users\Gabriela Kary\AppData\Local\IsolatedStorage 2020-03-20 15:31 - 2020-03-20 15:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2020-03-19 14:19 - 2020-03-19 14:19 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2020-03-19 14:19 - 2020-03-19 14:19 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2020-03-19 14:19 - 2020-03-19 14:19 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2020-03-19 14:19 - 2020-03-19 14:19 - 000044552 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe ==================== Un mes (modificado) ================== (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2020-04-14 11:15 - 2020-03-10 17:03 - 000000000 ____D C:\Users\Gabriela Kary\AppData\Roaming\Slack 2020-04-14 11:09 - 2019-03-19 00:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-04-14 11:04 - 2012-11-23 09:54 - 000000000 ____D C:\ProgramData\AVAST Software 2020-04-14 11:02 - 2020-01-23 23:38 - 000000000 ____D C:\Users\Gabriela Kary\AppData\Local\D3DSCache 2020-04-14 11:00 - 2019-03-19 00:52 - 000000000 ___HD C:\Program Files\WindowsApps 2020-04-14 11:00 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-04-14 10:57 - 2018-03-20 17:12 - 000000000 ____D C:\WINDOWS\Prey 2020-04-14 10:56 - 2020-01-23 18:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-04-14 10:56 - 2019-12-22 18:34 - 000000404 _____ C:\WINDOWS\Tasks\update-sys.job 2020-04-14 10:56 - 2019-12-22 18:34 - 000000404 _____ C:\WINDOWS\Tasks\update-S-1-5-21-770216848-1095929110-15174267-1000.job 2020-04-14 10:54 - 2020-01-23 18:05 - 000000000 ____D C:\Users\Gabriela Kary 2020-04-14 10:54 - 2019-03-19 00:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2020-04-14 10:53 - 2019-12-22 16:37 - 000000000 ____D C:\Users\Gabriela Kary\Desktop\Gisele 2020-04-14 10:37 - 2020-01-23 17:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-04-14 03:49 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2020-04-14 02:33 - 2020-03-03 23:22 - 000002264 _____ C:\WINDOWS\system32\Tasks\{4DE5A624-A3F1-495E-8105-D6D15D50BB8A} 2020-04-14 02:33 - 2020-02-23 13:51 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2020-04-14 02:33 - 2020-02-23 13:51 - 000002232 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC 2020-04-14 02:33 - 2020-02-22 00:41 - 000002988 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn 2020-04-14 02:33 - 2020-02-22 00:41 - 000002608 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime 2020-04-14 02:33 - 2020-02-14 00:07 - 000002798 _____ C:\WINDOWS\system32\Tasks\ACC 2020-04-14 02:33 - 2020-01-23 21:35 - 000002924 _____ C:\WINDOWS\system32\Tasks\ATK Package 36D18D69AFC3 2020-04-14 02:33 - 2020-01-23 21:35 - 000002214 _____ C:\WINDOWS\system32\Tasks\ATK Package A22126881260 2020-04-14 02:33 - 2020-01-23 21:15 - 000002850 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-770216848-1095929110-15174267-1000 2020-04-14 02:33 - 2020-01-23 19:10 - 000002846 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-770216848-1095929110-15174267-500 2020-04-14 02:33 - 2020-01-23 18:24 - 000003776 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier 2020-04-14 02:33 - 2020-01-23 18:24 - 000003580 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1ced5648c45b62c 2020-04-14 02:33 - 2020-01-23 18:24 - 000003508 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2020-04-14 02:33 - 2020-01-23 18:24 - 000003454 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater 2020-04-14 02:33 - 2020-01-23 18:24 - 000003356 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1ced5648adcab03 2020-04-14 02:33 - 2020-01-23 18:24 - 000003028 _____ C:\WINDOWS\system32\Tasks\update-S-1-5-21-770216848-1095929110-15174267-1000 2020-04-14 02:33 - 2020-01-23 18:24 - 000002784 _____ C:\WINDOWS\system32\Tasks\update-sys 2020-04-14 02:33 - 2020-01-23 18:24 - 000002378 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_ListenToDevice 2020-04-14 02:33 - 2020-01-23 18:24 - 000002366 _____ C:\WINDOWS\system32\Tasks\RTKCPL 2020-04-14 02:26 - 2020-02-27 11:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software 2020-04-13 17:03 - 2020-02-21 18:38 - 000000000 ____D C:\Users\Gabriela Kary\AppData\Local\ESET 2020-04-12 11:43 - 2019-10-03 19:32 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2020-04-10 19:45 - 2017-09-09 08:01 - 000000000 ____D C:\Users\Gabriela Kary\Documents\Zoom 2020-04-10 16:30 - 2020-02-27 11:53 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 2020-04-10 14:52 - 2020-03-13 18:53 - 000000000 ____D C:\Users\Gabriela Kary\AppData\Roaming\Code 2020-04-10 14:48 - 2020-03-13 18:53 - 000000000 ____D C:\Users\Gabriela Kary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code 2020-04-09 17:05 - 2017-09-09 08:00 - 000000000 ____D C:\Users\Gabriela Kary\AppData\Roaming\Zoom 2020-04-09 12:25 - 2015-10-24 12:32 - 000000000 ____D C:\Users\Gabriela Kary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time 2020-04-09 12:25 - 2011-10-18 16:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Park 2020-04-09 12:25 - 2011-10-18 16:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS 2020-04-09 10:00 - 2020-01-23 18:04 - 002000234 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-04-09 10:00 - 2019-03-19 07:59 - 000864984 _____ C:\WINDOWS\system32\perfh00A.dat 2020-04-09 10:00 - 2019-03-19 07:59 - 000192684 _____ C:\WINDOWS\system32\perfc00A.dat 2020-04-09 10:00 - 2019-03-19 00:50 - 000000000 ____D C:\WINDOWS\INF 2020-04-08 00:08 - 2019-12-22 18:34 - 000000424 _____ C:\Users\Gabriela Kary\AppData\Local\UserProducts.xml 2020-04-08 00:08 - 2019-12-22 18:34 - 000000000 ____D C:\Program Files (x86)\Skillbrains 2020-04-07 17:02 - 2019-10-18 20:09 - 000000000 ____D C:\Users\Gabriela Kary\AppData\Local\BlueStacks 2020-04-07 01:46 - 2020-02-23 13:50 - 000000000 ____D C:\Program Files\CCleaner 2020-04-07 01:11 - 2012-11-23 19:27 - 000000000 ____D C:\Users\Gabriela Kary\AppData\Local\Google 2020-04-07 01:07 - 2017-08-28 15:42 - 000000000 ____D C:\Program Files (x86)\QuickTime 2020-04-07 01:05 - 2017-09-07 13:02 - 000000000 ____D C:\Program Files\KMSpico 2020-04-07 00:17 - 2011-10-18 16:00 - 000000000 ____D C:\Program Files (x86)\ASUS 2020-04-06 23:41 - 2020-02-21 17:27 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2020-04-06 23:40 - 2020-02-21 17:25 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2020-04-06 23:38 - 2016-09-14 07:32 - 000000000 ____D C:\Users\Gabriela Kary\AppData\Local\Spotify 2020-04-06 23:37 - 2019-03-19 00:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2020-04-06 23:22 - 2016-09-14 07:31 - 000000000 ____D C:\Users\Gabriela Kary\AppData\Roaming\Spotify 2020-04-06 22:36 - 2020-03-10 17:03 - 000002282 _____ C:\Users\Gabriela Kary\Desktop\Slack.lnk 2020-04-06 22:36 - 2020-03-10 17:03 - 000000000 ____D C:\Users\Gabriela Kary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies Inc 2020-04-06 22:36 - 2020-03-10 17:01 - 000000000 ____D C:\Users\Gabriela Kary\AppData\Local\slack 2020-04-06 22:35 - 2020-01-23 12:57 - 000000000 ____D C:\Users\Gabriela Kary\AppData\Local\SquirrelTemp 2020-04-03 23:30 - 2020-02-23 11:33 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2020-04-02 01:28 - 2018-05-14 15:45 - 000000714 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-770216848-1095929110-15174267-1000.job 2020-04-02 01:28 - 2018-05-14 15:45 - 000000618 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-770216848-1095929110-15174267-1000.job 2020-04-02 01:28 - 2015-11-17 12:59 - 000001006 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2020-04-02 01:28 - 2015-11-17 12:59 - 000001002 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2020-04-02 01:27 - 2020-01-23 18:05 - 000000000 ____D C:\Users\Administrador.GabrielaKary-PC 2020-04-02 01:26 - 2020-01-23 18:24 - 000003580 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA 2020-04-02 01:26 - 2020-01-23 18:24 - 000003254 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore 2020-04-01 23:06 - 2020-01-23 18:24 - 000002668 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0 2020-04-01 23:05 - 2020-01-23 18:24 - 000003450 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-770216848-1095929110-15174267-1000 2020-04-01 23:05 - 2020-01-23 18:24 - 000003354 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-770216848-1095929110-15174267-1000 2020-04-01 22:48 - 2020-01-24 19:23 - 000000000 ____D C:\Users\Gabriela Kary\Downloads\SmartGesture_Win81_64_VER228 2020-04-01 22:48 - 2020-01-24 00:04 - 000000000 ____D C:\Users\Gabriela Kary\Downloads\SmartGesture_WIN10_64_VER4019 2020-04-01 22:48 - 2020-01-23 23:25 - 000000000 ____D C:\Users\Gabriela Kary\Downloads\SmartGesture_Win10_64_VER4024_DriverOnly 2020-04-01 22:48 - 2020-01-23 21:22 - 000000000 ____D C:\Users\Gabriela Kary\Downloads\ATK_Package_V100061 2020-04-01 22:48 - 2020-01-23 21:17 - 000000000 ____D C:\Users\Gabriela Kary\Downloads\SmartGesture_Win10_64_VER4012 2020-04-01 22:48 - 2015-09-19 18:22 - 000000000 ___HD C:\Users\Gabriela Kary\Downloads\.picasaoriginals 2020-04-01 22:48 - 2012-12-02 11:53 - 000000000 ____D C:\Users\Gabriela Kary\Downloads\Patch 2020-04-01 22:47 - 2012-11-23 10:21 - 000000000 __SHD C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} 2020-04-01 22:13 - 2020-01-31 14:28 - 000000000 ____D C:\WINDOWS\Minidump 2020-04-01 22:13 - 2020-01-23 16:15 - 000000000 ___DC C:\WINDOWS\Panther 2020-04-01 22:13 - 2012-11-23 19:35 - 000000000 ____D C:\Users\Gabriela Kary\AppData\Roaming\Skype 2020-04-01 22:12 - 2013-11-24 20:45 - 000000000 ____D C:\Users\Gabriela Kary\AppData\Roaming\IDM 2020-04-01 22:12 - 2013-08-11 11:30 - 000000000 ____D C:\Users\Gabriela Kary\AppData\Roaming\HpUpdate 2020-04-01 22:12 - 2013-06-13 19:00 - 000000000 ____D C:\Users\Gabriela Kary\AppData\Local\CrashDumps 2020-04-01 22:12 - 2013-01-04 10:47 - 000000000 ____D C:\Users\Gabriela Kary\AppData\Local\VMware 2020-04-01 22:12 - 2012-12-21 11:23 - 000000000 ____D C:\Users\Gabriela Kary\AppData\Local\Microsoft Help 2020-04-01 21:53 - 2020-03-03 23:22 - 000002182 _____ C:\WINDOWS\system32\Tasks\{4F70C83B-CACA-4FF0-AEFB-14252590040C} 2020-04-01 21:53 - 2020-03-03 23:22 - 000002182 _____ C:\WINDOWS\system32\Tasks\{239BA00A-8DFC-44C2-9729-67E764D82316} 2020-04-01 21:53 - 2020-03-03 23:22 - 000002182 _____ C:\WINDOWS\system32\Tasks\{1268FA86-D8AF-489A-8C5E-0314587AF0BF} 2020-04-01 21:53 - 2020-01-23 18:24 - 000002182 _____ C:\WINDOWS\system32\Tasks\{C6B83AE3-034E-4844-B7BE-5E71616CA141} 2020-04-01 21:53 - 2020-01-23 18:24 - 000002182 _____ C:\WINDOWS\system32\Tasks\{B6883D5C-3DE1-4E78-BF19-527C7BDBEF3E} 2020-04-01 21:53 - 2020-01-23 18:24 - 000002182 _____ C:\WINDOWS\system32\Tasks\{AA244116-27C3-430E-B92D-3E655B78268F} 2020-04-01 21:53 - 2020-01-23 18:24 - 000002182 _____ C:\WINDOWS\system32\Tasks\{6B1FD6A4-DFE9-497C-B7C7-A82EF288A14B} 2020-04-01 21:53 - 2020-01-23 18:24 - 000002182 _____ C:\WINDOWS\system32\Tasks\{6263F325-B92F-49FA-9EFF-DE0D91264474} 2020-04-01 21:43 - 2020-02-27 11:59 - 000000000 ____D C:\Users\Gabriela Kary\AppData\Roaming\AVAST Software 2020-04-01 19:59 - 2020-02-27 11:51 - 000459608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2020-04-01 19:59 - 2020-02-27 11:51 - 000317280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2020-04-01 19:59 - 2020-02-27 11:51 - 000109480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2020-04-01 19:59 - 2020-02-27 11:51 - 000085056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2020-04-01 19:59 - 2020-02-27 11:51 - 000042984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2020-04-01 19:58 - 2020-02-27 11:51 - 000851808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2020-04-01 19:58 - 2020-02-27 11:51 - 000206120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys 2020-04-01 19:57 - 2020-02-27 11:51 - 000234776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys 2020-04-01 19:57 - 2020-02-27 11:51 - 000178968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys 2020-04-01 19:57 - 2020-02-27 11:51 - 000060696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys 2020-03-30 23:48 - 2014-12-05 20:48 - 000000000 ____D C:\Users\Gabriela Kary\AppData\Roaming\vlc 2020-03-30 20:15 - 2020-02-04 19:01 - 000000000 ____D C:\Users\Gabriela Kary\AppData\Roaming\WhatsApp 2020-03-28 00:58 - 2020-02-04 19:00 - 000000000 ____D C:\Users\Gabriela Kary\AppData\Local\WhatsApp 2020-03-27 22:38 - 2020-02-22 18:04 - 000000000 _____ C:\WINDOWS\system32\last.dump 2020-03-27 17:54 - 2013-02-21 22:38 - 000000000 ____D C:\Users\Gabriela Kary\AppData\Local\ElevatedDiagnostics 2020-03-26 22:35 - 2020-02-27 11:58 - 000002090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk 2020-03-26 22:35 - 2020-02-27 11:58 - 000002078 _____ C:\Users\Public\Desktop\Avast Premium Security.lnk 2020-03-25 21:30 - 2017-09-18 10:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google 2020-03-23 02:47 - 2019-03-19 00:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2020-03-22 13:50 - 2015-02-27 15:46 - 000000000 ____D C:\ProgramData\Adobe 2020-03-22 02:25 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2020-03-22 00:24 - 2020-01-23 18:05 - 000002466 _____ C:\Users\Gabriela Kary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-03-22 00:24 - 2012-12-02 16:02 - 000000000 ___RD C:\Users\Gabriela Kary\SkyDrive 2020-03-20 15:34 - 2015-11-17 12:59 - 000000000 ____D C:\Program Files (x86)\Dropbox 2020-03-15 17:13 - 2020-02-27 12:52 - 000000000 ____D C:\Program Files (x86)\Avast Driver Updater ==================== Archivos en la raíz de algunos directorios ======== 2013-09-30 13:37 - 2013-09-30 13:37 - 000023604 _____ () C:\Users\Gabriela Kary\AppData\Roaming\Pixillion.dmp 2013-01-04 09:40 - 2013-01-04 09:40 - 000000101 _____ () C:\Users\Gabriela Kary\AppData\Local\fusioncache.dat 2018-11-07 18:54 - 2018-11-07 18:54 - 000000000 _____ () C:\Users\Gabriela Kary\AppData\Local\oobelibMkey.log 2015-10-18 09:58 - 2015-10-19 20:31 - 000000073 _____ () C:\Users\Gabriela Kary\AppData\Local\package.nw.new 2019-12-22 18:34 - 2019-12-22 18:34 - 000000003 _____ () C:\Users\Gabriela Kary\AppData\Local\updater.log 2019-12-22 18:34 - 2020-04-08 00:08 - 000000424 _____ () C:\Users\Gabriela Kary\AppData\Local\UserProducts.xml 2020-02-29 12:47 - 2020-02-29 12:47 - 000000000 _____ () C:\Users\Gabriela Kary\AppData\Local\{C69EC62B-E188-44CF-9B6B-1F9FDE592D23} 2020-02-29 12:46 - 2020-02-29 12:46 - 000000000 _____ () C:\Users\Gabriela Kary\AppData\Local\{E0B82F96-5A38-47F5-823C-7332750DBFE2} ==================== SigCheck ============================ (No existe una corrección automática para los archivos que no pasan la verificación.) ==================== Final de FRST.txt ========================