Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 15-06-2022 Ejecutado por Gabriel Riera (administrador) sobre DESKTOP-LFT5O2E (Dell Inc. Latitude 7480) (15-06-2022 21:25:52) Ejecutado desde C:\Users\Gabriel Riera\Downloads Perfiles cargados: Gabriel Riera & Crowdap Plataforma: Microsoft Windows 10 Pro Versión 21H2 19044.1706 (X64) Idioma: Inglés (Estados Unidos) -> Español (México) Navegador predeterminado no detectado! Modo de Inicio: Normal ==================== Procesos (Lista blanca) ================= (Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.) (ALPS ALPINE CO., LTD. -> ALPSALPINE CO., LTD.) C:\Windows\System32\DellTPad\ApntEx.exe <2> (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <8> (C:\Program Files\AVG\Antivirus\AVGSvc.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe (C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <6> (DellTPad\Apoint.exe ->) (ALPS ALPINE CO., LTD. -> ALPSALPINE CO., LTD.) C:\Windows\System32\DellTPad\ApMsgFwd.exe <2> (DellTPad\Apoint.exe ->) (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\hidfind.exe <2> (DellTPad\Apoint.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\ApRemote.exe (DellTPad\HidMonitorSvc.exe ->) (ALPS ALPINE CO.,LTD. -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\Apoint.exe <2> (Discord Inc. -> Discord Inc.) C:\Users\Crowdap\AppData\Local\Discord\app-1.0.9005\Discord.exe <6> (DriverStore\FileRepository\cui_dch.inf_amd64_e6d6f5a306002a89\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e6d6f5a306002a89\igfxEM.exe <2> (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <31> (explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (explorer.exe ->) (Proton Technologies AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe <2> (Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\HidMonitorSvc.exe (services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe (services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe (services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe (services.exe ->) (CyberGhost SRL -> CyberGhost S.R.L) C:\Program Files (x86)\CyberGhost\CyberGhost.Service.exe (services.exe ->) (Huawei Technologies Co., Ltd. -> ) [Archivo no firmado] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e6d6f5a306002a89\igfxCUIService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_141eb88527011137\OneApp.IGCC.WinService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d0b39b11619fd0c4\IntelCpHDCPSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d0b39b11619fd0c4\IntelCpHeciSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe (services.exe ->) (Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe (services.exe ->) (Proton Technologies AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe (services.exe ->) (Proton Technologies AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.WireGuardService.exe (services.exe ->) (Proton Technologies AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (winlogon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LogonUI.exe ==================== Registro (Lista blanca) =================== (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102816 2021-01-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618096 2021-01-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [249712 2022-06-14] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) HKLM\...\Policies\Explorer: [HideSCAMeetNow] 1 HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restricción <==== ATENCIÓN HKU\S-1-5-21-3038525373-729119747-2211611488-1001\...\Policies\Explorer: [HideSCAMeetNow] 1 HKU\S-1-5-21-3038525373-729119747-2211611488-1002\...\Run: [Discord] => C:\Users\Crowdap\AppData\Local\Discord\Update.exe [1512616 2022-02-17] (Discord Inc. -> GitHub) HKU\S-1-5-21-3038525373-729119747-2211611488-1002\...\Run: [MicrosoftEdgeAutoLaunch_16A4B45C6EE9DDCD3A0A477D2A78D51D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3595192 2022-06-13] (Microsoft Corporation -> Microsoft Corporation) GroupPolicy\User: Restricción ? <==== ATENCIÓN HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN HKLM\SOFTWARE\Policies\Microsoft\Edge: Restricción <==== ATENCIÓN HKU\S-1-5-21-3038525373-729119747-2211611488-1001\SOFTWARE\Policies\Microsoft\Edge: Restricción <==== ATENCIÓN ==================== Tareas programadas (Lista blanca) ============ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) Task: {0A9D7707-E505-47D6-8F22-03D25D51AFF6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.) Task: {183DD20C-7FE5-427C-BFB9-DFB37C6C3DDD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {1F75E96C-D9C5-4D8D-9751-1603B8618D6E} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantAllUsersRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV25:{} /AllUsersRun (Ningún archivo) Task: {24F2CB0F-2E8D-438C-914F-89A0F4D473B3} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV25:{} (Ningún archivo) Task: {414A4445-01AC-466C-8C3B-D90427583193} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8304592 2022-05-28] (Microsoft Corporation -> Microsoft Corporation) Task: {42D31C39-33FB-47A3-8ED1-46776CCD738B} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {47D30966-28DC-4A71-B663-D4BB50FD0D25} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23244744 2022-05-28] (Microsoft Corporation -> Microsoft Corporation) Task: {5DBB35F1-3A9D-4FB5-93B4-8D6F66B3FFD4} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV25:{} /CalendarRun (Ningún archivo) Task: {6B4B43AA-5AD9-4EAA-9AF7-8F34725C9F46} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {70426C85-A40D-447F-B985-1D01177760ED} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2022-05-25] (Bluestack Systems, Inc -> BlueStack Systems, Inc.) Task: {86693EDC-6525-4DF2-9C8D-4981492D110F} - System32\Tasks\Opera scheduled Autoupdate 1655171576 => C:\Users\Gabriel Riera\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Ningún archivo) Task: {8675FF79-4925-4EFD-9D22-8C3E8B42496F} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantWakeupRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV25:{} /WakeupRun (Ningún archivo) Task: {871984A0-59B8-4169-8AE1-672FCBC73F3D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-17] (Google LLC -> Google LLC) Task: {8DE478C9-03D6-4047-9690-75F7FF880A55} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\26.0.1.222\WatchDog.exe repair (Ningún archivo) Task: {8E054802-DF22-4E88-86DD-0310A06D0560} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8304592 2022-05-28] (Microsoft Corporation -> Microsoft Corporation) Task: {9024169E-674D-4DF2-BC6F-EAC1EE9875EA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {91C188A6-886B-4F45-AEF3-2A9084B9DB41} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [4962160 2022-06-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) Task: {9943BAA8-260D-4D7E-BC96-F417F1557B61} - System32\Tasks\ftewk.exe => C:\Users\GABRIE~1\AppData\Local\Temp\bce0e07065\ftewk.exe (Ningún archivo) <==== ATENCIÓN Task: {A7E668CD-BEDC-4B6C-B768-9EBB020E4FD8} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144792 2022-05-28] (Microsoft Corporation -> Microsoft Corporation) Task: {AB5E48C4-B641-4488-90F4-28FEFAFD8853} - System32\Tasks\Uninstaller_SkipUac_Gabriel_Riera => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer (Ningún archivo) Task: {AEBD458D-B28E-4F03-BC75-B1B841ED26D6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23244744 2022-05-28] (Microsoft Corporation -> Microsoft Corporation) Task: {B621F9AF-C388-4AB5-9F01-2DCC41618F97} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144792 2022-05-28] (Microsoft Corporation -> Microsoft Corporation) Task: {BE094E65-B0B8-4115-8289-07DB8DBD47FD} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2287472 2022-06-13] (AVG Technologies USA, LLC -> AVG Technologies) Task: {C97C345F-0FA9-44DA-ABDD-1B885DE53CCA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {CD181A71-8C15-4E46-82A0-B042039B8693} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-17] (Google LLC -> Google LLC) Task: {E3AA1552-CD25-417D-B3BF-A3D47EB9AC0B} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [67472 2022-05-28] (Microsoft Corporation -> Microsoft Corporation) Task: {FCFC00D0-2CCB-4BDF-87D4-4902DE22A4A6} - System32\Tasks\CCleanerSkipUAC - Gabriel Riera => C:\Users\Gabriel Riera\Downloads\tron\resources\stage_1_tempclean\ccleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd) (Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.) ==================== Internet (Lista blanca) ==================== (Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.) ProxyServer: [S-1-5-21-3038525373-729119747-2211611488-1002] => 216.155.158.133:1337 Winsock: Catalog5 01 C:\WINDOWS\SysWOW64\PrxerNsp.dll [87024 2018-08-15] (Initeks, OOO -> ) Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\PrxerDrv.dll [98800 2018-08-15] (Initeks, OOO -> Initex) Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\PrxerDrv.dll [98800 2018-08-15] (Initeks, OOO -> Initex) Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\PrxerDrv.dll [98800 2018-08-15] (Initeks, OOO -> Initex) Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\PrxerDrv.dll [98800 2018-08-15] (Initeks, OOO -> Initex) Winsock: Catalog9 19 C:\WINDOWS\SysWOW64\PrxerDrv.dll [98800 2018-08-15] (Initeks, OOO -> Initex) Winsock: Catalog5-x64 01 C:\Windows\system32\PrxerNsp.dll [101872 2018-08-15] (Initeks, OOO -> ) Winsock: Catalog9-x64 01 C:\Windows\system32\PrxerDrv.dll [119792 2018-08-15] (Initeks, OOO -> Initex) Winsock: Catalog9-x64 02 C:\Windows\system32\PrxerDrv.dll [119792 2018-08-15] (Initeks, OOO -> Initex) Winsock: Catalog9-x64 03 C:\Windows\system32\PrxerDrv.dll [119792 2018-08-15] (Initeks, OOO -> Initex) Winsock: Catalog9-x64 04 C:\Windows\system32\PrxerDrv.dll [119792 2018-08-15] (Initeks, OOO -> Initex) Winsock: Catalog9-x64 19 C:\Windows\system32\PrxerDrv.dll [119792 2018-08-15] (Initeks, OOO -> Initex) Hosts: Archivo Hosts no detectado en el directorio predeterminado Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 Tcpip\..\Interfaces\{2081c6ff-c774-498c-a511-c36447f96437}: [DhcpNameServer] 192.168.100.1 Tcpip\..\Interfaces\{57e92aa8-66f5-48b7-b5bf-5396c855458d}: [DhcpNameServer] 192.168.100.1 Tcpip\..\Interfaces\{98357c6b-6dfa-460e-b634-20f71646d082}: [DhcpNameServer] 8.8.8.8 Tcpip\..\Interfaces\{dffc6ab1-6685-4a00-acbe-18b827fa2a18}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{dffc6ab1-6685-4a00-acbe-18b827fa2a18}: [DhcpNameServer] 192.168.100.1 Tcpip\..\Interfaces\{eab2262d-9ab1-5975-7d92-334d06f4972b}: [NameServer] 10.2.0.1 Edge: ======= Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado] Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado] Edge DefaultProfile: Default Edge Profile: C:\Users\Gabriel Riera\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-14] Edge Profile: C:\Users\Gabriel Riera\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2022-06-14] FireFox: ======== FF DefaultProfile: i2j6vx03.default FF ProfilePath: C:\Users\Gabriel Riera\AppData\Roaming\Mozilla\Firefox\Profiles\i2j6vx03.default [2022-06-13] FF ProfilePath: C:\Users\Gabriel Riera\AppData\Roaming\Mozilla\Firefox\Profiles\t171tyj9.default-release [2022-06-14] FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2022-05-07] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2022-05-07] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-05-07] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-05-07] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-05-07] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Gabriel Riera\AppData\Local\Google\Chrome\User Data\Default [2022-06-15] CHR Notifications: Default -> hxxps://jepvirtual.jep.coop; hxxps://web.whatsapp.com; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www30.nathanaeldan.pro; hxxps://www46.nathanaeldan.pro; hxxps://www94.nathanaeldan.pro CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Extension: (Documentos de Google sin conexión) - C:\Users\Gabriel Riera\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-19] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Gabriel Riera\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-17] CHR Extension: (Tool) - C:\Users\Gabriel Riera\AppData\Roaming\axpczynomyhq [2022-06-13] CHR Profile: C:\Users\Gabriel Riera\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-06-14] CHR Profile: C:\Users\Gabriel Riera\AppData\Local\Google\Chrome\User Data\System Profile [2022-06-14] ==================== Servicios (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) "qkyenspk" => servicio fue desbloqueado. <==== ATENCIÓN R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.) R2 ApHidMonitorService; C:\WINDOWS\system32\DellTPad\HidMonitorSvc.exe [894848 2021-05-25] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [612720 2022-06-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [612720 2022-06-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [8469160 2022-06-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2022-06-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 CG6Service; C:\Program Files (x86)\CyberGhost\CyberGhost.Service.exe [71728 2016-08-18] (CyberGhost SRL -> CyberGhost S.R.L) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11988424 2022-05-28] (Microsoft Corporation -> Microsoft Corporation) R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2021-11-07] (Huawei Technologies Co., Ltd. -> ) [Archivo no firmado] R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [84176 2019-02-19] (Panda Security S.L. -> Panda Security, S.L.) R3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [122464 2022-04-12] (Proton Technologies AG -> ) R3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [65632 2022-04-12] (Proton Technologies AG -> ) R3 ProtonVPN WireGuard; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.WireGuardService.exe [50784 2022-04-12] (Proton Technologies AG -> ) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6228008 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation) S3 SophosVirusRemovalTool; C:\Users\Gabriel Riera\Downloads\tron\resources\stage_3_disinfect\sophos_virus_remover\SVRTservice.exe [155720 2021-03-17] (Sophos Ltd -> Sophos Limited) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [14585832 2022-05-11] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-15] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-15] (Microsoft Windows Publisher -> Microsoft Corporation) S2 AppServicea; C:\WINDOWS\system32\MY4PJ7LT5N.tmp [X] <==== ATENCIÓN S2 bdredline_agent; "C:\Program Files\Bitdefender Agent\redline\bdredline.exe" [X] S2 ccleaner; "C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe" /svc [X] S3 CCleanerBrowserElevationService; "C:\Program Files (x86)\CCleaner Browser\Application\102.0.16817.65\elevation_service.exe" [X] S3 ccleanerm; "C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe" /medsvc [X] S3 GoogleChromeElevationService; "C:\Program Files\Google\Chrome\Application\100.0.4896.88\elevation_service.exe" [X] S2 MaskVPNService; "C:\Program Files (x86)\MaskVPN\mask_svc.exe" [X] S2 NanoServiceMain; "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe" [X] S3 Panda VPN Service; "C:\Program Files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe" [X] S2 ProductAgentService; "C:\Program Files\Bitdefender Agent\ProductAgentService.exe" [X] S2 pselamsvc; "C:\Program Files (x86)\Panda Security\Panda Security Protection\pselamsvc.exe" [X] S2 PSUAService; "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe" [X] S2 qkyenspk; C:\WINDOWS\SysWOW64\qkyenspk\qgrvhpve.exe [X] ===================== Controladores (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) R3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project) R3 ApHidfiltrService; C:\WINDOWS\System32\drivers\ApHidfiltr.sys [371312 2021-05-25] (ALPS ALPINE CO.,LTD. -> ALPSALPINE Co., Ltd.) R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [39064 2022-06-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [232800 2022-06-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [382680 2022-06-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [255208 2022-06-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [102624 2022-06-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [21960 2022-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.) R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [45224 2022-06-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [271744 2022-06-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [549112 2022-06-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [111192 2022-06-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [86256 2022-06-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [857600 2022-06-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [662288 2022-06-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [218736 2022-06-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [322064 2022-06-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [321784 2022-05-25] (Bluestack Systems, Inc -> Bluestack System Inc.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2021-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [37824 2022-04-26] (SoftEther Corporation -> SoftEther Corporation) R1 NNSDNS; C:\WINDOWS\system32\DRIVERS\NNSDNS.sys [141088 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [212768 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [125728 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [132384 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [111296 2020-11-23] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [152864 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [102688 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [135456 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [347424 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [353376 2021-05-24] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [123168 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [327968 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.) R3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.CalloutDriver.sys [34176 2022-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG) R2 PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [195872 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.) S0 psinelam; C:\WINDOWS\System32\DRIVERS\psinelam.sys [23480 2021-07-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Panda Security, S.L.) R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [171072 2021-06-09] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [216864 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.) R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [148768 2020-12-27] (Panda Security S.L. -> Panda Security, S.L.) R2 PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [160544 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.) R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [130336 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.) S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [72984 2019-02-20] (Panda Security S.L. -> Panda Security, S.L.) R1 SeLow; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [50624 2022-04-26] (SoftEther Corporation -> SoftEther Corporation) S3 SIVDriver; C:\WINDOWS\system32\Drivers\SIVX64.sys [205552 2021-02-12] (RH Software Ltd -> Ray Hinchliffe) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project) R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [57768 2022-05-29] (Windscribe Limited -> The OpenVPN Project) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-15] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-15] (Microsoft Windows -> Microsoft Corporation) S3 windtun420; C:\WINDOWS\System32\drivers\windtun420.sys [47544 2022-05-29] (Windscribe Limited -> WireGuard LLC) R3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2022-04-26] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) U3 aswbdisk; no ImagePath U1 avgbdisk; no ImagePath S3 bntap; \SystemRoot\System32\drivers\bntap.sys [X] ==================== NetSvcs (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) ==================== Un mes (creado) (Lista blanca) ========= (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2022-06-15 21:25 - 2022-06-15 21:27 - 000032219 _____ C:\Users\Gabriel Riera\Downloads\FRST.txt 2022-06-15 21:25 - 2022-06-15 21:26 - 000000000 ____D C:\FRST 2022-06-15 21:24 - 2022-06-15 21:24 - 002368000 _____ (Farbar) C:\Users\Gabriel Riera\Downloads\FRST64.exe 2022-06-15 20:39 - 2022-06-15 20:39 - 007322616 _____ (Stanislav Polshyn & Trend Micro Inc.) C:\Users\Gabriel Riera\Downloads\HiJackThis.exe 2022-06-15 20:38 - 2022-06-15 20:38 - 000000000 ____D C:\ProgramData\UniqueId 2022-06-15 20:35 - 2022-06-15 20:35 - 001016656 _____ (WinZip Computing) C:\Users\Gabriel Riera\Downloads\winzip26-p003.exe 2022-06-15 12:12 - 2022-06-15 19:52 - 000000600 _____ C:\Users\Crowdap\Desktop\15-06.txt 2022-06-14 23:06 - 2022-06-14 23:06 - 028049408 ____N C:\WINDOWS\system32\config\SYSTEM 2022-06-14 21:12 - 2022-06-14 21:12 - 000178367 _____ C:\Users\Gabriel Riera\Downloads\Por fin Virus Sality Eliminado - Actualizado Windows 10.rar 2022-06-14 20:53 - 2022-06-15 21:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software 2022-06-14 13:40 - 2022-06-14 13:40 - 000000000 ____D C:\Users\Crowdap\AppData\Local\AVG 2022-06-14 13:10 - 2022-06-14 13:10 - 000000000 ____D C:\Users\Crowdap\AppData\Roaming\AVG 2022-06-14 13:08 - 2022-06-14 13:08 - 000000000 ____D C:\Program Files\Intel 2022-06-14 09:32 - 2022-06-14 09:32 - 000000000 ____D C:\Users\Gabriel Riera\AppData\Local\AVG 2022-06-14 09:31 - 2022-06-14 09:31 - 000002071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk 2022-06-14 09:31 - 2022-06-14 09:31 - 000002059 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk 2022-06-14 09:31 - 2022-06-14 09:31 - 000000000 ____D C:\Users\Gabriel Riera\AppData\Roaming\AVG 2022-06-14 09:03 - 2022-06-14 09:03 - 000000000 ____D C:\Users\Gabriel Riera\AppData\Local\OO Software 2022-06-14 08:38 - 2022-06-14 08:38 - 000000000 ___HD C:\$SysReset 2022-06-14 08:30 - 2022-06-14 08:30 - 000000000 ____D C:\Users\Crowdap\AppData\Local\mbamtray 2022-06-14 08:19 - 2022-06-14 08:19 - 000000000 ____D C:\ProgramData\Sophos 2022-06-14 08:14 - 2022-06-14 08:14 - 000000000 ____D C:\Users\Gabriel Riera\AppData\Local\mbam 2022-06-14 01:34 - 2022-06-15 07:15 - 000000000 ____D C:\Intel 2022-06-14 01:16 - 2022-06-14 09:08 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-06-14 01:16 - 2022-06-14 01:16 - 000000000 ____D C:\Users\Gabriel Riera\AppData\Local\mbamtray 2022-06-14 00:40 - 2022-06-15 21:16 - 000002366 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Gabriel Riera 2022-06-14 00:36 - 2022-06-14 00:36 - 000000000 ____D C:\Quarantine 2022-06-14 00:31 - 2021-02-12 13:24 - 000205552 _____ (Ray Hinchliffe) C:\WINDOWS\system32\Drivers\SIVX64.sys 2022-06-14 00:25 - 2022-01-18 16:21 - 000000000 ____D C:\Users\Gabriel Riera\Downloads\integrity_verification 2022-06-14 00:25 - 2022-01-18 16:16 - 000000000 ____D C:\Users\Gabriel Riera\Downloads\tron 2022-06-14 00:21 - 2022-06-14 00:25 - 494164145 _____ (Igor Pavlov) C:\Users\Gabriel Riera\Downloads\Tron v12.0.2 (2022-01-18).exe 2022-06-13 23:58 - 2022-06-13 23:58 - 000233824 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Gabriel Riera\Downloads\avg_antivirus_free_setup (1).exe 2022-06-13 23:53 - 2022-06-13 23:41 - 000269168 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe 2022-06-13 23:48 - 2022-06-13 23:48 - 000430024 _____ C:\ProgramData\cl.uninstall.1655178470.bdinstall.v2.bin 2022-06-13 23:47 - 2022-06-13 23:47 - 000057124 _____ C:\ProgramData\agent.uninstall.1655178441.bdinstall.v2.bin 2022-06-13 23:41 - 2022-06-15 21:16 - 000003250 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update 2022-06-13 23:41 - 2022-06-13 23:53 - 000382680 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys 2022-06-13 23:41 - 2022-06-13 23:53 - 000322064 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys 2022-06-13 23:41 - 2022-06-13 23:41 - 000857600 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys 2022-06-13 23:41 - 2022-06-13 23:41 - 000662288 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys 2022-06-13 23:41 - 2022-06-13 23:41 - 000549112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys 2022-06-13 23:41 - 2022-06-13 23:41 - 000271744 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys 2022-06-13 23:41 - 2022-06-13 23:41 - 000255208 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys 2022-06-13 23:41 - 2022-06-13 23:41 - 000232800 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys 2022-06-13 23:41 - 2022-06-13 23:41 - 000218736 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys 2022-06-13 23:41 - 2022-06-13 23:41 - 000111192 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys 2022-06-13 23:41 - 2022-06-13 23:41 - 000102624 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys 2022-06-13 23:41 - 2022-06-13 23:41 - 000086256 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys 2022-06-13 23:41 - 2022-06-13 23:41 - 000045224 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys 2022-06-13 23:41 - 2022-06-13 23:41 - 000039064 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys 2022-06-13 23:41 - 2022-06-13 23:41 - 000021960 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys 2022-06-13 23:41 - 2022-06-13 23:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG 2022-06-13 23:41 - 2022-06-13 23:41 - 000000000 ____D C:\Program Files\Common Files\AVG 2022-06-13 23:40 - 2022-06-15 07:15 - 000000000 ____D C:\ProgramData\AVG 2022-06-13 23:40 - 2022-06-13 23:40 - 000000000 ____D C:\Program Files\AVG 2022-06-13 23:38 - 2022-06-13 23:38 - 000233824 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Gabriel Riera\Downloads\avg_antivirus_free_setup.exe 2022-06-13 23:36 - 2022-06-13 23:36 - 000626692 _____ C:\ProgramData\cl.1655177656.bdinstall.v2.bin 2022-06-13 23:36 - 2022-06-13 23:36 - 000110680 _____ C:\ProgramData\cl.kit.1655177653.bdinstall.v2.bin 2022-06-13 23:36 - 2022-06-13 23:36 - 000000000 ____D C:\ProgramData\Gemma 2022-06-13 23:36 - 2022-06-13 23:36 - 000000000 ____D C:\ProgramData\Atc 2022-06-13 23:36 - 2022-06-13 23:36 - 000000000 ____D C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4 2022-06-13 23:35 - 2022-06-13 23:35 - 000000000 ____D C:\WINDOWS\system32\elambkup 2022-06-13 23:35 - 2022-06-13 23:35 - 000000000 ____D C:\ProgramData\BDLogging 2022-06-13 23:33 - 2022-06-15 21:16 - 000002708 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 2022-06-13 23:31 - 2022-06-13 23:31 - 014580440 _____ C:\Users\Gabriel Riera\Downloads\bitdefender_avfree.exe 2022-06-13 23:31 - 2022-06-13 23:31 - 000169324 _____ C:\ProgramData\agent.1655177489.bdinstall.v2.bin 2022-06-13 22:25 - 2022-06-13 23:48 - 000000000 ____D C:\Program Files\Common Files\Bitdefender 2022-06-13 21:54 - 2022-06-13 22:33 - 000000000 ____D C:\Users\Gabriel Riera\AppData\Roaming\Panda Security 2022-06-13 21:54 - 2022-06-13 22:33 - 000000000 ____D C:\Users\Crowdap\AppData\Roaming\Panda Security 2022-06-13 21:54 - 2019-02-20 01:31 - 000072984 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys 2022-06-13 21:53 - 2022-06-13 23:45 - 000000000 ____D C:\Program Files (x86)\Panda Security 2022-06-13 21:53 - 2021-07-22 23:54 - 000023480 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\psinelam.sys 2022-06-13 21:53 - 2021-06-09 18:27 - 000171072 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINFile.sys 2022-06-13 21:53 - 2021-05-24 23:01 - 000353376 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsprv.sys 2022-06-13 21:53 - 2020-12-27 06:35 - 000148768 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINProc.sys 2022-06-13 21:53 - 2020-12-02 06:21 - 000216864 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINKNC.sys 2022-06-13 21:53 - 2020-12-02 06:21 - 000195872 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINAflt.sys 2022-06-13 21:53 - 2020-12-02 06:21 - 000160544 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINProt.sys 2022-06-13 21:53 - 2020-12-02 06:21 - 000130336 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINReg.sys 2022-06-13 21:53 - 2020-12-02 06:20 - 000347424 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsprot.sys 2022-06-13 21:53 - 2020-12-02 06:20 - 000327968 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsstrm.sys 2022-06-13 21:53 - 2020-12-02 06:20 - 000212768 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnshttp.sys 2022-06-13 21:53 - 2020-12-02 06:20 - 000152864 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnspicc.sys 2022-06-13 21:53 - 2020-12-02 06:20 - 000141088 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsdns.sys 2022-06-13 21:53 - 2020-12-02 06:20 - 000135456 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnspop3.sys 2022-06-13 21:53 - 2020-12-02 06:20 - 000132384 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsids.sys 2022-06-13 21:53 - 2020-12-02 06:20 - 000125728 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnshttps.sys 2022-06-13 21:53 - 2020-12-02 06:20 - 000123168 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnssmtp.sys 2022-06-13 21:53 - 2020-12-02 06:20 - 000102688 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnspihsw.sys 2022-06-13 21:52 - 2022-06-15 21:16 - 000003658 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1655171576 2022-06-13 21:51 - 2022-06-13 23:31 - 000000000 ____D C:\ProgramData\Panda Security 2022-06-13 20:54 - 2022-06-13 20:54 - 000267072 _____ (AVAST Software) C:\Users\Crowdap\Downloads\avast_free_antivirus_setup_online.exe 2022-06-13 20:47 - 2022-06-13 20:47 - 000267072 _____ (AVAST Software) C:\Users\Gabriel Riera\Downloads\avast_free_antivirus_setup_online.exe 2022-06-13 20:45 - 2022-06-13 20:45 - 000001111 _____ C:\Users\Gabriel Riera\_readme.txt 2022-06-13 20:27 - 2022-06-13 20:28 - 000000000 ____D C:\Users\Gabriel Riera\AppData\Local\a54e2af5-bff7-4270-b123-3d4419aae7d1 2022-06-13 20:27 - 2022-06-13 20:27 - 000000000 ____D C:\ProgramData\Jsc40Q6mkkR2Kb5FZmnBbLaH 2022-06-13 20:26 - 2022-06-14 01:24 - 000000000 ____D C:\Users\Gabriel Riera\AppData\Roaming\110809d565579c 2022-06-13 20:26 - 2022-06-13 23:18 - 000000000 ____D C:\Users\Gabriel Riera\AppData\Roaming\njjdwrtfrdlm 2022-06-13 20:26 - 2022-06-13 23:17 - 000000000 ____D C:\Program Files\Chrome 2022-06-13 20:26 - 2022-06-13 21:57 - 000002156 _____ C:\Users\Gabriel Riera\Desktop\Google chrome.lnk 2022-06-13 20:26 - 2022-06-13 20:44 - 007158336 ____N C:\WINDOWS\system32\Drivers\AC1kHg52p.sys 2022-06-13 20:26 - 2022-06-13 20:26 - 015704024 _____ (Global Media (Thailand) Co., Ltd ) C:\ProgramData\uKe5jvEyOeiyzgXB7Xl1TfKY.exe 2022-06-13 20:26 - 2022-06-13 20:26 - 000000000 ____D C:\Users\Gabriel Riera\AppData\Roaming\axpczynomyhq 2022-06-13 20:26 - 2022-06-13 20:26 - 000000000 ____D C:\Users\Gabriel Riera\AppData\Local\AdvinstAnalytics 2022-06-13 20:25 - 2022-06-15 21:16 - 000002538 _____ C:\WINDOWS\system32\Tasks\ftewk.exe 2022-06-13 20:25 - 2022-06-14 10:10 - 000000000 _RSHD C:\Users\Gabriel Riera\AppData\Roaming\Explorer 2022-06-13 20:25 - 2022-06-13 20:26 - 000000000 ____D C:\Users\Gabriel Riera\AppData\Roaming\Google 2022-06-13 20:25 - 2022-06-13 20:26 - 000000000 ____D C:\Users\Gabriel Riera\AppData\Local\d39be3aa-2623-4dd2-8a80-4d2361dd054e 2022-06-13 20:25 - 2022-06-13 20:25 - 000000559 _____ C:\Users\Gabriel Riera\AppData\Local\bowsakkdestx.txt 2022-06-13 20:25 - 2022-06-13 20:25 - 000000000 ____D C:\Users\Gabriel Riera\AppData\Local\Yandex 2022-06-13 20:25 - 2022-06-13 20:25 - 000000000 ____D C:\SystemID 2022-06-13 20:24 - 2022-06-14 22:09 - 000000000 ____D C:\WINDOWS\SysWOW64\qkyenspk 2022-06-13 20:24 - 2022-06-13 20:26 - 000684984 _____ (Mozilla Foundation) C:\Users\Gabriel Riera\AppData\LocalLow\freebl3.dll 2022-06-13 20:24 - 2022-06-13 20:26 - 000627128 _____ (Mozilla Foundation) C:\Users\Gabriel Riera\AppData\LocalLow\mozglue.dll 2022-06-13 20:24 - 2022-06-13 20:26 - 000254392 _____ (Mozilla Foundation) C:\Users\Gabriel Riera\AppData\LocalLow\softokn3.dll 2022-06-13 20:24 - 2022-06-13 20:26 - 000000162 _____ C:\Users\Gabriel Riera\AppData\LocalLow\nssdbm3.dll 2022-06-13 16:41 - 2022-06-13 16:41 - 000000147 _____ C:\Users\Crowdap\Desktop\txt.txt 2022-06-03 20:26 - 2022-06-03 20:26 - 000000122 _____ C:\Users\Crowdap\Desktop\vpn.txt 2022-06-01 09:58 - 2022-06-15 10:14 - 000000000 ____D C:\Users\Crowdap\Desktop\JUNIO 2022-05-29 17:44 - 2022-05-29 17:44 - 000000000 ____D C:\Users\Gabriel Riera\AppData\Local\Windscribe 2022-05-29 17:22 - 2022-05-29 17:22 - 000057768 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tapwindscribe0901.sys 2022-05-29 17:22 - 2022-05-29 17:22 - 000047544 _____ (WireGuard LLC) C:\WINDOWS\system32\Drivers\windtun420.sys 2022-05-28 19:20 - 2022-05-28 19:20 - 000000000 ____D C:\Users\Crowdap\AppData\Roaming\Zoom 2022-05-28 19:03 - 2022-06-11 11:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TLauncher 2022-05-28 13:26 - 2022-06-11 12:03 - 000000000 ____D C:\Users\Gabriel Riera\Documents\Telegram 2022-05-28 13:16 - 2022-06-13 20:45 - 000000000 ____D C:\Users\Gabriel Riera\.android 2022-05-28 13:04 - 2022-06-13 20:45 - 000000000 ____D C:\Users\Gabriel Riera\Documents\HiSuite 2022-05-28 13:04 - 2022-05-28 13:04 - 000001060 _____ C:\Users\Gabriel Riera\Desktop\HiSuite.lnk 2022-05-28 13:04 - 2022-05-28 13:04 - 000000000 ____D C:\Users\Gabriel Riera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiSuite 2022-05-28 13:04 - 2022-05-28 13:04 - 000000000 ____D C:\Program Files (x86)\HiSuite 2022-05-28 13:04 - 2021-11-07 21:20 - 002149184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFUpdate_01009.dll 2022-05-28 13:04 - 2021-11-07 21:20 - 001718592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll 2022-05-28 13:04 - 2021-11-07 21:20 - 001718592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfCoInstaller01009.dll 2022-05-28 13:04 - 2021-11-07 21:20 - 000999744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winusbcoinstaller2.dll 2022-05-28 13:04 - 2021-11-07 21:20 - 000287232 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_quusbnet.sys 2022-05-28 13:04 - 2021-11-07 21:20 - 000226560 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_quusbmdm.sys 2022-05-28 13:04 - 2021-11-07 21:20 - 000127360 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_cdcacm.sys 2022-05-28 13:04 - 2021-11-07 21:20 - 000116864 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_usbdev.sys 2022-05-28 13:04 - 2021-11-07 21:20 - 000018944 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_usbccgpfilter.sys 2022-05-28 13:03 - 2022-05-28 13:04 - 000000000 ____D C:\Users\Gabriel Riera\AppData\Local\HiSuite 2022-05-28 12:51 - 2022-05-28 12:57 - 000000000 ____D C:\Users\Gabriel Riera\Documents\fotos y documentos del telefono 2022-05-28 08:55 - 2022-05-28 08:55 - 000001975 _____ C:\Users\Crowdap\Desktop\WhatsApp - BlueStacks App Player 1.lnk 2022-05-26 19:49 - 2022-06-15 19:32 - 000000799 _____ C:\Users\Crowdap\Desktop\correos.txt 2022-05-26 12:20 - 2022-04-19 03:46 - 000513272 _____ (Intel) C:\WINDOWS\system32\libvpl.dll 2022-05-26 12:20 - 2022-04-19 03:46 - 000445488 _____ (Intel) C:\WINDOWS\SysWOW64\libvpl.dll 2022-05-26 12:20 - 2022-04-19 03:45 - 000961384 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll 2022-05-26 12:20 - 2022-04-19 03:44 - 000720080 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll 2022-05-26 12:20 - 2022-04-19 03:44 - 000151928 _____ C:\WINDOWS\system32\ze_validation_layer.dll 2022-05-26 12:20 - 2022-04-19 03:43 - 001897048 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2022-05-26 12:20 - 2022-04-19 03:43 - 001897048 _____ C:\WINDOWS\system32\vulkaninfo.exe 2022-05-26 12:20 - 2022-04-19 03:43 - 001474688 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2022-05-26 12:20 - 2022-04-19 03:43 - 001474688 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2022-05-26 12:20 - 2022-04-19 03:43 - 001333472 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2022-05-26 12:20 - 2022-04-19 03:43 - 001333472 _____ C:\WINDOWS\system32\vulkan-1.dll 2022-05-26 12:20 - 2022-04-19 03:43 - 001053920 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2022-05-26 12:20 - 2022-04-19 03:43 - 001053920 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2022-05-26 12:20 - 2022-04-19 03:43 - 000604000 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll 2022-05-26 12:20 - 2022-04-19 03:43 - 000463008 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll 2022-05-26 12:20 - 2022-04-19 03:43 - 000462712 _____ C:\WINDOWS\system32\ze_tracing_layer.dll 2022-05-26 12:20 - 2022-04-19 03:43 - 000385424 _____ C:\WINDOWS\system32\ze_loader.dll 2022-05-26 12:20 - 2022-04-19 03:42 - 027899296 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll 2022-05-26 12:20 - 2022-04-19 03:42 - 020640656 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfxplugin32_hw.dll 2022-05-26 12:20 - 2022-04-19 03:42 - 000508800 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2022-05-26 12:20 - 2022-04-19 03:42 - 000372616 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2022-05-26 12:20 - 2022-04-19 03:38 - 000221568 _____ C:\WINDOWS\system32\ControlLib.dll 2022-05-26 12:20 - 2022-04-19 03:38 - 000177144 _____ C:\WINDOWS\system32\ControlLib32.dll 2022-05-25 21:06 - 2022-06-15 21:16 - 000002956 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper_nxt 2022-05-25 21:05 - 2022-06-15 17:35 - 000000000 ____D C:\ProgramData\BlueStacks_nxt 2022-05-25 21:05 - 2022-05-25 21:05 - 000000000 ____D C:\Program Files\BlueStacks_nxt 2022-05-25 17:14 - 2022-05-25 17:14 - 000000000 ____D C:\Users\Crowdap\AppData\Roaming\Waves Audio 2022-05-24 22:30 - 2022-05-24 22:30 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk 2022-05-24 22:28 - 2022-05-24 22:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Betternet Technologies Inc 2022-05-24 22:28 - 2022-05-24 22:28 - 000000000 ____D C:\Program Files (x86)\Betternet 2022-05-24 22:26 - 2022-05-24 22:26 - 000001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk 2022-05-24 22:26 - 2022-05-24 22:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2022-05-24 22:26 - 2022-05-24 22:26 - 000000000 ____D C:\Program Files\VS Revo Group 2022-05-24 22:24 - 2022-06-13 20:45 - 007514214 _____ C:\Users\Gabriel Riera\Downloads\revosetup.exe.bbii 2022-05-24 19:16 - 2022-05-24 19:16 - 000000000 ____D C:\Users\Gabriel Riera\Documents\Zoom 2022-05-22 15:09 - 2022-06-14 03:16 - 000000000 ____D C:\Users\Gabriel Riera\Documents\MOffice 2019 2022-05-19 09:41 - 2022-05-19 09:41 - 000000000 ____D C:\Program Files\TAP-Windows 2022-05-17 20:32 - 2022-06-15 16:51 - 000005283 _____ C:\Users\Crowdap\Desktop\RESPUESTAS.txt 2022-05-16 21:13 - 2022-06-13 20:45 - 000217405 _____ C:\Users\Gabriel Riera\Documents\mesa señora edesa.skp.bbii ==================== Un mes (modificado) ================== (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2022-06-15 21:24 - 2022-05-10 14:45 - 000000000 ____D C:\Users\Crowdap\AppData\Roaming\discord 2022-06-15 21:22 - 2022-05-10 14:45 - 000000000 ____D C:\Users\Crowdap\AppData\Local\Discord 2022-06-15 21:16 - 2022-04-17 09:35 - 000002620 _____ C:\WINDOWS\system32\Tasks\Uninstaller_SkipUac_Gabriel_Riera 2022-06-15 21:16 - 2022-01-25 09:06 - 000003376 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{02DA4331-C475-4E8C-9837-48E66B064FE8} 2022-06-15 21:16 - 2021-11-28 19:51 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-06-15 21:16 - 2021-11-28 19:51 - 000003270 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7e1a1b97501a0 2022-06-15 21:16 - 2021-11-24 22:12 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2022-06-15 21:16 - 2021-11-24 22:12 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2022-06-15 21:12 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-06-15 20:20 - 2021-11-24 22:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-06-15 18:23 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-06-15 18:22 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-06-15 17:50 - 2022-05-09 16:40 - 000000000 ____D C:\Users\Crowdap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox 2022-06-15 17:36 - 2021-11-24 22:06 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-06-15 16:34 - 2022-03-28 12:33 - 000000000 ____D C:\Users\Crowdap\AppData\LocalLow\Mozilla 2022-06-15 14:47 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ServiceState 2022-06-15 09:52 - 2022-03-04 20:52 - 000000000 ____D C:\Users\Crowdap\AppData\Local\AVAST Software 2022-06-15 09:21 - 2022-03-04 20:52 - 000000000 __SHD C:\Users\Crowdap\IntelGraphicsProfiles 2022-06-15 09:20 - 2021-11-17 15:31 - 000000000 __SHD C:\Users\Gabriel Riera\IntelGraphicsProfiles 2022-06-15 07:20 - 2021-11-25 00:48 - 000825910 _____ C:\WINDOWS\system32\perfh00A.dat 2022-06-15 07:20 - 2021-11-25 00:48 - 000165790 _____ C:\WINDOWS\system32\perfc00A.dat 2022-06-15 07:20 - 2021-11-24 22:16 - 001871468 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-06-15 07:20 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF 2022-06-15 07:15 - 2022-01-15 20:59 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2022-06-15 07:15 - 2021-11-24 22:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-06-15 07:15 - 2021-11-24 22:05 - 000008192 ___SH C:\DumpStack.log.tmp 2022-06-15 07:15 - 2019-12-07 05:03 - 028311552 _____ C:\WINDOWS\system32\config\BCD000000 2022-06-14 23:06 - 2019-12-07 05:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI 2022-06-14 23:02 - 2021-12-13 22:00 - 000000000 ____D C:\Users\Gabriel Riera\AppData\Roaming\WhatsApp 2022-06-14 22:09 - 2021-11-17 22:57 - 000000000 ____D C:\Users\Gabriel Riera\AppData\Local\AVAST Software 2022-06-14 21:14 - 2017-09-29 09:46 - 000000219 _____ C:\WINDOWS\system.ini 2022-06-14 20:58 - 2017-09-29 09:46 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2022-06-14 20:07 - 2022-03-28 12:33 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-06-14 13:08 - 2021-11-24 22:05 - 000439816 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-06-14 13:07 - 2019-12-07 05:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-06-14 13:07 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2022-06-14 13:07 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-06-14 13:07 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2022-06-14 13:07 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-06-14 13:07 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-06-14 13:07 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-06-14 13:07 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2022-06-14 13:07 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2022-06-14 13:07 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-06-14 13:07 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2022-06-14 13:07 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning 2022-06-14 13:07 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-06-14 13:07 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-06-14 13:07 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\System 2022-06-14 09:31 - 2022-04-24 19:19 - 000000000 ____D C:\Users\Crowdap\AppData\Local\ProtonVPN 2022-06-14 09:12 - 2021-11-24 22:07 - 000000000 ____D C:\Users\Gabriel Riera 2022-06-14 08:46 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-06-14 08:34 - 2022-03-04 20:54 - 000000000 ____D C:\Users\Crowdap\AppData\Local\D3DSCache 2022-06-14 03:16 - 2022-04-15 23:31 - 000000000 ____D C:\WINDOWS\system32\gf2engine 2022-06-14 03:16 - 2022-03-04 20:52 - 000000000 ____D C:\Users\Crowdap 2022-06-14 03:15 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\registration 2022-06-14 03:14 - 2022-01-22 16:03 - 000000000 ____D C:\GoogleChromePortable 2022-06-14 03:06 - 2022-05-07 14:26 - 000000000 ____D C:\Users\Gabriel Riera\AppData\LocalLow\Sun 2022-06-14 03:06 - 2022-01-15 20:59 - 000000000 ____D C:\Users\Gabriel Riera\AppData\Roaming\TeamViewer 2022-06-14 03:05 - 2022-04-15 22:59 - 000000000 ____D C:\Users\Gabriel Riera\AppData\Local\Mozilla 2022-06-14 03:05 - 2022-01-08 19:33 - 000000000 ____D C:\Users\Gabriel Riera\AppData\LocalLow\Google 2022-06-14 01:28 - 2019-12-07 05:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2022-06-14 01:16 - 2021-11-24 22:15 - 000000000 ____D C:\Users\Gabriel Riera\AppData\Local\PlaceholderTileLogoFolder 2022-06-14 01:16 - 2021-11-17 15:03 - 000000000 ____D C:\Users\Gabriel Riera\AppData\Local\Packages 2022-06-14 00:44 - 2021-11-20 14:52 - 000000000 ____D C:\WINDOWS\UpdateAssistant 2022-06-14 00:41 - 2021-11-20 13:46 - 000000000 ____D C:\Users\Gabriel Riera\AppData\Local\CrashDumps 2022-06-14 00:37 - 2021-11-25 19:32 - 000000000 ____D C:\Users\Gabriel Riera\AppData\Local\D3DSCache 2022-06-13 23:53 - 2019-12-07 05:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2022-06-13 23:24 - 2021-11-17 22:48 - 000000000 ____D C:\ProgramData\Avast Software 2022-06-13 23:23 - 2022-03-04 20:52 - 000000000 ___RD C:\Users\Crowdap\OneDrive 2022-06-13 23:23 - 2021-11-17 15:05 - 000000000 ___RD C:\Users\Gabriel Riera\OneDrive 2022-06-13 21:52 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2022-06-13 21:49 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2022-06-13 20:45 - 2022-05-07 17:28 - 005719684 _____ C:\Users\Gabriel Riera\Downloads\Moffice.zip.bbii 2022-06-13 20:45 - 2022-05-07 15:09 - 000650062 _____ C:\Users\Gabriel Riera\Downloads\formulario-de-cedula.doc.bbii 2022-06-13 20:45 - 2022-04-25 20:06 - 024384622 _____ C:\Users\Gabriel Riera\Downloads\tuxlerVPNSetup.exe.bbii 2022-06-13 20:45 - 2022-04-17 12:00 - 025071646 _____ C:\Users\Gabriel Riera\Downloads\ProtonVPN_win_v1.26.0.exe.bbii 2022-06-13 20:45 - 2022-04-17 11:12 - 016779966 _____ C:\Users\Gabriel Riera\Downloads\RevoUninProSetup.exe.bbii 2022-06-13 20:45 - 2022-04-15 22:43 - 008569166 _____ C:\Users\Gabriel Riera\Downloads\betternet Setup.msi.bbii 2022-06-13 20:45 - 2022-03-26 19:55 - 000007213 _____ C:\Users\Crowdap\-1.14-windows.xml 2022-06-13 20:45 - 2022-02-10 22:23 - 000000000 ____D C:\Users\Gabriel Riera\Documents\videos con repisas y muebles 2022-06-13 20:45 - 2022-02-04 17:06 - 000000590 _____ C:\Users\Gabriel Riera\AppData\LocalLow\rbxcsettings.rbx.bbii 2022-06-13 20:45 - 2022-01-27 21:21 - 000190163 _____ C:\Users\Gabriel Riera\Documents\Doc1.pdf.bbii 2022-06-13 20:45 - 2022-01-17 23:08 - 004246718 _____ C:\Users\Gabriel Riera\Downloads\ProxifierSetup.exe.bbii 2022-06-13 20:45 - 2022-01-09 17:32 - 000000000 ____D C:\Users\Gabriel Riera\Documents\VISA-REQUISITOS 2022-06-13 20:45 - 2022-01-08 17:04 - 000317711 _____ C:\Users\Gabriel Riera\Documents\Cedula.pdf.bbii 2022-06-13 20:45 - 2021-12-29 21:50 - 000449989 _____ C:\Users\Gabriel Riera\Documents\Visa americana para venezolanos_ ¿dónde solicitarla para entrar a EE. UU._.html.bbii 2022-06-13 20:45 - 2021-12-29 21:50 - 000000000 ____D C:\Users\Gabriel Riera\Documents\Visa americana para venezolanos_ ¿dónde solicitarla para entrar a EE. UU.__files 2022-06-13 20:45 - 2021-11-23 21:38 - 000000000 ____D C:\Users\Gabriel Riera\Documents\SketchCut 2022-06-13 20:45 - 2021-11-21 14:13 - 000000000 ____D C:\Users\Gabriel Riera\Documents\curso de bebidas carbonatadas 2022-06-13 20:45 - 2021-11-20 14:50 - 000000000 ____D C:\Users\Gabriel Riera\Documents\sketchup 2022-06-13 20:45 - 2021-11-17 15:03 - 000000000 ____D C:\Users\Gabriel Riera\AppData\Local\VirtualStore 2022-06-13 20:27 - 2022-04-18 19:33 - 000002369 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk 2022-06-13 20:27 - 2022-04-18 19:33 - 000002369 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk 2022-06-13 20:27 - 2022-01-23 19:48 - 000002361 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-06-13 20:27 - 2021-11-18 19:54 - 000000000 ____D C:\ProgramData\Package Cache 2022-06-13 20:25 - 2019-12-07 05:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2022-06-12 16:01 - 2022-03-28 12:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-06-12 16:01 - 2022-03-28 12:32 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-06-11 17:47 - 2022-03-28 12:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-06-11 17:47 - 2022-03-28 12:32 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-06-11 11:52 - 2022-03-27 10:16 - 000000000 ____D C:\Users\Crowdap\Desktop\Nueva carpeta 2022-06-06 16:47 - 2022-04-20 21:48 - 000002124 _____ C:\Users\Public\Desktop\Betternet.lnk 2022-06-06 16:47 - 2021-12-19 21:30 - 000000000 ____D C:\WINDOWS\SystemTemp 2022-06-06 14:28 - 2022-05-07 13:01 - 000000000 ____D C:\Users\Crowdap\AppData\Local\Opera Software 2022-06-04 14:26 - 2022-05-07 13:01 - 000000000 ____D C:\Users\Crowdap\AppData\Roaming\.minecraft 2022-06-04 13:31 - 2022-05-07 13:01 - 000000000 ____D C:\Users\Crowdap\AppData\Roaming\.tlauncher 2022-06-03 16:24 - 2021-11-17 22:13 - 000000000 ____D C:\ProgramData\Packages 2022-06-01 18:17 - 2022-03-05 22:18 - 000000000 ____D C:\Users\Crowdap\AppData\Local\CrashDumps 2022-05-30 22:17 - 2021-12-13 22:00 - 000000000 ____D C:\Users\Gabriel Riera\AppData\Local\WhatsApp 2022-05-29 17:38 - 2022-03-26 19:58 - 000000000 ____D C:\Users\Crowdap\AppData\Local\BlueStacks X 2022-05-28 19:20 - 2022-02-04 16:14 - 000002344 _____ C:\Users\Gabriel Riera\Desktop\Zoom.lnk 2022-05-28 17:03 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2022-05-28 13:00 - 2022-05-07 17:30 - 000000000 ____D C:\Program Files\Microsoft Office 2022-05-25 21:05 - 2022-03-26 19:47 - 000000000 ____D C:\Users\Public\BlueStacks 2022-05-25 21:05 - 2022-03-26 19:47 - 000000000 ____D C:\Users\Crowdap\AppData\Local\BlueStacks 2022-05-25 20:43 - 2022-03-26 19:49 - 000002000 _____ C:\Users\Public\Desktop\BlueStacks X.lnk 2022-05-25 20:43 - 2022-03-26 19:49 - 000000000 ____D C:\Program Files (x86)\BlueStacks X 2022-05-25 18:57 - 2022-05-03 18:33 - 000000000 ____D C:\Users\Crowdap\AppData\Local\cache 2022-05-25 18:40 - 2022-05-02 12:46 - 000000256 _____ C:\Users\Crowdap\AppData\LocalLow\rbxcsettings.rbx 2022-05-24 23:06 - 2022-04-09 17:59 - 000000523 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2022-05-24 22:28 - 2022-04-20 21:48 - 000000000 ____D C:\ProgramData\Betternet 2022-05-24 22:14 - 2021-11-17 22:30 - 000000000 ____D C:\Program Files (x86)\Google 2022-05-22 14:38 - 2022-04-17 11:28 - 000000000 ____D C:\Users\Gabriel Riera\Documents\COPIA DE REGISTRO REGEDIT 2022-05-20 14:02 - 2022-02-13 12:39 - 000000000 ____D C:\Users\Gabriel Riera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome ==================== Archivos en la raíz de algunos directorios ======== 2022-06-13 20:26 - 2022-06-13 20:26 - 015704024 _____ (Global Media (Thailand) Co., Ltd ) C:\ProgramData\uKe5jvEyOeiyzgXB7Xl1TfKY.exe 2022-06-13 20:25 - 2022-06-13 20:25 - 000001234 _____ () C:\Program Files (x86)\Common Files\SHokemaexove.exe.config 2022-06-13 20:44 - 2022-06-13 20:54 - 000001810 _____ () C:\Program Files (x86)\Common Files\Windows__Update.exe.config 2022-05-13 09:29 - 2022-05-13 09:29 - 000248375 ___SH () C:\Users\Gabriel Riera\AppData\Roaming\jjcadfu 2022-01-29 18:14 - 2022-01-29 19:07 - 000005085 _____ () C:\Users\Gabriel Riera\AppData\Roaming\plugin_scan_state_VST2_x32.scan 2022-01-29 18:14 - 2022-01-29 19:07 - 000001236 _____ () C:\Users\Gabriel Riera\AppData\Roaming\plugin_scan_state_VST2_x64.scan 2022-01-29 18:14 - 2022-01-29 19:07 - 000000059 _____ () C:\Users\Gabriel Riera\AppData\Roaming\plugin_scan_state_VST3_x32.scan 2022-01-29 18:14 - 2022-01-29 19:07 - 000000059 _____ () C:\Users\Gabriel Riera\AppData\Roaming\plugin_scan_state_VST3_x64.scan 2022-05-13 09:29 - 2022-05-13 09:29 - 000248375 ___SH () C:\Users\Gabriel Riera\AppData\Roaming\shdgdsi 2022-06-13 20:25 - 2022-06-13 20:25 - 000000559 _____ () C:\Users\Gabriel Riera\AppData\Local\bowsakkdestx.txt ==================== FLock ============================== 2022-06-14 22:09 C:\WINDOWS\SysWOW64\qkyenspk 2022-06-14 23:06 C:\WINDOWS\system32\config\SYSTEM 2022-06-13 20:44 C:\WINDOWS\system32\Drivers\AC1kHg52p.sys ==================== SigCheck ============================ (No existe una corrección automática para los archivos que no pasan la verificación.) ==================== Final de FRST.txt ========================