Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 18-04-2020 Ejecutado por Renzo (administrador) sobre DESKTOP-45G2IIM (18-04-2020 17:10:11) Ejecutado desde C:\Users\Renzo\Downloads Perfiles cargados: Renzo (Perfiles disponibles: Renzo) Platform: Windows 10 Pro Versión 1909 18363.720 (X64) Idioma: Español (México) Navegador predeterminado: Chrome Modo de Inicio: Normal Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesos (Lista blanca) ================= (Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.) () [Archivo no firmado] C:\Program Files (x86)\Trust GXT 155 Gaming Mouse\GXT155mon.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0353575.inf_amd64_8e19095ae833d985\B353558\atieclxx.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0353575.inf_amd64_8e19095ae833d985\B353558\atiesrxx.exe (Discord Inc. -> Discord Inc.) C:\Users\Renzo\AppData\Local\Discord\app-0.0.306\Discord.exe <6> (Eastern Times Technology Co.,Ltd -> ) C:\Program Files (x86)\Trust GXT 155 Gaming Mouse\ETGMSrv.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <20> (Google LLC -> Google) C:\Users\Renzo\AppData\Local\Google\Chrome\User Data\SwReporter\81.233.200\software_reporter_tool.exe <4> (Guangzhou Ugee Computers Technology Co.,Ltd -> Ugee Technology Company Ltd) C:\Program Files\Pentablet\PentabletService.exe (Kristjan Skutta -> ) E:\Kms\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe (Kristjan Skutta -> ) E:\Kms\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe (LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe (LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.40.7001.0_x64__8wekyb3d8bbwe\GamingServices.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.40.7001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <3> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.143.0.24\OverwolfHelper.exe (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.143.0.24\OverwolfHelper64.exe (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.143.0.24\OverwolfBrowser.exe <3> (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe (Scarlet.Crush Productions) [Archivo no firmado] E:\ScpServer\bin\ScpService.exe (TunnelBear -> TunnelBear) C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe ==================== Registro (Lista blanca) =================== (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.) HKLM\...\Run: [PentabletService] => C:\Program Files\Pentablet\PentabletService.exe [2236688 2019-11-25] (Guangzhou Ugee Computers Technology Co.,Ltd -> Ugee Technology Company Ltd) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.) HKLM-x32\...\Run: [GXT155gmmouseRun] => C:\Program Files (x86)\Trust GXT 155 Gaming Mouse\GXT155mon.exe [3435520 2018-06-11] () [Archivo no firmado] HKLM-x32\...\Run: [REDRAGON IMPACT Gaming Mouse] => C:\Program Files (x86)\REDRAGON IMPACT Gaming Mouse\hid.exe [960000 2018-12-11] () [Archivo no firmado] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-2925151358-431336194-2568937198-1001\...\Run: [Discord] => C:\Users\Renzo\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-2925151358-431336194-2568937198-1001\...\Run: [utweb] => C:\Users\Renzo\AppData\Roaming\uTorrent Web\utweb.exe [5427840 2020-02-11] (Jenkins Win Client Build CA -> BitTorrent Inc.) [Archivo no firmado] HKU\S-1-5-21-2925151358-431336194-2568937198-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91585088 2020-03-31] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-2925151358-431336194-2568937198-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4293120 2016-05-31] (Disc Soft Ltd) [Archivo no firmado] HKU\S-1-5-21-2925151358-431336194-2568937198-1001\...\Run: [Spotify] => C:\Users\Renzo\AppData\Roaming\Spotify\Spotify.exe [22932200 2020-04-13] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-2925151358-431336194-2568937198-1001\...\Run: [ASRockRuefi] => [X] HKU\S-1-5-21-2925151358-431336194-2568937198-1001\...\Run: [Voicemod] => C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe [2377728 2019-12-14] (Voicemod) [Archivo no firmado] HKU\S-1-5-21-2925151358-431336194-2568937198-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1749848 2020-03-14] (Overwolf Ltd -> Overwolf Ltd.) HKU\S-1-5-21-2925151358-431336194-2568937198-1001\...\MountPoints2: {fcdc0d8e-c1f3-11e9-bd8b-7085c230ed00} - "F:\setup.exe" HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.113\Installer\chrmstp.exe [2020-04-17] (Google LLC -> Google LLC) Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN ==================== Tareas programadas (Lista blanca) ============ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) Task: {043840BE-D58A-46DC-A402-C6B846E39BEB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe Task: {068D255F-14E2-4852-AE28-2E965F1FA7B5} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2463064 2020-03-14] (Overwolf Ltd -> Overwolf LTD) Task: {2B6F5468-FDC0-445E-903C-33E8C8071807} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [1628160 2020-04-01] (Advanced Micro Devices, Inc.) [Archivo no firmado] Task: {39660451-38C9-4662-90BF-B8A88F9430B7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-24] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4194812B-C550-42B3-8575-4B68A3B821E2} - System32\Tasks\KMSpico Auto Update Scheduler => C:\Program Files (x86)\Common Files\KMSpico\Update\kmsupd.exe [81248 2020-02-26] (@ByELDI -> ByELDI) [Archivo no firmado] Task: {47222196-DCE0-4FE9-A5E5-FFEDFCDBC401} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-24] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {697051C0-3011-4552-8745-ACF56E491205} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-05-11] (Google Inc -> Google LLC) Task: {6DA43600-0B95-4A85-9CAF-D6E2129611DE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6260640 2019-11-03] (Microsoft Corporation -> Microsoft Corporation) Task: {76553DA6-4CF1-418E-8C73-107CFBCDCA21} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe Task: {7BBE6BD9-97F3-4CD2-ADCE-C51DEDDA6991} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-04-01] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {8DC47F52-83CE-4977-A25D-6BC73F24524E} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-04-01] (Advanced Micro Devices, Inc.) [Archivo no firmado] Task: {915FC39F-888F-4210-BD80-076E64F9EC65} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155992 2019-11-23] (Microsoft Corporation -> Microsoft Corporation) Task: {B5207731-4A03-43CF-A5F7-F77BEAFADB9B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155992 2019-11-23] (Microsoft Corporation -> Microsoft Corporation) Task: {BB952FED-8382-48E7-A09A-9BF068335D9A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-24] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C6BD6A9B-0207-4BAF-89CA-BA4E684CCE2D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6260640 2019-11-03] (Microsoft Corporation -> Microsoft Corporation) Task: {CB785DFC-B8CE-44B8-928D-A1748ACFDB01} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2170168 2019-11-23] (Microsoft Corporation -> Microsoft Corporation) Task: {CCF32CA8-F99B-4494-BB38-967168871ACC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-24] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D9577D39-E0A2-4BBF-8996-352B9E70ABA9} - System32\Tasks\Driver Booster SkipUAC (Renzo) => C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe Task: {DC901CB3-1B73-466B-B879-0B533BB4139D} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-04-01] (Advanced Micro Devices, Inc.) [Archivo no firmado] Task: {F1050293-67A6-4908-9168-5650189A1E3B} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-04-01] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {F4CD5773-C6F7-480B-9B52-79E771393939} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2170168 2019-11-23] (Microsoft Corporation -> Microsoft Corporation) Task: {F8A89004-C0F7-4CD5-88B5-1E0293A76DFA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-05-11] (Google Inc -> Google LLC) (Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.) ==================== Internet (Lista blanca) ==================== (Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.) Tcpip\Parameters: [DhcpNameServer] 100.72.3.109 100.72.3.5 Tcpip\..\Interfaces\{39e51e43-b1fa-4df9-85a7-b45f907a1f4c}: [DhcpNameServer] 200.49.130.41 200.42.4.210 Tcpip\..\Interfaces\{707c6584-7907-4fcd-8a91-9e7bc1a73918}: [DhcpNameServer] 100.72.3.109 100.72.3.5 Tcpip\..\Interfaces\{7e0010f7-d4dd-4093-b868-73ec8e828a7f}: [DhcpNameServer] 100.72.3.109 100.72.3.5 Tcpip\..\Interfaces\{ecfdcc6e-fcb6-496b-8a54-3de6d758e6f3}: [DhcpNameServer] 200.42.4.204 200.49.130.47 Internet Explorer: ================== BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-10-15] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-03-21] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-03-21] (Oracle America, Inc. -> Oracle Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-11-03] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-11-03] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-11-03] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-11-03] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-10-15] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-03-21] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-03-21] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-10-15] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\Renzo\AppData\Local\Google\Chrome\User Data\Default [2020-04-18] CHR HomePage: Default -> hxxps://www.youtube.com/ CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Extension: (Presentaciones) - C:\Users\Renzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-18] CHR Extension: (Osu theme Dark) - C:\Users\Renzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahnfdnlpldlfmkhplkdmckhbnodkpnkc [2020-04-18] CHR Extension: (BetterTTV) - C:\Users\Renzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2020-04-18] CHR Extension: (Documentos) - C:\Users\Renzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-18] CHR Extension: (Google Drive) - C:\Users\Renzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-18] CHR Extension: (YouTube) - C:\Users\Renzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-18] CHR Extension: (Hojas de cálculo) - C:\Users\Renzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-18] CHR Extension: (Documentos de Google sin conexión) - C:\Users\Renzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-18] CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\Renzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-04-18] CHR Extension: (Arcane Legends) - C:\Users\Renzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibmlkgieigeddcedpbijnpojheoddido [2020-04-18] CHR Extension: (Captain Zorro: The Secret Lab) - C:\Users\Renzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nccgdgkdcinfegdonllcmbjjbmkmkpcj [2020-04-18] CHR Extension: (YouTube NonStop) - C:\Users\Renzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlkaejimjacpillmajjnopmpbkbnocid [2020-04-18] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Renzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-18] CHR Extension: (Gmail) - C:\Users\Renzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-18] CHR Extension: (Chrome Media Router) - C:\Users\Renzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-18] ==================== Servicios (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\u0353575.inf_amd64_8e19095ae833d985\B353558\atiesrxx.exe [524512 2020-04-02] (Advanced Micro Devices, Inc. -> AMD) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8413472 2020-02-26] (BattlEye Innovations e.K. -> ) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-05-30] (Disc Soft Ltd -> Disc Soft Ltd) R2 Ds3Service; E:\ScpServer\bin\ScpService.exe [381952 2014-03-13] (Scarlet.Crush Productions) [Archivo no firmado] S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [782976 2020-01-28] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) R2 ETGMGlcsSrv; C:\Program Files (x86)\Trust GXT 155 Gaming Mouse\ETGMSrv.exe [1181544 2012-04-24] (Eastern Times Technology Co.,Ltd -> ) R2 GameInput; C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe [48776 2020-04-07] (Microsoft Corporation -> Microsoft Corporation) R2 GamingServices; C:\Program Files\WindowsApps\Microsoft.GamingServices_2.40.7001.0_x64__8wekyb3d8bbwe\GamingServices.exe [46008 2020-04-15] (Microsoft Corporation -> Microsoft Corporation) R2 GamingServicesNet; C:\Program Files\WindowsApps\Microsoft.GamingServices_2.40.7001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe [46008 2020-04-15] (Microsoft Corporation -> Microsoft Corporation) R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.) S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6933272 2020-04-17] (Malwarebytes Inc -> Malwarebytes) S3 Origin Client Service; E:\Origin\OriginClientService.exe [2505008 2020-02-07] (Electronic Arts, Inc. -> Electronic Arts) S2 Origin Web Helper Service; E:\Origin\OriginWebHelperService.exe [3427640 2020-02-07] (Electronic Arts, Inc. -> Electronic Arts) S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2463064 2020-03-14] (Overwolf Ltd -> Overwolf LTD) S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1314448 2020-03-11] (Rockstar Games, Inc. -> Rockstar Games) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5929920 2020-03-12] (Microsoft Windows Publisher -> Microsoft Corporation) S3 sshd; C:\WINDOWS\System32\OpenSSH\sshd.exe [974848 2019-08-17] (Microsoft Windows -> ) S3 SshdBroker; C:\WINDOWS\System32\SshdBroker.dll [290816 2019-10-03] (Microsoft Windows -> Microsoft Corporation) R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [137848 2020-04-09] (TunnelBear -> TunnelBear) S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2019-07-21] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) R2 Wallpaper Engine Service; E:\Kms\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe [354808 2019-05-07] (Kristjan Skutta -> ) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-03-24] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-03-24] (Microsoft Windows Publisher -> Microsoft Corporation) S2 ClickToRunSvc; "C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service [X] ===================== Controladores (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [45832 2019-10-01] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc) R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [24528 2019-10-13] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc) R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\u0353575.inf_amd64_8e19095ae833d985\B353558\atikmdag.sys [65752288 2020-04-02] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\u0353575.inf_amd64_8e19095ae833d985\B353558\atikmpag.sys [592096 2020-04-02] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31520 2019-10-13] (Advanced Micro Devices Inc. -> Advanced Micro Devices) R0 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [146304 2019-10-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. ) R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [93240 2019-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices) R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [33336 2019-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices) S3 AsrDrv103; C:\WINDOWS\SysWOW64\Drivers\AsrDrv103.sys [34568 2019-08-24] (ASROCK Incorporation -> ASRock Incorporation) [Archivo no firmado] R3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4321160 2019-10-13] (Qualcomm Atheros -> Qualcomm Atheros Communications, Inc.) S3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [108152 2019-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-11] (Microsoft Corporation) [Archivo no firmado] S3 CMUSBDAC; C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys [3819744 2018-07-24] (WDKTestCert cm359,131641702659254692 -> C-MEDIA) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [136040 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [33592 2020-03-16] (DEV47 APPS -> Dev47Apps) R3 DroidCamVideo; C:\WINDOWS\System32\drivers\droidcamvideo.sys [229432 2020-03-16] (DEV47 APPS -> Dev47Apps) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2019-08-20] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2019-08-20] (Disc Soft Ltd -> Disc Soft Ltd) S3 FairplayKD; C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [103488 2020-02-04] (Hans Roes -> Multi Theft Auto) R3 gameflt; C:\WINDOWS\System32\DriverStore\FileRepository\gameflt.inf_amd64_158653e0522d616e\gameflt.sys [71000 2020-04-15] (Microsoft Windows -> Microsoft Corporation) S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.) R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-10-13] (Martin Malik - REALiX -> REALiX(tm)) S3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45168 2018-10-05] (Logitech Inc -> Logitech Inc.) R3 Larmkanal; C:\WINDOWS\System32\drivers\Larmkanal.sys [33112 2015-09-02] (ADORIASOFT LLC -> Adoriasoft LLC) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-04-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 Phosgene; C:\WINDOWS\system32\DRIVERS\Phosgene.sys [34136 2015-09-02] (ADORIASOFT LLC -> Adoriasoft LLC) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1158944 2019-10-13] (Realtek Semiconductor Corp. -> Realtek ) R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2020-04-08] (TunnelBear, Inc. -> The OpenVPN Project) S3 tesrsdt; C:\WINDOWS\system32\drivers\tesrsdt.sys [442128 2019-10-13] (Tencent Technology(Shenzhen) Company Limited -> TENCENT) S3 TesSafe; C:\WINDOWS\system32\TesSafe.sys [555064 2019-10-16] (Tencent Technology(Shenzhen) Company Limited -> TENCENT) R3 usbglcs1100302; C:\WINDOWS\system32\drivers\usbglcs1100302.sys [25600 2014-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) R3 VBAudioVMVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2019-05-23] (Vincent Burel -> Windows (R) Win 7 DDK provider) R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2018-12-11] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) R3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [45408 2019-07-02] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-03-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [391392 2020-03-24] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-24] (Microsoft Windows -> Microsoft Corporation) S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2020-01-01] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) R3 Xvdd; C:\WINDOWS\System32\DriverStore\FileRepository\xvdd.inf_amd64_7c3edb5ea11185bb\xvdd.sys [497000 2020-04-15] (Microsoft Windows -> Microsoft Corporation) S3 LGBusEnum; \SystemRoot\system32\drivers\LGBusEnum.sys [X] S3 LGJoyXlCore; \SystemRoot\system32\drivers\LGJoyXlCore.sys [X] ==================== NetSvcs (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) ==================== Un mes (creado) =================== (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2020-04-18 17:10 - 2020-04-18 17:11 - 000028698 _____ C:\Users\Renzo\Downloads\FRST.txt 2020-04-18 17:09 - 2020-04-18 17:10 - 000000000 ____D C:\FRST 2020-04-18 17:08 - 2020-04-18 17:08 - 002281472 _____ (Farbar) C:\Users\Renzo\Downloads\FRST64.exe 2020-04-18 05:28 - 2020-04-18 05:28 - 000000549 _____ C:\Users\Renzo\Downloads\delete_chrome_policies.bat 2020-04-18 00:03 - 2020-04-18 06:23 - 000000000 ____D C:\Users\Renzo\AppData\Local\Google 2020-04-17 22:52 - 2020-04-17 22:53 - 000000000 ____D C:\AdwCleaner 2020-04-17 00:20 - 2020-04-17 00:20 - 000000000 ____D C:\Program Files (x86)\Windows Kits 2020-04-17 00:20 - 2020-04-17 00:20 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput 2020-04-17 00:20 - 2020-04-15 19:52 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll 2020-04-16 19:18 - 2020-04-16 19:18 - 000003396 _____ C:\WINDOWS\system32\Tasks\KMSpico Auto Update Scheduler 2020-04-15 04:13 - 2020-04-15 04:39 - 000000000 ____D C:\Program Files (x86)\TunnelBear 2020-04-15 04:13 - 2020-04-15 04:13 - 000001968 _____ C:\Users\Public\Desktop\TunnelBear.lnk 2020-04-15 04:13 - 2020-04-15 04:13 - 000000000 ____D C:\Users\Renzo\AppData\Roaming\TunnelBear 2020-04-15 04:13 - 2020-04-15 04:13 - 000000000 ____D C:\Users\Renzo\AppData\Local\TunnelBear 2020-04-15 04:13 - 2020-04-15 04:13 - 000000000 ____D C:\Users\Renzo\AppData\Local\IsolatedStorage 2020-04-15 04:13 - 2020-04-15 04:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TunnelBear 2020-04-15 01:26 - 2020-04-15 01:26 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2020-04-15 01:25 - 2020-04-15 01:26 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2020-04-13 12:07 - 2020-04-13 12:07 - 000000000 ____D C:\WINDOWS\Panther 2020-04-11 19:16 - 2020-04-11 19:16 - 000000000 ____D C:\Users\Renzo\AppData\Roaming\EasyAntiCheat 2020-04-11 14:58 - 2020-04-11 14:58 - 000000000 ____D C:\Users\Renzo\AppData\LocalLow\cultparthia 2020-04-10 16:41 - 2020-04-11 13:50 - 000000000 ____D C:\Users\Renzo\AppData\Roaming\osu 2020-04-10 16:41 - 2020-04-10 16:41 - 000002207 _____ C:\Users\Renzo\Desktop\osu!lazer.lnk 2020-04-10 16:41 - 2020-04-10 16:41 - 000000000 ____D C:\Users\Renzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ppy Pty Ltd 2020-04-10 16:41 - 2020-04-10 16:41 - 000000000 ____D C:\Users\Renzo\AppData\Local\osulazer 2020-04-10 16:34 - 2020-04-10 16:34 - 000000000 ____D C:\Users\Renzo\AppData\Roaming\FlappyDon 2020-04-09 11:59 - 2020-04-18 05:56 - 000002172 _____ C:\Users\Renzo\Desktop\Porofessor.gg.lnk 2020-04-09 11:59 - 2020-04-09 11:59 - 000004408 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task 2020-04-09 11:59 - 2020-04-09 11:59 - 000000000 ____D C:\Users\Renzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf 2020-04-09 11:59 - 2020-04-09 11:59 - 000000000 ____D C:\ProgramData\Overwolf 2020-04-09 11:59 - 2020-04-09 11:59 - 000000000 ____D C:\Program Files (x86)\Overwolf 2020-04-09 11:57 - 2020-04-18 05:55 - 000000000 ____D C:\Users\Renzo\AppData\Local\Overwolf 2020-04-09 01:53 - 2020-04-09 01:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software 2020-04-09 01:53 - 2020-04-09 01:53 - 000000000 ____D C:\Program Files (x86)\AMD 2020-04-08 19:43 - 2020-04-08 19:43 - 000038656 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap-tb-0901.sys 2020-04-05 00:55 - 2020-04-02 06:45 - 001784744 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2020-04-05 00:55 - 2020-04-02 06:45 - 001784744 _____ C:\WINDOWS\system32\vulkaninfo.exe 2020-04-05 00:55 - 2020-04-02 06:44 - 001375144 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2020-04-05 00:55 - 2020-04-02 06:44 - 001375144 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2020-04-05 00:55 - 2020-04-02 06:44 - 001086184 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2020-04-05 00:55 - 2020-04-02 06:44 - 001086184 _____ C:\WINDOWS\system32\vulkan-1.dll 2020-04-05 00:55 - 2020-04-02 06:44 - 000945032 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2020-04-05 00:55 - 2020-04-02 06:44 - 000945032 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2020-04-05 00:55 - 2020-04-02 06:44 - 000761056 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe 2020-04-05 00:55 - 2020-04-02 06:44 - 000574888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll 2020-04-05 00:55 - 2020-04-02 06:44 - 000493992 _____ C:\WINDOWS\system32\dgtrayicon.exe 2020-04-05 00:55 - 2020-04-02 06:44 - 000491944 _____ C:\WINDOWS\system32\GameManager64.dll 2020-04-05 00:55 - 2020-04-02 06:44 - 000485800 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll 2020-04-05 00:55 - 2020-04-02 06:44 - 000451808 _____ C:\WINDOWS\system32\atieah64.exe 2020-04-05 00:55 - 2020-04-02 06:44 - 000428968 _____ C:\WINDOWS\system32\EEURestart.exe 2020-04-05 00:55 - 2020-04-02 06:44 - 000345824 _____ C:\WINDOWS\SysWOW64\atieah32.exe 2020-04-05 00:55 - 2020-04-02 06:44 - 000344800 _____ C:\WINDOWS\system32\clinfo.exe 2020-04-05 00:55 - 2020-04-02 06:44 - 000241888 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll 2020-04-05 00:55 - 2020-04-02 06:44 - 000209120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll 2020-04-05 00:55 - 2020-04-02 06:44 - 000184744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll 2020-04-05 00:55 - 2020-04-02 06:44 - 000163240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll 2020-04-05 00:55 - 2020-04-02 06:44 - 000159456 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll 2020-04-05 00:55 - 2020-04-02 06:44 - 000153512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll 2020-04-05 00:55 - 2020-04-02 06:44 - 000138664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll 2020-04-05 00:55 - 2020-04-02 06:44 - 000136416 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll 2020-04-05 00:55 - 2020-04-02 06:44 - 000136416 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll 2020-04-05 00:55 - 2020-04-02 06:44 - 000124840 _____ C:\WINDOWS\system32\atidxx64.dll 2020-04-05 00:55 - 2020-04-02 06:44 - 000107432 _____ C:\WINDOWS\SysWOW64\atidxx32.dll 2020-04-05 00:55 - 2020-04-02 06:44 - 000091560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mcl64.dll 2020-04-05 00:55 - 2020-04-02 06:44 - 000076200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mcl32.dll 2020-04-05 00:55 - 2020-04-02 06:44 - 000047528 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll 2020-04-05 00:55 - 2020-04-02 06:44 - 000044456 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll 2020-04-05 00:55 - 2020-04-02 06:44 - 000020408 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll 2020-04-05 00:55 - 2020-04-02 06:43 - 078651840 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll 2020-04-05 00:55 - 2020-04-02 06:43 - 062867880 _____ C:\WINDOWS\system32\amd_comgr.dll 2020-04-05 00:55 - 2020-04-02 06:43 - 052403624 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll 2020-04-05 00:55 - 2020-04-02 06:43 - 004585896 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll 2020-04-05 00:55 - 2020-04-02 06:43 - 001243560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll 2020-04-05 00:55 - 2020-04-02 06:43 - 001243560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll 2020-04-05 00:55 - 2020-04-02 06:43 - 000941992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll 2020-04-05 00:55 - 2020-04-02 06:43 - 000769448 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll 2020-04-05 00:55 - 2020-04-02 06:43 - 000554408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll 2020-04-05 00:55 - 2020-04-02 06:43 - 000484776 _____ C:\WINDOWS\system32\amdgfxinfo64.dll 2020-04-05 00:55 - 2020-04-02 06:43 - 000469416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll 2020-04-05 00:55 - 2020-04-02 06:43 - 000467368 _____ C:\WINDOWS\system32\amdlogum.exe 2020-04-05 00:55 - 2020-04-02 06:43 - 000384424 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll 2020-04-05 00:55 - 2020-04-02 06:43 - 000374184 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll 2020-04-05 00:55 - 2020-04-02 06:43 - 000179080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll 2020-04-05 00:55 - 2020-04-02 06:43 - 000158432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll 2020-04-05 00:55 - 2020-04-02 06:43 - 000135592 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2020-04-05 00:55 - 2020-04-02 06:43 - 000121792 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2020-04-05 00:55 - 2020-04-02 06:43 - 000121256 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll 2020-04-05 00:55 - 2020-04-02 06:43 - 000106408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll 2020-04-05 00:55 - 2020-04-02 06:43 - 000071080 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll 2020-04-05 00:55 - 2020-04-02 06:42 - 001686840 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll 2020-04-05 00:55 - 2020-04-02 06:42 - 001366192 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll 2020-04-05 00:55 - 2020-04-02 06:42 - 000546544 _____ C:\WINDOWS\system32\amdmiracast.dll 2020-04-05 00:55 - 2020-04-02 06:42 - 000135160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll 2020-04-05 00:55 - 2020-04-02 06:42 - 000128952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll 2020-04-05 00:55 - 2020-04-02 06:42 - 000128952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll 2020-04-05 00:55 - 2020-04-02 06:42 - 000120072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll 2020-04-05 00:55 - 2020-04-02 06:42 - 000108056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll 2020-04-05 00:55 - 2020-04-02 06:42 - 000108048 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll 2020-04-05 00:55 - 2020-04-01 16:20 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap 2020-04-05 00:55 - 2020-04-01 16:20 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap 2020-04-05 00:55 - 2020-04-01 16:15 - 000543168 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb 2020-04-05 00:55 - 2020-04-01 16:15 - 000543168 _____ C:\WINDOWS\system32\atiapfxx.blb 2020-04-03 05:43 - 2020-04-03 05:43 - 000000735 _____ C:\Users\Renzo\Desktop\DOOM Eternal.lnk 2020-04-03 05:43 - 2020-04-03 05:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOOM Eternal 2020-04-02 18:09 - 2020-04-02 18:09 - 000000867 _____ C:\Users\Renzo\Desktop\osu! - Acceso directo.lnk 2020-03-29 12:26 - 2020-03-29 12:26 - 001193161 _____ C:\WINDOWS\unins002.exe 2020-03-29 12:26 - 2020-03-29 12:26 - 000002841 _____ C:\WINDOWS\unins002.dat 2020-03-29 12:26 - 2020-03-29 12:26 - 000002831 _____ C:\WINDOWS\unins001.dat 2020-03-29 12:26 - 2020-03-29 12:26 - 000000000 ____D C:\Program Files (x86)\Phosgene 2020-03-29 12:26 - 2020-03-29 12:26 - 000000000 ____D C:\Program Files (x86)\Larmkanal 2020-03-29 12:26 - 2020-03-29 12:25 - 001193161 _____ C:\WINDOWS\unins001.exe 2020-03-29 12:26 - 2015-09-02 07:28 - 000034136 _____ (Adoriasoft LLC) C:\WINDOWS\system32\Drivers\Phosgene.sys 2020-03-29 12:25 - 2020-03-29 12:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xiph.Org 2020-03-29 12:25 - 2020-03-29 12:25 - 000000000 ____D C:\Program Files (x86)\Xiph.Org 2020-03-28 09:29 - 2020-03-28 09:29 - 000000000 ____D C:\Users\Renzo\Documents\Holotech 2020-03-28 09:29 - 2020-03-28 09:29 - 000000000 ____D C:\ProgramData\Intel Telemetry 2020-03-28 09:26 - 2015-09-02 07:27 - 000033112 _____ (Adoriasoft LLC) C:\WINDOWS\system32\Drivers\Larmkanal.sys 2020-03-28 09:05 - 2020-03-28 09:05 - 000000000 ____D C:\Program Files (x86)\directx 2020-03-28 08:35 - 2020-03-28 08:35 - 000001091 _____ C:\Users\Renzo\Desktop\DroidCamApp.lnk 2020-03-28 08:35 - 2020-03-28 08:35 - 000000000 ____D C:\Users\Renzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam 2020-03-27 23:00 - 2020-03-27 23:00 - 000000000 ____D C:\adb 2020-03-27 22:12 - 2020-04-08 03:21 - 000000034 _____ C:\ProgramData\droidcam-settings 2020-03-27 22:10 - 2020-03-28 08:35 - 000000000 ____D C:\Program Files (x86)\DroidCam 2020-03-27 11:07 - 2020-03-27 11:07 - 000000000 ____D C:\Users\Renzo\AppData\Roaming\MMFApplications 2020-03-26 10:09 - 2020-03-26 10:10 - 000000000 ____D C:\Users\Renzo\AppData\Roaming\Akatsuki Server Switcher 2020-03-22 23:18 - 2020-03-22 23:18 - 000000000 ____D C:\Users\Renzo\AppData\LocalLow\Leap Game Studios 2020-03-22 00:34 - 2020-03-22 00:34 - 000000595 _____ C:\Users\Renzo\Desktop\EveryonePiano.lnk 2020-03-22 00:34 - 2020-03-22 00:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EveryonePiano 2020-03-21 20:20 - 2020-03-21 20:20 - 000000000 ____D C:\Users\Renzo\AppData\Roaming\gd.sos.McPixel 2020-03-21 19:02 - 2020-03-21 19:02 - 000000000 ____D C:\Users\Renzo\AppData\LocalLow\Infinite Fall 2020-03-21 18:50 - 2020-03-21 18:50 - 000000206 _____ C:\Users\Renzo\Desktop\McPixel.url 2020-03-20 22:22 - 2020-03-20 22:22 - 000000000 ____D C:\Users\Renzo\AppData\LocalLow\Aquiris 2020-03-20 05:46 - 2020-03-20 05:46 - 000000000 ____D C:\Users\Renzo\AppData\Roaming\VEGAS 2020-03-20 05:46 - 2020-03-20 05:46 - 000000000 ____D C:\Users\Renzo\AppData\Local\Sony 2020-03-20 05:46 - 2020-03-20 05:46 - 000000000 ____D C:\Users\Renzo\AppData\Local\Plugin.VegasOfxStitch 2020-03-20 05:46 - 2020-03-20 05:46 - 000000000 ____D C:\Users\Renzo\AppData\Local\Plugin.MxOfxRotation 2020-03-20 05:46 - 2020-03-20 05:46 - 000000000 ____D C:\Users\Renzo\AppData\Local\MAGIX 2020-03-20 05:46 - 2020-03-20 05:46 - 000000000 ____D C:\ProgramData\VEGAS Pro 2020-03-20 05:45 - 2020-03-20 05:46 - 000000000 ____D C:\Users\Renzo\AppData\Roaming\MAGIX 2020-03-20 05:45 - 2020-03-20 05:45 - 000000000 ____D C:\Users\Renzo\AppData\Roaming\VEGAS Pro 2020-03-20 05:45 - 2020-03-20 05:45 - 000000000 ____D C:\Users\Renzo\AppData\Local\VEGAS Pro 2020-03-20 05:42 - 2020-03-20 05:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS 2020-03-20 05:42 - 2020-03-20 05:42 - 000000000 ____D C:\ProgramData\Magix 2020-03-20 05:41 - 2020-03-20 05:41 - 000000000 ____D C:\Users\Renzo\AppData\Local\VEGAS 2020-03-20 05:41 - 2020-03-20 05:41 - 000000000 ____D C:\ProgramData\VEGAS 2020-03-20 05:41 - 2020-03-20 05:41 - 000000000 ____D C:\Program Files\Common Files\OFX 2020-03-20 05:41 - 2020-03-20 05:41 - 000000000 ____D C:\Program Files (x86)\VEGAS 2020-03-20 05:40 - 2020-03-20 05:40 - 000000000 ____D C:\Users\Renzo\AppData\Roaming\Sony ==================== Un mes (modificado) ================== (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2020-04-18 17:07 - 2019-05-31 02:25 - 000000000 ____D C:\Users\Renzo\AppData\Roaming\Discord 2020-04-18 06:20 - 2019-08-17 16:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-04-18 06:20 - 2019-03-19 01:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-04-18 06:08 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-04-18 05:54 - 2019-12-21 22:09 - 000003126 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher 2020-04-18 05:54 - 2019-12-08 16:37 - 000003112 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate 2020-04-18 05:53 - 2019-08-17 16:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-04-18 05:52 - 2019-05-11 23:50 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin 2020-04-18 05:52 - 2019-03-19 01:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2020-04-18 04:30 - 2019-08-04 12:01 - 000000000 ____D C:\Users\Renzo\AppData\Roaming\Spotify 2020-04-18 01:28 - 2019-03-19 01:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2020-04-18 00:02 - 2019-05-14 14:22 - 000000000 ____D C:\Users\Renzo\AppData\Local\D3DSCache 2020-04-17 23:26 - 2019-06-27 12:24 - 000000008 __RSH C:\ProgramData\ntuser.pol 2020-04-17 22:54 - 2019-08-17 16:16 - 000000000 ____D C:\Users\Renzo 2020-04-17 22:53 - 2019-10-13 21:07 - 000000000 ____D C:\Users\Renzo\AppData\Roaming\IObit 2020-04-17 22:30 - 2019-07-22 20:37 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2020-04-17 22:29 - 2019-07-22 20:37 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2020-04-17 22:29 - 2019-07-22 20:37 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2020-04-17 22:25 - 2019-05-11 22:48 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-04-17 22:25 - 2019-05-11 22:48 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2020-04-17 19:06 - 2019-05-23 00:34 - 000000000 ____D C:\Users\Renzo\Desktop\DS4 Windows 2020-04-17 16:08 - 2019-08-23 22:05 - 000000000 ____D C:\Program Files\KMSpico 2020-04-17 00:27 - 2019-03-19 01:52 - 000000000 ___HD C:\Program Files\WindowsApps 2020-04-17 00:20 - 2019-03-19 01:50 - 000000000 ____D C:\WINDOWS\INF 2020-04-16 22:10 - 2019-08-23 22:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico 2020-04-16 14:18 - 2019-05-12 01:02 - 000000000 ____D C:\Users\Renzo\AppData\Local\PlaceholderTileLogoFolder 2020-04-15 19:52 - 2019-10-11 07:09 - 001449920 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll 2020-04-15 19:52 - 2019-10-11 07:09 - 000153528 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll 2020-04-15 19:52 - 2019-10-11 07:09 - 000118200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll 2020-04-15 19:52 - 2019-10-11 07:09 - 000033720 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe 2020-04-15 18:53 - 2019-08-17 16:41 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2925151358-431336194-2568937198-1001 2020-04-15 18:53 - 2019-08-17 16:16 - 000002363 _____ C:\Users\Renzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-04-15 18:53 - 2019-05-11 22:42 - 000000000 ___RD C:\Users\Renzo\OneDrive 2020-04-15 04:13 - 2019-05-11 23:50 - 000000000 ____D C:\ProgramData\Package Cache 2020-04-13 14:55 - 2019-08-04 12:02 - 000000000 ____D C:\Users\Renzo\AppData\Local\Spotify 2020-04-13 12:11 - 2019-08-17 16:09 - 000449200 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2020-04-11 13:40 - 2019-05-12 15:11 - 000000000 ____D C:\Users\Renzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2020-04-10 16:41 - 2019-05-12 14:42 - 000000000 ____D C:\Users\Renzo\AppData\Local\SquirrelTemp 2020-04-09 15:24 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2020-04-09 15:15 - 2019-06-28 20:03 - 000000000 ____D C:\Users\Renzo\AppData\Local\MK11 2020-04-09 01:53 - 2019-05-11 23:49 - 000000000 ____D C:\Program Files\AMD 2020-04-08 03:44 - 2020-02-22 22:49 - 000000000 ____D C:\Users\Renzo\AppData\Local\Voicemod 2020-04-08 03:44 - 2020-02-22 22:49 - 000000000 ____D C:\ProgramData\Voicemod 2020-04-08 03:18 - 2019-06-08 21:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2020-04-07 06:55 - 2019-09-11 00:30 - 000169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameInput.dll 2020-04-07 04:55 - 2019-09-11 00:31 - 000138168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameInput.dll 2020-04-06 02:04 - 2019-12-05 14:30 - 000000000 ____D C:\Users\Renzo\AppData\Roaming\slobs-client 2020-04-05 00:55 - 2019-07-12 13:19 - 000000000 ____D C:\AMD 2020-04-03 16:44 - 2019-10-06 17:30 - 000000000 ____D C:\Users\Renzo\AppData\Local\BitTorrentHelper 2020-04-03 05:27 - 2019-05-17 00:48 - 000000000 ____D C:\Users\Renzo\AppData\Roaming\uTorrent Web 2020-04-02 21:07 - 2019-05-12 14:39 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2020-04-02 17:03 - 2020-03-16 02:00 - 000000000 ____D C:\Users\Renzo\AppData\Local\Battle.net 2020-04-02 06:44 - 2020-03-16 01:19 - 000374696 _____ C:\WINDOWS\SysWOW64\GameManager32.dll 2020-04-02 06:44 - 2020-03-16 01:19 - 000020408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll 2020-04-02 06:43 - 2019-08-26 08:43 - 004095400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll 2020-04-02 06:43 - 2019-08-26 08:43 - 001730984 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll 2020-04-02 06:43 - 2019-07-11 22:13 - 000198120 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll 2020-04-02 06:43 - 2019-07-11 22:13 - 000167720 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll 2020-03-31 17:20 - 2019-05-29 16:51 - 000000000 ____D C:\Program Files\Rockstar Games 2020-03-31 17:20 - 2019-05-29 16:51 - 000000000 ____D C:\Program Files (x86)\Rockstar Games 2020-03-30 16:13 - 2019-05-29 21:06 - 000001244 _____ C:\Users\Renzo\Desktop\Roblox Studio.lnk 2020-03-30 16:13 - 2019-05-29 21:06 - 000000000 ____D C:\Users\Renzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox 2020-03-29 19:25 - 2019-10-30 20:29 - 000000000 ____D C:\Users\Renzo\AppData\Roaming\gcst 2020-03-28 09:28 - 2019-05-11 22:46 - 000000000 ____D C:\ProgramData\Intel 2020-03-28 08:28 - 2019-08-17 16:39 - 001767630 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-03-28 08:28 - 2019-03-19 08:49 - 000783276 _____ C:\WINDOWS\system32\perfh00A.dat 2020-03-28 08:28 - 2019-03-19 08:49 - 000152746 _____ C:\WINDOWS\system32\perfc00A.dat 2020-03-27 22:11 - 2019-06-01 22:29 - 000000000 ____D C:\Users\Renzo\.android 2020-03-26 04:25 - 2019-11-24 15:45 - 000000000 ____D C:\Users\Renzo\BrawlhallaReplays 2020-03-24 21:12 - 2019-05-14 14:21 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2020-03-24 04:56 - 2019-05-12 00:19 - 000000000 ____D C:\Users\Renzo\Documents\My Games 2020-03-21 21:04 - 2019-05-11 22:40 - 000000000 ____D C:\Users\Renzo\AppData\Local\Packages 2020-03-21 01:40 - 2019-09-08 21:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2020-03-21 01:40 - 2019-09-08 21:36 - 000000000 ____D C:\Program Files (x86)\Java 2020-03-21 01:39 - 2019-09-08 21:36 - 000114232 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2020-03-20 18:24 - 2019-08-17 16:41 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2020-03-20 18:24 - 2019-08-17 16:41 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore ==================== Archivos en la raíz de algunos directorios ======== 2019-05-23 16:41 - 2020-03-15 23:55 - 000004583 _____ () C:\Users\Renzo\AppData\Roaming\VoiceMeeterDefault.xml 2019-10-15 17:03 - 2019-10-15 17:13 - 000000071 _____ () C:\Users\Renzo\AppData\Local\update_progress.txt ==================== SigCheck ============================ (No existe una corrección automática para los archivos que no pasan la verificación.) ==================== Final de FRST.txt ========================