Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 05-02-2022 Ejecutado por 2Tim4del2al4 (administrador) sobre ROSAMCASTRILLON (Acer Aspire S3-391) (06-02-2022 01:12:25) Ejecutado desde C:\Users\Rosa M Castrillon\Desktop Perfiles cargados: 2Tim4del2al4 Plataforma: Microsoft Windows 7 Professional Service Pack 1 (X64) Idioma: Español (España, internacional) Navegador predeterminado: FF Modo de Inicio: Normal ==================== Procesos (Lista blanca) ================= (Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.) () [Archivo no firmado] C:\Program Files (x86)\Flashpaste\Flashpaste.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (AOMEI International Network Limited -> AOMEI International Network Limited) C:\Program Files (x86)\AOMEI\ABService.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe (Crystal Rich Ltd -> Crystal Rich Ltd) C:\Program Files (x86)\USB Safely Remove\USBSRService.exe (Google LLC -> ) C:\Program Files\Google\Drive File Stream\55.0.3.0\crashpad_handler.exe (Greatis Software LLC -> Greatis Software, LLC) C:\Program Files (x86)\BootRacer\BootRacerServ.exe (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Proton Technologies AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe (Proton Technologies AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe (Proton Technologies AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe (Proton Technologies AG -> The OpenVPN Project) C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\openvpn.exe (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe (Softland SRL -> Microsoft) C:\Program Files\Softland\novaPDF 11\Server\novapdfs.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Registro (Lista blanca) =================== (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3017456 2013-07-30] (Synaptics Incorporated -> Synaptics Incorporated) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19572528 2021-12-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618096 2021-12-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3274056 2017-09-23] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKLM\...\Run: [USB Safely Remove] => C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe [7088640 2021-04-28] (Crystal Rich Ltd -> Crystal Rich Ltd) HKLM\...\Run: [] => [X] HKLM\...\Run: [novaPDF 11 nPdf_Softland Tray] => C:\Program Files\Softland\novaPDF 11\Driver\Tray.exe [147776 2021-12-08] (Softland SRL -> ) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-09-17] (Intel Corporation -> Intel Corporation) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation) HKLM\...\Policies\Explorer\Run: [BootRacer] => C:\Program Files (x86)\BootRacer\bootrace.exe [10127200 2021-11-22] (Greatis Software LLC -> Greatis Software) HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 1 HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 1 HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 1 HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 1 HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.) HKU\S-1-5-21-3096733655-4183173044-1789290592-1000\...\Run: [Flashpaste] => C:\Program Files (x86)\Flashpaste\flashpaste.exe [4174848 2021-02-21] () [Archivo no firmado] HKU\S-1-5-21-3096733655-4183173044-1789290592-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.) HKU\S-1-5-21-3096733655-4183173044-1789290592-1000\...\Policies\system: [shell] explorer.exe <==== ATENCIÓN HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.) HKLM\...\Windows x64\Print Processors\SUGS1PC: C:\Windows\System32\spool\prtprocs\x64\SUGS1pc.dll [27648 2006-08-21] (Windows (R) Server 2003 DDK provider) [Archivo no firmado] HKLM\...\Windows x64\Print Processors\usp02PC: C:\Windows\System32\spool\prtprocs\x64\usp02pc.dll [43520 2014-02-24] (Windows (R) Codename Longhorn DDK provider) [Archivo no firmado] HKLM\...\Print\Monitors\novaPDF 11 Port Monitor: C:\Windows\system32\novamn11.dll [18944 2021-12-08] (Softland) [Archivo no firmado] HKLM\...\Print\Monitors\SUGS1 Langmon: C:\Windows\system32\SUGS1l6.dll [22016 2006-12-04] () [Archivo no firmado] HKLM\...\Print\Monitors\us013 Langmon: C:\Windows\system32\us013lm.dll [22528 2017-10-21] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\...\Print\Monitors\usp02 Langmon: C:\Windows\system32\usp02l.dll [29184 2014-04-16] () [Archivo no firmado] ==================== Tareas programadas (Lista blanca) ============ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) Task: {03BAB20A-134D-432A-8B3C-0593DF64240A} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [29862168 2021-11-10] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {0BBB3A67-C69E-4FC9-A5BA-426B88B8FD2A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform) Task: {0C53920D-3341-49B2-B7ED-789617820E73} - System32\Tasks\SU_AutoUpdate => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4551704 2021-12-30] (IObit CO., LTD -> IObit) Task: {0CFF4804-59E4-46EF-A85E-A7888AC5FF3E} - System32\Tasks\{8AE19180-3B17-4BD2-9262-57F81CD769F5} => C:\Program Files (x86)\WonderFox Soft\WonderFox DVD Video Converter\WonderFox DVD Video Converter.exe [7125328 2021-08-23] (WonderFox Soft, Inc. -> WonderFox Soft, Inc) Task: {0E3F3390-7B6D-4CBA-BD4F-13768881EBC0} - System32\Tasks\{FD7A4F98-B764-46EE-9948-F84A50A8A6B0} => C:\Program Files (x86)\ AV Vcs 7.0\VcsCore.exe [488448 2019-04-23] (AVSOFT Corp.) [Archivo no firmado] Task: {183F2E36-3E86-4A31-8A47-8D1B6D844297} - System32\Tasks\{5EB2ABCF-C8C1-43F3-A48D-44830105B6A3} => C:\Program Files (x86)\ AV Vcs 7.0\VcsCore.exe [488448 2019-04-23] (AVSOFT Corp.) [Archivo no firmado] Task: {19271202-771C-493D-B8F1-767C80E3A75E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-09-27] (Google Inc -> Google Inc.) Task: {1AA7E7D7-D8C8-4663-8151-92B61B63CBA9} - System32\Tasks\{EBA3DA24-E9E4-4EB1-9FFD-ACB1BE35EE7E} => C:\Program Files (x86)\ AV Vcs 7.0\VcsCmd.exe [280528 2019-09-18] (Audio and Video Software Corporation -> AVSOFT Corp.) Task: {212FE3EE-F530-4D93-9A56-1AC62B2930C2} - System32\Tasks\Driver Booster SkipUAC (2Tim4del2al4) => C:\Program Files (x86)\IObit\Driver Booster\9.1.0\DriverBooster.exe [8625176 2021-12-14] (IObit CO., LTD -> IObit) Task: {21E5A7D4-2E5F-4AC0-B61B-37465F964B90} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {2221B157-3FB1-48A9-AFE9-9E9942099605} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233224 2011-11-25] (Intel® Services Manager -> Intel Corporation) Task: {300D80D5-F5F0-44DC-B35D-98D636DDFCA5} - System32\Tasks\Wise Care 365 => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe -StartTray (Ningún archivo) Task: {405A7343-9932-4B56-B435-1C8A6F9681A3} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2648424 2021-10-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {4FD81B04-E61B-44D9-B9CF-32463F48940D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {693A2131-7F8D-4952-B601-9FBDB5A9E5C8} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233224 2011-11-25] (Intel® Services Manager -> Intel Corporation) Task: {6E34078F-11C4-424E-BC42-0FD813307BC7} - System32\Tasks\{0ECDD18A-27F2-4815-9A1A-CBA2C15D2A25} => C:\Program Files (x86)\ AV Vcs 7.0\VcsCore.exe [488448 2019-04-23] (AVSOFT Corp.) [Archivo no firmado] Task: {72F7DF1E-35E9-4BE7-A37E-12E1E78CF3A5} - System32\Tasks\{E19FFDA8-B50E-4073-92F8-070EC7B9238A} => C:\Program Files (x86)\ AV Vcs 7.0\VcsCore.exe [488448 2019-04-23] (AVSOFT Corp.) [Archivo no firmado] Task: {7994F4F9-3177-4750-8513-4BD49BA8D590} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.) Task: {79D5B335-6839-46D3-9462-B31B4437056C} - System32\Tasks\{F0EB1398-C6DD-434D-8054-732BAD333B14} => C:\Program Files (x86)\ AV Vcs 7.0\VcsCore.exe [488448 2019-04-23] (AVSOFT Corp.) [Archivo no firmado] Task: {7A40B522-C0CE-4085-BAC6-05180D0560A1} - \GU5SkipUAC -> Ningún archivo <==== ATENCIÓN Task: {7EC3C1F8-2E68-4593-ABE8-8444099A273D} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2022-01-22] () [Archivo no firmado] Task: {93355F4B-BEEB-4F2C-95AE-77D582B8E24A} - System32\Tasks\{ED76418D-CA20-48AC-85CC-E84D7A70F523} => C:\Program Files (x86)\ AV Vcs 7.0\VcsCore.exe [488448 2019-04-23] (AVSOFT Corp.) [Archivo no firmado] Task: {95CCEE50-41A9-423E-A086-7870CD7867D7} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [237216 2021-11-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {982FA38B-5CFD-4D43-BE62-5BDCCE231EE0} - System32\Tasks\CCleanerSkipUAC - 2Tim4del2al4 => C:\Program Files\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd) Task: {985175AE-74A3-4B4D-9035-8D0106054B6D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-09-27] (Google Inc -> Google Inc.) Task: {9A14DD2F-B964-4A71-932B-E7595D06BA36} - System32\Tasks\{5AC3C23A-9C65-419F-843A-6BAC8191AA14} => C:\Program Files (x86)\ AV Vcs 7.0\VcsCmd.exe [280528 2019-09-18] (Audio and Video Software Corporation -> AVSOFT Corp.) Task: {9C85118F-69E1-49A0-BD99-56649F8A8AF4} - System32\Tasks\Software Updater Scheduler => C:\Program Files (x86)\IObit\Software Updater\SUInit.exe [1794584 2021-04-14] (IObit CO., LTD -> IObit) <==== ATENCIÓN Task: {9D974BE4-25EF-4529-AA85-E239672A4A0B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.) Task: {BFC37667-4428-447E-BC29-CAAEA2B6B473} - System32\Tasks\Avira_Security_Update => C:\Windows\system32\net.exe [55808 2009-07-13] (Microsoft Windows -> Microsoft Corporation) Task: {C321EE10-87C2-4F43-B6C8-8319541AD184} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {CAB739D8-F10D-4A82-A20B-016D9C348878} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work => C:\Windows\system32\WorkFoldersSystemTray.exe [98304 2015-09-04] (Microsoft Windows -> Microsoft Corporation) Task: {DDF6613E-0A08-4238-AD33-ADF348054D06} - System32\Tasks\Wise Turbo Checker => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe (Ningún archivo) Task: {E2BB1538-993D-4376-98FE-5CDE091CD941} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\9.1.0\AutoUpdate.exe [2462744 2021-11-10] (IObit CO., LTD -> IObit) Task: {F6FEA9A8-4C17-4F09-A514-5B496118FBBC} - System32\Tasks\{BF499A69-F653-41A8-AAB1-567B6C6B994E} => C:\Program Files (x86)\ AV Vcs 7.0\VcsCore.exe [488448 2019-04-23] (AVSOFT Corp.) [Archivo no firmado] Task: {F86EA8FB-FB5D-4AAB-B5F3-D787A915FD44} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1673272 2021-11-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {FB55B2A1-B863-4B11-81AC-D3E9821DA2F0} - \GU5SkipUAC -> Ningún archivo <==== ATENCIÓN Task: {FCD67DC9-62F2-40D4-8A4B-28DD89421A32} - System32\Tasks\Software Updater SkipUAC(2Tim4del2al4) => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4551704 2021-12-30] (IObit CO., LTD -> IObit) <==== ATENCIÓN (Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.) Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\Windows\Tasks\Wise Care 365.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe Task: C:\Windows\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe ==================== Internet (Lista blanca) ==================== (Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.) HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATENCIÓN (Restricción - Zones) Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Ningún archivo Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Ningún archivo Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Ningún archivo Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Ningún archivo Tcpip\Parameters: [DhcpNameServer] 10.82.0.1 Tcpip\..\Interfaces\{3F66D715-CAAC-4DEF-81C6-31F9F3F12E32}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{6E710C85-C801-45B7-8154-73DA602617E2}: [DhcpNameServer] 10.82.0.1 Tcpip\..\Interfaces\{D7B569BC-91F2-4109-B20B-DA59BDF55A66}: [DhcpNameServer] 185.123.227.250 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Rosa M Castrillon\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-01] Edge StartupUrls: Default -> "hxxps://www.google.com/?hl=es&gws_rd=ssl" Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip] Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle] FireFox: ======== FF DefaultProfile: wgmpbu3l.default-1490483075583-1625818640919 FF ProfilePath: C:\Users\Rosa M Castrillon\AppData\Roaming\Mozilla\Firefox\Profiles\wgmpbu3l.default-1490483075583-1625818640919 [2022-02-06] FF Homepage: Mozilla\Firefox\Profiles\wgmpbu3l.default-1490483075583-1625818640919 -> hxxps://www.google.com/?hl=es FF Extension: (Avira Navegación segura) - C:\Users\Rosa M Castrillon\AppData\Roaming\Mozilla\Firefox\Profiles\wgmpbu3l.default-1490483075583-1625818640919\Extensions\abs@avira.com.xpi [2022-01-17] FF Extension: (Convert Gmail™ to PDF (locally)) - C:\Users\Rosa M Castrillon\AppData\Roaming\Mozilla\Firefox\Profiles\wgmpbu3l.default-1490483075583-1625818640919\Extensions\{371c3edd-c535-46a6-b2eb-a7fba7090766}.xpi [2021-09-21] FF Extension: (Complemento inhabilitación Google Analytics) - C:\Users\Rosa M Castrillon\AppData\Roaming\Mozilla\Firefox\Profiles\wgmpbu3l.default-1490483075583-1625818640919\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2021-07-15] [UpdateUrl:hxxps://tools.google.com/service/update2/ff?guid=%ITEM_ID%&version=%ITEM_VERSION%&application=%APP_ID%&appversion=%APP_VERSION%] FF Plugin: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-01-21] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-01-21] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1235205.dll [2019-03-15] (Adobe Systems, Inc.) [Archivo no firmado] FF Plugin-x32: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-01-21] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-01-21] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Profile 1 CHR Profile: C:\Users\Rosa M Castrillon\AppData\Local\Google\Chrome\User Data\Default [2022-02-01] CHR HomePage: Default -> hxxps://www.google.com/?gfe_rd=cr&ei=HlHrV9mzLpDQ8Aew_oq4Cg&gws_rd=ssl,cr&fg=1 CHR StartupUrls: Default -> "hxxps://www.google.com/?gws_rd=cr&ei=hhOEUvTDEZeosASagoHQBg","hxxps://www.google.com/?gfe_rd=cr&ei=HlHrV9mzLpDQ8Aew_oq4Cg&gws_rd=ssl,cr&fg=1" CHR Extension: (Chrome Media Router) - C:\Users\Rosa M Castrillon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07] CHR Profile: C:\Users\Rosa M Castrillon\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-02-01] CHR Extension: (Presentaciones de Google) - C:\Users\Rosa M Castrillon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-24] CHR Extension: (Google Docs) - C:\Users\Rosa M Castrillon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-24] CHR Extension: (Google Drive) - C:\Users\Rosa M Castrillon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-24] CHR Extension: (YouTube) - C:\Users\Rosa M Castrillon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-24] CHR Extension: (Hojas de cálculo de Google) - C:\Users\Rosa M Castrillon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-24] CHR Extension: (Documentos de Google sin conexión) - C:\Users\Rosa M Castrillon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-24] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Rosa M Castrillon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-04] CHR Extension: (Gmail) - C:\Users\Rosa M Castrillon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-24] CHR Extension: (Chrome Media Router) - C:\Users\Rosa M Castrillon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-26] CHR Profile: C:\Users\Rosa M Castrillon\AppData\Local\Google\Chrome\User Data\System Profile [2022-02-01] CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] ==================== Servicios (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.) S3 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated) S3 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1206648 2021-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [485048 2021-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [485048 2021-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574832 2022-01-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S3 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.) R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2989160 2021-08-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [382944 2022-01-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [275320 2021-11-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [273536 2021-11-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [159080 2021-04-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 Backupper Service; C:\Program Files (x86)\AOMEI\ABService.exe [1088560 2021-12-15] (AOMEI International Network Limited -> AOMEI International Network Limited) R2 BootRacerServ; C:\Program Files (x86)\BootRacer\BootRacerServ.exe [100704 2021-08-03] (Greatis Software LLC -> Greatis Software, LLC) S3 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-19] (Microsoft Corporation -> Microsoft Corporation) S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7972536 2022-01-22] (Malwarebytes Inc -> Malwarebytes) R2 NovaPdf11Server; C:\Program Files\Softland\novaPDF 11\Server\novapdfs.exe [52032 2021-12-08] (Softland SRL -> Microsoft) R3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [116840 2021-12-20] (Proton Technologies AG -> ) R3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [65128 2021-12-20] (Proton Technologies AG -> ) S3 ProtonVPN WireGuard; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.WireGuardService.exe [50792 2021-12-20] (Proton Technologies AG -> ) S3 reaConverter_service; C:\Program Files (x86)\reaConverter 7 Standard ES\rc_service.exe [5760000 2021-03-30] (reaConverter LLC) [Archivo no firmado] R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2019-12-17] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [933304 2019-12-17] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12986664 2021-12-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R2 USBSafelyRemoveService; C:\Program Files (x86)\USB Safely Remove\USBSRService.exe [1401856 2021-04-28] (Crystal Rich Ltd -> Crystal Rich Ltd) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2016-03-25] (Microsoft Windows -> Microsoft Corporation) ===================== Controladores (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [51120 2019-05-14] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [38320 2019-05-14] (CHENGDU AOMEI Tech Co., Ltd. -> ) R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [68152 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [221600 2021-10-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [177112 2021-02-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36072 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [35376 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R1 googledrivefs3688; C:\Windows\System32\DRIVERS\googledrivefs3688.sys [384016 2022-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.) R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2017-05-17] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk]) S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-07-14] (Malwarebytes Inc -> Malwarebytes) R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2018-12-19] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) R3 PCWinSoft; C:\Windows\System32\DRIVERS\scrcamhrdrv_x64.sys [241800 2012-10-11] (PCWinSoft Systems Informatica Ltda -> Windows (R) Server 2003 DDK provider) R3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [39448 2021-05-06] (Avira Operations GmbH & Co. KG -> The OpenVPN Project) R3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win7\ProtonVPN.CalloutDriver.sys [25824 2021-05-28] (Proton Technologies AG -> Proton Technologies AG) S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 tapprotonvpn; C:\Windows\System32\DRIVERS\tapprotonvpn.sys [39696 2020-12-30] (Proton Technologies AG -> The OpenVPN Project) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2016-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.) R3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [21504 2008-12-26] (AVSOFT CORP. -> Avnex) R3 wintun; C:\Windows\System32\DRIVERS\wintun.sys [29680 2021-10-06] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) S3 WireGuard; C:\Windows\System32\DRIVERS\wireguard.sys [489368 2021-12-03] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) S3 WiseHDInfo; C:\Windows\WiseHDInfo64.dll [33864 2020-12-26] (Beijing Lang Xingda Network Technology Co., Ltd -> wisecleaner.com) S3 WiseRegNotify; C:\Windows\WiseRegNotify.sys [51272 2020-12-26] (Beijing Lang Xingda Network Technology Co., Ltd -> WiseCleaner.com) ==================== NetSvcs (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) ==================== Un mes (creado) (Lista blanca) ========= (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2022-02-06 01:12 - 2022-02-06 01:14 - 000032267 _____ C:\Users\Rosa M Castrillon\Desktop\FRST.txt 2022-02-06 01:11 - 2022-02-06 01:13 - 000000000 ____D C:\FRST 2022-02-06 01:06 - 2022-02-06 01:06 - 002311680 _____ (Farbar) C:\Users\Rosa M Castrillon\Desktop\FRST64.exe 2022-02-06 00:04 - 2022-02-06 00:04 - 000000000 ___HD C:\Users\Rosa M Castrillon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\STARTUP- 2022-02-06 00:04 - 2022-02-06 00:04 - 000000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup- 2022-02-04 04:14 - 2022-02-04 04:14 - 000000187 _____ C:\Users\Rosa M Castrillon\Documents\Fuerzas armadas.txt 2022-02-03 01:14 - 2022-02-03 01:14 - 008632585 _____ C:\Users\Rosa M Castrillon\Documents\josefino Febrero -2022-Colombia.pdf 2022-02-02 03:47 - 2022-02-02 04:25 - 000001705 _____ C:\Users\Rosa M Castrillon\Documents\FileWhopper.txt 2022-02-02 03:40 - 2022-02-02 03:40 - 000000759 _____ C:\Users\Rosa M Castrillon\Downloads\FileWhopper-og44ir.zip 2022-02-01 04:44 - 2022-02-01 04:44 - 000002077 _____ C:\Users\Rosa M Castrillon\Documents\AdwCleaner[C00].txt 2022-02-01 04:41 - 2022-02-01 04:43 - 000000000 ____D C:\AdwCleaner 2022-02-01 03:58 - 2022-02-01 03:58 - 000001997 _____ C:\Users\Rosa M Castrillon\Documents\Malwarebytes - 01-02-2022.txt 2022-02-01 01:07 - 2022-02-01 01:08 - 008540344 _____ (Malwarebytes) C:\Users\Rosa M Castrillon\Desktop\adwcleaner_8.3.1.exe 2022-02-01 00:55 - 2022-02-01 00:55 - 009072145 _____ C:\Users\Rosa M Castrillon\Downloads\AshampooPhotoRecovery105-la48ru.zip 2022-01-31 23:47 - 2022-01-25 13:23 - 000384016 _____ (Google, Inc.) C:\Windows\system32\Drivers\googledrivefs3688.sys 2022-01-30 04:34 - 2022-01-30 04:35 - 081482488 _____ (WonderFox Soft, Inc.) C:\Users\Rosa M Castrillon\Downloads\hd-video-converter-pro(2).exe 2022-01-30 03:33 - 2022-01-30 03:33 - 007588172 _____ C:\Users\Rosa M Castrillon\Documents\ÚLTIMA EDICIÓN 7 DGOS. a San José (1).pdf 2022-01-28 01:01 - 2022-01-28 23:49 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-01-28 00:59 - 2022-01-28 00:59 - 000016090 _____ C:\Users\Rosa M Castrillon\Documents\OpenHardwareMonitor.Report.txt 2022-01-28 00:56 - 2022-01-28 00:57 - 000000000 ____D C:\Users\Rosa M Castrillon\Desktop\Nueva carpeta 2022-01-28 00:55 - 2022-01-28 00:55 - 000503277 _____ C:\Users\Rosa M Castrillon\Downloads\openhardwaremonitor-v0.9.6.zip 2022-01-26 23:59 - 2022-01-27 00:00 - 149315971 _____ C:\Users\Rosa M Castrillon\Downloads\WebSiteX5Start17-mc09id.zip 2022-01-25 00:13 - 2022-01-25 00:13 - 022840679 _____ ( ) C:\Users\Rosa M Castrillon\Downloads\klcp_update_1677_20220122.exe 2022-01-25 00:10 - 2022-01-25 00:11 - 050192923 _____ (KLCP ) C:\Users\Rosa M Castrillon\Downloads\K-Lite_Codec_Pack_1670_Full.exe 2022-01-24 05:29 - 2022-01-24 05:30 - 000619173 _____ C:\Users\Rosa M Castrillon\Documents\Vacunación Covid bajo investigación criminal en Inglaterra.pdf 2022-01-24 02:54 - 2022-01-24 02:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenCamera 2022-01-24 02:54 - 2022-01-24 02:55 - 000000000 ____D C:\Program Files (x86)\ScreenCamera 2022-01-24 02:54 - 2022-01-24 02:54 - 000001031 _____ C:\Users\Public\Desktop\ScreenCamera.lnk 2022-01-24 02:54 - 2022-01-08 00:38 - 000053248 _____ (PCWinSoft Software ) C:\Windows\SysWOW64\BSwitch.ax 2022-01-24 02:45 - 2022-01-24 02:46 - 006274962 _____ C:\Users\Rosa M Castrillon\Downloads\Screencamera311-kw92xi.zip 2022-01-23 04:56 - 2022-01-23 04:56 - 000000044 _____ C:\Users\Rosa M Castrillon\Documents\Only Fans.txt 2022-01-19 02:18 - 2022-01-19 02:18 - 000002124 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials Radio SE 2022.lnk 2022-01-19 01:54 - 2022-01-19 01:57 - 118433173 _____ C:\Users\Rosa M Castrillon\Downloads\AudialsRadio2022SE-of92wu.zip 2022-01-19 01:41 - 2022-01-19 01:42 - 051200848 _____ (Digiarty Software, Inc. ) C:\Users\Rosa M Castrillon\Downloads\winx-hd-converter-deluxe.exe 2022-01-19 01:34 - 2022-01-19 01:34 - 000000929 _____ C:\Users\Rosa M Castrillon\Documents\WinX HD Video Converter Deluxe_2.txt 2022-01-19 01:28 - 2022-01-19 01:29 - 051011387 _____ C:\Users\Rosa M Castrillon\Downloads\WinXHDVideoConverterDeluxe5168-do93eu.zip 2022-01-16 06:20 - 2022-01-16 06:20 - 000219056 _____ C:\Users\Rosa M Castrillon\Documents\Imperdible - ¡La variante Omicron otra farsa! - Es el 5G junto al grafeno lo que enferma.pdf 2022-01-14 00:14 - 2022-01-14 00:14 - 000001203 _____ C:\Users\Rosa M Castrillon\Desktop\Softdiv PDF Split and Merge.lnk 2022-01-14 00:14 - 2022-01-14 00:14 - 000000000 ____D C:\ProgramData\Softdiv PDF Split and Merge 2022-01-14 00:14 - 2022-01-14 00:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Softdiv PDF Split and Merge 2022-01-14 00:14 - 2022-01-14 00:14 - 000000000 ____D C:\Program Files (x86)\Softdiv PDF Split and Merge 2022-01-13 23:56 - 2005-02-02 16:07 - 001773568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2022-01-13 23:56 - 2003-12-22 08:20 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\W95INF32.DLL 2022-01-13 23:56 - 2003-12-22 08:20 - 000002272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\W95INF16.DLL 2022-01-13 23:56 - 2002-07-05 19:13 - 000045056 _____ (DGPDev) C:\Windows\SysWOW64\CxxProgressBar.ocx 2022-01-13 23:53 - 2022-01-13 23:53 - 000000782 _____ C:\Users\Rosa M Castrillon\Documents\Softdiv PDF Split and Merge.txt 2022-01-13 23:50 - 2022-01-13 23:50 - 008082918 _____ C:\Users\Rosa M Castrillon\Downloads\SoftdivPDFSplitandMerge10-db27sh.zip 2022-01-12 23:42 - 2022-01-12 23:42 - 000000025 ___SH C:\Users\Rosa M Castrillon\AppData\Roaming\flipfs.bin 2022-01-12 23:42 - 2022-01-12 23:42 - 000000008 ___SH C:\Users\Rosa M Castrillon\AppData\Roaming\flip64.ts 2022-01-12 23:41 - 2022-01-13 23:37 - 000000000 ____D C:\Users\Rosa M Castrillon\AppData\Roaming\FlipPDFPlusPro 2022-01-12 23:41 - 2022-01-13 23:36 - 000000000 ____D C:\Users\Rosa M Castrillon\AppData\Roaming\com.wonderidea.newflippdfpro 2022-01-12 23:38 - 2022-01-12 23:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flip PDF Plus Pro 2022-01-12 23:36 - 2022-01-12 23:38 - 000000000 ____D C:\Program Files\Flip PDF Plus Pro 2022-01-12 23:25 - 2022-01-12 23:33 - 000001197 _____ C:\Users\Rosa M Castrillon\Documents\Flip PDF Plus Pro.txt 2022-01-12 23:16 - 2022-01-12 23:23 - 283004215 _____ C:\Users\Rosa M Castrillon\Downloads\FlipPDFPlusPro3112-pp93wu.zip 2022-01-12 23:05 - 2022-01-12 23:11 - 284782406 _____ C:\Users\Rosa M Castrillon\Downloads\Flip_PDF_Plus_Pro_x64.zip 2022-01-11 23:00 - 2022-01-11 23:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProtonVPN 2022-01-10 03:03 - 2022-01-10 03:04 - 016177856 _____ (IObit ) C:\Users\Rosa M Castrillon\Downloads\iobit-software-updater-setup.exe 2022-01-07 00:56 - 2022-01-07 00:56 - 007884532 _____ C:\Users\Rosa M Castrillon\Documents\josefino Enero -2022-Colombia.pdf 2022-01-07 00:37 - 2022-01-07 00:37 - 000001353 _____ C:\Users\Rosa M Castrillon\Desktop\Duplicate File Finder Plus.lnk 2022-01-07 00:35 - 2022-01-07 00:35 - 000002022 _____ C:\Users\Rosa M Castrillon\Documents\Duplicate File Finder Plus.txt 2022-01-07 00:33 - 2022-01-07 00:33 - 005833558 _____ C:\Users\Rosa M Castrillon\Downloads\DuplicateFileFinderPlus210-pf09ru.zip 2022-01-07 00:31 - 2022-01-07 00:31 - 001058192 _____ (TriSun Software Limited ) C:\Users\Rosa M Castrillon\Downloads\duplicate-file-finder-plus.exe 2022-01-07 00:06 - 2022-01-07 00:22 - 000001300 _____ C:\Users\Rosa M Castrillon\Documents\Leawo Music Recorder_1.txt 2022-01-07 00:03 - 2022-01-07 00:04 - 045526119 _____ C:\Users\Rosa M Castrillon\Downloads\LeawoMusicRecorder3004-sp27ay.zip ==================== Un mes (modificado) ================== (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2022-02-06 01:09 - 2016-11-21 12:14 - 000000000 ____D C:\Users\Rosa M Castrillon\AppData\LocalLow\Mozilla 2022-02-06 01:04 - 2016-09-27 10:40 - 000000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job 2022-02-06 00:40 - 2016-09-27 06:49 - 000000000 ____D C:\Program Files (x86)\Google 2022-02-06 00:25 - 2020-06-22 18:17 - 000002225 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-02-06 00:25 - 2020-06-22 18:17 - 000002184 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2022-02-06 00:17 - 2019-02-05 23:02 - 000000000 ____D C:\ProgramData\Mozilla 2022-02-06 00:16 - 2019-11-05 03:29 - 000000000 ____D C:\Program Files\CCleaner 2022-02-06 00:16 - 2009-07-13 23:45 - 000036608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2022-02-06 00:16 - 2009-07-13 23:45 - 000036608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2022-02-06 00:11 - 2021-04-27 02:40 - 000000000 ____D C:\Program Files (x86)\BootRacer 2022-02-06 00:05 - 2021-12-22 01:49 - 000000000 ____D C:\Program Files (x86)\AOMEI 2022-02-06 00:05 - 2021-04-28 02:34 - 001519616 _____ C:\Users\Public\Documents\bootracer.his 2022-02-06 00:05 - 2021-04-27 02:40 - 000000503 _____ C:\Users\Public\Documents\bootracer.ini 2022-02-06 00:05 - 2019-05-07 02:52 - 000000624 _____ C:\Windows\SysWOW64\AbBakConfig.dat 2022-02-06 00:05 - 2019-05-07 02:50 - 000000432 _____ C:\Windows\SysWOW64\winsevr.dat 2022-02-06 00:05 - 2016-09-27 07:20 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2022-02-06 00:04 - 2020-12-26 02:05 - 000000414 _____ C:\Windows\Tasks\Wise Care 365.job 2022-02-06 00:04 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-02-05 02:27 - 2021-10-29 04:09 - 000000000 ____D C:\Users\Rosa M Castrillon\Documents\Apowersoft PDF Converter 2022-02-05 02:00 - 2020-12-26 02:05 - 000000442 _____ C:\Windows\Tasks\Wise Turbo Checker.job 2022-02-04 23:55 - 2017-12-27 00:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google 2022-02-04 05:41 - 2021-11-09 04:51 - 000003292 _____ C:\Windows\system32\Tasks\Avira_Antivirus_Systray 2022-02-04 04:20 - 2021-07-04 02:47 - 000000000 ____D C:\Users\Rosa M Castrillon\Documents\Despoblación mundial 2022-02-04 01:56 - 2021-11-20 02:33 - 000000000 ____D C:\Users\Rosa M Castrillon\AppData\Roaming\Flashpaste 2022-02-03 06:12 - 2020-11-26 02:53 - 000000000 ____D C:\Users\Rosa M Castrillon\AppData\Roaming\Allavsoft 2022-02-02 23:53 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\NDF 2022-02-02 23:47 - 2010-11-21 02:09 - 000740574 _____ C:\Windows\system32\perfh00A.dat 2022-02-02 23:47 - 2010-11-21 02:09 - 000154034 _____ C:\Windows\system32\perfc00A.dat 2022-02-02 23:47 - 2009-07-14 00:13 - 001695294 _____ C:\Windows\system32\PerfStringBackup.INI 2022-02-02 23:47 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf 2022-02-01 04:49 - 2020-07-15 21:59 - 000000000 ____D C:\Users\Rosa M Castrillon\AppData\Roaming\MPC-HC 2022-02-01 04:48 - 2020-11-01 23:50 - 000000000 ____D C:\Users\Rosa M Castrillon\AppData\Local\CrashDumps 2022-02-01 04:43 - 2020-08-24 02:57 - 000000000 ____D C:\Users\Rosa M Castrillon\AppData\Roaming\IObit 2022-02-01 04:33 - 2020-09-19 01:11 - 000000000 ____D C:\ProgramData\ProductData 2022-01-31 23:48 - 2021-09-25 00:12 - 000001980 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2022-01-31 23:48 - 2021-09-25 00:12 - 000001822 _____ C:\Users\Default\Desktop\Google Slides.lnk 2022-01-31 23:48 - 2021-09-25 00:12 - 000001822 _____ C:\Users\Default\Desktop\Google Sheets.lnk 2022-01-31 23:48 - 2021-09-25 00:12 - 000001810 _____ C:\Users\Default\Desktop\Google Docs.lnk 2022-01-30 04:42 - 2021-10-20 00:42 - 000001462 _____ C:\Users\Rosa M Castrillon\Desktop\HD Video Converter Factory Pro.lnk 2022-01-28 23:49 - 2018-03-27 01:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-01-28 04:57 - 2021-10-09 00:08 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2022-01-28 00:05 - 2020-10-31 02:08 - 000003480 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA1d6ae9f9bc3a8d3 2022-01-28 00:05 - 2020-06-22 18:16 - 000003352 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-01-25 05:53 - 2018-12-27 03:07 - 000001310 _____ C:\Users\Public\Desktop\Skype.lnk 2022-01-25 05:53 - 2018-12-27 03:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2022-01-25 05:40 - 2020-11-22 03:42 - 000003416 _____ C:\Windows\system32\Tasks\SU_AutoUpdate 2022-01-25 05:14 - 2020-10-31 02:37 - 000000000 ____D C:\Users\Rosa M Castrillon\AppData\Local\Spotify 2022-01-25 05:14 - 2020-10-31 02:34 - 000000000 ____D C:\Users\Rosa M Castrillon\AppData\Roaming\Spotify 2022-01-25 00:15 - 2020-06-22 19:48 - 000003242 _____ C:\Windows\system32\Tasks\klcp_update 2022-01-25 00:15 - 2020-06-22 19:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2022-01-25 00:15 - 2020-06-22 19:47 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack 2022-01-23 02:06 - 2020-09-03 03:24 - 000000000 ____D C:\Users\Rosa M Castrillon\Documents\Aiseesoft Studio 2022-01-22 04:48 - 2021-07-14 04:12 - 000001928 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2022-01-22 04:48 - 2021-07-14 04:12 - 000001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2022-01-22 04:44 - 2021-07-14 04:10 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-01-22 04:44 - 2021-07-14 04:07 - 000000000 ____D C:\Program Files\Malwarebytes 2022-01-22 04:41 - 2020-09-03 03:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aiseesoft 2022-01-21 05:51 - 2020-11-22 03:42 - 000002126 _____ C:\Users\Public\Desktop\IObit Software Updater.lnk 2022-01-21 05:50 - 2021-11-01 05:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2022-01-21 05:50 - 2018-03-12 01:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2022-01-21 05:49 - 2020-08-25 22:28 - 000192736 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2022-01-21 05:49 - 2020-08-25 22:27 - 000000000 ____D C:\Program Files\Java 2022-01-21 05:47 - 2021-06-22 23:58 - 000165600 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2022-01-21 05:46 - 2021-06-22 23:58 - 000000000 ____D C:\Program Files (x86)\Java 2022-01-21 02:48 - 2022-01-03 03:06 - 000003128 _____ C:\Windows\system32\Tasks\Driver Booster Update 2022-01-21 02:48 - 2022-01-03 03:06 - 000002884 _____ C:\Windows\system32\Tasks\Driver Booster SkipUAC (2Tim4del2al4) 2022-01-21 02:35 - 2016-09-27 07:08 - 000003472 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2022-01-21 02:35 - 2016-09-27 07:08 - 000003344 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2022-01-19 02:20 - 2021-10-06 23:55 - 000000000 ____D C:\Users\Rosa M Castrillon\AppData\Local\Audials 2022-01-19 02:17 - 2021-10-06 23:55 - 000000000 ____D C:\ProgramData\Audials 2022-01-19 02:17 - 2021-02-17 02:58 - 000000000 ____D C:\Program Files (x86)\Audials 2022-01-19 01:45 - 2020-12-08 21:53 - 000001450 _____ C:\Users\Rosa M Castrillon\Desktop\WinX HD Video Converter Deluxe.lnk 2022-01-15 03:44 - 2018-09-21 20:58 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2022-01-15 03:42 - 2016-09-27 16:43 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2022-01-13 02:27 - 2009-07-14 00:08 - 000032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2022-01-12 05:06 - 2021-12-21 00:13 - 000002095 _____ C:\Users\Public\Desktop\Aiseesoft Data Recovery.lnk 2022-01-11 23:28 - 2017-01-19 18:22 - 000000000 ____D C:\Windows\system32\MRT 2022-01-11 23:17 - 2017-01-19 18:21 - 145765912 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2022-01-11 23:00 - 2021-11-25 23:36 - 000001167 _____ C:\Users\Public\Desktop\ProtonVPN.lnk 2022-01-11 23:00 - 2021-11-25 23:33 - 000000000 ____D C:\Users\Rosa M Castrillon\AppData\Local\ProtonVPN 2022-01-11 23:00 - 2021-11-09 04:21 - 000000000 ____D C:\Program Files (x86)\Proton Technologies 2022-01-11 23:00 - 2021-11-01 04:39 - 000000000 ____D C:\Users\Rosa M Castrillon\AppData\Roaming\Proton Technologies AG 2022-01-11 04:00 - 2016-09-29 18:48 - 000000000 ____D C:\Users\Rosa M Castrillon\AppData\Local\ElevatedDiagnostics 2022-01-11 03:25 - 2021-06-17 02:48 - 000000000 ____D C:\Users\Rosa M Castrillon\AppData\Roaming\USBSafelyRemove 2022-01-10 03:08 - 2021-07-24 04:58 - 000003124 _____ C:\Windows\system32\Tasks\Software Updater Scheduler 2022-01-10 03:08 - 2020-11-22 03:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Software Updater 2022-01-07 00:38 - 2020-10-09 02:44 - 000000000 ____D C:\Users\Rosa M Castrillon\AppData\Local\TriSun_Software_Limited 2022-01-07 00:37 - 2021-08-26 01:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TSS 2022-01-07 00:37 - 2021-08-26 01:45 - 000000000 ____D C:\Program Files (x86)\TSS ==================== Archivos en la raíz de algunos directorios ======== 2021-12-22 01:49 - 2021-12-15 15:27 - 000494640 _____ (AOMEI International Network Limited) C:\Program Files (x86)\ABLaucher.exe 2021-12-22 01:49 - 2021-03-19 15:11 - 000018432 _____ () C:\Program Files (x86)\Uninstall.exe 2022-01-12 23:42 - 2022-01-12 23:42 - 000000008 ___SH () C:\Users\Rosa M Castrillon\AppData\Roaming\flip64.ts 2022-01-12 23:42 - 2022-01-12 23:42 - 000000025 ___SH () C:\Users\Rosa M Castrillon\AppData\Roaming\flipfs.bin 2021-10-03 00:31 - 2017-10-28 20:20 - 000000002 _____ () C:\Users\Rosa M Castrillon\AppData\Roaming\paclan.ini 2020-07-05 19:41 - 2021-04-22 01:34 - 000000328 _____ () C:\Users\Rosa M Castrillon\AppData\Roaming\PPTConverter.log 2020-11-18 01:45 - 2020-11-18 01:45 - 000000000 _____ () C:\Users\Rosa M Castrillon\AppData\Local\oobelibMkey.log 2021-02-05 03:31 - 2021-02-05 03:31 - 000002870 _____ () C:\Users\Rosa M Castrillon\AppData\Local\recently-used.xbel 2020-09-03 03:22 - 2020-09-03 03:49 - 000007597 _____ () C:\Users\Rosa M Castrillon\AppData\Local\Resmon.ResmonCfg 2021-04-30 03:47 - 2021-04-30 03:47 - 000000112 _____ () C:\Users\Rosa M Castrillon\AppData\Local\Support.ini ==================== SigCheck ============================ (No existe una corrección automática para los archivos que no pasan la verificación.) LastRegBack: 2019-05-06 01:05 ==================== Final de FRST.txt ========================