Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

My computer is infected

virus malware

  • Please log in to reply

#1
chavo

chavo

    New Member

  • Member
  • Pip
  • 6 posts

Hello! I've tried by formatting my HP laptop model 14-g005la (Energy Star) because it went really slow. But it didn't function because despite doing that it's still functioning very slow. 

Also, i couldn't find the way to make it in english and didn't dare to transalate it by myself, so some parts will be in spanish. If you don't understand but know the way how to do it in english i'll read you! Sorry and thanks!







 

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 05-04-2020
Ejecutado por ivanc (administrador) sobre DESKTOP-PAG6OF6 (Hewlett-Packard HP 14 Notebook PC) (05-04-2020 18:06:23)
Ejecutado desde C:\Users\ivanc\OneDrive\Escritorio
Perfiles cargados: ivanc (Perfiles disponibles: ivanc)
Platform: Windows 10 Home Single Language Versión 1909 18363.592 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Procesos (Lista blanca) =================
 
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
 
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atiesrxx.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\ivanc\AppData\Roaming\uTorrent\helper\helper.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\ivanc\AppData\Roaming\uTorrent\updates\3.5.5_45449\utorrentie.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\ivanc\AppData\Roaming\uTorrent\updates\3.5.5_45449\utorrentie.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\ivanc\AppData\Roaming\uTorrent\uTorrent.exe
(Corel Corporation -> WinZip Computing) C:\Program Files\WinZip\WzPreloader.exe
(Corel Corporation -> WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\ivanc\AppData\Local\Microsoft\OneDrive\19.232.1124.0010\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\ivanc\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.19081.28230.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12624.20368.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12624.20368.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12003.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20022.82.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Qualcomm Atheros -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\ivanc\AppData\Local\WhatsApp\app-0.4.2088\WhatsApp.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\ivanc\AppData\Local\WhatsApp\app-0.4.2088\WhatsApp.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\ivanc\AppData\Local\WhatsApp\app-0.4.2088\WhatsApp.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\ivanc\AppData\Local\WhatsApp\app-0.4.2088\WhatsApp.exe
 
==================== Registro (Lista blanca) ===================
 
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
 
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [735544 2015-08-07] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [108216 2020-04-05] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2020-02-25] (Corel Corporation -> Corel Corporation)
HKLM\...\Run: [WinZip FAH] => C:\Program Files\WinZip\FAHConsole.exe [436704 2020-02-25] (Corel Corporation -> WinZip Computing, S.L.)
HKU\S-1-5-21-1840741467-1113686577-3156136756-1001\...\Run: [GoogleChromeAutoLaunch_FDFA6949E3C41657AB846FE00C95875A] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-1840741467-1113686577-3156136756-1001\...\Run: [uTorrent] => C:\Users\ivanc\AppData\Roaming\uTorrent\uTorrent.exe [1829872 2020-04-05] (BitTorrent Inc -> BitTorrent Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-05] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Precargador WinZip.lnk [2020-04-05]
ShortcutTarget: Precargador WinZip.lnk -> C:\Program Files\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
 
==================== Tareas programadas (Lista blanca) ============
 
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
 
Task: {136C6F2E-8E2F-48CB-85E4-5680E87B43D5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-10-14] (HP Inc. -> HP Inc.)
Task: {297731EC-98A5-4321-BC8D-115C9772E66F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Task: {39F3A2BE-67B4-40C5-99F7-64EAEFFB4F5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-05] (Google LLC -> Google LLC)
Task: {4647A0D3-DE60-4868-9E37-67E197905BF8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-05] (Google LLC -> Google LLC)
Task: {A37468C7-95DD-43ED-A0B3-D90A2176665B} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [3325032 2020-04-05] (Avast Software s.r.o. -> AVAST Software)
Task: {AD522D85-3F81-49A2-924A-428EB9FA840C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-04-05] (Avast Software s.r.o. -> Avast Software)
Task: {BFCC62FF-4242-4E0D-9796-1089FD0B35F8} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent => {61f77d5e-afe9-400b-a5e6-e9e80fc8e601} C:\Windows\System32\RDXTaskFactory.dll [415744 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {C25BF6EB-2BF4-4AC5-8501-A9BC009B02E5} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2020-02-25] (Corel Corporation -> Corel Corporation)
Task: {E37E7C0F-3CCC-42F3-A8E9-8463718F1D93} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2020-02-25] (Corel Corporation -> Corel Corporation)
Task: {EF469890-A36E-4C7D-ACB8-A90658C6FC6C} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2020-02-25] (Corel Corporation -> Corel Corporation)
Task: {F5CFC54A-EB07-4FAD-B0AB-4C7E9539206D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [144248 2019-10-14] (HP Inc. -> HP Inc.)
 
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
 
 
==================== Internet (Lista blanca) ====================
 
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
 
Tcpip\Parameters: [DhcpNameServer] 100.72.3.117 100.72.3.1
Tcpip\..\Interfaces\{b2f7bd64-1e14-42f2-8837-415e8ab09e87}: [DhcpNameServer] 100.72.3.117 100.72.3.1
 
Internet Explorer:
==================
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-04-05] (McAfee, LLC -> McAfee, LLC)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-04-05] (McAfee, LLC -> McAfee, LLC)
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-04-05] [UpdateUrl:hxxps://www.siteadvisor.com/waffinstall/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
 
Chrome: 
=======
CHR Profile: C:\Users\ivanc\AppData\Local\Google\Chrome\User Data\Default [2020-04-05]
CHR DownloadDir: C:\Users\ivanc\OneDrive\Escritorio
CHR Notifications: Default -> hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://google.com.ar/
CHR StartupUrls: Default -> "hxxp://pagina12.com/","hxxps://www.google.com./","hxxp://www.google.com.ar/"
CHR Session Restore: Default -> está habilitado.
CHR Extension: (Presentaciones) - C:\Users\ivanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-05]
CHR Extension: (Documentos) - C:\Users\ivanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-05]
CHR Extension: (Google Drive) - C:\Users\ivanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-05]
CHR Extension: (YouTube) - C:\Users\ivanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-05]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\ivanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-05]
CHR Extension: (Hojas de cálculo) - C:\Users\ivanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-05]
CHR Extension: (Cablevisión Flow) - C:\Users\ivanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfbnbmbkemlokfckhdoaakhjogffkinc [2020-04-05]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\ivanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-05]
CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\ivanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-04-05]
CHR Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\ivanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2020-04-05]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\ivanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-05]
CHR Extension: (Gmail) - C:\Users\ivanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-05]
CHR Extension: (Chrome Media Router) - C:\Users\ivanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-05]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
 
==================== Servicios (Lista blanca) ===================
 
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
 
R2 AMD External Events Utility; C:\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atiesrxx.exe [508000 2019-09-18] (Advanced Micro Devices, Inc. -> AMD)
S2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [104824 2015-08-07] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [5504928 2020-04-05] (Avast Software s.r.o. -> AVAST Software)
R2 AtherosSvc; C:\Windows\System32\drivers\AdminService.exe [416192 2018-11-15] (Qualcomm Atheros -> Windows ® Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [345384 2020-04-05] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [58048 2020-04-05] (Avast Software s.r.o. -> AVAST Software)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [378744 2020-03-31] (HP Inc. -> HP Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [913640 2020-04-05] (McAfee, LLC -> McAfee, LLC)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [303360 2015-07-03] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
 
===================== Controladores (Lista blanca) ===================
 
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
 
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [95080 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atikmdag.sys [55249504 2019-09-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atikmpag.sys [595040 2019-09-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [102832 2019-09-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 amdpsp; C:\Windows\system32\DRIVERS\amdpsp.sys [239976 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
S0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37856 2020-04-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [206120 2020-04-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [234776 2020-04-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [178968 2020-04-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [60696 2020-04-05] (Avast Software s.r.o. -> AVAST Software)
S0 aswElam; C:\Windows\System32\drivers\aswElam.sys [16304 2020-04-05] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42984 2020-04-05] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175920 2020-04-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [492144 2020-04-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109480 2020-04-05] (Avast Software s.r.o. -> AVAST Software)
S0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85056 2020-04-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851808 2020-04-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [459608 2020-04-05] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235696 2020-04-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [317280 2020-04-05] (Avast Software s.r.o. -> AVAST Software)
R3 athr; C:\Windows\System32\drivers\athw8x.sys [4233728 2019-03-19] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [111112 2017-11-17] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 MpKsl57359448; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\MpKsl57359448.sys [58120 2020-04-05] (Microsoft Corporation -> Microsoft Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-29] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)
 
==================== NetSvcs (Lista blanca) ===================
 
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
 
 
==================== Un mes (creado) ===================
 
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
 
2020-04-05 18:03 - 2020-04-05 18:08 - 000000000 ____D C:\FRST
2020-04-05 17:58 - 2020-04-05 17:59 - 002281472 _____ (Farbar) C:\Users\ivanc\Downloads\FRST64.exe
2020-04-05 17:28 - 2020-04-05 17:28 - 000000000 ____D C:\Users\ivanc\AppData\LocalLow\uTorrent
2020-04-05 04:57 - 2020-04-05 05:07 - 000000000 ____D C:\Windows\system32\MRT
2020-04-05 04:56 - 2020-04-05 04:56 - 121542864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-04-05 04:16 - 2020-04-05 04:17 - 130761887 _____ C:\Users\ivanc\Downloads\Apache_OpenOffice_4.1.7_Win_x86_install_es.exe
2020-04-05 03:59 - 2020-04-05 03:59 - 000000000 ____D C:\Windows\system32\Tasks\Hewlett-Packard
2020-04-05 03:59 - 2020-04-05 03:59 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2020-04-05 03:55 - 2020-04-05 03:55 - 000000000 ____D C:\Users\ivanc\AppData\Local\HP
2020-04-05 03:55 - 2020-04-05 03:55 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2020-04-05 03:52 - 2020-04-05 03:52 - 003528096 _____ (Oleg N. Scherbakov) C:\Users\ivanc\Downloads\HPSupportSolutionsFramework-12.13.42.1.exe
2020-04-05 03:33 - 2020-02-11 01:48 - 000390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-04-05 03:33 - 2020-02-11 01:37 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-04-05 03:30 - 2015-07-31 10:20 - 000625848 _____ (Microsoft Corporation) C:\Windows\system32\TBD71F0.tmp
2020-04-05 03:30 - 2015-07-31 10:20 - 000079544 _____ (Microsoft Corporation) C:\Windows\system32\TBD7180.tmp
2020-04-05 03:23 - 2020-04-05 03:25 - 000000000 ____D C:\Users\ivanc\AppData\Local\CrashDumps
2020-04-05 03:22 - 2020-04-05 03:22 - 000000000 ____D C:\Users\ivanc\AppData\Local\D3DSCache
2020-04-05 03:08 - 2020-04-05 03:28 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2020-04-05 03:02 - 2020-04-05 17:31 - 000000000 ____D C:\TORRENTS
2020-04-05 03:00 - 2020-04-05 03:00 - 000034747 _____ C:\Users\ivanc\Downloads\Office-2013-Professional-Plus-Sp1-64bits.torrent
2020-04-05 02:58 - 2020-04-05 02:58 - 000000000 ____D C:\Users\ivanc\AppData\Local\Microsoft Help
2020-04-05 02:57 - 2020-04-05 03:36 - 000000000 ____D C:\Program Files\Microsoft Office
2020-04-05 02:56 - 2020-04-05 02:56 - 000000000 __RHD C:\MSOCache
2020-04-05 02:44 - 2020-04-05 04:17 - 000000000 ___RD C:\Dios es Digital
2020-04-05 02:39 - 2020-04-05 02:49 - 000000000 ____D C:\Users\ivanc\AppData\Local\WinZip
2020-04-05 02:39 - 2020-04-05 02:39 - 000003662 _____ C:\Windows\system32\Tasks\WinZip Update Notifier 2
2020-04-05 02:39 - 2020-04-05 02:39 - 000003660 _____ C:\Windows\system32\Tasks\WinZip Update Notifier 3
2020-04-05 02:39 - 2020-04-05 02:39 - 000003660 _____ C:\Windows\system32\Tasks\WinZip Update Notifier 1
2020-04-05 02:39 - 2020-04-05 02:39 - 000002087 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip.lnk
2020-04-05 02:39 - 2020-04-05 02:39 - 000001987 _____ C:\ProgramData\Escritorio\WinZip.lnk
2020-04-05 02:39 - 2020-04-05 02:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2020-04-05 02:38 - 2020-04-05 02:40 - 000000000 ____D C:\ProgramData\WinZip
2020-04-05 02:38 - 2020-04-05 02:38 - 000000000 ____D C:\Program Files\WinZip
2020-04-05 02:37 - 2020-04-05 02:37 - 000959296 _____ (WinZip Computing) C:\Users\ivanc\Downloads\winzip24-downwz.exe
2020-04-05 02:37 - 2020-04-05 02:37 - 000000000 ____D C:\ProgramData\UniqueId
2020-04-05 02:25 - 2020-04-05 02:25 - 000000000 ____D C:\Users\ivanc\AppData\Roaming\Avast Software
2020-04-05 02:25 - 2020-04-05 02:25 - 000000000 ____D C:\Users\ivanc\AppData\Local\CEF
2020-04-05 02:24 - 2020-04-05 02:24 - 000002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2020-04-05 02:24 - 2020-04-05 02:24 - 000002076 _____ C:\ProgramData\Escritorio\Avast Free Antivirus.lnk
2020-04-05 02:19 - 2020-04-05 02:19 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2020-04-05 02:17 - 2020-04-05 02:17 - 000003990 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-04-05 02:14 - 2020-04-05 02:18 - 000492144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-04-05 02:14 - 2020-04-05 02:14 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2020-04-05 02:14 - 2020-04-05 02:13 - 000459608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-04-05 02:14 - 2020-04-05 02:13 - 000317280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-04-05 02:14 - 2020-04-05 02:13 - 000235696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-04-05 02:14 - 2020-04-05 02:13 - 000175920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-04-05 02:14 - 2020-04-05 02:13 - 000109480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-04-05 02:14 - 2020-04-05 02:13 - 000085056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-04-05 02:14 - 2020-04-05 02:13 - 000042984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-04-05 02:14 - 2020-04-05 02:13 - 000016304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswElam.sys
2020-04-05 02:14 - 2020-04-05 02:12 - 000337048 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-04-05 02:14 - 2020-04-05 02:11 - 000851808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-04-05 02:14 - 2020-04-05 02:11 - 000234776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-04-05 02:14 - 2020-04-05 02:11 - 000206120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-04-05 02:14 - 2020-04-05 02:11 - 000178968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-04-05 02:14 - 2020-04-05 02:11 - 000060696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-04-05 02:14 - 2020-04-05 02:11 - 000037856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-04-05 02:11 - 2020-04-05 17:28 - 000000000 ____D C:\Users\ivanc\AppData\Local\BitTorrentHelper
2020-04-05 02:11 - 2020-04-05 02:22 - 2710019503 ____R C:\Users\ivanc\Downloads\M.OF.16.April.2017.Mul.32X-www.DivxTotaL.com.rar
2020-04-05 02:11 - 2020-04-05 02:11 - 000029711 _____ C:\Users\ivanc\Downloads\M.OF_.16.April_.2017.Mul_.32X-www.DivxTotaL.com_.torrent
2020-04-05 02:10 - 2020-04-05 02:10 - 000000000 ____D C:\Program Files\Avast Software
2020-04-05 02:09 - 2020-04-05 18:10 - 000000000 ____D C:\Users\ivanc\AppData\Roaming\uTorrent
2020-04-05 02:09 - 2020-04-05 02:14 - 000000000 ____D C:\ProgramData\Avast Software
2020-04-05 02:09 - 2020-04-05 02:09 - 000000000 ____D C:\Program Files\McAfee
2020-04-05 02:08 - 2020-04-05 02:08 - 000000000 ____D C:\ProgramData\McAfee
2020-04-05 02:03 - 2020-04-05 02:04 - 002907000 _____ (BitTorrent Inc.) C:\Users\ivanc\Downloads\uTorrent.exe
2020-04-05 01:56 - 2020-04-05 01:56 - 000138240 _____ C:\Users\ivanc\Downloads\Clase2.ppt
2020-04-05 01:56 - 2020-04-05 01:56 - 000138240 _____ C:\Users\ivanc\Downloads\Clase2 (1).ppt
2020-04-05 01:22 - 2020-04-05 01:22 - 000000000 ___HD C:\OneDriveTemp
2020-04-05 01:22 - 2020-04-05 01:22 - 000000000 ____D C:\Users\ivanc\OneDrive\Documentos\Nueva carpeta
2020-04-05 01:22 - 2015-02-03 18:06 - 000000120 ____R C:\Users\ivanc\OneDrive\Documentos\Bloc de notas de ivan.url
2020-04-05 01:20 - 2020-04-05 01:23 - 000000000 ___RD C:\Users\ivanc\OneDrive
2020-04-05 01:20 - 2020-04-05 01:22 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1840741467-1113686577-3156136756-1001
2020-04-05 01:16 - 2020-04-05 17:55 - 000000000 ____D C:\Users\ivanc\AppData\Roaming\WhatsApp
2020-04-05 01:16 - 2020-04-05 01:16 - 000000000 ____D C:\Users\ivanc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2020-04-05 01:14 - 2020-04-05 01:16 - 000000000 ____D C:\Users\ivanc\AppData\Local\WhatsApp
2020-04-05 01:13 - 2020-04-05 01:16 - 000000000 ____D C:\Users\ivanc\AppData\Local\SquirrelTemp
2020-04-05 01:11 - 2020-04-05 01:12 - 130349488 _____ (WhatsApp) C:\Users\ivanc\Downloads\WhatsAppSetup.exe
2020-04-05 01:01 - 2020-04-05 18:05 - 000000000 ____D C:\Users\ivanc\AppData\Local\Comms
2020-04-05 01:00 - 2020-04-05 01:39 - 000000000 ____D C:\ProgramData\Packages
2020-04-05 00:59 - 2020-04-05 00:59 - 000002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-05 00:59 - 2020-04-05 00:59 - 000002334 _____ C:\ProgramData\Escritorio\Google Chrome.lnk
2020-04-05 00:59 - 2020-04-05 00:59 - 000000000 ____D C:\Users\ivanc\AppData\LocalLow\AMD
2020-04-05 00:58 - 2020-04-05 00:58 - 000003622 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-04-05 00:58 - 2020-04-05 00:58 - 000003498 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-04-05 00:58 - 2020-04-05 00:58 - 000000000 ____D C:\Program Files (x86)\Google
2020-04-05 00:57 - 2020-04-05 00:57 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Apfiltr_01009.Wdf
2020-04-05 00:57 - 2020-04-05 00:57 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_amdpsp_01011.Wdf
2020-04-05 00:57 - 2020-04-05 00:57 - 000000000 ____D C:\Windows\SysWOW64\sda
2020-04-05 00:57 - 2020-04-05 00:57 - 000000000 ____D C:\Program Files\Apoint2K
2020-04-05 00:55 - 2020-04-05 00:55 - 000000000 ____D C:\Users\ivanc\AppData\Local\AMD
2020-04-05 00:48 - 2020-04-05 00:49 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2020-04-05 00:47 - 2020-04-05 01:04 - 000000000 ____D C:\Users\ivanc\AppData\Local\Google
2020-04-05 00:47 - 2020-04-05 00:48 - 000000000 ____D C:\Program Files\AMD
2020-04-05 00:47 - 2020-04-05 00:47 - 000000000 ____D C:\Windows\system32\AMD
2020-04-05 00:47 - 2019-09-18 18:05 - 000102832 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdkmpfd.sys
2020-04-05 00:45 - 2020-04-05 00:45 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2020-04-05 00:44 - 2019-09-18 18:05 - 003885152 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 003484256 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 001705568 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 001237088 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 001237088 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 001010696 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 001010696 _____ C:\Windows\system32\vulkan-1.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000941152 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000873640 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000873640 _____ C:\Windows\SysWOW64\vulkan-1.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000768608 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000760928 _____ (AMD) C:\Windows\system32\atieclxx.exe
2020-04-05 00:44 - 2019-09-18 18:05 - 000574048 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000553568 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000493152 _____ C:\Windows\system32\dgtrayicon.exe
2020-04-05 00:44 - 2019-09-18 18:05 - 000484960 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000480352 _____ C:\Windows\system32\GameManager64.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000468576 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000466528 _____ C:\Windows\system32\amdlogum.exe
2020-04-05 00:44 - 2019-09-18 18:05 - 000439904 _____ C:\Windows\system32\atieah64.exe
2020-04-05 00:44 - 2019-09-18 18:05 - 000416864 _____ C:\Windows\system32\EEURestart.exe
2020-04-05 00:44 - 2019-09-18 18:05 - 000383584 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000381536 _____ C:\Windows\SysWOW64\GameManager32.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000352352 _____ C:\Windows\SysWOW64\atieah32.exe
2020-04-05 00:44 - 2019-09-18 18:05 - 000348768 _____ C:\Windows\system32\clinfo.exe
2020-04-05 00:44 - 2019-09-18 18:05 - 000304224 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2020-04-05 00:44 - 2019-09-18 18:05 - 000304224 _____ C:\Windows\system32\vulkaninfo.exe
2020-04-05 00:44 - 2019-09-18 18:05 - 000276064 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-04-05 00:44 - 2019-09-18 18:05 - 000276064 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2020-04-05 00:44 - 2019-09-18 18:05 - 000239200 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000211552 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000183904 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000178752 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000162912 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000158816 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000157592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000152672 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000138336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000135776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000134752 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000125536 _____ (AMD) C:\Windows\system32\atimuixx.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000124000 _____ C:\Windows\system32\atidxx64.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000121440 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000120928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000107104 _____ C:\Windows\SysWOW64\atidxx32.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000105568 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000090720 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mcl64.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000075360 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mcl32.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000070240 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ati2erec.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000046688 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000043616 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000019768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2020-04-05 00:44 - 2019-09-18 18:05 - 000019768 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2020-04-05 00:44 - 2019-09-18 18:04 - 001686000 _____ (AMD) C:\Windows\system32\amf-mft-mjpeg-decoder64.dll
2020-04-05 00:44 - 2019-09-18 18:04 - 001365352 _____ (AMD) C:\Windows\SysWOW64\amf-mft-mjpeg-decoder32.dll
2020-04-05 00:44 - 2019-09-18 18:04 - 000554072 _____ C:\Windows\system32\amdmiracast.dll
2020-04-05 00:44 - 2019-09-18 18:04 - 000472672 _____ C:\Windows\system32\amdgfxinfo64.dll
2020-04-05 00:44 - 2019-09-18 18:04 - 000381536 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2020-04-05 00:44 - 2019-09-18 18:04 - 000134824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2020-04-05 00:44 - 2019-09-18 18:04 - 000128112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2020-04-05 00:44 - 2019-09-18 18:04 - 000128112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2020-04-05 00:44 - 2019-09-18 18:04 - 000119232 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2020-04-05 00:44 - 2019-09-18 18:04 - 000107728 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2020-04-05 00:44 - 2019-09-18 18:04 - 000107728 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2020-04-05 00:44 - 2019-09-18 17:33 - 003471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2020-04-05 00:44 - 2019-09-18 17:33 - 003437632 _____ C:\Windows\system32\atiumd6a.cap
2020-04-05 00:44 - 2019-09-18 17:33 - 000920680 _____ C:\Windows\SysWOW64\atiapfxx.blb
2020-04-05 00:44 - 2019-09-18 17:33 - 000920680 _____ C:\Windows\system32\atiapfxx.blb
2020-04-05 00:44 - 2019-09-18 17:33 - 000204952 _____ C:\Windows\SysWOW64\ativvsvl.dat
2020-04-05 00:44 - 2019-09-18 17:33 - 000204952 _____ C:\Windows\system32\ativvsvl.dat
2020-04-05 00:44 - 2019-09-18 17:33 - 000157144 _____ C:\Windows\SysWOW64\ativvsva.dat
2020-04-05 00:44 - 2019-09-18 17:33 - 000157144 _____ C:\Windows\system32\ativvsva.dat
2020-04-05 00:44 - 2019-09-18 17:33 - 000154384 _____ C:\Windows\system32\samu_krnl_ci.sbin
2020-04-05 00:44 - 2019-09-18 17:33 - 000138832 _____ C:\Windows\system32\samu_krnl_isv_ci.sbin
2020-04-05 00:44 - 2019-09-18 17:33 - 000125488 _____ C:\Windows\system32\kapp_ci.sbin
2020-04-05 00:44 - 2019-09-18 17:33 - 000121168 _____ C:\Windows\system32\kapp_si.sbin
2020-04-05 00:44 - 2019-09-18 17:32 - 000034488 _____ C:\Windows\system32\AMDKernelEvents.man
2020-04-05 00:40 - 2020-04-05 02:58 - 000000000 ____D C:\Users\ivanc\AppData\Local\PlaceholderTileLogoFolder
2020-04-05 00:39 - 2020-04-05 00:39 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2020-04-05 00:38 - 2020-04-05 00:38 - 000000000 ___HD C:\Users\ivanc\MicrosoftEdgeBackups
2020-04-05 00:38 - 2020-04-05 00:38 - 000000000 ____D C:\Users\ivanc\AppData\Local\Publishers
2020-04-05 00:38 - 2020-04-05 00:38 - 000000000 ____D C:\Users\ivanc\AppData\Local\MicrosoftEdge
2020-04-05 00:37 - 2020-04-05 02:58 - 000000000 ____D C:\Users\ivanc\AppData\Local\Packages
2020-04-05 00:37 - 2020-04-05 00:55 - 000000000 ____D C:\Users\ivanc\AppData\Local\ConnectedDevicesPlatform
2020-04-05 00:37 - 2020-04-05 00:38 - 000000000 ____D C:\Users\ivanc\AppData\Local\PackageStaging
2020-04-05 00:37 - 2020-04-05 00:37 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-04-05 00:37 - 2020-04-05 00:37 - 000000000 ___RD C:\Users\ivanc\3D Objects
2020-04-05 00:37 - 2020-04-05 00:37 - 000000000 ____D C:\Users\ivanc\AppData\Roaming\Adobe
2020-04-05 00:37 - 2020-04-05 00:37 - 000000000 ____D C:\Users\ivanc\AppData\Local\VirtualStore
2020-04-05 00:36 - 2020-04-05 00:36 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2020-04-05 00:36 - 2020-04-05 00:36 - 000000000 ____D C:\Windows\system32\SRSLabs
2020-04-05 00:36 - 2020-04-05 00:36 - 000000000 ____D C:\Program Files\Realtek
2020-04-05 00:35 - 2015-07-03 16:24 - 003271912 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2020-04-05 00:35 - 2015-07-03 16:24 - 002966144 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2020-04-05 00:35 - 2015-07-03 16:24 - 001599792 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2020-04-05 00:35 - 2015-07-03 16:24 - 001435144 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2020-04-05 00:35 - 2015-07-03 16:24 - 001331336 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2020-04-05 00:35 - 2015-07-03 16:24 - 001122648 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2020-04-05 00:35 - 2015-07-03 16:24 - 000961024 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2020-04-05 00:35 - 2015-07-03 16:24 - 000749776 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2020-04-05 00:35 - 2015-07-03 16:24 - 000645464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2020-04-05 00:35 - 2015-07-03 16:24 - 000574248 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2020-04-05 00:35 - 2015-07-03 16:24 - 000532384 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2020-04-05 00:35 - 2015-07-03 16:24 - 000467160 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2020-04-05 00:35 - 2015-07-03 16:24 - 000387320 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2020-04-05 00:35 - 2015-07-03 16:24 - 000381416 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2020-04-05 00:35 - 2015-07-03 16:24 - 000343712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2020-04-05 00:35 - 2015-07-03 16:24 - 000341160 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2020-04-05 00:35 - 2015-07-03 16:24 - 000321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2020-04-05 00:35 - 2015-07-03 16:24 - 000321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2020-04-05 00:35 - 2015-07-03 16:24 - 000214840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2020-04-05 00:35 - 2015-07-03 16:24 - 000195184 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2020-04-05 00:35 - 2015-07-03 16:24 - 000166208 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2020-04-05 00:35 - 2015-07-03 16:24 - 000118600 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2020-04-05 00:35 - 2015-07-03 16:24 - 000110992 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2020-04-05 00:35 - 2015-07-03 16:24 - 000088352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2020-04-05 00:35 - 2015-07-03 16:21 - 072121872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2020-04-05 00:35 - 2015-07-03 16:21 - 004515584 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2020-04-05 00:35 - 2015-07-03 16:21 - 002926848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2020-04-05 00:35 - 2015-07-03 16:21 - 002711296 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2020-04-05 00:35 - 2015-07-03 16:21 - 001757440 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2020-04-05 00:35 - 2015-07-03 16:21 - 000259288 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2020-04-05 00:35 - 2015-07-03 16:21 - 000122328 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2020-04-05 00:35 - 2015-07-03 16:21 - 000023704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2020-04-05 00:35 - 2015-07-02 06:43 - 002897741 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2020-04-05 00:33 - 2020-04-05 01:23 - 000000000 ____D C:\Users\ivanc
2020-04-05 00:33 - 2020-04-05 01:21 - 000002401 _____ C:\Users\ivanc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-04-05 00:33 - 2020-04-05 00:33 - 000000020 ___SH C:\Users\ivanc\ntuser.ini
2020-04-05 00:33 - 2020-04-05 00:33 - 000000000 _SHDL C:\Users\ivanc\Reciente
2020-04-05 00:33 - 2020-04-05 00:33 - 000000000 _SHDL C:\Users\ivanc\Plantillas
2020-04-05 00:33 - 2020-04-05 00:33 - 000000000 _SHDL C:\Users\ivanc\Mis documentos
2020-04-05 00:33 - 2020-04-05 00:33 - 000000000 _SHDL C:\Users\ivanc\Menú Inicio
2020-04-05 00:33 - 2020-04-05 00:33 - 000000000 _SHDL C:\Users\ivanc\Impresoras
2020-04-05 00:33 - 2020-04-05 00:33 - 000000000 _SHDL C:\Users\ivanc\Entorno de red
2020-04-05 00:33 - 2020-04-05 00:33 - 000000000 _SHDL C:\Users\ivanc\Datos de programa
2020-04-05 00:33 - 2020-04-05 00:33 - 000000000 _SHDL C:\Users\ivanc\Configuración local
2020-04-05 00:33 - 2020-04-05 00:33 - 000000000 _SHDL C:\Users\ivanc\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2020-04-05 00:33 - 2020-04-05 00:33 - 000000000 _SHDL C:\Users\ivanc\AppData\Local\Historial
2020-04-05 00:33 - 2020-04-05 00:33 - 000000000 _SHDL C:\Users\ivanc\AppData\Local\Datos de programa
2020-04-05 00:33 - 2020-04-05 00:33 - 000000000 _SHDL C:\Users\ivanc\AppData\Local\Archivos temporales de Internet
2020-04-04 19:48 - 2020-04-04 19:22 - 000000000 ____D C:\Windows\Panther
2020-04-04 19:39 - 2020-04-04 19:39 - 000000000 ____D C:\Windows.old
2020-04-04 19:30 - 2020-04-05 01:02 - 001684180 _____ C:\Windows\system32\PerfStringBackup.INI
2020-04-04 19:28 - 2020-04-04 19:28 - 000000000 ____D C:\Windows\minidump
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\Users\Default\Reciente
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\Users\Default\Plantillas
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\Users\Default\Mis documentos
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\Users\Default\Menú Inicio
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\Users\Default\Impresoras
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\Users\Default\Entorno de red
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\Users\Default\Datos de programa
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\Users\Default\Configuración local
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\Users\Default\AppData\Local\Historial
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\Users\Default\AppData\Local\Datos de programa
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\Users\Default\AppData\Local\Archivos temporales de Internet
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\Users\Default User\Reciente
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\Users\Default User\Plantillas
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\Users\Default User\Mis documentos
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\Users\Default User\Menú Inicio
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\Users\Default User\Impresoras
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\Users\Default User\Entorno de red
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\Users\Default User\Datos de programa
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\Users\Default User\Configuración local
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Historial
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Datos de programa
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Archivos temporales de Internet
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\ProgramData\Plantillas
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\ProgramData\Menú Inicio
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\ProgramData\Escritorio
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\ProgramData\Documentos
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\ProgramData\Datos de programa
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\Program Files\Archivos comunes
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\Documents and Settings
2020-04-04 19:24 - 2020-04-04 19:24 - 000000000 _SHDL C:\Archivos de programa
2020-04-04 19:12 - 2020-01-09 18:25 - 002874368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2020-04-04 19:10 - 2020-04-05 00:54 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-04-04 19:10 - 2020-04-04 19:10 - 000000000 ____D C:\Windows\system32\Drivers\wd
2020-04-04 19:09 - 2020-04-04 19:10 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-04-04 19:09 - 2020-04-04 19:09 - 000258152 _____ C:\Windows\system32\FNTCACHE.DAT
2020-04-04 19:09 - 2020-04-04 19:09 - 000000000 ____D C:\Windows\ServiceProfiles
 
==================== Un mes (modificado) ==================
 
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
 
2020-04-05 17:46 - 2019-03-19 01:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-05 17:46 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\AppReadiness
2020-04-05 17:36 - 2019-03-19 01:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-05 17:18 - 2019-03-19 01:37 - 000000000 ____D C:\Windows\CbsTemp
2020-04-05 04:36 - 2019-03-19 01:37 - 000000000 ____D C:\Windows\servicing
2020-04-05 04:33 - 2019-03-19 01:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-04-05 03:35 - 2019-03-19 01:52 - 000000000 ____D C:\Program Files\Common Files\System
2020-04-05 03:35 - 2019-03-19 01:49 - 000000092 _____ C:\Windows\win.ini
2020-04-05 03:08 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\appcompat
2020-04-05 02:58 - 2019-03-19 01:50 - 000000000 ____D C:\Windows\INF
2020-04-05 02:14 - 2019-03-19 01:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-04-05 01:12 - 2019-03-19 09:01 - 000000000 ____D C:\Windows\OCR
2020-04-05 01:12 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\es-MX
2020-04-05 01:02 - 2019-03-19 08:59 - 000753744 _____ C:\Windows\system32\perfh00A.dat
2020-04-05 01:02 - 2019-03-19 08:59 - 000148288 _____ C:\Windows\system32\perfc00A.dat
2020-04-05 00:49 - 2019-03-19 01:37 - 000524288 _____ C:\Windows\system32\config\BBI
2020-04-05 00:31 - 2019-03-19 01:52 - 000000000 ____D C:\ProgramData\USOPrivate
2020-04-04 19:48 - 2019-03-19 01:49 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2020-04-04 19:30 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2020-04-04 19:29 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\ServiceState
2020-04-04 19:28 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\spool
2020-04-04 19:28 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\FxsTmp
2020-04-04 19:24 - 2019-03-19 01:52 - 000000000 ____D C:\Program Files\Windows NT
2020-04-04 19:12 - 2019-03-19 01:52 - 000000000 ___RD C:\Windows\PrintDialog
2020-04-04 19:12 - 2019-03-19 01:52 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2020-04-04 19:11 - 2019-03-19 01:37 - 000032768 _____ C:\Windows\system32\config\ELAM
 
==================== SigCheck ============================
 
(No existe una corrección automática para los archivos que no pasan la verificación.)
 
==================== Final de FRST.txt ========================

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,194 posts
  • MVP

Please post your addition.txt file too.  If you didn't get one, rerun FRST but make sure Addition.txt is checked before hitting SCAN.

 

Also

 

Get Process Explorer

https://live.sysinte...com/procexp.exe

Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.


Copy the next 2 lines:

TASKLIST /SVC  > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.


Get the free version of Speccy:

http://www.filehippo...ownload_speccy/ 

(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.


Best to post the logs as you get them rather than waiting and making one big post.


  • 0

#3
chavo

chavo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Nombre de imagen               PID Servicios                                    
========================= ======== =============================================
System Idle Process              0 N/D                                          
System                           4 N/D                                          
Registry                       104 N/D                                          
smss.exe                       408 N/D                                          
csrss.exe                      616 N/D                                          
wininit.exe                    756 N/D                                          
csrss.exe                      768 N/D                                          
winlogon.exe                   840 N/D                                          
services.exe                   972 N/D                                          
lsass.exe                      988 KeyIso, SamSs, VaultSvc                      
svchost.exe                    580 BrokerInfrastructure, DcomLaunch, LSM,       
                                   PlugPlay, Power, SystemEventsBroker          
fontdrvhost.exe                772 N/D                                          
fontdrvhost.exe                968 N/D                                          
svchost.exe                    900 RpcEptMapper, RpcSs                          
dwm.exe                       1108 N/D                                          
svchost.exe                   1196 AudioEndpointBuilder,                        
                                   DeviceAssociationService,                    
                                   DisplayEnhancementService, DsSvc,            
                                   NcbService, NgcSvc, PcaSvc, StorSvc,         
                                   SysMain, TabletInputService, TrkWks          
svchost.exe                   1256 BTAGService                                  
svchost.exe                   1252 BthAvctpSvc, bthserv, CDPSvc,                
                                   DispBrokerDesktopSvc, EventSystem,           
                                   FontCache, LicenseManager, netprofm, nsi,    
                                   SstpSvc, WdiServiceHost                      
svchost.exe                   1400 Dhcp, EventLog, lmhosts, NgcCtnrSvc,         
                                   TimeBrokerSvc, WinHttpAutoProxySvc           
svchost.exe                   1624 CryptSvc, Dnscache, LanmanWorkstation, NlaSv 
svchost.exe                   1648 Appinfo, iphlpsvc, LanmanServer, lfsvc,      
                                   ProfSvc, Schedule, SENS, ShellHWDetection,   
                                   Themes, TokenBroker, UserManager, UsoSvc,    
                                   Winmgmt, wlidsvc, WpnService                 
dasHost.exe                   1680 N/D                                          
atiesrxx.exe                  1884 AMD External Events Utility                  
svchost.exe                   1980 camsvc, StateRepository                      
svchost.exe                   1032 SSDPSRV                                      
svchost.exe                   1332 CoreMessagingRegistrar, DPS                  
wsc_proxy.exe                 2116 AvastWscReporter                             
Memory Compression            2224 N/D                                          
svchost.exe                   2432 Audiosrv                                     
RtkAudioService64.exe         2508 RtkAudioService                              
RAVBg64.exe                   2584 N/D                                          
svchost.exe                   2656 Wcmsvc                                       
svchost.exe                   2664 DusmSvc                                      
svchost.exe                   2848 WlanSvc                                      
AvastSvc.exe                  2944 avast! Antivirus                             
spoolsv.exe                   3076 Spooler                                      
svchost.exe                   3112 BFE, mpssvc                                  
AdminService.exe              3240 AtherosSvc                                   
svchost.exe                   3264 DiagTrack                                    
HidMonitorSvc.exe             3344 ApHidMonitorService                          
servicehost.exe               3404 McAfee WebAdvisor                            
svchost.exe                   3532 RasMan                                       
aswEngSrv.exe                 2556 N/D                                          
SearchIndexer.exe             1268 WSearch                                      
svchost.exe                   1448 wscsvc                                       
aswidsagent.exe               4196 aswbIDSAgent                                 
WmiPrvSE.exe                  4696 N/D                                          
unsecapp.exe                  1348 N/D                                          
GoogleCrashHandler.exe        3068 N/D                                          
GoogleCrashHandler64.exe      3772 N/D                                          
SgrmBroker.exe                5052 SgrmBroker                                   
Apoint.exe                    3412 N/D                                          
uihost.exe                    2824 N/D                                          
sihost.exe                     852 N/D                                          
svchost.exe                   2004 CDPUserSvc_b6c1a, OneSyncSvc_b6c1a,          
                                   PimIndexMaintenanceSvc_b6c1a,                
                                   UnistoreSvc_b6c1a, UserDataSvc_b6c1a,        
                                   WpnUserService_b6c1a                         
unsecapp.exe                  4036 N/D                                          
taskhostw.exe                 5308 N/D                                          
ctfmon.exe                    5544 N/D                                          
ApMsgFwd.exe                  5720 N/D                                          
explorer.exe                  5824 N/D                                          
ApntEx.exe                    5904 N/D                                          
hidfind.exe                   5912 N/D                                          
conhost.exe                   5936 N/D                                          
svchost.exe                   5236 cbdhsvc_b6c1a                                
dllhost.exe                   3864 N/D                                          
StartMenuExperienceHost.e     6224 N/D                                          
LockApp.exe                   6252 N/D                                          
RuntimeBroker.exe             6376 N/D                                          
RuntimeBroker.exe             6404 N/D                                          
SearchUI.exe                  6604 N/D                                          
RuntimeBroker.exe             6936 N/D                                          
SkypeBackgroundHost.exe       7128 N/D                                          
YourPhone.exe                 7164 N/D                                          
RuntimeBroker.exe             4604 N/D                                          
SettingSyncHost.exe           7208 N/D                                          
SkypeApp.exe                  7512 N/D                                          
SecurityHealthSystray.exe     7624 N/D                                          
SecurityHealthService.exe     7652 SecurityHealthService                        
AvastUI.exe                   7708 N/D                                          
RuntimeBroker.exe             7860 N/D                                          
FAHWindow64.exe               7888 N/D                                          
chrome.exe                    7896 N/D                                          
chrome.exe                    7916 N/D                                          
OneDrive.exe                  7988 N/D                                          
WzPreloader.exe               8092 N/D                                          
chrome.exe                    8160 N/D                                          
chrome.exe                    7276 N/D                                          
chrome.exe                    5392 N/D                                          
RuntimeBroker.exe             6292 N/D                                          
chrome.exe                    2728 N/D                                          
ShellExperienceHost.exe       7700 N/D                                          
AvastUI.exe                   6984 N/D                                          
RuntimeBroker.exe             5636 N/D                                          
SkypeBridge.exe                780 N/D                                          
SystemSettings.exe            9628 N/D                                          
ApplicationFrameHost.exe      9644 N/D                                          
svchost.exe                  10156 WbioSrvc                                     
MicrosoftEdge.exe             2312 N/D                                          
browser_broker.exe            8176 N/D                                          
RuntimeBroker.exe            10052 N/D                                          
MicrosoftEdgeSH.exe           3164 N/D                                          
MicrosoftEdgeCP.exe           6080 N/D                                          
WinStore.App.exe              1568 N/D                                          
RuntimeBroker.exe            11112 N/D                                          
FileCoAuth.exe                1504 N/D                                          
chrome.exe                   10692 N/D                                          
WhatsApp.exe                  9220 N/D                                          
WhatsApp.exe                  9412 N/D                                          
WhatsApp.exe                 10620 N/D                                          
WhatsApp.exe                 10372 N/D                                          
svchost.exe                   2804 InstallService                               
YourPhoneServer.exe           9768 N/D                                          
Microsoft.Photos.exe         10636 N/D                                          
RuntimeBroker.exe             7536 N/D                                          
dllhost.exe                   7412 N/D                                          
chrome.exe                    7836 N/D                                          
chrome.exe                    7984 N/D                                          
HPSupportSolutionsFramewo     7616 HPSupportSolutionsFrameworkService           
HxOutlook.exe                10136 N/D                                          
RuntimeBroker.exe            11624 N/D                                          
HxTsr.exe                     8100 N/D                                          
WindowsInternal.Composabl     9680 N/D                                          
RuntimeBroker.exe            10964 N/D                                          
chrome.exe                   10588 N/D                                          
chrome.exe                   12140 N/D                                          
chrome.exe                   11968 N/D                                          
audiodg.exe                   6640 N/D                                          
chrome.exe                    7312 N/D                                          
procexp.exe                   8668 N/D                                          
procexp64.exe                 2988 N/D                                          
chrome.exe                    1596 N/D                                          
svchost.exe                   2056 AppXSvc, ClipSVC                             
smartscreen.exe               9244 N/D                                          
notepad.exe                  10928 N/D                                          
chrome.exe                    2284 N/D                                          
chrome.exe                    8220 N/D                                          
chrome.exe                    5436 N/D                                          
chrome.exe                   11704 N/D                                          
chrome.exe                    1932 N/D                                          
chrome.exe                    6468 N/D                                          
chrome.exe                   11072 N/D                                          
chrome.exe                   11752 N/D                                          
backgroundTaskHost.exe        9452 N/D                                          
cmd.exe                       6672 N/D                                          
conhost.exe                   7812 N/D                                          
SearchProtocolHost.exe       10432 N/D                                          
SearchFilterHost.exe         10652 N/D                                          
tasklist.exe                  6644 N/D                                          
 

  • 0

#4
chavo

chavo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Ok, i've done everything now.


  • 0

#5
chavo

chavo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Sorry, i didn't attached well the files. Here they go Adittion and the one of speccy.

Attached Files


  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,194 posts
  • MVP

You are missing the Process Explorer log.

 

Since you think the computer is infected let Avast do a boot-time scan tonight while you sleep. 

 

Click on the Avast ball.  Then click on Protection, then on Antivirus, then on Other Scans then on Boot-time Scan.  Click on Install Special Definitions.  Click on Run on Next PC Reboot.

  Reboot and let it run a scan.  It may take hours.
Once it finishes it should load windows.   Mute your speakers so it doesn't wake you up when Windows boots.

When you reboot you will see the scan start.  It will tell you where it saves its log.  Usually it's C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt but it might change so verify the location.   This is a hidden location so you will need to tell Windows to let you see it:

http://www.howtogeek...-windows-vista/

Copy and paste the text from the log to a Reply when done.


 


  • 0

#7
chavo

chavo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

i've done everything but the folder report won't appear, neither the file aswboot.txt.


  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,194 posts
  • MVP

Windows hides these so you need to tell windows to unhide them.

 

Follow the instructions on
http://www.howtogeek...-windows-vista/

 

Then you should be able to see the folder and the file.

 

Alternatively you can open an Elevated Command Prompt

Open an Elevated Command Prompt:

 

win 10: http://www.howtogeek...-in-windows-10/
 

and type:

notepad  "C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt" 

Notepad should open when you hit Enter.


  • 0

#9
chavo

chavo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Is this it??


04/06/2020 20:14
Análisis de C:
 
Análisis de *STARTUP
 
El archivo C:\Users\ivanc\Downloads\HPSupportSolutionsFramework-12.13.42.1.exe|>HPSupportSolutionsFramework.exe|>DummyHPSFExe Error 42127 {El archivo CAB está dañado.}
El archivo C:\Users\ivanc\Downloads\HPSupportSolutionsFramework-12.13.42.1.exe|>HPSupportSolutionsFramework.exe|>HPSimplified_It.ttf Error 42127 {El archivo CAB está dañado.}
Número de carpetas analizadas: 64813
Número de archivos examinados: 765234
Número de archivos infectados: 0

  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,194 posts
  • MVP

That's the Avast boot-time scan log.  Didn't find anything except the file C:\Users\ivanc\Downloads\HPSupportSolutionsFramework-12.13.42.1.exe which it claims was a defective download.  (You should delete it manually.)

 

Still waiting on  the Process Explorer log

 

Get Process Explorer

https://live.sysinte...com/procexp.exe

Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.

 



 


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP