¡Hola! Aquí se encuentran los reportes:
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 05-04-2020
Ejecutado por Administrador (administrador) sobre STRAUSS-PC (Gigabyte Technology Co., Ltd. Z170X-Gaming 3) (05-04-2020 23:29:48)
Ejecutado desde D:\Descargas\Programas antivirus
Perfiles cargados: Administrador (Perfiles disponibles: STRAUSS & Administrador)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Español (España, internacional)
Internet Explorer Versión 8 (Navegador predeterminado: FF)
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(@ByELDI -> @ByELDI) [Archivo no firmado] D:\Nueva carpeta (4)\KMSpico\Service_KMS.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe
(Creative Technology Ltd) [Archivo no firmado] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Creative Technology Ltd) [Archivo no firmado] C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB3\Sound Blaster X-Fi MB3\SBXFIMB3.exe
(Digital Wave Ltd -> Digital Wave Ltd) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(GIGABYTE Technology Co.,Ltd.) [Archivo no firmado] C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
(Heidi Computers Ltd -> The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Rivet Networks) [Archivo no firmado] C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(Rivet Networks) [Archivo no firmado] C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
(SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.) C:\Users\Administrador\Desktop\Nueva carpeta\SoftEther VPN Client\vpnclient_x64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-07-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\MBCfg64.dll [38528 2013-07-03] (Creative Technology Ltd -> Creative Technology Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-27] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1074600 2016-08-28] (Heidi Computers Ltd -> The Eraser Project)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [180736 2019-12-10] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [Sound Blaster X-Fi MB 3] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB3\Sound Blaster X-Fi MB3\SBXFIMB3.exe [2112512 2015-06-12] (Creative Technology Ltd) [Archivo no firmado]
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) [Archivo no firmado]
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-09-04] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-273184437-2439110489-3695147089-500\...\Run: [vidnotifier.exe] => C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe
HKU\S-1-5-21-273184437-2439110489-3695147089-500\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-273184437-2439110489-3695147089-500\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-17] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-02] (Adobe Inc. -> Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2016-10-15]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.) [Archivo no firmado]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2016-10-16]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks) [Archivo no firmado]
GroupPolicy\User: Restricción ? <==== ATENCIÓN
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {1A3B8B7F-D6A3-4AB4-A53D-FF8A0DFFC406} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-15] (Google Inc -> Google Inc.)
Task: {304AD081-ED87-4172-B510-EE072DBBBCFB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27295856 2019-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {3697508E-AF0B-4484-AE70-F33301345774} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {38B2A6EA-36B0-4670-B2BA-6FAEDDBF913B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_Plugin.exe [1458232 2020-03-15] (Adobe Inc. -> Adobe)
Task: {3DF0BBB1-C739-49CA-A382-35F945B01817} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {5A26D7AC-CE2D-4764-A245-5B0B7FF695F7} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1430176 2019-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {5B3EBA3B-402C-4172-A6F3-2932B2861E31} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-15] (Google Inc -> Google Inc.)
Task: {6B708B75-754C-410E-AAA0-22FB9A3A24BB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {82BC9233-F6F2-4B8E-A362-D723BACF1B42} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [122344 2019-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {8BE3C23D-D2AB-4A33-A760-1F421D7085DE} - System32\Tasks\AutoPico Daily Restart => D:\Nueva carpeta (4)\KMSpico\AutoPico.exe [737984 2015-08-30] (@ByELDI -> @ByELDI) [Archivo no firmado]
Task: {94672853-0D1B-4477-9FD4-ABD765626A00} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [122344 2019-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {AA0CC1DB-0E07-409F-A941-79AAD38DF61D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {BD87A9D3-2E85-40B6-B1B5-DEE60F3B74AF} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1430176 2019-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {C4A45023-5EE8-427E-A208-3C92AEACE4A8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4470440 2019-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {CA7FAED9-BF92-4098-8285-B4E7616E35CA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27295856 2019-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {DBE831AE-D23B-4FAB-815D-B01AD2B37610} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4470440 2019-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {E4FE3A3B-98EE-4E66-B84C-746FF0A51BE0} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1724928 2020-02-26] () [Archivo no firmado]
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3228D4F3-C47F-45F1-9277-1DCBD8476F27}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{4D7D8BDB-79D2-4B51-89CC-F162BE0B2844}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.infospyware.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-273184437-2439110489-3695147089-500\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-273184437-2439110489-3695147089-500\Software\Microsoft\Internet Explorer\Main,Start Page = google.com.pe
HKU\S-1-5-21-273184437-2439110489-3695147089-500\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-pe/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-11-29] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-11-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-02-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-02-25] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Ningún archivo
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-01-15] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-01-15] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-01-15] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-01-15] (Microsoft Windows -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: blxtqrqy.default-1571091099346
FF ProfilePath: C:\Users\Administrador\AppData\Roaming\Mozilla\Firefox\Profiles\zx4kvwq7.Usuario predeterminado [2020-04-05]
FF ProfilePath: C:\Users\Administrador\AppData\Roaming\Mozilla\Firefox\Profiles\blxtqrqy.default-1571091099346 [2020-04-05]
FF Homepage: Mozilla\Firefox\Profiles\blxtqrqy.default-1571091099346 -> hxxps://www.google.com.pe/
FF NetworkProxy: Mozilla\Firefox\Profiles\blxtqrqy.default-1571091099346 -> type", 0
FF Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\Administrador\AppData\Roaming\Mozilla\Firefox\Profiles\blxtqrqy.default-1571091099346\Extensions\[email protected] [2020-04-05]
FF Extension: (uBlock Origin) - C:\Users\Administrador\AppData\Roaming\Mozilla\Firefox\Profiles\blxtqrqy.default-1571091099346\Extensions\[email protected] [2020-03-10]
FF Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\Administrador\AppData\Roaming\Mozilla\Firefox\Profiles\blxtqrqy.default-1571091099346\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-04-01]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll [2020-03-15] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-11-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-11-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_344.dll [2020-03-15] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-02-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-02-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Ningún archivo]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-25] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Archivo no firmado]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-25] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Archivo no firmado]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems Incorporated -> Adobe Systems)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-04-05]
Chrome:
=======
CHR Profile: C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default [2020-04-05]
CHR DownloadDir: D:\Descargas
CHR Notifications: Default -> hxxps://ww2.ouo.today
CHR StartupUrls: Default -> "hxxps://www.google.com.pe/"
CHR Extension: (Documentos) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-18]
CHR Extension: (Google Drive) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-24]
CHR Extension: (YouTube) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-24]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-04]
CHR Extension: (uBlock Origin) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-02-08]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-24]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-14]
CHR Extension: (Gmail) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-07]
CHR Extension: (Chrome Media Router) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-04]
CHR Profile: C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\System Profile [2020-04-05]
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R2 Bonjour Service; C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe [390504 2017-07-17] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11642472 2019-10-14] (Microsoft Corporation -> Microsoft Corporation)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2016-10-16] (Creative Labs) [Archivo no firmado]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2016-10-16] (Creative Labs) [Archivo no firmado]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [406016 2011-09-14] (Creative Technology Ltd) [Archivo no firmado]
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [441664 2019-10-23] (Digital Wave Ltd -> Digital Wave Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2433232 2019-12-10] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2433232 2019-12-10] (ESET, spol. s r.o. -> ESET)
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-26] (NVIDIA Corporation -> NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Archivo no firmado]
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [353384 2015-11-02] (Intel Corporation - pGFX -> Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [451072 2015-10-06] (Rivet Networks) [Archivo no firmado]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-26] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-26] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Service KMSELDI; D:\Nueva carpeta (4)\KMSpico\Service_KMS.exe [737984 2015-08-30] (@ByELDI -> @ByELDI) [Archivo no firmado]
R2 SEVPNCLIENT; C:\Users\Administrador\Desktop\Nueva carpeta\SoftEther VPN Client\vpnclient_x64.exe [5250712 2018-08-10] (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
S3 WsDrvInst; D:\Fimora9\Video Converter Ultimate\Transfer\DriverInstall.exe [107624 2018-11-13] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R3 ausb3hub; C:\Windows\System32\DRIVERS\ausb3hub.sys [404480 2016-10-16] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
R3 ausb3xhc; C:\Windows\System32\DRIVERS\ausb3xhc.sys [817664 2016-10-16] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [143928 2015-09-16] (Rivet Networks LLC -> Rivet Networks, LLC.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [149144 2019-07-28] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [189232 2019-07-28] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [113336 2019-07-28] (ESET, spol. s r.o. -> ESET)
R3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2014-08-28] (Giga-Byte Technology -> )
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31144 2015-07-29] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [129200 2014-03-12] (Qualcomm Atheros, Inc. -> Qualcomm Atheros, Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [178976 2015-07-28] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0047.sys [38088 2018-08-10] (SoftEther Corporation -> SoftEther Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-26] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Research In Motion Limited)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) ===================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-04-05 23:29 - 2020-04-05 23:30 - 000000000 ____D C:\FRST
2020-04-05 02:02 - 2020-04-05 02:02 - 000000000 ____D C:\Program Files\Malwarebytes
2020-04-05 02:01 - 2020-04-05 02:02 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\ZHP
2020-04-05 02:01 - 2020-04-05 02:01 - 000000000 ____D C:\Users\Administrador\AppData\Local\ZHP
2020-04-05 01:33 - 2020-04-05 01:33 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-04-05 01:33 - 2020-04-05 01:33 - 000002828 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-04-05 01:33 - 2020-04-05 01:33 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-04-05 01:33 - 2020-04-05 01:33 - 000000822 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-04-05 01:33 - 2020-04-05 01:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-04-05 01:33 - 2020-04-05 01:33 - 000000000 ____D C:\Program Files\CCleaner
2020-04-04 15:56 - 2020-04-04 16:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-03-24 16:50 - 2020-03-24 16:50 - 000001594 _____ C:\Users\Administrador\Desktop\savegames - Acceso directo.lnk
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-04-05 23:28 - 2009-07-13 23:45 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-04-05 23:28 - 2009-07-13 23:45 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-04-05 17:37 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2020-04-05 13:48 - 2016-10-16 14:06 - 000000000 ____D C:\Program Files (x86)\Steam
2020-04-05 10:58 - 2016-11-16 06:54 - 000000000 ____D C:\Users\Administrador\AppData\LocalLow\Mozilla
2020-04-05 07:03 - 2016-10-16 00:39 - 000000000 ____D C:\Users\Administrador\Documents\temp
2020-04-05 07:02 - 2016-10-15 23:46 - 000000000 ____D C:\ProgramData\NVIDIA
2020-04-05 07:02 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-04-05 03:29 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\NDF
2020-04-05 02:58 - 2016-10-15 22:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-04-05 01:58 - 2018-01-28 20:32 - 000000000 ____D C:\AdwCleaner
2020-04-05 01:55 - 2019-01-10 07:12 - 000000000 ____D C:\Users\Administrador\AppData\Local\CrashDumps
2020-04-04 19:25 - 2016-10-16 12:40 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-04-04 01:08 - 2016-10-16 02:48 - 000000600 _____ C:\Users\Administrador\PUTTY.RND
2020-04-04 01:08 - 2016-10-16 02:46 - 000000000 ____D C:\Users\Administrador\Desktop\Nueva carpeta
2020-04-02 21:01 - 2017-02-03 17:03 - 000000132 _____ C:\Users\Administrador\AppData\Roaming\Prefs. de formato PNG de Adobe CC
2020-04-02 09:12 - 2009-07-14 00:08 - 000032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-03-21 02:19 - 2016-10-15 22:47 - 000003472 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-21 02:19 - 2016-10-15 22:47 - 000003344 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-17 22:24 - 2016-11-11 06:29 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-03-17 22:23 - 2017-06-20 14:43 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-03-17 17:20 - 2016-10-15 22:48 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-17 17:20 - 2016-10-15 22:48 - 000002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-03-17 17:20 - 2016-10-15 22:48 - 000002181 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-03-16 04:55 - 2018-06-05 15:51 - 000003242 _____ C:\Windows\system32\Tasks\klcp_update
2020-03-16 04:55 - 2018-06-05 15:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2020-03-16 04:55 - 2018-06-05 15:50 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2020-03-15 10:26 - 2018-10-02 21:22 - 000004512 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-03-15 10:25 - 2016-10-16 12:40 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-03-15 10:25 - 2016-10-16 12:40 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-03-15 10:25 - 2016-10-16 12:40 - 000000000 ____D C:\Windows\system32\Macromed
2020-03-15 10:24 - 2016-10-16 00:39 - 000000000 ____D C:\Users\Administrador\AppData\Local\Adobe
==================== Archivos en la raíz de algunos directorios ========
2013-01-19 02:44 - 2013-01-19 02:44 - 002174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2017-02-03 17:13 - 2019-07-26 01:13 - 000000132 _____ () C:\Users\Administrador\AppData\Roaming\Prefs. de formato BMP de Adobe CC
2019-01-15 02:42 - 2019-01-15 02:42 - 000000132 _____ () C:\Users\Administrador\AppData\Roaming\Prefs. de formato GIF de Adobe CC
2017-02-03 17:03 - 2020-04-02 21:01 - 000000132 _____ () C:\Users\Administrador\AppData\Roaming\Prefs. de formato PNG de Adobe CC
2018-05-08 22:54 - 2018-05-08 22:54 - 370217550 _____ () C:\Users\Administrador\AppData\Local\ACCCx4_5_0_331.zip.aamdownload
2018-05-08 22:54 - 2018-05-08 22:54 - 000004071 _____ () C:\Users\Administrador\AppData\Local\ACCCx4_5_0_331.zip.aamdownload.aamd
2019-07-22 03:09 - 2019-07-22 03:09 - 334185379 _____ () C:\Users\Administrador\AppData\Local\ACCCx4_8_2_478.zip.aamdownload
2019-07-22 03:09 - 2019-07-22 03:09 - 000003714 _____ () C:\Users\Administrador\AppData\Local\ACCCx4_8_2_478.zip.aamdownload.aamd
2019-11-23 03:40 - 2019-11-23 03:45 - 341513725 _____ () C:\Users\Administrador\AppData\Local\ACCCx4_9_0_515.zip.aamdownload
2019-11-23 03:40 - 2019-11-23 03:42 - 000003777 _____ () C:\Users\Administrador\AppData\Local\ACCCx4_9_0_515.zip.aamdownload.aamd
2019-07-24 01:48 - 2019-12-10 18:34 - 000001456 _____ () C:\Users\Administrador\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2019-05-19 11:51 - 2019-05-19 11:51 - 000007610 _____ () C:\Users\Administrador\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
LastRegBack: 2020-03-28 13:30
==================== Final de FRST.txt ========================