Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24.10.2018 Ran by alumno (administrator) on PR27-32267864-4 (01-11-2018 17:58:40) Running from C:\Users\alumno\Desktop Loaded Profiles: alumno (Available Profiles: alumno) Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Español (España, internacional) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ESET) C:\Program Files\ESET\ESET Security\ekrn.exe (Intel Corporation) C:\Program Files\Intel\Device Control Service\DeviceControlService.exe () C:\Program Files\Intel Learning Series\Mythware\e-Learning Class V6.0\GATESRV.exe () C:\Program Files\Intel Learning Series\Mythware\e-Learning Class V6.0\MasterHelper.exe () C:\Windows\System32\TVStickDriverLoader.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe () C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe () C:\Program Files\Intel\On Screen Indicator\bin\FnKeyHook.exe (Intel) C:\Archivos de programa\Intel Learning Series\Theft Deterrent\Agent.exe (OEM) C:\Program Files\Intel Learning Series\HDD Protection\HDD Protection\HPUtility.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe () D:\.cache\.b\conigform-windows.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (ESET) C:\Program Files\ESET\ESET Security\egui.exe () C:\Program Files\Intel Learning Series\Mythware\e-Learning Class V6.0\StudentMain.exe (OEM) C:\Program Files\Intel Learning Series\HDD Protection\HDD Protection\HDPService.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Google Inc.) C:\Users\alumno\AppData\Local\Google\Update\GoogleUpdate.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\setup_wm.exe (Google Inc.) C:\Users\alumno\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) C:\Users\alumno\AppData\Local\Google\Update\Install\{2BA3D568-66FC-4B65-B8EE-3523C87393D5}\70.0.3538.77_chrome_installer.exe (Google Inc.) C:\Users\alumno\AppData\Local\Temp\CR_C7919.tmp\setup.exe (Google Inc.) C:\Users\alumno\AppData\Local\Temp\CR_C7919.tmp\setup.exe (Google) C:\Users\alumno\AppData\Local\Google\Chrome\User Data\SwReporter\35.178.200\software_reporter_tool.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8555040 2010-04-06] (Realtek Semiconductor) HKLM\...\Run: [FnKeyHook] => C:\Program Files\Intel\On Screen Indicator\bin\FnKeyHook.exe [114688 2010-05-25] () HKLM\...\Run: [Agent] => C:\Archivos de programa\Intel Learning Series\Theft Deterrent\Agent.exe [303104 2010-07-19] (Intel) HKLM\...\Run: [AlwaysAware Hard-Disk Drive] => C:\Program Files\Intel Learning Series\HDD Protection\HDD Protection\HPUtility.exe [1298432 2010-05-07] (OEM) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [978520 2015-01-30] (Microsoft Corporation) HKLM\...\Run: [ConigFormWindows] => D:\.cache\.b\conigform-windows.exe [5328986 2012-06-04] () HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [296056 2017-10-20] (ESET) HKLM\...\Run: [TNOD UP] => C:\Program Files\TNod\TNODUP.exe [5092864 2017-09-24] (Tukero[X]Team) HKU\S-1-5-21-3796709481-1956429052-69374458-1000\...\Run: [Google Update] => C:\Users\alumno\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [601680 2018-05-28] (Google Inc.) HKU\S-1-5-21-3796709481-1956429052-69374458-1000\...\MountPoints2: {b1be486f-a342-11e1-a10b-68a3c48e6645} - E:\setup.exe -a HKU\S-1-5-21-3796709481-1956429052-69374458-1000\...\MountPoints2: {c5b5abd8-5d36-11e4-bfae-4487fc2da9b8} - E:\iStudio.exe Startup: C:\Users\alumno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de pantalla e Inicio rápido de OneNote 2007.lnk [2012-05-31] ShortcutTarget: Recorte de pantalla e Inicio rápido de OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyEnable: [S-1-5-21-3796709481-1956429052-69374458-1000] => Proxy is enabled. Tcpip\Parameters: [DhcpNameServer] 200.115.192.28 200.115.192.30 200.115.192.89 Tcpip\..\Interfaces\{D04431BF-2985-44F3-A77A-4DB072403F61}: [DhcpNameServer] 200.115.192.28 200.115.192.30 200.115.192.89 Internet Explorer: ================== HKU\S-1-5-21-3796709481-1956429052-69374458-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = www.conectarigualdad.com.ar HKU\S-1-5-21-3796709481-1956429052-69374458-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ar.msn.com/?ocid=iehp BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\alumno\AppData\Roaming\Mozilla\Firefox\Profiles\eudp5cz3.default [2018-11-01] FF NetworkProxy: Mozilla\Firefox\Profiles\eudp5cz3.default -> share_proxy_settings", true FF Extension: (No Name) - C:\Users\alumno\AppData\Roaming\Mozilla\Firefox\Profiles\eudp5cz3.default\extensions\DTToolbar@toolbarnet.com [not found] FF SearchPlugin: C:\Users\alumno\AppData\Roaming\Mozilla\Firefox\Profiles\eudp5cz3.default\searchplugins\daemon-search.xml [2012-05-26] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-11-01] () FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin HKU\S-1-5-21-3796709481-1956429052-69374458-1000: @tools.google.com/Google Update;version=3 -> C:\Users\alumno\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-28] (Google Inc.) FF Plugin HKU\S-1-5-21-3796709481-1956429052-69374458-1000: @tools.google.com/Google Update;version=9 -> C:\Users\alumno\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-28] (Google Inc.) Chrome: ======= CHR DefaultProfile: Default CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Profile: C:\Users\alumno\AppData\Local\Google\Chrome\User Data\Default [2018-11-01] CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\alumno\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2013-03-07] [UpdateUrl: hxxp://www.interoperabilitybridges.com/ChromeWMP/wmpChromeupdates.xml] <==== ATTENTION CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\alumno\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-30] CHR Extension: (Chrome Media Router) - C:\Users\alumno\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-30] StartMenuInternet: Google Chrome.XWHEWMVTIIXMRBL2KLFXWW3T4I - C:\Users\alumno\AppData\Local\Google\Chrome\Application\chrome.exe