Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x86) Versión: 20-09-2020 Ejecutado por User (administrador) sobre USUARIO-ACC9883 (Hewlett-Packard Compaq Presario C700 Notebook PC) (20-09-2020 22:43:13) Ejecutado desde C:\Documents and Settings\User\Escritorio Perfiles cargados: User Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Idioma: Español (alfabetización internacional) Navegador predeterminado: Chrome Modo de Inicio: Normal Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesos (Lista blanca) ================= (Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.) (Google Inc -> Google Inc.) C:\Archivos de programa\Google\Update\GoogleUpdate.exe (Igor Pavlov) [Archivo no firmado] C:\ARCHIV~1\ARCHIV~1\KENEKO~1\Kiner.exe <2> (Microsoft Windows Component Publisher -> Microsoft Corporation) C:\WINDOWS\system32\alg.exe (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\WINDOWS\system32\hkcmd.exe (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\WINDOWS\system32\igfxpers.exe (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe ==================== Registro (Lista blanca) =================== (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.) HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [134656 2010-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) HKLM\...\Run: [HotKeysCmds] => C:\WINDOWS\system32\hkcmd.exe [166912 2010-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) HKLM\...\Run: [Persistence] => C:\WINDOWS\system32\igfxpers.exe [135680 2010-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) HKLM\...\Run: [Adobe ARM] => C:\Archivos de programa\Archivos comunes\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [High Definition Audio Property Page Shortcut] => C:\WINDOWS\system32\CHDAudPropShortcut.exe [61952 2006-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Server 2003 DDK provider) HKLM\...\Run: [AdobeCS4ServiceManager] => C:\Archivos de programa\Archivos comunes\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKU\S-1-5-21-1960408961-879983540-1606980848-1003\...\Run: [AdobeBridge] => [X] HKU\S-1-5-18\...\Run: [Chromium] => "c:\documents and settings\networkservice\configuración local\datos de programa\chromium\application\chrome.exe" --profile-directory="Default" --auto-launch-at-startup --restore-last-session HKLM\...\Windows NT x86\Print Processors\winprint: localspl.dll HKLM\...\Print\Monitors\BJ Language Monitor: C:\WINDOWS\system32\cnbjmon.dll [50176 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\...\Print\Monitors\PJL Language Monitor: C:\WINDOWS\system32\pjlmon.dll [15360 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> C:\WINDOWS\inf\unregmp2.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [>{26923b43-4d38-484f-9b9e-de460746276c}] -> C:\WINDOWS\system32\shmgrate.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] -> C:\WINDOWS\system32\shmgrate.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] -> HKLM\Software\Microsoft\Active Setup\Installed Components: [{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> C:\Archivos de programa\Outlook Express\setup50.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] -> C:\WINDOWS\system32\advpack.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{5945c046-1e7d-11d1-bc44-00c04fd912be}] -> C:\WINDOWS\system32\advpack.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> C:\WINDOWS\system32\advpack.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{7790769C-0471-11d2-AF11-00C04FA35D02}] -> C:\Archivos de programa\Outlook Express\setup50.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Archivos de programa\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe [2017-12-06] (Google Inc -> Google Inc.) HKLM\Software\...\Winlogon\GPExtensions: [{C631DF4C-088F-4156-B058-4375F0853CD8}] -> C:\WINDOWS\System32\cscui.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) GroupPolicy: Restricción ? <==== ATENCIÓN CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN ==================== Tareas programadas============================= (Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.) Task: C:\WINDOWS\Tasks\Adobe Flash Player NPAPI Notifier.job => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_387_pepper.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\At16.job => C:\ARCHIV~1\ARCHIV~1\NOBATA~1\Sync.exe Task: C:\WINDOWS\Tasks\At42.job => C:\ARCHIV~1\ARCHIV~1\KENEKO~1\Kiner.exe Task: C:\WINDOWS\Tasks\At43.job => C:\ARCHIV~1\ARCHIV~1\KENEKO~1\Kiner.exe Task: C:\WINDOWS\Tasks\At44.job => C:\ARCHIV~1\ARCHIV~1\KENEKO~1\Kiner.exe Task: C:\WINDOWS\Tasks\At45.job => C:\ARCHIV~1\ARCHIV~1\HEBEKI~1\Denuko.exe Task: C:\WINDOWS\Tasks\At53.job => C:\ARCHIV~1\ARCHIV~1\HEBEKI~1\Denuko.exe Task: C:\WINDOWS\Tasks\At54.job => C:\ARCHIV~1\ARCHIV~1\Ketunab\Pemem.exe Task: C:\WINDOWS\Tasks\At56.job => C:\ARCHIV~1\ARCHIV~1\HEBEKI~1\Denuko.exe Task: C:\WINDOWS\Tasks\At69.job => C:\ARCHIV~1\ARCHIV~1\MOTEBO~1\Pilabo.exe Task: C:\WINDOWS\Tasks\At71.job => C:\ARCHIV~1\ARCHIV~1\BOBEKO~1\Gahucel.exe Task: C:\WINDOWS\Tasks\At72.job => C:\ARCHIV~1\ARCHIV~1\BOBEKO~1\Gahucel.exe Task: C:\WINDOWS\Tasks\At74.job => C:\ARCHIV~1\ARCHIV~1\Cobenopi\Narutufo.exe Task: C:\WINDOWS\Tasks\At77.job => C:\ARCHIV~1\ARCHIV~1\LAKULE~1\Melosu.exe Task: C:\WINDOWS\Tasks\At78.job => C:\ARCHIV~1\ARCHIV~1\LAKULE~1\Melosu.exe Task: C:\WINDOWS\Tasks\At79.job => C:\ARCHIV~1\ARCHIV~1\LAKULE~1\Melosu.exe Task: C:\WINDOWS\Tasks\At80.job => C:\ARCHIV~1\ARCHIV~1\SOPODA~1\Lalip.exe Task: C:\WINDOWS\Tasks\At82.job => C:\ARCHIV~1\ARCHIV~1\Hagefite\Nabep.exe Task: C:\WINDOWS\Tasks\At83.job => C:\ARCHIV~1\ARCHIV~1\Hagefite\Nabep.exe Task: C:\WINDOWS\Tasks\At84.job => C:\ARCHIV~1\ARCHIV~1\SANOMA~1\Necesu.exe Task: C:\WINDOWS\Tasks\At85.job => C:\ARCHIV~1\ARCHIV~1\PEMETA~1\Rahonol.exe Task: C:\WINDOWS\Tasks\At97.job => C:\ARCHIV~1\ARCHIV~1\Litama\Laducale.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Archivos de programa\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Archivos de programa\Google\Update\GoogleUpdate.exe ==================== Internet (Lista blanca) ==================== (Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.) Tcpip\..\Interfaces\{B5342795-98A6-4F95-A1FC-F55D3EF3FDFB}: [NameServer] 8.8.4.4,8.8.8.8 FireFox: ======== FF ProfilePath: C:\Documents and Settings\User\Datos de programa\Mozilla\Firefox\Profiles\axmor3m4.default-1436885834421 [2017-03-25] FF Homepage: C:\Documents and Settings\User\Datos de programa\Mozilla\Firefox\Profiles\axmor3m4.default-1436885834421 -> hxxps://www.google.com.ar/ FF NewTab: C:\Documents and Settings\User\Datos de programa\Mozilla\Firefox\Profiles\axmor3m4.default-1436885834421 -> about:newtab FF Notifications: C:\Documents and Settings\User\Datos de programa\Mozilla\Firefox\Profiles\axmor3m4.default-1436885834421 -> hxxps://www.olx.com.ar FF Extension: (Pin It button) - C:\Documents and Settings\User\Datos de programa\Mozilla\Firefox\Profiles\axmor3m4.default-1436885834421\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2015-09-08] [Heredado] FF Extension: (Adblock Plus) - C:\Documents and Settings\User\Datos de programa\Mozilla\Firefox\Profiles\axmor3m4.default-1436885834421\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-27] [Heredado] FF Extension: (Application Update Service Helper) - C:\Archivos de programa\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi [2017-03-15] [Heredado] [no firmado] FF Extension: (Multi-process staged rollout) - C:\Archivos de programa\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi [2017-03-15] [Heredado] [no firmado] FF Extension: (Pocket) - C:\Archivos de programa\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi [2017-03-15] [Heredado] [no firmado] FF Extension: (Web Compat) - C:\Archivos de programa\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi [2017-03-15] [Heredado] [no firmado] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-09] () [Archivo no firmado] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Archivos de programa\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Archivos de programa\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN -> VideoLAN) [Archivo no firmado] FF Plugin: Adobe Reader -> C:\Archivos de programa\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1960408961-879983540-1606980848-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\User\Configuración local\Datos de programa\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-08] (Unity Technologies SF -> Unity Technologies ApS) StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= CHR Profile: C:\Documents and Settings\User\Configuración local\Datos de programa\Google\Chrome\User Data\Default [2001-01-01] CHR Notifications: Default -> hxxps://www.gtaller.com.ar; hxxps://www.gtaller.com.ar CHR DefaultSearchURL: Default -> hxxp://selected-search.com/search?q={searchTerms}& CHR DefaultSearchKeyword: Default -> ss CHR Extension: (Presentaciones) - C:\Documents and Settings\User\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16] CHR Extension: (Selected Search) - C:\Documents and Settings\User\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\afgeoapebnkefelmpoepnmjiflidjjce [2020-05-07] CHR Extension: (Documentos) - C:\Documents and Settings\User\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16] CHR Extension: (Google Drive) - C:\Documents and Settings\User\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-22] CHR Extension: (The Search Selector) - C:\Documents and Settings\User\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\bhdinjalofclbacjijgifpahcnjapclb [2020-04-20] CHR Extension: (YouTube) - C:\Documents and Settings\User\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-25] CHR Extension: (Search Selector) - C:\Documents and Settings\User\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\egenicdiafgbhogabodhpfcbcgnpocip [2020-04-05] CHR Extension: (Hojas de cálculo) - C:\Documents and Settings\User\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16] CHR Extension: (Documentos de Google sin conexión) - C:\Documents and Settings\User\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-28] CHR Extension: (AdBlock) - C:\Documents and Settings\User\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-08-21] CHR Extension: (Search Selector) - C:\Documents and Settings\User\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\iicdcmjmlnliniifciehlchmdepfndfn [2020-05-07] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Documents and Settings\User\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-01] CHR Extension: (Gmail) - C:\Documents and Settings\User\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-20] CHR HKLM\...\Chrome\Extension: [afgeoapebnkefelmpoepnmjiflidjjce] CHR HKLM\...\Chrome\Extension: [bhdinjalofclbacjijgifpahcnjapclb] CHR HKLM\...\Chrome\Extension: [bkfajajhmehapdgmgjejilcbjmhmebkl] CHR HKLM\...\Chrome\Extension: [egenicdiafgbhogabodhpfcbcgnpocip] CHR HKLM\...\Chrome\Extension: [ehlceeijggpdgfcefmipcmdelickjgfg] CHR HKLM\...\Chrome\Extension: [iicdcmjmlnliniifciehlchmdepfndfn] CHR HKLM\...\Chrome\Extension: [jbngmbppahpdnhonimbkfbajibhknbek] CHR HKLM\...\Chrome\Extension: [oonbcpdabjcggcklopgbdagbfnkhbgbe] CHR HKU\.DEFAULT\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [afgeoapebnkefelmpoepnmjiflidjjce] CHR HKU\.DEFAULT\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bhdinjalofclbacjijgifpahcnjapclb] CHR HKU\.DEFAULT\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [iicdcmjmlnliniifciehlchmdepfndfn] CHR HKU\.DEFAULT\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oonbcpdabjcggcklopgbdagbfnkhbgbe] CHR HKU\.DEFAULT\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pfnciekpafndamlomnebbfophenfehbc] CHR HKU\S-1-5-21-1960408961-879983540-1606980848-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bkfajajhmehapdgmgjejilcbjmhmebkl] CHR HKU\S-1-5-21-1960408961-879983540-1606980848-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [egenicdiafgbhogabodhpfcbcgnpocip] CHR HKU\S-1-5-21-1960408961-879983540-1606980848-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ehlceeijggpdgfcefmipcmdelickjgfg] CHR HKU\S-1-5-21-1960408961-879983540-1606980848-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jbngmbppahpdnhonimbkfbajibhknbek] CHR HKU\S-1-5-21-1960408961-879983540-1606980848-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oonbcpdabjcggcklopgbdagbfnkhbgbe] - ==================== Servicios (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe) [Archivo no firmado] S3 FLEXnet Licensing Service; C:\Archivos de programa\Archivos comunes\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [655624 2016-11-06] (Acresso Software Inc. -> Acresso Software Inc.) S2 gupdate; C:\Archivos de programa\Google\Update\GoogleUpdate.exe [144200 2017-03-25] (Google Inc -> Google Inc.) S3 gupdatem; C:\Archivos de programa\Google\Update\GoogleUpdate.exe [144200 2017-03-25] (Google Inc -> Google Inc.) S2 HPSupportSolutionsFrameworkService; C:\Archivos de programa\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company -> Hewlett-Packard Company) S3 MozillaMaintenance; C:\Archivos de programa\Mozilla Maintenance Service\maintenanceservice.exe [172488 2017-03-15] (Mozilla Corporation -> Mozilla Foundation) S3 odserv; C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\ODSERV.EXE [441136 2006-10-26] (Microsoft Corporation -> Microsoft Corporation) S3 ose; C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation -> Microsoft Corporation) S2 SkypeUpdate; C:\Archivos de programa\Skype\Updater\Updater.exe [315488 2015-02-18] () [Archivo no firmado] S3 SwPrv; C:\WINDOWS\system32\dllhost.exe /Processid:{6D41570F-FCBF-4CB7-B7FF-E3F2F338830C} [5120 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) ===================== Controladores (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) R0 604DDBD6; C:\WINDOWS\System32\drivers\604DDBD6.sys [153784 2001-01-01] (Kaspersky Lab -> Kaspersky Lab ZAO) S3 6614539A; C:\WINDOWS\system32\drivers\6614539A.sys [222648 2001-01-01] (Malwarebytes Corporation -> Malwarebytes) S3 AR5416; C:\WINDOWS\System32\DRIVERS\athw.sys [2158848 2013-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.) S3 AR9271; C:\WINDOWS\System32\DRIVERS\athuw.sys [1763584 2011-07-28] (Atheros Communications, Inc.) [Archivo no firmado] S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 CnxtHdAudService; C:\WINDOWS\System32\drivers\CHDAU32.sys [822400 2010-07-18] (Conexant Systems, Inc. -> Conexant Systems Inc.) S3 HdAudAddService; C:\WINDOWS\System32\drivers\CHDAud.sys [581632 2006-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems Inc.) R3 HDAudBus; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Microsoft Windows Component Publisher -> Windows (R) Server 2003 DDK provider) S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [150816 2001-01-01] (Malwarebytes Corporation -> Malwarebytes) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 Ptilink; C:\WINDOWS\System32\DRIVERS\ptilink.sys [17792 2001-08-24] (Microsoft Windows Component Publisher -> Parallel Technologies, Inc.) S3 RTL8023xp; C:\WINDOWS\System32\DRIVERS\Rtnicxp.sys [130432 2009-03-25] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation) S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Microsoft Windows Component Publisher -> Realtek Semiconductor Corporation) S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [20480 2008-04-13] (Microsoft Windows Component Publisher -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) S4 IntelIde; no ImagePath S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X] ==================== NetSvcs (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) ==================== Un mes (creado) =================== (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2020-09-20 22:43 - 2020-09-20 22:44 - 000020254 _____ C:\Documents and Settings\User\Escritorio\FRST.txt 2020-09-20 22:43 - 2020-09-20 16:36 - 002013184 _____ (Farbar) C:\Documents and Settings\User\Escritorio\FRST.exe 2020-09-20 22:35 - 2020-09-20 22:35 - 000000000 ____D C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Google 2020-09-20 22:05 - 2020-09-20 22:37 - 000000000 ____D C:\Documents and Settings\Administrador\Datos de programa\ZHP 2020-09-20 22:05 - 2020-09-20 22:05 - 000000000 ____D C:\Documents and Settings\Administrador\Configuración local\Datos de programa\ZHP 2020-09-20 21:05 - 2020-09-20 17:20 - 185714032 _____ (AO Kaspersky Lab) C:\Documents and Settings\Administrador\Escritorio\KVRT.exe 2020-09-20 20:59 - 2020-09-19 18:07 - 029228944 _____ (Piriform Software Ltd) C:\Documents and Settings\Administrador\Escritorio\cctrialsetup.exe 2020-09-20 20:55 - 2020-09-20 22:40 - 000000192 ___SH C:\Documents and Settings\Administrador\ntuser.ini 2020-09-20 20:55 - 2020-09-20 22:39 - 000000000 ____D C:\Documents and Settings\Administrador\Configuración local\Temp 2020-09-20 20:55 - 2020-09-20 22:38 - 000000000 ____D C:\Documents and Settings\Administrador\Escritorio 2020-09-20 20:55 - 2020-09-20 22:35 - 000000000 ___HD C:\Documents and Settings\Administrador\Configuración local\Datos de programa 2020-09-20 20:55 - 2020-09-20 22:05 - 000000000 __RHD C:\Documents and Settings\Administrador\Datos de programa 2020-09-20 20:55 - 2020-09-20 20:58 - 000000000 ___HD C:\Documents and Settings\Administrador\Configuración local 2020-09-20 20:55 - 2020-09-20 20:55 - 000000000 ____D C:\Documents and Settings\Administrador 2020-09-20 20:55 - 2015-05-13 04:49 - 000001599 _____ C:\Documents and Settings\Administrador\Menú Inicio\Programas\Asistencia remota.lnk 2020-09-20 20:55 - 2015-05-13 04:49 - 000000827 _____ C:\Documents and Settings\Administrador\Menú Inicio\Programas\Reproductor de Windows Media.lnk 2020-09-20 20:55 - 2015-05-13 04:49 - 000000000 ___RD C:\Documents and Settings\Administrador\Menú Inicio\Programas\Accesorios 2020-09-20 20:55 - 2015-05-13 04:49 - 000000000 ___RD C:\Documents and Settings\Administrador\Menú Inicio\Programas 2020-09-20 20:55 - 2015-05-13 04:45 - 000000000 ___HD C:\Documents and Settings\Administrador\Plantillas 2020-09-20 20:55 - 2001-01-01 00:34 - 000000000 ___SD C:\Documents and Settings\Administrador\Configuración local\Historial 2020-09-20 20:55 - 2001-01-01 00:34 - 000000000 ___SD C:\Documents and Settings\Administrador\Configuración local\Archivos temporales de Internet 2020-09-20 20:55 - 2001-01-01 00:34 - 000000000 ___RD C:\Documents and Settings\Administrador\Menú Inicio\Programas\Inicio 2020-09-20 20:55 - 2001-01-01 00:34 - 000000000 ___RD C:\Documents and Settings\Administrador\Menú Inicio 2020-09-20 20:55 - 2001-01-01 00:34 - 000000000 ___HD C:\Documents and Settings\Administrador\Impresoras 2020-09-20 20:55 - 2001-01-01 00:34 - 000000000 ___HD C:\Documents and Settings\Administrador\Entorno de red 2020-09-20 20:55 - 2001-01-01 00:34 - 000000000 ____D C:\Documents and Settings\Administrador\Reciente 2020-09-20 20:55 - 2001-01-01 00:34 - 000000000 ____D C:\Documents and Settings\Administrador\Mis documentos 2020-09-20 20:55 - 2001-01-01 00:34 - 000000000 ____D C:\Documents and Settings\Administrador\Favoritos 2020-09-19 20:04 - 2020-09-20 22:44 - 000000000 ____D C:\Documents and Settings\User\Configuración local\temp 2020-09-19 20:04 - 2020-09-19 20:04 - 000000000 ____D C:\Documents and Settings\NetworkService\Configuración local\temp 2020-09-19 20:04 - 2020-09-19 20:04 - 000000000 ____D C:\Documents and Settings\LocalService\Configuración local\temp 2020-09-19 19:55 - 2020-09-19 20:09 - 000000000 ____D C:\ComboFix 2020-09-19 19:55 - 2011-06-26 03:45 - 000256000 _____ C:\WINDOWS\PEV.exe 2020-09-19 19:55 - 2010-11-07 14:20 - 000208896 _____ C:\WINDOWS\MBR.exe 2020-09-19 19:55 - 2009-04-20 01:56 - 000060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe 2020-09-19 19:55 - 2000-08-30 21:00 - 000518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe 2020-09-19 19:55 - 2000-08-30 21:00 - 000406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe 2020-09-19 19:55 - 2000-08-30 21:00 - 000212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe 2020-09-19 19:55 - 2000-08-30 21:00 - 000098816 _____ C:\WINDOWS\sed.exe 2020-09-19 19:55 - 2000-08-30 21:00 - 000080412 _____ C:\WINDOWS\grep.exe 2020-09-19 19:55 - 2000-08-30 21:00 - 000068096 _____ C:\WINDOWS\zip.exe ==================== Un mes (modificado) ================== (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2020-09-20 22:44 - 2019-02-19 23:43 - 000000386 _____ C:\WINDOWS\Tasks\At43.job 2020-09-20 22:44 - 2019-02-19 23:43 - 000000380 _____ C:\WINDOWS\Tasks\At44.job 2020-09-20 22:43 - 2015-05-13 04:56 - 000000000 ____D C:\Documents and Settings\User\Escritorio 2020-09-20 22:43 - 2001-01-01 19:09 - 000000000 ____D C:\FRST 2020-09-20 22:41 - 2017-03-25 00:54 - 000001098 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2020-09-20 22:41 - 2015-05-13 04:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-09-20 22:40 - 2001-01-01 00:00 - 000382562 _____ C:\WINDOWS\ntbtlog.txt 2020-09-20 22:37 - 2015-05-29 19:35 - 000000000 ____D C:\Archivos de programa\Lavasoft 2020-09-20 22:37 - 2015-05-29 19:32 - 000000000 ____D C:\Documents and Settings\All Users\Datos de programa\Lavasoft 2020-09-20 22:21 - 2015-05-13 04:56 - 000000192 ___SH C:\Documents and Settings\User\ntuser.ini 2020-09-20 22:21 - 2015-05-13 04:54 - 000032540 _____ C:\WINDOWS\SchedLgU.Txt 2020-09-20 21:09 - 2001-01-01 20:11 - 000000000 ____D C:\KVRT_Data 2020-09-20 21:02 - 2001-01-01 00:34 - 000000000 ___RD C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio 2020-09-20 21:02 - 2001-01-01 00:34 - 000000000 ___RD C:\Documents and Settings\All Users\Menú Inicio\Programas 2020-09-20 21:02 - 2001-01-01 00:34 - 000000000 ___RD C:\Archivos de programa 2020-09-20 21:02 - 2001-01-01 00:34 - 000000000 ____D C:\Documents and Settings\All Users\Escritorio 2020-09-20 20:55 - 2001-01-01 00:33 - 000000000 ____D C:\Documents and Settings 2020-09-20 20:54 - 2001-08-24 14:00 - 000002206 _____ C:\WINDOWS\system32\wpa.dbl 2020-09-20 20:51 - 2019-08-15 14:50 - 000000386 _____ C:\WINDOWS\Tasks\At72.job 2020-09-20 20:51 - 2019-08-15 14:50 - 000000384 _____ C:\WINDOWS\Tasks\At71.job 2020-09-20 20:49 - 2019-10-14 23:48 - 000000378 _____ C:\WINDOWS\Tasks\At84.job 2020-09-20 20:48 - 2019-10-11 09:45 - 000000378 _____ C:\WINDOWS\Tasks\At83.job 2020-09-20 20:39 - 2019-08-25 23:38 - 000000390 _____ C:\WINDOWS\Tasks\At74.job 2020-09-20 20:37 - 2019-10-20 00:36 - 000000380 _____ C:\WINDOWS\Tasks\At85.job 2020-09-20 20:27 - 2017-03-25 00:54 - 000001102 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2020-09-20 20:20 - 2019-09-12 00:19 - 000000384 _____ C:\WINDOWS\Tasks\At77.job 2020-09-20 20:20 - 2019-09-12 00:19 - 000000380 _____ C:\WINDOWS\Tasks\At79.job 2020-09-20 20:20 - 2019-09-12 00:19 - 000000378 _____ C:\WINDOWS\Tasks\At78.job 2020-09-20 20:19 - 2019-09-15 23:18 - 000000384 _____ C:\WINDOWS\Tasks\At80.job 2020-09-20 20:17 - 2019-04-06 01:16 - 000000382 _____ C:\WINDOWS\Tasks\At54.job 2020-09-20 20:17 - 2015-05-13 05:05 - 000000838 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2020-09-20 20:13 - 2018-09-01 01:12 - 000000376 _____ C:\WINDOWS\Tasks\At16.job 2020-09-20 20:11 - 2019-10-11 00:10 - 000000382 _____ C:\WINDOWS\Tasks\At82.job 2020-09-20 20:09 - 2001-01-01 00:07 - 000000384 _____ C:\WINDOWS\Tasks\At53.job 2020-09-20 20:05 - 2001-01-01 00:04 - 000000382 _____ C:\WINDOWS\Tasks\At45.job 2020-09-20 20:04 - 2019-02-19 22:03 - 000000380 _____ C:\WINDOWS\Tasks\At42.job 2020-09-20 20:03 - 2020-03-30 00:02 - 000000380 _____ C:\WINDOWS\Tasks\At97.job 2020-09-20 20:03 - 2001-01-01 04:02 - 000000382 _____ C:\WINDOWS\Tasks\At56.job 2020-09-20 19:59 - 2019-08-03 04:58 - 000000388 _____ C:\WINDOWS\Tasks\At69.job 2020-09-19 20:13 - 2001-01-01 01:32 - 000303104 _____ C:\WINDOWS\system32\config\default.bak 2020-09-19 20:11 - 2001-01-01 01:29 - 000090112 _____ C:\WINDOWS\DUMP473a.tmp 2020-09-19 20:08 - 2001-01-01 01:31 - 000000000 ____D C:\WINDOWS\erdnt 2020-09-19 20:07 - 2015-05-13 04:53 - 000000000 ___SD C:\Documents and Settings\NetworkService\Configuración local\Archivos temporales de Internet 2020-09-19 20:06 - 2017-12-26 23:04 - 000000000 ____D C:\Avenger 2020-09-19 20:06 - 2015-05-13 04:56 - 000000000 ___SD C:\Documents and Settings\User\Configuración local\Archivos temporales de Internet 2020-09-19 20:06 - 2001-08-24 14:00 - 000000227 _____ C:\WINDOWS\system.ini 2020-09-19 20:06 - 2001-01-01 01:34 - 000000000 ____D C:\Qoobox 2020-09-19 20:04 - 2015-05-13 04:56 - 000000000 ___RD C:\Documents and Settings\User\Mis documentos 2020-09-19 20:04 - 2015-05-13 04:56 - 000000000 ___HD C:\Documents and Settings\User\Datos de programa 2020-09-19 20:04 - 2015-05-13 04:56 - 000000000 ___HD C:\Documents and Settings\User\Configuración local 2020-09-19 20:04 - 2015-05-13 04:54 - 000000000 ___HD C:\Documents and Settings\LocalService\Configuración local 2020-09-19 20:04 - 2015-05-13 04:53 - 000000000 ___HD C:\Documents and Settings\NetworkService\Configuración local 2020-09-19 20:03 - 2001-01-01 00:34 - 000000000 ____D C:\Archivos de programa\Archivos comunes ==================== Archivos en la raíz de algunos directorios ======== 2015-05-25 15:44 - 2015-05-25 16:04 - 000000000 _____ () C:\Documents and Settings\User\TempWmicBatchFile.bat 2020-06-16 13:30 - 2020-06-16 13:30 - 000339599 _____ () C:\Documents and Settings\User\Datos de programa\Besobi 2020-04-12 15:51 - 2020-04-12 15:51 - 000142321 _____ () C:\Documents and Settings\User\Datos de programa\Cahofopohab 2001-01-01 00:01 - 2001-01-01 00:01 - 000331975 _____ () C:\Documents and Settings\User\Datos de programa\Caretiho 2001-01-01 00:01 - 2001-01-01 00:01 - 000364434 _____ () C:\Documents and Settings\User\Datos de programa\Cocutasof 2001-01-01 00:02 - 2001-01-01 00:02 - 000306604 _____ () C:\Documents and Settings\User\Datos de programa\Colotat 2001-01-01 00:01 - 2001-01-01 00:01 - 000126387 _____ () C:\Documents and Settings\User\Datos de programa\Ducar 2001-01-01 00:01 - 2001-01-01 00:01 - 000249085 _____ () C:\Documents and Settings\User\Datos de programa\Fibihotoboso 2001-01-01 00:01 - 2001-01-01 00:01 - 000311161 _____ () C:\Documents and Settings\User\Datos de programa\Hisenote 2019-03-13 14:07 - 2019-03-13 14:07 - 000245847 _____ () C:\Documents and Settings\User\Datos de programa\Huhokamunosa 2001-01-01 00:01 - 2001-01-01 00:01 - 000318341 _____ () C:\Documents and Settings\User\Datos de programa\Hururuk 2019-10-14 23:46 - 2019-10-14 23:46 - 000195923 _____ () C:\Documents and Settings\User\Datos de programa\Kafadapadok 2020-06-04 00:56 - 2020-06-04 00:56 - 000131288 _____ () C:\Documents and Settings\User\Datos de programa\Kobudereb 2001-01-01 04:01 - 2001-01-01 04:01 - 000286353 _____ () C:\Documents and Settings\User\Datos de programa\Kokoko 2019-04-08 16:13 - 2019-04-08 16:13 - 000308634 _____ () C:\Documents and Settings\User\Datos de programa\Leparadoted 2001-01-01 00:01 - 2001-01-01 00:01 - 000315572 _____ () C:\Documents and Settings\User\Datos de programa\Lodogafageg 2001-01-01 00:01 - 2001-01-01 00:01 - 000357544 _____ () C:\Documents and Settings\User\Datos de programa\Mefedane 2020-04-24 01:04 - 2020-04-24 01:04 - 000345032 _____ () C:\Documents and Settings\User\Datos de programa\Momit 2001-01-01 00:04 - 2001-01-01 00:04 - 000213843 _____ () C:\Documents and Settings\User\Datos de programa\Nebeto 2001-01-01 00:01 - 2001-01-01 00:01 - 000294366 _____ () C:\Documents and Settings\User\Datos de programa\Necegor 2020-05-19 20:27 - 2020-05-19 20:27 - 000164004 _____ () C:\Documents and Settings\User\Datos de programa\Pekep 2001-01-01 00:01 - 2001-01-01 00:01 - 000219362 _____ () C:\Documents and Settings\User\Datos de programa\Pelecitomip 2001-01-01 00:01 - 2001-01-01 00:01 - 000246934 _____ () C:\Documents and Settings\User\Datos de programa\Potetinugeho 2001-01-01 00:01 - 2001-01-01 00:01 - 000153524 _____ () C:\Documents and Settings\User\Datos de programa\Remadogiri 2019-07-01 11:47 - 2019-07-01 11:47 - 000127535 _____ () C:\Documents and Settings\User\Datos de programa\Remefe 2020-06-16 13:30 - 2020-06-16 13:30 - 000339599 _____ () C:\Documents and Settings\User\Datos de programa\Sicutocata 2019-05-30 09:41 - 2019-05-30 09:41 - 000312599 _____ () C:\Documents and Settings\User\Datos de programa\Sigipanud 2001-01-01 00:01 - 2001-01-01 00:01 - 000292333 _____ () C:\Documents and Settings\User\Datos de programa\Taneheneki 2020-05-07 11:32 - 2020-05-07 11:32 - 000232819 _____ () C:\Documents and Settings\User\Datos de programa\Tecutaramad 2001-01-01 00:01 - 2001-01-01 00:01 - 000209860 _____ () C:\Documents and Settings\User\Datos de programa\Tupoci 2016-10-10 00:38 - 2020-06-26 17:03 - 000000093 _____ () C:\Documents and Settings\User\Datos de programa\WB.CFG 2015-05-29 19:39 - 2018-06-17 23:27 - 000013312 _____ () C:\Documents and Settings\User\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ==================== SigCheck ============================ (No existe una corrección automática para los archivos que no pasan la verificación.) ==================== Final de FRST.txt ========================