Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x86) Versión: 21-07-2022 Ejecutado por Alumno (administrador) sobre LITOGONZALEZ (SAMSUNG ELECTRONICS CO., LTD. 100NZB) (23-07-2022 14:56:08) Ejecutado desde C:\Users\Alumno\Desktop Perfiles cargados: Alumno Plataforma: Microsoft Windows 7 Professional Service Pack 1 (X86) Idioma: Español (España, internacional) Navegador predeterminado: Chrome Modo de Inicio: Normal ==================== Procesos (Lista blanca) ================= (Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.) () [Archivo no firmado] [El archivo está en uso] C:\Program Files\Intel(R) Learning Series\Classroom Management by Mythware\StudentMain.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4> (C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe (C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (C:\Program Files\Intel(R) Learning Series\Classroom Management by Mythware\GATESRV.exe ->) () [Archivo no firmado] C:\Program Files\Intel(R) Learning Series\Classroom Management by Mythware\MasterHelper.exe (explorer.exe ->) () [Archivo no firmado] C:\Program Files\SATVD-T\SchHD.exe (explorer.exe ->) () [Archivo no firmado] C:\Program Files\STMicroelectronics\Accelerometer\FF_Protection.exe (explorer.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <27> (explorer.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (explorer.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe (explorer.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe (explorer.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe (explorer.exe ->) (Intel) [Archivo no firmado] C:\Program Files\Intel Learning Series\Theft Deterrent\Agent.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (explorer.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (services.exe ->) () [Archivo no firmado] C:\Program Files\FusionInventory-Agent\perl\bin\perl.exe (services.exe ->) () [Archivo no firmado] C:\Program Files\Intel(R) Learning Series\Classroom Management by Mythware\GATESRV.exe (services.exe ->) () [Archivo no firmado] C:\Program Files\STMicroelectronics\Accelerometer\InstallFilterService.exe (services.exe ->) (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe (services.exe ->) (Intel Corporation - Mobile Wireless Group -> Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (services.exe ->) (Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (services.exe ->) (Intel Corporation) [Archivo no firmado] C:\Program Files\Intel\Bluetooth\devmonsrv.exe (services.exe ->) (Intel Corporation) [Archivo no firmado] C:\Program Files\Intel\Bluetooth\mediasrv.exe (services.exe ->) (Intel Corporation) [Archivo no firmado] C:\Program Files\Intel\Bluetooth\obexsrv.exe (services.exe ->) (Intel Corporation) [Archivo no firmado] C:\Program Files\Intel\Device Control Service\DeviceControlService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files\Wondershare\WAF\2.4.3.242\WsAppService.exe (svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe (svchost.exe ->) (Intel Corporation) [Archivo no firmado] C:\Program Files\Intel\Bluetooth\btplayerctrl.exe ==================== Registro (Lista blanca) =================== (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2193192 2012-02-14] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2325776 2012-01-05] (Synaptics Incorporated -> Synaptics Incorporated) HKLM\...\Run: [BTMTrayAgent] => C:\Program Files\Intel\Bluetooth\btmshell.dll [9887744 2011-11-14] (Intel Corporation) [Archivo no firmado] HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [18296096 2021-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Agent] => C:\Archivos de programa\Intel Learning Series\Theft Deterrent\Agent.exe [303104 2010-07-19] (Intel) [Archivo no firmado] HKLM\...\Run: [FreeFallProtection] => C:\Program Files\STMicroelectronics\Accelerometer\FF_Protection.exe [1208320 2010-12-17] () [Archivo no firmado] HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation -> Intel Corporation) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1002984 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Run: [SchHD] => C:\Program Files\SATVD-T\SchHD.exe [258048 2010-07-03] () [Archivo no firmado] HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Run: [GfxServiceInstall] => C:\Windows\system32\GfxCUIServiceInstall.vbs [131 2011-12-14] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [189696 2022-06-29] (Avast Software s.r.o. -> AVAST Software) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restricción <==== ATENCIÓN HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (Ningún archivo) HKU\S-1-5-19\...\Run: [Formulario] => D:\.cache\.b\conigform-windows.exe (Ningún archivo) HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (Ningún archivo) HKLM\...\Print\Monitors\PDFCreator: C:\Windows\system32\pdfcmnnt.dll [116224 2001-10-28] () [Archivo no firmado] HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\103.0.5060.134\Installer\chrmstp.exe [2022-07-23] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2016-09-30] (Adobe Systems, Incorporated -> Adobe Systems, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.) BootExecute: HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN ==================== Tareas programadas (Lista blanca) ============ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) Task: {0898499F-E07D-4DD2-82E7-B6F218B5796C} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe (Ningún archivo) Task: {1D85BEC3-131A-4400-9987-A93C773BD201} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [345824 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) Task: {2BEB4898-4BFB-4E7D-BCFA-38EED2282932} - System32\Tasks\MovieColorEnhancer => C:\Program Files\Samsung\Easy Settings\MovieColorEnhancer.exe [783240 2012-02-27] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) [Archivo no firmado] Task: {2E2F53A6-AEF8-46AC-9AE8-87E53629A56A} - System32\Tasks\updater => C:\Windows\System32\runupdate.bat [660 2012-09-03] () [Archivo no firmado] Task: {47740FBB-398D-4EF5-A416-B33E760418BF} - System32\Tasks\{61CA6F85-F504-4613-A05C-413AE23A11D0} => C:\Windows\system32\pcalua.exe -a E:\Software\Windows\Diccionarios\Babiloo-Spanish-2.0.9.exe -d E:\Software\Windows\Diccionarios Task: {4F44A261-37A4-4488-B562-73254D2FB68E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [156232 2021-12-12] (Google LLC -> Google LLC) Task: {5B09DDCB-DBAD-4822-B6FA-11D917BB6C9F} - System32\Tasks\{A0E855BD-731C-429E-951B-3521FFC1A2B8} => C:\Windows\system32\pcalua.exe -a C:\Games\cs15-podbot25.exe -d C:\Games Task: {6A8158A8-8C45-43D0-A246-61B813034FDE} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} C:\Program Files\Windows Live\SOXE\wlsoxe.dll [179584 2010-11-10] (Microsoft Corporation -> Microsoft Corporation) Task: {7BAE4BBE-BB81-49AA-B1A6-6EB10AF6CFAD} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1947984 2022-05-24] (Avast Software s.r.o. -> Avast Software) Task: {9990AD01-1CAF-4D7D-8573-A1346D9D1F3F} - System32\Tasks\EasySpeedUpManager => C:\Program Files\Samsung\Easy Settings\EasySpeedUpManager.exe [1639304 2012-02-27] (Samsung Electronics CO., LTD. -> Samsung Electronics) [Archivo no firmado] Task: {ABAD603E-B2CF-4EEA-8E47-52DBADCDCD93} - System32\Tasks\SmartSetting => C:\Program Files\Samsung\Easy Settings\SmartSetting.exe [2277768 2012-03-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) [Archivo no firmado] Task: {AC94F904-7C30-4FEE-AD0C-D3C7438686DB} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe [365960 2012-02-27] (Samsung Electronics CO., LTD. -> SAMSUNG Electronics co., LTD.) [Archivo no firmado] Task: {B3B6EEA8-CC63-4F33-9726-AFB93A5D820E} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4371712 2022-06-29] (Avast Software s.r.o. -> AVAST Software) Task: {C2AE287D-D3BD-40D1-8934-4D365A161D99} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [156232 2021-12-12] (Google LLC -> Google LLC) Task: {D40FC20D-11E5-43DE-AC2B-C5DCD1DFF2C7} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [345824 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) Task: {D520EB95-8EB8-4A32-BE72-5B814AF3C7A8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1156824 2016-09-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Task: {D6FB4B1F-03F2-4FE5-8165-A0BA99D11CAF} - System32\Tasks\BatteryInfo => "C:\Program Files\BatteryInfo\logstart.cmd" (Ningún archivo) Task: {F6D4C1DA-462B-495D-86E7-B5068ACD2193} - System32\Tasks\SamsungSupportCenter => C:\Program Files\Samsung\Easy Support Center\SSCKbdHk.exe [3398736 2012-01-27] (Samsung Electronics CO., LTD. -> SAMSUNG Electronics) Task: {FA6A67F1-B612-4BC1-B72E-F50AB2CECA11} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Settings\dmhkcore.exe [1113168 2012-03-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) Task: {FD7C8DBD-718D-431D-B319-9FF12FCE2528} - System32\Tasks\SCCSpeedBoot => C:\Program Files\Samsung\Easy Settings\SCCSpeedBoot.exe [3462024 2012-02-27] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) [Archivo no firmado] (Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.) ==================== Internet (Lista blanca) ==================== (Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.) ProxyServer: [S-1-5-21-1426333803-718080766-1020419503-1000] => 10.2.0.11:80 Winsock: Catalog5 01 %SystemRoot%\system32\NLAapi.dll => Ningún archivo ATENCIÓN: LibraryPath debería ser "%SystemRoot%\system32\NLAapi.dll" Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll => Ningún archivo ATENCIÓN: LibraryPath debería ser "%SystemRoot%\system32\napinsp.dll" Winsock: Catalog5 03 %SystemRoot%\system32\pnrpnsp.dll => Ningún archivo ATENCIÓN: LibraryPath debería ser "%SystemRoot%\system32\pnrpnsp.dll" Winsock: Catalog5 04 %SystemRoot%\system32\pnrpnsp.dll => Ningún archivo ATENCIÓN: LibraryPath debería ser "%SystemRoot%\system32\pnrpnsp.dll" Winsock: Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5 07 %SystemRoot%\System32\mswsock.dll => Ningún archivo ATENCIÓN: LibraryPath debería ser "%SystemRoot%\System32\mswsock.dll" Winsock: Catalog5 08 %SystemRoot%\System32\winrnr.dll => Ningún archivo ATENCIÓN: LibraryPath debería ser "%SystemRoot%\System32\winrnr.dll" Tcpip\Parameters: [DhcpNameServer] 181.30.140.135 181.30.140.199 181.30.140.199 Tcpip\..\Interfaces\{47C9A79F-2B18-4FDA-9C26-00248576BD88}: [DhcpNameServer] 181.30.140.135 181.30.140.199 181.30.140.199 Tcpip\..\Interfaces\{965D91DE-CEB5-4B19-8E2D-AFF8FD876521}: [DhcpNameServer] 172.16.0.254 HKLM\System\...\Parameters\PersistentRoutes: [0.0.0.0,0.0.0.0,192.168.1.1,-1] Edge: ======= Edge Profile: C:\Users\Alumno\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-23] FireFox: ======== FF ProfilePath: C:\Users\Alumno\AppData\Roaming\Mozilla\Firefox\Profiles\eyd5j23x.default [2022-07-23] FF Homepage: Mozilla\Firefox\Profiles\eyd5j23x.default -> hxxp://www,google.com FF Session Restore: Mozilla\Firefox\Profiles\eyd5j23x.default -> está habilitado. FF Extension: (Video DownloadHelper) - C:\Users\Alumno\AppData\Roaming\Mozilla\Firefox\Profiles\eyd5j23x.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-09-05] [Heredado] FF Extension: (Sin Nombre) - C:\Users\Alumno\AppData\Roaming\Mozilla\Firefox\Profiles\eyd5j23x.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [no encontrado] FF HKLM\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files\Common Files\McAfee\SystemCore => no encontrado FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor => no encontrado FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll [2012-09-07] (Adobe Systems Incorporated -> ) FF Plugin: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2022-03-05] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_311\bin\new_plugin\npjp2.dll [Ningún archivo] FF Plugin: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2022-03-05] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @mcafee.com/MSC,version=10 -> c:\progra~1\mcafee\msc\npmcsn~1.dll [Ningún archivo] FF Plugin: @mcafee.com/SAFFPlugin -> C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll [Ningún archivo] FF Plugin: @microsoft.com/GENUINE -> disabled [Ningún archivo] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll [2012-03-29] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corporation -> Microsoft Corp.) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems, Incorporated -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Alumno\AppData\Local\Google\Chrome\User Data\Default [2022-07-23] CHR DownloadDir: C:\Users\Alumno\Desktop CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxps://www.google.com/" CHR Extension: (Documentos de Google sin conexión) - C:\Users\Alumno\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-21] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Alumno\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-12] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx ==================== Servicios (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) R2 AMPPALR3; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [509440 2011-12-05] (Intel Corporation - Mobile Wireless Group -> Intel Corporation) R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7673912 2022-06-29] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [532736 2022-06-29] (Avast Software s.r.o. -> AVAST Software) R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [532736 2022-06-29] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-03-16] (Avast Software s.r.o. -> AVAST Software) R2 Bluetooth Device Monitor; C:\Program Files\Intel\Bluetooth\devmonsrv.exe [921664 2011-11-14] (Intel Corporation) [Archivo no firmado] R3 Bluetooth Media Service; C:\Program Files\Intel\Bluetooth\mediasrv.exe [1355840 2011-11-14] (Intel Corporation) [Archivo no firmado] R2 Bluetooth OBEX Service; C:\Program Files\Intel\Bluetooth\obexsrv.exe [995392 2011-11-14] (Intel Corporation) [Archivo no firmado] R2 BTHSSecurityMgr; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [104208 2011-12-05] (Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) R2 Device Control Service; C:\Program Files\Intel\Device Control Service\DeviceControlService.exe [1196544 2011-12-12] (Intel Corporation) [Archivo no firmado] S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Archivo no firmado] R2 InstallFilterService; C:\Program Files\STMicroelectronics\Accelerometer\InstallFilterService.exe [60928 2010-12-17] () [Archivo no firmado] R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [103696 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [280864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) R2 STUDSRV; C:\Program Files\Intel(R) Learning Series\Classroom Management by Mythware\GATESRV.exe [27648 2012-04-01] () [Archivo no firmado] S2 tcsd_win32.exe; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1552384 2007-11-08] () [Archivo no firmado] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation) R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [1710464 2010-09-21] (Microsoft Corporation -> Microsoft Corp.) R2 WsAppService; C:\Program Files\Wondershare\WAF\2.4.3.242\WsAppService.exe [495720 2018-08-29] (Wondershare Technology Co.,Ltd -> Wondershare) R2 FusionInventory-Agent; "C:\Program Files\FusionInventory-Agent\perl\bin\perl.exe" "C:\Program Files\FusionInventory-Agent\perl\bin\fusioninventory-win32-service" ===================== Controladores (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) S3 accel; C:\Windows\System32\DRIVERS\ADXL345accel.sys [14336 2011-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) R3 Acceler; C:\Windows\System32\DRIVERS\Acceler.sys [42608 2011-07-18] (STMicroelectronics -> ST Microelectronics) R3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [141312 2011-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S3 AMPPALP; C:\Windows\System32\DRIVERS\amppal.sys [141312 2011-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [39744 2022-06-29] (Avast Software s.r.o. -> AVAST Software) S1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [196144 2022-06-29] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [328208 2022-06-29] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [214040 2022-06-29] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [97304 2022-06-29] (Avast Software s.r.o. -> AVAST Software) R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [45440 2022-06-29] (Avast Software s.r.o. -> AVAST Software) R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [232464 2022-06-29] (Avast Software s.r.o. -> AVAST Software) R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [406896 2022-06-29] (Avast Software s.r.o. -> AVAST Software) R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [36104 2022-03-16] (AVAST Software s.r.o. -> AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [98896 2022-06-29] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [78048 2022-06-29] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [697872 2022-06-29] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [566544 2022-06-29] (Avast Software s.r.o. -> AVAST Software) R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [167488 2022-06-29] (Avast Software s.r.o. -> AVAST Software) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [272816 2022-06-29] (Avast Software s.r.o. -> AVAST Software) R0 CDD_HOST; C:\Windows\System32\Drivers\CDD_HOST.sys [19968 2012-03-31] () [Archivo no firmado] S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [113008 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [179496 2012-02-14] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) R3 int0800; C:\Windows\System32\DRIVERS\flashud.sys [42496 2009-03-06] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) S3 IPMLEBL; C:\Windows\System32\Drivers\ipmlebl.sys [9984 2011-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [252808 2016-08-25] (Microsoft Corporation -> Microsoft Corporation) R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwsn01.sys [10387216 2017-02-11] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) R3 RTL8167; C:\Windows\System32\DRIVERS\Rt86win7.sys [952704 2021-11-22] (Microsoft Windows Hardware Compatibility Publisher -> Realtek) R1 SABI; C:\Windows\system32\Drivers\SABI.sys [10752 2011-09-22] (Microsoft Windows Hardware Compatibility Publisher -> SAMSUNG ELECTRONICS) R3 smsbda; C:\Windows\System32\drivers\smsbda.sys [71456 2012-02-23] (Siano Mobile Silicon -> Siano) S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [148328 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R0 stdflt; C:\Windows\System32\DRIVERS\stdflt.sys [16176 2010-12-17] (STMicroelectronics -> ST Microelectronics) R3 TDKeybd; C:\Windows\System32\Drivers\TDKeybd.sys [7680 2012-04-01] () [Archivo no firmado] S4 TDProcHook; C:\Windows\System32\Drivers\TDProcHook.sys [14848 2012-04-01] () [Archivo no firmado] S3 VKBD; C:\Windows\System32\DRIVERS\virkbd.sys [18432 2011-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) U1 aswbdisk; no ImagePath U1 avgbdisk; no ImagePath ==================== NetSvcs (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) ==================== Un mes (creado) (Lista blanca) ========= (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2022-07-23 14:56 - 2022-07-23 15:00 - 000027538 _____ C:\Users\Alumno\Desktop\FRST.txt 2022-07-23 14:55 - 2022-07-23 14:58 - 000000000 ____D C:\FRST 2022-07-23 14:54 - 2022-07-23 14:55 - 002073600 _____ (Farbar) C:\Users\Alumno\Desktop\FRST.exe 2022-07-23 13:27 - 2022-07-23 14:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Argente - Registry Cleaner 2022-07-23 13:27 - 2022-07-23 14:20 - 000000000 ____D C:\Program Files\Argente - Registry Cleaner 2022-07-23 13:19 - 2022-07-23 13:20 - 005404387 _____ (Raúl Argente ) C:\Users\Alumno\Desktop\ARegClean-old.exe 2022-06-29 16:38 - 2022-06-29 16:34 - 000167488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2022-06-29 16:38 - 2022-06-29 16:33 - 000238848 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe ==================== Un mes (modificado) ================== (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2022-07-23 15:00 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\tracing 2022-07-23 14:41 - 2009-07-14 01:34 - 000034528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2022-07-23 14:41 - 2009-07-14 01:34 - 000034528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2022-07-23 14:30 - 2012-09-10 00:15 - 000000000 ____D C:\Program Files\Google 2022-07-23 13:49 - 2021-12-12 20:12 - 000002212 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-07-23 12:47 - 2022-03-16 16:46 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update 2022-07-23 12:44 - 2017-11-22 15:51 - 000065536 _____ C:\Windows\system32\Ikeext.etl 2022-07-23 12:43 - 2009-07-14 01:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-07-19 21:48 - 2022-03-16 16:39 - 000000000 ____D C:\ProgramData\Avast Software 2022-07-16 18:54 - 2022-03-05 21:28 - 000002215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-07-15 18:54 - 2021-11-22 21:19 - 000000000 ____D C:\Users\Alumno\Desktop\Che Negre 2022-07-12 16:02 - 2022-02-22 15:24 - 000000000 ____D C:\Windows\system32\MRT 2022-07-12 16:02 - 2010-07-26 06:52 - 142706808 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2022-06-29 16:35 - 2022-03-16 16:44 - 000272816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2022-06-29 16:34 - 2022-03-16 16:44 - 000566544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2022-06-29 16:34 - 2022-03-16 16:44 - 000232464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2022-06-29 16:34 - 2022-03-16 16:44 - 000214040 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys 2022-06-29 16:34 - 2022-03-16 16:44 - 000098896 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2022-06-29 16:34 - 2022-03-16 16:44 - 000097304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys 2022-06-29 16:34 - 2022-03-16 16:44 - 000078048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2022-06-29 16:33 - 2022-03-16 16:44 - 000406896 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys 2022-06-29 16:33 - 2022-03-16 16:44 - 000045440 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2022-06-29 16:30 - 2022-03-16 16:44 - 000697872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2022-06-29 16:30 - 2022-03-16 16:44 - 000196144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys 2022-06-29 16:30 - 2022-03-16 16:44 - 000039744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys 2022-06-29 16:29 - 2022-03-16 16:44 - 000328208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys ==================== Archivos en la raíz de algunos directorios ======== 2010-07-26 07:43 - 2010-11-23 14:46 - 001610752 _____ () C:\Program Files\Winplot_espanol.exe 2012-10-15 17:50 - 2017-09-09 14:45 - 000003584 _____ () C:\Users\Alumno\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2010-07-27 11:11 - 2012-09-10 05:08 - 000007596 _____ () C:\Users\Alumno\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (No existe una corrección automática para los archivos que no pasan la verificación.) LastRegBack: 2022-04-09 19:08 ==================== Final de FRST.txt ========================