Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 08-08-2020 Ejecutado por SYSTEM (09-08-2020 16:49:21) Run:1 Ejecutado desde F:\ Modo de Inicio: Recovery ============================================== fixlist contenido: ***************** HKLM-x32\...\Run: [kissq] => C:\Users\theou\AppData\Local\Temp\kissq.exe************* <==== ATENCIÓN C:\Users\theou\AppData\Local\Temp\kissq.exe HKU\theou\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session --flag-switches-begin --flag-switches-end - (la entrada de datos tiene 102 más caracteres) Task: {4E289E87-513C-49EA-9832-EA579F08B392} - System32\Tasks\NvNgxUpdateCheckDaily_{6EEFBFB0-BFB0-BFB0-BFB0-6EEFBFB0BFB0} => C:\Users\theou\AppData\Roaming\stcccuh.exe <==== ATENCIÓN C:\Users\theou\AppData\Roaming\stcccuh.exe Task: {547FDDD7-6A8D-4667-982A-B2DF2ED7F4E5} - System32\Tasks\whcxsi => C:\ProgramData\rqqqppo\whcxsi.exe Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\Windows\Tasks\whcxsi.job => C:\ProgramData\rqqqppo\whcxsi.exe <==== ATENCIÓN C:\ProgramData\rqqqppo S2 ElevationService; C:\Program Files (x86)\Wondershare\drfone\Addins\Backup\ElevationService.exe [X] S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X] S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X] S3 Rockstar Service; "E:\Games\Epic Games\GTAV\Launcher\RockstarService.exe" [X] S2 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Addins\Backup\DriverInstall.exe [X] S1 B339C7987478; C:\WINDOWS\B339C7987478.sys [25368 2020-08-03] (大连纵梦网络科技有限公司 -> FsFilter Network) C:\WINDOWS\B339C7987478.sys S3 aswbdisk; no ImagePath S3 avgbdisk; no ImagePath S3 GPU-Z-v2; \??\C:\Users\theou\AppData\Local\Temp\GPU-Z-v2.sys [X] <==== ATENCIÓN 2020-08-05 12:21 - 2020-08-05 20:15 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software 2020-08-04 19:53 - 2020-08-04 19:53 - 010076160 _____ C:\Program Files (x86)\GUT9D39.tmp 2020-08-04 19:53 - 2020-08-04 19:53 - 000000000 ____D C:\Program Files (x86)\GUM9D38.tmp 2020-08-04 01:04 - 2020-08-04 01:04 - 000221600 _____ (AVAST Software) C:\Users\theou\Downloads\avast_free_antivirus_setup_online (2).exe 2020-08-04 00:44 - 2020-08-04 00:44 - 000221600 _____ (AVAST Software) C:\Users\theou\Downloads\avast_free_antivirus_setup_online (1).exe 2020-08-04 00:36 - 2020-08-04 20:02 - 000000000 ____D C:\ProgramData\Avast Software 2020-08-04 00:36 - 2020-08-04 00:36 - 000221600 _____ (AVAST Software) C:\Users\theou\Downloads\avast_free_antivirus_setup_online.exe 2020-08-03 21:38 - 2020-08-06 08:48 - 000000266 ____H C:\Windows\Tasks\whcxsi.job 2020-08-03 21:38 - 2020-08-05 20:15 - 000002932 _____ C:\Windows\System32\Tasks\whcxsi 2020-08-03 21:38 - 2020-08-05 20:15 - 000002754 _____ C:\Windows\System32\Tasks\NvNgxUpdateCheckDaily_{6EEFBFB0-BFB0-BFB0-BFB0-6EEFBFB0BFB0} 2020-08-03 21:38 - 2020-08-03 22:04 - 000000000 ____D C:\ProgramData\rqqqppo 2020-08-03 21:38 - 2020-08-03 21:44 - 000000000 ____D C:\ProgramData\DNO6E9OGJ9RKGPIDDYD1QJCWM 2020-08-03 21:37 - 2020-08-03 22:09 - 000000000 ____D C:\Program Files (x86)\OrLqFSA 2020-08-03 21:37 - 2020-08-03 21:52 - 000000000 ____D C:\Users\theou\AppData\Roaming\lyd2h35rlx0 2020-08-03 21:37 - 2020-08-03 21:45 - 000000000 ____D C:\Users\theou\AppData\Local\0ebdfd8e-e8d7-430d-8fef-b4f33ec9eeb5 2020-08-03 21:37 - 2020-08-03 21:37 - 000025368 _____ (FsFilter Network) C:\Windows\B339C7987478.sys 2020-08-03 21:37 - 2020-08-03 21:37 - 000000000 ____D C:\ProgramData\RO2CKR48MAC2K36TNHGOVE999 2020-08-03 21:37 - 2020-08-03 21:37 - 000000000 _____ C:\Program Files (x86)\temp_files 2020-08-03 21:36 - 2020-08-03 21:51 - 000000000 ____D C:\Program Files (x86)\sqkjz 2020-07-15 08:12 - 2020-07-15 08:12 - 000000000 ____D C:\Users\theou\AppData\Roaming\KF2 2020-08-04 19:54 - 2020-03-21 23:13 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job ***************** "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\kissq" => eliminado correctamente "C:\Users\theou\AppData\Local\Temp\kissq.exe" => no encontrado "HKU\theou\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #2" => eliminado correctamente HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4E289E87-513C-49EA-9832-EA579F08B392} => eliminado correctamente HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E289E87-513C-49EA-9832-EA579F08B392} => eliminado correctamente C:\Windows\System32\Tasks\NvNgxUpdateCheckDaily_{6EEFBFB0-BFB0-BFB0-BFB0-6EEFBFB0BFB0} => movido correctamente HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvNgxUpdateCheckDaily_{6EEFBFB0-BFB0-BFB0-BFB0-6EEFBFB0BFB0} => eliminado correctamente "C:\Users\theou\AppData\Roaming\stcccuh.exe" => no encontrado HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{547FDDD7-6A8D-4667-982A-B2DF2ED7F4E5} => eliminado correctamente HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{547FDDD7-6A8D-4667-982A-B2DF2ED7F4E5} => eliminado correctamente C:\Windows\System32\Tasks\whcxsi => movido correctamente HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\whcxsi => eliminado correctamente C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => movido correctamente C:\Windows\Tasks\whcxsi.job => movido correctamente C:\ProgramData\rqqqppo => movido correctamente HKLM\System\ControlSet001\Services\ElevationService => eliminado correctamente ElevationService => servicio eliminado correctamente HKLM\System\ControlSet001\Services\gupdate => eliminado correctamente gupdate => servicio eliminado correctamente HKLM\System\ControlSet001\Services\gupdatem => eliminado correctamente gupdatem => servicio eliminado correctamente HKLM\System\ControlSet001\Services\Rockstar Service => eliminado correctamente Rockstar Service => servicio eliminado correctamente HKLM\System\ControlSet001\Services\WsDrvInst => eliminado correctamente WsDrvInst => servicio eliminado correctamente HKLM\System\ControlSet001\Services\B339C7987478 => eliminado correctamente B339C7987478 => servicio eliminado correctamente C:\WINDOWS\B339C7987478.sys => movido correctamente HKLM\System\ControlSet001\Services\aswbdisk => eliminado correctamente aswbdisk => servicio eliminado correctamente HKLM\System\ControlSet001\Services\avgbdisk => eliminado correctamente avgbdisk => servicio eliminado correctamente HKLM\System\ControlSet001\Services\GPU-Z-v2 => eliminado correctamente GPU-Z-v2 => servicio eliminado correctamente C:\Windows\System32\Tasks\AVAST Software => movido correctamente C:\Program Files (x86)\GUT9D39.tmp => movido correctamente C:\Program Files (x86)\GUM9D38.tmp => movido correctamente C:\Users\theou\Downloads\avast_free_antivirus_setup_online (2).exe => movido correctamente C:\Users\theou\Downloads\avast_free_antivirus_setup_online (1).exe => movido correctamente C:\ProgramData\Avast Software => movido correctamente C:\Users\theou\Downloads\avast_free_antivirus_setup_online.exe => movido correctamente "C:\Windows\Tasks\whcxsi.job" => no encontrado "C:\Windows\System32\Tasks\whcxsi" => no encontrado "C:\Windows\System32\Tasks\NvNgxUpdateCheckDaily_{6EEFBFB0-BFB0-BFB0-BFB0-6EEFBFB0BFB0}" => no encontrado "C:\ProgramData\rqqqppo" => no encontrado C:\ProgramData\DNO6E9OGJ9RKGPIDDYD1QJCWM => movido correctamente C:\Program Files (x86)\OrLqFSA => movido correctamente C:\Users\theou\AppData\Roaming\lyd2h35rlx0 => movido correctamente C:\Users\theou\AppData\Local\0ebdfd8e-e8d7-430d-8fef-b4f33ec9eeb5 => movido correctamente "C:\Windows\B339C7987478.sys" => no encontrado C:\ProgramData\RO2CKR48MAC2K36TNHGOVE999 => movido correctamente C:\Program Files (x86)\temp_files => movido correctamente C:\Program Files (x86)\sqkjz => movido correctamente C:\Users\theou\AppData\Roaming\KF2 => movido correctamente "C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job" => no encontrado ==== Final de Fixlog 16:49:22 ====