Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 21-08-2021 Ejecutado por Matías (administrador) sobre CASA-ESCRITORIO (22-08-2021 19:13:15) Ejecutado desde C:\Users\Matías\Desktop Perfiles cargados: Matías Platform: Windows 10 Enterprise Versión 1909 18363.1556 (X64) Idioma: Español (España, internacional) Navegador predeterminado: Chrome Modo de Inicio: Normal ==================== Procesos (Lista blanca) ================= (Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atieclxx.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atiesrxx.exe (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <20> (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\WINWORD.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Users\Matías\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (SOSVIRUS (LE BOZEC CEDRIC, DOMINIQUE, MARIE) -> ) [Archivo no firmado] C:\Program Files (x86)\UsbFix\Modules\UsbFixMonitor.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Registro (Lista blanca) =================== (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard Company -> Hewlett-Packard) HKU\S-1-5-21-824706290-3614823676-1698890305-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49925280 2021-06-18] (Google LLC -> ) HKU\S-1-5-21-824706290-3614823676-1698890305-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3144816 2021-07-15] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-824706290-3614823676-1698890305-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4087528 2021-05-19] (Valve -> Valve Corporation) HKU\S-1-5-21-824706290-3614823676-1698890305-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35144320 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-824706290-3614823676-1698890305-1001\...\Run: [GoogleChromeAutoLaunch_837FAC31F91BC615D78F2DF9737D7946] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 HKU\S-1-5-21-824706290-3614823676-1698890305-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [807936 2019-03-19] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\HP E111 Status Monitor: C:\WINDOWS\system32\hpinkstsE111LM.dll [393352 2017-04-13] (Hewlett Packard -> HP Inc.) HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [46080 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\92.0.4515.159\Installer\chrmstp.exe [2021-08-16] (Google LLC -> Google LLC) ==================== Tareas programadas (Lista blanca) ============ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) Task: {1B913C72-47D0-473F-BEE3-34DBA2205CA1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {2684CCC0-E03C-4BBE-88C8-42E2272C6B68} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {2E16813A-E61A-424B-8101-DA345784D8B2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.3-0\MpCmdRun.exe [644872 2021-05-29] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {3206322F-3B00-4CDF-BA74-33F5CC312147} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {3B6E12D1-DEFC-4C68-8E92-F888446C8493} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Matías\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-06-02] (ESET, spol. s r.o. -> ESET) Task: {4409FD8C-1588-47AB-B696-080DFF883B12} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-824706290-3614823676-1698890305-1001 => C:\Users\Matías\AppData\Local\MEGAsync\MEGAupdater.exe Task: {55A353AE-E054-4ECA-B613-16485E20B643} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.) Task: {6C3496EC-DC16-4B13-8A23-FC7BD421CD24} - System32\Tasks\UsbFix Monitor => C:\Program Files (x86)\UsbFix\Modules\UsbFixMonitor.exe [1239176 2020-12-02] (SOSVIRUS (LE BOZEC CEDRIC, DOMINIQUE, MARIE) -> ) [Archivo no firmado] Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Task: {7EACF1C7-001B-4EB6-9A01-CBF20E5ABEB1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE} Task: {8A942B11-1756-43F0-9A14-01F2AD7A41CF} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {9C48DD27-341A-4105-B123-F36EA967B660} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Matías\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-06-02] (ESET, spol. s r.o. -> ESET) Task: {A278D66D-2966-4299-8341-D1E12288DE03} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.3-0\MpCmdRun.exe [644872 2021-05-29] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {AD9A9430-3DDC-4447-B88A-7847E9BA9F77} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA} Task: {C82DE3D7-EB1B-4AEB-86F7-BD8621F5D3E2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-08-16] (Piriform Software Ltd -> Piriform) Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {D4FDE14D-C402-4A8F-95C2-796398E1E144} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29211264 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd) Task: {D9F40B5B-5B40-4DF8-9880-4659D2EFE2D8} - System32\Tasks\CCleanerSkipUAC - Matías => C:\Program Files\CCleaner\CCleaner.exe [29211264 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd) Task: {E229760A-8C68-448A-91EA-1EBA75B7B16C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.3-0\MpCmdRun.exe [644872 2021-05-29] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E58FECA7-148C-477B-849A-CFCE0022E815} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {E5DC9372-FA28-4802-B64C-ECD5E8AF4D80} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.3-0\MpCmdRun.exe [644872 2021-05-29] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F2DB3082-968D-41CC-ACA0-6F22FE52646B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) (Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (Lista blanca) ==================== (Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{20dc7d9b-ebe3-4501-be35-8fb7cc53c700}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{d31edcb6-bbde-4efd-9f38-5b4463f52c93}: [DhcpNameServer] 192.168.0.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Matías\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-21] Edge StartupUrls: Default -> "hxxp://www.google.com/" Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Matías\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-07-21] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: u8miog1f.default-1437526231420 FF ProfilePath: C:\Users\Matías\AppData\Roaming\Mozilla\Firefox\Profiles\u8miog1f.default-1437526231420 [2021-08-21] FF Homepage: Mozilla\Firefox\Profiles\u8miog1f.default-1437526231420 -> hxxps://www.google.com FF Extension: (Malwarebytes Browser Guard) - C:\Users\Matías\AppData\Roaming\Mozilla\Firefox\Profiles\u8miog1f.default-1437526231420\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-06-05] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] (Adobe Systems Incorporated -> ) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] (Adobe Systems Incorporated -> ) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-12] (VideoLAN) [Archivo no firmado] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default [2021-08-22] CHR Notifications: Default -> hxxps://forospyware.com; hxxps://web.movistar.com.ar CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Extension: (Sudoku) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\agdhembpgcpfegeigidembjopfhghnpj [2015-03-15] CHR Extension: (Documentos) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13] CHR Extension: (Google Drive) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-19] CHR Extension: (YouTube) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (Búsqueda de Google) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26] CHR Extension: (Adobe Acrobat) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-06] CHR Extension: (VT4Browsers) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\efbjojhplkelaegfbieplglfidafgoka [2021-06-11] CHR Extension: (Documentos de Google sin conexión) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-30] CHR Extension: (DarkOrbit) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\igfellpkdddmaldkbohekiikcmadbdnj [2017-03-06] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-08-18] CHR Extension: (Google Hangouts) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2021-07-29] CHR Extension: (Into The Mist) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh [2018-08-15] CHR Extension: (WGT Golf Game) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpedbpkelbhcbkdaglillalioeeekbpb [2014-04-05] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30] CHR Extension: (Bola 9) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\oafdgpdaojfjhcolidaakebmnbibdbpb [2016-12-21] CHR Extension: (Gmail) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-25] CHR Extension: (Chrome Media Router) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-08-06] CHR HKU\S-1-5-21-824706290-3614823676-1698890305-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Servicios (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1874272 2021-04-13] (GOG Sp. z o.o. -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6840672 2021-04-13] (GOG Sp. z o.o. -> GOG.com) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7477704 2021-07-21] (Malwarebytes Inc -> Malwarebytes) R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Archivo no firmado] S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2556048 2021-07-15] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3474584 2021-07-15] (Electronic Arts, Inc. -> Electronic Arts) R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Archivo no firmado] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13103632 2020-09-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 wuauserv; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATENCIÓN (no ServiceDLL) S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATENCIÓN (no ServiceDLL) ===================== Controladores (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2020-02-24] (Microsoft Corporation) [Archivo no firmado] R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-08-05] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-05-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-23] (Malwarebytes Inc -> Malwarebytes) S3 Secdrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [14368 1999-10-01] () [Archivo no firmado] S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr)) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-05-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76024 2021-05-29] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) ==================== Un mes (creado) (Lista blanca) ========= (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2021-08-22 19:13 - 2021-08-22 19:14 - 000020715 _____ C:\Users\Matías\Desktop\FRST.txt 2021-08-22 19:13 - 2021-08-22 19:13 - 000000000 ____D C:\Users\Matías\Desktop\FRST-OlderVersion 2021-08-21 01:15 - 2021-08-21 01:15 - 000002908 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Matías 2021-08-18 14:29 - 2021-08-20 14:54 - 000028370 ____H C:\Users\Matías\Desktop\~WRL0005.tmp 2021-08-09 16:32 - 2021-08-09 16:32 - 000002260 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk 2021-08-09 16:32 - 2021-08-09 16:32 - 000002248 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk 2021-08-05 18:49 - 2021-08-05 18:49 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys ==================== Un mes (modificado) ================== (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2021-08-22 19:14 - 2021-06-05 01:35 - 000000000 ____D C:\FRST 2021-08-22 19:13 - 2021-06-24 18:07 - 002300928 _____ (Farbar) C:\Users\Matías\Desktop\FRST64.exe 2021-08-22 19:03 - 2021-06-19 09:47 - 000000000 ____D C:\Users\Matías\Desktop\VIRUSES 2021-08-22 19:02 - 2020-02-24 16:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-08-22 18:31 - 2013-01-02 09:11 - 000000000 ____D C:\Program Files (x86)\Google 2021-08-22 16:50 - 2019-03-19 01:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-08-22 15:29 - 2021-05-30 16:08 - 000000000 ____D C:\Users\Matías\Documents\BloodBowl2 2021-08-22 15:28 - 2019-01-23 20:52 - 000000000 ____D C:\Users\Matías\AppData\Local\D3DSCache 2021-08-22 13:15 - 2021-05-31 20:43 - 000000000 ____D C:\Program Files\CCleaner 2021-08-22 10:53 - 2017-12-08 04:22 - 000000000 ____D C:\Users\Matías\AppData\Local\Packages 2021-08-21 09:18 - 2020-06-04 11:37 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-08-21 09:18 - 2020-06-04 11:37 - 000002285 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-08-21 01:20 - 2021-05-31 20:36 - 000000179 _____ C:\Users\Matías\Desktop\DobleTilde.url 2021-08-21 01:16 - 2020-11-17 19:56 - 000000000 ___RD C:\Users\Matías\Google Drive 2021-08-21 01:15 - 2021-05-31 20:44 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-08-21 01:14 - 2014-12-31 09:29 - 000000000 ___RD C:\Users\Matías\OneDrive 2021-08-21 01:12 - 2020-02-24 16:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-08-21 01:12 - 2015-04-08 21:38 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2021-08-21 01:11 - 2019-03-19 01:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-08-21 01:05 - 2021-06-07 20:00 - 000000254 _____ C:\DelFix.txt 2021-08-21 00:48 - 2017-11-28 20:23 - 000000000 ____D C:\Users\Matías\AppData\Roaming\WhatsApp 2021-08-20 18:42 - 2020-04-06 15:58 - 000002378 ____H C:\Users\Matías\Documents\Default.rdp 2021-08-18 18:40 - 2018-05-20 16:33 - 000000000 ____D C:\Users\Matías\AppData\Local\Microsoft Help 2021-08-18 14:47 - 2020-04-03 16:53 - 000000000 ____D C:\Users\Matías\AppData\Local\WhatsApp 2021-08-18 00:12 - 2020-06-04 11:37 - 000003652 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-08-18 00:12 - 2020-06-04 11:37 - 000003528 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-08-16 21:31 - 2021-06-02 20:05 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-08-16 21:31 - 2021-06-02 20:05 - 000002211 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2021-08-16 12:19 - 2021-06-02 20:15 - 000001432 _____ C:\Users\Matías\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2021-08-16 12:19 - 2021-06-01 10:17 - 000000000 ____D C:\Users\Matías\AppData\Local\CrashDumps 2021-08-13 19:52 - 2020-02-24 16:57 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-824706290-3614823676-1698890305-1001 2021-08-13 19:52 - 2020-02-24 16:31 - 000002469 _____ C:\Users\Matías\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-08-09 16:32 - 2018-02-13 12:27 - 000000000 ____D C:\Program Files\Google 2021-08-07 00:03 - 2020-02-24 16:31 - 000000000 ____D C:\Users\Matías 2021-08-05 18:49 - 2021-07-21 09:23 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2021-08-05 18:49 - 2021-05-31 01:45 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-08-05 01:50 - 2021-06-24 01:50 - 000003862 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn 2021-08-05 01:50 - 2021-06-02 23:51 - 000003420 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime 2021-08-04 21:25 - 2020-02-24 16:57 - 000003622 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-08-04 21:25 - 2020-02-24 16:57 - 000003498 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-08-03 14:28 - 2017-11-26 14:41 - 000001569 _____ C:\Users\Matías\Desktop\RECORDAR.txt 2021-07-30 16:29 - 2015-11-20 20:31 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-07-28 19:23 - 2017-11-28 20:22 - 000000000 ____D C:\Users\Matías\AppData\Local\SquirrelTemp 2021-07-28 14:17 - 2014-10-08 22:04 - 000000000 ____D C:\Program Files (x86)\Origin ==================== Archivos en la raíz de algunos directorios ======== 2021-05-30 15:14 - 2021-05-30 15:14 - 000000559 _____ () C:\Users\Matías\AppData\Local\bowsakkdestx.txt ==================== SigCheck ============================ (No existe una corrección automática para los archivos que no pasan la verificación.) ==================== Final de FRST.txt ========================