Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 04-07-2021 Ejecutado por Matías (administrador) sobre CASA-ESCRITORIO (05-07-2021 22:36:47) Ejecutado desde C:\Users\Matías\Desktop Perfiles cargados: Matías Platform: Windows 10 Enterprise Versión 1909 18363.1556 (X64) Idioma: Español (España, internacional) Navegador predeterminado: Chrome Modo de Inicio: Normal ==================== Procesos (Lista blanca) ================= (Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atieclxx.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atiesrxx.exe (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <11> (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\Matías\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (SOSVIRUS (LE BOZEC CEDRIC, DOMINIQUE, MARIE) -> ) [Archivo no firmado] C:\Program Files (x86)\UsbFix\Modules\UsbFixMonitor.exe (SOSVIRUS (LE BOZEC CEDRIC, DOMINIQUE, MARIE) -> ) [Archivo no firmado] C:\Program Files (x86)\UsbFix\UsbFix.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Registro (Lista blanca) =================== (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard Company -> Hewlett-Packard) HKU\S-1-5-21-824706290-3614823676-1698890305-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49925280 2021-06-18] (Google LLC -> ) HKU\S-1-5-21-824706290-3614823676-1698890305-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3144816 2021-06-22] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-824706290-3614823676-1698890305-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4087528 2021-05-19] (Valve -> Valve Corporation) HKU\S-1-5-21-824706290-3614823676-1698890305-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [34508416 2021-06-16] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-824706290-3614823676-1698890305-1001\...\Run: [GoogleChromeAutoLaunch_837FAC31F91BC615D78F2DF9737D7946] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 HKU\S-1-5-21-824706290-3614823676-1698890305-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [807936 2019-03-19] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\HP E111 Status Monitor: C:\WINDOWS\system32\hpinkstsE111LM.dll [393352 2017-04-13] (Hewlett Packard -> HP Inc.) HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [46080 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\91.0.4472.124\Installer\chrmstp.exe [2021-06-28] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-08-28] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc. -> McAfee, Inc.) ==================== Tareas programadas (Lista blanca) ============ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) Task: {1B913C72-47D0-473F-BEE3-34DBA2205CA1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {1BFFB539-40D0-4CE0-B656-C623D38F221D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-06-16] (Piriform Software Ltd -> Piriform) Task: {2684CCC0-E03C-4BBE-88C8-42E2272C6B68} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {2E16813A-E61A-424B-8101-DA345784D8B2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.3-0\MpCmdRun.exe [644872 2021-05-29] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {3206322F-3B00-4CDF-BA74-33F5CC312147} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {367E88A7-2CD2-4A14-AE8A-6289E4391203} - System32\Tasks\UsbFix Boot Scan => C:\Program Files (x86)\UsbFix\UsbFix.exe [2053256 2020-12-02] (SOSVIRUS (LE BOZEC CEDRIC, DOMINIQUE, MARIE) -> ) [Archivo no firmado] Task: {4409FD8C-1588-47AB-B696-080DFF883B12} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-824706290-3614823676-1698890305-1001 => C:\Users\Matías\AppData\Local\MEGAsync\MEGAupdater.exe Task: {55A353AE-E054-4ECA-B613-16485E20B643} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.) Task: {6C3496EC-DC16-4B13-8A23-FC7BD421CD24} - System32\Tasks\UsbFix Monitor => C:\Program Files (x86)\UsbFix\Modules\UsbFixMonitor.exe [1239176 2020-12-02] (SOSVIRUS (LE BOZEC CEDRIC, DOMINIQUE, MARIE) -> ) [Archivo no firmado] Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Task: {7EACF1C7-001B-4EB6-9A01-CBF20E5ABEB1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE} Task: {8990FC66-F77E-4333-8F85-2E91BF3A8C49} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Matías\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-06-02] (ESET, spol. s r.o. -> ESET) Task: {8A942B11-1756-43F0-9A14-01F2AD7A41CF} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {A278D66D-2966-4299-8341-D1E12288DE03} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.3-0\MpCmdRun.exe [644872 2021-05-29] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {AD9A9430-3DDC-4447-B88A-7847E9BA9F77} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA} Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {D4FDE14D-C402-4A8F-95C2-796398E1E144} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28880512 2021-06-16] (Piriform Software Ltd -> Piriform Software Ltd) Task: {E229760A-8C68-448A-91EA-1EBA75B7B16C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.3-0\MpCmdRun.exe [644872 2021-05-29] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E58FECA7-148C-477B-849A-CFCE0022E815} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {E5DC9372-FA28-4802-B64C-ECD5E8AF4D80} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.3-0\MpCmdRun.exe [644872 2021-05-29] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {EDD283B5-821E-45C0-AEA7-32826C7C072F} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Matías\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-06-02] (ESET, spol. s r.o. -> ESET) Task: {F2DB3082-968D-41CC-ACA0-6F22FE52646B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) (Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (Lista blanca) ==================== (Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{20dc7d9b-ebe3-4501-be35-8fb7cc53c700}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{d31edcb6-bbde-4efd-9f38-5b4463f52c93}: [DhcpNameServer] 192.168.0.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Matías\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-22] Edge StartupUrls: Default -> "hxxp://www.google.com/" Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Matías\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-06-02] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: u8miog1f.default-1437526231420 FF ProfilePath: C:\Users\Matías\AppData\Roaming\Mozilla\Firefox\Profiles\u8miog1f.default-1437526231420 [2021-07-05] FF Homepage: Mozilla\Firefox\Profiles\u8miog1f.default-1437526231420 -> hxxps://www.google.com FF Extension: (Malwarebytes Browser Guard) - C:\Users\Matías\AppData\Roaming\Mozilla\Firefox\Profiles\u8miog1f.default-1437526231420\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-06-05] FF HKU\S-1-5-21-824706290-3614823676-1698890305-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Extension: (McAfee Security Scan Plus) - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] [Heredado] [no firmado] FF HKU\S-1-5-21-824706290-3614823676-1698890305-1005\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] (Adobe Systems Incorporated -> ) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] (Adobe Systems Incorporated -> ) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-12] (VideoLAN) [Archivo no firmado] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default [2021-07-05] CHR Notifications: Default -> hxxps://forospyware.com; hxxps://web.movistar.com.ar CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Extension: (Sudoku) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\agdhembpgcpfegeigidembjopfhghnpj [2015-03-15] CHR Extension: (Documentos) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13] CHR Extension: (Google Drive) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-19] CHR Extension: (YouTube) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (Búsqueda de Google) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26] CHR Extension: (Adobe Acrobat) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-06] CHR Extension: (VT4Browsers) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\efbjojhplkelaegfbieplglfidafgoka [2021-06-11] CHR Extension: (Documentos de Google sin conexión) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-30] CHR Extension: (DarkOrbit) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\igfellpkdddmaldkbohekiikcmadbdnj [2017-03-06] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-06-30] CHR Extension: (Hangouts de Google) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2019-05-23] CHR Extension: (Into The Mist) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh [2018-08-15] CHR Extension: (WGT Golf Game) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpedbpkelbhcbkdaglillalioeeekbpb [2014-04-05] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30] CHR Extension: (Bola 9) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\oafdgpdaojfjhcolidaakebmnbibdbpb [2016-12-21] CHR Extension: (Gmail) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-25] CHR Extension: (Chrome Media Router) - C:\Users\Matías\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-02] CHR HKU\S-1-5-21-824706290-3614823676-1698890305-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Servicios (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1874272 2021-04-13] (GOG Sp. z o.o. -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6840672 2021-04-13] (GOG Sp. z o.o. -> GOG.com) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-05-31] (Malwarebytes Inc -> Malwarebytes) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc. -> McAfee, Inc.) R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Archivo no firmado] S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2556048 2021-06-22] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3474584 2021-06-22] (Electronic Arts, Inc. -> Electronic Arts) R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Archivo no firmado] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13103632 2020-09-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 wuauserv; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATENCIÓN (no ServiceDLL) S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATENCIÓN (no ServiceDLL) ===================== Controladores (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2020-02-24] (Microsoft Corporation) [Archivo no firmado] R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-06-23] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-05-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-23] (Malwarebytes Inc -> Malwarebytes) S3 Secdrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [14368 1999-10-01] () [Archivo no firmado] S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr)) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-05-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76024 2021-05-29] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) ==================== Un mes (creado) (Lista blanca) ========= (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2021-07-05 22:36 - 2021-07-05 22:37 - 000021927 _____ C:\Users\Matías\Desktop\FRST.txt 2021-07-05 01:05 - 2021-07-05 01:05 - 000000000 ____D C:\Users\Matías\Desktop\FRST-OlderVersion 2021-06-24 18:18 - 2021-06-24 18:18 - 000126486 _____ C:\Users\Matías\Desktop\BBowl - Análisis.xlsx 2021-06-24 18:07 - 2021-07-05 01:05 - 002301440 _____ (Farbar) C:\Users\Matías\Desktop\FRST64.exe 2021-06-24 01:50 - 2021-06-24 01:50 - 000003862 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn 2021-06-23 15:06 - 2021-06-23 15:15 - 000168820 _____ C:\WINDOWS\ntbtlog.txt 2021-06-23 15:06 - 2021-06-23 15:06 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-06-23 15:06 - 2021-06-23 15:06 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2021-06-23 10:34 - 2021-06-23 15:17 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-06-22 19:05 - 2021-06-22 19:05 - 000000165 _____ C:\Users\Matías\Desktop\EnanosCaos.url 2021-06-19 09:47 - 2021-07-05 22:30 - 000000000 ____D C:\Users\Matías\Desktop\VIRUSES 2021-06-13 20:58 - 2021-07-05 18:16 - 000341854 _____ C:\Users\Matías\Desktop\Aquaria_Manual.xlsx 2021-06-10 17:01 - 2021-06-10 17:01 - 000030168 _____ C:\Users\Matías\Desktop\Prueba Guada.xlsx 2021-06-09 13:00 - 2021-06-09 13:00 - 000026602 _____ C:\Users\Matías\Downloads\TransferenciaTercero-18046386_09-06-2021.pdf 2021-06-07 20:00 - 2021-07-05 01:02 - 000000254 _____ C:\DelFix.txt 2021-06-07 20:00 - 2021-06-07 20:00 - 000000000 ____D C:\WINDOWS\ERUNT 2021-06-05 11:36 - 2021-06-22 19:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2021-06-05 11:36 - 2021-06-05 11:36 - 000000000 ____D C:\Program Files\VS Revo Group 2021-06-05 11:31 - 2021-06-05 11:31 - 007495512 _____ (VS Revo Group ) C:\Users\Matías\Downloads\revosetup.exe 2021-06-05 01:35 - 2021-07-05 22:37 - 000000000 ____D C:\FRST ==================== Un mes (modificado) ================== (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2021-07-05 22:28 - 2017-11-28 20:23 - 000000000 ____D C:\Users\Matías\AppData\Roaming\WhatsApp 2021-07-05 22:27 - 2020-02-24 16:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-07-05 18:26 - 2021-05-30 16:08 - 000000000 ____D C:\Users\Matías\Documents\BloodBowl2 2021-07-05 18:24 - 2020-04-06 15:58 - 000002378 ____H C:\Users\Matías\Documents\Default.rdp 2021-07-05 18:24 - 2019-01-23 20:52 - 000000000 ____D C:\Users\Matías\AppData\Local\D3DSCache 2021-07-05 17:09 - 2021-05-31 20:43 - 000000000 ____D C:\Program Files\CCleaner 2021-07-05 15:39 - 2021-05-31 20:36 - 000000179 _____ C:\Users\Matías\Desktop\DobleTilde.url 2021-07-05 15:21 - 2020-11-17 19:56 - 000000000 ___RD C:\Users\Matías\Google Drive 2021-07-05 15:20 - 2017-09-17 13:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google 2021-07-05 15:20 - 2014-03-30 17:21 - 000002080 _____ C:\Users\Public\Desktop\Google Slides.lnk 2021-07-05 15:20 - 2014-03-30 17:21 - 000002080 _____ C:\ProgramData\Desktop\Google Slides.lnk 2021-07-05 15:20 - 2014-03-30 17:21 - 000002078 _____ C:\Users\Public\Desktop\Google Sheets.lnk 2021-07-05 15:20 - 2014-03-30 17:21 - 000002078 _____ C:\ProgramData\Desktop\Google Sheets.lnk 2021-07-05 15:20 - 2014-03-30 17:21 - 000002068 _____ C:\Users\Public\Desktop\Google Docs.lnk 2021-07-05 15:20 - 2014-03-30 17:21 - 000002068 _____ C:\ProgramData\Desktop\Google Docs.lnk 2021-07-05 11:43 - 2017-11-26 14:41 - 000001514 _____ C:\Users\Matías\Desktop\RECORDAR.txt 2021-07-05 02:07 - 2019-03-19 01:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-07-05 01:22 - 2014-12-31 09:29 - 000000000 ___RD C:\Users\Matías\OneDrive 2021-07-05 01:21 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-07-05 01:10 - 2020-02-24 16:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-07-05 01:10 - 2015-04-08 21:38 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2021-07-05 01:09 - 2019-03-19 01:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-07-03 15:06 - 2020-06-04 11:37 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-07-03 15:06 - 2020-06-04 11:37 - 000002285 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-07-03 15:06 - 2020-06-04 11:37 - 000002285 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk 2021-07-01 23:00 - 2020-06-04 11:37 - 000003652 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-07-01 23:00 - 2020-06-04 11:37 - 000003528 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-06-30 19:49 - 2020-02-24 16:57 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-824706290-3614823676-1698890305-1001 2021-06-30 19:49 - 2020-02-24 16:31 - 000002453 _____ C:\Users\Matías\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-06-29 14:19 - 2014-10-08 22:04 - 000000000 ____D C:\Program Files (x86)\Origin 2021-06-29 03:53 - 2020-04-03 16:53 - 000000000 ____D C:\Users\Matías\AppData\Local\WhatsApp 2021-06-29 03:52 - 2017-11-28 20:22 - 000000000 ____D C:\Users\Matías\AppData\Local\SquirrelTemp 2021-06-28 19:20 - 2021-06-02 20:05 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-06-28 19:20 - 2021-06-02 20:05 - 000002211 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2021-06-28 19:20 - 2021-06-02 20:05 - 000002211 _____ C:\ProgramData\Desktop\Google Chrome.lnk 2021-06-24 01:50 - 2021-06-02 23:51 - 000003420 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime 2021-06-24 01:50 - 2021-06-02 20:15 - 000001432 _____ C:\Users\Matías\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2021-06-22 20:15 - 2018-07-14 04:11 - 000000000 ____D C:\Users\Matías\AppData\Local\ModelResult 2021-06-22 20:15 - 2014-12-10 22:34 - 000000000 ____D C:\Program Files (x86)\FileZilla FTP Client 2021-06-22 20:09 - 2021-06-01 10:17 - 000000000 ____D C:\Users\Matías\AppData\Local\CrashDumps 2021-06-22 20:09 - 2021-05-30 16:14 - 000000000 ____D C:\Program Files (x86)\Steam 2021-06-22 20:09 - 2020-02-20 21:12 - 000000000 ___DC C:\WINDOWS\Panther 2021-06-22 20:09 - 2014-06-13 17:02 - 000000000 ____D C:\Users\Guada\Desktop\Celular viejo 2021-06-22 19:09 - 2017-12-08 04:22 - 000000000 ____D C:\Users\Matías\AppData\Local\Packages 2021-06-18 05:09 - 2021-05-31 20:44 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-06-16 14:12 - 2021-05-30 22:08 - 000000159 _____ C:\Users\Matías\Desktop\Guia BloodBowl.url 2021-06-11 17:27 - 2020-02-24 16:31 - 000000000 ____D C:\Users\Matías 2021-06-11 17:03 - 2021-04-14 14:58 - 000332539 _____ C:\Users\Matías\Desktop\Aquaria.xlsm 2021-06-11 16:55 - 2020-09-20 21:19 - 000026091 _____ C:\Users\Matías\Downloads\home.zip 2021-06-08 17:14 - 2015-11-20 20:31 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-06-07 20:16 - 2016-02-20 22:24 - 000000000 ____D C:\Users\Matías\AppData\LocalLow\Temp 2021-06-07 19:50 - 2017-11-28 20:35 - 000000000 ____D C:\Users\Matías\AppData\LocalLow\Mozilla 2021-06-07 15:46 - 2018-05-20 16:33 - 000000000 ____D C:\Users\Matías\AppData\Local\Microsoft Help ==================== Archivos en la raíz de algunos directorios ======== 2021-05-30 15:14 - 2021-05-30 15:14 - 000000559 _____ () C:\Users\Matías\AppData\Local\bowsakkdestx.txt ==================== SigCheck ============================ (No existe una corrección automática para los archivos que no pasan la verificación.) ==================== Final de FRST.txt ========================