Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x86) Versión: 18-01-2020 Ejecutado por Gemma (administrador) sobre GEMMA-PC (18-01-2020 20:43:37) Ejecutado desde C:\Users\Gemma\Downloads Perfiles cargados: Gemma (Perfiles disponibles: Gemma) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Idioma: Español (España, internacional) Internet Explorer Versión 11 (Navegador predeterminado: Chrome) Modo de Inicio: Normal Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesos (Lista blanca) ================= (Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.) (Adobe Inc. -> Adobe Systems) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Windows Hardware Compatibility Publisher -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Numedia Soft, Inc. -> ) C:\Windows\System32\NMSAccess32.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe ==================== Registro (Lista blanca) =================== (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [232840 2020-01-18] (AVAST Software s.r.o. -> AVAST Software) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle America, Inc. -> Oracle Corporation) HKLM\...\Run: [EPSON Stylus DX3800 Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE [98304 2005-02-08] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN HKU\S-1-5-21-2437963843-751922916-2467892421-1000\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [44016 2019-11-25] (Glarysoft LTD -> Glarysoft Ltd) HKU\S-1-5-21-2437963843-751922916-2467892421-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7173848 2016-12-21] (Piriform Ltd -> Piriform Ltd) HKU\S-1-5-21-2437963843-751922916-2467892421-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-2437963843-751922916-2467892421-1000\...\MountPoints2: {5d8926cc-4772-11e5-90d9-0019667a7759} - F:\LGAutoRun.exe HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-18] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.) BootExecute: autocheck autochk * FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN ==================== Tareas programadas (Lista blanca) ============ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) Task: {1DAC69D1-F474-41F8-A9D6-88A179A82C3F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3250056 2020-01-18] (AVAST Software s.r.o. -> AVAST Software) Task: {2CB60693-3FC7-42FC-B823-DA2DAA2E3120} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [7173848 2016-12-21] (Piriform Ltd -> Piriform Ltd) Task: {333AEFDD-30A4-48C0-8592-410E1A2F1FE3} - System32\Tasks\{486DCFB3-F136-41A4-ABB9-D90BB18341A2} => C:\Program Files\Ares\Ares.exe Task: {50108A32-4137-483C-BD4B-7D88E7200D99} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.) Task: {596EA546-5A3F-4B70-9142-F2B2DFC2E0EC} - System32\Tasks\{554A27C2-3935-4E3E-8917-0772A509F1E7} => C:\Program Files\Ares\Ares.exe Task: {5B54C7AB-AE1F-476F-A9A0-3B75ECD3A885} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1542536 2020-01-18] (AVAST Software s.r.o. -> AVAST Software) Task: {9A27AD13-D343-43D4-BB72-DBD7C40A3438} - System32\Tasks\avastBCLRestartS-1-5-21-2437963843-751922916-2467892421-1000 => C:\Program Files\Mozilla Firefox\firefox.exe Task: {9E951490-BA4B-49C9-B690-9CC5B390B606} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-06-17] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {A4999F2A-8137-44CB-8E96-211B47D7600E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.) Task: {BD453C7B-1B5B-4785-AD14-BA4E4A1053A2} - System32\Tasks\GoogleUpdateTaskMachineCore1d5cdae344b5ffa => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.) Task: {CC6B684F-BB14-4A10-A1C6-13388CFEF41A} - \GlaryInitialize -> Ningún archivo <==== ATENCIÓN Task: {D77628F4-6F6D-4945-A422-ED8A091CBEA6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems) Task: {E7BDA82C-14C4-4ED7-851B-705AA0E186BC} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [3732480 2015-01-11] () [Archivo no firmado] Task: {E7EFE31C-9ADC-48ED-A624-5939EB7CEA63} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe Task: {F5BF6FDB-3E6D-445D-9A34-A681DFF55438} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} C:\Program Files\Windows Live\SOXE\wlsoxe.dll [192704 2014-03-31] (Microsoft Corporation -> Microsoft Corporation) (Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.) Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files\Glary Utilities 5\Initialize.exe ==================== Internet (Lista blanca) ==================== (Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.) Winsock: Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254 Tcpip\..\Interfaces\{DA482F9E-A7EF-4E08-80A8-C12AC8026378}: [DhcpNameServer] 80.58.61.250 80.58.61.254 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-2437963843-751922916-2467892421-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2437963843-751922916-2467892421-1000 -> DefaultScope {4EC3AE75-BC5B-471A-A7CC-4D2085BDA9F0} URL = BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-11-07] (Oracle America, Inc. -> Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-07] (Oracle America, Inc. -> Oracle Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF DefaultProfile: 33dt6uio.default-1579307283874 FF ProfilePath: C:\Users\Gemma\AppData\Roaming\Mozilla\Firefox\Profiles\33dt6uio.default-1579307283874 [2020-01-18] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-17] (Adobe Systems Incorporated -> ) FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-07] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-07] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2020-01-18] (Google LLC -> Google LLC) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2020-01-18] (Google LLC -> Google LLC) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Profile 1 CHR HomePage: Profile 1 -> hxxp://www.google.com/ CHR Profile: C:\Users\Gemma\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-01-18] CHR Extension: (Presentaciones) - C:\Users\Gemma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-01-18] CHR Extension: (Documentos) - C:\Users\Gemma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-01-18] CHR Extension: (Google Drive) - C:\Users\Gemma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-08] CHR Extension: (YouTube) - C:\Users\Gemma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-08] CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Gemma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-01-18] CHR Extension: (Hojas de cálculo) - C:\Users\Gemma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-01-18] CHR Extension: (Documentos de Google sin conexión) - C:\Users\Gemma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-18] CHR Extension: (Avast Online Security) - C:\Users\Gemma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-01-18] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Gemma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2020-01-18] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Gemma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-18] CHR Extension: (Gmail) - C:\Users\Gemma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-01-18] CHR Extension: (Chrome Media Router) - C:\Users\Gemma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-01-18] CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] ==================== Servicios (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [88136 2019-09-10] (Adobe Inc. -> Adobe Systems) S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5106064 2020-01-18] (AVAST Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [859096 2020-01-18] (AVAST Software s.r.o. -> AVAST Software) R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [35432 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Dropbox, Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [5570712 2020-01-18] (Malwarebytes Inc -> Malwarebytes) R2 NMSAccess32; C:\Windows\system32\NMSAccess32.exe [71096 2009-01-12] (Numedia Soft, Inc. -> ) R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation) S3 WiseBootAssistant; C:\Program Files\Wise\Wise Care 365\BootTime.exe [646904 2016-10-13] (Lespeed Technology Ltd. -> WiseCleaner.com) [Archivo no firmado] R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [1713904 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) S3 WsAppService; C:\Program Files\Wondershare\WAF\WsAppService.exe [339968 2015-07-08] (Wondershare) [Archivo no firmado] S4 Hkhlp; C:\Program Files\Common Files\Apps\Hkhlp.dll [X] ===================== Controladores (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35512 2020-01-18] (AVAST Software s.r.o. -> AVAST Software) R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [174712 2020-01-18] (AVAST Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [224008 2020-01-18] (AVAST Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [169408 2020-01-18] (AVAST Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [59368 2020-01-18] (AVAST Software s.r.o. -> AVAST Software) R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [211088 2020-01-18] (AVAST Software s.r.o. -> AVAST Software) R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41200 2020-01-18] (AVAST Software s.r.o. -> AVAST Software) R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [145048 2020-01-18] (AVAST Software s.r.o. -> AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [95168 2020-01-18] (AVAST Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [73312 2020-01-18] (AVAST Software s.r.o. -> AVAST Software) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [691528 2020-01-18] (AVAST Software s.r.o. -> AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [394856 2020-01-18] (AVAST Software s.r.o. -> AVAST Software) S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [176760 2020-01-18] (AVAST Software s.r.o. -> AVAST Software) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [277408 2020-01-18] (AVAST Software s.r.o. -> AVAST Software) S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [107648 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [129056 2020-01-18] (Malwarebytes Corporation -> Malwarebytes) R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [25864 2020-01-18] (Glarysoft LTD -> Glarysoft Ltd) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [183768 2020-01-18] (Malwarebytes Inc -> Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [190608 2020-01-18] (Malwarebytes Inc -> Malwarebytes) R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [64296 2020-01-18] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [213912 2020-01-18] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [79984 2020-01-18] (Malwarebytes Inc -> Malwarebytes) S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [146048 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2015-06-10] (Apple, Inc.) [Archivo no firmado] S3 WiseHDInfo; C:\Windows\WiseHDInfo32.dll [13264 2020-01-18] (Lespeed Technology Ltd. -> wisecleaner.com) [Archivo no firmado] S3 WiseRegNotify; C:\Windows\WiseRegNotify.sys [23984 2017-01-06] (Lespeed Technology Ltd. -> WiseCleaner.com) [Archivo no firmado] S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X] S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X] S3 dbx; system32\DRIVERS\dbx.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) ==================== Un mes (creado) =================== (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2020-01-18 20:37 - 2020-01-18 20:43 - 000001367 _____ C:\Users\Gemma\Desktop\FRST - Acceso directo (2).lnk 2020-01-18 20:37 - 2020-01-18 20:40 - 000031485 _____ C:\Users\Gemma\Downloads\Addition.txt 2020-01-18 20:33 - 2020-01-18 20:46 - 000020263 _____ C:\Users\Gemma\Downloads\FRST.txt 2020-01-18 20:32 - 2020-01-18 20:45 - 000000000 ____D C:\FRST 2020-01-18 20:29 - 2020-01-18 20:31 - 002303488 _____ (Farbar) C:\Users\Gemma\Downloads\FRST.exe 2020-01-18 18:46 - 2020-01-18 18:46 - 000000000 ____D C:\Users\Gemma\AppData\Roaming\Google 2020-01-18 18:41 - 2020-01-18 18:41 - 000001642 _____ C:\Users\Gemma\Desktop\cc_20200118_184053.reg 2020-01-18 18:40 - 2020-01-18 20:24 - 000003758 _____ C:\Windows\system32\Tasks\AutoKMS 2020-01-18 11:35 - 2020-01-18 11:35 - 000003396 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore1d5cdae344b5ffa 2020-01-18 11:25 - 2020-01-18 11:25 - 000000282 __RSH C:\ProgramData\ntuser.pol 2020-01-18 11:24 - 2020-01-18 20:20 - 000213912 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2020-01-18 11:22 - 2020-01-18 11:22 - 000134491 _____ C:\Users\Gemma\Desktop\18012020.txt 2020-01-18 04:28 - 2020-01-18 04:28 - 000000000 ___HD C:\Users\Gemma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled 2020-01-18 04:19 - 2020-01-18 04:19 - 000025864 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys 2020-01-18 04:19 - 2020-01-18 04:19 - 000001050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk 2020-01-18 04:19 - 2020-01-18 04:19 - 000001038 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk 2020-01-18 04:19 - 2020-01-18 04:19 - 000001038 _____ C:\ProgramData\Desktop\Glary Utilities 5.lnk 2020-01-18 04:19 - 2020-01-18 04:19 - 000000336 _____ C:\Windows\Tasks\GlaryInitialize 5.job 2020-01-18 04:19 - 2020-01-18 04:19 - 000000000 ____D C:\Users\Gemma\AppData\Roaming\DiskDefrag 2020-01-18 04:19 - 2020-01-18 04:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5 2020-01-18 04:19 - 2020-01-18 04:19 - 000000000 ____D C:\ProgramData\GlarySoft 2020-01-18 04:18 - 2020-01-18 04:19 - 000000000 ____D C:\Program Files\Glary Utilities 5 2020-01-18 04:15 - 2020-01-18 04:18 - 017990744 _____ (Glarysoft Ltd) C:\Users\Gemma\Downloads\glary-utilities-5-1-132.exe 2020-01-18 04:10 - 2020-01-18 04:10 - 000070304 _____ C:\Users\Gemma\Documents\cc_20200118_041004.reg 2020-01-18 03:50 - 2020-01-18 20:23 - 000064296 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2020-01-18 03:50 - 2020-01-18 20:22 - 000079984 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2020-01-18 03:50 - 2020-01-18 03:50 - 000190608 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2020-01-18 03:49 - 2020-01-18 03:49 - 000183768 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2020-01-18 02:25 - 2020-01-18 02:25 - 000002790 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC 2020-01-18 02:25 - 2020-01-18 02:25 - 000000965 _____ C:\Users\Public\Desktop\CCleaner.lnk 2020-01-18 02:25 - 2020-01-18 02:25 - 000000965 _____ C:\ProgramData\Desktop\CCleaner.lnk 2020-01-18 02:25 - 2020-01-18 02:25 - 000000000 ____D C:\Program Files\CCleaner 2020-01-18 02:22 - 2020-01-18 02:23 - 006474104 _____ (Piriform Ltd) C:\Users\Gemma\Downloads\ccsetup526_slim.exe 2020-01-18 02:00 - 2020-01-18 03:16 - 000000000 ____D C:\Users\Gemma\AppData\Roaming\ZHP 2020-01-18 02:00 - 2020-01-18 02:00 - 000000830 _____ C:\Users\Gemma\Desktop\ZHPCleaner.lnk 2020-01-18 02:00 - 2020-01-18 02:00 - 000000000 ____D C:\Users\Gemma\AppData\Local\ZHP 2020-01-18 01:59 - 2020-01-18 02:00 - 003329408 _____ (Nicolas Coolman) C:\Users\Gemma\Downloads\ZHPCleaner.exe 2020-01-18 01:52 - 2020-01-18 01:52 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2020-01-18 01:52 - 2020-01-18 01:52 - 000001948 _____ C:\ProgramData\Desktop\Malwarebytes.lnk 2020-01-18 01:52 - 2020-01-18 01:52 - 000000000 ____D C:\Users\Gemma\AppData\Local\mbamtray 2020-01-18 01:52 - 2020-01-18 01:52 - 000000000 ____D C:\Users\Gemma\AppData\Local\mbam 2020-01-18 01:52 - 2020-01-18 01:52 - 000000000 ____D C:\Users\Gemma\AppData\Local\cache 2020-01-18 01:52 - 2020-01-18 01:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2020-01-18 01:51 - 2020-01-18 01:51 - 000129056 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys 2020-01-18 01:36 - 2020-01-18 01:37 - 001883976 _____ (Malwarebytes) C:\Users\Gemma\Downloads\MBSetup.exe 2020-01-18 01:08 - 2020-01-18 01:08 - 000000000 ____D C:\Program Files\Malwarebytes 2020-01-18 00:41 - 2020-01-18 00:41 - 000013264 _____ (wisecleaner.com) C:\Windows\WiseHDInfo32.dll 2020-01-18 00:36 - 2020-01-18 00:36 - 000000000 ____D C:\Program Files\Common Files\AVAST Software 2020-01-18 00:36 - 2020-01-18 00:34 - 000305032 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2020-01-18 00:36 - 2020-01-18 00:34 - 000224008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys 2020-01-18 00:36 - 2020-01-18 00:34 - 000176760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2020-01-18 00:36 - 2020-01-18 00:34 - 000174712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys 2020-01-18 00:36 - 2020-01-18 00:34 - 000169408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys 2020-01-18 00:36 - 2020-01-18 00:34 - 000145048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2020-01-18 00:36 - 2020-01-18 00:34 - 000059368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys 2020-01-18 00:36 - 2020-01-18 00:34 - 000041200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2020-01-18 00:36 - 2020-01-18 00:34 - 000035512 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys ==================== Un mes (modificado) ================== (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2020-01-18 20:34 - 2009-07-14 05:34 - 000021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2020-01-18 20:34 - 2009-07-14 05:34 - 000021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2020-01-18 20:19 - 2017-03-18 05:28 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update 2020-01-18 20:19 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf 2020-01-18 20:17 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-01-18 18:40 - 2010-11-21 01:30 - 000747720 _____ C:\Windows\system32\perfh00A.dat 2020-01-18 18:40 - 2010-11-21 01:30 - 000159192 _____ C:\Windows\system32\perfc00A.dat 2020-01-18 18:40 - 2010-11-20 22:01 - 001678218 _____ C:\Windows\system32\PerfStringBackup.INI 2020-01-18 11:35 - 2015-06-16 18:08 - 000003524 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2020-01-18 11:09 - 2016-10-13 16:35 - 000000000 ____D C:\ProgramData\UvConverter 2020-01-18 04:32 - 2016-09-10 00:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Ares 2020-01-18 04:24 - 2009-07-14 05:52 - 000000000 ____D C:\Windows\Downloaded Program Files 2020-01-18 04:21 - 2015-06-16 18:08 - 000000000 ____D C:\Users\Gemma\AppData\Local\Google 2020-01-18 04:19 - 2015-01-11 17:14 - 000000000 ____D C:\Users\Gemma\AppData\Roaming\Glarysoft 2020-01-18 02:58 - 2015-01-11 16:21 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2020-01-18 02:57 - 2015-08-20 21:48 - 000004464 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2020-01-18 02:25 - 2015-01-10 23:32 - 000000000 ____D C:\Users\UpdatusUser 2020-01-18 01:51 - 2015-01-11 17:14 - 000000000 ____D C:\ProgramData\Malwarebytes 2020-01-18 01:33 - 2015-01-10 22:21 - 000000000 ____D C:\Users\Gemma\D 2020-01-18 01:29 - 2016-12-26 22:01 - 000000000 ____D C:\Users\Gemma\AppData\LocalLow\Mozilla 2020-01-18 01:29 - 2015-01-10 22:46 - 000000000 ____D C:\Users\Gemma\Desktop\My Shared Folder 2020-01-18 01:26 - 2017-01-06 13:10 - 000000000 ____D C:\Users\Gemma\AppData\Roaming\Wise Care 365 2020-01-18 00:38 - 2015-12-04 00:19 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software 2020-01-18 00:38 - 2015-01-11 18:56 - 000691528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2020-01-18 00:38 - 2015-01-11 18:56 - 000394856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2020-01-18 00:36 - 2015-01-11 18:52 - 000000000 ____D C:\ProgramData\AVAST Software 2020-01-18 00:35 - 2015-06-16 18:08 - 000003396 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2020-01-18 00:34 - 2017-07-01 06:39 - 000211088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys 2020-01-18 00:34 - 2015-01-11 18:56 - 000277408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2020-01-18 00:34 - 2015-01-11 18:56 - 000095168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2020-01-18 00:34 - 2015-01-11 18:56 - 000073312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2020-01-18 00:33 - 2015-06-16 18:07 - 000000000 ____D C:\Program Files\Google 2020-01-18 00:31 - 2015-01-11 16:47 - 000000000 ____D C:\ProgramData\eMule 2020-01-18 00:30 - 2015-01-10 23:31 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2020-01-18 00:27 - 2016-08-19 08:58 - 000000000 ____D C:\Program Files\Ares 2020-01-18 00:26 - 2015-01-11 15:07 - 000000000 ____D C:\ProgramData\Apple 2020-01-18 00:26 - 2015-01-11 15:07 - 000000000 ____D C:\Program Files\Common Files\Apple 2020-01-17 20:53 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\NDF ==================== Archivos en la raíz de algunos directorios ======== 2016-08-19 08:46 - 2016-08-19 08:46 - 000031974 _____ () C:\Users\Gemma\AppData\Roaming\ICSW_0V1L2Z2Z1T1I1L1T1V0BtJ1V0W1T1K1T1H1V1P2V2Z.txt 2016-09-10 03:54 - 2016-09-10 04:00 - 000007168 _____ () C:\Users\Gemma\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2017-07-01 03:50 - 2017-07-01 03:56 - 000000000 _____ () C:\Users\Gemma\AppData\Local\{4D6E7F0D-E37D-4D32-AD36-C841D55D98D6} 2015-11-15 20:51 - 2015-11-15 20:51 - 000000000 _____ () C:\Users\Gemma\AppData\Local\{DB09DFB0-2A85-4070-9FF5-5443ED4F2B80} ==================== SigCheck ============================ (No existe una corrección automática para los archivos que no pasan la verificación.) LastRegBack: 2020-01-18 19:47 ==================== Final de FRST.txt ========================