Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 20-11-2025
Ejecutado por dcdo2 (administrador) sobre MUSIC-HAL (Acer Aspire E1-572G) (14-01-2026 00:33:30)
Ejecutado desde C:\Users\dcdo2\Desktop\FRST64.exe
Perfiles cargados: dcdo2
Plataforma: Microsoft Windows 10 Home Versión 22H2 19045.6456 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Edge
Modo de Inicio: Safe Mode (minimal)

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MsMpEng.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2019-11-26] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [10968192 2024-03-08] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [474648 2015-08-28] (Acronis International GmbH -> Acronis)
HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [690784 2015-08-20] (Acronis International GMBH -> Acronis International GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7092552 2015-08-28] (Acronis International GmbH -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restricción <==== ATENCIÓN
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\118.0.1.0\GoogleDriveFS.exe [91713176 2026-01-13] (Google LLC -> Google LLC.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\118.0.1.0\GoogleDriveFS.exe [91713176 2026-01-13] (Google LLC -> Google LLC.)
HKU\S-1-5-21-392236893-3870752770-324554556-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\118.0.1.0\GoogleDriveFS.exe [91713176 2026-01-13] (Google LLC -> Google LLC.)
HKU\S-1-5-21-392236893-3870752770-324554556-1001\...\Run: [MicrosoftEdgeAutoLaunch_A93BD39354B69CE103B395DF0A6984D7] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4228176 2026-01-08] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\118.0.1.0\GoogleDriveFS.exe [91713176 2026-01-13] (Google LLC -> Google LLC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\135.0.7049.42\Installer\chrmstp.exe [2025-04-04] (Google LLC -> Google LLC)

==================== Tareas programadas (Lista blanca) =================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {0061581A-1CF6-40BB-BD47-A3A56EC8D6EC} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem144.0.7547.0{F898D5D2-530A-41E7-B2B9-E9058ECE2A3E} => C:\Program Files (x86)\Google\GoogleUpdater\144.0.7547.0\updater.exe [7056536 2025-11-26] (Google LLC -> Google LLC)
Task: {87B9C90E-47CD-4F9F-B458-7CE56B7B2FA8} - System32\Tasks\Microsoft\Windows\AppListBackup\BRCInitor => C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe [58864 2022-06-25] (Microsoft Corporation -> Microsoft Corporation) -> C:\Users\dcdo2\AppData\Local\LineStore\OnesScrolc\/unregister C:\Users\dcdo2\AppData\Local\LineStore\OnesScrolc\SODMManCRunt275.dll <==== ATENCIÓN
Task: {1E2F8D48-8CD1-454D-B6E2-2B2C5E4A86C7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\System32\MRT.exe [218369424 2026-01-13] (Microsoft Windows -> Microsoft Corporation) -> C:\WINDOWS\system32\/EHB /HeartbeatFailure "SubmitHeartbeatReportData" /HeartbeatError "0x80072ee2"
Task: {F0F86E7B-5522-4877-81B7-A410A1273EDD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpCmdRun.exe [1803016 2026-01-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {43973928-F1EE-4EFC-AD86-653A461DFD3C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpCmdRun.exe [1803016 2026-01-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {31C85869-F20B-4957-BE29-F091AD2AFE51} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpCmdRun.exe [1803016 2026-01-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DFA1D42E-B0FC-47D5-813C-D367A2441484} - System32\Tasks\MiniToolPartitionWizard => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Hosts: 127.0.0.1 activation.acronis.com 
Tcpip\Parameters: [DhcpNameServer] 10.224.189.90
Tcpip\..\Interfaces\{1fad12a7-7876-4064-a06b-33394c38c8f2}: [DhcpNameServer] 10.224.189.90
Tcpip\..\Interfaces\{1fad12a7-7876-4064-a06b-33394c38c8f2}\84F4E4F425028583025374: [DhcpNameServer] 192.168.241.95

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\dcdo2\AppData\Local\Microsoft\Edge\User Data\Default [2026-01-13]
Edge Notifications: Default -> hxxps://www.bandlab.com
Edge HomePage: Default -> hxxp://www.google.es/
Edge StartupUrls: Default -> "hxxps://www.google.es/","hxxp://istart.webssearches.com/?type=hp&ts=1406144824&from=bro&uid=TOSHIBAXMQ01ABD100_83PJSXOOSXX83PJSXOOS","hxxps://es.yahoo.com/?fr=hp-avast&type=avastbcl"
Edge Session Restore: Default -> está habilitado.
Edge Extension: (Documentos de Google sin conexión) - C:\Users\dcdo2\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-11-14]
Edge Extension: (Edge relevant text changes) - C:\Users\dcdo2\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-03-21]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

Chrome: 
=======
CHR Profile: C:\Users\dcdo2\AppData\Local\Google\Chrome\User Data\Default [2025-09-10]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\dcdo2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-09-10]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\dcdo2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-04-04]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKU\S-1-5-21-392236893-3870752770-324554556-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1107312 2015-08-28] (Acronis International GmbH -> Acronis)
S2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [4463960 2024-03-25] (Acronis International GmbH -> Acronis)
S2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [13237648 2024-03-08] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd)
S2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpDefenderCoreService.exe [2063376 2026-01-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis International GmbH -> Acronis)
S2 NTKDaemonService; C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe [17806168 2025-01-21] (Native Instruments GmbH -> Native Instruments GmbH)
S2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7638624 2015-07-13] (Acronis International GmbH -> Acronis)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\NisSrv.exe [4426832 2026-01-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MsMpEng.exe [290704 2026-01-13] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [323040 2024-03-25] (Acronis International GmbH -> Acronis International GmbH)
R0 fltsrv; C:\WINDOWS\System32\DRIVERS\fltsrv.sys [160736 2024-03-25] (Acronis International GmbH -> Acronis International GmbH)
S2 googledrivefs31931; C:\Program Files\Google\Drive File Stream\Drivers\31931\googledrivefs31931.sys [386256 2025-09-10] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [333192 2026-01-13] (Microsoft Windows -> Microsoft Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2021-03-26] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2021-03-26] (MiniTool Solution Ltd -> )
S3 rdavcom; C:\WINDOWS\System32\drivers\rdavcom.sys [45808 2020-01-07] (Beijing Unisoc Technologies Co., Ltd. -> SPRD Device)
S3 RDID1071; C:\WINDOWS\system32\Drivers\RDWM1071.SYS [213248 2015-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Roland Corporation)
S3 RDID1118; C:\WINDOWS\system32\Drivers\RDWM1118.SYS [111264 2021-02-21] (WDKTestCert build,132533337665349606 -> Roland Corporation)
S3 Ser2pl; C:\WINDOWS\System32\drivers\ser2pl64.sys [167936 2013-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.)
S3 sprdvcom; C:\WINDOWS\System32\drivers\sprdvcom.sys [45800 2020-01-07] (Beijing Unisoc Technologies Co., Ltd. -> SPRD Device)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [76832 2022-09-30] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1057728 2024-03-25] (Acronis International GmbH -> Acronis International GmbH)
S2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [206800 2024-03-25] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [567888 2024-03-25] (Acronis International GmbH -> Acronis International GmbH)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [21928 2026-01-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [635272 2026-01-13] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [102792 2026-01-13] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2026-01-14 00:33 - 2026-01-14 00:34 - 000013063 _____ C:\Users\dcdo2\Desktop\FRST.txt
2026-01-14 00:32 - 2026-01-14 00:33 - 000000000 ____D C:\FRST
2026-01-14 00:28 - 2026-01-14 00:28 - 000000000 ___HD C:\Users\dcdo2\Desktop\.tmp.driveupload
2026-01-14 00:27 - 2026-01-14 00:28 - 002444288 _____ (Farbar) C:\Users\dcdo2\Desktop\FRST64.exe
2026-01-13 19:08 - 2026-01-13 23:42 - 000000000 ___RD C:\Users\dcdo2\Desktop\Para llevarme a PC

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2026-01-14 00:32 - 2025-01-21 11:23 - 000714376 _____ C:\WINDOWS\ntbtlog.txt
2026-01-14 00:31 - 2025-01-21 11:23 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2026-01-14 00:31 - 2024-03-20 23:27 - 000008192 ___SH C:\DumpStack.log.tmp
2026-01-14 00:31 - 2024-03-20 23:12 - 000000000 ____D C:\WINDOWS\ServiceState
2026-01-14 00:31 - 2024-03-20 23:11 - 000000000 ____D C:\WINDOWS\INF
2026-01-14 00:30 - 2024-03-20 23:06 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2026-01-14 00:29 - 2024-03-20 23:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2026-01-14 00:29 - 2024-03-20 23:12 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2026-01-14 00:07 - 2024-03-20 23:12 - 000000000 ____D C:\WINDOWS\SystemTemp
2026-01-14 00:06 - 2024-03-20 23:37 - 001772866 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2026-01-14 00:06 - 2024-03-20 23:14 - 000789640 _____ C:\WINDOWS\system32\perfh00A.dat
2026-01-14 00:06 - 2024-03-20 23:14 - 000155992 _____ C:\WINDOWS\system32\perfc00A.dat
2026-01-14 00:04 - 2024-03-21 21:57 - 000000000 ____D C:\ProgramData\boost_interprocess
2026-01-14 00:02 - 2024-03-20 23:52 - 000000000 __SHD C:\Users\dcdo2\IntelGraphicsProfiles
2026-01-14 00:02 - 2024-03-20 23:27 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2026-01-13 23:47 - 2024-03-21 00:47 - 000000000 ____D C:\WINDOWS\system32\MRT
2026-01-13 23:43 - 2024-03-20 23:12 - 000000000 ___HD C:\Program Files\WindowsApps
2026-01-13 23:43 - 2024-03-20 23:12 - 000000000 ____D C:\WINDOWS\AppReadiness
2026-01-13 23:42 - 2024-03-21 00:47 - 218369424 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2026-01-13 23:42 - 2024-03-20 23:46 - 000000000 ___SD C:\Users\dcdo2\AppData\Roaming\Microsoft\Credentials
2026-01-13 23:42 - 2024-03-20 23:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2026-01-13 19:36 - 2024-03-21 00:10 - 000000000 ____D C:\Users\dcdo2\AppData\Roaming\Microsoft\MMC
2026-01-13 19:29 - 2025-01-17 15:05 - 000002183 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2026-01-13 19:29 - 2025-01-17 15:05 - 000002054 _____ C:\Users\dcdo2\Desktop\Google Drive.lnk
2026-01-13 19:28 - 2024-03-20 23:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2026-01-13 19:16 - 2025-01-17 13:31 - 000000000 ____D C:\WINDOWS\system32\compatrel
2026-01-13 19:16 - 2024-03-20 23:27 - 000269480 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2026-01-13 19:16 - 2024-03-20 23:12 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2026-01-13 19:16 - 2024-03-20 23:12 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2026-01-13 19:16 - 2024-03-20 23:12 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2026-01-13 19:16 - 2024-03-20 23:12 - 000000000 ____D C:\WINDOWS\SystemResources
2026-01-13 19:16 - 2024-03-20 23:12 - 000000000 ____D C:\WINDOWS\system32\setup
2026-01-13 19:16 - 2024-03-20 23:12 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2026-01-13 19:16 - 2024-03-20 23:12 - 000000000 ____D C:\WINDOWS\system32\oobe
2026-01-13 19:16 - 2024-03-20 23:12 - 000000000 ____D C:\WINDOWS\system32\Dism
2026-01-13 19:16 - 2024-03-20 23:12 - 000000000 ____D C:\WINDOWS\Provisioning
2026-01-13 19:16 - 2024-03-20 23:12 - 000000000 ____D C:\WINDOWS\bcastdvr
2026-01-13 19:07 - 2025-01-17 15:54 - 000000000 ___RD C:\Users\dcdo2\Desktop\Partituras y acordes de mis canciones
2026-01-13 19:07 - 2024-03-20 23:27 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2026-01-13 18:58 - 2024-03-20 23:27 - 000003706 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2026-01-13 18:58 - 2024-03-20 23:27 - 000003580 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Archivos en la raíz de algunos directorios ========

2025-02-06 10:31 - 2025-02-06 10:33 - 000005120 _____ () C:\Users\dcdo2\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2024-03-23 12:04 - 2024-03-23 12:04 - 000000017 _____ () C:\Users\dcdo2\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================