Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 01-09-2021 Ejecutado por josel (administrador) sobre DESKTOP-DNR3059 (ASUSTeK COMPUTER INC. X541UJ) (01-09-2021 22:34:28) Ejecutado desde C:\Users\josel\OneDrive\Escritorio Perfiles cargados: josel Platform: Windows 10 Pro Versión 21H1 19043.1165 (X64) Idioma: Español (España, internacional) Navegador predeterminado: Chrome Modo de Inicio: Normal ==================== Procesos (Lista blanca) ================= (Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.) (Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe (Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe (ADLICE (ASCOET JULIEN) -> ) C:\Program Files\RogueKiller\RogueKiller64.exe (ADLICE (ASCOET JULIEN) -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe (Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (DESlock Limited -> DESlock Limited.) C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe (Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\GUBootService.exe (ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_778512ee63a728ec\RstMwService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHDCPSvc.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHeciSvc.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2> (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Nero 2020\Nero BackItUp\NBService.exe (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe ==================== Registro (Lista blanca) =================== (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1767944 2016-06-14] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Archivo no firmado] HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [165928 2021-08-27] (ESET, spol. s r.o. -> ESET) HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [827200 2021-02-12] (Acronis International GmbH -> Acronis International GmbH) HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5092056 2021-02-12] (Acronis International GmbH -> ) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5314096 2020-02-05] (Adobe Inc. -> Adobe Systems Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [441448 2019-11-18] (Acronis International GmbH -> Acronis International GmbH) HKLM-x32\...\Run: [Nero BackItUp] => C:\Program Files (x86)\Nero\Nero 2020\Nero BackItUp\BackItUp.exe [1160928 2021-06-04] (Nero AG -> Nero AG) HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44360 2021-05-15] (Glarysoft LTD -> Glarysoft Ltd) HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [34612864 2021-06-07] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\Policies\Explorer: [HideSCAMeetNow] 1 HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {222d076e-9649-11eb-a2b3-6045cb2e6043} - "V:\autorun.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {222d083c-9649-11eb-a2b3-6045cb2e6043} - "V:\autorun.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {222d0c13-9649-11eb-a2b3-6045cb2e6043} - "V:\autorun.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {222d0cdc-9649-11eb-a2b3-6045cb2e6043} - "V:\autorun.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {222d0cf3-9649-11eb-a2b3-6045cb2e6043} - "V:\autorun.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {222d0e95-9649-11eb-a2b3-6045cb2e6043} - "V:\autorun.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {3236e866-9594-11eb-a2b0-5800e333c9cb} - "V:\setup.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {3236e8ee-9594-11eb-a2b0-5800e333c9cb} - "V:\setup.EXE" /AUTORUN HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {3236f03e-9594-11eb-a2b0-5800e333c9cb} - "V:\setup.EXE" /AUTORUN HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {5f40d557-96d9-11eb-a2b5-5a00e333c9cb} - "V:\setup.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {6b7a42b5-a2ce-11eb-a2f8-6045cb2e6043} - "V:\setup.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {6b7a4478-a2ce-11eb-a2f8-6045cb2e6043} - "V:\setup.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {6b7a6ad4-9643-11eb-a2b2-6045cb2e6043} - "V:\autorun.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {6b7a6b7c-9643-11eb-a2b2-6045cb2e6043} - "V:\autorun.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {6b7a6b89-9643-11eb-a2b2-6045cb2e6043} - "V:\autorun.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {6c2701bb-9704-11eb-a2c0-6045cb2e6043} - "V:\setup.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {6c27023a-9704-11eb-a2c0-6045cb2e6043} - "V:\setup.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {8950a276-a2e0-11eb-a2f9-6045cb2e6043} - "V:\setup.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {9182af10-9f97-11eb-a2f0-6045cb2e6043} - "V:\autorun.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {9182b2f7-9f97-11eb-a2f0-6045cb2e6043} - "V:\setup.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {93710be1-981c-11eb-a2ce-6045cb2e6043} - "V:\setup.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {93711cb0-981c-11eb-a2ce-6045cb2e6043} - "V:\setup.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {9ecea807-a08e-11eb-a2f2-6045cb2e6043} - "V:\setup.EXE" /AUTORUN HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {c668c1ff-98b8-11eb-a2cf-6045cb2e6043} - "V:\setup.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {c668c21f-98b8-11eb-a2cf-6045cb2e6043} - "V:\setup.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {c668c22e-98b8-11eb-a2cf-6045cb2e6043} - "V:\setup.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {c668c23a-98b8-11eb-a2cf-6045cb2e6043} - "V:\setup.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {c668c354-98b8-11eb-a2cf-6045cb2e6043} - "V:\setup.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {e6e73dfc-98bd-11eb-a2d0-5800e333c9cb} - "V:\setup.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {e6e73ee9-98bd-11eb-a2d0-5800e333c9cb} - "V:\setup.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {e6e74113-98bd-11eb-a2d0-5800e333c9cb} - "V:\setup.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {e6e74124-98bd-11eb-a2d0-5800e333c9cb} - "V:\setup.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {e6e74139-98bd-11eb-a2d0-5800e333c9cb} - "V:\setup.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {e6e7414c-98bd-11eb-a2d0-5800e333c9cb} - "V:\setup.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {f8d3b500-9708-11eb-a2c4-5a00e333c9cb} - "V:\setup.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {f8d3b513-9708-11eb-a2c4-5a00e333c9cb} - "V:\setup.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {fbdc87d4-968b-11eb-a2b4-6045cb2e6043} - "V:\setup64.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {fbdc8abd-968b-11eb-a2b4-6045cb2e6043} - "V:\autorun.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {fbdc8ace-968b-11eb-a2b4-6045cb2e6043} - "V:\autorun.exe" HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\MountPoints2: {fbdc90e0-968b-11eb-a2b4-6045cb2e6043} - "V:\setup.exe" HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65488 2020-02-05] (Adobe Inc. -> Adobe Systems Inc) HKLM\...\Print\Monitors\MPE3 Port: C:\Windows\system32\mpelocalmon.dll [26112 2019-12-03] (Copyright (c) Code Industry Ltd) [Archivo no firmado] HKLM\...\Print\Monitors\Nitro PDF Port 11.8 Monitor: C:\Windows\system32\NxPrinterMonitor11.dll [749664 2018-01-06] (Nitro Software, Inc. -> Nitro Software, Inc.) HKLM\...\Print\Monitors\PCL hpz3lw71: C:\Windows\system32\hpz3lw71.dll [46080 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\92.0.4515.159\Installer\chrmstp.exe [2021-08-27] (Google LLC -> Google LLC) BootExecute: autocheck autochk * GroupPolicy: Restricción ? <==== ATENCIÓN GroupPolicy\User: Restricción ? <==== ATENCIÓN Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN ==================== Tareas programadas (Lista blanca) ============ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) Task: {00E85182-48AC-4EFB-9A3E-7A796D0271A1} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506368 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {31A50337-8CD2-4177-985B-3223ADEEA879} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\josel\OneDrive\Escritorio\Seguridad\esetonlinescanner_enu.exe Task: {4BB10AC2-F655-4A71-A014-B04310245BBE} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-joseluis.bonnet1979@gmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {57FE4697-58D6-4906-8A87-4099455D8994} - System32\Tasks\WpsKtpcntrQingTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\office6\ktpcntr.exe [1531136 2016-11-14] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd) Task: {595853F5-E309-4A70-BA67-C9DCDB2987BB} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\josel\OneDrive\Escritorio\Seguridad\esetonlinescanner_enu.exe Task: {69D89B30-8342-40A1-9891-EDCCEFF77F17} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122008 2015-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {6A8F02F1-46E1-4334-8530-EFF759DA5AA4} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391104 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {6B3C6687-CB18-407E-805E-1D35021CE43A} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [917832 2021-05-15] (Glarysoft LTD -> Glarysoft Ltd) Task: {6DFA98B1-21BC-4B11-A6D8-ACB679EEA131} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation) Task: {71EA5CEA-254D-43A4-965F-2CBD7F1C4A99} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [909112 2016-07-26] (Intel(R) Trusted Connect Service -> Intel(R) Corporation) Task: {78DEFBA6-BF7D-4874-B836-E8979B204E94} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\Explorer.exe /NoUACCheck Task: {7C3BA00A-7612-4A19-9DC6-922A75846444} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {7FAC775E-5C11-4CCA-9CBC-D8B3F4EBDF28} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-10] (Google LLC -> Google LLC) Task: {8646A752-3FF9-4264-8DF7-EA773431EE18} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28985472 2021-06-07] (Piriform Software Ltd -> Piriform Software Ltd) Task: {86795D78-B8E2-4BF4-98FB-6C511A9B33CF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-10] (Google LLC -> Google LLC) Task: {931E8E74-6859-4C2A-9088-E20ACAC874E1} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19786024 2016-08-24] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) Task: {94DCF102-8C69-483E-B961-A788E4BBAA88} - System32\Tasks\ASUSTek Computer Inc\ASUS GIFTBOX => C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe Task: {A5A22B33-B009-4C2E-894E-9A2A493C8C12} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A69A33DC-1C72-42C9-977E-23F3565D8E00} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B5297976-ACB6-44A0-A930-62C71B84D78B} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-DNR3059-josel => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {B85232F3-1DC4-4945-ABD6-278746096C35} - System32\Tasks\WpsExternal_20161114063247 => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe [516352 2016-11-14] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd) Task: {C3FBE6C5-6012-47C8-BCE0-04A47E5C9BE9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {D0696DD3-D469-4DAE-AF6E-78F858CB11BF} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe Task: {D223661B-9C4D-4742-AB12-B7590B1AC86E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-11] (Adobe Inc. -> Adobe Systems) Task: {D77F82AE-E44B-4F5D-B250-CA89EB531319} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {D88F3A4D-E577-4249-9082-C24EFC391665} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {EB427548-36DA-4749-ABD9-0E0BB78C5462} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122008 2015-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {F07D4166-EEB9-4C9A-842C-2B4CB7A752D3} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) Task: {F3B79934-9BE4-4DD2-94EC-7DAD488E82E3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-06-07] (Piriform Software Ltd -> Piriform) Task: {F8B86920-CBC5-4ED6-8094-50A11D1016AE} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Nero\Nero Apps\NeroInfo\NeroInfo.exe [3867928 2021-08-05] (Nero AG -> Nero AG) Task: {FCD5BB4A-AAD2-4911-AF9B-67A2683B1811} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) (Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\WpsExternal_20161114063247.job => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe Task: C:\WINDOWS\Tasks\WpsKtpcntrQingTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\office6\ktpcntr.exeÃqing 10.1.0.5644 xxx server_url=hxxp:/kdl1.cache.wps.com/ksodl/wpscfg/client/____client____html____service____bubble.html ic_server_url=hxxp:/info.kingsoftstore.com/wpsv6internet/infos.ads ==================== Internet (Lista blanca) ==================== (Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.) Tcpip\Parameters: [DhcpNameServer] 192.168.18.1 Tcpip\..\Interfaces\{7bb37d3b-7cb5-4fcf-9dfe-7c7eec625679}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{c23d0dcb-dc80-47cb-944a-c41a2efeeeec}: [DhcpNameServer] 192.168.18.1 Edge: ======= DownloadDir: C:\Users\josel\Downloads Edge HomeButtonPage: HKU\S-1-5-21-128158195-93978417-4187598964-1001 -> hxxps://www.google.es/ Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado] Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado] Edge Extension: (IDM Integration Module) -> EdgeExtension_TonecIncIDMIntegrationModule_e7b5mm5d3r6v2 => C:\Program Files\WindowsApps\TonecInc.IDMIntegrationModule_6.38.19.0_neutral__e7b5mm5d3r6v2 [2021-07-01] Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado] Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado] Edge DefaultProfile: Default Edge Profile: C:\Users\josel\AppData\Local\Microsoft\Edge\User Data\cId=128000000001363769&path= [2021-08-27] <==== ATENCIÓN Edge Extension: (Kaspersky Protection) - C:\Users\josel\AppData\Local\Microsoft\Edge\User Data\cId=128000000001363769&path=\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-06-17] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\josel\AppData\Local\Microsoft\Edge\User Data\cId=128000000001363769&path=\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-06-17] Edge Extension: (IDM Integration Module) - C:\Users\josel\AppData\Local\Microsoft\Edge\User Data\cId=128000000001363769&path=\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-03-13] Edge Extension: (IDM Integration Module) - C:\Users\josel\AppData\Local\Microsoft\Edge\User Data\cId=128000000001363769&path=\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2021-03-13] Edge Profile: C:\Users\josel\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-28] Edge Notifications: Default -> hxxps://forospyware.com Edge HomePage: Default -> hxxps://www.google.es/ Edge StartupUrls: Default -> "hxxps://www.google.es/" Edge Extension: (Google) - C:\Users\josel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\eejlldcgggidmknlgbhdlfhgdbneaneo [2020-10-15] Edge Extension: (Unlimited Email Tracker by Snov.io) - C:\Users\josel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gojogohjgpelafgaeejgelmplndppifh [2021-08-28] Edge Extension: (Bitly | Powerful Short Links) - C:\Users\josel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic [2021-05-12] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\josel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-08-28] Edge Extension: (Player para ver Movistar+) - C:\Users\josel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2020-11-11] Edge Extension: (IDM Integration Module) - C:\Users\josel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-03-13] Edge Extension: (IDM Integration Module) - C:\Users\josel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2021-03-13] Edge HKU\S-1-5-21-128158195-93978417-4187598964-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] Edge HKU\S-1-5-21-128158195-93978417-4187598964-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx [2021-07-17] Edge HKU\S-1-5-21-128158195-93978417-4187598964-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2021-07-17] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: a69ulssc.default FF ProfilePath: C:\Users\josel\AppData\Roaming\Mozilla\Firefox\Profiles\a69ulssc.default [2021-05-05] FF ProfilePath: C:\Users\josel\AppData\Roaming\Mozilla\Firefox\Profiles\rinfhr9a.default-release [2021-06-11] FF Extension: (Malwarebytes Browser Guard) - C:\Users\josel\AppData\Roaming\Mozilla\Firefox\Profiles\rinfhr9a.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-04-09] FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-02-04] FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.2\FFExt\light_plugin_firefox\addon.xpi => no encontrado FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.2\FFExt\light_plugin_firefox\addon.xpi => no encontrado FF HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi FF Extension: (IDM Integration Module) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2021-03-05] FF HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\josel\AppData\Roaming\IDM\idmmzcc5 FF Extension: (IDM CC) - C:\Users\josel\AppData\Roaming\IDM\idmmzcc5 [2019-05-26] [Heredado] [no firmado] FF HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Heredado] FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-10-16] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-16] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-02-05] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-09-01] Chrome: ======= CHR Profile: C:\Users\josel\AppData\Local\Google\Chrome\User Data\Default [2021-09-01] CHR Notifications: Default -> hxxps://forospyware.com CHR Extension: (Presentaciones) - C:\Users\josel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-04-10] CHR Extension: (Documentos) - C:\Users\josel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-04-10] CHR Extension: (Google Drive) - C:\Users\josel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-04-10] CHR Extension: (YouTube) - C:\Users\josel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-04-11] CHR Extension: (Adobe Acrobat) - C:\Users\josel\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-08-06] CHR Extension: (Documentos de Google sin conexión) - C:\Users\josel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-29] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\josel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-08-27] CHR Extension: (IDM Integration Module) - C:\Users\josel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2021-04-10] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\josel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-10] CHR Extension: (Gmail) - C:\Users\josel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-04-10] CHR Extension: (Chrome Media Router) - C:\Users\josel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-08-04] CHR Profile: C:\Users\josel\AppData\Local\Google\Chrome\User Data\System Profile [2021-06-08] CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2021-07-17] CHR HKU\S-1-5-21-128158195-93978417-4187598964-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2021-07-17] CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2021-07-17] ==================== Servicios (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [10425640 2021-02-12] (Acronis International GmbH -> ) R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1264400 2021-02-12] (Acronis International GmbH -> Acronis International GmbH) S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [88136 2019-09-11] (Adobe Inc. -> Adobe Systems) R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6382320 2021-02-16] (Acronis International GmbH -> ) S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated) S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated) R2 dlpsrv; C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe [542400 2019-10-02] (DESlock Limited -> DESlock Limited.) R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3079464 2021-08-27] (ESET, spol. s r.o. -> ESET) R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3079464 2021-08-27] (ESET, spol. s r.o. -> ESET) R2 GUBootService; C:\Program Files (x86)\Glary Utilities 5\GUBootService.exe [865608 2021-05-15] (Glarysoft LTD -> Glarysoft Ltd) S4 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\wtoolex\wpsupdatesvr.exe [133376 2016-11-14] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7497336 2021-08-27] (Malwarebytes Inc -> Malwarebytes) R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2019-11-19] (Acronis International GmbH -> Acronis International GmbH) R2 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2019-11-18] (Acronis International GmbH -> Acronis International GmbH) R2 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1933872 2021-02-12] (Acronis International GmbH -> ) R2 NeroBackItUpBackgroundService2021; C:\Program Files (x86)\Nero\Nero 2020\Nero BackItUp\NBService.exe [287456 2021-06-04] (Nero AG -> Nero AG) S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Archivo no firmado] S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Archivo no firmado] R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13946200 2021-08-05] (ADLICE (ASCOET JULIEN) -> ) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-08-27] (Microsoft Windows Publisher -> Microsoft Corporation) R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7394008 2021-02-12] (Acronis International GmbH -> ) R2 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [7095824 2019-11-18] (Acronis International GmbH -> Acronis International GmbH) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) S4 wpscloudsvr; C:\Program Files (x86)\Kingsoft\WPS Office\wpscloudsvr.exe [162048 2016-11-14] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd) ===================== Controladores (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) R3 AiCharger; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [29312 2016-08-24] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.) S3 AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [163832 2019-01-28] (Microsoft Windows Hardware Compatibility Publisher -> RedFox) S3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [163832 2019-01-28] (Microsoft Windows Hardware Compatibility Publisher -> RedFox) R3 AsusHFilter; C:\WINDOWS\System32\drivers\AsusHFilter.sys [30200 2016-12-22] (ASUSTeK Computer Inc. -> ) R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [112856 2021-04-04] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.) R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.) R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-05] (Bluestack Systems, Inc -> Bluestack System Inc.) R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [251608 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R0 DLMFENC; C:\WINDOWS\System32\DRIVERS\DLMFENC.sys [174152 2019-10-02] (DESlock Limited -> DESlock Ltd.) R0 DLPCRYPT; C:\WINDOWS\System32\DRIVERS\dlpcrypt.sys [121728 2019-10-02] (DESlock Limited -> DESlock Ltd.) R0 dlpvdisk; C:\WINDOWS\System32\DRIVERS\dlpvdisk.sys [98296 2019-10-02] (DESlock Limited -> DESlock Ltd.) R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [169424 2021-08-04] (ESET, spol. s r.o. -> ESET) R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [123472 2021-08-04] (ESET, spol. s r.o. -> ESET) S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET) R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [194776 2021-08-04] (ESET, spol. s r.o. -> ESET) R2 ekbdflt; C:\WINDOWS\System32\drivers\ekbdflt.sys [43904 2021-08-04] (ESET, spol. s r.o. -> ESET) R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG) R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70232 2021-08-04] (ESET, spol. s r.o. -> ESET) R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107456 2021-08-04] (ESET, spol. s r.o. -> ESET) R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [701064 2021-02-16] (Acronis International GmbH -> Acronis International GmbH) R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [390592 2021-02-16] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) S3 FlashUSB; C:\WINDOWS\System32\drivers\FlashUSB.sys [19968 2014-12-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Mobile Communications) R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [30720 2021-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd) R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS) R3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.) R3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.) R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.) R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [110392 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [212280 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [127288 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [37496 2020-10-21] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab) R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [523576 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [657696 2021-03-15] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1400600 2021-03-15] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1025336 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [95544 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [113464 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [113464 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [85288 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [97080 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [257208 2021-04-12] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [310232 2021-04-12] (Kaspersky Lab JSC -> AO Kaspersky Lab) R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [116888 2021-04-12] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [207352 2021-04-12] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [153400 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [250168 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 kqemu; C:\Windows\SysWOW64\DRIVERS\kqemu.sys [144622 2021-03-26] () [Archivo no firmado] R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210344 2021-08-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-04-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-07-09] (Malwarebytes Inc -> Malwarebytes) U3 RkFlt; C:\Windows\System32\drivers\rkflt.sys [42056 2021-08-28] (Adlice -> ) S3 shspusb; C:\WINDOWS\System32\drivers\HSPUSB.sys [24064 2014-12-03] (Microsoft Windows Hardware Compatibility Publisher -> MobileTop) S3 sscdserd; C:\WINDOWS\System32\drivers\sscdserd.sys [158024 2014-12-03] (MCCI Corporation -> MCCI Corporation) S3 ssceserd; C:\WINDOWS\System32\drivers\ssceserd.sys [158024 2014-12-03] (MCCI Corporation -> MCCI Corporation) S3 ssdudfu; C:\WINDOWS\System32\drivers\ssdudfu.sys [101960 2014-12-03] (MCCI Corporation -> MCCI) S3 ssm_bus; C:\WINDOWS\System32\drivers\ssm_bus.sys [136192 2014-12-03] (MCCI Corporation -> MCCI Corporation) S3 ssm_mdm; C:\WINDOWS\System32\drivers\ssm_mdm.sys [172032 2014-12-03] (MCCI Corporation -> MCCI Corporation) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-07-22] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated) S3 ss_bserd; C:\WINDOWS\System32\drivers\ss_bserd.sys [128000 2014-12-03] (MCCI Corporation -> MCCI Corporation) S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [43648 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [883256 2021-02-16] (Acronis International GmbH -> Acronis International GmbH) R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [171968 2021-02-16] (Acronis International GmbH -> Acronis International GmbH) S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [693768 2021-02-16] (Acronis International GmbH -> Acronis International GmbH) U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [38032 2021-08-28] (Adlice -> ) S3 usbUDisc; C:\WINDOWS\System32\drivers\USBDrv_AMD64.sys [18392 2013-01-25] (Allwinner Technology Co.,Ltd. -> Scott) R0 VDLPToken2; C:\WINDOWS\System32\DRIVERS\vdlptkn2.sys [135672 2019-10-02] (DESlock Limited -> DESlock Ltd.) R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [330176 2021-02-16] (Acronis International GmbH -> Acronis International GmbH) R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [243472 2021-02-16] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation) S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation) S3 dg_ssudbus; \SystemRoot\system32\DRIVERS\ssudbus2.sys [X] ==================== NetSvcs (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) ==================== Un mes (creado) (Lista blanca) ========= (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2021-08-28 02:09 - 2021-08-28 02:09 - 000210344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-08-28 02:09 - 2021-08-28 02:09 - 000042056 _____ C:\WINDOWS\system32\Drivers\rkflt.sys 2021-08-28 02:09 - 2021-08-28 02:09 - 000038032 _____ C:\WINDOWS\system32\Drivers\truesight.sys 2021-08-27 23:32 - 2021-08-27 23:32 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-08-27 23:32 - 2021-08-27 23:32 - 000191312 _____ C:\WINDOWS\system32\HvsiSettingsWorker.exe 2021-08-27 23:32 - 2021-08-27 23:32 - 000164144 _____ C:\WINDOWS\system32\cmdiag.exe 2021-08-27 23:32 - 2021-08-27 23:32 - 000079672 _____ C:\WINDOWS\system32\hvsifiletrust.dll 2021-08-27 23:31 - 2021-08-27 23:31 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-08-27 23:31 - 2021-08-27 23:31 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-08-27 23:31 - 2021-08-27 23:31 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-08-27 23:31 - 2021-08-27 23:31 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2021-08-27 23:31 - 2021-08-27 23:31 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-08-27 23:30 - 2021-08-27 23:30 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2021-08-27 23:17 - 2021-08-27 23:17 - 000000000 ___HD C:\$WinREAgent 2021-08-05 02:49 - 2021-08-05 02:49 - 000000000 ____D C:\Users\josel\OneDrive\Documentos\Nero 2021-08-05 02:34 - 2021-08-05 02:34 - 000001391 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero USBxCOPY.lnk 2021-08-05 02:33 - 2021-08-05 02:33 - 000001554 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero Disc to Device.lnk 2021-08-05 02:32 - 2021-08-05 02:32 - 000001768 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero WaveEditor.lnk 2021-08-05 02:32 - 2021-08-05 02:32 - 000001685 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero CoverDesigner.lnk 2021-08-05 02:30 - 2021-08-05 02:30 - 000001558 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero SoundTrax.lnk 2021-08-05 02:29 - 2021-08-05 02:29 - 000001558 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero Start.lnk 2021-08-05 02:23 - 2021-08-05 02:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2020 2021-08-05 02:22 - 2021-08-05 02:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2021-08-05 02:13 - 2021-08-27 19:53 - 000000000 ____D C:\Users\josel\AppData\Local\Nero 2021-08-05 02:13 - 2021-08-05 02:30 - 000001695 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero KnowHow PLUS.lnk 2021-08-05 02:13 - 2021-08-05 02:28 - 000000000 ____D C:\Program Files (x86)\Nero 2021-08-05 02:13 - 2021-08-05 02:26 - 000000000 ____D C:\ProgramData\Nero 2021-08-05 02:12 - 2021-08-05 02:51 - 000000000 ____D C:\Users\josel\AppData\Roaming\Nero ==================== Un mes (modificado) ================== (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2021-09-01 22:35 - 2021-07-18 15:17 - 000000000 ____D C:\FRST 2021-09-01 22:34 - 2019-05-26 02:00 - 000000000 ____D C:\Users\josel\AppData\Roaming\DMCache 2021-09-01 22:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-09-01 22:01 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-09-01 22:01 - 2019-05-26 01:19 - 000000000 ____D C:\Program Files (x86)\Google 2021-09-01 21:59 - 2019-06-27 04:26 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2021-08-28 02:13 - 2020-09-02 01:47 - 001772866 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-08-28 02:13 - 2019-12-07 16:55 - 000791112 _____ C:\WINDOWS\system32\perfh00A.dat 2021-08-28 02:13 - 2019-12-07 16:55 - 000156448 _____ C:\WINDOWS\system32\perfc00A.dat 2021-08-28 02:13 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-08-28 02:09 - 2020-09-02 01:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-08-28 02:09 - 2020-09-02 01:44 - 000008192 ___SH C:\DumpStack.log.tmp 2021-08-28 02:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-08-28 02:08 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-08-28 01:47 - 2020-09-02 01:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-08-28 01:05 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-08-28 01:05 - 2019-05-25 23:24 - 000000000 ____D C:\Users\josel\AppData\Local\Packages 2021-08-28 00:47 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-08-28 00:37 - 2021-04-12 01:06 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-08-28 00:02 - 2021-05-23 01:14 - 000000000 ____D C:\Users\josel\AppData\Roaming\vlc 2021-08-28 00:02 - 2019-12-29 08:09 - 000000000 ____D C:\Users\josel\AppData\Roaming\KSM 2021-08-27 23:55 - 2021-07-07 02:56 - 000001575 _____ C:\WINDOWS\system32\config\VSMIDK 2021-08-27 23:53 - 2020-09-02 01:44 - 000471864 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-08-27 23:51 - 2019-12-07 16:58 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-08-27 23:51 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2021-08-27 23:51 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-08-27 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-08-27 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-08-27 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-08-27 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-08-27 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2021-08-27 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-08-27 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-08-27 23:51 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing 2021-08-27 23:16 - 2021-02-19 23:33 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-08-27 23:16 - 2019-05-25 23:32 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-08-27 23:00 - 2019-05-25 23:31 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-08-27 19:23 - 2021-04-11 17:15 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-08-27 19:22 - 2021-04-11 17:14 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2021-08-27 19:15 - 2021-04-12 01:04 - 000003652 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-08-27 19:15 - 2021-04-12 01:04 - 000003528 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-08-27 19:15 - 2021-04-10 18:07 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-08-06 00:35 - 2021-04-29 21:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller 2021-08-06 00:35 - 2021-04-29 21:12 - 000000000 ____D C:\Program Files\RogueKiller 2021-08-05 03:09 - 2020-11-12 15:07 - 000000000 ____D C:\Users\josel\AppData\Local\Nero_AG 2021-08-05 02:32 - 2009-09-14 20:05 - 001770344 _____ (Pegasus Imaging Corp.) C:\WINDOWS\SysWOW64\imagx7.dll 2021-08-05 02:32 - 2009-09-14 20:05 - 000815976 _____ (Pegasus Imaging Corp.) C:\WINDOWS\SysWOW64\imagxra7.dll 2021-08-05 02:32 - 2009-09-14 20:05 - 000271208 _____ (Pegasus Imaging Corp.) C:\WINDOWS\SysWOW64\imagxr7.dll 2021-08-05 01:44 - 2019-12-29 02:31 - 000000000 ____D C:\Users\josel\AppData\Local\CrashDumps 2021-08-05 01:00 - 2020-09-02 01:52 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-08-05 00:49 - 2021-04-10 18:05 - 000003622 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-08-05 00:49 - 2021-04-10 18:05 - 000003498 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-08-04 18:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-08-04 14:11 - 2019-05-25 23:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-08-04 14:09 - 2019-04-05 11:37 - 000194776 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys 2021-08-04 14:09 - 2019-04-05 11:37 - 000169424 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys 2021-08-04 14:09 - 2019-04-05 11:37 - 000123472 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys 2021-08-04 14:09 - 2019-04-05 11:37 - 000107456 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys 2021-08-04 14:09 - 2019-04-05 11:37 - 000070232 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys 2021-08-04 14:09 - 2018-10-24 00:06 - 000043904 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys ==================== Archivos en la raíz de algunos directorios ======== 2021-01-23 22:04 - 2021-01-24 01:51 - 000000184 _____ () C:\Users\josel\AppData\Roaming\settings.set 2019-05-25 23:29 - 2019-09-20 12:20 - 000000200 _____ () C:\Users\josel\AppData\Roaming\sp_data.sys 2019-05-27 15:17 - 2020-02-11 23:07 - 000000410 _____ () C:\Users\josel\AppData\Local\oobelibMkey.log 2019-07-17 20:58 - 2021-05-11 03:54 - 000007620 _____ () C:\Users\josel\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (No existe una corrección automática para los archivos que no pasan la verificación.) ==================== Final de FRST.txt ========================