Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 11-07-2022 Ejecutado por JC Fernandez (administrador) sobre DESKTOP-10B8GRO (ASUSTeK COMPUTER INC. X705UDR) (13-07-2022 09:57:26) Ejecutado desde C:\Users\JC Fernandez\Desktop Perfiles cargados: JC Fernandez Plataforma: Microsoft Windows 11 Home Versión 22H2 22622.290 (X64) Idioma: Español (España, internacional) Navegador predeterminado: Edge Modo de Inicio: Normal ==================== Procesos (Lista blanca) ================= (Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.111\BraveCrashHandler.exe (Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.111\BraveCrashHandler64.exe (C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (C:\Program Files (x86)\Microsoft\EdgeWebView\Application\103.0.1264.49\msedgewebview2.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (C:\Program Files\WindowsApps\MicrosoftTeams_22168.200.1405.7434_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\103.0.1264.49\msedgewebview2.exe <13> (DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\igfxEM.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <16> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\JC Fernandez\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe (Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (services.exe ->) (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\AsBhcSrv.exe (services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (services.exe ->) (ICEpower a/s -> ICEpower A/S) C:\Windows\System32\ICEsoundService64.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\igfxCUIService.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\IntelCpHDCPSvc.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\IntelCpHeciSvc.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.30001.0_x64__8wekyb3d8bbwe\gamingservices.exe (services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.30001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_9682deda3bac5b6f\Display.NvContainer\NVDisplay.Container.exe <2> (svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\BhcMgr.exe (svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22052.537.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe (svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.545.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe (svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe ==================== Registro (Lista blanca) =================== (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [10587912 2022-07-04] (Dropbox, Inc -> Dropbox, Inc.) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409944 2018-06-22] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5926680 2022-06-04] (Adobe Inc. -> Adobe Systems Inc.) HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3641019475-3180039676-856797794-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5492504 2022-06-04] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-3641019475-3180039676-856797794-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2636168 2022-07-06] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3641019475-3180039676-856797794-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36976728 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-3641019475-3180039676-856797794-1001\...\Run: [MicrosoftEdgeAutoLaunch_B5A7C8E93B7F41625330FBBDCFA9330D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3601824 2022-07-05] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3641019475-3180039676-856797794-1001\...\Run: [BingWallpaperApp] => C:\Users\JC Fernandez\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe [13998496 2022-06-06] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3641019475-3180039676-856797794-1003\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3641019475-3180039676-856797794-1003\...\Run: [MicrosoftEdgeAutoLaunch_6581028B91D27375CEC921E1DF8A8AE4] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3601824 2022-07-05] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Windows x64\Print Processors\Canon E400 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDC6.DLL [30208 2013-08-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2021-12-24] (Adobe Inc. -> Adobe Systems Inc) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.114\Installer\chrmstp.exe [2022-07-05] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\103.1.41.96\Installer\chrmstp.exe [2022-07-12] (Brave Software, Inc. -> Brave Software, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> HKLM\Software\...\Authentication\Credential Providers: [{f64945df-4fa9-4068-a2fb-61af319edd33}] -> C:\WINDOWS\system32\rdpcredentialprovider.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation) ==================== Tareas programadas (Lista blanca) ============ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) Task: {007BE892-DE9F-4379-8416-73C6316FA9A4} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [668464 2017-02-24] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {03E39AE1-999C-46E7-BC43-8D9BA1D66A5D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-27] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc Task: {08BD09F4-BBD5-4759-9418-2A6680D41823} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => C:\WINDOWS\system32\SecureBootEncodeUEFI.exe [49152 2022-05-07] (Microsoft Windows -> ) Task: {0CF964C0-1866-4328-8BCB-228F535A80F0} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) Task: {16DA0585-7EDB-4E8A-9FB9-FCD2B2CB7782} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) Task: {1912A91C-9B44-4238-989F-6076362705EF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2022-06-20] (Piriform Software Ltd -> Piriform Software Ltd) Task: {20CEFD6C-D5D9-4DA2-B274-4C81E5D2E2B7} - System32\Tasks\CCleanerSkipUAC - JC Fernandez => C:\Program Files\CCleaner\CCleaner.exe [31027800 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd) "C:\Windows\System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask" no pudo ser desbloqueado. <==== ATENCIÓN Task: {27CE9D59-9D48-4D29-99BC-64657AEBA494} - System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask Task: {2E4372F2-0236-4346-BBE1-3C5FB48F12C2} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\JC Fernandez\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-03-24] (ESET, spol. s r.o. -> ESET) Task: {42DFCA16-6EB4-497E-A043-C59317763678} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {43BD31EF-7D4A-4BE6-A2BA-62127959D14A} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\Windows\System32\Autopilot.dll [212992 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Task: {4A4B5019-92F0-4A98-A2FA-56FD89519071} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3641019475-3180039676-856797794-1003 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214144 2022-07-06] (Microsoft Corporation -> Microsoft Corporation) Task: {5F0B55AF-1E63-4059-985A-1AFD257A112C} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618080 2020-08-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {60A34A22-15DE-4B35-A06F-2A6ED2852D2D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {662FE501-1D82-4BDA-A431-BCAF01782FC3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-19] (Google Inc -> Google Inc.) Task: {67B7F511-1CB1-45FA-AB19-1B57C27964D2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {6D2A59FA-6225-4E5F-995A-C61F36DE80E5} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\JC Fernandez\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-03-24] (ESET, spol. s r.o. -> ESET) Task: {7021E512-44E3-498C-A888-63BBB5A17640} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19967504 2016-11-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {75A7D3A3-1FBB-41B8-8E7A-CDA760020497} - System32\Tasks\ASUS Battery Health Charging Notification => C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\BhcMgr.exe [2480504 2017-04-26] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {81B86691-9AD5-4F6E-A965-7888726D1E6B} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [125816 2017-05-16] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {8906F6AC-17A6-4525-AC27-B2A177739C23} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-05-05] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {898B5077-1A70-404A-B5A9-70B967EB87DC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.) Task: {95874F85-5A67-4265-BBFB-F08CD745E0DF} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618080 2020-08-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {9C9C1623-9FFF-4A74-8394-7ADD07FF0F70} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3641019475-3180039676-856797794-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214144 2022-07-06] (Microsoft Corporation -> Microsoft Corporation) Task: {A120AD1B-7097-4C69-9E62-F48FFE8BCD66} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\Windows\System32\Autopilot.dll [212992 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Task: {A75E1B24-898C-44E4-8638-61C6482AE763} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-27] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A7A2E504-CF10-4AB2-B4E8-E29A29C13287} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {AA07841B-652B-4448-9F3E-07DFAB37FCEB} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214144 2022-07-06] (Microsoft Corporation -> Microsoft Corporation) Task: {B0E7DD14-A1DC-416B-988E-0F0944003F6E} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [66472 2022-03-08] (Microsoft Corporation -> Microsoft) Task: {B9BB37E9-C11E-45F6-B53C-EA8D703A40EF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-27] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {BEE9753A-4C03-4613-929C-03B89D50D792} - System32\Tasks\Microsoft\Windows\CloudRestore\Restore => {B4BCFA6F-948D-46B8-BF27-E8B1117E23B3} C:\WINDOWS\system32\CloudRestoreLauncher.dll [233472 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Task: {C375B8E7-1D4F-4E57-90E7-3BEFD0DFCE06} - System32\Tasks\Microsoft\Windows\WlanSvc\MoProfileManagement => {085EDA12-CF4A-4944-8222-8ADCADE137CB} C:\Windows\System32\WlanMediaManager.dll [897024 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Task: {D467C59D-A17C-4B59-8AC6-E1D310705477} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {DD1262B7-6BCF-46E2-83E3-3A0574005421} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-05-05] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {DD9E3C97-1DCA-495D-80D9-BD2D5F76A4C9} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {E0380F22-B301-45F3-B26B-F618F796E0E9} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {E0D36B22-1CEE-4880-8977-99C48CB9A082} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-19] (Google Inc -> Google Inc.) Task: {E481DFC2-8739-4C2E-BAEC-E4583874E641} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-27] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F01FDCEC-40C4-4BA5-B3BA-591043B044F0} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {F87BAE91-2470-40AB-9F94-A437578A5E4D} - System32\Tasks\Microsoft\Windows\Application Experience\SdbinstMergeDbTask => C:\WINDOWS\system32\sdbinst.exe [212992 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Task: {FBE45B66-4EE5-445F-9998-738FF3E54830} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {FC68A05C-0CC5-4E81-9BC4-23DF042D8710} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {FE38E6AD-AC90-4C9E-ADD6-A4787D408929} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [125816 2017-05-16] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) (Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (Lista blanca) ==================== (Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{29eee345-68b3-41a8-90d1-f1433a329628}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{8830673c-dba4-4feb-90c9-91c3b4c019e2}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{8f67cafd-3ef0-4522-8040-fb3c240129ca}: [NameServer] 1.1.1.1,199.85.126.10 Tcpip\..\Interfaces\{8f67cafd-3ef0-4522-8040-fb3c240129ca}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{d11e1b78-984a-43e0-916f-f9ed9cc0c08c}: [DhcpNameServer] 192.168.1.1 Edge: ======= DownloadDir: D:\Descargas Edge DefaultProfile: Default Edge Profile: C:\Users\JC Fernandez\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-13] Edge Notifications: Default -> hxxps://business.facebook.com; hxxps://forobeta.com; hxxps://mail.google.com; hxxps://twitter.com; hxxps://web.whatsapp.com; hxxps://www.alibaba.com; hxxps://www.facebook.com; hxxps://www.tiktok.com; hxxps://www.youtube.com Edge HomePage: Default -> hxxps://www.google.com/ Edge StartupUrls: Default -> "hxxps://www.google.com/" Edge Extension: (Editor Microsoft: corrector ortográfico y gramatical) - C:\Users\JC Fernandez\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hokifickgkhplphjiodbggjmoafhignh [2022-07-11] Edge Extension: (polkadot{.js} extension) - C:\Users\JC Fernandez\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mopnmbcafieddcagagdcbnhejhlodfdd [2022-06-16] Edge Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\JC Fernandez\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2022-06-28] Edge Extension: (Halo) - C:\Users\JC Fernandez\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\npbihmhlfjhckkmiaogmjffkbibaonjb [2022-06-27] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Plugin: @videolan.org/vlc,version=3.0.16 -> D:\Programas\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.3 -> D:\Programas\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-06-22] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-06-04] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-06-22] (Adobe Systems Incorporated -> Adobe Systems) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\JC Fernandez\AppData\Local\Google\Chrome\User Data\Default [2022-07-12] CHR HomePage: Default -> hxxps://www.google.com/ CHR StartupUrls: Default -> "hxxps://google.com/" CHR Extension: (Duolingo en la web) - C:\Users\JC Fernandez\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2018-06-19] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\JC Fernandez\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-01] CHR Profile: C:\Users\JC Fernandez\AppData\Local\Google\Chrome\User Data\System Profile [2022-07-12] CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp] Brave: ======= BRA DefaultProfile: Default BRA Profile: C:\Users\JC Fernandez\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-07-12] BRA DownloadDir: D:\Descargas BRA Notifications: Default -> hxxps://forobeta.com; hxxps://platzi.com; hxxps://web.whatsapp.com; hxxps://www.facebook.com BRA HomePage: Default -> hxxps://www.google.com/ BRA Extension: (Documentos de Google sin conexión) - C:\Users\JC Fernandez\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-28] BRA Extension: (polkadot{.js} extension) - C:\Users\JC Fernandez\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\mopnmbcafieddcagagdcbnhejhlodfdd [2022-06-16] BRA Extension: (MetaMask) - C:\Users\JC Fernandez\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2022-06-27] BRA Extension: (Material Dark) - C:\Users\JC Fernandez\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\npadhaijchjemiifipabpmeebeelbmpd [2022-03-15] BRA Extension: (Brave Local Data Files Updater) - C:\Users\JC Fernandez\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2022-06-28] BRA Extension: (Brave User Model Installer) - C:\Users\JC Fernandez\AppData\Local\BraveSoftware\Brave-Browser\User Data\ahiocclicnhmiobhocikfdamfccbehhn [2021-04-01] BRA Extension: (Brave NTP sponsored images) - C:\Users\JC Fernandez\AppData\Local\BraveSoftware\Brave-Browser\User Data\alkblaadjjijngaehljijdimckobegga [2022-07-07] BRA Extension: (Brave NTP background images) - C:\Users\JC Fernandez\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2022-03-10] BRA Extension: (Wallet Data Files Updater) - C:\Users\JC Fernandez\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2022-06-28] BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\JC Fernandez\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-07-07] BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\JC Fernandez\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2022-04-10] BRA Extension: (Brave Ads Resources) - C:\Users\JC Fernandez\AppData\Local\BraveSoftware\Brave-Browser\User Data\elecgkckipdmnkkgndidemmdhdcdfhnp [2022-03-29] BRA Extension: (Brave SpeedReader Updater) - C:\Users\JC Fernandez\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-03-10] BRA Extension: (Crypto Wallets) - C:\Users\JC Fernandez\AppData\Local\BraveSoftware\Brave-Browser\User Data\odbfpeeihdkbihmopkbjmoonfanlbfcl [2021-11-14] BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\JC Fernandez\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2022-07-07] StartMenuInternet: Brave - C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe ==================== Servicios (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-06-22] (Adobe Systems Incorporated -> Adobe Systems Incorporated) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3815712 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3580200 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AsBhcService; C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\AsBhcSrv.exe [114360 2016-10-20] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7206312 2018-07-19] (BattlEye Innovations e.K. -> ) S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-05-05] (Brave Software, Inc. -> BraveSoftware Inc.) S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-05-05] (Brave Software, Inc. -> BraveSoftware Inc.) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46864 2022-07-04] (Dropbox, Inc -> Dropbox, Inc.) S3 dcsvc; C:\WINDOWS\system32\dcsvc.dll [802816 2022-05-07] (Microsoft Windows -> Microsoft Corporation) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-06-19] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.136.0626.0001\FileSyncHelper.exe [3384200 2022-07-06] (Microsoft Corporation -> Microsoft Corporation) S2 GameInput Service; C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe [75240 2022-05-25] (Microsoft Corporation -> Microsoft Corporation) S3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304496 2022-07-07] (Microsoft Windows -> Microsoft Corporation) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8677120 2022-06-18] (Malwarebytes Inc. -> Malwarebytes) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.136.0626.0001\OneDriveUpdaterService.exe [3824008 2022-07-06] (Microsoft Corporation -> Microsoft Corporation) R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13252624 2020-04-23] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2022-07-07] (Microsoft Windows -> Microsoft Corporation) S3 TwitchService; C:\Program Files\Common Files\Twitch\TwitchService.exe [337112 2022-06-21] (Twitch Interactive, Inc. -> ) S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2019-07-27] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-27] (Microsoft Windows Publisher -> Microsoft Corporation) R3 webthreatdefsvc; C:\WINDOWS\System32\webthreatdefsvc.dll [163840 2022-05-07] (Microsoft Windows -> Microsoft Corporation) S2 webthreatdefusersvc; C:\WINDOWS\System32\webthreatdefusersvc.dll [135168 2022-07-07] (Microsoft Windows -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-27] (Microsoft Windows Publisher -> Microsoft Corporation) S3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [137568 2022-07-07] (Microsoft Windows -> Microsoft Corporation) S3 ZenAnywhere; C:\Program Files\Orbweb Inc\ZenAnywhere\ZenAnywhere.exe [154456 2017-05-24] (Orbweb Taiwan Inc. -> Orbweb Inc.) S3 ZenAnywhere Updater; C:\Program Files\Orbweb Inc\ZenAnywhere\updater.exe [154456 2017-05-24] (Orbweb Taiwan Inc. -> Orbweb Inc.) S3 ZenAnywhereNetworkService; C:\Program Files\Orbweb Inc\ZenAnywhere\bin\ZenAnywhereNetworkService.exe [67416 2017-04-07] (Orbweb Taiwan Inc. -> Orbweb Inc.) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_9682deda3bac5b6f\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_9682deda3bac5b6f\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Controladores (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) R3 AiCharger; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [29312 2016-11-14] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.) R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.) R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.) R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91496 2022-06-16] (Microsoft Windows -> Microsoft Corporation) R2 BlueStacksDrv_msi2; C:\Program Files\BlueStacks_msi2\BstkDrv_msi2.sys [315768 2020-10-04] (Bluestack Systems, Inc -> Bluestack System Inc.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-07] (Microsoft Windows -> Microsoft Corporation) R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-06-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-07-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-10-31] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation) S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-07] (Microsoft Windows -> VMware, Inc.) S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-07] (Microsoft Windows -> ) R3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2018-08-29] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-06-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-06-27] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-27] (Microsoft Windows -> Microsoft Corporation) R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2022-06-16] (Microsoft Windows -> Microsoft Corporation) S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2019-07-27] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) ==================== NetSvcs (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) NETSVC: DcSvc -> C:\Windows\system32\dcsvc.dll (Microsoft Corporation) ==================== Un mes (creado) (Lista blanca) ========= (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2022-07-13 09:57 - 2022-07-13 09:57 - 000038782 _____ C:\Users\JC Fernandez\Desktop\FRST.txt 2022-07-12 16:31 - 2022-07-12 16:33 - 290671432 _____ (Google, Inc.) C:\Users\JC Fernandez\Desktop\GoogleDriveSetup.exe 2022-07-12 12:37 - 2022-07-12 12:37 - 000805706 _____ C:\WINDOWS\system32\perfh00A.dat 2022-07-12 12:37 - 2022-07-12 12:37 - 000160982 _____ C:\WINDOWS\system32\perfc00A.dat 2022-07-12 12:04 - 2022-07-12 12:04 - 000050741 _____ C:\Users\JC Fernandez\Downloads\Fixlog.txt.crdownload 2022-07-12 11:49 - 2022-07-12 11:51 - 000050741 _____ C:\Users\JC Fernandez\Desktop\Fixlog.txt 2022-07-12 11:48 - 2022-07-12 11:48 - 000000000 ____D C:\Users\JC Fernandez\Desktop\FRST-OlderVersion 2022-07-12 11:44 - 2022-07-12 11:44 - 000000254 _____ C:\Users\JC Fernandez\Desktop\DelFix.txt 2022-07-12 11:44 - 2022-07-12 11:44 - 000000254 _____ C:\DelFix.txt 2022-07-12 11:44 - 2022-07-12 11:44 - 000000000 ____D C:\WINDOWS\ERUNT 2022-07-12 11:37 - 2022-07-12 11:37 - 000797760 _____ C:\Users\JC Fernandez\Desktop\delfix_1.013.exe 2022-07-12 11:33 - 2022-07-12 11:33 - 000000000 ____D C:\Users\JC Fernandez\AppData\Local\luminati 2022-07-10 15:08 - 2021-10-08 11:00 - 000167544 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys 2022-07-10 15:08 - 2021-10-08 11:00 - 000160376 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus2.sys 2022-07-10 15:08 - 2021-10-08 11:00 - 000043640 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ss_conn_usb_driver2.sys 2022-07-10 14:56 - 2022-07-10 15:12 - 000000000 ____D C:\Users\JC Fernandez\Desktop\Wallpapers 2022-07-08 21:14 - 2022-07-08 21:53 - 000000338 _____ C:\Users\JC Fernandez\Desktop\ImportacionesPE.txt 2022-07-08 20:56 - 2022-07-08 20:56 - 000000000 ____D C:\Users\JC Fernandez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2022-07-08 20:56 - 2022-07-08 20:56 - 000000000 ____D C:\Users\JC Fernandez\AppData\Local\Zoom 2022-07-08 19:21 - 2022-07-08 19:21 - 000000000 ____D C:\Users\JC Fernandez\AppData\Local\INetHistory 2022-07-08 13:02 - 2022-07-13 09:57 - 000000000 ____D C:\FRST 2022-07-08 13:01 - 2022-07-12 11:48 - 002369536 _____ (Farbar) C:\Users\JC Fernandez\Desktop\FRST64.exe 2022-07-08 10:57 - 2022-07-08 10:57 - 000001081 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk 2022-07-08 10:57 - 2022-07-08 10:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2022-07-08 10:57 - 2022-07-08 10:57 - 000000000 ____D C:\Program Files\VS Revo Group 2022-07-08 10:55 - 2022-07-08 10:55 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\JC Fernandez\Downloads\Sin confirmar 592659.crdownload 2022-07-08 10:54 - 2022-07-08 10:54 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\JC Fernandez\Downloads\Sin confirmar 390579.crdownload 2022-07-08 10:54 - 2022-07-08 10:54 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\JC Fernandez\Desktop\rkill.exe 2022-07-07 15:19 - 2022-07-07 15:19 - 005814368 _____ C:\Users\JC Fernandez\Desktop\GUIA_DEL_IMPORTADOR.pdf 2022-07-07 15:08 - 2022-07-07 15:08 - 001819953 _____ C:\Users\JC Fernandez\Desktop\Orgullo y prejuicio (Jane Austen) (z-lib.org).pdf 2022-07-07 14:45 - 2022-07-07 15:21 - 000000835 _____ C:\Users\JC Fernandez\Desktop\Importaciones.txt 2022-07-07 13:15 - 2022-07-07 13:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2022-07-07 00:24 - 2022-07-07 00:24 - 002575656 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll 2022-07-07 00:24 - 2022-07-07 00:24 - 002088728 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll 2022-07-07 00:24 - 2022-07-07 00:24 - 000296448 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll 2022-07-07 00:24 - 2022-07-07 00:24 - 000192512 _____ C:\WINDOWS\system32\CloudExperienceHostRedirection.dll 2022-07-07 00:24 - 2022-07-07 00:24 - 000180224 _____ C:\WINDOWS\system32\stordiag.exe 2022-07-07 00:24 - 2022-07-07 00:24 - 000133120 _____ C:\WINDOWS\SysWOW64\stordiag.exe 2022-07-07 00:24 - 2022-07-07 00:24 - 000098304 _____ C:\WINDOWS\system32\dplcsp.dll 2022-07-07 00:24 - 2022-07-07 00:24 - 000062832 _____ C:\WINDOWS\system32\AppInstallerBackgroundUpdate.exe 2022-07-07 00:24 - 2022-07-07 00:24 - 000016100 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-07-06 17:25 - 2022-07-06 17:26 - 004401903 _____ C:\Users\JC Fernandez\Desktop\Odin.zip 2022-07-05 12:19 - 2022-07-05 12:19 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2022-07-04 09:36 - 2022-07-04 09:36 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2022-07-04 09:36 - 2022-07-04 09:36 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2022-07-04 09:36 - 2022-07-04 09:36 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2022-07-04 09:36 - 2022-07-04 09:36 - 000046864 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2022-06-30 15:03 - 2022-06-30 15:03 - 000002206 _____ C:\Users\JC Fernandez\Desktop\TikTok.lnk 2022-06-29 09:46 - 2022-06-29 11:30 - 000000000 ____D C:\Users\JC Fernandez\AppData\Local\Razer 2022-06-29 09:46 - 2022-06-29 11:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer 2022-06-29 09:40 - 2022-06-29 11:30 - 000000000 ____D C:\ProgramData\Razer 2022-06-28 12:29 - 2022-06-28 12:38 - 000000000 ____D C:\Program Files\Sublime Text 2022-06-28 12:29 - 2022-06-28 12:29 - 000000915 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text.lnk 2022-06-28 12:16 - 2022-06-28 12:16 - 000000000 ____D C:\Users\JC Fernandez\AppData\Roaming\Mael Horz 2022-06-28 12:16 - 2022-06-28 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HxD Hex Editor 2022-06-28 12:16 - 2022-06-28 12:16 - 000000000 ____D C:\Program Files\HxD 2022-06-28 12:16 - 2021-02-10 16:27 - 003444957 _____ (Maël Hörz ) C:\Users\JC Fernandez\Desktop\HxDSetup.exe 2022-06-28 12:15 - 2022-06-28 12:15 - 003348036 _____ C:\Users\JC Fernandez\Desktop\HxDSetup.zip 2022-06-28 11:53 - 2022-06-28 11:53 - 000001822 _____ C:\Users\JC Fernandez\Desktop\licencia.txt 2022-06-28 11:34 - 2022-06-28 11:34 - 019148248 _____ (Sublime HQ Pty Ltd ) C:\Users\JC Fernandez\Desktop\sublime_text_build_4126_x64_setup.exe 2022-06-21 16:45 - 2022-06-21 16:45 - 000001184 _____ C:\Users\JC Fernandez\Desktop\Twitch Studio.lnk 2022-06-21 16:45 - 2022-06-21 16:45 - 000001170 _____ C:\Users\JC Fernandez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch Studio.lnk 2022-06-21 16:45 - 2022-06-21 16:45 - 000000000 ____D C:\Users\JC Fernandez\AppData\Roaming\twitch-desktop-electron-platform 2022-06-21 16:45 - 2022-06-21 16:45 - 000000000 ____D C:\Program Files\Common Files\Twitch 2022-06-21 16:44 - 2022-06-21 17:09 - 000000000 ____D C:\Users\JC Fernandez\AppData\Roaming\Twitch Studio 2022-06-20 00:22 - 2022-06-20 00:42 - 000000018 _____ C:\Users\JC Fernandez\Desktop\Gifcards.txt 2022-06-19 23:18 - 2022-06-08 16:01 - 001905920 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2022-06-19 23:18 - 2022-06-08 16:01 - 001905920 _____ C:\WINDOWS\system32\vulkaninfo.exe 2022-06-19 23:18 - 2022-06-08 16:01 - 001478400 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2022-06-19 23:18 - 2022-06-08 16:01 - 001478400 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2022-06-19 23:18 - 2022-06-08 16:01 - 001432320 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2022-06-19 23:18 - 2022-06-08 16:01 - 001432320 _____ C:\WINDOWS\system32\vulkan-1.dll 2022-06-19 23:18 - 2022-06-08 16:01 - 001145600 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2022-06-19 23:18 - 2022-06-08 16:01 - 001145600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2022-06-19 23:18 - 2022-06-08 16:00 - 001471104 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2022-06-19 23:18 - 2022-06-08 16:00 - 001212544 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2022-06-19 23:18 - 2022-06-08 15:57 - 000865784 _____ C:\WINDOWS\system32\nvofapi64.dll 2022-06-19 23:18 - 2022-06-08 15:57 - 000770688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2022-06-19 23:18 - 2022-06-08 15:57 - 000687608 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2022-06-19 23:18 - 2022-06-08 15:56 - 002126456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2022-06-19 23:18 - 2022-06-08 15:56 - 001607144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2022-06-19 23:18 - 2022-06-08 15:56 - 001535480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2022-06-19 23:18 - 2022-06-08 15:56 - 001182200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2022-06-19 23:18 - 2022-06-08 15:56 - 001058416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2022-06-19 23:18 - 2022-06-08 15:56 - 000844400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2022-06-19 23:18 - 2022-06-08 15:56 - 000714728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2022-06-19 23:18 - 2022-06-08 15:55 - 010268792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2022-06-19 23:18 - 2022-06-08 15:55 - 008803304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2022-06-19 23:18 - 2022-06-08 15:55 - 005732344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2022-06-19 23:18 - 2022-06-08 15:55 - 005362680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2022-06-19 23:18 - 2022-06-08 15:55 - 003065984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2022-06-19 23:18 - 2022-06-08 15:55 - 000455288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2022-06-19 23:18 - 2022-06-08 15:54 - 000852072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2022-06-19 23:18 - 2022-06-08 15:53 - 006362304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2022-06-19 23:18 - 2022-06-06 23:08 - 000093121 _____ C:\WINDOWS\system32\nvinfo.pb 2022-06-18 18:12 - 2022-06-18 18:12 - 000001106 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashFXP 5.lnk 2022-06-18 18:12 - 2022-06-18 18:12 - 000000000 __HDC C:\ProgramData\{759C99EE-34E3-42A8-91EF-7106A0ED0FBE} 2022-06-18 18:12 - 2022-06-18 18:12 - 000000000 ____D C:\ProgramData\regid.2000-02.com.flashfxp 2022-06-18 18:12 - 2022-06-18 18:12 - 000000000 ____D C:\ProgramData\FlashFXP 2022-06-18 18:12 - 2022-06-18 18:12 - 000000000 ____D C:\Program Files (x86)\FlashFXP 5 2022-06-18 18:03 - 2022-06-18 18:07 - 000000000 ____D C:\Users\JC Fernandez\AppData\Roaming\CoreFTP 2022-06-18 17:34 - 2022-06-18 17:35 - 147562527 _____ C:\Users\JC Fernandez\Desktop\yohabloporellos.cl.tar.gz 2022-06-18 17:08 - 2022-06-18 17:08 - 011810104 _____ (Tim Kosse) C:\Users\JC Fernandez\Downloads\FileZilla_3.58.0_win64-setup.exe 2022-06-18 16:49 - 2022-06-18 16:46 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2022-06-18 16:36 - 2022-06-18 16:37 - 000000000 ____D C:\Users\JC Fernandez\Desktop\Backup 2022-06-18 16:11 - 2022-06-18 16:11 - 000000028 ____H C:\.GamingRoot 2022-06-18 16:11 - 2022-06-18 16:11 - 000000000 ____D C:\XboxGames 2022-06-18 16:10 - 2022-07-06 23:05 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll 2022-06-18 16:10 - 2022-06-18 16:10 - 000000000 ____D C:\Program Files (x86)\Windows Kits 2022-06-18 16:10 - 2022-06-18 16:10 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput 2022-06-16 13:05 - 2022-06-16 13:05 - 000000000 ____D C:\Users\JC Fernandez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bing Wallpaper 2022-06-16 12:55 - 2022-06-16 12:55 - 000003614 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d8717015ab4f84 ==================== Un mes (modificado) ================== (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2022-07-13 09:50 - 2018-06-19 00:07 - 000000000 ____D C:\Program Files (x86)\Google 2022-07-13 09:33 - 2022-05-07 00:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-07-13 09:22 - 2018-06-19 04:08 - 000000000 ____D C:\Users\JC Fernandez\AppData\Local\D3DSCache 2022-07-13 09:18 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-07-13 09:17 - 2018-06-19 00:36 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-07-13 09:15 - 2022-05-26 21:22 - 000004232 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{4DF94989-C1F1-4A52-A7E9-36CE235213CF} 2022-07-13 09:15 - 2018-06-19 00:36 - 146546848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-07-13 09:09 - 2018-07-09 01:25 - 000000000 ____D C:\Program Files\CCleaner 2022-07-13 09:09 - 2017-09-23 03:02 - 000000000 __SHD C:\Users\JC Fernandez\IntelGraphicsProfiles 2022-07-13 09:09 - 2017-09-23 02:23 - 000000000 ____D C:\ProgramData\NVIDIA 2022-07-13 00:28 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\SystemTemp 2022-07-12 23:33 - 2019-10-10 21:33 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2022-07-12 23:27 - 2022-05-07 00:24 - 000000000 ___HD C:\Program Files\WindowsApps 2022-07-12 16:30 - 2020-05-05 20:14 - 000002418 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk 2022-07-12 12:37 - 2022-05-26 21:23 - 001801816 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-07-12 12:37 - 2022-05-07 00:22 - 000000000 ____D C:\WINDOWS\INF 2022-07-12 12:29 - 2022-05-26 21:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-07-12 12:29 - 2022-05-26 21:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-07-12 12:29 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\ServiceState 2022-07-12 12:29 - 2020-06-23 02:27 - 000012288 ___SH C:\DumpStack.log.tmp 2022-07-12 12:29 - 2017-09-23 02:24 - 000000000 ___HD C:\Intel 2022-07-12 12:23 - 2022-05-07 00:17 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2022-07-12 12:18 - 2020-02-01 15:05 - 000000000 ____D C:\Users\JC Fernandez\AppData\LocalLow\IGDump 2022-07-12 11:50 - 2022-05-26 21:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUSTek Computer Inc 2022-07-12 11:50 - 2022-05-26 21:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUS 2022-07-12 11:36 - 2019-10-10 21:12 - 000000000 ____D C:\Users\JC Fernandez\AppData\Roaming\WhatsApp 2022-07-12 06:23 - 2020-04-04 14:27 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware 2022-07-11 19:03 - 2022-05-26 21:22 - 000003886 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn 2022-07-11 19:03 - 2022-05-26 21:22 - 000003444 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime 2022-07-11 19:03 - 2022-03-23 19:33 - 000001434 _____ C:\Users\JC Fernandez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2022-07-09 21:40 - 2018-07-07 01:35 - 000006528 _____ C:\Users\JC Fernandez\ggpofba-ng.bkp.ini 2022-07-09 21:40 - 2018-06-19 22:44 - 000001361 _____ C:\Users\JC Fernandez\ggpo-ng.ini 2022-07-08 23:35 - 2020-04-02 08:43 - 000000000 ____D C:\Users\JC Fernandez\AppData\Roaming\obs-studio 2022-07-08 20:56 - 2020-07-20 22:11 - 000000000 ____D C:\Users\JC Fernandez\AppData\Roaming\Zoom 2022-07-08 18:36 - 2018-06-19 04:11 - 000000000 ____D C:\ProgramData\Packages 2022-07-08 18:36 - 2017-09-23 03:02 - 000000000 ____D C:\Users\JC Fernandez\AppData\Local\Packages 2022-07-08 11:05 - 2022-05-19 05:56 - 000000000 ___DC C:\WINDOWS\Panther 2022-07-08 11:05 - 2019-07-22 02:38 - 000000000 ____D C:\Users\JC Fernandez\AppData\Roaming\slobs-client 2022-07-08 11:05 - 2018-07-12 23:05 - 000000000 ____D C:\Users\JC Fernandez\AppData\Local\CrashDumps 2022-07-07 13:16 - 2018-06-19 00:11 - 000000000 ____D C:\Users\JC Fernandez\AppData\Local\Dropbox 2022-07-07 13:15 - 2018-06-19 00:11 - 000000000 ____D C:\Program Files (x86)\Dropbox 2022-07-07 00:33 - 2022-05-26 21:15 - 000510440 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-07-07 00:33 - 2021-09-28 08:29 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2022-07-07 00:33 - 2020-04-23 12:27 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-07-07 00:33 - 2019-10-04 11:20 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2022-07-07 00:33 - 2018-06-19 00:08 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-07-07 00:32 - 2022-05-07 00:24 - 000000000 ___SD C:\WINDOWS\system32\UNP 2022-07-07 00:32 - 2022-05-07 00:24 - 000000000 ___RD C:\WINDOWS\PrintDialog 2022-07-07 00:32 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\UUS 2022-07-07 00:32 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-07-07 00:32 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\SystemResources 2022-07-07 00:32 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2022-07-07 00:32 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2022-07-07 00:32 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\system32\setup 2022-07-07 00:32 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2022-07-07 00:32 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-07-07 00:32 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\system32\es-MX 2022-07-07 00:32 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-07-07 00:32 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\system32\appraiser 2022-07-07 00:32 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\ShellExperiences 2022-07-07 00:32 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\ShellComponents 2022-07-07 00:32 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-07-07 00:32 - 2022-05-07 00:24 - 000000000 ____D C:\Program Files\Common Files\System 2022-07-07 00:29 - 2022-05-07 00:17 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-07-07 00:26 - 2022-05-26 21:17 - 003206144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-07-06 17:13 - 2022-05-26 21:22 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3641019475-3180039676-856797794-1003 2022-07-06 17:13 - 2022-05-26 21:22 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3641019475-3180039676-856797794-1001 2022-07-06 17:13 - 2022-05-26 21:22 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2022-07-06 17:13 - 2021-09-28 08:29 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-07-04 11:34 - 2017-09-23 02:21 - 000000000 ____D C:\ProgramData\Package Cache 2022-06-30 16:53 - 2018-06-20 01:40 - 000002116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk 2022-06-30 16:53 - 2018-06-20 01:40 - 000002105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2022-06-29 12:07 - 2021-11-22 20:08 - 000000000 ____D C:\Users\JC Fernandez\Documents\Grabaciones de sonido 2022-06-29 11:08 - 2021-09-26 06:48 - 000000000 ____D C:\Users\JC Fernandez\AppData\Local\ElevatedDiagnostics 2022-06-29 09:20 - 2020-04-04 20:19 - 000000000 ____D C:\Users\JC Fernandez\Desktop\Archivos WEB 2022-06-28 16:27 - 2017-09-23 02:19 - 000000000 __RHD C:\Users\Public\AccountPictures 2022-06-28 12:43 - 2020-08-09 00:02 - 000000000 ____D C:\Users\JC Fernandez\AppData\Roaming\Samsung 2022-06-27 16:27 - 2018-06-19 02:57 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2022-06-20 10:53 - 2018-08-06 22:50 - 000000000 ____D C:\Program Files (x86)\Steam 2022-06-20 10:53 - 2018-07-26 00:04 - 000000000 ____D C:\Users\JC Fernandez\AppData\Roaming\uTorrent 2022-06-20 10:53 - 2018-07-22 00:33 - 000000000 ____D C:\Users\JC Fernandez\AppData\Roaming\FileZilla 2022-06-20 09:56 - 2018-07-09 22:34 - 000000000 ____D C:\Users\JC Fernandez\AppData\Local\NVIDIA 2022-06-20 09:56 - 2018-06-20 02:31 - 000000033 _____ C:\Users\JC Fernandez\AppData\Roaming\AdobeWLCMCache.dat 2022-06-20 09:53 - 2022-05-26 21:22 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2022-06-19 23:22 - 2017-09-23 02:23 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2022-06-18 18:11 - 2018-07-21 23:44 - 000000000 ____D C:\Users\JC Fernandez\AppData\Local\IIIQF 2022-06-18 17:31 - 2018-07-22 00:33 - 000000000 ____D C:\Users\JC Fernandez\AppData\Local\FileZilla 2022-06-18 17:08 - 2018-07-22 00:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2022-06-18 17:08 - 2018-07-22 00:32 - 000000000 ____D C:\Program Files\FileZilla FTP Client 2022-06-18 17:07 - 2018-06-19 22:21 - 000000000 ____D C:\Users\JC Fernandez\AppData\Local\PlaceholderTileLogoFolder 2022-06-18 16:49 - 2022-05-07 00:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2022-06-18 16:49 - 2020-09-20 19:43 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2022-06-18 16:49 - 2020-02-01 15:03 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2022-06-18 16:48 - 2020-02-01 15:03 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2022-06-18 16:42 - 2020-02-01 15:03 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-06-18 16:42 - 2018-08-06 22:55 - 000000000 ____D C:\Program Files\Malwarebytes 2022-06-16 12:55 - 2022-05-26 21:22 - 000003708 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA ==================== Archivos en la raíz de algunos directorios ======== 2018-06-20 02:31 - 2022-06-20 09:56 - 000000033 _____ () C:\Users\JC Fernandez\AppData\Roaming\AdobeWLCMCache.dat 2020-07-20 01:36 - 2020-07-20 01:36 - 000000068 _____ () C:\Users\JC Fernandez\AppData\Roaming\changzhi_leidian.data 2020-07-20 01:47 - 2020-07-20 01:47 - 000000068 _____ () C:\Users\JC Fernandez\AppData\Roaming\changzhi_mplayer.data 2020-03-14 12:28 - 2020-03-14 12:28 - 000000028 _____ () C:\Users\JC Fernandez\AppData\Roaming\kulerdata.json 2022-05-01 11:47 - 2022-05-01 11:47 - 000000015 _____ () C:\Users\JC Fernandez\AppData\Roaming\obs-virtualcam.txt 2017-09-23 03:05 - 2020-08-27 11:30 - 000000200 _____ () C:\Users\JC Fernandez\AppData\Roaming\sp_data.sys 2022-03-24 12:41 - 2022-03-30 14:30 - 000007402 _____ () C:\Users\JC Fernandez\AppData\Roaming\VoiceMeeterDefault.xml 2018-10-08 20:17 - 2018-10-08 20:17 - 000000000 _____ () C:\Users\JC Fernandez\AppData\Local\oobelibMkey.log 2018-07-22 00:38 - 2020-07-18 17:02 - 000000128 _____ () C:\Users\JC Fernandez\AppData\Local\PUTTY.RND 2020-04-04 21:30 - 2020-04-04 21:30 - 000000017 _____ () C:\Users\JC Fernandez\AppData\Local\resmon.resmoncfg ==================== FLock ============================== 2022-06-02 09:56 C:\WINDOWS\system32\WebThreatDefSvc ==================== SigCheck ============================ (No existe una corrección automática para los archivos que no pasan la verificación.) ==================== Final de FRST.txt ========================