Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 19.04.2024 01 Ejecutado por hp (administrador) sobre DESKTOP-A62J562 (HP HP EliteBook 840 G3) (23-04-2024 17:52:08) Ejecutado desde C:\Users\hp\Desktop\FRST64.exe Perfiles cargados: hp Plataforma: Microsoft Windows 10 Pro Versión 22H2 19045.4170 (X64) Idioma: Español (España, internacional) Navegador predeterminado: Chrome Modo de Inicio: Normal ==================== Procesos (Lista blanca) ================= (Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2> (C:\Autodesk\Network License Manager\lmgrd.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) [Archivo no firmado] C:\Autodesk\Network License Manager\adskflex.exe (C:\Program Files (x86)\Brother\ES Status Monitor\ptnmwnd.exe ->) (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\Brother\ES Status Monitor\esnetmon.exe (C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe (C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Autodesk, Inc. -> Autodesk) C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe (C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ES Status Monitor\ptnmwnd.exe (C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\WAC\PSUAMain.exe (C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe (C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe (C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessCore.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdskIdentityManager\1.10.4.0\AdskIdentityManager.exe (C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (C:\Program Files\Synology\VPN Plus Client\server\lighttpdService.exe ->) () [Archivo no firmado] C:\Program Files\Synology\VPN Plus Client\server\LightTPD.exe (C:\Program Files\Synology\VPN Plus Client\vpnclient\vpnService.exe ->) () [Archivo no firmado] C:\Program Files\Synology\VPN Plus Client\vpnclient\vpnclient_x64.exe (Conexant Systems LLC -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SmartAudio3.exe (DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe (explorer.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (explorer.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessCore.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <16> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe (Google Inc (TEST) -> Formlabs Inc.) [Archivo no firmado] C:\Program Files (x86)\Formlabs\Update\1.3.99.0\FormlabsCrashHandler.exe (Google Inc (TEST) -> Formlabs Inc.) [Archivo no firmado] C:\Program Files (x86)\Formlabs\Update\1.3.99.0\FormlabsCrashHandler64.exe (rundll32.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe <2> (services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (AnyDesk Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2> (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe (services.exe ->) (CloudBees, Inc.) [Archivo no firmado] C:\Program Files\Synology\VPN Plus Client\server\lighttpdService.exe (services.exe ->) (CloudBees, Inc.) [Archivo no firmado] C:\Program Files\Synology\VPN Plus Client\vpnclient\vpnService.exe (services.exe ->) (Conexant Systems LLC -> Conexant Systems, Inc.) C:\Windows\CxSvc\CxUtilSvc.exe (services.exe ->) (Flexera Software LLC -> Flexera) C:\Autodesk\Network License Manager\lmgrd.exe <2> (services.exe ->) (ForensiT Limited -> ) C:\Program Files (x86)\ForensiT\AppX Management Service\ForensiTAppxService.exe (services.exe ->) (Hewlett-Packard Company -> HP) [Archivo no firmado] C:\Windows\System32\HPSIsvc.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_6c234fdd160946fe\HPAudioAnalytics.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe (services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe (services.exe ->) (Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\WAC\PSUAService.exe (services.exe ->) (Synaptics Incorporated -> Conexant Systems, Inc) C:\Windows\CxSvc\CxMonSvc.exe (services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe (services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\ProgramData\Wondershare\Service\InstallAssistService.exe (services.exe ->) (www.shadowexplorer.com) [Archivo no firmado] C:\Program Files (x86)\ShadowExplorer\sesvc.exe (svchost.exe ->) (Conexant Systems LLC -> Conexant) C:\Windows\System32\MicTray64.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2401.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe (svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3> (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe ==================== Registro (Lista blanca) =================== (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.) HKLM\...\Run: [RtsCM] => C:\Windows\RTSCM64.EXE [225280 2017-03-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) HKLM\...\Run: [pac] => C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe [221992 2020-12-09] (Autodesk, Inc. -> Autodesk) HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [754416 2018-09-20] (Acronis International GmbH -> ) HKLM\...\Run: [Autodesk Access] => C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessCore.exe [20689696 2024-02-07] (Autodesk, Inc. -> Autodesk, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe [2913648 2021-05-10] (Autodesk, Inc. -> Autodesk) HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [425864 2018-09-20] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4575880 2018-09-20] (Acronis International GmbH -> ) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\WAC\PSUAMain.exe [179088 2022-02-06] (Panda Security S.L. -> Panda Security, S.L.) HKLM-x32\...\Run: [PharosControlServer] => C:\Program Files (x86)\TP-Link\Pharos Control\server\bin\pcserver.exe [320000 2020-01-14] (TP-Link Techonoligies Co, Ltd.) [Archivo no firmado] HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2023-04-19] (Adobe Inc. -> ) HKLM-x32\...\Run: [PTNMWND] => C:\Program Files (x86)\Brother\ES Status Monitor\ptnmwnd.exe [752752 2021-10-28] (Brother Industries, Ltd. -> Brother Industries, Ltd.) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restricción <==== ATENCIÓN HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restricción <==== ATENCIÓN HKU\S-1-5-21-2895085854-1970825321-3648630973-1001\...\Run: [utweb] => C:\Users\hp\AppData\Roaming\uTorrent Web\utweb.exe [5934112 2021-09-24] (BitTorrent Inc -> BitTorrent Inc.) HKU\S-1-5-21-2895085854-1970825321-3648630973-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\hp\AppData\Local\Microsoft\Teams\Update.exe [2589872 2023-11-16] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-2895085854-1970825321-3648630973-1001\...\Run: [MicrosoftEdgeAutoLaunch_F072E8F080C5A31FE150A3CA4B35FB6A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4082112 2024-04-18] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2895085854-1970825321-3648630973-1001\...\Policies\Explorer: [] HKLM\...\Windows NT x86\Print Processors\OPATPP3: C:\Windows\System32\spool\prtprocs\W32X86\OPATPP3.DLL [33792 2013-05-15] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation) HKLM\...\Windows x64\Print Processors\HPCP1020PP: C:\Windows\System32\spool\prtprocs\x64\HPCP1020PP.DLL [65024 2012-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.) HKLM\...\Windows x64\Print Processors\hpcpp255: C:\Windows\System32\spool\prtprocs\x64\hpcpp255.dll [848384 2021-03-03] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.) HKLM\...\Windows x64\Print Processors\OPATPP3: C:\Windows\System32\spool\prtprocs\x64\OPATPP3.DLL [41984 2013-05-15] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation) HKLM\...\Windows x64\Print Processors\OPLAPP3: C:\Windows\System32\spool\prtprocs\x64\OPLAPP3.dll [43520 2012-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation) HKLM\...\Print\Monitors\Brother QL-1110NWB Monitor: C:\Windows\system32\bsq17aL6.DLL [101344 2022-11-29] (Microsoft Windows Hardware Compatibility Publisher -> Brother Industries, Ltd.) HKLM\...\Print\Monitors\HP CP1020 LM: C:\Windows\system32\HPCP1020LM.DLL [129024 2012-11-28] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\Windows\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [Archivo no firmado] HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\Windows\system32\HPMPW082.DLL [120320 2021-03-03] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.) HKLM\...\Print\Monitors\HPMLM225: C:\Windows\system32\hpmlm225.dll [308224 2018-11-14] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.) HKLM\...\Print\Monitors\Nitro PDF Port 11.8 Monitor: C:\Windows\system32\NxPrinterMonitor11.dll [749664 2018-01-06] (Nitro Software, Inc. -> Nitro Software, Inc.) HKLM\...\Print\Monitors\Oki Common XP64 Language Monitor: C:\Windows\system32\OKLMON64.DLL [27648 2009-06-25] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [ForensiT-Migrate-AppxPackage] -> C:\Windows\upwpm2.exe [2023-01-13] (ForensiT Limited -> ForensiT Limited) [Archivo no firmado] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\124.0.6367.61\Installer\chrmstp.exe [2024-04-23] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2022-02-23] ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH) GroupPolicy: Restricción - Windows Defender <==== ATENCIÓN Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN HKLM\SOFTWARE\Policies\Microsoft\Edge: Restricción <==== ATENCIÓN ==================== Tareas programadas (Lista blanca) ================= (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) Task: {3D6AAEFD-DBDD-4CC5-B407-CBEE289440D5} - no ruta de acceso de archivo. <==== ATENCIÓN "C:\Windows\System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202}" fue desbloqueado. <==== ATENCIÓN "C:\Windows\System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA}" fue desbloqueado. <==== ATENCIÓN Task: {991A9EAA-387D-410F-8564-8D34E4555A70} - no ruta de acceso de archivo. <==== ATENCIÓN Task: {DB8A54A9-1E0B-4156-8C51-07A6805F900B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.) Task: {46581EF0-732A-43E5-BF7B-465255C9A288} - System32\Tasks\dataqa-highlighter-S-1-5-21-2895085854-1970825321-3648630973-1001 => C:\Windows\System32\msiexec.exe [69632 2023-11-16] (Microsoft Windows -> Microsoft Corporation) -> /i "C:\Users\hp\AppData\Local\Programs\e4b2f4cd46\51ac6b3627.msi" /quiet JOCR=1 Task: {3D256794-70AE-46D0-AB11-094C2BAD4862} - System32\Tasks\FormlabsUpdateTaskMachineCore{63391BCB-4EAA-47C0-9399-38921FE93643} => C:\Program Files (x86)\Formlabs\Update\FormlabsUpdate.exe [150288 2024-01-30] (Google Inc (TEST) -> Formlabs Inc.) [Archivo no firmado] Task: {7DBE7BA8-7D02-46C6-8B40-762758A9587D} - System32\Tasks\FormlabsUpdateTaskMachineUA{7F78F2F1-33EE-43B1-B5BF-65FD815C6F39} => C:\Program Files (x86)\Formlabs\Update\FormlabsUpdate.exe [150288 2024-01-30] (Google Inc (TEST) -> Formlabs Inc.) [Archivo no firmado] Task: {51B17F33-B46F-4AC5-97F4-4F6D6A3BB3CB} - System32\Tasks\G2MUpdateTask-S-1-5-21-2895085854-1970825321-3648630973-1001 => C:\Users\hp\AppData\Local\GoToMeeting\19992\g2mupdate.exe [34872 2024-04-15] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {EC9537D0-76B3-4D4B-8221-3EE37C33E987} - System32\Tasks\G2MUploadTask-S-1-5-21-2895085854-1970825321-3648630973-1001 => C:\Users\hp\AppData\Local\GoToMeeting\19992\g2mupload.exe [34872 2024-04-15] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {71E76510-A894-4001-AB2A-9DB0ADEDF719} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem126.0.6425.0{3E1CCA70-E4EC-47ED-AB73-1CD91C877B5D} => C:\Program Files (x86)\Google\GoogleUpdater\126.0.6425.0\updater.exe [4786464 2024-04-18] (Google LLC -> Google LLC) Task: {A38B3149-52EB-4F1C-9A77-6DAB6D8E0735} - System32\Tasks\GoogleSystem\GoogleUpdater\uxlft.WSMan.Runtime => C:\Windows\system32\RUNDLL32.exe [71680 2023-11-16] (Microsoft Windows -> Microsoft Corporation) -> C:\ProgramData\QueueEvent\TrmcdLwcense\C:\ProgramData\QueueEvent\TrmcdLwcense\iislxteNlVELA3.dll gqvkappcore <==== ATENCIÓN Task: {0562FF29-4936-4E14-B7FD-745D55C37D05} - System32\Tasks\HPCustParticipation HP ColorLaserJet MFP M182-M185 => C:\Program Files\HP\HP ColorLaserJet MFP M182-M185\Bin\HPCustPartic.exe [6665792 2022-07-19] (HP Inc. -> HP Inc.) Task: {611E22CE-30A0-4542-8CEB-E7528EB1540C} - System32\Tasks\HPCustParticipation HP OfficeJet 7510 series => C:\Program Files\HP\HP OfficeJet 7510 series\Bin\HPCustPartic.exe [6015648 2021-11-26] (HP Inc. -> Hewlett-Packard Development Company, LP) Task: {697AD153-BB34-4971-81BC-B1F2037FAECC} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [42808 2010-09-22] (Hewlett-Packard Company -> Hewlett Packard) Task: {C673E721-3E24-4939-924A-0C02AAAD2A92} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28452944 2024-04-17] (Microsoft Corporation -> Microsoft Corporation) Task: {88523AD1-546E-4CDD-9F51-7E04C05B81A0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28452944 2024-04-17] (Microsoft Corporation -> Microsoft Corporation) Task: {6CA1B5DA-14E7-4992-B1CA-A09B938A0F85} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [221152 2024-04-17] (Microsoft Corporation -> Microsoft Corporation) Task: {35C90B65-C7D0-42C6-909C-2075E0780247} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [221152 2024-04-17] (Microsoft Corporation -> Microsoft Corporation) Task: {D70E96AA-2210-4EE7-BEFF-C496704331F7} - System32\Tasks\Microsoft\Windows\Conexant\MicTray => C:\Windows\System32\MicTray64.exe [2938448 2020-07-02] (Conexant Systems LLC -> Conexant) Task: {2C74FC17-DCF9-4DF5-A945-C171F55F880B} - System32\Tasks\Microsoft\Windows\Conexant\SA3 => C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SACpl.exe [1832280 2017-06-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.) -> C:\Program Files\CONEXANT\SA3\HP-NB-AIO\/sa3 /nv:3.0+ /uid:HP-NB-AIO /s /dne Task: {659B9676-0C66-46B0-A9EA-9EE95301ABAB} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\Windows\system32\gpupdate.exe [30720 2024-03-13] (Microsoft Windows -> Microsoft Corporation) Task: {4DE46750-F508-45BB-8DF9-00E7B7FFE1BC} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\Windows\system32\gpupdate.exe [30720 2024-03-13] (Microsoft Windows -> Microsoft Corporation) Task: {0CAC4199-D1D6-414D-AF32-FB7231E9D470} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {ADE4C251-8A6F-48A2-8BB1-D3B1F2D41EA5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {DF2909CF-C8D4-47A2-92B1-BA3CE3950EF9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {997AC789-F1BE-4E47-B993-C82CA184FE8B} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [1145 2021-03-24] () [Archivo no firmado] Task: {E0C9CDD8-1D83-4B6C-944F-D39B68811462} - System32\Tasks\Opera scheduled Autoupdate 1710441791 => C:\Users\hp\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe --scheduledtask --bypasslauncher $(Arg0) (Ningún archivo) (Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.) Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2895085854-1970825321-3648630973-1001.job => C:\Users\hp\AppData\Local\GoToMeeting\19992\g2mupdate.exe Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2895085854-1970825321-3648630973-1001.job => C:\Users\hp\AppData\Local\GoToMeeting\19992\g2mupload.exe ==================== Internet (Lista blanca) ==================== (Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.) Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 1.1.1.1 8.8.8.8 Tcpip\..\Interfaces\{3f897185-ad1a-4893-adb2-66ce11ba8da7}: [DhcpNameServer] 1.1.1.1 8.8.8.8 Tcpip\..\Interfaces\{3f897185-ad1a-4893-adb2-66ce11ba8da7}\44F43454E4455435: [DhcpNameServer] 8.8.8.8 80.58.61.250 Tcpip\..\Interfaces\{3f897185-ad1a-4893-adb2-66ce11ba8da7}\4505D2C496E6B6F554874756E6465627: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{3f897185-ad1a-4893-adb2-66ce11ba8da7}\D4F4659435451425F503738353: [DhcpNameServer] 80.58.61.250 80.58.61.254 Tcpip\..\Interfaces\{3f897185-ad1a-4893-adb2-66ce11ba8da7}\D4F4659435451425F543538363: [DhcpNameServer] 192.168.8.1 Tcpip\..\Interfaces\{3f897185-ad1a-4893-adb2-66ce11ba8da7}\F42716E67656D263033303: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{3f897185-ad1a-4893-adb2-66ce11ba8da7}\F42716E67656D263033303: [DhcpDomain] home Tcpip\..\Interfaces\{4f450f8a-f140-413b-845c-391a1712c993}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{802b63c2-5711-49df-98bc-094878e0b669}: [DhcpNameServer] 192.168.2.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\hp\AppData\Local\Microsoft\Edge\User Data\Default [2024-04-23] Edge Extension: (Documentos de Google sin conexión) - C:\Users\hp\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-25] Edge Extension: (Edge relevant text changes) - C:\Users\hp\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-29] FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-11-16] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-11-16] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @mozilla.com.cn/ipcmedia -> C:\Program Files (x86)\IPC\Web\ipcmedia.dll [2018-03-05] () [Archivo no firmado] FF Plugin: @mozilla.com.cn/IPCWebMainFrame -> C:\Program Files (x86)\IPC\Web\IPCWebMainFrame.dll [2018-03-05] () [Archivo no firmado] FF Plugin: @mozilla.com.cn/npipcwebui -> C:\Program Files (x86)\IPC\Web\npipcwebui.dll [2017-07-06] (kedacom) [Archivo no firmado] FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-07] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-07] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-04-11] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @IPC/npmedia3.0.0.3,version=3.0.0.3 -> C:\Program Files\webrec\Torch\3.0.0.3\npmedia3.0.0.3.dll [2018-01-29] (Zhejiang Dahua Technology CO.,LTD. -> ) FF Plugin-x32: @IPC/npmedia3.3.192509.0,version=3.3.192509.0 -> C:\Program Files\webrec\Torch\3.3.192509.0\npmedia3.3.192509.0.dll [2019-07-25] (Zhejiang Dahua Technology CO.,LTD. -> ) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-04-04] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @NVR/npmedia4.1.63.0,version=4.1.63.0 -> C:\Program Files (x86)\webrec\Torch\4.1.63.0\npmedia.dll [2018-05-22] (Zhejiang Dahua Technology CO.,LTD. -> ) FF Plugin HKU\S-1-5-21-2895085854-1970825321-3648630973-1001: kedacom.com/ipcwebui -> C:\Program Files (x86)\IPC\Web\npipcwebui.dll [2017-07-06] (kedacom) [Archivo no firmado] FF Plugin HKU\S-1-5-21-2895085854-1970825321-3648630973-1001: www.kedacom.com/ipcwebui -> C:\Program Files (x86)\IPC\Web\npipcwebui.dll [2017-07-06] (kedacom) [Archivo no firmado] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default [2024-04-23] CHR Notifications: Default -> hxxps://mail.google.com; hxxps://meet.google.com; hxxps://ouo.io; hxxps://phonestar.info; hxxps://re-captha-version-3-29.top; hxxps://valorista.com; hxxps://websiteshove.com; hxxps://www.latiendaencasa.es; hxxps://www.reddit.com CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-23] CHR Profile: C:\Users\hp\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-04-11] CHR Profile: C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-04-03] CHR Notifications: Profile 2 -> hxxps://meet.google.com CHR Extension: (Documentos de Google sin conexión) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-03] CHR Extension: (data-qa Highlighter) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\idhhdaefanknhldagkhodblcpifdddcf [2024-04-03] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-28] CHR Profile: C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 4 [2024-04-23] CHR Notifications: Profile 4 -> hxxps://meet.google.com CHR HomePage: Profile 4 -> hxxp://g.uk.msn.com/USREL/15 CHR StartupUrls: Profile 4 -> "hxxp://www.google.es/" CHR Extension: (Documentos de Google sin conexión) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-26] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-03] CHR Profile: C:\Users\hp\AppData\Local\Google\Chrome\User Data\System Profile [2024-04-23] CHR HKU\S-1-5-21-2895085854-1970825321-3648630973-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [idhhdaefanknhldagkhodblcpifdddcf] ==================== Servicios (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [3956952 2018-09-20] (Acronis International GmbH -> Acronis International GmbH) R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1157592 2018-09-20] (Acronis International GmbH -> ) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.) R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6285616 2022-03-04] (Acronis International GmbH -> ) R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [5323592 2024-04-11] (AnyDesk Software GmbH -> AnyDesk Software GmbH) R2 Autodesk Access Service Host; C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe [11630368 2024-02-07] (Autodesk, Inc. -> Autodesk, Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14221280 2024-04-17] (Microsoft Corporation -> Microsoft Corporation) R2 CxMonSvc; C:\Windows\CxSvc\CxMonSvc.exe [56496 2020-09-09] (Synaptics Incorporated -> Conexant Systems, Inc) R2 ForensiTAppxService; C:\Program Files (x86)\ForensiT\AppX Management Service\ForensiTAppxService.exe [43448 2023-01-13] (ForensiT Limited -> ) S2 formlabs; C:\Program Files (x86)\Formlabs\Update\FormlabsUpdate.exe [150288 2024-01-30] (Google Inc (TEST) -> Formlabs Inc.) [Archivo no firmado] S3 formlabsm; C:\Program Files (x86)\Formlabs\Update\FormlabsUpdate.exe [150288 2024-01-30] (Google Inc (TEST) -> Formlabs Inc.) [Archivo no firmado] S2 GoogleUpdaterInternalService126.0.6425.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6425.0\updater.exe [4786464 2024-04-18] (Google LLC -> Google LLC) S2 GoogleUpdaterService126.0.6425.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6425.0\updater.exe [4786464 2024-04-18] (Google LLC -> Google LLC) S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2011-01-21] (HP) [Archivo no firmado] R2 HPAudioAnalytics; C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_6c234fdd160946fe\HPAudioAnalytics.exe [542760 2024-01-19] (HP Inc. -> HP Inc.) S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1128992 2017-12-12] (HP Inc. -> HP) R2 HPSIService; C:\Windows\system32\HPSIsvc.exe [124536 2012-12-25] (Hewlett-Packard Company -> HP) [Archivo no firmado] R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Archivo no firmado] R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2018-09-20] (Acronis International GmbH -> Acronis International GmbH) S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2018-09-20] (Acronis International GmbH -> Acronis International GmbH) S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1762456 2018-09-20] (Acronis International GmbH -> ) S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2019-02-01] (HP Inc.) [Archivo no firmado] S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2019-02-01] (HP Inc.) [Archivo no firmado] R2 PSUAService; C:\Program Files (x86)\Panda Security\WAC\PSUAService.exe [71992 2022-02-06] (Panda Security S.L. -> Panda Security, S.L.) R2 Revit 2022; C:\Autodesk\Network License Manager\lmgrd.exe [1201488 2021-02-24] (Flexera Software LLC -> Flexera) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522184 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation) R2 sesvc; C:\Program Files (x86)\ShadowExplorer\sesvc.exe [9216 2013-01-02] (www.shadowexplorer.com) [Archivo no firmado] R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7003048 2018-09-20] (Acronis International GmbH -> ) R2 Synology VPNPLus Client; C:\Program Files\Synology\VPN Plus Client\vpnclient\vpnService.exe [59392 2018-08-14] (CloudBees, Inc.) [Archivo no firmado] R2 Synology VPNPLus WWW; C:\Program Files\Synology\VPN Plus Client\server\lighttpdService.exe [59392 2021-07-12] (CloudBees, Inc.) [Archivo no firmado] R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14770472 2021-09-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe [3199648 2024-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe [133576 2024-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [262880 2022-02-18] (Wondershare Technology Co.,Ltd -> Wondershare) ===================== Controladores (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [78328 2021-08-25] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [120416 2021-08-11] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr)) S3 DrvSnSht; C:\Program Files (x86)\R-Drive Image\DrvSnSht64.sys [132432 2018-03-27] (R-tools Technology Inc. -> R-TT Inc.) R2 DvctProv; C:\Windows\system32\DRIVERS\DvctProv.sys [140568 2020-10-28] (Panda Security S.L. -> Panda Security, S.L.) R2 file_protector; C:\Windows\System32\DRIVERS\file_protector.sys [660456 2022-03-04] (Acronis International GmbH -> Acronis International GmbH) R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [390592 2022-03-04] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) R0 fltsrv; C:\Windows\System32\DRIVERS\fltsrv.sys [182832 2022-03-04] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) S2 Hardlock; C:\Windows\SysWOW64\drivers\hardlock.sys [676864 2004-07-14] (Aladdin Knowledge Systems) [Archivo no firmado] S3 libusbK; C:\Windows\System32\drivers\libusbK.sys [47200 2021-12-10] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net) R3 MpKsl036b46c2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{674B2FE0-ABE4-4E0B-8B68-96A484101425}\MpKslDrv.sys [301336 2024-04-23] (Microsoft Windows -> Microsoft Corporation) S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.) R3 Neo_VPN; C:\Windows\System32\drivers\Neo6_x64_VPN.sys [37824 2024-02-20] (SoftEther Corporation -> SoftEther Corporation) S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.) R1 NNSDHCP; C:\Windows\system32\DRIVERS\NNSDHCP.sys [107280 2022-02-06] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R1 NNSDNS; C:\Windows\system32\DRIVERS\NNSDNS.sys [142096 2022-02-06] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R1 NNSHTTP; C:\Windows\system32\DRIVERS\NNSHTTP.sys [211216 2022-02-06] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R1 NNSHTTPS; C:\Windows\system32\DRIVERS\NNSHTTPS.sys [124688 2022-02-06] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R1 NNSIDS; C:\Windows\system32\DRIVERS\NNSIDS.sys [142608 2022-02-06] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R1 NNSPICC; C:\Windows\system32\DRIVERS\NNSPICC.sys [161040 2022-02-22] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) S4 NNSPIHSW; C:\Windows\system32\DRIVERS\NNSPIHSW.sys [109328 2022-02-06] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R1 NNSPOP3; C:\Windows\system32\DRIVERS\NNSPOP3.sys [133904 2022-02-06] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R1 NNSPROT; C:\Windows\system32\DRIVERS\NNSPROT.sys [403216 2022-02-17] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R1 NNSPRV; C:\Windows\system32\DRIVERS\NNSPRV.sys [544568 2022-03-23] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R1 NNSSMTP; C:\Windows\system32\DRIVERS\NNSSMTP.sys [122128 2022-02-06] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R1 NNSSTRM; C:\Windows\system32\DRIVERS\NNSSTRM.sys [332088 2022-03-15] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R1 npcap; C:\Windows\system32\DRIVERS\npcap.sys [71720 2021-06-22] (Insecure.Com LLC -> Insecure.Com LLC.) R2 PSINAflt; C:\Windows\system32\DRIVERS\PSINAflt.sys [194832 2022-02-06] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R0 PSINDvct; C:\Windows\System32\DRIVERS\PSINDvct.sys [85280 2020-10-29] (Panda Security S.L. -> Panda Security, S.L.) S0 psinelam; C:\Windows\System32\DRIVERS\psinelam.sys [23480 2021-07-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Panda Security, S.L.) R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [172320 2022-02-06] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R1 PSINKNC; C:\Windows\system32\DRIVERS\PSINKNC.sys [216352 2022-02-06] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [147216 2022-02-06] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R2 PSINProt; C:\Windows\system32\DRIVERS\PSINProt.sys [158992 2022-02-06] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R2 PSINReg; C:\Windows\system32\DRIVERS\PSINReg.sys [127768 2022-02-06] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [72984 2019-02-20] (Panda Security S.L. -> Panda Security, S.L.) S3 R-ImageDisk; C:\Program Files (x86)\R-Drive Image\R-ImageDisk64.sys [213584 2019-06-08] (R-Tools Technology Inc. -> R-TT Inc.) R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc. -> SafeNet, Inc.) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [213088 2021-08-11] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr)) R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1310552 2022-03-04] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [213336 2022-03-04] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [690520 2022-03-04] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [24064 2023-10-13] (Microsoft Corporation) [Archivo no firmado] S3 usbscan; C:\Windows\System32\drivers\usbscan.sys [49664 2022-07-20] (Microsoft Corporation) [Archivo no firmado] R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [331976 2022-03-04] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) R2 VMnetBridge; C:\Windows\system32\DRIVERS\vmnetbridge.sys [66520 2018-05-11] (VMware, Inc. -> VMware, Inc.) R0 volume_tracker; C:\Windows\System32\DRIVERS\volume_tracker.sys [243472 2022-03-04] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) R0 vsock; C:\Windows\system32\DRIVERS\vsock.sys [91712 2017-09-05] (VMware, Inc. -> VMware, Inc.) R0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [20936 2024-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [601376 2024-04-11] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105760 2024-04-11] (Microsoft Windows -> Microsoft Corporation) S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2022-02-16] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [40200 2023-11-17] (HP Inc. -> HP) U4 npcap_wifi; no ImagePath ==================== NetSvcs (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) ==================== Un mes (creado) (Lista blanca) ========= (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2024-04-23 17:52 - 2024-04-23 17:52 - 000044597 _____ C:\Users\hp\Desktop\FRST.txt 2024-04-23 17:51 - 2024-04-23 17:52 - 000000000 ____D C:\FRST 2024-04-23 17:50 - 2024-04-23 17:50 - 002394112 _____ (Farbar) C:\Users\hp\Downloads\FRST64.exe 2024-04-23 17:50 - 2024-04-23 17:50 - 002394112 _____ (Farbar) C:\Users\hp\Desktop\FRST64.exe 2024-04-19 13:01 - 2024-04-19 13:01 - 000872689 _____ C:\Users\hp\Downloads\N20212365 ELECTRODATOS INFORMATICA SOCIEDAD LIMITADA --delegacion Ciudad real.pdf 2024-04-19 09:33 - 2024-04-19 09:33 - 000541412 _____ C:\Users\hp\Downloads\bulkHOnAcg.zip 2024-04-19 09:33 - 2024-04-19 09:33 - 000000000 ____D C:\Users\hp\Downloads\bulkHOnAcg 2024-04-18 18:45 - 2024-04-18 18:45 - 000048553 _____ C:\Users\hp\Downloads\240.380.pdf 2024-04-18 18:42 - 2024-04-18 18:42 - 000047408 _____ C:\Users\hp\Downloads\240.379.pdf 2024-04-18 18:38 - 2024-04-18 18:38 - 000044164 _____ C:\Users\hp\Downloads\240.378.pdf 2024-04-18 18:35 - 2024-04-18 18:35 - 000044659 _____ C:\Users\hp\Downloads\240.377.pdf 2024-04-18 18:17 - 2024-04-18 18:17 - 000000000 ____D C:\Program Files\Formlabs 2024-04-17 11:39 - 2024-04-17 11:41 - 000010507 _____ C:\Users\hp\Downloads\Trabajos realizados HM Leon.xlsx 2024-04-11 16:55 - 2024-04-11 16:55 - 000042712 _____ C:\Users\hp\Downloads\240.360.pdf 2024-04-11 15:58 - 2024-04-11 15:58 - 021050672 _____ (Famatech Corp. ) C:\Users\hp\Downloads\Advanced_IP_Scanner_2.5.4594.1 (1).exe 2024-04-09 18:17 - 2024-04-09 18:17 - 000019469 _____ C:\Users\hp\Downloads\1386.xls 2024-04-09 18:11 - 2024-04-09 18:11 - 000001477 _____ C:\Users\hp\Downloads\1334_2.xls 2024-04-09 18:11 - 2024-04-09 18:11 - 000001477 _____ C:\Users\hp\Downloads\1334_1.xls 2024-04-09 18:08 - 2024-04-09 18:08 - 000001481 _____ C:\Users\hp\Downloads\1312.xls 2024-04-09 18:07 - 2024-04-09 18:07 - 000001477 _____ C:\Users\hp\Downloads\1310.xls 2024-04-09 18:06 - 2024-04-09 18:06 - 000001477 _____ C:\Users\hp\Downloads\1291.xls 2024-04-09 18:03 - 2024-04-09 18:03 - 000020574 _____ C:\Users\hp\Downloads\1223.xls 2024-04-09 18:03 - 2024-04-09 18:03 - 000001475 _____ C:\Users\hp\Downloads\1231.xls 2024-04-09 18:02 - 2024-04-09 18:02 - 000001477 _____ C:\Users\hp\Downloads\1178.xls 2024-04-09 18:01 - 2024-04-09 18:01 - 000002022 _____ C:\Users\hp\Downloads\1156.xls 2024-04-09 18:01 - 2024-04-09 18:01 - 000001477 _____ C:\Users\hp\Downloads\1147.xls 2024-04-09 18:00 - 2024-04-09 18:00 - 000002566 _____ C:\Users\hp\Downloads\1122.xls 2024-04-09 17:59 - 2024-04-09 17:59 - 000001477 _____ C:\Users\hp\Downloads\1107.xls 2024-04-09 17:59 - 2024-04-09 17:59 - 000001477 _____ C:\Users\hp\Downloads\1087_2.xls 2024-04-09 17:58 - 2024-04-09 17:58 - 000001477 _____ C:\Users\hp\Downloads\1087_1.xls 2024-04-09 17:56 - 2024-04-09 17:56 - 000001477 _____ C:\Users\hp\Downloads\1058.xls 2024-04-09 17:52 - 2024-04-09 17:52 - 000001475 _____ C:\Users\hp\Downloads\1039.xls 2024-04-09 17:49 - 2024-04-09 17:49 - 000001477 _____ C:\Users\hp\Downloads\759.xls 2024-04-09 17:48 - 2024-04-09 17:48 - 000021119 _____ C:\Users\hp\Downloads\744.xls 2024-04-09 17:47 - 2024-04-09 17:47 - 000001477 _____ C:\Users\hp\Downloads\641.xls 2024-04-09 17:46 - 2024-04-09 17:46 - 000001477 _____ C:\Users\hp\Downloads\632.xls 2024-04-09 17:44 - 2024-04-09 17:44 - 000001477 _____ C:\Users\hp\Downloads\621.xls 2024-04-09 17:42 - 2024-04-09 17:42 - 000001477 _____ C:\Users\hp\Downloads\566.xls 2024-04-09 17:41 - 2024-04-09 17:41 - 000018929 _____ C:\Users\hp\Downloads\remesa 532.xls 2024-04-09 17:30 - 2024-04-09 17:30 - 000638030 _____ C:\Users\hp\Downloads\3TJSRX-7UGNsfg4.pdf 2024-04-09 16:11 - 2024-04-09 16:11 - 000144826 _____ C:\Users\hp\Downloads\WhatsApp Image 2024-04-09 at 13.34.08.jpeg 2024-04-09 13:32 - 2024-04-09 13:32 - 021050672 _____ (Famatech Corp. ) C:\Users\hp\Downloads\Advanced_IP_Scanner_2.5.4594.1.exe 2024-04-08 10:16 - 2024-04-08 10:16 - 000015080 _____ C:\Users\hp\Downloads\rma.pdf 2024-04-07 10:44 - 2024-04-07 10:44 - 000091340 _____ C:\Users\hp\Downloads\S1575092209709830.pdf 2024-04-03 19:19 - 2024-04-03 19:19 - 000042572 _____ C:\Users\hp\Downloads\240.349.pdf 2024-04-03 17:58 - 2024-04-03 17:58 - 000298130 _____ C:\Users\hp\Downloads\2023 Mod. 390 Electrodatos.pdf 2024-04-03 09:48 - 2024-04-03 09:48 - 000000000 ____D C:\ProgramData\Norton 2024-04-02 20:11 - 2024-04-02 20:11 - 079157808 _____ (Piriform Software Ltd) C:\Users\hp\Downloads\ccsetup621.exe 2024-04-02 11:55 - 2024-04-08 10:44 - 000000701 _____ C:\Users\hp\Desktop\SEGURO.txt 2024-04-02 10:54 - 2024-04-02 10:54 - 000000992 __RSH C:\ProgramData\ntuser.pol 2024-04-02 10:32 - 2024-04-04 16:25 - 000000096 _____ C:\Users\hp\Desktop\Nuevo documento de texto.txt 2024-04-01 17:50 - 2024-04-01 17:50 - 000503389 _____ C:\Users\hp\Downloads\125-2024 MARCAY DENTAL.pdf 2024-04-01 17:50 - 2024-04-01 17:50 - 000503376 _____ C:\Users\hp\Downloads\127-2024 MARCAY DENTAL.pdf 2024-04-01 17:50 - 2024-04-01 17:50 - 000503375 _____ C:\Users\hp\Downloads\126-2024 MARCAY DENTAL.pdf 2024-04-01 16:08 - 2024-04-01 16:08 - 000000025 _____ C:\Users\hp\Downloads\Datos adjuntos sin título 01841.txt 2024-04-01 16:08 - 2024-04-01 16:08 - 000000006 _____ C:\Users\hp\Downloads\Datos adjuntos sin título 01838.txt 2024-04-01 16:08 - 2024-04-01 16:08 - 000000006 _____ C:\Users\hp\Downloads\Datos adjuntos sin título 01835.txt 2024-04-01 16:08 - 2024-04-01 16:08 - 000000006 _____ C:\Users\hp\Downloads\Datos adjuntos sin título 01832.txt 2024-04-01 16:08 - 2024-04-01 16:08 - 000000006 _____ C:\Users\hp\Downloads\Datos adjuntos sin título 01829.txt 2024-04-01 16:08 - 2024-04-01 16:08 - 000000006 _____ C:\Users\hp\Downloads\Datos adjuntos sin título 01826.txt 2024-04-01 16:08 - 2024-04-01 16:08 - 000000006 _____ C:\Users\hp\Downloads\Datos adjuntos sin título 01823.txt 2024-04-01 16:07 - 2024-04-01 16:08 - 000000000 __SHD C:\ProgramData\SyncFusion-5e92ca1d-d425-4cf2-965f-d909bd428075 2024-04-01 16:07 - 2024-04-01 16:07 - 001120570 _____ C:\Windows\SysWOW64\blob234.dat 2024-03-29 13:19 - 2024-03-29 13:19 - 000524439 _____ C:\Users\hp\Downloads\SOL VIDA DAVID DIAZ DEL CAMPO MINGUEZ_signed.pdf 2024-03-29 13:17 - 2024-03-29 13:17 - 000001007 _____ C:\Users\Public\Desktop\AutoFirma.lnk 2024-03-29 13:17 - 2024-03-29 13:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoFirma 2024-03-29 13:16 - 2024-03-29 13:17 - 000000000 ____D C:\Program Files\AutoFirma 2024-03-29 13:10 - 2024-03-29 13:10 - 000000000 ____D C:\Users\hp\Downloads\AutoFirma64 2024-03-29 13:09 - 2024-03-29 13:10 - 111839544 _____ C:\Users\hp\Downloads\AutoFirma64.zip 2024-03-29 13:05 - 2024-03-29 13:05 - 000000000 _RSHD C:\ProgramData\WindowsTask 2024-03-29 13:05 - 2024-03-29 13:05 - 000000000 _RSHD C:\ProgramData\Windows Tasks Service 2024-03-29 13:05 - 2024-03-29 13:05 - 000000000 _RSHD C:\ProgramData\Setup 2024-03-29 13:05 - 2024-03-29 13:05 - 000000000 _RSHD C:\ProgramData\ReaItekHD 2024-03-29 13:05 - 2024-03-29 13:05 - 000000000 _RSHD C:\ProgramData\RDP Wrapper 2024-03-29 13:05 - 2024-03-29 13:05 - 000000000 _RSHD C:\Program Files\RDP Wrapper 2024-03-29 13:05 - 2024-03-29 13:05 - 000000000 _RSHD C:\Program Files (x86)\360 2024-03-29 13:05 - 2024-03-29 13:05 - 000000000 ____D C:\Program Files (x86)\kingfisher arrange 2024-03-29 13:04 - 2024-04-22 12:10 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-03-29 13:03 - 2024-03-29 13:03 - 000483662 _____ C:\Users\hp\Downloads\SOL VIDA DAVID DIAZ DEL CAMPO MINGUEZ.pdf 2024-03-26 18:35 - 2024-04-02 20:14 - 000000000 ____D C:\Users\hp\AppData\Local\CrashDumps 2024-03-26 18:35 - 2024-03-26 18:55 - 000000000 ____D C:\AdwCleaner 2024-03-26 18:35 - 2024-03-26 18:35 - 008790880 _____ (Malwarebytes) C:\Users\hp\Downloads\adwcleaner.exe 2024-03-26 18:21 - 2024-03-26 18:21 - 002589624 _____ (Malwarebytes) C:\Users\hp\Downloads\MBSetup (1).exe 2024-03-26 14:49 - 2024-04-15 17:01 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2024-03-26 14:23 - 2024-03-26 14:23 - 000109459 _____ C:\Users\hp\Downloads\ALTA RETA PABLO ACTUAL.pdf 2024-03-26 14:22 - 2024-03-26 14:22 - 000235061 _____ C:\Users\hp\Downloads\CERTIFICADO AEAT.pdf 2024-03-26 14:22 - 2024-03-26 14:22 - 000214398 _____ C:\Users\hp\Downloads\CERTIFICADO TGSS.pdf 2024-03-26 14:22 - 2024-03-26 14:22 - 000134816 _____ C:\Users\hp\Downloads\IDC ABEL.pdf 2024-03-26 14:22 - 2024-03-26 14:22 - 000133800 _____ C:\Users\hp\Downloads\IDC SERGIO.pdf 2024-03-26 14:22 - 2024-03-26 14:22 - 000109665 _____ C:\Users\hp\Downloads\RETA DAVID.pdf ==================== Un mes (modificado) ================== (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2024-04-23 17:43 - 2021-02-09 20:16 - 000000000 ____D C:\Windows\system32\SleepStudy 2024-04-23 17:43 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-04-23 17:23 - 2021-12-04 12:00 - 000000000 ____D C:\ProgramData\boost_interprocess 2024-04-23 17:23 - 2021-10-07 17:20 - 000000000 ____D C:\Users\hp\AppData\Roaming\Microsoft\Teams 2024-04-23 17:23 - 2021-02-09 20:50 - 000000000 __SHD C:\Users\hp\IntelGraphicsProfiles 2024-04-23 12:50 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2024-04-23 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness 2024-04-23 12:24 - 2021-02-09 20:22 - 001782208 _____ C:\Windows\system32\PerfStringBackup.INI 2024-04-23 12:24 - 2019-12-07 16:55 - 000792600 _____ C:\Windows\system32\perfh00A.dat 2024-04-23 12:24 - 2019-12-07 16:55 - 000157478 _____ C:\Windows\system32\perfc00A.dat 2024-04-23 12:24 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF 2024-04-23 12:20 - 2021-12-20 12:56 - 000000000 ____D C:\Windows\SystemTemp 2024-04-23 12:20 - 2021-02-09 20:58 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2024-04-23 12:18 - 2022-06-14 10:02 - 000000648 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2895085854-1970825321-3648630973-1001.job 2024-04-23 12:18 - 2022-06-14 10:02 - 000000552 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2895085854-1970825321-3648630973-1001.job 2024-04-23 12:18 - 2021-12-16 10:12 - 000000000 ____D C:\ProgramData\VMware 2024-04-23 12:18 - 2021-08-19 12:29 - 000000000 ____D C:\Program Files\TeamViewer 2024-04-23 12:18 - 2021-02-09 20:36 - 000000000 ____D C:\Intel 2024-04-23 12:18 - 2021-02-09 20:16 - 000008192 ___SH C:\DumpStack.log.tmp 2024-04-23 12:18 - 2021-02-09 20:16 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2024-04-23 12:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState 2024-04-22 20:01 - 2019-12-07 11:03 - 001048576 _____ C:\Windows\system32\config\BBI 2024-04-22 19:31 - 2021-04-23 13:22 - 000002408 _____ C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-04-22 12:10 - 2023-01-17 10:44 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2024-04-18 19:30 - 2021-02-09 20:25 - 000000000 ____D C:\Users\hp\AppData\Local\Packages 2024-04-18 18:24 - 2021-04-28 09:48 - 000000000 ____D C:\Users\hp\AppData\Roaming\Microsoft\Excel 2024-04-18 18:24 - 2021-03-15 20:25 - 000000000 ____D C:\Users\hp\AppData\Roaming\Microsoft\Word 2024-04-18 18:14 - 2021-04-23 13:19 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2024-04-15 17:30 - 2022-06-14 10:02 - 000003812 _____ C:\Windows\system32\Tasks\G2MUploadTask-S-1-5-21-2895085854-1970825321-3648630973-1001 2024-04-15 17:30 - 2022-06-14 10:02 - 000003716 _____ C:\Windows\system32\Tasks\G2MUpdateTask-S-1-5-21-2895085854-1970825321-3648630973-1001 2024-04-15 17:30 - 2022-06-14 10:02 - 000000000 ____D C:\Users\hp\AppData\Local\GoToMeeting 2024-04-15 17:01 - 2021-02-09 20:58 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2024-04-11 13:28 - 2021-09-09 19:08 - 000000000 ____D C:\Users\hp\AppData\Roaming\AnyDesk 2024-04-11 13:27 - 2021-09-09 19:09 - 000000000 ____D C:\ProgramData\AnyDesk 2024-04-11 13:27 - 2021-09-09 19:09 - 000000000 ____D C:\Program Files (x86)\AnyDesk 2024-04-11 08:20 - 2021-02-09 20:16 - 000000000 ____D C:\Windows\system32\Drivers\wd 2024-04-10 12:51 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp 2024-04-10 12:42 - 2021-09-09 18:59 - 000000000 ____D C:\Users\hp\AppData\Roaming\Microsoft\Outlook 2024-04-10 12:40 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing 2024-04-09 17:33 - 2021-09-28 19:39 - 000000000 ____D C:\Users\hp\Documents\Plantillas personalizadas de Office 2024-04-05 07:50 - 2021-02-09 20:52 - 000003708 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-04-05 07:50 - 2021-02-09 20:52 - 000003584 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-04-03 11:36 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP 2024-04-02 20:14 - 2022-10-13 17:51 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2024-04-02 20:14 - 2021-02-09 21:16 - 000000000 ____D C:\Windows\Panther 2024-04-02 20:14 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports 2024-04-01 16:07 - 2021-10-06 16:29 - 000000000 ____D C:\ProgramData\Package Cache 2024-03-29 13:20 - 2022-02-24 11:34 - 000000000 ____D C:\Users\hp\.afirma 2024-03-26 18:55 - 2021-10-21 09:12 - 000000000 ____D C:\Users\hp\AppData\Roaming\IObit 2024-03-26 18:34 - 2024-03-14 20:41 - 000000000 ____D C:\ProgramData\DirectSoundDriver 2.36.198.60 2024-03-26 18:33 - 2024-03-19 20:05 - 000000004 ____H C:\ProgramData\rc60.dat 2024-03-25 19:20 - 2024-03-22 19:41 - 000009271 _____ C:\Users\hp\Documents\HORAS_JESUS.xlsx ==================== Archivos en la raíz de algunos directorios ======== 2024-03-19 20:05 - 2024-03-26 18:33 - 000000004 ____H () C:\ProgramData\rc60.dat 2024-03-19 20:04 - 2024-03-19 20:04 - 000000128 ____H () C:\ProgramData\resource-a.dat 2024-03-19 20:04 - 2024-03-19 20:04 - 000000128 ____H () C:\ProgramData\resource-b.dat 2024-03-19 20:04 - 2024-03-19 20:04 - 000000008 ____H () C:\ProgramData\ts60.dat 2023-01-13 19:34 - 2023-01-13 20:52 - 000634296 _____ (ForensiT Limited) C:\ProgramData\UserProfileMigrationService.exe 2021-09-22 09:20 - 2021-09-22 09:20 - 000066628 _____ () C:\Program Files (x86)\CMS Setup Log.txt 2021-10-01 11:16 - 2021-10-01 11:17 - 000006893 _____ () C:\Program Files (x86)\DeviceManage Setup Log.txt 2021-10-01 11:19 - 2021-10-01 11:19 - 000002891 _____ () C:\Program Files (x86)\DeviceManage Uninstall Log.txt 2021-10-01 11:19 - 2021-10-01 11:19 - 000007021 _____ () C:\Program Files (x86)\Upgrade Setup Log.txt 2023-12-07 12:53 - 2023-12-14 10:35 - 000051957 _____ () C:\Users\hp\AppData\Roaming\Valores separados por comas.ADR 2022-04-13 16:54 - 2022-04-13 16:54 - 000000000 _____ () C:\Users\hp\AppData\Local\zenmap.exe.log 2022-09-26 08:05 - 2022-09-26 08:05 - 000000000 _____ () C:\Users\hp\AppData\Local\{2BA03023-FAB3-4D99-857D-622040BAB574} ==================== FLock ============================== 2024-03-29 13:05 C:\Program Files\RDP Wrapper 2024-03-29 13:05 C:\Program Files (x86)\360 2024-03-29 13:05 C:\ProgramData\RDP Wrapper 2024-03-29 13:05 C:\ProgramData\ReaItekHD 2024-03-29 13:05 C:\ProgramData\Setup 2024-03-29 13:05 C:\ProgramData\Windows Tasks Service 2024-03-29 13:05 C:\ProgramData\WindowsTask ==================== SigCheck ============================ (No existe una corrección automática para los archivos que no pasan la verificación.) ==================== Final de FRST.txt ========================