Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 08-07-2020 01 Ejecutado por xabig (administrador) sobre FORMULA1 (Gigabyte Technology Co., Ltd. To be filled by O.E.M.) (12-07-2020 17:24:44) Ejecutado desde D:\ESCRITORIO Perfiles cargados: xabig Platform: Windows 10 Pro Versión 1909 18363.900 (X64) Idioma: Español (España, internacional) Navegador predeterminado: FF Modo de Inicio: Normal Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesos (Lista blanca) ================= (Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DTAgent.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe (Mega Limited -> Mega Limited) C:\Users\xabig\AppData\Local\MEGAsync\MEGAsync.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2005.23.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20400.0_x64__8wekyb3d8bbwe\HxOutlook.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20400.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12006.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Microsoft Windows Hardware Compatibility Publisher -> PixArt Imaging Incorporation) C:\Windows\Philips\SPZ2000\GUCI_AVS.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8> (Nalpeiron LTD -> Nalpeiron Ltd.) [Archivo no firmado] C:\Windows\SysWOW64\nlssrv32.exe (Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (PcWinTech.com) [Archivo no firmado] C:\Program Files (x86)\CleanMem\Mini_Monitor.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Shenzhen Huion Animation Technology Co.,LTD -> Graphic Tablet Company Shenzhen) C:\PenTabletDriver\TabletDriver.exe (Shenzhen Huion Animatzon Technology Co.,Ltd -> Tablet Driver) C:\Windows\System32\drivers\WTSrv.exe (Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe <5> (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe (TEFINCOM S.A. -> ) C:\Program Files (x86)\NordVPN\nordvpn-service.exe ==================== Registro (Lista blanca) =================== (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9277520 2020-04-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [SPZ2000_Monitor] => C:\Windows\Philips\SPZ2000\GUCI_AVS.exe [323584 2007-12-10] (Microsoft Windows Hardware Compatibility Publisher -> PixArt Imaging Incorporation) HKLM\...\Run: [TabletDriver] => C:\PenTabletDriver\TabletDriver.exe [3160448 2018-11-12] (Shenzhen Huion Animation Technology Co.,LTD -> Graphic Tablet Company Shenzhen) HKLM-x32\...\Run: [WTClient] => C:\Windows\SysWOW64\WTClient.exe [41304 2014-01-13] (Shenzhen Huion Animatzon Technology Co.,Ltd -> Tablet Driver) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.) HKU\S-1-5-21-2123503126-2224654030-2906569905-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [29072568 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-2123503126-2224654030-2906569905-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [648328 2020-04-13] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-2123503126-2224654030-2906569905-1001\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [451952 2018-11-16] (AVB Disc Soft, SIA -> Disc Soft Ltd) HKU\S-1-5-21-2123503126-2224654030-2906569905-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3375904 2020-06-04] (Valve -> Valve Corporation) HKU\S-1-5-21-2123503126-2224654030-2906569905-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44024 2020-01-19] (Glarysoft LTD -> Glarysoft Ltd) HKU\S-1-5-21-2123503126-2224654030-2906569905-1001\...\Run: [Samsung DeX] => C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe [12822184 2020-03-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) HKU\S-1-5-21-2123503126-2224654030-2906569905-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [9259952 2020-06-22] (Support.com Inc -> SUPERAntiSpyware) HKU\S-1-5-21-2123503126-2224654030-2906569905-1001\...\MountPoints2: {7bcda689-4be1-11ea-bd13-1c1b0d614fee} - "E:\setup_vmc_lite.exe" /checkApplicationPresence HKU\S-1-5-21-2123503126-2224654030-2906569905-1001\...\MountPoints2: {d4a935a5-5620-11ea-bd22-1c1b0d614fee} - "E:\setup.exe" HKU\S-1-5-21-2123503126-2224654030-2906569905-1001\...\MountPoints2: {e95a700c-bab7-11ea-bdfc-0022f717c4d3} - "E:\setup.exe" HKLM\...\Windows x64\Print Processors\hpfpp70v: C:\Windows\System32\spool\prtprocs\x64\hpfpp70v.dll [248320 2009-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\hpf3l70v.dll: C:\Windows\system32\hpf3l70v.dll [136704 2009-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-24] (Google LLC -> Google LLC) IFEO\osppsvc.exe: [VerifierDlls] SppExtComObjHook.dll IFEO\SppExtComObj.exe: [VerifierDlls] SppExtComObjHook.dll Startup: C:\Users\xabig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2020-03-24] ShortcutTarget: MEGAsync.lnk -> C:\Users\xabig\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited) InternetURL: C:\Users\xabig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vfhost.url -> URL: "C:\Users\xabig\AppData\Roaming\vfhost\arCnnXKUWf.vbs" BootExecute: autocheck autochk * sdnclean64.exe ==================== Tareas programadas (Lista blanca) ============ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) Task: {070ACB52-1377-411D-9B92-22A934B002C3} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\7.3.0\AutoUpdate.exe [2369808 2020-02-17] (IObit Information Technology -> IObit) Task: {36996039-2F45-4C86-AA7A-D8262F38196B} - System32\Tasks\BoostTray SkipUAC (xabig) => C:\Program Files (x86)\IObit\Driver Booster\7.3.0\BoostTray.exe [3173136 2020-02-18] (IObit Information Technology -> IObit) Task: {39A407CC-17CC-4979-91E0-544C92B12792} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.) Task: {4063B224-FA28-4F8B-9FE9-B084025B675A} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2123503126-2224654030-2906569905-1001 => C:\Users\xabig\AppData\Local\MEGAsync\MEGAupdater.exe [615672 2020-07-02] (Mega Limited -> Mega Limited) Task: {4523B06E-4B3D-4AD6-B59C-A53090E6F119} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24690360 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd) Task: {560340C0-4D76-4CD2-A025-5BD6B5A72B10} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23810952 2020-06-23] (Microsoft Corporation -> Microsoft Corporation) Task: {5FC7F870-A95D-4744-BE4B-8BF03B70A203} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.) Task: {6B51725B-C884-4E5E-9380-2D5F137C487E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [124112 2020-07-10] (Mozilla Corporation -> Mozilla Foundation) Task: {7B53E79A-71F5-4E70-BC30-CFE9231CDFA1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4569496 2020-07-10] (Microsoft Corporation -> Microsoft Corporation) Task: {7F727BED-A3FD-4B1B-9CBC-9162BAAFBD38} - System32\Tasks\CleanMem Mini Monitor => C:\Program Files (x86)\CleanMem\mini_monitor.exe [1417216 2012-10-04] (PcWinTech.com) [Archivo no firmado] Task: {84174A0C-4735-495D-9BB2-6F5342C6690B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-06] (Google LLC -> Google LLC) Task: {8BFA8AFF-BFEA-47D0-BA07-E6824B7A857C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4569496 2020-07-10] (Microsoft Corporation -> Microsoft Corporation) Task: {9252CB2E-E9B0-4270-BB51-B3884918880E} - System32\Tasks\Clean System Memory => C:\Windows\syswow64\CleanMem.exe [61440 2014-08-21] (PcWinTech.com) [Archivo no firmado] Task: {926E2EE1-DC12-46BB-82A8-1A9A083E4DF8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.) Task: {92FBBA7D-24D0-41B2-AEB1-9A5EF0D2C0FC} - System32\Tasks\SUPERAntiSpyware Scheduled Task 1d8bf53b-27ae-4262-ab9b-426e164c48d1 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2013-11-07] (SUPERAntiSpyware.com -> SUPERAdBlocker.com) Task: {AF97137D-31D0-4250-8667-E6E993B47921} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [123744 2020-07-10] (Microsoft Corporation -> Microsoft Corporation) Task: {B3AB8EA4-484A-4961-92DF-D253CF15C5E8} - System32\Tasks\Driver Booster SkipUAC (xabig) => C:\Program Files (x86)\IObit\Driver Booster\7.3.0\DriverBooster.exe [7892240 2020-02-20] (IObit Information Technology -> IObit) Task: {BD24B3A5-0F4D-4654-B937-F8E639B1EAD1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-06] (Google LLC -> Google LLC) Task: {C4964E89-7036-4F75-8D7A-A49B293142AF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [123744 2020-07-10] (Microsoft Corporation -> Microsoft Corporation) Task: {D01603C1-9EF2-4383-8AFB-F9E4E8FE8307} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd) Task: {DD9F4F68-A951-47A0-99A6-5A0DF243176C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23810952 2020-06-23] (Microsoft Corporation -> Microsoft Corporation) Task: {DED9408F-0C5E-43F0-A66D-DEB636109CA0} - System32\Tasks\AdwCleaner_onReboot => D:\PROGRAMAS\AdwCleaner 8.0.2 por JimmyTutoriales\AdwCleaner 8.0.2 por JimmyTutoriales\adwcleaner_8.0.6.exe [8420016 2020-07-10] (Malwarebytes Inc -> Malwarebytes) Task: {FDF9CE63-6439-4B38-A73B-1302133B94D4} - System32\Tasks\SUPERAntiSpyware Scheduled Task f7c9f8a5-3b03-49d5-afa2-a35296a540cd => C:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2013-11-07] (SUPERAntiSpyware.com -> SUPERAdBlocker.com) (Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.) Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 1d8bf53b-27ae-4262-ab9b-426e164c48d1.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task f7c9f8a5-3b03-49d5-afa2-a35296a540cd.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe ==================== Internet (Lista blanca) ==================== (Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.) ProxyServer: [S-1-5-21-2123503126-2224654030-2906569905-1001] => 127.0.0.1:8003 Hosts: 0.0.0.0 activation.phaseone.com Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.1 Tcpip\..\Interfaces\{cb323529-a89f-4c6f-a8a0-7fa6ce26b98a}: [DhcpNameServer] 192.168.0.1 192.168.0.1 Internet Explorer: ================== HKU\S-1-5-21-2123503126-2224654030-2906569905-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP SearchScopes: HKU\S-1-5-21-2123503126-2224654030-2906569905-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-02-18] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_251\bin\ssv.dll [2020-07-03] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-07-03] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-02-18] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-10] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-10] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-10] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-10] (Microsoft Corporation -> Microsoft Corporation) Edge: ====== DownloadDir: D:\DESCARGAS FireFox: ======== FF DefaultProfile: k6ul7t8n.default FF ProfilePath: C:\Users\xabig\AppData\Roaming\Mozilla\Firefox\Profiles\k6ul7t8n.default [2020-02-28] FF NewTab: Mozilla\Firefox\Profiles\k6ul7t8n.default -> hxxps://defaultsearch.co/homepage?hp=1&pId=AE190201&iDate=2020-02-24 09:31:10&bName=&bitmask=0600 FF ProfilePath: C:\Users\xabig\AppData\Roaming\Mozilla\Firefox\Profiles\ch0l2z97.default-release [2020-07-12] FF DownloadDir: D:\DESCARGAS FF Homepage: Mozilla\Firefox\Profiles\ch0l2z97.default-release -> hxxps://google.es FF NewTab: Mozilla\Firefox\Profiles\ch0l2z97.default-release -> hxxps://defaultsearch.co/homepage?hp=1&pId=AE190201&iDate=2020-02-24 09:31:10&bName=&bitmask=0600 FF NetworkProxy: Mozilla\Firefox\Profiles\ch0l2z97.default-release -> type", 4 FF Session Restore: Mozilla\Firefox\Profiles\ch0l2z97.default-release -> está habilitado. FF Notifications: Mozilla\Firefox\Profiles\ch0l2z97.default-release -> hxxps://forospyware.com FF Extension: (Al traductor de Google) - C:\Users\xabig\AppData\Roaming\Mozilla\Firefox\Profiles\ch0l2z97.default-release\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2020-02-11] FF Extension: (Kaspersky Protection) - C:\Users\xabig\AppData\Roaming\Mozilla\Firefox\Profiles\ch0l2z97.default-release\Extensions\light_plugin_B29D4AD94F82454BBC9215BCBD7E80AE@kaspersky.com.xpi [2020-06-27] FF Extension: (NordVPN – #1 VPN Proxy Extension for Firefox) - C:\Users\xabig\AppData\Roaming\Mozilla\Firefox\Profiles\ch0l2z97.default-release\Extensions\nordvpnproxy@nordvpn.com.xpi [2020-05-24] FF Plugin: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-07-03] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-07-03] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-02-18] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-02-18] (Microsoft Corporation -> Microsoft Corporation) FF Plugin HKU\S-1-5-21-2123503126-2224654030-2906569905-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\xabig\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-14] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2020-03-03] <==== ATENCIÓN (Apunta a archivo *.cfg) FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2020-03-03] <==== ATENCIÓN Chrome: ======= CHR Profile: C:\Users\xabig\AppData\Local\Google\Chrome\User Data\Default [2020-07-12] CHR Extension: (Presentaciones) - C:\Users\xabig\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-05-07] CHR Extension: (Documentos) - C:\Users\xabig\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-05-07] CHR Extension: (Google Drive) - C:\Users\xabig\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-05-07] CHR Extension: (YouTube) - C:\Users\xabig\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-05-07] CHR Extension: (Kaspersky Protection) - C:\Users\xabig\AppData\Local\Google\Chrome\User Data\Default\Extensions\elhpdacimkjpccooodognopfhbdgnpbk [2020-05-07] CHR Extension: (Hojas de cálculo) - C:\Users\xabig\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-05-07] CHR Extension: (Documentos de Google sin conexión) - C:\Users\xabig\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-08] CHR Extension: (Shutterstock Reveal) - C:\Users\xabig\AppData\Local\Google\Chrome\User Data\Default\Extensions\iogibhaacmieogkdgebfbjgoofdlcmgb [2020-05-07] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\xabig\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-05-07] CHR Extension: (Gmail) - C:\Users\xabig\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-05-07] CHR Extension: (Chrome Media Router) - C:\Users\xabig\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-08] CHR HKLM\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk CHR HKLM-x32\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk ==================== Servicios (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) S2 AVP20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\avp.exe [357416 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10574728 2020-06-23] (Microsoft Corporation -> Microsoft Corporation) R3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe [6950256 2018-11-16] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 klvssbridge64_20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\vssbridge64.exe [438928 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab) S3 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [354008 2019-02-08] (Kaspersky Lab -> AO Kaspersky Lab) S3 KSDE4.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksde.exe [619752 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab) S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6970968 2020-07-12] (Malwarebytes Inc -> Malwarebytes) R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2011-09-22] (Nalpeiron LTD -> Nalpeiron Ltd.) [Archivo no firmado] R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [244176 2020-05-28] (TEFINCOM S.A. -> ) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [874472 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5930136 2020-04-16] (Microsoft Windows Publisher -> Microsoft Corporation) S3 ss_conn_launcher_service; C:\Windows\System32\Samsung\EasySetup\ss_conn_launcher.exe [182120 2019-12-17] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2019-12-17] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [933304 2019-12-17] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-03-03] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-03-03] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinTabService; C:\Windows\System32\Drivers\WTSRV.EXE [82264 2014-01-13] (Shenzhen Huion Animatzon Technology Co.,Ltd -> Tablet Driver) ===================== Controladores (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) R3 AlpsHidSmb; C:\Windows\system32\DRIVERS\ApSmbDrv.sys [120208 2020-03-11] (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [136040 2019-12-17] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 dot4; C:\Windows\System32\drivers\Dot4.sys [151968 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider) S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider) S3 dot4usb; C:\Windows\System32\drivers\dot4usb.sys [49056 2012-10-19] (Hewlett-Packard Company -> Microsoft Corporation) R3 dtultrascsibus; C:\Windows\System32\drivers\dtultrascsibus.sys [30264 2020-02-24] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtultrausbbus; C:\Windows\System32\drivers\dtultrausbbus.sys [47672 2020-02-24] (Disc Soft Ltd -> Disc Soft Ltd) S3 GDDFUDriver; C:\Windows\System32\drivers\GDDFUDriver.sys [12288 2020-02-02] (GigaDevice Semiconductor (Beijing) Inc. -> ) R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [28936 2020-03-09] (Glarysoft LTD -> Glarysoft Ltd) S3 GUCI_AVS; C:\Windows\system32\DRIVERS\GUCI_AVS.sys [646656 2010-06-10] (Microsoft Windows Hardware Compatibility Publisher -> PixArt Imaging Incorporation) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2020-03-09] (Martin Malik - REALiX -> REALiX(tm)) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [79768 2020-04-14] (Kaspersky Lab -> AO Kaspersky Lab) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [145504 2020-02-08] (Kaspersky Lab -> AO Kaspersky Lab) R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [93312 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [37816 2020-02-08] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab) R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [251800 2020-04-14] (Kaspersky Lab -> AO Kaspersky Lab) R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [633600 2020-04-29] (Kaspersky Lab -> AO Kaspersky Lab) R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1217792 2020-04-29] (Kaspersky Lab -> AO Kaspersky Lab) S3 klids; C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\klids.sys [240200 2020-07-07] (Kaspersky Lab -> AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [998296 2020-04-14] (Kaspersky Lab -> AO Kaspersky Lab) R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab) R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [79760 2020-04-14] (Kaspersky Lab -> AO Kaspersky Lab) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab) S3 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [45904 2019-03-10] (Kaspersky Lab -> AO Kaspersky Lab) R3 kltap; C:\Windows\System32\drivers\kltap.sys [48592 2018-03-16] (AnchorFree Inc -> The OpenVPN Project) R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [256752 2020-04-13] (Kaspersky Lab -> AO Kaspersky Lab) R3 klupd_klif_kimul; C:\Windows\System32\Drivers\klupd_klif_kimul.sys [99152 2020-03-03] (Kaspersky Lab -> AO Kaspersky Lab) S3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [309968 2020-04-09] (Kaspersky Lab -> AO Kaspersky Lab) R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [116920 2020-06-30] (Kaspersky Lab -> AO Kaspersky Lab) R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [206880 2020-04-13] (Kaspersky Lab -> AO Kaspersky Lab) R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab) R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [211048 2020-02-08] (Kaspersky Lab -> AO Kaspersky Lab) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [232344 2020-04-14] (Kaspersky Lab -> AO Kaspersky Lab) S3 leusbser; C:\Windows\System32\drivers\leusbser.sys [238080 2016-06-30] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2020-07-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-07-12] (Malwarebytes Inc -> Malwarebytes) R3 nlwt; C:\Windows\system32\DRIVERS\nlwt.sys [39360 2020-04-24] (TEFINCOM S.A. -> WireGuard LLC) R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_63268710a2dc3648\nvlddmkm.sys [23439080 2020-04-02] (NVIDIA Corporation -> NVIDIA Corporation) S3 NVSWCFilter; C:\Windows\System32\drivers\nvswcfilter.sys [53752 2019-04-30] (NVIDIA Corporation -> NVIDIA Corporation) S3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [75600 2019-08-22] (NVIDIA Corporation -> NVIDIA Corporation) S2 PTSimBus; C:\Windows\System32\Drivers\PTSimBus.sys [32600 2014-01-13] (Shenzhen Huion Animatzon Technology Co.,Ltd -> PenTablet Driver) S3 PTSimHid; C:\Windows\System32\Drivers\PTSimHid.sys [22360 2014-01-13] (Shenzhen Huion Animatzon Technology Co.,Ltd -> PenTablet Driver) S3 qcfilter; C:\Windows\System32\drivers\qcusbfilter.sys [40448 2014-05-23] (USBHostDriver(Test003) -> QUALCOMM Incorporated) S3 qcusbser; C:\Windows\System32\drivers\qcusbser.sys [243712 2014-05-23] (USBHostDriver(Test003) -> QUALCOMM Incorporated) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [56840 2020-03-09] (Synaptics Incorporated -> Synaptics Incorporated) R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software) S3 ssudcdf; C:\Windows\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166760 2019-12-17] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [43368 2019-12-17] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 tapnordvpn; C:\Windows\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project) S3 TClass2k; C:\Windows\System32\Drivers\TClass2k.sys [32600 2014-01-13] (Shenzhen Huion Animatzon Technology Co.,Ltd -> Tablet Driver) S3 UcmCxUcsiNvppc; C:\Windows\System32\drivers\UcmCxUcsiNvppc.sys [461592 2019-10-04] (NVIDIA Corporation -> NVIDIA Corporation) S3 UCTblHid; C:\Windows\System32\Drivers\UCTblHid.sys [27992 2014-01-13] (Shenzhen Huion Animatzon Technology Co.,Ltd -> Tablet Driver) S3 usbUDisc; C:\Windows\System32\drivers\USBDrv_AMD64.sys [18392 2013-01-25] (Allwinner Technology Co.,Ltd. -> Scott) R3 vmulti; C:\Windows\System32\drivers\vmulti.sys [10752 2014-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [45664 2020-03-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [355760 2020-03-03] (Microsoft Windows -> Microsoft Corporation) S3 wdm_usb; C:\Windows\System32\drivers\usb2ser.sys [159936 2019-03-22] (NGO -> MBB) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [54192 2020-03-03] (Microsoft Windows -> Microsoft Corporation) R3 XtuAcpiDriver; C:\Windows\System32\drivers\XtuAcpiDriver.sys [51536 2019-06-05] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) S3 Tablet2k; "%SystemRoot%\System32\Drivers\Tablet2k.sys" [X] ==================== NetSvcs (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) ==================== Un mes (creado) =================== (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2020-07-12 17:24 - 2020-07-12 17:24 - 000000000 ____D C:\FRST 2020-07-12 17:01 - 2020-07-12 17:01 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2020-07-12 17:01 - 2020-07-12 17:01 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2020-07-12 17:01 - 2020-07-12 17:01 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys 2020-07-12 17:01 - 2020-07-12 17:01 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2020-07-12 17:01 - 2020-07-12 17:01 - 000000000 ____D C:\Users\xabig\AppData\Local\mbam 2020-07-12 17:01 - 2020-07-12 17:01 - 000000000 ____D C:\Program Files\Malwarebytes 2020-07-10 23:06 - 2020-07-10 23:06 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\42414245.sys 2020-07-10 22:50 - 2020-07-10 22:56 - 000000528 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task f7c9f8a5-3b03-49d5-afa2-a35296a540cd.job 2020-07-10 22:50 - 2020-07-10 22:56 - 000000528 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 1d8bf53b-27ae-4262-ab9b-426e164c48d1.job 2020-07-10 22:50 - 2020-07-10 22:50 - 000003754 _____ C:\Windows\system32\Tasks\SUPERAntiSpyware Scheduled Task f7c9f8a5-3b03-49d5-afa2-a35296a540cd 2020-07-10 22:50 - 2020-07-10 22:50 - 000003672 _____ C:\Windows\system32\Tasks\SUPERAntiSpyware Scheduled Task 1d8bf53b-27ae-4262-ab9b-426e164c48d1 2020-07-10 22:50 - 2020-07-10 22:50 - 000000000 ____D C:\Users\xabig\AppData\Roaming\SUPERAntiSpyware.com 2020-07-10 22:49 - 2020-07-10 22:49 - 000000000 ____D C:\Users\xabig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware 2020-07-10 22:49 - 2020-07-10 22:49 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com 2020-07-10 22:49 - 2020-07-10 22:49 - 000000000 ____D C:\Program Files\SUPERAntiSpyware 2020-07-10 22:44 - 2020-07-12 17:15 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2020-07-10 22:44 - 2020-07-10 22:49 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy 2020-07-10 22:44 - 2020-07-10 22:44 - 000001464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2020-07-10 22:44 - 2020-07-10 22:44 - 000000000 ____D C:\Windows\system32\Tasks\Safer-Networking 2020-07-10 22:44 - 2020-07-10 22:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2020-07-10 22:44 - 2018-02-06 19:04 - 000032168 _____ (Safer-Networking Ltd.) C:\Windows\system32\sdnclean64.exe 2020-07-10 22:29 - 2020-07-10 22:30 - 000326492 _____ C:\TDSSKiller.3.1.0.28_10.07.2020_22.29.27_log.txt 2020-07-10 21:35 - 2020-07-12 17:15 - 000003300 _____ C:\Windows\system32\Tasks\AdwCleaner_onReboot 2020-07-10 21:29 - 2020-07-10 23:20 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2020-07-10 21:29 - 2020-07-10 21:35 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\E265A508.sys 2020-07-10 21:29 - 2020-07-10 21:29 - 000000000 ____D C:\ProgramData\Malwarebytes 2020-07-10 21:15 - 2020-07-12 17:16 - 000000000 __SHD C:\Users\xabig\AppData\Roaming\vfhost 2020-07-10 21:15 - 2020-07-10 21:20 - 000000000 ____D C:\Users\xabig\AppData\Local\54311ea7-8435-47b8-8ad6-58f4536f30f0 2020-07-10 21:15 - 2020-07-10 21:15 - 000000000 ____D C:\Users\xabig\AppData\LocalLow\3098htrhpen8ifg0 2020-07-10 21:15 - 2020-07-10 21:15 - 000000000 ____D C:\Users\xabig\AppData\Local\de0ea404-7975-40c2-a1d9-3548229f3a41 2020-07-10 20:54 - 2020-07-10 20:54 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2020-07-10 20:53 - 2020-07-10 20:53 - 000000000 ____D C:\Users\xabig\AppData\Roaming\Skype 2020-07-07 13:08 - 2020-07-10 21:21 - 000000000 ____D C:\Program Files\Mozilla Firefox 2020-07-03 18:59 - 2020-07-12 14:06 - 000000000 ____D C:\Users\xabig\AppData\Roaming\USB_HELPER 2020-07-03 18:59 - 2020-07-03 18:59 - 000000673 _____ C:\Users\xabig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wii U USB Helper.lnk 2020-07-03 18:59 - 2020-07-03 18:59 - 000000000 ____D C:\Users\xabig\AppData\Local\Hikari06 2020-07-03 18:22 - 2020-07-03 18:22 - 000000000 ____D C:\Users\xabig\AppData\Roaming\Sun 2020-07-03 18:21 - 2020-07-03 18:21 - 000129192 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2020-07-03 18:21 - 2020-07-03 18:21 - 000000000 ____D C:\Users\xabig\AppData\LocalLow\Sun 2020-07-03 18:21 - 2020-07-03 18:21 - 000000000 ____D C:\ProgramData\Oracle 2020-07-03 18:21 - 2020-07-03 18:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2020-07-03 18:21 - 2020-07-03 18:21 - 000000000 ____D C:\Program Files\Java 2020-07-03 18:05 - 2020-07-03 18:07 - 000000000 ____D C:\Users\xabig\AppData\Roaming\USBHelperLauncher 2020-07-02 10:11 - 2020-07-02 10:11 - 000000000 ____D C:\Windows\system32\Tasks\MEGA 2020-06-30 19:02 - 2020-06-30 19:02 - 000116920 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys 2020-06-30 18:52 - 2020-06-30 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Kart 8 2020-06-30 18:51 - 2020-07-10 21:15 - 000000000 ____D C:\Games 2020-06-25 14:10 - 2020-06-25 14:10 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2020.lnk ==================== Un mes (modificado) ================== (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2020-07-12 17:24 - 2020-02-08 19:22 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2020-07-12 17:21 - 2020-02-08 19:08 - 000000000 ____D C:\Users\xabig\AppData\LocalLow\Mozilla 2020-07-12 17:21 - 2020-02-08 19:00 - 001773366 _____ C:\Windows\system32\PerfStringBackup.INI 2020-07-12 17:21 - 2020-02-08 18:49 - 000788560 _____ C:\Windows\system32\perfh00A.dat 2020-07-12 17:21 - 2020-02-08 18:49 - 000155850 _____ C:\Windows\system32\perfc00A.dat 2020-07-12 17:21 - 2020-02-08 18:47 - 000000000 ____D C:\Windows\INF 2020-07-12 17:20 - 2020-03-04 22:16 - 000000000 ____D C:\Users\xabig\AppData\Local\CrashDumps 2020-07-12 17:15 - 2020-02-08 18:54 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-07-12 17:15 - 2020-02-08 18:54 - 000000000 ____D C:\ProgramData\NVIDIA 2020-07-12 17:15 - 2020-02-08 18:48 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-07-12 17:15 - 2020-02-08 18:44 - 000786432 _____ C:\Windows\system32\config\BBI 2020-07-12 17:01 - 2020-02-08 18:48 - 000000000 ___HD C:\Windows\ELAMBKUP 2020-07-12 12:36 - 2020-02-08 18:53 - 000000000 ____D C:\Windows\system32\SleepStudy 2020-07-12 12:12 - 2020-02-08 22:16 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2020-07-10 23:20 - 2020-02-08 18:44 - 000032768 _____ C:\Windows\system32\config\ELAM 2020-07-10 23:19 - 2020-02-08 19:04 - 000000000 ____D C:\Users\xabig\AppData\Local\VirtualStore 2020-07-10 21:35 - 2020-03-09 12:34 - 000000000 ____D C:\Users\xabig\AppData\Roaming\IObit 2020-07-10 21:35 - 2020-02-08 20:42 - 000000000 ____D C:\AdwCleaner 2020-07-10 21:24 - 2020-02-08 19:59 - 000002988 _____ C:\Windows\system32\Tasks\CCleaner Update 2020-07-10 21:21 - 2020-02-08 19:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-07-10 21:15 - 2020-02-08 19:02 - 000000000 ____D C:\Users\xabig 2020-07-10 20:54 - 2020-02-08 19:08 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2020-07-10 20:53 - 2020-02-08 18:48 - 000000000 ___HD C:\Program Files\WindowsApps 2020-07-10 20:53 - 2020-02-08 18:48 - 000000000 ____D C:\Windows\AppReadiness 2020-07-10 20:49 - 2020-02-08 18:44 - 000000000 ____D C:\Windows\CbsTemp 2020-07-08 20:18 - 2020-04-06 13:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google 2020-07-02 18:09 - 2020-02-08 21:38 - 000000000 ____D C:\Users\xabig\AppData\Roaming\uTorrent 2020-07-02 10:11 - 2020-03-24 18:53 - 000000000 ____D C:\Users\xabig\AppData\Local\MEGAsync 2020-07-01 21:03 - 2020-02-08 19:04 - 000000000 ____D C:\Users\xabig\AppData\Local\Packages 2020-07-01 12:30 - 2020-04-14 18:52 - 000000000 ____D C:\Users\xabig\AppData\Local\ElevatedDiagnostics 2020-07-01 12:30 - 2020-02-08 18:54 - 000000000 ____D C:\Windows\SysWOW64\RTCOM 2020-06-27 14:14 - 2020-02-08 19:06 - 000000000 ___RD C:\Users\xabig\OneDrive 2020-06-26 21:47 - 2020-02-09 20:44 - 000000000 ____D C:\Users\xabig\AppData\Local\CaptureOne 2020-06-26 21:46 - 2020-02-11 13:02 - 000000012 _____ C:\Users\xabig\AppData\Roaming\channelChoice.ini 2020-06-25 14:11 - 2020-02-08 20:15 - 000000000 ____D C:\Users\xabig\AppData\Local\D3DSCache 2020-06-25 14:11 - 2020-02-08 20:14 - 000000000 ____D C:\Users\xabig\AppData\Local\Adobe 2020-06-25 14:10 - 2020-02-08 20:15 - 000000000 ____D C:\Program Files\Common Files\Adobe 2020-06-25 14:09 - 2020-02-08 20:15 - 000000000 ____D C:\Program Files\Adobe 2020-06-25 14:09 - 2020-02-08 20:14 - 000000000 ____D C:\ProgramData\Adobe 2020-06-25 14:09 - 2020-02-08 19:04 - 000000000 ____D C:\Users\xabig\AppData\Roaming\Adobe 2020-06-24 23:56 - 2020-05-07 12:55 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-06-16 14:07 - 2020-02-08 19:06 - 000003366 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2123503126-2224654030-2906569905-1001 2020-06-16 14:07 - 2020-02-08 19:02 - 000002401 _____ C:\Users\xabig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-06-13 10:56 - 2020-03-08 13:04 - 000000000 ____D C:\Program Files (x86)\Steam ==================== Archivos en la raíz de algunos directorios ======== 2020-02-11 13:02 - 2020-06-26 21:46 - 000000012 _____ () C:\Users\xabig\AppData\Roaming\channelChoice.ini 2020-02-11 13:01 - 2020-06-11 19:18 - 000000028 _____ () C:\Users\xabig\AppData\Roaming\kulerdata.json ==================== SigCheck ============================ (No existe una corrección automática para los archivos que no pasan la verificación.) ==================== Final de FRST.txt ========================