Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 01-12-2021 Ejecutado por josel (administrador) sobre DESKTOP-DNR3059 (ASUSTeK COMPUTER INC. X541UJ) (03-12-2021 07:34:07) Ejecutado desde C:\Users\josel\OneDrive\Escritorio Perfiles cargados: josel Plataforma: Microsoft Windows 10 Pro Versión 21H2 19044.1348 (X64) Idioma: Español (España, internacional) Navegador predeterminado: Edge Modo de Inicio: Normal ==================== Procesos (Lista blanca) ================= (Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.) (Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe (Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (DESlock Limited -> DESlock Limited.) C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe (Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\GUBootService.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <8> (ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_778512ee63a728ec\RstMwService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHDCPSvc.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHeciSvc.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2> (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Nero 2020\Nero BackItUp\NBService.exe (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe ==================== Registro (Lista blanca) =================== (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1767944 2016-06-14] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Archivo no firmado] HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [167496 2021-11-26] (ESET, spol. s r.o. -> ESET) HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [827200 2021-02-12] (Acronis International GmbH -> Acronis International GmbH) HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5092056 2021-02-12] (Acronis International GmbH -> ) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5314096 2020-02-04] (Adobe Inc. -> Adobe Systems Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [441448 2019-11-18] (Acronis International GmbH -> Acronis International GmbH) HKLM-x32\...\Run: [Nero BackItUp] => C:\Program Files (x86)\Nero\Nero 2020\Nero BackItUp\BackItUp.exe [1160928 2021-06-04] (Nero AG -> Nero AG) HKLM\...\Policies\Explorer: [HideSCAMeetNow] 1 HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44360 2021-05-15] (Glarysoft LTD -> Glarysoft Ltd) HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35342976 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd) HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65488 2020-02-04] (Adobe Inc. -> Adobe Systems Inc) HKLM\...\Print\Monitors\MPE3 Port: C:\Windows\system32\mpelocalmon.dll [26112 2019-12-03] (Copyright (c) Code Industry Ltd) [Archivo no firmado] HKLM\...\Print\Monitors\Nitro PDF Port 11.8 Monitor: C:\Windows\system32\NxPrinterMonitor11.dll [749664 2018-01-06] (Nitro Software, Inc. -> Nitro Software, Inc.) HKLM\...\Print\Monitors\PCL hpz3lw71: C:\Windows\system32\hpz3lw71.dll [46080 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\96.0.4664.45\Installer\chrmstp.exe [2021-11-16] (Google LLC -> Google LLC) GroupPolicy\User: Restricción ? <==== ATENCIÓN ==================== Tareas programadas (Lista blanca) ============ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) Task: {00E85182-48AC-4EFB-9A3E-7A796D0271A1} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506368 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {16806AA0-AD03-4DA5-A7CE-57869169D6CB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform) Task: {26A0AFE5-633D-431D-9BE2-B148C87D0C9F} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-128158195-93978417-4187598964-1001 => C:\Users\josel\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Ningún archivo) Task: {31A50337-8CD2-4177-985B-3223ADEEA879} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\josel\OneDrive\Escritorio\Seguridad\esetonlinescanner_enu.exe SCHED (Ningún archivo) Task: {4BB10AC2-F655-4A71-A014-B04310245BBE} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-joseluis.bonnet1979@gmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {57FE4697-58D6-4906-8A87-4099455D8994} - System32\Tasks\WpsKtpcntrQingTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\office6\ktpcntr.exe [1531136 2016-11-14] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd) Task: {595853F5-E309-4A70-BA67-C9DCDB2987BB} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\josel\OneDrive\Escritorio\Seguridad\esetonlinescanner_enu.exe LOGON (Ningún archivo) Task: {69D89B30-8342-40A1-9891-EDCCEFF77F17} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122008 2015-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {6A8F02F1-46E1-4334-8530-EFF759DA5AA4} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391104 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {6B3C6687-CB18-407E-805E-1D35021CE43A} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [917832 2021-05-15] (Glarysoft LTD -> Glarysoft Ltd) Task: {6DFA98B1-21BC-4B11-A6D8-ACB679EEA131} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation) Task: {71EA5CEA-254D-43A4-965F-2CBD7F1C4A99} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [909112 2016-07-26] (Intel(R) Trusted Connect Service -> Intel(R) Corporation) Task: {7FAC775E-5C11-4CCA-9CBC-D8B3F4EBDF28} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-10] (Google LLC -> Google LLC) Task: {86795D78-B8E2-4BF4-98FB-6C511A9B33CF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-10] (Google LLC -> Google LLC) Task: {931E8E74-6859-4C2A-9088-E20ACAC874E1} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19786024 2016-08-24] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) Task: {94DCF102-8C69-483E-B961-A788E4BBAA88} - System32\Tasks\ASUSTek Computer Inc\ASUS GIFTBOX => C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe (Ningún archivo) Task: {B5297976-ACB6-44A0-A930-62C71B84D78B} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-DNR3059-josel => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {B85232F3-1DC4-4945-ABD6-278746096C35} - System32\Tasks\WpsExternal_20161114063247 => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe [516352 2016-11-14] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd) Task: {C3FBE6C5-6012-47C8-BCE0-04A47E5C9BE9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {D0696DD3-D469-4DAE-AF6E-78F858CB11BF} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe (Ningún archivo) Task: {D12889D1-1389-47FB-A1EB-2F2FCE7E8BF2} - System32\Tasks\CCleanerSkipUAC - josel => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd) Task: {D223661B-9C4D-4742-AB12-B7590B1AC86E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems) Task: {D77F82AE-E44B-4F5D-B250-CA89EB531319} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {D88F3A4D-E577-4249-9082-C24EFC391665} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {DCE1C91A-9098-445E-9CAC-74E7FBE479A6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E2EA3F37-C040-4FE4-B399-4F3259A205F9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {EB427548-36DA-4749-ABD9-0E0BB78C5462} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122008 2015-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {F07D4166-EEB9-4C9A-842C-2B4CB7A752D3} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) Task: {F3EA6972-CC6C-424C-97B9-27356AF324BE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F8B86920-CBC5-4ED6-8094-50A11D1016AE} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Nero\Nero Apps\NeroInfo\NeroInfo.exe [3867928 2021-08-05] (Nero AG -> Nero AG) Task: {FEDAF044-64D6-420E-8205-6E781C793196} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) (Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\WpsExternal_20161114063247.job => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe Task: C:\WINDOWS\Tasks\WpsKtpcntrQingTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\office6\ktpcntr.exeÃqing 10.1.0.5644 xxx server_url=hxxp:/kdl1.cache.wps.com/ksodl/wpscfg/client/____client____html____service____bubble.html ic_server_url=hxxp:/info.kingsoftstore.com/wpsv6internet/infos.ads ==================== Internet (Lista blanca) ==================== (Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.) Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{7bb37d3b-7cb5-4fcf-9dfe-7c7eec625679}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{c23d0dcb-dc80-47cb-944a-c41a2efeeeec}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Edge: ======= DownloadDir: C:\Users\josel\Downloads Edge HomeButtonPage: HKU\S-1-5-21-128158195-93978417-4187598964-1001 -> hxxps://www.google.es/ Edge Extension: (IDM Integration Module) -> EdgeExtension_TonecIncIDMIntegrationModule_e7b5mm5d3r6v2 => C:\Program Files\WindowsApps\TonecInc.IDMIntegrationModule_6.38.19.0_neutral__e7b5mm5d3r6v2 [2021-06-30] Edge DefaultProfile: Default Edge Profile: C:\Users\josel\AppData\Local\Microsoft\Edge\User Data\cId=128000000001363769&path= [2021-12-02] <==== ATENCIÓN Edge Extension: (Kaspersky Protection) - C:\Users\josel\AppData\Local\Microsoft\Edge\User Data\cId=128000000001363769&path=\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-06-17] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\josel\AppData\Local\Microsoft\Edge\User Data\cId=128000000001363769&path=\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-06-17] Edge Extension: (IDM Integration Module) - C:\Users\josel\AppData\Local\Microsoft\Edge\User Data\cId=128000000001363769&path=\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-03-13] Edge Extension: (IDM Integration Module) - C:\Users\josel\AppData\Local\Microsoft\Edge\User Data\cId=128000000001363769&path=\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2021-03-13] Edge Profile: C:\Users\josel\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-03] Edge Notifications: Default -> hxxps://forospyware.com Edge HomePage: Default -> hxxps://www.google.es/ Edge StartupUrls: Default -> "hxxps://www.google.es/" Edge Extension: (Unlimited Email Tracker by Snov.io) - C:\Users\josel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gojogohjgpelafgaeejgelmplndppifh [2021-10-22] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\josel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-11-26] Edge Extension: (Player para ver Movistar+) - C:\Users\josel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2021-10-22] Edge Extension: (IDM Integration Module) - C:\Users\josel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-10-22] Edge HKU\S-1-5-21-128158195-93978417-4187598964-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] Edge HKU\S-1-5-21-128158195-93978417-4187598964-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx [2021-10-29] Edge HKU\S-1-5-21-128158195-93978417-4187598964-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2021-10-29] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: a69ulssc.default FF ProfilePath: C:\Users\josel\AppData\Roaming\Mozilla\Firefox\Profiles\a69ulssc.default [2021-12-03] FF ProfilePath: C:\Users\josel\AppData\Roaming\Mozilla\Firefox\Profiles\rinfhr9a.default-release [2021-12-03] FF Extension: (Malwarebytes Browser Guard) - C:\Users\josel\AppData\Roaming\Mozilla\Firefox\Profiles\rinfhr9a.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-04-09] FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-02-04] FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.2\FFExt\light_plugin_firefox\addon.xpi => no encontrado FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.2\FFExt\light_plugin_firefox\addon.xpi => no encontrado FF HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi FF Extension: (IDM Integration Module) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2021-03-05] FF HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\josel\AppData\Roaming\IDM\idmmzcc5 FF Extension: (IDM CC) - C:\Users\josel\AppData\Roaming\IDM\idmmzcc5 [2019-05-26] [Heredado] [no firmado] FF HKU\S-1-5-21-128158195-93978417-4187598964-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Heredado] FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-10-16] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-16] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-02-04] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-12-03] Chrome: ======= CHR Profile: C:\Users\josel\AppData\Local\Google\Chrome\User Data\Default [2021-12-03] CHR Notifications: Default -> hxxps://eu1.badoo.com; hxxps://forospyware.com; hxxps://www.infojobs.net CHR Extension: (Presentaciones) - C:\Users\josel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-04-10] CHR Extension: (Documentos) - C:\Users\josel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-04-10] CHR Extension: (Google Drive) - C:\Users\josel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-04-10] CHR Extension: (YouTube) - C:\Users\josel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-04-11] CHR Extension: (Adobe Acrobat) - C:\Users\josel\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-11-16] CHR Extension: (Documentos de Google sin conexión) - C:\Users\josel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-02] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\josel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-11-28] CHR Extension: (ESET Password Manager) - C:\Users\josel\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhapgacijodhjokkcjmleaempmchlem [2021-10-19] CHR Extension: (IDM Integration Module) - C:\Users\josel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2021-10-20] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\josel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-10] CHR Extension: (Gmail) - C:\Users\josel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-04-10] CHR Profile: C:\Users\josel\AppData\Local\Google\Chrome\User Data\System Profile [2021-12-03] CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2021-10-29] CHR HKU\S-1-5-21-128158195-93978417-4187598964-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2021-10-29] CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2021-10-29] ==================== Servicios (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [10425640 2021-02-12] (Acronis International GmbH -> ) R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1264400 2021-02-12] (Acronis International GmbH -> Acronis International GmbH) S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [88136 2019-09-10] (Adobe Inc. -> Adobe Systems) R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6382320 2021-02-16] (Acronis International GmbH -> ) S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated) S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated) R2 dlpsrv; C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe [542400 2019-10-02] (DESlock Limited -> DESlock Limited.) R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3139904 2021-11-26] (ESET, spol. s r.o. -> ESET) R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3139904 2021-11-26] (ESET, spol. s r.o. -> ESET) R2 GUBootService; C:\Program Files (x86)\Glary Utilities 5\GUBootService.exe [865608 2021-05-15] (Glarysoft LTD -> Glarysoft Ltd) S4 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\wtoolex\wpsupdatesvr.exe [133376 2016-11-14] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2021-11-28] (Malwarebytes Inc -> Malwarebytes) R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2019-11-18] (Acronis International GmbH -> Acronis International GmbH) R2 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2019-11-18] (Acronis International GmbH -> Acronis International GmbH) R2 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1933872 2021-02-12] (Acronis International GmbH -> ) R2 NeroBackItUpBackgroundService2021; C:\Program Files (x86)\Nero\Nero 2020\Nero BackItUp\NBService.exe [287456 2021-06-04] (Nero AG -> Nero AG) R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Archivo no firmado] R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Archivo no firmado] S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [14204760 2021-11-18] (ADLICE (ASCOET JULIEN) -> ) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6103464 2021-11-10] (Microsoft Windows Publisher -> Microsoft Corporation) R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7394008 2021-02-12] (Acronis International GmbH -> ) R2 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [7095824 2019-11-18] (Acronis International GmbH -> Acronis International GmbH) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) S4 wpscloudsvr; C:\Program Files (x86)\Kingsoft\WPS Office\wpscloudsvr.exe [162048 2016-11-14] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd) ===================== Controladores (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) R3 AiCharger; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [29312 2016-08-24] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.) S3 AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [163832 2019-01-28] (Microsoft Windows Hardware Compatibility Publisher -> RedFox) S3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [163832 2019-01-28] (Microsoft Windows Hardware Compatibility Publisher -> RedFox) R3 AsusHFilter; C:\WINDOWS\System32\drivers\AsusHFilter.sys [30200 2016-12-22] (ASUSTeK Computer Inc. -> ) R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [112856 2021-04-04] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.) R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.) R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-04] (Bluestack Systems, Inc -> Bluestack System Inc.) R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [251608 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R0 DLMFENC; C:\WINDOWS\System32\DRIVERS\DLMFENC.sys [174152 2019-10-02] (DESlock Limited -> DESlock Ltd.) R0 DLPCRYPT; C:\WINDOWS\System32\DRIVERS\dlpcrypt.sys [121728 2019-10-02] (DESlock Limited -> DESlock Ltd.) R0 dlpvdisk; C:\WINDOWS\System32\DRIVERS\dlpvdisk.sys [98296 2019-10-02] (DESlock Limited -> DESlock Ltd.) R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [183408 2021-10-19] (ESET, spol. s r.o. -> ESET) R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [124496 2021-10-19] (ESET, spol. s r.o. -> ESET) S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET) R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [201984 2021-10-19] (ESET, spol. s r.o. -> ESET) R2 ekbdflt; C:\WINDOWS\System32\drivers\ekbdflt.sys [43920 2021-10-19] (ESET, spol. s r.o. -> ESET) R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG) R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [69736 2021-10-19] (ESET, spol. s r.o. -> ESET) R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107456 2021-10-19] (ESET, spol. s r.o. -> ESET) R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [701064 2021-02-16] (Acronis International GmbH -> Acronis International GmbH) R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [390592 2021-02-16] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) S3 FlashUSB; C:\WINDOWS\System32\drivers\FlashUSB.sys [19968 2014-12-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Mobile Communications) R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [30720 2021-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd) R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS) R3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.) R3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.) R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.) R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [110392 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [212280 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [127288 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [37496 2020-10-21] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab) R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [523576 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [657696 2021-03-15] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1400600 2021-03-15] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1025336 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [95544 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [113464 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [113464 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [85288 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [97080 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [257208 2021-04-12] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [310232 2021-04-12] (Kaspersky Lab JSC -> AO Kaspersky Lab) R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [116888 2021-04-12] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [207352 2021-04-12] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [153400 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [250168 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 kqemu; C:\Windows\SysWOW64\DRIVERS\kqemu.sys [144622 2021-03-26] () [Archivo no firmado] R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210352 2021-12-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-04-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-12-03] (Malwarebytes Inc -> Malwarebytes) S3 RkFlt; C:\Windows\System32\drivers\rkflt.sys [42056 2021-12-03] (Adlice -> ) S3 shspusb; C:\WINDOWS\System32\drivers\HSPUSB.sys [24064 2014-12-03] (Microsoft Windows Hardware Compatibility Publisher -> MobileTop) S3 sscdserd; C:\WINDOWS\System32\drivers\sscdserd.sys [158024 2014-12-03] (MCCI Corporation -> MCCI Corporation) S3 ssceserd; C:\WINDOWS\System32\drivers\ssceserd.sys [158024 2014-12-03] (MCCI Corporation -> MCCI Corporation) S3 ssdudfu; C:\WINDOWS\System32\drivers\ssdudfu.sys [101960 2014-12-03] (MCCI Corporation -> MCCI) S3 ssm_bus; C:\WINDOWS\System32\drivers\ssm_bus.sys [136192 2014-12-03] (MCCI Corporation -> MCCI Corporation) S3 ssm_mdm; C:\WINDOWS\System32\drivers\ssm_mdm.sys [172032 2014-12-03] (MCCI Corporation -> MCCI Corporation) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-07-22] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated) S3 ss_bserd; C:\WINDOWS\System32\drivers\ss_bserd.sys [128000 2014-12-03] (MCCI Corporation -> MCCI Corporation) S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [43648 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [883256 2021-02-16] (Acronis International GmbH -> Acronis International GmbH) R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [171968 2021-02-16] (Acronis International GmbH -> Acronis International GmbH) S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [693768 2021-02-16] (Acronis International GmbH -> Acronis International GmbH) U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [38032 2021-12-03] (Adlice -> ) S3 usbUDisc; C:\WINDOWS\System32\drivers\USBDrv_AMD64.sys [18392 2013-01-25] (Allwinner Technology Co.,Ltd. -> Scott) R0 VDLPToken2; C:\WINDOWS\System32\DRIVERS\vdlptkn2.sys [135672 2019-10-02] (DESlock Limited -> DESlock Ltd.) R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [330176 2021-02-16] (Acronis International GmbH -> Acronis International GmbH) R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [243472 2021-02-16] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-03] (Microsoft Windows -> Microsoft Corporation) S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) ==================== Un mes (creado) (Lista blanca) ========= (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2021-12-03 06:10 - 2021-12-03 06:10 - 000033334 _____ C:\Users\josel\Downloads\Fixlog.txt 2021-12-03 05:50 - 2021-12-03 06:17 - 000042056 _____ C:\WINDOWS\system32\Drivers\rkflt.sys 2021-12-03 05:50 - 2021-12-03 05:50 - 000038032 _____ C:\WINDOWS\system32\Drivers\truesight.sys 2021-12-03 05:29 - 2021-12-03 05:31 - 000000253 _____ C:\DelFix.txt 2021-11-20 19:54 - 2021-11-20 19:54 - 000000000 ___HD C:\$WinREAgent 2021-11-15 23:42 - 2021-11-15 23:42 - 017383474 _____ C:\Users\josel\Downloads\shakn-4-11-1-00000.apk 2021-11-13 17:20 - 2021-11-13 17:20 - 000002904 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - josel 2021-11-10 14:24 - 2021-11-10 14:24 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-11-10 14:24 - 2021-11-10 14:24 - 000151352 _____ C:\WINDOWS\system32\nmscrub.exe 2021-11-10 14:24 - 2021-11-10 14:24 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-11-10 14:24 - 2021-11-10 14:24 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-11-10 14:23 - 2021-11-10 14:23 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe ==================== Un mes (modificado) ================== (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2021-12-03 07:34 - 2021-07-18 14:17 - 000000000 ____D C:\FRST 2021-12-03 07:28 - 2020-09-02 00:47 - 001772866 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-12-03 07:28 - 2019-12-07 15:55 - 000791112 _____ C:\WINDOWS\system32\perfh00A.dat 2021-12-03 07:28 - 2019-12-07 15:55 - 000156448 _____ C:\WINDOWS\system32\perfc00A.dat 2021-12-03 07:28 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2021-12-03 07:27 - 2019-05-26 00:19 - 000000000 ____D C:\Program Files (x86)\Google 2021-12-03 07:26 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-12-03 07:24 - 2020-09-02 00:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-12-03 07:24 - 2020-09-02 00:44 - 000008192 ___SH C:\DumpStack.log.tmp 2021-12-03 07:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-12-03 07:24 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-12-03 06:58 - 2019-05-25 18:14 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2021-12-03 06:08 - 2019-05-26 01:00 - 000000000 ____D C:\Users\josel\AppData\Roaming\DMCache 2021-12-03 05:58 - 2019-10-28 23:19 - 000000000 ____D C:\Users\josel\AppData\LocalLow\Temp 2021-12-03 05:50 - 2021-05-17 13:00 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-12-03 05:49 - 2021-05-06 00:32 - 002269728 _____ C:\WINDOWS\ntbtlog.txt 2021-12-03 05:47 - 2021-10-19 13:01 - 000210352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-12-03 05:47 - 2021-07-09 04:05 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2021-12-03 05:45 - 2021-10-19 12:53 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-128158195-93978417-4187598964-1001 2021-12-03 05:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-12-03 05:43 - 2017-02-25 21:39 - 000000000 __RHD C:\Users\Public\AccountPictures 2021-12-03 05:42 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-12-03 05:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2021-12-03 05:23 - 2019-05-26 01:00 - 000000000 ____D C:\Users\josel\AppData\Roaming\IDM 2021-12-03 04:58 - 2021-04-12 00:06 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-12-03 04:58 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-12-03 02:38 - 2020-09-02 00:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-12-03 01:57 - 2021-02-19 22:33 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-12-02 03:45 - 2019-05-26 13:34 - 000000000 ____D C:\Program Files\CCleaner 2021-12-02 03:44 - 2020-09-02 00:52 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-12-02 03:37 - 2017-02-25 21:43 - 000000000 ____D C:\ProgramData\Package Cache 2021-12-02 02:02 - 2019-12-29 07:09 - 000000000 ____D C:\Users\josel\AppData\Roaming\KSM 2021-11-29 05:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-11-23 15:11 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-11-21 00:04 - 2021-04-10 17:07 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-11-19 17:50 - 2019-05-25 22:12 - 000000000 ____D C:\ProgramData\Packages 2021-11-19 02:59 - 2020-04-25 20:11 - 000000000 ____D C:\Users\josel\Downloads\Video 2021-11-18 17:50 - 2021-04-29 20:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller 2021-11-18 17:50 - 2021-04-29 20:12 - 000000000 ____D C:\Program Files\RogueKiller 2021-11-18 04:49 - 2021-04-12 00:04 - 000003652 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-11-18 04:49 - 2021-04-12 00:04 - 000003528 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-11-13 17:32 - 2020-09-02 00:44 - 000471280 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-11-13 05:28 - 2019-05-25 22:24 - 000000000 ____D C:\Users\josel\AppData\Local\Packages 2021-11-11 22:44 - 2019-12-29 01:31 - 000000000 ____D C:\Users\josel\AppData\Local\CrashDumps 2021-11-10 16:18 - 2021-07-07 01:56 - 000001575 _____ C:\WINDOWS\system32\config\VSMIDK 2021-11-10 14:29 - 2019-12-07 15:58 - 000000000 ___SD C:\WINDOWS\system32\AppV 2021-11-10 14:29 - 2019-12-07 15:58 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-11-10 14:29 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-11-10 14:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-11-10 14:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-11-10 14:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-11-10 14:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-11-10 14:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-11-10 14:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-11-10 14:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2021-11-10 14:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-11-10 14:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-11-10 14:29 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2021-11-10 14:07 - 2019-05-25 22:32 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-11-10 14:04 - 2019-05-25 22:31 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-11-07 01:53 - 2019-05-25 22:28 - 000000000 ____D C:\Users\josel\AppData\Local\PlaceholderTileLogoFolder 2021-11-03 10:58 - 2019-05-25 22:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd ==================== Archivos en la raíz de algunos directorios ======== 2021-01-23 21:04 - 2021-01-24 00:51 - 000000184 _____ () C:\Users\josel\AppData\Roaming\settings.set 2019-05-25 22:29 - 2019-09-20 11:20 - 000000200 _____ () C:\Users\josel\AppData\Roaming\sp_data.sys 2019-05-27 14:17 - 2020-02-11 22:07 - 000000410 _____ () C:\Users\josel\AppData\Local\oobelibMkey.log 2019-07-17 19:58 - 2021-05-11 02:54 - 000007620 _____ () C:\Users\josel\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (No existe una corrección automática para los archivos que no pasan la verificación.) ==================== Final de FRST.txt ========================