Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 01.04.2024 01 Ejecutado por USUARIO (administrador) sobre USUARIO-PC (Acer Aspire E1-472) (01-04-2024 13:40:42) Ejecutado desde C:\Users\USUARIO\Desktop\FRST64 (1).exe Perfiles cargados: USUARIO Plataforma: Microsoft Windows 7 Professional Service Pack 1 (X64) Idioma: Español (España, internacional) Navegador predeterminado: Chrome Modo de Inicio: Normal ==================== Procesos (Lista blanca) ================= (Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.) (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe (Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe ->) (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe (C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe ->) (Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (explorer.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files (x86)\McAfee Security Scan\4.1.321\SSScheduler.exe (explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (explorer.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe (services.exe ->) (@ByELDI -> @ByELDI) [Archivo no firmado] C:\Program Files\KMSpico\Service_KMS.exe (services.exe ->) (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe (services.exe ->) (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\Browny02\BrYNSvc.exe (services.exe ->) (INNOVATIVE CONNECTING PTE. LIMITED -> Innovative Connecting) C:\Program Files (x86)\VPNMaster\master_vpn-service.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft) [Archivo no firmado] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3> (taskeng.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe ==================== Registro (Lista blanca) =================== (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.) HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe [1928936 2024-02-01] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) HKLM-x32\...\Run: [I17D] => C:\Windows\twain_32\Brimi17d\Common\TwDsUiLaunch.exe [77312 2017-11-16] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [Archivo no firmado] HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3588608 2021-04-02] (Brother Industries, Ltd.) [Archivo no firmado] HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [35648 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.) HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc. -> Nuance Communications, Inc.) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN HKLM\SOFTWARE\Policies\Microsoft\MRT: Restricción <==== ATENCIÓN HKU\S-1-5-21-3967491181-1079075237-2608322229-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45285792 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) HKU\S-1-5-21-3967491181-1079075237-2608322229-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\108.0.5359.95\Installer\chrmstp.exe [2022-12-06] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2023-05-04] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\4.1.321\SSScheduler.exe (McAfee, LLC -> McAfee, LLC) ==================== Tareas programadas (Lista blanca) ================= (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) Task: {F953B7EC-C71D-4C48-9EA7-086D3592F580} - System32\Tasks\adobe acrobat update task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.) Task: {7391A4B8-73C6-41A2-B335-31DDEC7C56B8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {1C6F7937-6960-4414-A980-D82BD3069E7D} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "08619c4f-1172-43be-8927-129fdd6ec31f" --version "6.22.10977" --silent Task: {5993FD27-CE1B-474F-B412-3B412024A0BD} - System32\Tasks\CCleanerSkipUAC - USUARIO => C:\Program Files\CCleaner\CCleaner.exe [39024544 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {029AD561-1E60-423F-AE23-E7E1BB9FD9B7} - System32\Tasks\googleupdatetaskmachinecore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-19] (Google LLC -> Google LLC) Task: {60C52B42-8EB2-48FB-A9EB-D966C0637EB0} - System32\Tasks\googleupdatetaskmachineua => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-19] (Google LLC -> Google LLC) Task: {7E04F6C8-8DD0-4C8B-9196-D061208B8CDF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614400 2023-01-02] (Microsoft Corporation -> Microsoft Corporation) Task: {20D19C9C-17CA-484B-9297-21852B4D0B62} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614400 2023-01-02] (Microsoft Corporation -> Microsoft Corporation) Task: {2D6135E3-521C-420F-B6C2-AAE64A3B52C3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117144 2023-01-18] (Microsoft Corporation -> Microsoft Corporation) Task: {F9A9DEDF-6A9F-4BBC-858B-99D03C62F541} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117144 2023-01-18] (Microsoft Corporation -> Microsoft Corporation) Task: {A9E72BBA-B85E-422F-99E4-1EEACB7E16AC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4373984 2023-01-18] (Microsoft Corporation -> Microsoft Corporation) Task: {C81D8B50-A6BC-4AA5-8A8A-8201426DDA30} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4373984 2023-01-18] (Microsoft Corporation -> Microsoft Corporation) Task: {BF16F8AC-C3FD-470F-97B0-3B715C394B3D} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\sspifrwnh => C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe [53248 2018-09-13] (Microsoft Windows -> Microsoft Corporation) -> C:\ProgramData\MappingDevice\MailSxropce\/U C:\ProgramData\MappingDevice\MailSxropce\WMSPlo6Sesrcli32.dll (Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.) Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe ==================== Internet (Lista blanca) ==================== (Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{965CF2BD-4C76-4934-9D5D-AA31D00A8CD3}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{965CF2BD-4C76-4934-9D5D-AA31D00A8CD3}: [DhcpDomain] Coship Tcpip\..\Interfaces\{965CF2BD-4C76-4934-9D5D-AA31D00A8CD3}\14271657A6F602255646D69602E4F64756021303020527F6: [DhcpNameServer] 192.168.224.117 Tcpip\..\Interfaces\{965CF2BD-4C76-4934-9D5D-AA31D00A8CD3}\55E4943414553414: [DhcpNameServer] 172.16.255.200 172.16.255.183 Tcpip\..\Interfaces\{965CF2BD-4C76-4934-9D5D-AA31D00A8CD3}\55E4943414553414: [DhcpDomain] unicauca.edu.co Tcpip\..\Interfaces\{965CF2BD-4C76-4934-9D5D-AA31D00A8CD3}\6414D494C494140224F4C414E4F435: [DhcpNameServer] 190.157.8.100 190.157.8.108 Tcpip\..\Interfaces\{965CF2BD-4C76-4934-9D5D-AA31D00A8CD3}\64C494140224F425255425F4: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{965CF2BD-4C76-4934-9D5D-AA31D00A8CD3}\F53414354525F4F5: [DhcpNameServer] 192.168.101.1 8.8.8.8 8.8.4.4 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restricción <==== ATENCIÓN FireFox: ======== FF DefaultProfile: 4gy53999.default FF DefaultProfile: 8g3r7jgt.default FF ProfilePath: C:\Users\USUARIO\AppData\Roaming\Zotero\Zotero\Profiles\4gy53999.default [2023-11-30] FF ProfilePath: C:\Users\USUARIO\AppData\Roaming\Mozilla\Firefox\Profiles\8g3r7jgt.default [2024-03-12] FF ProfilePath: C:\Users\USUARIO\AppData\Roaming\Mozilla\Firefox\Profiles\5g20vab5.default-release [2024-03-18] FF Extension: (Protección de Internet 360) - C:\Users\USUARIO\AppData\Roaming\Mozilla\Firefox\Profiles\5g20vab5.default-release\Extensions\InternetProtection@360safe.com.xpi [2020-04-20] FF Plugin: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-10-17] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-10-17] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-11-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation -> Zeon Corporation) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default [2024-04-01] CHR Notifications: Default -> hxxps://meet.google.com CHR HomePage: Default -> hxxps://www.google.com.co/ CHR StartupUrls: Default -> "hxxps://www.google.com.co/" CHR NewTab: Default -> Not-active:"chrome-extension://eedlgdlajadkbbjoobobefphmfkcchfk/newtab.html" CHR DefaultSearchKeyword: Default -> google.comhxxps://www.google.com.co/ CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-03-12] CHR Extension: (Mendeley Web Importer) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\dagcmkpagjlhakfdhnbomgmjdpkdklff [2023-11-01] CHR Extension: (Ecosia) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\eedlgdlajadkbbjoobobefphmfkcchfk [2023-08-24] CHR Extension: (Zotero Connector) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2024-03-27] CHR Extension: (Protección de Internet 360) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\glcimepnljoholdmjchkloafkggfoijh [2024-03-12] CHR Extension: (Shazam: identifica música desde tu navegador) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2024-01-29] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-11-07] CHR Extension: (Scopus Document Download Manager) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojplelelocihfchkdaebocpankipadmp [2022-05-24] CHR Extension: (StuHack) - C:\Users\USUARIO\Desktop\stuhack-main [2023-12-15] CHR Profile: C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-04-01] CHR Profile: C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-03-18] CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-10-13] CHR Extension: (Adobe Acrobat: herramientas para convertir, editar y firmar PDFs) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-10-13] CHR Extension: (Documentos de Google sin conexión) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-13] CHR Extension: (Protección de Internet 360) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\glcimepnljoholdmjchkloafkggfoijh [2023-10-13] CHR Extension: (Visual Effects for Google Meet) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hodiladlefdpcbemnbbcpclbmknkiaem [2023-10-13] CHR Extension: (Google Hangouts) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\knipolnnllmklapflnccelgolnpehhpl [2021-10-07] CHR Extension: (Google Hangouts) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2022-11-01] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-23] CHR Profile: C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\System Profile [2024-04-01] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [glcimepnljoholdmjchkloafkggfoijh] ==================== Servicios (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) S3 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [Archivo no firmado] S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1081248 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11139576 2023-01-02] (Microsoft Corporation -> Microsoft Corporation) S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\4.1.321\McCHSvc.exe [330208 2023-03-23] (McAfee, LLC -> McAfee, LLC) S3 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.) R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [1102080 2021-04-01] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [743616 2015-12-01] (@ByELDI -> @ByELDI) [Archivo no firmado] R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2019-08-09] (Microsoft) [Archivo no firmado] R2 VPNProxyMasterService; C:\Program Files (x86)\VPNMaster\master_vpn-service.exe [662232 2020-10-29] (INNOVATIVE CONNECTING PTE. LIMITED -> Innovative Connecting) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2018-09-13] (Microsoft Windows -> Microsoft Corporation) ===================== Controladores (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) R3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [191272 2021-11-26] (Beijing Qihu Technology Co., Ltd. -> 360.cn) R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [100592 2023-12-20] (Microsoft Windows Hardware Compatibility Publisher -> 360.cn) R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [100592 2023-12-20] (Microsoft Windows Hardware Compatibility Publisher -> 360.cn) R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [349928 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> 360.cn) R3 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [49584 2020-12-13] (Beijing Qihu Technology Co., Ltd. -> 360.cn) R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [553712 2023-12-20] (Microsoft Windows Hardware Compatibility Publisher -> 360.cn) R1 360Hvm; C:\Windows\System32\Drivers\360Hvm64.sys [339792 2023-12-20] (Microsoft Windows Hardware Compatibility Publisher -> 360安全中心) R1 360netmon; C:\Windows\System32\DRIVERS\360netmon.sys [87672 2019-12-13] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn) R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [227680 2023-12-20] (Microsoft Windows Hardware Compatibility Publisher -> 360.cn) S3 dtproscsibus; C:\Windows\System32\DRIVERS\dtproscsibus.sys [30264 2020-07-14] (Disc Soft Ltd -> Disc Soft Ltd) R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2020-08-31] (OpenVPN Technologies, Inc. -> The OpenVPN Project) R2 {A14A8EF6-B11D-4356-9ECC-4B937E6CC626}; C:\Program Files (x86)\CyberLink\PowerDVD17\Common\NavFilter\000.fcl [38168 2017-03-22] (CyberLink Corp. -> CyberLink Corp.) U4 dmwappushservice; no ImagePath ==================== NetSvcs (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) ==================== Un mes (creado) (Lista blanca) ========= (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2024-04-01 13:40 - 2024-04-01 13:41 - 000020464 _____ C:\Users\USUARIO\Desktop\FRST.txt 2024-03-27 14:34 - 2024-03-27 14:34 - 000313539 _____ C:\Users\USUARIO\Downloads\Passport (1).pdf 2024-03-27 14:27 - 2024-03-27 14:27 - 000105856 _____ C:\Users\USUARIO\Desktop\1040 - Abril Juarez.pdf 2024-03-27 13:59 - 2024-03-27 13:59 - 000216990 _____ C:\Users\USUARIO\Downloads\Abril Fernanda Juaìrez Garciìa 2023.pdf 2024-03-21 22:09 - 2024-03-21 22:09 - 000313539 _____ C:\Users\USUARIO\Downloads\Passport.pdf 2024-03-21 20:10 - 2024-03-21 20:10 - 000105646 _____ C:\Users\USUARIO\Desktop\1040 - Daniel Garcia Flores.pdf 2024-03-21 19:51 - 2024-03-21 19:51 - 000216976 _____ C:\Users\USUARIO\Downloads\Daniel Garcia Flores 2023 (1).pdf 2024-03-19 19:47 - 2024-03-19 19:47 - 000111272 _____ C:\Users\USUARIO\AppData\Local\GDIPFONTCACHEV1.DAT 2024-03-18 19:41 - 2024-03-18 19:41 - 000533725 _____ C:\Users\USUARIO\Downloads\apendice_tecnico_1_alcance_del_proyecto (1).pdf 2024-03-17 21:26 - 2024-03-17 21:27 - 000000000 ____D C:\AdwCleaner 2024-03-17 21:25 - 2024-03-17 21:25 - 008790880 _____ (Malwarebytes) C:\Users\USUARIO\Desktop\adwcleaner.exe 2024-03-17 21:23 - 2024-03-17 21:23 - 002582384 _____ (Malwarebytes) C:\Users\USUARIO\Desktop\MBSetup.exe 2024-03-15 15:33 - 2024-03-15 15:33 - 000105848 _____ C:\Users\USUARIO\Desktop\1040 - Gabriela.pdf 2024-03-14 18:16 - 2024-03-14 18:16 - 000081145 _____ C:\Users\USUARIO\Desktop\Confirmación e Instrucciones _ Recogida Documento.pdf 2024-03-14 18:02 - 2024-03-14 18:02 - 000110425 _____ C:\Users\USUARIO\Desktop\Vuelo 04-11-2024.pdf 2024-03-14 17:01 - 2024-03-14 17:01 - 000216991 _____ C:\Users\USUARIO\Desktop\Lilia Gabriela Rodriguez Ante 2023.pdf 2024-03-13 22:14 - 2024-03-13 22:14 - 000000000 ____D C:\ProgramData\Norton 2024-03-12 21:58 - 2024-03-12 21:58 - 002390528 _____ (Farbar) C:\Users\USUARIO\Downloads\FRST64.exe 2024-03-12 21:45 - 2024-04-01 13:40 - 002393088 _____ (Farbar) C:\Users\USUARIO\Desktop\FRST64 (1).exe 2024-03-12 21:43 - 2024-03-12 21:43 - 000797760 _____ C:\Users\USUARIO\Desktop\delfix_1.013.exe 2024-03-12 20:42 - 2024-04-01 13:40 - 000000000 ____D C:\Users\USUARIO\Desktop\FRST-OlderVersion 2024-03-12 20:33 - 2024-04-01 13:40 - 000000000 ____D C:\FRST 2024-03-12 20:33 - 2024-03-12 20:35 - 000000000 ____D C:\Users\USUARIO\Downloads\FRST-OlderVersion 2024-03-12 20:30 - 2024-03-12 20:35 - 315348752 _____ C:\Users\USUARIO\Downloads\kucc1siq.exe 2024-03-12 02:04 - 2024-03-12 20:12 - 000000000 ____D C:\Users\USUARIO\Doctor Web 2024-03-12 02:02 - 2024-03-12 02:02 - 000076388 _____ C:\Users\USUARIO\Downloads\FRST.txt 2024-03-12 01:59 - 2024-03-12 22:18 - 000000265 _____ C:\DelFix.txt 2024-03-12 01:59 - 2024-03-12 01:59 - 000000000 ____D C:\Windows\ERUNT 2024-03-12 01:56 - 2024-03-12 02:01 - 315235264 _____ C:\Users\USUARIO\Downloads\yehly8hb.exe 2024-03-12 01:51 - 2024-03-12 01:51 - 000001549 _____ C:\Users\USUARIO\Downloads\Malwarebyte report 2.txt 2024-03-12 01:50 - 2024-03-12 01:50 - 000002048 _____ C:\Uninstall.dat 2024-03-12 01:46 - 2024-03-12 01:47 - 194952152 _____ (SUPERAntiSpyware) C:\Users\USUARIO\Downloads\SUPERAntiSpyware.exe 2024-03-11 22:58 - 2024-03-11 22:58 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\Microsoft\Vault 2024-03-07 20:02 - 2024-03-07 20:02 - 000533725 _____ C:\Users\USUARIO\Downloads\apendice_tecnico_1_alcance_del_proyecto.pdf 2024-03-03 23:53 - 2024-03-03 23:54 - 000000000 ____D C:\Users\USUARIO\Desktop\2024 - I ==================== Un mes (modificado) ================== (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2024-03-31 19:51 - 2009-07-13 23:45 - 000022944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2024-03-31 19:51 - 2009-07-13 23:45 - 000022944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2024-03-28 21:12 - 2020-04-19 15:10 - 000000000 ____D C:\Users\USUARIO\AppData\LocalLow\360WD 2024-03-28 20:41 - 2020-04-19 14:58 - 000000000 ____D C:\Program Files\CCleaner 2024-03-28 20:40 - 2020-11-17 12:42 - 000000000 ____D C:\Program Files (x86)\VPNMaster 2024-03-28 20:39 - 2020-04-19 15:10 - 000000001 _____ C:\Windows\system32\Drivers\360Hvm64.dat 2024-03-28 20:39 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2024-03-27 17:35 - 2022-11-12 17:35 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job 2024-03-26 13:02 - 2022-10-15 23:52 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk 2024-03-22 00:57 - 2020-04-19 15:08 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\Microsoft\Word 2024-03-19 23:42 - 2023-01-24 01:10 - 000007597 _____ C:\Users\USUARIO\AppData\Local\Resmon.ResmonCfg 2024-03-19 19:41 - 2020-05-02 14:10 - 000000000 __SHD C:\$360Section 2024-03-19 19:41 - 2020-04-21 19:41 - 000000000 __SHD C:\ProgramData\360Quarant 2024-03-17 22:33 - 2020-04-19 15:10 - 000000000 ____D C:\ProgramData\360Safe 2024-03-17 21:14 - 2021-02-05 12:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico 2024-03-17 21:12 - 2009-07-13 22:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy 2024-03-17 21:12 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy 2024-03-14 00:36 - 2022-10-15 23:49 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\com.adobe.dunamis 2024-03-14 00:15 - 2020-10-13 12:48 - 000000000 ____D C:\Users\USUARIO\CmapToolsLogs 2024-03-14 00:15 - 2020-10-13 12:48 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\CmapTools 2024-03-13 22:14 - 2022-11-12 17:35 - 000003266 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting 2024-03-13 22:14 - 2022-11-01 21:19 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update 2024-03-13 01:10 - 2020-10-17 19:37 - 000000000 ____D C:\Users\USUARIO\Documents\My Cmaps 2024-03-12 21:43 - 2020-04-29 17:24 - 000016051 _____ C:\Windows\BRRBCOM.INI 2024-03-12 20:44 - 2020-04-19 14:19 - 000000000 ____D C:\Users\USUARIO 2024-03-12 20:24 - 2011-04-12 04:10 - 000751464 _____ C:\Windows\system32\perfh00A.dat 2024-03-12 20:24 - 2011-04-12 04:10 - 000160456 _____ C:\Windows\system32\perfc00A.dat 2024-03-12 20:24 - 2009-07-14 00:13 - 001686054 _____ C:\Windows\system32\PerfStringBackup.INI 2024-03-12 20:24 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf 2024-03-12 20:13 - 2020-04-19 15:03 - 000000000 ____D C:\Program Files\KMSpico 2024-03-12 01:23 - 2023-05-04 08:08 - 000000000 ____D C:\ProgramData\McAfee Security Scan 2024-03-12 01:23 - 2020-04-19 15:10 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\360TotalSecurity 2024-03-12 01:23 - 2020-04-19 14:31 - 000000000 ____D C:\Windows\system32\Tasks\OfficeSoftwareProtectionPlatform 2024-03-12 01:23 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\registration 2024-03-09 09:43 - 2020-04-24 13:22 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\Microsoft\Excel 2024-03-08 21:19 - 2023-01-27 21:44 - 000000000 ____D C:\Users\USUARIO\Desktop\YMCA 2024-03-04 13:01 - 2020-04-19 15:10 - 000001153 _____ C:\Users\Public\Desktop\360 Total Security.lnk 2024-03-04 13:01 - 2020-04-19 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center ==================== Archivos en la raíz de algunos directorios ======== 2014-04-23 01:34 - 2014-04-23 01:34 - 000987576 _____ (Intel Corporation) C:\Program Files (x86)\Common Files\libiomp5md.dll 2014-05-13 09:10 - 2014-05-13 09:10 - 027560448 _____ (DewResearch) C:\Program Files (x86)\Common Files\MtxVec.Lapack4d.dll 2022-06-03 00:59 - 2022-06-03 00:59 - 000000002 _____ () C:\Users\USUARIO\AppData\Roaming\test_1234.txt 2023-01-24 01:10 - 2024-03-19 23:42 - 000007597 _____ () C:\Users\USUARIO\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (No existe una corrección automática para los archivos que no pasan la verificación.) LastRegBack: 2024-03-27 17:28 ==================== Final de FRST.txt ========================