Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd
Upload
100 views10 pages

FRST - 21-09-2022 14.25.50

Uploaded by

Pablo

The FRST tool analyzed the system and found: - Several programs and services running including security programs from Kaspersky and Malwarebytes. - Registry entries and scheduled tasks related to programs like CCleaner, AMD software, Microsoft Office, and browser extensions. - Default browser and profile information for Edge and Firefox was listed, including extensions installed. - Network settings including DNS servers configured was provided.

Copyright:

© All Rights Reserved
Download as TXT, PDF, TXT or read online from Scribd
Download as txt, pdf, or txt

FRST - 21-09-2022 14.25.50

Uploaded by

Pablo
100 views10 pages
The FRST tool analyzed the system and found: - Several programs and services running including security programs from Kaspersky and Malwarebytes. - Registry entries and scheduled tasks related to programs like CCleaner, AMD software, Microsoft Office, and browser extensions. - Default browser and profile information for Edge and Firefox was listed, including extensions installed. - Network settings including DNS servers configured was provided.

Original Title

FRST_21-09-2022 14.25.50

Copyright

© © All Rights Reserved

Available Formats

TXT, PDF, TXT or read online from Scribd

Did you find this document useful?

Is this content inappropriate?

The FRST tool analyzed the system and found: - Several programs and services running including security programs from Kaspersky and Malwarebytes. - Registry entries and scheduled tasks related to programs like CCleaner, AMD software, Microsoft Office, and browser extensions. - Default browser and profile information for Edge and Firefox was listed, including extensions installed. - Network settings including DNS servers configured was provided.

Copyright:

© All Rights Reserved
Download as TXT, PDF, TXT or read online from Scribd
Download as txt, pdf, or txt
100 views10 pages

FRST - 21-09-2022 14.25.50

Uploaded by

Pablo
The FRST tool analyzed the system and found: - Several programs and services running including security programs from Kaspersky and Malwarebytes. - Registry entries and scheduled tasks related to programs like CCleaner, AMD software, Microsoft Office, and browser extensions. - Default browser and profile information for Edge and Firefox was listed, including extensions installed. - Network settings including DNS servers configured was provided.

Copyright:

© All Rights Reserved
Download as TXT, PDF, TXT or read online from Scribd
Download as txt, pdf, or txt
You are on page 1/ 10

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64)

Versión: 30-08-2022
Ejecutado por cd (administrador) sobre DESKTOP-LB3MG6V (Micro-Star International
Co., Ltd MS-7B07) (21-09-2022 14:19:16)
Ejecutado desde C:\Users\cd\Downloads
Perfiles cargados: cd
Plataforma: Microsoft Windows 10 Pro Versión 21H1 19043.2006 (X64) Idioma: Español
(España, internacional)
Navegador predeterminado: FF
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no


será movido.)

(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe ->)


(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\
Kaspersky Internet Security 21.3\avpui.exe
(DriverStore\FileRepository\u0372458.inf_amd64_f3ea25a6aa6555b8\B372420\
atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\
DriverStore\FileRepository\u0372458.inf_amd64_f3ea25a6aa6555b8\B372420\atieclxx.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\
firefox.exe <15>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\
CCleaner64.exe <2>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\
Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\
Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\
DriverStore\FileRepository\u0372458.inf_amd64_f3ea25a6aa6555b8\B372420\atiesrxx.exe
(services.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\
Kaspersky Lab\Kaspersky Password Manager 10.1\kpm_service.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\
Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program
Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Piriform Software Ltd -> Piriform Software Ltd) C:\Program
Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\
Microsoft.YourPhone_1.22072.207.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\
dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\
wbem\WmiPrvSE.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado
a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restricción <====


ATENCIÓN
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restricción <====
ATENCIÓN
HKU\S-1-5-21-180984301-3885095304-3492036510-1001\...\Policies\Explorer:
[NoLowDiskSpaceChecks] 1
HKLM\...\Print\Monitors\Wondershare PDFelement Monitor: C:\WINDOWS\system32\
PEPrinterMonitor.dll [285216 2021-02-01] (Wondershare Technology Co.,Ltd ->
Wondershare Software)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restricción - Chrome <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo
no se moverá a menos que sea añadido al listado por separado.)

Task: {2524C46D-85BF-4DC3-AE45-F05AD7651A11} - System32\Tasks\AMDLinkUpdate => C:\


Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-05-11] (Advanced
Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {28EF6B1E-C352-4D78-8BCA-F9A67E072656} - System32\Tasks\Mozilla\Firefox
Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-
browser-agent.exe do-task "308046B0AF4A39CB"
Task: {2938F5C4-EF75-4078-A31D-833B4967E610} - System32\Tasks\CCleaner Update =>
C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-09-12] (Piriform Software Ltd -
> Piriform)
Task: {49F6E54F-9538-460D-9E4D-5CC563A3CCF8} - System32\Tasks\Mozilla\Firefox
Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe
--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\
ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\
backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {5028C4C6-961F-4467-AF05-96B0685C2820} - System32\Tasks\Microsoft\Office\
Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\
ClickToRun\OfficeC2RClient.exe [23810952 2020-06-23] (Microsoft Corporation ->
Microsoft Corporation)
Task: {88986C40-6C1E-4EE4-9ED7-D6D8F4B490CC} - System32\Tasks\Microsoft\Office\
Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\
sdxhelper.exe [123744 2020-07-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {A952DE64-008E-42E8-BD68-9C82E4E293A2} - System32\Tasks\Microsoft\Office\
OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\
Office16\msoia.exe [4569496 2020-07-11] (Microsoft Corporation -> Microsoft
Corporation)
Task: {AF9FAB60-54ED-4ED3-99D6-8311DA72D8A4} - System32\Tasks\Microsoft\Office\
OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\
Office16\msoia.exe [4569496 2020-07-11] (Microsoft Corporation -> Microsoft
Corporation)
Task: {B4FB5190-9838-46F8-8E50-F9A03974CAAA} - System32\Tasks\CCleanerSkipUAC - cd
=> C:\Program Files\CCleaner\CCleaner.exe [32204304 2022-09-12] (Piriform Software
Ltd -> Piriform Software Ltd)
Task: {CE0839DA-EE7B-4AC5-93F0-5F25DEAE8905} - System32\Tasks\
CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4666896
2022-09-12] (Piriform Software Ltd -> Piriform Software) -> --product 90 --send
dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program
Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "1eb24319-
21cd-4033-92d8-98b545716cad" --version "6.04.10044" --silent
Task: {D6A52E65-EF8C-4137-A3FD-3AF1959B2304} - System32\Tasks\AMDInstallLauncher =>
C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-05-11] (Advanced
Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {E64A63F6-096F-4B18-912E-1A31587F8049} - System32\Tasks\Microsoft\Office\
Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\
Office16\sdxhelper.exe [123744 2020-07-11] (Microsoft Corporation -> Microsoft
Corporation)
Task: {F2BC2925-80A3-4C9F-BF9B-C9EC44022617} - System32\Tasks\Microsoft\Office\
Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft
Shared\ClickToRun\OfficeC2RClient.exe [23810952 2020-06-23] (Microsoft Corporation
-> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido.
El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\


CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\
explorer.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será


eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 190.57.228.27 190.57.228.26


Tcpip\..\Interfaces\{0dc902a2-f701-4916-b0c8-c87cbcd2707e}: [DhcpNameServer]
200.49.130.51 200.42.4.210 200.42.4.210
Tcpip\..\Interfaces\{39686efc-05d4-4fb7-a61c-641a1131bb82}: [NameServer]
8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{591390f3-d587-4162-b8d8-1d31ee2c8f02}: [DhcpNameServer]
192.168.42.129
Tcpip\..\Interfaces\{f22f49b1-76a4-4f18-ad54-490acda6e6c1}: [DhcpNameServer]
190.57.228.27 190.57.228.26

Edge:
=======
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 =>
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\
AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\
Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no
encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824
=> C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\
HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\
Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\
PinJSAPI [no encontrado]
Edge DefaultProfile: Default
Edge Profile: C:\Users\cd\AppData\Local\Microsoft\Edge\User Data\Default [2022-09-
21]
Edge Extension: (Kaspersky Protection) - C:\Users\cd\AppData\Local\Microsoft\Edge\
User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-08-09]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\cd\AppData\Local\Microsoft\
Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-06-29]
Edge HKU\S-1-5-21-180984301-3885095304-3492036510-1001\SOFTWARE\Microsoft\Edge\
Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: ocylifqa.default
FF ProfilePath: C:\Users\cd\AppData\Roaming\Mozilla\Firefox\Profiles\
ocylifqa.default [2022-09-21]
FF ProfilePath: C:\Users\cd\AppData\Roaming\Mozilla\Firefox\Profiles\
qd9usmaa.default-release [2022-09-21]
FF HKLM\...\Firefox\Extensions:
[light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files
(x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\
addon.xpi => no encontrado
FF HKLM-x32\...\Firefox\Extensions:
[light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files
(x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\
addon.xpi => no encontrado
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft
Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[2020-01-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\
Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-11] (Microsoft Corporation ->
Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\
Reader\AIR\nppdf32.dll [2022-09-07] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\
kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2022-09-21] <==== ATENCIÓN
(Apunta a archivo *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\
kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2022-09-21] <==== ATENCIÓN

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\cd\AppData\Local\Google\Chrome\User Data\Default [2022-09-21]
CHR HomePage: Default -> hxxp://www.google.com.ar/
CHR StartupUrls: Default -> "hxxp://www.google.com.ar/","hxxps://www.google.com/"
CHR Extension: (Kaspersky Protection) - C:\Users\cd\AppData\Local\Google\Chrome\
User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-08-08]
CHR Extension: (TV) - C:\Users\cd\AppData\Local\Google\Chrome\User Data\Default\
Extensions\beobeededemalmllhkmnkinmfembdimh [2020-02-26]
CHR Extension: (Kaspersky Password Manager) - C:\Users\cd\AppData\Local\Google\
Chrome\User Data\Default\Extensions\dhnkblpjbkfklfloegejegedcafpliaa [2022-09-18]
CHR Extension: (Morpheon Dark) - C:\Users\cd\AppData\Local\Google\Chrome\User Data\
Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2022-01-19]
CHR Extension: (Guitar Chords) - C:\Users\cd\AppData\Local\Google\Chrome\User Data\
Default\Extensions\megglpjmadjmghjegnallnhiknjnnjhh [2020-02-26]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\cd\AppData\Local\
Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-
02-02]
CHR Profile: C:\Users\cd\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-
09-21]
CHR Profile: C:\Users\cd\AppData\Local\Google\Chrome\User Data\System Profile
[2022-09-21]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] -
hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilo
pmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] -
hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilo
pmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo
no se moverá a menos que sea añadido al listado por separado.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe


[172264 2022-08-03] (Adobe Inc. -> Adobe Inc.)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\
avp.exe [184768 2022-02-17] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\
CCleanerPerformanceOptimizerService.exe [1082896 2022-09-12] (Piriform Software Ltd
-> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\
OfficeClickToRun.exe [10574728 2020-06-23] (Microsoft Corporation -> Microsoft
Corporation)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet
Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO
Kaspersky Lab)
R2 kpm_service_10.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password
Manager 10.1\kpm_service.exe [518472 2022-07-18] (AO Kaspersky Lab -> AO Kaspersky
Lab)
S3 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104
2021-06-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe
[224192 2022-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\
NisSrv.exe [3120992 2022-07-05] (Microsoft Windows Publisher -> Microsoft
Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\
MsMpEng.exe [133544 2022-07-05] (Microsoft Windows Publisher -> Microsoft
Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo
no se moverá a menos que sea añadido al listado por separado.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [33216 2021-12-02]


(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\
amdsafd.inf_amd64_edd3335a4253bf6d\amdsafd.sys [109520 2021-11-05] (Advanced Micro
Devices Inc. -> Advanced Micro Devices)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro
Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft
Corporation) [Archivo no firmado]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07]
(Microsoft Corporation) [Archivo no firmado]
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [237288 2022-02-17] (Microsoft
Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08]
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 gdrv2; C:\WINDOWS\gdrv2.sys [32600 2021-08-12] (GIGA-BYTE Technology Co., Ltd. -
> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 GPWADrv; C:\WINDOWS\System32\Drivers\GPWADrv64.sys [785080 2019-06-11]
(Microsoft Windows Hardware Compatibility Publisher -> Line 6)
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [105280 2022-02-17]
(Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [206600 2022-02-17]
(Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [119568 2022-02-17] (Microsoft
Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft
Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [522504 2022-02-17] (Microsoft
Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [703056 2022-06-09] (Microsoft
Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1586112 2022-08-12] (Microsoft
Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [189032 2022-09-09]
(Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1049864 2022-02-17] (Microsoft
Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [90896 2022-02-17] (Microsoft
Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [104728 2022-02-17]
(Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [107328 2022-02-17]
(Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [78088 2022-02-17] (Microsoft Windows
Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [88328 2022-02-17] (Microsoft
Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2020-10-21] (AnchorFree Inc
-> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [382312
2022-09-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky
Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [360008 2022-
09-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [190048 2022-
09-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [270688 2022-
09-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [150280 2022-02-17] (Microsoft
Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [325400 2022-02-17] (Microsoft
Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [294680 2022-02-17] (Microsoft
Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 Serenum; C:\WINDOWS\system32\DRIVERS\nuvserenum.sys [23552 2014-01-12]
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK
provider)
R3 Serial; C:\WINDOWS\system32\DRIVERS\nuvserial.sys [86016 2014-01-12] (Microsoft
Windows Hardware Compatibility Publisher -> Nuvoton Technology Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung
Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2022-07-05] (Microsoft
Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [452856 2022-07-05]
(Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-07-05]
(Microsoft Windows -> Microsoft Corporation)
U3 aswbdisk; no ImagePath

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo
no se moverá a menos que sea añadido al listado por separado.)

==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)


2064-01-01 00:34 - 2064-01-01 00:34 - 000002892 _____ () C:\WINDOWS\SysWOW64\
audcon.sys
2064-01-01 00:34 - 2064-01-01 00:34 - 000000000 ____D C:\ProgramData\Syncrosoft
2022-09-21 14:19 - 2022-09-21 14:20 - 000020477 _____ C:\Users\cd\Downloads\
FRST.txt
2022-09-21 14:19 - 2022-09-21 14:19 - 000000000 ____D C:\FRST
2022-09-21 14:18 - 2022-09-21 14:18 - 002371072 _____ (Farbar) C:\Users\cd\
Downloads\FRST64.exe
2022-09-21 14:07 - 2022-09-21 14:10 - 121284160 _____ (AO Kaspersky Lab) C:\Users\
cd\Downloads\KVRT.exe
2022-09-21 14:07 - 2022-09-21 14:07 - 002842600 _____ (Kaspersky) C:\Users\cd\
Downloads\ks4.021.2.16.590en_25112.exe
2022-09-21 13:57 - 2022-09-21 13:57 - 000000000 ____D C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\Revo Uninstaller
2022-09-21 13:57 - 2022-09-21 13:57 - 000000000 ____D C:\Program Files\VS Revo
Group
2022-09-21 13:56 - 2022-09-21 13:56 - 007521232 _____ (VS Revo Group ) C:\Users\cd\
Downloads\revosetup.exe
2022-09-21 11:45 - 2022-09-21 11:45 - 000000000 ____D C:\Users\cd\Downloads\LOG
2022-09-21 11:26 - 2022-09-21 11:26 - 000000085 _____ C:\WINDOWS\wininit.ini
2022-09-21 11:17 - 2022-09-21 11:17 - 000000000 ____D C:\Users\cd\Downloads\tools
2022-09-21 11:08 - 2022-09-21 11:14 - 000000000 ____D C:\FSTool
2022-09-21 03:46 - 2022-09-21 13:53 - 000000000 ____D C:\ProgramData\Mozilla-
1de4eec8-1241-4177-a864-e594e8d1fb38
2022-09-21 03:46 - 2022-09-21 03:46 - 000001005 _____ C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\Firefox.lnk
2022-09-21 03:46 - 2022-09-21 03:46 - 000000000 ____D C:\WINDOWS\system32\Tasks\
Mozilla
2022-09-21 03:46 - 2022-09-21 03:46 - 000000000 ____D C:\Users\cd\AppData\Roaming\
Mozilla
2022-09-21 03:46 - 2022-09-21 03:46 - 000000000 ____D C:\Users\cd\AppData\Local\
Mozilla
2022-09-21 03:46 - 2022-09-21 03:46 - 000000000 ____D C:\Program Files\Mozilla
Firefox
2022-09-21 03:46 - 2022-09-21 03:46 - 000000000 ____D C:\Program Files (x86)\
Mozilla Maintenance Service
2022-09-21 03:28 - 2022-09-21 13:58 - 000003474 _____ C:\WINDOWS\system32\Tasks\
CCleanerCrashReporting
2022-09-21 03:28 - 2022-09-21 13:58 - 000000760 _____ C:\WINDOWS\Tasks\
CCleanerCrashReporting.job
2022-09-21 03:28 - 2022-09-21 03:28 - 000003712 _____ C:\WINDOWS\system32\Tasks\
MicrosoftEdgeUpdateTaskMachineUA{567C15DF-CBC6-4DF7-BB37-795ECE90DC40}
2022-09-21 03:28 - 2022-09-21 03:28 - 000003588 _____ C:\WINDOWS\system32\Tasks\
MicrosoftEdgeUpdateTaskMachineCore{9366125F-752D-4DE3-93F1-C2B7AF0CADD5}
2022-09-21 03:28 - 2022-09-21 03:28 - 000002892 _____ C:\WINDOWS\system32\Tasks\
CCleanerSkipUAC - cd
2022-09-21 03:19 - 2022-09-21 03:19 - 000351632 _____ (Mozilla) C:\Users\cd\
Downloads\Firefox Installer.exe
2022-09-19 14:50 - 2022-09-19 14:51 - 000013014 _____ C:\Users\cd\Downloads\
autosave.mepx
2022-09-19 14:47 - 2022-09-19 14:47 - 000000016 _____ C:\ProgramData\mntemp
2022-09-18 15:11 - 2022-09-21 03:09 - 000000000 ____D C:\Users\cd\AppData\Roaming\
ZHP
2022-09-18 15:11 - 2022-09-21 02:47 - 000000000 ____D C:\Users\cd\AppData\Local\ZHP
2022-09-18 14:54 - 2022-09-18 14:54 - 002638472 _____ (Malwarebytes) C:\Users\cd\
Downloads\MBSetup.exe
2022-09-18 14:40 - 2022-07-01 04:57 - 000454708 ____R C:\WINDOWS\system32\Drivers\
etc\hosts.20220918-144026.backup
2022-09-15 19:58 - 2022-09-15 19:58 - 002564867 _____ C:\Users\cd\Downloads\
WhatsApp Video 2022-09-15 at 19.57.57.mp4
2022-09-14 00:15 - 2022-09-14 00:15 - 000011813 _____ C:\WINDOWS\system32\
DrtmAuthTxt.wim
2022-09-14 00:14 - 2022-09-14 00:14 - 000413696 _____ C:\WINDOWS\system32\
AzureCheck.dll
2022-09-14 00:14 - 2022-09-14 00:14 - 000288768 _____ C:\WINDOWS\system32\
Windows.Management.InprocObjects.dll
2022-09-14 00:14 - 2022-09-14 00:14 - 000098816 _____ C:\WINDOWS\system32\Drivers\
cimfs.sys
2022-09-14 00:14 - 2022-09-14 00:14 - 000060928 _____ C:\WINDOWS\system32\
runexehelper.exe
2022-09-13 23:59 - 2022-09-13 23:59 - 000000000 ___HD C:\$WinREAgent
2022-09-10 16:03 - 2022-09-10 16:03 - 000000000 ____D C:\Users\cd\AppData\Roaming\
com.adobe.dunamis
2022-09-09 12:04 - 2022-09-09 12:04 - 000360008 _____ (AO Kaspersky Lab) C:\
WINDOWS\system32\Drivers\klupd_klif_klark.sys
2022-09-09 12:03 - 2022-09-09 18:06 - 000270688 _____ (AO Kaspersky Lab) C:\
WINDOWS\system32\Drivers\klupd_klif_mark.sys
2022-09-09 12:03 - 2022-09-09 12:03 - 000382312 _____ (AO Kaspersky Lab) C:\
WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2022-09-09 12:03 - 2022-09-09 12:03 - 000190048 _____ (AO Kaspersky Lab) C:\
WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2022-08-26 11:07 - 2022-08-26 11:07 - 000144912 _____ C:\Users\cd\Downloads\
report.pdf

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2064-01-01 00:34 - 2020-07-12 00:32 - 000000000 ____D C:\ProgramData\eLicenser


2022-09-21 14:08 - 2020-01-13 10:59 - 000000000 ____D C:\ProgramData\Kaspersky Lab
Setup Files
2022-09-21 13:58 - 2020-02-07 00:13 - 000000000 ____D C:\Program Files\CCleaner
2022-09-21 13:50 - 2021-08-12 21:58 - 000000000 ____D C:\Users\cd\AppData\LocalLow\
Mozilla
2022-09-21 13:50 - 2021-02-08 05:37 - 000000000 ____D C:\WINDOWS\system32\
SleepStudy
2022-09-21 13:41 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-
06.com.microsoft
2022-09-21 13:32 - 2021-02-08 05:49 - 001773866 _____ C:\WINDOWS\system32\
PerfStringBackup.INI
2022-09-21 13:32 - 2019-12-07 11:55 - 000788624 _____ C:\WINDOWS\system32\
perfh00A.dat
2022-09-21 13:32 - 2019-12-07 11:55 - 000156012 _____ C:\WINDOWS\system32\
perfc00A.dat
2022-09-21 13:32 - 2019-12-07 06:13 - 000000000 ____D C:\WINDOWS\INF
2022-09-21 13:27 - 2021-06-10 03:07 - 000232724 __RSH C:\ProgramData\ntuser.pol
2022-09-21 13:27 - 2021-06-10 03:05 - 000000000 ____D C:\ProgramData\TEMP
2022-09-21 13:27 - 2021-06-10 03:05 - 000000000 ____D C:\Program Files (x86)\
SpywareBlaster
2022-09-21 13:25 - 2022-03-02 08:01 - 000624144 _____ C:\WINDOWS\system32\
FNTCACHE.DAT
2022-09-21 13:25 - 2021-02-08 05:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-09-21 13:25 - 2021-02-08 05:37 - 000008192 ___SH C:\DumpStack.log.tmp
2022-09-21 13:25 - 2020-02-05 01:40 - 000000000 ____D C:\Program Files (x86)\Spybot
- Search & Destroy 2
2022-09-21 13:24 - 2020-01-12 02:30 - 000000000 ____D C:\Users\cd\AppData\Roaming\
vlc
2022-09-21 13:24 - 2020-01-11 10:02 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2022-09-21 13:24 - 2019-12-07 06:03 - 000524288 _____ C:\WINDOWS\system32\config\
BBI
2022-09-21 13:17 - 2020-06-18 17:50 - 000000000 ____D C:\Users\cd\AppData\Roaming\
audacity
2022-09-21 11:52 - 2021-06-10 03:05 - 000001567 _____ C:\DelFix.txt
2022-09-21 11:50 - 2019-12-07 06:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-09-21 11:30 - 2020-01-11 10:02 - 000000000 ____D C:\Users\cd\AppData\Local\
D3DSCache
2022-09-21 11:26 - 2020-02-05 01:40 - 000000000 ____D C:\ProgramData\Spybot -
Search & Destroy
2022-09-21 03:38 - 2022-03-03 02:31 - 000000000 ____D C:\Program Files\Malwarebytes
2022-09-21 03:27 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-09-21 03:27 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-09-21 03:25 - 2020-01-11 10:03 - 000000000 ____D C:\ProgramData\AVAST Software
2022-09-21 03:24 - 2022-03-08 01:20 - 000000000 ____D C:\Users\cd\AppData\Local\
Opera Software
2022-09-21 03:24 - 2022-03-05 05:32 - 000000000 ____D C:\Users\cd\AppData\Roaming\
Opera Software
2022-09-21 03:24 - 2020-01-11 10:06 - 000000000 ____D C:\Program Files (x86)\Google
2022-09-21 03:07 - 2020-01-10 17:48 - 000000000 ____D C:\Users\cd\AppData\Local\
Packages
2022-09-20 21:25 - 2020-01-10 17:51 - 000000000 ___RD C:\Users\cd\OneDrive
2022-09-20 14:08 - 2021-02-08 05:38 - 000002448 _____ C:\Users\cd\AppData\Roaming\
Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-09-20 11:54 - 2021-02-08 05:59 - 000003936 _____ C:\WINDOWS\system32\Tasks\
CCleaner Update
2022-09-18 20:10 - 2021-11-06 18:06 - 000000000 ____D C:\WINDOWS\Minidump
2022-09-18 20:10 - 2020-02-10 16:05 - 000000000 ____D C:\Users\cd\AppData\Local\
CrashDumps
2022-09-18 16:04 - 2022-02-02 19:17 - 000000000 ____D C:\Program Files\Google
2022-09-16 19:07 - 2019-12-07 06:03 - 000032768 _____ C:\WINDOWS\system32\config\
ELAM
2022-09-15 11:58 - 2021-08-22 00:37 - 000000000 ____D C:\Users\cd\AppData\Local\
AMD_Common
2022-09-14 01:57 - 2019-12-07 11:58 - 000000000 ____D C:\Program Files\Windows
Defender Advanced Threat Protection
2022-09-14 01:57 - 2019-12-07 06:14 - 000000000 ___RD C:\WINDOWS\
ImmersiveControlPanel
2022-09-14 01:57 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\
WinMetadata
2022-09-14 01:57 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-09-14 01:57 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-09-14 01:57 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\
WinMetadata
2022-09-14 01:57 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-09-14 01:57 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-09-14 01:57 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-09-14 01:57 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-09-14 01:57 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-09-14 00:20 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-09-14 00:14 - 2021-02-08 05:39 - 003011072 _____ (Microsoft Corporation) C:\
WINDOWS\SysWOW64\PrintConfig.dll
2022-09-13 23:50 - 2020-01-11 10:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-09-13 23:44 - 2020-01-11 10:40 - 141646296 ____C (Microsoft Corporation) C:\
WINDOWS\system32\MRT.exe
2022-09-12 12:11 - 2021-02-08 05:38 - 000000000 ____D C:\Users\cd
2022-09-09 11:58 - 2020-01-11 12:50 - 000002136 _____ C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-08-27 17:57 - 2020-01-11 10:13 - 000000000 ____D C:\Users\cd\AppData\Local\
ElevatedDiagnostics
2022-08-24 10:04 - 2021-09-24 20:37 - 000000000 ____D C:\Program Files (x86)\Wise

==================== Archivos en la raíz de algunos directorios ========

2020-07-12 01:33 - 2020-07-12 01:33 - 000000030 _____ () C:\Users\cd\AppData\


Roaming\.pgbiasfx
2020-07-12 00:40 - 2020-07-12 00:43 - 000003390 _____ () C:\Users\cd\AppData\Local\
icsys.icn

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la
verificación.)

==================== Final de FRST.txt ========================

You might also like