Scribd Logo
Upload

Welcome to Scribd!

  • 78 views

    FRST - 21-09-2022 14.25.50

    Uploaded by

    Pablo
    The FRST tool analyzed the system and found: - Several programs and services running including security programs from Kaspersky and Malwarebytes. - Registry entries and scheduled tasks related to programs like CCleaner, AMD software, Microsoft Office, and browser extensions. - Default browser and profile information for Edge and Firefox was listed, including extensions installed. - Network settings including DNS servers configured was provided.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd

    FRST - 21-09-2022 14.25.50

    Uploaded by

    Pablo
    78 views10 pages
    The FRST tool analyzed the system and found: - Several programs and services running including security programs from Kaspersky and Malwarebytes. - Registry entries and scheduled tasks related to programs like CCleaner, AMD software, Microsoft Office, and browser extensions. - Default browser and profile information for Edge and Firefox was listed, including extensions installed. - Network settings including DNS servers configured was provided.

    Original Description:

    Original Title

    FRST_21-09-2022 14.25.50

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    The FRST tool analyzed the system and found: - Several programs and services running including security programs from Kaspersky and Malwarebytes. - Registry entries and scheduled tasks related to programs like CCleaner, AMD software, Microsoft Office, and browser extensions. - Default browser and profile information for Edge and Firefox was listed, including extensions installed. - Network settings including DNS servers configured was provided.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Download as txt, pdf, or txt
    78 views10 pages

    FRST - 21-09-2022 14.25.50

    Uploaded by

    Pablo
    The FRST tool analyzed the system and found: - Several programs and services running including security programs from Kaspersky and Malwarebytes. - Registry entries and scheduled tasks related to programs like CCleaner, AMD software, Microsoft Office, and browser extensions. - Default browser and profile information for Edge and Firefox was listed, including extensions installed. - Network settings including DNS servers configured was provided.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Download as txt, pdf, or txt
    of 10

    Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64)

    Versión: 30-08-2022
    Ejecutado por cd (administrador) sobre DESKTOP-LB3MG6V (Micro-Star International
    Co., Ltd MS-7B07) (21-09-2022 14:19:16)
    Ejecutado desde C:\Users\cd\Downloads
    Perfiles cargados: cd
    Plataforma: Microsoft Windows 10 Pro Versión 21H1 19043.2006 (X64) Idioma: Español
    (España, internacional)
    Navegador predeterminado: FF
    Modo de Inicio: Normal

    ==================== Procesos (Lista blanca) =================

    (Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no


    será movido.)

    (C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe ->)


    (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\
    Kaspersky Internet Security 21.3\avpui.exe
    (DriverStore\FileRepository\u0372458.inf_amd64_f3ea25a6aa6555b8\B372420\
    atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\
    DriverStore\FileRepository\u0372458.inf_amd64_f3ea25a6aa6555b8\B372420\atieclxx.exe
    (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\
    firefox.exe <15>
    (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\
    CCleaner64.exe <2>
    (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\
    Adobe\ARM\1.0\armsvc.exe
    (services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\
    Windows\System32\amdfendrsr.exe
    (services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\
    DriverStore\FileRepository\u0372458.inf_amd64_f3ea25a6aa6555b8\B372420\atiesrxx.exe
    (services.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\
    Kaspersky Lab\Kaspersky Password Manager 10.1\kpm_service.exe
    (services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\
    Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe
    (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program
    Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
    (services.exe ->) (Piriform Software Ltd -> Piriform Software Ltd) C:\Program
    Files\CCleaner\CCleanerPerformanceOptimizerService.exe
    (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\
    Microsoft.YourPhone_1.22072.207.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
    (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\
    dllhost.exe <2>
    (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\
    wbem\WmiPrvSE.exe

    ==================== Registro (Lista blanca) ===================

    (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado
    a su valor predeterminado o será eliminado. El archivo no será movido.)

    HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restricción <====


    ATENCIÓN
    HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restricción <====
    ATENCIÓN
    HKU\S-1-5-21-180984301-3885095304-3492036510-1001\...\Policies\Explorer:
    [NoLowDiskSpaceChecks] 1
    HKLM\...\Print\Monitors\Wondershare PDFelement Monitor: C:\WINDOWS\system32\
    PEPrinterMonitor.dll [285216 2021-02-01] (Wondershare Technology Co.,Ltd ->
    Wondershare Software)
    BootExecute: autocheck autochk * sdnclean64.exe
    GroupPolicy: Restricción - Chrome <==== ATENCIÓN
    Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN
    HKLM\SOFTWARE\Policies\Microsoft\Edge: Restricción <==== ATENCIÓN

    ==================== Tareas programadas (Lista blanca) ============

    (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo
    no se moverá a menos que sea añadido al listado por separado.)

    Task: {2524C46D-85BF-4DC3-AE45-F05AD7651A11} - System32\Tasks\AMDLinkUpdate => C:\


    Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-05-11] (Advanced
    Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    Task: {28EF6B1E-C352-4D78-8BCA-F9A67E072656} - System32\Tasks\Mozilla\Firefox
    Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-
    browser-agent.exe do-task "308046B0AF4A39CB"
    Task: {2938F5C4-EF75-4078-A31D-833B4967E610} - System32\Tasks\CCleaner Update =>
    C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-09-12] (Piriform Software Ltd -
    > Piriform)
    Task: {49F6E54F-9538-460D-9E4D-5CC563A3CCF8} - System32\Tasks\Mozilla\Firefox
    Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe
    --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\
    ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\
    backgroundupdate.moz_log --backgroundtask backgroundupdate
    Task: {5028C4C6-961F-4467-AF05-96B0685C2820} - System32\Tasks\Microsoft\Office\
    Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\
    ClickToRun\OfficeC2RClient.exe [23810952 2020-06-23] (Microsoft Corporation ->
    Microsoft Corporation)
    Task: {88986C40-6C1E-4EE4-9ED7-D6D8F4B490CC} - System32\Tasks\Microsoft\Office\
    Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\
    sdxhelper.exe [123744 2020-07-11] (Microsoft Corporation -> Microsoft Corporation)
    Task: {A952DE64-008E-42E8-BD68-9C82E4E293A2} - System32\Tasks\Microsoft\Office\
    OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\
    Office16\msoia.exe [4569496 2020-07-11] (Microsoft Corporation -> Microsoft
    Corporation)
    Task: {AF9FAB60-54ED-4ED3-99D6-8311DA72D8A4} - System32\Tasks\Microsoft\Office\
    OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\
    Office16\msoia.exe [4569496 2020-07-11] (Microsoft Corporation -> Microsoft
    Corporation)
    Task: {B4FB5190-9838-46F8-8E50-F9A03974CAAA} - System32\Tasks\CCleanerSkipUAC - cd
    => C:\Program Files\CCleaner\CCleaner.exe [32204304 2022-09-12] (Piriform Software
    Ltd -> Piriform Software Ltd)
    Task: {CE0839DA-EE7B-4AC5-93F0-5F25DEAE8905} - System32\Tasks\
    CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4666896
    2022-09-12] (Piriform Software Ltd -> Piriform Software) -> --product 90 --send
    dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program
    Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "1eb24319-
    21cd-4033-92d8-98b545716cad" --version "6.04.10044" --silent
    Task: {D6A52E65-EF8C-4137-A3FD-3AF1959B2304} - System32\Tasks\AMDInstallLauncher =>
    C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-05-11] (Advanced
    Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    Task: {E64A63F6-096F-4B18-912E-1A31587F8049} - System32\Tasks\Microsoft\Office\
    Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\
    Office16\sdxhelper.exe [123744 2020-07-11] (Microsoft Corporation -> Microsoft
    Corporation)
    Task: {F2BC2925-80A3-4C9F-BF9B-C9EC44022617} - System32\Tasks\Microsoft\Office\
    Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft
    Shared\ClickToRun\OfficeC2RClient.exe [23810952 2020-06-23] (Microsoft Corporation
    -> Microsoft Corporation)

    (Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido.
    El archivo que está siendo ejecutado por la tarea no será movido.)

    Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\


    CCleanerBugReport.exe
    Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\
    explorer.exe

    ==================== Internet (Lista blanca) ====================

    (Si un elemento es incluido en el fixlist, y éste pertenece al registro, será


    eliminado o restaurado a su valor predeterminado.)

    Tcpip\Parameters: [DhcpNameServer] 190.57.228.27 190.57.228.26


    Tcpip\..\Interfaces\{0dc902a2-f701-4916-b0c8-c87cbcd2707e}: [DhcpNameServer]
    200.49.130.51 200.42.4.210 200.42.4.210
    Tcpip\..\Interfaces\{39686efc-05d4-4fb7-a61c-641a1131bb82}: [NameServer]
    8.8.8.8,8.8.4.4
    Tcpip\..\Interfaces\{591390f3-d587-4162-b8d8-1d31ee2c8f02}: [DhcpNameServer]
    192.168.42.129
    Tcpip\..\Interfaces\{f22f49b1-76a4-4f18-ad54-490acda6e6c1}: [DhcpNameServer]
    190.57.228.27 190.57.228.26

    Edge:
    =======
    Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 =>
    C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\
    AutoFormFill [no encontrado]
    Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\
    Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no
    encontrado]
    Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824
    => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\
    HostExtensions\LearningTools [no encontrado]
    Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\
    Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\
    PinJSAPI [no encontrado]
    Edge DefaultProfile: Default
    Edge Profile: C:\Users\cd\AppData\Local\Microsoft\Edge\User Data\Default [2022-09-
    21]
    Edge Extension: (Kaspersky Protection) - C:\Users\cd\AppData\Local\Microsoft\Edge\
    User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-08-09]
    Edge Extension: (Malwarebytes Browser Guard) - C:\Users\cd\AppData\Local\Microsoft\
    Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-06-29]
    Edge HKU\S-1-5-21-180984301-3885095304-3492036510-1001\SOFTWARE\Microsoft\Edge\
    Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
    Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

    FireFox:
    ========
    FF DefaultProfile: ocylifqa.default
    FF ProfilePath: C:\Users\cd\AppData\Roaming\Mozilla\Firefox\Profiles\
    ocylifqa.default [2022-09-21]
    FF ProfilePath: C:\Users\cd\AppData\Roaming\Mozilla\Firefox\Profiles\
    qd9usmaa.default-release [2022-09-21]
    FF HKLM\...\Firefox\Extensions:
    [[email protected]] - C:\Program Files
    (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\
    addon.xpi => no encontrado
    FF HKLM-x32\...\Firefox\Extensions:
    [[email protected]] - C:\Program Files
    (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\
    addon.xpi => no encontrado
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft
    Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
    [2020-01-11] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\
    Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-11] (Microsoft Corporation ->
    Microsoft Corporation)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\
    Reader\AIR\nppdf32.dll [2022-09-07] (Adobe Inc. -> Adobe Systems Inc.)
    FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\
    kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2022-09-21] <==== ATENCIÓN
    (Apunta a archivo *.cfg)
    FF ExtraCheck: C:\Program Files\mozilla firefox\
    kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2022-09-21] <==== ATENCIÓN

    Chrome:
    =======
    CHR DefaultProfile: Default
    CHR Profile: C:\Users\cd\AppData\Local\Google\Chrome\User Data\Default [2022-09-21]
    CHR HomePage: Default -> hxxp://www.google.com.ar/
    CHR StartupUrls: Default -> "hxxp://www.google.com.ar/","hxxps://www.google.com/"
    CHR Extension: (Kaspersky Protection) - C:\Users\cd\AppData\Local\Google\Chrome\
    User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-08-08]
    CHR Extension: (TV) - C:\Users\cd\AppData\Local\Google\Chrome\User Data\Default\
    Extensions\beobeededemalmllhkmnkinmfembdimh [2020-02-26]
    CHR Extension: (Kaspersky Password Manager) - C:\Users\cd\AppData\Local\Google\
    Chrome\User Data\Default\Extensions\dhnkblpjbkfklfloegejegedcafpliaa [2022-09-18]
    CHR Extension: (Morpheon Dark) - C:\Users\cd\AppData\Local\Google\Chrome\User Data\
    Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2022-01-19]
    CHR Extension: (Guitar Chords) - C:\Users\cd\AppData\Local\Google\Chrome\User Data\
    Default\Extensions\megglpjmadjmghjegnallnhiknjnnjhh [2020-02-26]
    CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\cd\AppData\Local\
    Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-
    02-02]
    CHR Profile: C:\Users\cd\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-
    09-21]
    CHR Profile: C:\Users\cd\AppData\Local\Google\Chrome\User Data\System Profile
    [2022-09-21]
    CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] -
    hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilo
    pmfdlnjdpcdm
    CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] -
    hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilo
    pmfdlnjdpcdm
    CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

    ==================== Servicios (Lista blanca) ===================

    (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo
    no se moverá a menos que sea añadido al listado por separado.)

    R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe


    [172264 2022-08-03] (Adobe Inc. -> Adobe Inc.)
    R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\
    avp.exe [184768 2022-02-17] (Kaspersky Lab JSC -> AO Kaspersky Lab)
    R3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\
    CCleanerPerformanceOptimizerService.exe [1082896 2022-09-12] (Piriform Software Ltd
    -> Piriform Software Ltd)
    R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\
    OfficeClickToRun.exe [10574728 2020-06-23] (Microsoft Corporation -> Microsoft
    Corporation)
    S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet
    Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO
    Kaspersky Lab)
    R2 kpm_service_10.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password
    Manager 10.1\kpm_service.exe [518472 2022-07-18] (AO Kaspersky Lab -> AO Kaspersky
    Lab)
    S3 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104
    2021-06-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
    S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe
    [224192 2022-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
    S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\
    NisSrv.exe [3120992 2022-07-05] (Microsoft Windows Publisher -> Microsoft
    Corporation)
    S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\
    MsMpEng.exe [133544 2022-07-05] (Microsoft Windows Publisher -> Microsoft
    Corporation)

    ===================== Controladores (Lista blanca) ===================

    (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo
    no se moverá a menos que sea añadido al listado por separado.)

    R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [33216 2021-12-02]


    (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
    R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\
    amdsafd.inf_amd64_edd3335a4253bf6d\amdsafd.sys [109520 2021-11-05] (Advanced Micro
    Devices Inc. -> Advanced Micro Devices)
    R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro
    Devices, Inc. -> Advanced Micro Devices, Inc.)
    S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft
    Corporation) [Archivo no firmado]
    S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07]
    (Microsoft Corporation) [Archivo no firmado]
    R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [237288 2022-02-17] (Microsoft
    Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
    S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08]
    (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
    S3 gdrv2; C:\WINDOWS\gdrv2.sys [32600 2021-08-12] (GIGA-BYTE Technology Co., Ltd. -
    > GIGA-BYTE TECHNOLOGY CO., LTD.)
    R3 GPWADrv; C:\WINDOWS\System32\Drivers\GPWADrv64.sys [785080 2019-06-11]
    (Microsoft Windows Hardware Compatibility Publisher -> Line 6)
    R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [105280 2022-02-17]
    (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
    R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [206600 2022-02-17]
    (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
    R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [119568 2022-02-17] (Microsoft
    Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
    S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft
    Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
    R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [522504 2022-02-17] (Microsoft
    Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
    R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [703056 2022-06-09] (Microsoft
    Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
    R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1586112 2022-08-12] (Microsoft
    Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
    R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [189032 2022-09-09]
    (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
    R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1049864 2022-02-17] (Microsoft
    Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
    R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [90896 2022-02-17] (Microsoft
    Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
    R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [104728 2022-02-17]
    (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
    R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [107328 2022-02-17]
    (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
    R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [78088 2022-02-17] (Microsoft Windows
    Hardware Compatibility Publisher -> AO Kaspersky Lab)
    R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [88328 2022-02-17] (Microsoft
    Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
    R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2020-10-21] (AnchorFree Inc
    -> The OpenVPN Project)
    R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [382312
    2022-09-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky
    Lab)
    R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [360008 2022-
    09-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
    R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [190048 2022-
    09-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
    R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [270688 2022-
    09-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
    R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [150280 2022-02-17] (Microsoft
    Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
    R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [325400 2022-02-17] (Microsoft
    Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
    R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [294680 2022-02-17] (Microsoft
    Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
    R3 Serenum; C:\WINDOWS\system32\DRIVERS\nuvserenum.sys [23552 2014-01-12]
    (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK
    provider)
    R3 Serial; C:\WINDOWS\system32\DRIVERS\nuvserial.sys [86016 2014-01-12] (Microsoft
    Windows Hardware Compatibility Publisher -> Nuvoton Technology Corp.)
    S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung
    Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
    S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2022-07-05] (Microsoft
    Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
    S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [452856 2022-07-05]
    (Microsoft Windows -> Microsoft Corporation)
    S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-07-05]
    (Microsoft Windows -> Microsoft Corporation)
    U3 aswbdisk; no ImagePath

    ==================== NetSvcs (Lista blanca) ===================

    (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo
    no se moverá a menos que sea añadido al listado por separado.)

    ==================== Un mes (creado) (Lista blanca) =========

    (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)


    2064-01-01 00:34 - 2064-01-01 00:34 - 000002892 _____ () C:\WINDOWS\SysWOW64\
    audcon.sys
    2064-01-01 00:34 - 2064-01-01 00:34 - 000000000 ____D C:\ProgramData\Syncrosoft
    2022-09-21 14:19 - 2022-09-21 14:20 - 000020477 _____ C:\Users\cd\Downloads\
    FRST.txt
    2022-09-21 14:19 - 2022-09-21 14:19 - 000000000 ____D C:\FRST
    2022-09-21 14:18 - 2022-09-21 14:18 - 002371072 _____ (Farbar) C:\Users\cd\
    Downloads\FRST64.exe
    2022-09-21 14:07 - 2022-09-21 14:10 - 121284160 _____ (AO Kaspersky Lab) C:\Users\
    cd\Downloads\KVRT.exe
    2022-09-21 14:07 - 2022-09-21 14:07 - 002842600 _____ (Kaspersky) C:\Users\cd\
    Downloads\ks4.021.2.16.590en_25112.exe
    2022-09-21 13:57 - 2022-09-21 13:57 - 000000000 ____D C:\ProgramData\Microsoft\
    Windows\Start Menu\Programs\Revo Uninstaller
    2022-09-21 13:57 - 2022-09-21 13:57 - 000000000 ____D C:\Program Files\VS Revo
    Group
    2022-09-21 13:56 - 2022-09-21 13:56 - 007521232 _____ (VS Revo Group ) C:\Users\cd\
    Downloads\revosetup.exe
    2022-09-21 11:45 - 2022-09-21 11:45 - 000000000 ____D C:\Users\cd\Downloads\LOG
    2022-09-21 11:26 - 2022-09-21 11:26 - 000000085 _____ C:\WINDOWS\wininit.ini
    2022-09-21 11:17 - 2022-09-21 11:17 - 000000000 ____D C:\Users\cd\Downloads\tools
    2022-09-21 11:08 - 2022-09-21 11:14 - 000000000 ____D C:\FSTool
    2022-09-21 03:46 - 2022-09-21 13:53 - 000000000 ____D C:\ProgramData\Mozilla-
    1de4eec8-1241-4177-a864-e594e8d1fb38
    2022-09-21 03:46 - 2022-09-21 03:46 - 000001005 _____ C:\ProgramData\Microsoft\
    Windows\Start Menu\Programs\Firefox.lnk
    2022-09-21 03:46 - 2022-09-21 03:46 - 000000000 ____D C:\WINDOWS\system32\Tasks\
    Mozilla
    2022-09-21 03:46 - 2022-09-21 03:46 - 000000000 ____D C:\Users\cd\AppData\Roaming\
    Mozilla
    2022-09-21 03:46 - 2022-09-21 03:46 - 000000000 ____D C:\Users\cd\AppData\Local\
    Mozilla
    2022-09-21 03:46 - 2022-09-21 03:46 - 000000000 ____D C:\Program Files\Mozilla
    Firefox
    2022-09-21 03:46 - 2022-09-21 03:46 - 000000000 ____D C:\Program Files (x86)\
    Mozilla Maintenance Service
    2022-09-21 03:28 - 2022-09-21 13:58 - 000003474 _____ C:\WINDOWS\system32\Tasks\
    CCleanerCrashReporting
    2022-09-21 03:28 - 2022-09-21 13:58 - 000000760 _____ C:\WINDOWS\Tasks\
    CCleanerCrashReporting.job
    2022-09-21 03:28 - 2022-09-21 03:28 - 000003712 _____ C:\WINDOWS\system32\Tasks\
    MicrosoftEdgeUpdateTaskMachineUA{567C15DF-CBC6-4DF7-BB37-795ECE90DC40}
    2022-09-21 03:28 - 2022-09-21 03:28 - 000003588 _____ C:\WINDOWS\system32\Tasks\
    MicrosoftEdgeUpdateTaskMachineCore{9366125F-752D-4DE3-93F1-C2B7AF0CADD5}
    2022-09-21 03:28 - 2022-09-21 03:28 - 000002892 _____ C:\WINDOWS\system32\Tasks\
    CCleanerSkipUAC - cd
    2022-09-21 03:19 - 2022-09-21 03:19 - 000351632 _____ (Mozilla) C:\Users\cd\
    Downloads\Firefox Installer.exe
    2022-09-19 14:50 - 2022-09-19 14:51 - 000013014 _____ C:\Users\cd\Downloads\
    autosave.mepx
    2022-09-19 14:47 - 2022-09-19 14:47 - 000000016 _____ C:\ProgramData\mntemp
    2022-09-18 15:11 - 2022-09-21 03:09 - 000000000 ____D C:\Users\cd\AppData\Roaming\
    ZHP
    2022-09-18 15:11 - 2022-09-21 02:47 - 000000000 ____D C:\Users\cd\AppData\Local\ZHP
    2022-09-18 14:54 - 2022-09-18 14:54 - 002638472 _____ (Malwarebytes) C:\Users\cd\
    Downloads\MBSetup.exe
    2022-09-18 14:40 - 2022-07-01 04:57 - 000454708 ____R C:\WINDOWS\system32\Drivers\
    etc\hosts.20220918-144026.backup
    2022-09-15 19:58 - 2022-09-15 19:58 - 002564867 _____ C:\Users\cd\Downloads\
    WhatsApp Video 2022-09-15 at 19.57.57.mp4
    2022-09-14 00:15 - 2022-09-14 00:15 - 000011813 _____ C:\WINDOWS\system32\
    DrtmAuthTxt.wim
    2022-09-14 00:14 - 2022-09-14 00:14 - 000413696 _____ C:\WINDOWS\system32\
    AzureCheck.dll
    2022-09-14 00:14 - 2022-09-14 00:14 - 000288768 _____ C:\WINDOWS\system32\
    Windows.Management.InprocObjects.dll
    2022-09-14 00:14 - 2022-09-14 00:14 - 000098816 _____ C:\WINDOWS\system32\Drivers\
    cimfs.sys
    2022-09-14 00:14 - 2022-09-14 00:14 - 000060928 _____ C:\WINDOWS\system32\
    runexehelper.exe
    2022-09-13 23:59 - 2022-09-13 23:59 - 000000000 ___HD C:\$WinREAgent
    2022-09-10 16:03 - 2022-09-10 16:03 - 000000000 ____D C:\Users\cd\AppData\Roaming\
    com.adobe.dunamis
    2022-09-09 12:04 - 2022-09-09 12:04 - 000360008 _____ (AO Kaspersky Lab) C:\
    WINDOWS\system32\Drivers\klupd_klif_klark.sys
    2022-09-09 12:03 - 2022-09-09 18:06 - 000270688 _____ (AO Kaspersky Lab) C:\
    WINDOWS\system32\Drivers\klupd_klif_mark.sys
    2022-09-09 12:03 - 2022-09-09 12:03 - 000382312 _____ (AO Kaspersky Lab) C:\
    WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
    2022-09-09 12:03 - 2022-09-09 12:03 - 000190048 _____ (AO Kaspersky Lab) C:\
    WINDOWS\system32\Drivers\klupd_klif_klbg.sys
    2022-08-26 11:07 - 2022-08-26 11:07 - 000144912 _____ C:\Users\cd\Downloads\
    report.pdf

    ==================== Un mes (modificado) ==================

    (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

    2064-01-01 00:34 - 2020-07-12 00:32 - 000000000 ____D C:\ProgramData\eLicenser


    2022-09-21 14:08 - 2020-01-13 10:59 - 000000000 ____D C:\ProgramData\Kaspersky Lab
    Setup Files
    2022-09-21 13:58 - 2020-02-07 00:13 - 000000000 ____D C:\Program Files\CCleaner
    2022-09-21 13:50 - 2021-08-12 21:58 - 000000000 ____D C:\Users\cd\AppData\LocalLow\
    Mozilla
    2022-09-21 13:50 - 2021-02-08 05:37 - 000000000 ____D C:\WINDOWS\system32\
    SleepStudy
    2022-09-21 13:41 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-
    06.com.microsoft
    2022-09-21 13:32 - 2021-02-08 05:49 - 001773866 _____ C:\WINDOWS\system32\
    PerfStringBackup.INI
    2022-09-21 13:32 - 2019-12-07 11:55 - 000788624 _____ C:\WINDOWS\system32\
    perfh00A.dat
    2022-09-21 13:32 - 2019-12-07 11:55 - 000156012 _____ C:\WINDOWS\system32\
    perfc00A.dat
    2022-09-21 13:32 - 2019-12-07 06:13 - 000000000 ____D C:\WINDOWS\INF
    2022-09-21 13:27 - 2021-06-10 03:07 - 000232724 __RSH C:\ProgramData\ntuser.pol
    2022-09-21 13:27 - 2021-06-10 03:05 - 000000000 ____D C:\ProgramData\TEMP
    2022-09-21 13:27 - 2021-06-10 03:05 - 000000000 ____D C:\Program Files (x86)\
    SpywareBlaster
    2022-09-21 13:25 - 2022-03-02 08:01 - 000624144 _____ C:\WINDOWS\system32\
    FNTCACHE.DAT
    2022-09-21 13:25 - 2021-02-08 05:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2022-09-21 13:25 - 2021-02-08 05:37 - 000008192 ___SH C:\DumpStack.log.tmp
    2022-09-21 13:25 - 2020-02-05 01:40 - 000000000 ____D C:\Program Files (x86)\Spybot
    - Search & Destroy 2
    2022-09-21 13:24 - 2020-01-12 02:30 - 000000000 ____D C:\Users\cd\AppData\Roaming\
    vlc
    2022-09-21 13:24 - 2020-01-11 10:02 - 000065536 _____ C:\WINDOWS\psp_storage.bin
    2022-09-21 13:24 - 2019-12-07 06:03 - 000524288 _____ C:\WINDOWS\system32\config\
    BBI
    2022-09-21 13:17 - 2020-06-18 17:50 - 000000000 ____D C:\Users\cd\AppData\Roaming\
    audacity
    2022-09-21 11:52 - 2021-06-10 03:05 - 000001567 _____ C:\DelFix.txt
    2022-09-21 11:50 - 2019-12-07 06:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
    2022-09-21 11:30 - 2020-01-11 10:02 - 000000000 ____D C:\Users\cd\AppData\Local\
    D3DSCache
    2022-09-21 11:26 - 2020-02-05 01:40 - 000000000 ____D C:\ProgramData\Spybot -
    Search & Destroy
    2022-09-21 03:38 - 2022-03-03 02:31 - 000000000 ____D C:\Program Files\Malwarebytes
    2022-09-21 03:27 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps
    2022-09-21 03:27 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\AppReadiness
    2022-09-21 03:25 - 2020-01-11 10:03 - 000000000 ____D C:\ProgramData\AVAST Software
    2022-09-21 03:24 - 2022-03-08 01:20 - 000000000 ____D C:\Users\cd\AppData\Local\
    Opera Software
    2022-09-21 03:24 - 2022-03-05 05:32 - 000000000 ____D C:\Users\cd\AppData\Roaming\
    Opera Software
    2022-09-21 03:24 - 2020-01-11 10:06 - 000000000 ____D C:\Program Files (x86)\Google
    2022-09-21 03:07 - 2020-01-10 17:48 - 000000000 ____D C:\Users\cd\AppData\Local\
    Packages
    2022-09-20 21:25 - 2020-01-10 17:51 - 000000000 ___RD C:\Users\cd\OneDrive
    2022-09-20 14:08 - 2021-02-08 05:38 - 000002448 _____ C:\Users\cd\AppData\Roaming\
    Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2022-09-20 11:54 - 2021-02-08 05:59 - 000003936 _____ C:\WINDOWS\system32\Tasks\
    CCleaner Update
    2022-09-18 20:10 - 2021-11-06 18:06 - 000000000 ____D C:\WINDOWS\Minidump
    2022-09-18 20:10 - 2020-02-10 16:05 - 000000000 ____D C:\Users\cd\AppData\Local\
    CrashDumps
    2022-09-18 16:04 - 2022-02-02 19:17 - 000000000 ____D C:\Program Files\Google
    2022-09-16 19:07 - 2019-12-07 06:03 - 000032768 _____ C:\WINDOWS\system32\config\
    ELAM
    2022-09-15 11:58 - 2021-08-22 00:37 - 000000000 ____D C:\Users\cd\AppData\Local\
    AMD_Common
    2022-09-14 01:57 - 2019-12-07 11:58 - 000000000 ____D C:\Program Files\Windows
    Defender Advanced Threat Protection
    2022-09-14 01:57 - 2019-12-07 06:14 - 000000000 ___RD C:\WINDOWS\
    ImmersiveControlPanel
    2022-09-14 01:57 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\
    WinMetadata
    2022-09-14 01:57 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
    2022-09-14 01:57 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SystemResources
    2022-09-14 01:57 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\
    WinMetadata
    2022-09-14 01:57 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\setup
    2022-09-14 01:57 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Dism
    2022-09-14 01:57 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
    2022-09-14 01:57 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\Provisioning
    2022-09-14 01:57 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\bcastdvr
    2022-09-14 00:20 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\CbsTemp
    2022-09-14 00:14 - 2021-02-08 05:39 - 003011072 _____ (Microsoft Corporation) C:\
    WINDOWS\SysWOW64\PrintConfig.dll
    2022-09-13 23:50 - 2020-01-11 10:40 - 000000000 ____D C:\WINDOWS\system32\MRT
    2022-09-13 23:44 - 2020-01-11 10:40 - 141646296 ____C (Microsoft Corporation) C:\
    WINDOWS\system32\MRT.exe
    2022-09-12 12:11 - 2021-02-08 05:38 - 000000000 ____D C:\Users\cd
    2022-09-09 11:58 - 2020-01-11 12:50 - 000002136 _____ C:\ProgramData\Microsoft\
    Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2022-08-27 17:57 - 2020-01-11 10:13 - 000000000 ____D C:\Users\cd\AppData\Local\
    ElevatedDiagnostics
    2022-08-24 10:04 - 2021-09-24 20:37 - 000000000 ____D C:\Program Files (x86)\Wise

    ==================== Archivos en la raíz de algunos directorios ========

    2020-07-12 01:33 - 2020-07-12 01:33 - 000000030 _____ () C:\Users\cd\AppData\


    Roaming\.pgbiasfx
    2020-07-12 00:40 - 2020-07-12 00:43 - 000003390 _____ () C:\Users\cd\AppData\Local\
    icsys.icn

    ==================== SigCheck ============================

    (No existe una corrección automática para los archivos que no pasan la
    verificación.)

    ==================== Final de FRST.txt ========================

    You might also like