A veces aparece el cmd ejecutando algo... pantalla se pone color gris, procesos lentos

socgom · 25 Agosto, 2025 22:04

Saludos, de verdad que no sé que hacer; ya hace un tiempo que el ordenador anda lento, parece que estuviera sobrecargado, la pantalla se pone color gris, el puntero se queda como congelado no se mueve… y a veces inclusive aparece por brevísimo tiempo el cuadro de ejecución de cmd y desaparece. No sé por donde iniciar. A veces lo que hago es correr el CCleaner, pero creo que hay algo que ralentiza demasiado este ordenador, y no sé cómo eliminar o solucionar. Vuestra ayuda y guía para solucionar esto será importante.

De antemano, gracias

furtivex · 1 Septiembre, 2025 18:55

Hi and welcome to the forum @socgom

Pruebe los dos escáneres siguientes y partiremos de ahí:

Descarga DoesNotBelong a tu escritorio

Desactiva tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.
Ejecuta DoesNotBelong.exe (Presiona clic derecho y selecciona “Ejecutar como Administrador.”)
Aceptas los disclaimers que aparezcan.
Esperas que termine.
Al finalizar generara un reporte que deberás pegar en tu próxima respuesta.

Por favor, descargue Farbar Recovery Scan Tool de acuerdo a su tipo de sistema y guárdelo en el Escritorio del sistema.

¿Cómo saber si mi Windows es de 32 o 64 bits?

Haga clic con el botón derecho sobre él y seleccionar “Ejecutar como Administrador”, para ejecutar la herramienta con permisos de administrador.
Cuando la herramienta se abra, haga clic en Sí para aceptar el Disclaimer/ Descargo de responsabilidad.
Haga clic en el botón Scan (Analizar) y espere a que termine.
La herramienta creará dos informes FRST.txt y Addition.txt ubicados en el mismo directorio desde el que se ejecuta la herramienta.
Por favor, traiga el contenido de estos reportes en su próxima respuesta.
Activa de nuevo tu antivirus y cualquier programa de seguridad que tengas activado.

¿Como Pegar Reportes en el Foro?

Saludos

socgom · 4 Septiembre, 2025 16:42

Hola, saludos, no había visto su respuesta. Le comento que intenté borrar en estos días algunos archivos de audio y video, para recuperar algo de espacio en el disco duro; inicié, además una desfragmentación con un ejecutable llamado defraggler (ya había aplicado el desfragmentador de windows, y no vi mayor efecto), pero no culminó el deflaggler, tardó mucho y debía seguir usando el ordenador. También, hace unos días ejecuté el comando MRT en el cmd de windows, pero si es que hay algún cambio, es poco perceptible. Gracias por sus indicaciones, ya iniciaré lo requerido y pegaré los logs en el chat

Saludos nuevamente, aquí copio el registro que generó el Farbar Recvery Scan Tool, se ejecutó luego de desactivar antivirus:

# DoesNotBelong v9.0.4

# 

https://furtivex.net

# OS: Microsoft Windows 10 Home x64 22H2 EspaÃ±ol (Spanish) - 200a - 1252 - 850

# Nombre de usuario: JesÃºs I. Saavedra → S-1-5-21-921242894-1989990284-1724683343-1000

# Nombre de la computadora: JSPC

# Fecha: 2025_09_04__12_04_33

---

# Procesos:

# Controladores:

# Servicios:

HKLM\\SYSTEM\\CurrentControlSet\\services\\CCleanerPerformanceOptimizerService
HKLM\\SYSTEM\\CurrentControlSet\\services\\HPPrintScanDoctorService

# Archivos:

C:\\Program Files\\CCleaner\\CCleanerPerformanceOptimizerService.exe
C:\\Program Files\\HPPrintScanDoctor\\HPPrintScanDoctorService.exe
C:\\Users\\JesÃºs Saavedra\\AppData\\Local\\Resmon.ResmonCfg
C:\\ProgramData\\ntuser.pol
C:\\ProgramData\\SEC1A18.tmp
C:\\ProgramData\\WildTangent\\Analytics
C:\\ProgramData\\WildTangent\\Analytics\\WTAnalytics.dat
C:\\ProgramData\\WildTangent\\favorites_toshiba.ico
C:\\ProgramData\\WildTangent\\GameData
C:\\ProgramData\\WildTangent\\GameDiscovery
C:\\ProgramData\\WildTangent\\GameInstalls
C:\\ProgramData\\WildTangent\\moregames.ico
C:\\ProgramData\\WildTangent\\WildTangent.ini
C:\\Users\\JesÃºs Saavedra\\AppData\\Local{4BE6E8A3-FE68-4F83-8DB4-3D8CA6F6D2AE}
C:\\Users\\JesÃºs Saavedra\\AppData\\Local{5E41F176-7348-4459-A3E1-B084FA761ED0}
C:\\Users\\JesÃºs Saavedra\\AppData\\Local\\BitTorrentHelper\\ledger.bt.co.btdb
C:\\Users\\JesÃºs Saavedra\\AppData\\Local\\BitTorrentHelper\\ledger.bt.co.btdb.key
C:\\Users\\JesÃºs Saavedra\\AppData\\Local\\BitTorrentHelper\\ledger.bt.co.btdb.passwd
C:\\Users\\JesÃºs Saavedra\\AppData\\Local\\BitTorrentHelper\\ledger.bt.co.lock
C:\\Users\\JesÃºs Saavedra\\AppData\\Local\\BitTorrentHelper\\port
C:\\Users\\JesÃºs Saavedra\\AppData\\Local\\config
C:\\Users\\JesÃºs Saavedra\\AppData\\Local\\DelUnist.bat
C:\\Users\\JesÃºs Saavedra\\AppData\\Local\\dt.dat
C:\\Users\\JesÃºs Saavedra\\AppData\\Local\\Microsoft\\BGAHelperLib\\BGAUpsell\\Assets\\Banner-img.png
C:\\Users\\JesÃºs Saavedra\\AppData\\Local\\Microsoft\\BGAHelperLib\\BGAUpsell\\Assets\\Dark-logo.png
C:\\Users\\JesÃºs Saavedra\\AppData\\Local\\Microsoft\\BGAHelperLib\\BGAUpsell\\Assets\\Light-logo.png
C:\\Users\\JesÃºs Saavedra\\AppData\\Local\\Microsoft\\BGAHelperLib\\BGAUpsell\\BrowserSettings.dll
C:\\Users\\JesÃºs Saavedra\\AppData\\Local\\Microsoft\\BGAHelperLib\\BingChatInstaller\\Assets\\Hero.png
C:\\Users\\JesÃºs Saavedra\\AppData\\Local\\Microsoft\\BGAHelperLib\\BingChatInstaller\\Assets\\StoreLogo44.ico
C:\\Users\\JesÃºs Saavedra\\AppData\\Local\\Microsoft\\BGAHelperLib\\BingChatInstaller\\BrowserSettings.dll
C:\\Users\\JesÃºs Saavedra\\AppData\\Local\\Microsoft\\BGAHelperLib\\BrowserSettings.dll
C:\\Users\\JesÃºs Saavedra\\AppData\\Roaming\\unins000.exe
C:\\Users\\Public\\Documents\\Wondershare\\youtube-downloader_full1429.exe
C:\\Users\\Public\\Downloads\\Norton{NIS204040-SHPD-FSD33017}\\2012Plugin.dll
C:\\Users\\Public\\Downloads\\Norton{NIS204040-SHPD-FSD33017}\\2013Plugin.dll
C:\\Users\\Public\\Downloads\\Norton{NIS204040-SHPD-FSD33017}\\NIS-UPGRADE-ESD-NoDefs-20-4-EN.exe
C:\\Users\\Public\\Downloads\\Norton{NIS204040-SHPD-FSD33017}\\NISDownloader.exe
C:\\Users\\Public\\Downloads\\Norton{NIS204040-SHPD-FSD33017}\\symcdefs.exe
C:\\Users\\Public\\Recorded TV (1)\\TempRec\\ehscanned.dat
C:\\Users\\Public\\Recorded TV\\TempRec\\ehscanned.dat
C:\\WINDOWS\\Installer\\adp_core-2_5.dll
C:\\WINDOWS\\Installer\\adp_data-2_5.dll
C:\\WINDOWS\\Installer\\adp_io_plugin-2_5.dll
C:\\WINDOWS\\Installer\\adp_service_opczip-2_5.dll
C:\\WINDOWS\\Installer\\adp_toolkit-2_5.dll
C:\\WINDOWS\\Installer\\libfbxsdk-2_5.dll
C:\\WINDOWS\\Installer\\Luc.exe
C:\\WINDOWS\\Installer\\MSI2ECD.tmp
C:\\WINDOWS\\Installer\\MSIBDE2.tmp
C:\\WINDOWS\\Installer\\msvcm90.dll
C:\\WINDOWS\\Installer\\msvcp90.dll
C:\\WINDOWS\\Installer\\msvcr90.dll
C:\\WINDOWS\\Installer\\tbb.dll
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CM213EC.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CM215BE.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CM22836.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CM22AE1.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CM22C8.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CM23ABE.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CM242CB.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CM254BD.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CM25DCB.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CM261C3.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CM269B1.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CM27039.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CM270E5.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CM27A5D.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CM2826F.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CM28890.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CM28F3C.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CM29563.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CM2959.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CM2A0F6.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CM2B200.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CM2C7C8.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CM2D41A.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CM2DF59.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CM2E61B.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CM2F272.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CM2FF03.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\tpm-17a0-177c-1d0f55.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\tpm-2044-114c-1c9183.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\tpm-2104-b68-943db0.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\tw-1274-2e34-30ee5d.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\tw-12f4-1954-2c1339.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\tw-1530-d3c-54c8ee.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\tw-1ed0-152c-15ba88.tmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\tw-22e4-191c-319d44.tmp
C:\\WINDOWS\\System32\\FNTCACHE.DAT
C:\\WINDOWS\\System32\\GroupPolicy\\GPT.ini
C:\\WINDOWS\\System32\\perfc009.dat
C:\\WINDOWS\\System32\\perfc00A.dat
C:\\WINDOWS\\System32\\perfh009.dat
C:\\WINDOWS\\System32\\perfh00A.dat
C:\\WINDOWS\\SysWOW64\\GroupPolicy\\GPT.ini
C:\\WINDOWS\\SysWOW64\\igcodeckrng600.bin
C:\\WINDOWS\\SysWOW64\\igvpkrng600.bin
C:\\WINDOWS\\SysWOW64\\pool.bin
C:\\WINDOWS\\SysWOW64\\rp_rules.dat
C:\\WINDOWS\\SysWOW64\\rp_stats.dat
Navegador: Google Chrome - Notificaciones push encontradas y eliminadas (Profile 1)

# Carpetas:

C:\\ProgramData\\WildTangent
C:\\Users\\JesÃºs Saavedra\\AppData\\Local\\BitTorrentHelper
C:\\Users\\JesÃºs Saavedra\\AppData\\Local\\Microsoft\\BGAHelperLib
C:\\ProgramData\\34BE82C4-E596-4e99-A191-52C6199EBF69
C:\\ProgramData\\E1864A66-75E3-486a-BD95-D1B7D99A84A7
C:\\ProgramData\\ProductFeatures
C:\\WINDOWS\\Installer\\MSI318A.tmp- (JUNK.EmptyInstaller)
C:\\WINDOWS\\Installer\\MSI4487.tmp- (JUNK.EmptyInstaller)
C:\\WINDOWS\\Installer\\MSI47B4.tmp- (JUNK.EmptyInstaller)
C:\\WINDOWS\\Installer\\MSI4A16.tmp- (JUNK.EmptyInstaller)
C:\\WINDOWS\\Installer\\MSI4DE0.tmp- (JUNK.EmptyInstaller)
C:\\WINDOWS\\Installer\\MSI5D4A.tmp- (JUNK.EmptyInstaller)
C:\\WINDOWS\\Installer\\MSI5DA6.tmp- (JUNK.EmptyInstaller)
C:\\WINDOWS\\Installer\\MSI6577.tmp- (JUNK.EmptyInstaller)
C:\\WINDOWS\\Installer\\MSI7078.tmp- (JUNK.EmptyInstaller)
C:\\WINDOWS\\Installer\\MSI723E.tmp- (JUNK.EmptyInstaller)
C:\\WINDOWS\\Installer\\MSI73A6.tmp- (JUNK.EmptyInstaller)
C:\\WINDOWS\\Installer\\MSI74E0.tmp- (JUNK.EmptyInstaller)
C:\\WINDOWS\\Installer\\MSI76C5.tmp- (JUNK.EmptyInstaller)
C:\\WINDOWS\\Installer\\MSIB468.tmp- (JUNK.EmptyInstaller)
C:\\WINDOWS\\Installer\\MSIBA94.tmp- (JUNK.EmptyInstaller)
C:\\WINDOWS\\Installer\\MSIBF2C.tmp- (JUNK.EmptyInstaller)
C:\\WINDOWS\\Installer\\MSICC38.tmp- (JUNK.EmptyInstaller)
C:\\WINDOWS\\Installer\\MSIED5E.tmp- (JUNK.EmptyInstaller)
C:\\WINDOWS\\Installer\\MSIFE06.tmp- (JUNK.EmptyInstaller)
C:\\WINDOWS\\System32\\Tasks\\Agent Activation Runtime
C:\\WINDOWS\\System32\\Tasks\\Apple
C:\\WINDOWS\\System32\\Tasks\\Avast Software
C:\\WINDOWS\\System32\\Tasks\\GoogleSystem
C:\\WINDOWS\\System32\\Tasks\\Hewlett-Packard
C:\\WINDOWS\\System32\\Tasks\\HP
C:\\WINDOWS\\System32\\Tasks\\Mozilla
C:\\WINDOWS\\System32\\Tasks\\NCH Software
C:\\WINDOWS\\System32\\Tasks\\OfficeSoftwareProtectionPlatform
C:\\WINDOWS\\System32\\Tasks\\Privax
C:\\WINDOWS\\System32\\Tasks\\S-1-5-21-921242894-1989990284-1724683343-1000
C:\\WINDOWS\\System32\\Tasks\\WPD
C:\\WINDOWS\\System32\\Tasks_Migrated\\Apple
C:\\WINDOWS\\System32\\Tasks_Migrated\\Hewlett-Packard
C:\\WINDOWS\\System32\\Tasks_Migrated\\NCH Software
C:\\WINDOWS\\System32\\Tasks_Migrated\\OfficeSoftwareProtectionPlatform
C:\\WINDOWS\\System32\\Tasks_Migrated\\Privax
C:\\WINDOWS\\System32\\Tasks_Migrated\\S-1-5-21-921242894-1989990284-1724683343-1000
C:\\WINDOWS\\System32\\Tasks_Migrated\\WPD

# Tareas:

{4F958F87-B943-424C-AD8F-68D808BEC5A2}
{5CBE22C1-6482-44E3-813D-6DD2C7197048}
{9187A549-2248-4BE8-BAE5-38CFBF5BDB4C}
{B6C92AF0-234E-488A-95C6-2B5393307A8F}
{FE0BB373-C334-4163-9F91-0B8B5EA2BB09}
Ad-Aware Update (Weekly)
Adobe-Genuine-Software-Integrity-Scheduler-1.0
Adobe Acrobat Update Task
AdobeGCInvoker-1.0
Agent Activation Runtime\\S-1-5-21-921242894-1989990284-1724683343-1000
Apple Diagnostics
Apple\\AppleSoftwareUpdate
Avast Software\\Avast Driver Updater BugReport
Avast Software\\Avast Driver Updater Update
BraveSoftwareUpdateTaskMachineCore{82372FCE-5A39-42FA-A3F6-D34E39005583}
BraveSoftwareUpdateTaskMachineUA{2609A5E7-D6E8-491C-B3AF-EF332CAD85E9}
CCleaner Update
CCleanerCrashReporting
CCleanerSkipUAC - JesÃºs I. Saavedra
CCleanerUpdateTaskMachineCore
CCleanerUpdateTaskMachineUA
CreateExplorerShellUnelevatedTask
DropboxUpdateTaskMachineCore
DropboxUpdateTaskMachineUA
G2MUpdateTask-S-1-5-21-921242894-1989990284-1724683343-1000
G2MUploadTask-S-1-5-21-921242894-1989990284-1724683343-1000
GoogleSystem\\GoogleUpdater\\GoogleUpdaterTaskSystem141.0.7376.0{29333BE0-1B0B-47B2-8281-6C8F4894A9CC}
Hewlett-Packard\\HP Support Assistant\\HP Support Assistant Quick Start
Hewlett-Packard\\HP Support Assistant\\HP Support Solutions Framework Report
Hewlett-Packard\\HP Support Assistant\\HP Support Solutions Framework Updater
Hewlett-Packard\\HP Support Assistant\\HP Support Solutions Framework Updater - Resources
Hewlett-Packard\\HP Support Assistant\\PC Health Analysis
Hewlett-Packard\\HP Support Assistant\\Product Configurator
Hewlett-Packard\\HP Support Assistant\\WarrantyChecker_DeviceScan
HP\\HP Print Scan Doctor\\Printer Health Monitor
HP\\HP Print Scan Doctor\\Printer Health Monitor Logon
IcarusPrivaxVpnUpgrade
Java Platform SE Auto Updater
Microsoft\\Microsoft Antimalware\\Microsoft Antimalware Scheduled Scan
Microsoft\\Office\\Office 15 Subscription Heartbeat
Microsoft\\Office\\OfficeTelemetryAgentFallBack2016
Microsoft\\Office\\OfficeTelemetryAgentLogOn2016
Microsoft\\Windows\\AppID\\EDP Policy Manager
Microsoft\\Windows\\AppID\\SmartScreenSpecific
Microsoft\\Windows\\Application Experience\\MareBackup
Microsoft\\Windows\\Application Experience\\Microsoft Compatibility Appraiser
Microsoft\\Windows\\Application Experience\\PcaPatchDbTask
Microsoft\\Windows\\Application Experience\\PcaWallpaperAppDetect
Microsoft\\Windows\\Application Experience\\ProgramDataUpdater
Microsoft\\Windows\\Application Experience\\StartupAppTask
Microsoft\\Windows\\ApplicationData\\appuriverifierdaily
Microsoft\\Windows\\ApplicationData\\appuriverifierinstall
Microsoft\\Windows\\ApplicationData\\DsSvcCleanup
Microsoft\\Windows\\Autochk\\Proxy
Microsoft\\Windows\\Chkdsk\\ProactiveScan
Microsoft\\Windows\\Clip\\ClipESU
Microsoft\\Windows\\Clip\\ClipESUConsumer
Microsoft\\Windows\\Clip\\ClipEsuConsumerProcessPreOrder
Microsoft\\Windows\\Clip\\ClipEsuConsumerProcessRefund
Microsoft\\Windows\\Clip\\EnableClipESU
Microsoft\\Windows\\CloudExperienceHost\\CreateObjectTask
Microsoft\\Windows\\ConsentUX\\UnifiedConsent\\UnifiedConsentSyncTask
Microsoft\\Windows\\Customer Experience Improvement Program\\Consolidator
Microsoft\\Windows\\Customer Experience Improvement Program\\UsbCeip
Microsoft\\Windows\\Defrag\\ScheduledDefrag
Microsoft\\Windows\\DeviceDirectoryClient\\RegisterDeviceConnectedToNetwork
Microsoft\\Windows\\DeviceDirectoryClient\\RegisterDevicePeriodic1
Microsoft\\Windows\\DeviceDirectoryClient\\RegisterDevicePeriodic6
Microsoft\\Windows\\DeviceDirectoryClient\\RegisterDeviceScreenOnOff
Microsoft\\Windows\\Diagnosis\\RecommendedTroubleshootingScanner
Microsoft\\Windows\\Diagnosis\\Scheduled
Microsoft\\Windows\\DiskDiagnostic\\Microsoft-Windows-DiskDiagnosticDataCollector
Microsoft\\Windows\\DiskDiagnostic\\Microsoft-Windows-DiskDiagnosticResolver
Microsoft\\Windows\\DiskFootprint\\Diagnostics
Microsoft\\Windows\\DiskFootprint\\StorageSense
Microsoft\\Windows\\EnterpriseMgmt\\MDMMaintenenceTask
Microsoft\\Windows\\ErrorDetails\\EnableErrorDetailsUpdate
Microsoft\\Windows\\ErrorDetails\\ErrorDetailsUpdate
Microsoft\\Windows\\Feedback\\Siuf\\DmClient
Microsoft\\Windows\\Feedback\\Siuf\\DmClientOnScenarioDownload
Microsoft\\Windows\\Flighting\\FeatureConfig\\ReconcileFeatures
Microsoft\\Windows\\Flighting\\FeatureConfig\\UsageDataFlushing
Microsoft\\Windows\\Flighting\\FeatureConfig\\UsageDataReporting
Microsoft\\Windows\\Flighting\\OneSettings\\RefreshCache
Microsoft\\Windows\\HelloFace\\FODCleanupTask
Microsoft\\Windows\\InstallService\\ScanForUpdates
Microsoft\\Windows\\InstallService\\ScanForUpdatesAsUser
Microsoft\\Windows\\InstallService\\SmartRetry
Microsoft\\Windows\\InstallService\\WakeUpAndContinueUpdates
Microsoft\\Windows\\InstallService\\WakeUpAndScanForUpdates
Microsoft\\Windows\\Location\\Notifications
Microsoft\\Windows\\Maintenance\\WinSAT
Microsoft\\Windows\\Maps\\MapsToastTask
Microsoft\\Windows\\Maps\\MapsUpdateTask
Microsoft\\Windows\\Media Center\\ActivateWindowsSearch
Microsoft\\Windows\\Media Center\\ConfigureInternetTimeService
Microsoft\\Windows\\Media Center\\DispatchRecoveryTasks
Microsoft\\Windows\\Media Center\\ehDRMInit
Microsoft\\Windows\\Media Center\\InstallPlayReady
Microsoft\\Windows\\Media Center\\mcupdate
Microsoft\\Windows\\Media Center\\mcupdate_scheduled
Microsoft\\Windows\\Media Center\\MediaCenterRecoveryTask
Microsoft\\Windows\\Media Center\\ObjectStoreRecoveryTask
Microsoft\\Windows\\Media Center\\OCURActivate
Microsoft\\Windows\\Media Center\\OCURDiscovery
Microsoft\\Windows\\Media Center\\PBDADiscovery
Microsoft\\Windows\\Media Center\\PBDADiscoveryW1
Microsoft\\Windows\\Media Center\\PBDADiscoveryW2
Microsoft\\Windows\\Media Center\\PeriodicScanRetry
Microsoft\\Windows\\Media Center\\PvrRecoveryTask
Microsoft\\Windows\\Media Center\\PvrScheduleTask
Microsoft\\Windows\\Media Center\\RecordingRestart
Microsoft\\Windows\\Media Center\\RegisterSearch
Microsoft\\Windows\\Media Center\\ReindexSearchRoot
Microsoft\\Windows\\Media Center\\SqlLiteRecoveryTask
Microsoft\\Windows\\Media Center\\StartRecording
Microsoft\\Windows\\Media Center\\UpdateRecordPath
Microsoft\\Windows\\MemoryDiagnostic\\ProcessMemoryDiagnosticEvents
Microsoft\\Windows\\MemoryDiagnostic\\RunFullMemoryDiagnostic
Microsoft\\Windows\\Mobile Broadband Accounts\\MNO Metadata Parser
Microsoft\\Windows\\MobilePC\\HotStart
Microsoft\\Windows\\PerfTrack\\BackgroundConfigSurveyor
Microsoft\\Windows\\Plug and Play\\Plug and Play Cleanup
Microsoft\\Windows\\Power Efficiency Diagnostics\\AnalyzeSystem
Microsoft\\Windows\\PushToInstall\\LoginCheck
Microsoft\\Windows\\PushToInstall\\Registration
Microsoft\\Windows\\RemoteAssistance\\RemoteAssistanceTask
Microsoft\\Windows\\SettingSync\\BackgroundUploadTask
Microsoft\\Windows\\SettingSync\\NetworkStateChangeTask
Microsoft\\Windows\\Shell\\CreateObjectTask
Microsoft\\Windows\\Shell\\FamilySafetyMonitor
Microsoft\\Windows\\Shell\\FamilySafetyMonitorToastTask
Microsoft\\Windows\\Shell\\FamilySafetyRefreshTask
Microsoft\\Windows\\Shell\\IndexerAutomaticMaintenance
Microsoft\\Windows\\Shell\\ThemesSyncedImageDownload
Microsoft\\Windows\\Shell\\WindowsParentalControls
Microsoft\\Windows\\Shell\\WindowsParentalControlsMigration
Microsoft\\Windows\\SideShow\\AutoWake
Microsoft\\Windows\\SideShow\\GadgetManager
Microsoft\\Windows\\SideShow\\SessionAgent
Microsoft\\Windows\\SideShow\\SystemDataProviders
Microsoft\\Windows\\Subscription\\EnableLicenseAcquisition
Microsoft\\Windows\\Subscription\\LicenseAcquisition
Microsoft\\Windows\\Tcpip\\IpAddressConflict1
Microsoft\\Windows\\Tcpip\\IpAddressConflict2
Microsoft\\Windows\\UpdateAssistant\\UpdateAssistant
Microsoft\\Windows\\UpdateAssistant\\UpdateAssistantAllUsersRun
Microsoft\\Windows\\UpdateAssistant\\UpdateAssistantCalendarRun
Microsoft\\Windows\\UpdateAssistant\\UpdateAssistantWakeupRun
Microsoft\\Windows\\UpdateOrchestrator\\MusUx_UpdateInterval
Microsoft\\Windows\\User Profile Service\\HiveUploadTask
Microsoft\\Windows\\Windows Media Sharing\\UpdateLibrary
Microsoft\\Windows\\WindowsUpdate\\Refresh Group Policy Cache
Microsoft\\Windows\\WindowsUpdate\\RUXIM\\PLUGScheduler
Microsoft\\Windows\\WindowsUpdate\\Scheduled Start
Microsoft\\Windows\\WindowsUpdate\\sihpostreboot
Microsoft\\Windows\\WlanSvc\\CDSSync
Microsoft\\Windows\\WOF\\WIM-Hash-Management
Microsoft\\Windows\\WOF\\WIM-Hash-Validation
Microsoft\\Windows\\WwanSvc\\NotificationTask
Microsoft\\Windows\\WwanSvc\\OobeDiscovery
Microsoft\\XblGameSave\\XblGameSaveTask
Microsoft\\XblGameSave\\XblGameSaveTaskLogon
MicrosoftEdgeUpdateTaskMachineCore
MicrosoftEdgeUpdateTaskMachineUA
MicrosoftEdgeUpdateTaskUserS-1-5-21-921242894-1989990284-1724683343-1000Core
MicrosoftEdgeUpdateTaskUserS-1-5-21-921242894-1989990284-1724683343-1000UA
Mozilla\\Firefox Background Update S-1-5-21-921242894-1989990284-1724683343-1000 308046B0AF4A39CB
Mozilla\\Firefox Default Browser Agent 308046B0AF4A39CB
OneDrive Reporting Task-S-1-5-21-921242894-1989990284-1724683343-1000
OneDrive Standalone Update Task-S-1-5-21-921242894-1989990284-1724683343-1000
OneDrive Startup Task-S-1-5-21-921242894-1989990284-1724683343-1000
Opera scheduled Autoupdate 1750871475
Privax\\HMA VPN Bug Report
Privax\\HMA VPN Emergency Update
Privax\\HMA VPN Update
psiphon
RealDownloader Update Check
RealPlayerRealUpgradeLogonTaskS-1-5-21-921242894-1989990284-1724683343-1003
RealPlayerRealUpgradeScheduledTaskS-1-5-21-921242894-1989990284-1724683343-1003
RealUpgradeLogonTaskS-1-5-21-921242894-1989990284-1724683343-1000
RealUpgradeScheduledTaskS-1-5-21-921242894-1989990284-1724683343-1000
S-1-5-21-921242894-1989990284-1724683343-1000\\DataSenseLiveTileTask
SidebarExecute
WPD\\SqmUpload_S-1-5-21-921242894-1989990284-1724683343-1000
ZoomUpdateTaskUser-S-1-5-21-921242894-1989990284-1724683343-1000

# Registro:

HKCU\\Software\\Lavasoft\\Web Companion
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\webcompanion.com
HKLM\\Software\\Microsoft\\Tracing\\AllMyTube_RASAPI32
HKLM\\Software\\Microsoft\\Tracing\\AllMyTube_RASMANCS
HKLM\\Software\\Microsoft\\Tracing\\AllMyTubeUpdateHelper_RASAPI32
HKLM\\Software\\Microsoft\\Tracing\\AllMyTubeUpdateHelper_RASMANCS
HKLM\\Software\\Microsoft\\Tracing\\BGAUpsell_RASAPI32
HKLM\\Software\\Microsoft\\Tracing\\BGAUpsell_RASMANCS
HKLM\\Software\\Microsoft\\Tracing\\BingChatInstaller_RASAPI32
HKLM\\Software\\Microsoft\\Tracing\\BingChatInstaller_RASMANCS
HKLM\\Software\\Microsoft\\Tracing\\FreemakeVC_RASAPI32
HKLM\\Software\\Microsoft\\Tracing\\FreemakeVC_RASMANCS
HKLM\\Software\\Microsoft\\Tracing\\PetrobowlCompetition_RASAPI32
HKLM\\Software\\Microsoft\\Tracing\\PetrobowlCompetition_RASMANCS
HKLM\\Software\\Microsoft\\Tracing\\Update_RASAPI32
HKLM\\Software\\Microsoft\\Tracing\\Update_RASMANCS
HKLM\\Software\\Microsoft\\BingSvc
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\ContentDeliveryManager\\SubscribedContent-338388Enabled
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\ContentDeliveryManager\\SubscribedContent-338389Enabled
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\ContentDeliveryManager\\SubscribedContentEnabled \[1\] => \[0\]
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\ContentDeliveryManager\\SystemPaneSuggestionsEnabled \[1\] => \[0\]
HKCR\\ActivatableClasses\\Package\\Microsoft.BingFinance_4.53.63386.0_x64__8wekyb3d8bbwe
HKCR\\ActivatableClasses\\Package\\Microsoft.BingNews_4.55.62231.0_x64__8wekyb3d8bbwe
HKCR\\ActivatableClasses\\Package\\Microsoft.BingSports_4.54.31792.0_x64__8wekyb3d8bbwe
HKCR\\ActivatableClasses\\Package\\Microsoft.BingWeather_4.54.63026.0_x64__8wekyb3d8bbwe
HKCR\\Extensions\\ContractId\\Windows.BackgroundTasks\\PackageId\\Microsoft.BingFinance_4.53.63386.0_x64__8wekyb3d8bbwe
HKCR\\Extensions\\ContractId\\Windows.BackgroundTasks\\PackageId\\Microsoft.BingNews_4.55.62231.0_x64__8wekyb3d8bbwe
HKCR\\Extensions\\ContractId\\Windows.BackgroundTasks\\PackageId\\Microsoft.BingSports_4.54.31792.0_x64__8wekyb3d8bbwe
HKCR\\Extensions\\ContractId\\Windows.BackgroundTasks\\PackageId\\Microsoft.BingWeather_4.54.63026.0_x64__8wekyb3d8bbwe
HKCR\\Extensions\\ContractId\\Windows.Launch\\PackageId\\Microsoft.BingFinance_4.53.63386.0_x64__8wekyb3d8bbwe
HKCR\\Extensions\\ContractId\\Windows.Launch\\PackageId\\Microsoft.BingNews_4.55.62231.0_x64__8wekyb3d8bbwe
HKCR\\Extensions\\ContractId\\Windows.Launch\\PackageId\\Microsoft.BingSports_4.54.31792.0_x64__8wekyb3d8bbwe
HKCR\\Extensions\\ContractId\\Windows.Launch\\PackageId\\Microsoft.BingWeather_4.54.63026.0_x64__8wekyb3d8bbwe
HKCR\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel\\PolicyCache\\Microsoft.BingFinance_8wekyb3d8bbwe
HKCR\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel\\PolicyCache\\Microsoft.BingNews_8wekyb3d8bbwe
HKCR\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel\\PolicyCache\\Microsoft.BingSearch_8wekyb3d8bbwe
HKCR\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel\\PolicyCache\\Microsoft.BingSports_8wekyb3d8bbwe
HKCR\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel\\PolicyCache\\Microsoft.BingWeather_8wekyb3d8bbwe
HKCR\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel\\PolicyCache\\Microsoft.Edge.GameAssist_8wekyb3d8bbwe
HKCU\\Software\\Classes\\Extensions\\ContractId\\Windows.BackgroundTasks\\PackageId\\Microsoft.BingFinance_4.53.63386.0_x64__8wekyb3d8bbwe
HKCU\\Software\\Classes\\Extensions\\ContractId\\Windows.BackgroundTasks\\PackageId\\Microsoft.BingNews_4.55.62231.0_x64__8wekyb3d8bbwe
HKCU\\Software\\Classes\\Extensions\\ContractId\\Windows.BackgroundTasks\\PackageId\\Microsoft.BingSports_4.54.31792.0_x64__8wekyb3d8bbwe
HKCU\\Software\\Classes\\Extensions\\ContractId\\Windows.BackgroundTasks\\PackageId\\Microsoft.BingWeather_4.54.63026.0_x64__8wekyb3d8bbwe
HKCU\\Software\\Classes\\Extensions\\ContractId\\Windows.Protocol\\PackageId\\Microsoft.BingFinance_4.53.63386.0_x64__8wekyb3d8bbwe
HKCU\\Software\\Classes\\Extensions\\ContractId\\Windows.Protocol\\PackageId\\Microsoft.BingNews_4.55.62231.0_x64__8wekyb3d8bbwe
HKCU\\Software\\Classes\\Extensions\\ContractId\\Windows.Protocol\\PackageId\\Microsoft.BingSports_4.54.31792.0_x64__8wekyb3d8bbwe
HKCU\\Software\\Classes\\Extensions\\ContractId\\Windows.Protocol\\PackageId\\Microsoft.BingWeather_4.54.63026.0_x64__8wekyb3d8bbwe
HKCU\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel\\PolicyCache\\Microsoft.BingFinance_8wekyb3d8bbwe
HKCU\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel\\PolicyCache\\Microsoft.BingNews_8wekyb3d8bbwe
HKCU\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel\\PolicyCache\\Microsoft.BingSearch_8wekyb3d8bbwe
HKCU\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel\\PolicyCache\\Microsoft.BingSports_8wekyb3d8bbwe
HKCU\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel\\PolicyCache\\Microsoft.BingWeather_8wekyb3d8bbwe
HKCU\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel\\PolicyCache\\Microsoft.Edge.GameAssist_8wekyb3d8bbwe
HKCU\\Software\\Microsoft\\Windows NT\\CurrentVersion\\HostActivityManager\\CommitHistory\\Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance
HKCU\\Software\\Microsoft\\Windows NT\\CurrentVersion\\HostActivityManager\\CommitHistory\\Microsoft.BingWeather_8wekyb3d8bbwe!App
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\BackgroundAccessApplications\\Microsoft.BingFinance_8wekyb3d8bbwe
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\BackgroundAccessApplications\\Microsoft.BingNews_8wekyb3d8bbwe
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\BackgroundAccessApplications\\Microsoft.BingSports_8wekyb3d8bbwe
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\BackgroundAccessApplications\\Microsoft.BingWeather_8wekyb3d8bbwe
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\8NPABKO3458V01K
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\Adobe Acrobat Synchronizer
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\ApplePhotoStreams
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\CCleaner Monitoring
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\CCleaner Smart Cleaning
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\CCleanerBrowserAutoLaunch_A741F925D6050B01730C16A8F7781C59
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\Client Server Runtime Process
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\com.squirrel.Teams.Teams
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\CZA0LXYFS1VLQUZ
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\GoogleChromeAutoLaunch_37BAFEC3A9DDB379E51783EF3EBED27B
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\GoogleDriveFS
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\Host-process Windows (Rundll3.exe)
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\Host-process Windows (Rundll32.exe)
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\iCloudPhotos
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\iCloudServices
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\Microsoft Edge Update
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\MicrosoftEdgeAutoLaunch_162380D12777F4FFD5704247D407B48B
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\OneDrive
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\OneDriveSetup
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\org.whispersystems.signal-desktop
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\PQYUUDNZ62HHBZF
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\Q0I4U89XGABX7WB
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\SDBSHCXHN7SM1QF
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\Service Host Process for Windows
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\Skype
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\Uninstall C:\\Users\\JesÃºs Saavedra\\AppData\\Local\\Microsoft\\OneDrive\\17.3.5930.0814
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\Uninstall C:\\Users\\JesÃºs Saavedra\\AppData\\Local\\Microsoft\\OneDrive\\17.3.5930.0814\\amd64
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\Zoom
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\StartupFolder\\wesbuagu.lnk
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\CCleaner Smart Cleaning
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\com.squirrel.Teams.Teams
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\Microsoft Edge Update
HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\MicrosoftEdgeAutoLaunch_162380D12777F4FFD5704247D407B48B
HKLM\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel\\PackageRepository\\Packages\\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe
HKLM\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel\\PackageRepository\\Packages\\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe
HKLM\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel\\PackageRepository\\Packages\\Microsoft.BingFinance_4.53.63386.0_neutral\_\~*8wekyb3d8bbwe
HKLM\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel\\PackageRepository\\Packages\\Microsoft.BingFinance_4.53.63386.0_neutral_split.language-es_8wekyb3d8bbwe
HKLM\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel\\PackageRepository\\Packages\\Microsoft.BingFinance_4.53.63386.0_neutral_split.scale-100_8wekyb3d8bbwe
HKLM\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel\\PackageRepository\\Packages\\Microsoft.BingFinance_4.53.63386.0_x64__8wekyb3d8bbwe
HKLM\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel\\PackageRepository\\Packages\\Microsoft.BingNews_4.55.62231.0_neutral_split.language-es_8wekyb3d8bbwe
HKLM\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel\\PackageRepository\\Packages\\Microsoft.BingNews_4.55.62231.0_neutral_split.scale-100_8wekyb3d8bbwe
HKLM\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel\\PackageRepository\\Packages\\Microsoft.BingNews_4.55.62231.0_x64__8wekyb3d8bbwe
HKLM\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel\\PackageRepository\\Packages\\Microsoft.BingNews_4.8.11001.0_neutral*\~*8wekyb3d8bbwe
HKLM\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel\\PackageRepository\\Packages\\Microsoft.BingSports_4.54.31792.0_neutral_split.language-es_8wekyb3d8bbwe
HKLM\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel\\PackageRepository\\Packages\\Microsoft.BingSports_4.54.31792.0_neutral_split.scale-100_8wekyb3d8bbwe
HKLM\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel\\PackageRepository\\Packages\\Microsoft.BingSports_4.54.31792.0_x64__8wekyb3d8bbwe
HKLM\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel\\PackageRepository\\Packages\\Microsoft.BingSports_4.6.28002.0_neutral*\~*8wekyb3d8bbwe
HKLM\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel\\PackageRepository\\Packages\\Microsoft.BingWeather_4.54.63026.0_neutral*\~*8wekyb3d8bbwe
HKLM\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel\\PackageRepository\\Packages\\Microsoft.BingWeather_4.54.63026.0_neutral_split.language-es_8wekyb3d8bbwe
HKLM\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel\\PackageRepository\\Packages\\Microsoft.BingWeather_4.54.63026.0_neutral_split.scale-100_8wekyb3d8bbwe
HKLM\\Software\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel\\PackageRepository\\Packages\\Microsoft.BingWeather_4.54.63026.0_x64__8wekyb3d8bbwe
HKLM\\Software\\Microsoft\\SecurityManager\\CapAuthz\\ApplicationsEx\\Microsoft.BingFinance_4.53.63386.0_x64__8wekyb3d8bbwe
HKLM\\Software\\Microsoft\\SecurityManager\\CapAuthz\\ApplicationsEx\\Microsoft.BingNews_4.55.62231.0_x64__8wekyb3d8bbwe
HKLM\\Software\\Microsoft\\SecurityManager\\CapAuthz\\ApplicationsEx\\Microsoft.BingSports_4.54.31792.0_x64__8wekyb3d8bbwe
HKLM\\Software\\Microsoft\\SecurityManager\\CapAuthz\\ApplicationsEx\\Microsoft.BingWeather_4.54.63026.0_x64__8wekyb3d8bbwe
HKLM\\Software\\Microsoft\\Shared Tools\\MSConfig\\services\\Apple Mobile Device Service
HKLM\\Software\\Microsoft\\Shared Tools\\MSConfig\\services\\avgsvc
HKLM\\Software\\Microsoft\\Shared Tools\\MSConfig\\services\\HmaProVpn
HKLM\\Software\\Microsoft\\Shared Tools\\MSConfig\\services\\XblAuthManager
HKLM\\Software\\Microsoft\\Shared Tools\\MSConfig\\services\\XblGameSave
HKLM\\Software\\Microsoft\\Shared Tools\\MSConfig\\services\\XboxNetApiSvc
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\AdobeAAMUpdater-1.0
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\AdobeGCInvoker-1.0
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\Avast Driver Updater UI
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\AvgUi
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\cAudioFilterAgent
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\dAR
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\Dropbox
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\HotKeysCmds
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\IgfxTray
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\iTunesHelper
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\Persistence
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\SecurityHealth
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\SmartAudio
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\SynTPEnh
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\TCrdMain
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\Teco
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\TosNC
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\TosReelTimeMonitor
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\TosSENotify
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\TosVolRegulator
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\TPwrMain
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\TuneupUI.exe
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\VDUpdateHelper.exe
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run\\WindowsDefender
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run32\\(Predeterminado)
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run32\\Acrobat Assistant 8.0
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run32\\Adobe Creative Cloud
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run32\\AdobeAAMUpdater-1.0
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run32\\AvgUi
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run32\\DriveSpan
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run32\\Dropbox
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run32\\GrooveMonitor
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run32\\HP Software Update
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run32\\hpqSRMon
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run32\\NBKeyScan
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run32\\RealDownloader
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run32\\RIMBBLaunchAgent.exe
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run32\\SunJavaUpdateSched
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run32\\TkBellExe
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run32\\TosNC
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run32\\TSleepSrv
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run32\\VDUpdateHelper.exe
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\StartupFolder\\HMA VPN.lnk
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\StartupFolder\\HP Digital Imaging Monitor.lnk
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\StartupFolder\\Notifier.lnk
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\StartupFolder\\RealTimes.lnk
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\iTunesHelper
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\VDUpdateHelper.exe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\AppxAllUserStore\\Applications\\Microsoft.BingFinance_4.7.29001.0_neutral*\~*8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\AppxAllUserStore\\Applications\\Microsoft.BingNews_4.9.30001.0_neutral*\~*8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\AppxAllUserStore\\Applications\\Microsoft.BingSports_4.36.20714.0_neutral*\~*8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\AppxAllUserStore\\Applications\\Microsoft.BingWeather_4.12.3003.0_neutral*\~*8wekyb3d8bbwe
HKLM\\SYSTEM\\Setup\\Upgrade\\Appx\\DownlevelGather\\AppxAllUserStore\\S-1-5-21-921242894-1989990284-1724683343-1000\\Microsoft.BingFinance_4.7.29001.0_neutral*\~*8wekyb3d8bbwe
HKLM\\SYSTEM\\Setup\\Upgrade\\Appx\\DownlevelGather\\AppxAllUserStore\\S-1-5-21-921242894-1989990284-1724683343-1000\\Microsoft.BingNews_4.9.30001.0_neutral*\~*8wekyb3d8bbwe
HKLM\\SYSTEM\\Setup\\Upgrade\\Appx\\DownlevelGather\\AppxAllUserStore\\S-1-5-21-921242894-1989990284-1724683343-1000\\Microsoft.BingSports_4.36.20714.0_neutral*\~*8wekyb3d8bbwe
HKLM\\SYSTEM\\Setup\\Upgrade\\Appx\\DownlevelGather\\AppxAllUserStore\\S-1-5-21-921242894-1989990284-1724683343-1000\\Microsoft.BingWeather_4.12.3003.0_neutral*\~*8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\PackageInstallState\\Microsoft.Advertising.Xaml_10.1807.9.0_x64__8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\PackageInstallState\\Microsoft.Advertising.Xaml_10.1807.9.0_x86__8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\PackageInstallState\\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\PackageInstallState\\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\PackageInstallState\\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\PackageInstallState\\Microsoft.BingFinance_4.36.20714.0_neutral*\~*8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\PackageInstallState\\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\PackageInstallState\\Microsoft.BingFinance_4.45.22111.0_neutral_split.scale-100_8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\PackageInstallState\\Microsoft.BingFinance_4.45.22111.0_x64__8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\PackageInstallState\\Microsoft.BingFinance_4.7.29001.0_neutral*\~*8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\PackageInstallState\\Microsoft.BingNews_4.54.22741.0_neutral_split.scale-100_8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\PackageInstallState\\Microsoft.BingNews_4.54.22741.0_x64__8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\PackageInstallState\\Microsoft.BingNews_4.9.30001.0_neutral*\~*8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\PackageInstallState\\Microsoft.BingSports_4.36.20714.0_neutral*\~*8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\PackageInstallState\\Microsoft.BingSports_4.36.20714.0_neutral_split.scale-100_8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\PackageInstallState\\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\PackageInstallState\\Microsoft.BingWeather_4.12.3003.0_neutral*\~*8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\PackageInstallState\\Microsoft.BingWeather_4.46.23383.0_neutral_split.scale-100_8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\PackageInstallState\\Microsoft.BingWeather_4.46.23383.0_x64__8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\SisDirectory\\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\SisDirectory\\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\SisDirectory\\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\SisDirectory\\Microsoft.BingFinance_4.36.20714.0_neutral*\~*8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\SisDirectory\\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\SisDirectory\\Microsoft.BingFinance_4.45.22111.0_neutral_split.scale-100_8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\SisDirectory\\Microsoft.BingFinance_4.45.22111.0_x64__8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\SisDirectory\\Microsoft.BingFinance_4.7.29001.0_neutral*\~*8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\SisDirectory\\Microsoft.BingNews_4.36.20714.0_neutral*\~*8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\SisDirectory\\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\SisDirectory\\Microsoft.BingNews_4.54.22741.0_neutral_split.scale-100_8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\SisDirectory\\Microsoft.BingNews_4.54.22741.0_x64__8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\SisDirectory\\Microsoft.BingNews_4.9.30001.0_neutral*\~*8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\SisDirectory\\Microsoft.BingSports_4.36.20714.0_neutral*\~*8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\SisDirectory\\Microsoft.BingSports_4.36.20714.0_neutral_split.scale-100_8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\SisDirectory\\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\SisDirectory\\Microsoft.BingWeather_4.12.3003.0_neutral*\~*8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\SisDirectory\\Microsoft.BingWeather_4.36.20714.0_neutral*\~\_8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\SisDirectory\\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\SisDirectory\\Microsoft.BingWeather_4.46.23383.0_neutral_split.scale-100_8wekyb3d8bbwe
HKLM\\System\\Setup\\Upgrade\\Appx\\DownlevelGather\\SisDirectory\\Microsoft.BingWeather_4.46.23383.0_x64__8wekyb3d8bbwe
HKLM\\System\\CurrentControlSet\\Control\\CrashControl\\AutoReboot \[1\] => \[0\]
HKLM\\System\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\FirewallRules\\{07CFE220-3FED-4B0A-B408-3E26DA36C92F}
HKLM\\System\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\FirewallRules\\{0AF3E05D-C26D-471E-BC30-61707C41DDAC}
HKLM\\System\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\FirewallRules\\{307CAF09-3913-4AD2-94CD-96062D0D2FB7}
HKLM\\System\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\FirewallRules\\{77F448A6-B738-4025-99CB-154829D19CDA}
HKLM\\System\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\FirewallRules\\{90880D1C-9A49-4555-A3E7-B2D58EA260A3}
HKLM\\System\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\FirewallRules\\{A8F76BA6-5688-4CA9-A831-F94E39CC9271}
HKLM\\System\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\FirewallRules\\{C386260E-B728-4B87-8DF3-88B0CA0B2981}
HKLM\\System\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\FirewallRules\\{CD1237F9-0C9D-4EF6-AF05-A85B95648133}
HKLM\\System\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\FirewallRules\\{D9B137B5-A988-4450-8298-29D5334F7A71}
HKLM\\System\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\FirewallRules\\{E1F183ED-2B7A-4C7E-A516-4A77E2D4CA4B}

# CachÃ©s:

C:\\ProgramData\\Microsoft\\Search\\Data\\Applications\\Windows\\GatherLogs\\SystemIndex (F-303)
C:\\Users\\JesÃºs Saavedra\\AppData\\Local\\BraveSoftware\\Brave-Browser\\User Data\\Default\\Cache\\Cache_Data (F-133)
C:\\Users\\JesÃºs Saavedra\\AppData\\Local\\BraveSoftware\\Brave-Browser\\User Data\\Default\\Code Cache\\js (F-250)
C:\\Users\\JesÃºs Saavedra\\AppData\\Local\\D3DSCache (D-0)
C:\\Users\\JesÃºs Saavedra\\AppData\\Local\\Google\\Chrome\\User Data\\Profile 1\\Cache\\Cache_Data (F-681)
C:\\Users\\JesÃºs Saavedra\\AppData\\Local\\Google\\Chrome\\User Data\\Profile 1\\Code Cache\\js (F-3276)
C:\\Users\\JesÃºs Saavedra\\AppData\\Local\\Microsoft\\TokenBroker\\Cache (F-12)
C:\\Users\\JesÃºs Saavedra\\AppData\\Local\\Microsoft\\Windows\\ActionCenterCache (F-0)
C:\\Users\\JesÃºs Saavedra\\AppData\\Local\\Microsoft\\Windows\\INetCache\\IE (D-4)
C:\\Users\\JesÃºs Saavedra\\AppData\\Local\\Mozilla\\Firefox\\Profiles<Profile>\\cache2\\entries (F-146)
C:\\Users\\JesÃºs Saavedra\\AppData\\Local\\Temp (D-85)
C:\\Users\\JesÃºs Saavedra\\AppData\\LocalLow\\Sun\\Java\\Deployment\\cache\\6.0 (D-66)
C:\\Users\\JesÃºs Saavedra\\AppData\\LocalLow\\uTorrent.WebView2\\EBWebView\\Default\\Cache\\Cache_Data (F-0)
C:\\Users\\JesÃºs Saavedra\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles<Profile>\\shader-cache (F-15)
C:\\Users\\JesÃºs Saavedra\\AppData\\Roaming\\obs-studio\\logs (F-1)
C:\\WINDOWS\\CbsTemp (F-0)
C:\\WINDOWS\\Logs\\CBS (F-3)
C:\\WINDOWS\\Logs\\SIH (F-11)
C:\\WINDOWS\\Logs\\WindowsUpdate (F-130)
C:\\WINDOWS\\ServiceProfiles\\LocalService\\AppData\\Local\\FontCache\\Fonts (F-1)
C:\\WINDOWS\\ServiceProfiles\\LocalService\\AppData\\Local\\Temp (F-0)
C:\\WINDOWS\\ServiceProfiles\\NetworkService\\AppData\\Local\\Microsoft\\Windows\\DeliveryOptimization\\Logs (F-270)
C:\\WINDOWS\\ServiceProfiles\\NetworkService\\AppData\\Local\\Microsoft\\Windows\\INetCache (F-0)
C:\\WINDOWS\\ServiceProfiles\\NetworkService\\AppData\\Local\\Temp (F-24)
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local (D-11591)
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\D3DSCache (D-1)
C:\\WINDOWS\\SystemTemp (D-4)
C:\\WINDOWS\\SystemTemp (F-8)
C:\\WINDOWS\\Temp (F-14)

# Paquetes:

Microsoft.Advertising.Xaml_10.1807.9.0_x64__8wekyb3d8bbwe
Microsoft.Advertising.Xaml_10.1807.9.0_x86__8wekyb3d8bbwe
Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe
Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe
Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe
Microsoft.BingFinance_4.53.61371.0_x64__8wekyb3d8bbwe
Microsoft.BingFinance_4.53.63386.0_x64__8wekyb3d8bbwe
Microsoft.BingNews_4.55.62231.0_x64__8wekyb3d8bbwe
Microsoft.BingSearch_1.1.34.0_x64__8wekyb3d8bbwe
Microsoft.BingSports_4.54.31792.0_x64__8wekyb3d8bbwe
Microsoft.BingWeather_4.54.63007.0_x64__8wekyb3d8bbwe
Microsoft.BingWeather_4.54.63026.0_x64__8wekyb3d8bbwe
Microsoft.Edge.GameAssist_1.0.3456.0_x64__8wekyb3d8bbwe

# MiscelÃ¡neo:

\[?\] AntiVirus Software: Windows Defender
\[?\] Se borraron los registros del Visor de eventos
\[?\] Se cancelaron todos los trabajos en la cola de transferencia

HKLM\\Software\\Microsoft\\Windows Defender\\Exclusions\\Extensions

HKLM\\Software\\Microsoft\\Windows Defender\\Exclusions\\IpAddresses

HKLM\\Software\\Microsoft\\Windows Defender\\Exclusions\\Paths
C:\\Program Files (x86)\\Adobe\\Acrobat DC\\Acrobat\\amtlib.dll    REG_DWORD    0x0

HKLM\\Software\\Microsoft\\Windows Defender\\Exclusions\\Processes

HKLM\\Software\\Microsoft\\Windows Defender\\Exclusions\\TemporaryPaths

---

C:\\ProgramData\\Microsoft\\Windows Defender\\Platform\\4.18.25040.2-0
C:\\ProgramData\\Microsoft\\Windows Defender\\Platform\\4.18.25060.7-0
C:\\ProgramData\\Microsoft\\Windows Defender\\Platform\\4.18.25070.5-0
C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\139.0.3405.125
Event\[0\]:
Log Name: Microsoft-Windows-Windows Defender/Operational
Source: Microsoft-Windows-Windows Defender
Date: 2025-01-28T10:55:04.5710000Z
Event ID: 3002
Task: N/A
Level: Error
Opcode: Información
Keyword: N/A
User: S-1-5-18
User Name: NT AUTHORITY\\SYSTEM
Computer: JSPC
Description:
La característica Protección en tiempo real de Microsoft Defender Antivirus encontró un error:
Característica: On Access
Código de error: 0x80004005
Descripción del error: Unspecified error
Motivo: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.

Event\[1\]:
Log Name: Microsoft-Windows-Windows Defender/Operational
Source: Microsoft-Windows-Windows Defender
Date: 2025-05-09T00:14:48.1610000Z
Event ID: 3002
Task: N/A
Level: Error
Opcode: Información
Keyword: N/A
User: S-1-5-18
User Name: NT AUTHORITY\\SYSTEM
Computer: JSPC
Description:
La característica Protección en tiempo real de Microsoft Defender Antivirus encontró un error:
Característica: On Access
Código de error: 0x8007043c
Descripción del error: This service cannot be started in Safe Mode
Motivo: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Event\[2\]:
Log Name: Microsoft-Windows-Windows Defender/Operational
Source: Microsoft-Windows-Windows Defender
Date: 2025-05-09T13:46:13.1440000Z
Event ID: 3002
Task: N/A
Level: Error
Opcode: Información
Keyword: N/A
User: S-1-5-18
User Name: NT AUTHORITY\\SYSTEM
Computer: JSPC
Description:
La característica Protección en tiempo real de Microsoft Defender Antivirus encontró un error:
Característica: On Access
Código de error: 0x8007043c
Descripción del error: This service cannot be started in Safe Mode
Motivo: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Event\[3\]:
Log Name: Microsoft-Windows-Windows Defender/Operational
Source: Microsoft-Windows-Windows Defender
Date: 2025-05-09T13:54:21.2650000Z
Event ID: 3002
Task: N/A
Level: Error
Opcode: Información
Keyword: N/A
User: S-1-5-18
User Name: NT AUTHORITY\\SYSTEM
Computer: JSPC
Description:
La característica Protección en tiempo real de Microsoft Defender Antivirus encontró un error:
Característica: On Access
Código de error: 0x8007043c
Descripción del error: This service cannot be started in Safe Mode
Motivo: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Event\[4\]:
Log Name: Microsoft-Windows-Windows Defender/Operational
Source: Microsoft-Windows-Windows Defender
Date: 2025-08-25T13:11:53.6690000Z
Event ID: 3002
Task: N/A
Level: Error
Opcode: Información
Keyword: N/A
User: S-1-5-18
User Name: NT AUTHORITY\\SYSTEM
Computer: JSPC
Description:
La característica Protección en tiempo real de Microsoft Defender Antivirus encontró un error:
Característica: On Access
Código de error: 0x80004005
Descripción del error: Unspecified error
Motivo: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.

C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CrashDumps\\svchost.exe.10384.dmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CrashDumps\\svchost.exe.10484.protected.dmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CrashDumps\\svchost.exe.11292.dmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CrashDumps\\svchost.exe.22800.dmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CrashDumps\\svchost.exe.3644.dmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CrashDumps\\svchost.exe.6120.dmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CrashDumps\\svchost.exe.7148.protected.dmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CrashDumps\\wuauclt.exe.1360.dmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CrashDumps\\wuauclt.exe.5764.dmp
C:\\WINDOWS\\System32\\config\\systemprofile\\AppData\\Local\\CrashDumps\\wuauclt.exe.9152.dmp

\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\* EOF DNB \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*

socgom · 4 Septiembre, 2025 19:53

Disculpe, @furtivex, el log anterior es del ejecutable DoesNotBelong. A continuación, sí pegaré los registros del Farbar… FSRT.txt y Addition.txt

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 21-08-2025
Ejecutado por Jesús I. Saavedra (administrador) sobre JSPC (TOSHIBA Satellite L755) (04-09-2025 13:01:21)
Ejecutado desde C:\Users\Jesús Saavedra\Desktop\FRST64.exe
Perfiles cargados: Jesús I. Saavedra
Plataforma: Microsoft Windows 10 Home Versión 22H2 19045.6282 (X64) Idioma: Inglés (Estados Unidos) -> Español (México)
Navegador predeterminado: Chrome
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe ->) (International Business Machines Corporation -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
(C:\Program Files\Privax\HMA VPN\VpnSvc.exe ->) (Privax Limited -> Privax Limited) C:\Program Files\Privax\HMA VPN\Vpn.exe <4>
(cmd.exe ->) (International Business Machines Corporation -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportHelper.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <26>
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(scrnsave.scr ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe <5>
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (International Business Machines Corporation -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25070.5-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25070.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>
(services.exe ->) (Privax Limited -> Privax Limited) C:\Program Files\Privax\HMA VPN\VpnSvc.exe
(services.exe ->) (Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2534.2.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(winlogon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\scrnsave.scr

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [310912 2011-03-25] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [562304 2011-07-01] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1544624 2011-05-24] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2011-06-10] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597936 2011-07-27] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38824 2011-06-28] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [10752424 2025-01-14] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [dAR] => C:\Program Files\Dynabook\dynabook Adapter Recall\dynabookRecall.exe [4390416 2024-03-13] (Dynabook Inc. -> Dynabook Inc.)
HKLM\...\Run: [Avast Driver Updater UI] => C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe [7889712 2025-07-15] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM-x32\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [252792 2010-06-05] (TOSHIBA CORPORATION -> TOSHIBA)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion -> Research In Motion Limited)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [9238408 2025-03-21] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5237416 2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [NBKeyScan] => C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2221352 2008-06-10] (Nero AG -> Nero AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [752208 2024-12-04] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\113.0.1.0\GoogleDriveFS.exe [67045528 2025-08-25] (Google LLC -> Google LLC.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\113.0.1.0\GoogleDriveFS.exe [67045528 2025-08-25] (Google LLC -> Google LLC.)
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-09] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5536424 2021-03-06] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\Run: [org.whispersystems.signal-desktop] => C:\Users\Jesús Saavedra\AppData\Local\Programs\signal-desktop\Signal.exe [180826560 2024-08-21] (Signal Messenger, LLC -> Signal Messenger, LLC)
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\113.0.1.0\GoogleDriveFS.exe [67045528 2025-08-25] (Google LLC -> Google LLC.)
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\MountPoints2: {25113309-83ff-11eb-afaa-047d7b0ddb38} - "E:\IDDApp.exe" 
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\scrnsave.scr [39936 2024-05-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-921242894-1989990284-1724683343-1003\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\113.0.1.0\GoogleDriveFS.exe [67045528 2025-08-25] (Google LLC -> Google LLC.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\113.0.1.0\GoogleDriveFS.exe [67045528 2025-08-25] (Google LLC -> Google LLC.)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\SUGS1PC: C:\Windows\System32\spool\prtprocs\x64\sugs1pc.dll [27648 2006-08-21] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Server 2003 DDK provider)
HKLM\...\Windows x64\Print Processors\usp02PC: C:\Windows\System32\spool\prtprocs\x64\usp02pc.dll [43520 2014-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65496 2021-03-06] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [46080 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\usp02 Langmon: C:\WINDOWS\system32\usp02l.dll [29184 2014-04-16] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{F871DB00-5C93-4B4D-9F0B-A4FAEC8D6BD6}] -> RunDLL32 IEDKCS32.DLL,BrandIE4 CUSTOM
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\139.0.7258.155\Installer\chrmstp.exe [2025-08-30] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\139.1.81.137\Installer\chrmstp.exe [2025-08-29] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
HKLM\Software\...\Winlogon\GPExtensions: [{6cfb9c5c-138e-4bb3-8a3d-d5383e910e57}] -> %SystemRoot%\System32\RdpGroupPolicyExtension.dll
StartupCommonDir: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inicio <==== ATENCIÓN
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inicio\HMA VPN.lnk [2021-02-27]
ShortcutTarget: HMA VPN.lnk -> C:\Program Files\Privax\HMA VPN\Vpn.exe (Privax Limited -> Privax Limited)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HMA VPN.lnk [2025-08-28]
ShortcutTarget: HMA VPN.lnk -> C:\Program Files\Privax\HMA VPN\Vpn.exe (Privax Limited -> Privax Limited)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-12-13]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)

==================== Tareas programadas (Lista blanca) =================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {4C1E0492-9D6D-44E5-A237-C75017294B41} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN
Task: {64B476CF-C3D2-4328-AFC2-4278EF0F385B} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [6089064 2025-08-28] (Microsoft Windows -> Microsoft Corporation)
Task: {AA7E81FD-42F2-4662-93EB-46120EFA2582} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25070.5-0\MpCmdRun.exe [1778240 2025-08-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DEAE26FB-D4D0-4374-BE4C-EF4B2F9A33CC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25070.5-0\MpCmdRun.exe [1778240 2025-08-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9FEE2339-9402-455F-9C6F-F01F9D21A65D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25070.5-0\MpCmdRun.exe [1778240 2025-08-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B5A50E4C-983D-42CB-876A-F2A11E202E8F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25070.5-0\MpCmdRun.exe [1778240 2025-08-06] (Microsoft Windows Publisher -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{501222ea-ffcf-49af-ab0c-08574d71e5a2}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{501222ea-ffcf-49af-ab0c-08574d71e5a2}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{501222ea-ffcf-49af-ab0c-08574d71e5a2}: [DhcpDomain] bbrouter
Tcpip\..\Interfaces\{501222ea-ffcf-49af-ab0c-08574d71e5a2}\071626C6F602563736F6261627: [NameServer] 8.8.8.8,4.4.4.4
Tcpip\..\Interfaces\{501222ea-ffcf-49af-ab0c-08574d71e5a2}\071626C6F602563736F6261627: [DhcpNameServer] 2.56.212.107 8.8.8.8
Tcpip\..\Interfaces\{501222ea-ffcf-49af-ab0c-08574d71e5a2}\1424143414E445657594649424736343: [NameServer] 8.8.8.8,4.4.4.4
Tcpip\..\Interfaces\{501222ea-ffcf-49af-ab0c-08574d71e5a2}\1424143414E445657594649424736343: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{501222ea-ffcf-49af-ab0c-08574d71e5a2}\4514E4944514: [NameServer] 8.8.8.8,4.4.4.4
Tcpip\..\Interfaces\{501222ea-ffcf-49af-ab0c-08574d71e5a2}\4514E4944514: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{501222ea-ffcf-49af-ab0c-08574d71e5a2}\4716E6964716: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{501222ea-ffcf-49af-ab0c-08574d71e5a2}\4716E6964716: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{501222ea-ffcf-49af-ab0c-08574d71e5a2}\4796D61687132353: [NameServer] 8.8.8.8,4.4.4.4
Tcpip\..\Interfaces\{501222ea-ffcf-49af-ab0c-08574d71e5a2}\4796D61687132353: [DhcpNameServer] 1.1.1.1 1.0.0.1
Tcpip\..\Interfaces\{501222ea-ffcf-49af-ab0c-08574d71e5a2}\64275656A75627: [NameServer] 8.8.8.8,4.4.4.4
Tcpip\..\Interfaces\{501222ea-ffcf-49af-ab0c-08574d71e5a2}\64275656A75627: [DhcpNameServer] 93.115.21.107 8.8.8.8

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Jesús Saavedra\AppData\Local\Microsoft\Edge\User Data\Default [2025-09-01]
Edge Session Restore: Default -> está habilitado.
Edge Extension: (Documentos de Google sin conexión) - C:\Users\Jesús Saavedra\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-08-31]
Edge Extension: (Edge relevant text changes) - C:\Users\Jesús Saavedra\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-27]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

FireFox:
========
FF DefaultProfile: 0l25fxnq.default-1435434660898-1742778137432
FF ProfilePath: C:\Users\Jesús Saavedra\AppData\Roaming\Mozilla\Firefox\Profiles\0l25fxnq.default-1435434660898-1742778137432 [2025-09-03]
FF Extension: (IBM Security Rapport) - C:\Users\Jesús Saavedra\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] [2018-06-07] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Jesús Saavedra\AppData\Roaming\Mozilla\Firefox\Profiles\0l25fxnq.default-1435434660898-1742778137432\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2025-09-03]
FF Extension: (Skype Click to Call) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2017-08-26] [Heredado] [no firmado]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-03-05]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => no encontrado
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8877}] - C:\Users\Jesús Saavedra\AppData\Local\GAS Tecnologia\GBBD\bdv\xpi => no encontrado
FF Plugin: @java.com/DTPlugin,version=11.441.2 -> C:\Program Files\Java\jre1.8.0_441\bin\dtplugin\npDeployJava1.dll [2024-12-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.441.2 -> C:\Program Files\Java\jre1.8.0_441\bin\plugin2\npjp2.dll [2024-12-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-24] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [Ningún archivo]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-04-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-24] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Ningún archivo]
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-09-30] (RealNetworks, Inc.) [Archivo no firmado]
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-09-30] (RealNetworks, Inc.) [Archivo no firmado]
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-12-13] (Research In Motion -> )
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1990.6\npCCleanerBrowserUpdate3.dll [Ningún archivo]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1990.6\npCCleanerBrowserUpdate3.dll [Ningún archivo]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: gastecnologia.com.br/sf/bdv -> C:\WINDOWS\system32\config\systemprofile\AppData\Local\GAS Tecnologia\GBBD\npsf_bdv.dll [Ningún archivo]
FF Plugin HKU\S-1-5-21-921242894-1989990284-1724683343-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [Ningún archivo]
FF Plugin HKU\S-1-5-21-921242894-1989990284-1724683343-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [Ningún archivo]
FF Plugin ProgramFiles/Appdata: C:\Users\Jesús Saavedra\AppData\Roaming\mozilla\plugins\npatgpc.dll [2020-05-18]

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Guest Profile [2025-09-01]
CHR Profile: C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Profile 1 [2025-09-04]
CHR HomePage: Profile 1 -> hxxp://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxp://www.google.co.ve/"
CHR Session Restore: Profile 1 -> está habilitado.
CHR Extension: (IBM Security Rapport) - C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2025-02-21]
CHR Extension: (MEGA) - C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2025-08-29] [UpdateUrl:hxxps://mega.nz/firefox-web-extension-updates.json] <==== ATENCIÓN
CHR Extension: (Tampermonkey) - C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2024-12-20]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-09-03]
CHR Extension: (descargador de videos - CocoCut) - C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ekhbcipncbkfpkaianbjbcbmfehjflpf [2025-08-01]
CHR Extension: (OrangeMonkey) - C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ekmeppjgajofkpiofbebgcbohbmfldaf [2025-03-05]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-08-23]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2025-08-28]
CHR Extension: (Selector de aplicaciones para Drive (de Google)) - C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2025-03-24]
CHR Extension: (Boomerang for Gmail) - C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2025-07-31]
CHR Extension: (Cloudflare Optics) - C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mdjgbjnbdnhneejmmaabmccfehigbjbe [2025-05-21]
CHR Extension: (Email Tracker de Mailtrack®) - C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2025-09-04]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-03-17]
CHR Extension: (Postlight Reader) - C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oknpjjbmpnndlpmnhmekjpocelpnlfdi [2024-08-01]
CHR Extension: (Browsec VPN - Free VPN for Chrome) - C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2025-09-03]
CHR Profile: C:\Users\Jesús Saavedra\AppData\Local\Google\Chrome\User Data\System Profile [2025-09-01]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKU\S-1-5-21-921242894-1989990284-1724683343-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]
CHR HKU\S-1-5-21-921242894-1989990284-1724683343-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKU\S-1-5-21-921242894-1989990284-1724683343-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ekmeppjgajofkpiofbebgcbohbmfldaf]
CHR HKU\S-1-5-21-921242894-1989990284-1724683343-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-921242894-1989990284-1724683343-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [odifdffdmeannfboglpliamjmoggdmci] - C:\Users\Jesús Saavedra\AppData\Local\GAS Tecnologia\GBBD\bdv\sf.crx <no encontrado>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ekmeppjgajofkpiofbebgcbohbmfldaf]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]

Opera: 
=======
OPR DefaultProfile: Default
StartMenuInternet: (HKU\S-1-5-21-921242894-1989990284-1724683343-1000) OperaStable - "C:\Users\Jesús Saavedra\AppData\Local\Programs\Opera\opera.exe"

Brave: 
=======
BRA Profile: C:\Users\Jesús Saavedra\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2025-09-03]
BRA Extension: (IBM Security Rapport) - C:\Users\Jesús Saavedra\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2025-07-02]
BRA Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jesús Saavedra\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-09-02]
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\Jesús Saavedra\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2025-08-30]
BRA Extension: (Selector de aplicaciones para Drive (de Google)) - C:\Users\Jesús Saavedra\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2025-07-02]
BRA Extension: (Brave Ad Block Updater (Brave First Party Adblock Filters (plaintext))) - C:\Users\Jesús Saavedra\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2025-08-30]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Jesús Saavedra\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2025-09-01]
BRA Extension: (Brave NTP background images) - C:\Users\Jesús Saavedra\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2025-07-02]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\Jesús Saavedra\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2025-09-03]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\Jesús Saavedra\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2025-09-03]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Jesús Saavedra\AppData\Local\BraveSoftware\Brave-Browser\User Data\ebcoibiagpkgmjjidmmdanbckdofjhic [2025-07-02]
BRA Extension: (Brave Ad Block Updater (EasyList Spanish (plaintext))) - C:\Users\Jesús Saavedra\AppData\Local\BraveSoftware\Brave-Browser\User Data\fejmaeodjeekfldnbegjagemjgnmhfof [2025-09-03]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\Jesús Saavedra\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2025-08-30]
BRA Extension: (Brave Ad Block Updater (Brave Default Adblock Filters (plaintext))) - C:\Users\Jesús Saavedra\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2025-09-03]
BRA Extension: (Brave Ad Block Updater (Brave Default Privacy Filters (plaintext))) - C:\Users\Jesús Saavedra\AppData\Local\BraveSoftware\Brave-Browser\User Data\kihnoaefogbkmblfimmibknnmkllbhlf [2025-09-02]
BRA Extension: (Brave Ad Block Updater (Adguard Spanish/Portuguese (plaintext))) - C:\Users\Jesús Saavedra\AppData\Local\BraveSoftware\Brave-Browser\User Data\meimhmgfbckapkbbbdaoefgnbppmkodp [2025-09-02]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\Jesús Saavedra\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2025-07-31]
BRA Extension: (Brave User Agent) - C:\Users\Jesús Saavedra\AppData\Local\BraveSoftware\Brave-Browser\User Data\nlpaeekllejnmhoonlpcefpfnpbajbpe [2025-09-02]
BRA Extension: (P3A Configuration) - C:\Users\Jesús Saavedra\AppData\Local\BraveSoftware\Brave-Browser\User Data\P3AConfig [2025-08-08]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S3 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [11081128 2025-01-14] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103760 2025-02-28] (Apple Inc. -> Apple Inc.)
S2 AvastDriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [18335536 2025-07-15] (Avast Software s.r.o. -> Gen Digital Inc.)
S4 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [Archivo no firmado]
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167440 2025-07-02] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveElevationService; C:\Program Files\BraveSoftware\Brave-Browser\Application\139.1.81.137\elevation_service.exe [3199568 2025-08-27] (Brave Software, Inc. -> Brave Software, Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167440 2025-07-02] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 CMGJobService; C:\Program Files (x86)\CMG\CMGJobService\CMG.JobService.exe [70672 2015-07-02] (Computer Modelling Group Ltd. -> Computer Modelling Group Ltd.)
S3 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2022-01-14] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2022-01-14] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [48528 2025-03-21] (Dropbox, Inc -> Dropbox, Inc.)
S3 DropboxElevationService; C:\Program Files (x86)\Dropbox\Client\221.3.5229\DropboxElevationService.exe [1659280 2025-03-21] (Dropbox, Inc -> Dropbox, Inc.)
S3 DSDFunctionKeyCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_9a8e578dc9a18977\DSDFunctionKeyCtlService.exe [708792 2023-12-14] (Dynabook Inc. -> Dynabook Inc.)
S3 DSDTabletControlService; C:\WINDOWS\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_9a8e578dc9a18977\DSDTabSysSvc.exe [330288 2023-12-14] (Dynabook Inc. -> Dynabook Inc.)
S3 DSDWirelessLEDCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_9a8e578dc9a18977\RMService.exe [480184 2023-12-14] (Dynabook Inc. -> Dynabook Inc.)
S3 dynabookRecallService; C:\WINDOWS\System32\DriverStore\FileRepository\dvalz_o.inf_amd64_0f1c4b158e8d1b75\dynabookRecall.exe [4390416 2024-03-13] (Dynabook Inc. -> Dynabook Inc.)
S3 dynabookSettingService; C:\WINDOWS\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_9a8e578dc9a18977\dynabookSystemService.exe [24155360 2023-12-14] (Dynabook Inc. -> Dynabook Inc.)
S4 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [167936 2010-04-06] (Brio) [Archivo no firmado]
R2 HmaProVpn; C:\Program Files\Privax\HMA VPN\VpnSvc.exe [13957408 2025-08-20] (Privax Limited -> Privax Limited)
S4 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [378744 2020-03-31] (HP Inc. -> HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2015-09-08] (Macrovision Corporation) [Archivo no firmado]
S3 Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [1737728 2015-04-29] (Lavasoft Limited) [Archivo no firmado]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8965728 2025-07-20] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25070.5-0\MpDefenderCoreService.exe [2050952 2025-08-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-06-10] (Nero AG -> Nero AG)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Archivo no firmado]
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [126392 2011-07-19] (Symantec Corporation -> Symantec Corporation)
S2 PCManager Service Store; C:\Program Files\WindowsApps\Microsoft.MicrosoftPCManager_3.17.12.0_x64__8wekyb3d8bbwe\PCManager\MSPCManagerService.exe [154168 2025-08-20] (Microsoft Corporation -> MSPCManagerService)
S2 PLFlash DeviceIoControl Service; C:\windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [Archivo no firmado]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Archivo no firmado]
S3 ProtonVPN Service; C:\Program Files\Proton\VPN\v3.3.0\ProtonVPNService.exe [474848 2024-07-29] (Proton AG -> ProtonVPN)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2952536 2024-06-05] (International Business Machines Corporation -> IBM Corp.)
S2 rlm64; C:\Program Files (x86)\CMG\RLMSecure\Win_x64\rlm.exe [2106368 2015-07-02] (Computer Modelling Group Ltd. -> Reprise Software Inc.)
S3 SamsungUPDUtilSvc; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [118576 2014-11-26] (Samsung Electronics CO., LTD. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25070.5-0\NisSrv.exe [4517784 2025-08-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25070.5-0\MsMpEng.exe [282464 2025-08-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ccleaner; "C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe" /svc [X]
S3 ccleanerm; "C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe" /medsvc [X]

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [282624 2023-08-10] (Microsoft Corporation) [Archivo no firmado]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [147968 2022-04-14] (Microsoft Corporation) [Archivo no firmado]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [76800 2019-12-07] (Microsoft Corporation) [Archivo no firmado]
S2 DgiVecp; C:\WINDOWS\System32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S2 DgiVecp; C:\Windows\SysWOW64\Drivers\DgiVecp.sys [41984 2004-05-17] (DeviceGuys, Inc.) [Archivo no firmado]
S3 dhotkey; C:\WINDOWS\System32\drivers\dhotkey.sys [52736 2023-03-22] (Dynabook Inc. -> Dynabook Inc.)
R1 dsrvctldrv; C:\WINDOWS\System32\drivers\dsrvctldrv.sys [30376 2023-12-14] (Dynabook Inc. -> Dynabook Inc.)
R0 DVALZ_O; C:\WINDOWS\System32\drivers\DVALZ_O.SYS [49800 2024-03-13] (Dynabook Inc. -> Dynabook Inc.)
R2 googledrivefs31931; C:\Program Files\Google\Drive File Stream\Drivers\31931\googledrivefs31931.sys [386256 2025-05-12] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [332184 2025-08-06] (Microsoft Windows -> Microsoft Corporation)
S3 Lavasoft Kernexplorer; C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17152 2015-04-29] (Lavasoft Limited -> )
R0 Lbd; C:\WINDOWS\System32\DRIVERS\Lbd.sys [69152 2010-08-12] (Lavasoft AB -> Lavasoft AB)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [231504 2025-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2025-07-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2025-07-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2013-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 ProtonVPNCallout; C:\Program Files\Proton\VPN\v3.3.0\Resources\ProtonVPN.CalloutDriver.sys [37768 2024-07-29] (Proton AG -> Proton Technologies AG)
S3 pvxVpnRdr; C:\WINDOWS\System32\drivers\pvxVpnRdr.sys [85760 2025-02-06] (Microsoft Windows Hardware Compatibility Publisher -> Privax Limited)
R3 QIOMem; C:\WINDOWS\System32\drivers\QIOMem.sys [22736 2015-05-28] (WDKTestCert 1,130752733198717037 -> TOSHIBA)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [482696 2024-06-05] (International Business Machines Corporation -> IBM Corp.)
R1 RapportCerberus_2309062; c:\programdata\trusteer\rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_2309062.sys [1498504 2024-09-12] (International Business Machines Corporation -> IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [572400 2024-06-05] (International Business Machines Corporation -> IBM Corp.)
R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [429960 2024-06-05] (International Business Machines Corporation -> IBM Corp.)
R0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [480648 2024-06-05] (International Business Machines Corporation -> IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [587248 2024-06-05] (International Business Machines Corporation -> IBM Corp.)
S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2020-10-14] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
R3 RimVSerPort; C:\WINDOWS\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Research in Motion Ltd)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2019-12-07] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [166288 2017-05-19] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2018-05-16] (TunnelBear, Inc. -> The OpenVPN Project)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [49120 2021-11-18] (Dynabook Inc. -> Dynabook Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20888 2025-08-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [627120 2025-08-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [101792 2025-08-06] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2025-09-04 13:01 - 2025-09-04 13:19 - 000041573 ____C C:\Users\Jesús Saavedra\Desktop\FRST.txt
2025-09-04 12:52 - 2025-09-04 13:13 - 000000000 ___DC C:\FRST
2025-09-04 12:50 - 2025-09-04 12:50 - 002409472 ____C (Farbar) C:\Users\Jesús Saavedra\Desktop\FRST64.exe
2025-09-04 12:26 - 2025-09-04 12:26 - 000052118 ____C C:\Users\Jesús Saavedra\Desktop\DoesNotBelong_2025_09_04__12_04_33.txt
2025-09-04 12:26 - 2025-09-04 12:26 - 000052118 ____C C:\DoesNotBelong_2025_09_04__12_04_33.txt
2025-09-04 12:09 - 2025-09-04 12:09 - 000003658 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2025-09-04 11:47 - 2025-09-04 11:49 - 003175774 ____C (Furtivex) C:\Users\Jesús Saavedra\Downloads\DoesNotBelong.exe
2025-09-03 14:17 - 2025-09-03 14:17 - 000178588 ____C C:\Users\Jesús Saavedra\Desktop\E-TICKET ITINERARY RECEIPT - JORDAN SHARON.pdf
2025-08-31 15:52 - 2025-08-31 15:53 - 000000000 ____D C:\Program Files\Defraggler
2025-08-31 15:52 - 2025-08-31 15:52 - 000001736 _____ C:\Users\Public\Desktop\Defraggler.lnk
2025-08-31 15:52 - 2025-08-31 15:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2025-08-31 15:51 - 2025-08-31 15:51 - 007466056 ____C (Piriform Software Ltd) C:\Users\Jesús Saavedra\Downloads\defraggler-2.22.995-installer.exe
2025-08-31 11:51 - 2025-08-31 11:51 - 000000000 ____D C:\Users\DevToolsUser
2025-08-31 11:51 - 2025-08-31 11:51 - 000000000 ____D C:\ProgramData\DeveloperTools
2025-08-31 11:51 - 2021-03-17 17:57 - 000000000 ____D C:\Users\DevToolsUser\AppData\Roaming\Microsoft\Network
2025-08-31 11:51 - 2021-03-17 17:26 - 000000000 ____D C:\Users\DevToolsUser\AppData\Roaming\Microsoft\Windows
2025-08-31 11:51 - 2017-07-04 21:15 - 000000000 ____D C:\Users\DevToolsUser\AppData\Roaming\Mozilla
2025-08-31 11:51 - 2016-09-18 11:36 - 000000000 ____D C:\Users\DevToolsUser\AppData\Roaming\TuneUp Software
2025-08-31 11:51 - 2016-09-18 11:36 - 000000000 ____D C:\Users\DevToolsUser\AppData\Roaming\RealNetworks
2025-08-31 11:51 - 2016-09-18 11:36 - 000000000 ____D C:\Users\DevToolsUser\AppData\Roaming\Media Center Programs
2025-08-31 11:51 - 2016-09-18 11:36 - 000000000 ____D C:\Users\DevToolsUser\AppData\LocalGoogle
2025-08-31 11:51 - 2016-09-18 11:36 - 000000000 ____D C:\Users\DevToolsUser\AppData\Local\Trusteer
2025-08-31 11:51 - 2016-09-18 11:36 - 000000000 ____D C:\Users\DevToolsUser\AppData\Local\Microsoft Help
2025-08-31 11:51 - 2016-09-18 11:36 - 000000000 ____D C:\Users\DevToolsUser\AppData\Local\Google
2025-08-31 11:51 - 2016-09-18 11:36 - 000000000 ____D C:\Users\DevToolsUser\AppData\Local\AVG
2025-08-31 11:36 - 2025-08-31 11:36 - 000000000 __RSD C:\WINDOWS\SysWOW64\WindowsDevicePortal
2025-08-31 11:36 - 2025-08-31 11:36 - 000000000 __RSD C:\WINDOWS\system32\WindowsDevicePortal
2025-08-31 11:36 - 2025-08-31 11:36 - 000000000 ___RD C:\WINDOWS\WebManagement
2025-08-29 21:46 - 2025-08-29 21:46 - 000000000 ____D C:\Users\Jesús Saavedra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2025-08-12 10:21 - 2025-08-12 10:21 - 000072483 ____C C:\Users\Jesús Saavedra\Desktop\_Mi Rancho_ El Vigía (marzo 2022 a agosto 2025, chequeado hasta 12Jul2022, falta agregar.xlsx
2025-08-09 11:48 - 2025-08-09 17:59 - 000009553 ____C C:\Users\Jesús Saavedra\Desktop\Links  pestañas agosto 2025.txt

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2025-09-04 13:15 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-09-04 12:26 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-09-04 12:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-09-04 12:25 - 2017-12-21 15:24 - 000000000 ____D C:\Users\Jesús Saavedra\AppData\Local\Packages
2025-09-04 12:21 - 2025-02-13 21:29 - 000000000 ____D C:\Program Files\CCleaner
2025-09-04 12:21 - 2024-01-19 07:43 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2025-09-04 12:21 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2025-09-04 12:19 - 2021-04-20 07:51 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2025-09-04 12:18 - 2021-12-15 11:40 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-09-04 12:03 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2025-09-04 12:03 - 2009-07-13 23:20 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2025-09-04 11:00 - 2024-09-14 10:28 - 000000000 ___DC C:\Users\Jesús Saavedra\Documents\Correos mas pesados, borrados de gmail JS Sep2024
2025-09-04 09:50 - 2019-10-04 01:22 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2025-09-04 09:24 - 2021-03-17 17:10 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-09-04 09:24 - 2020-01-29 12:51 - 000000000 ____D C:\ProgramData\Reprise
2025-09-03 14:01 - 2021-03-17 17:18 - 000006296 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-09-03 13:52 - 2021-03-17 18:28 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-09-03 13:51 - 2021-03-17 17:10 - 000008192 ___SH C:\DumpStack.log.tmp
2025-09-03 12:54 - 2015-03-03 11:17 - 000000000 ___DC C:\Users\Jesús Saavedra\Documents\POLÍTICA
2025-09-03 12:44 - 2012-03-05 18:17 - 000000000 ___DC C:\Users\Jesús Saavedra\AppData\Roaming\Microsoft\PowerPoint
2025-09-03 12:03 - 2020-07-29 03:15 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-09-03 12:03 - 2015-05-05 14:54 - 000000000 ___DC C:\Program Files (x86)\Mozilla Maintenance Service
2025-09-02 22:08 - 2022-02-08 23:05 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-09-02 22:05 - 2018-04-24 13:05 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-09-02 19:32 - 2025-07-14 20:09 - 000002452 _____ C:\Users\Jesús Saavedra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-09-01 08:40 - 2018-02-02 14:36 - 000000000 ____D C:\Users\Jesús Saavedra\AppData\Roaming\Telegram Desktop
2025-09-01 08:07 - 2018-06-17 16:07 - 000000000 ____D C:\Users\Jesús Saavedra\AppData\Local\D3DSCache
2025-09-01 08:06 - 2018-02-06 15:57 - 000000000 ____D C:\Users\Jesús Saavedra\AppData\Roaming\Zoom
2025-09-01 08:02 - 2021-10-06 16:25 - 000000000 ____D C:\Users\Jesús Saavedra\AppData\Local\CrashDumps
2025-08-31 15:14 - 2019-04-17 23:15 - 000000000 ____D C:\Users\Jesús Saavedra\AppData\Roaming\vlc
2025-08-31 14:55 - 2023-09-10 10:24 - 000000000 ___DC C:\Users\Jesús Saavedra\Desktop\HELENA SAAVEDRA
2025-08-31 11:51 - 2021-03-17 20:41 - 000000000 ____D C:\ProgramData\ssh
2025-08-31 11:50 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-08-31 11:46 - 2019-12-07 05:50 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-08-31 11:36 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemApps
2025-08-31 01:29 - 2012-03-08 11:50 - 000000000 ___DC C:\Users\Jesús Saavedra\Documents\2011.05.12 Libros Diversos
2025-08-30 13:49 - 2025-01-15 10:18 - 000000000 ___DC C:\Users\Jesús Saavedra\Desktop\Norma Gutiérrez Asunto Operación riñon Dic2024 y (anterior y posterior)
2025-08-30 13:04 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2025-08-30 11:50 - 2012-03-05 18:16 - 000000000 ___DC C:\Users\Jesús Saavedra\AppData\Roaming\Microsoft\Word
2025-08-29 17:39 - 2025-07-20 14:44 - 000000000 ____D C:\Users\Jesús Saavedra\AppData\Local\Malwarebytes
2025-08-29 17:25 - 2019-12-07 05:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2025-08-29 17:22 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-08-29 17:22 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-08-29 17:22 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2025-08-29 17:22 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-08-29 17:22 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-08-29 17:22 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-08-29 12:35 - 2020-08-21 11:21 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-08-28 21:04 - 2025-07-02 09:02 - 000002335 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2025-08-28 21:04 - 2025-07-02 09:01 - 000002294 _____ C:\Users\Public\Desktop\Brave.lnk
2025-08-28 19:08 - 2021-03-17 17:16 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-08-28 15:28 - 2013-07-19 10:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-08-28 13:52 - 2012-03-14 15:24 - 223939376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-08-28 10:18 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-08-27 02:13 - 2018-02-03 09:38 - 000000000 ___DC C:\Users\Jesús Saavedra\Downloads\Telegram Desktop
2025-08-25 17:04 - 2012-03-08 12:23 - 000000000 ___DC C:\Users\Jesús Saavedra\AppData\Roaming\Microsoft\Excel
2025-08-25 12:30 - 2025-03-24 07:58 - 000002144 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2025-08-15 18:31 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2025-08-12 08:10 - 2025-06-25 13:12 - 000001535 _____ C:\Users\Jesús Saavedra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2025-08-11 08:10 - 2012-03-05 18:16 - 000000000 ___DC C:\Users\Jesús Saavedra\AppData\Roaming\Microsoft\Office
2025-08-09 15:30 - 2012-03-05 18:16 - 000000000 ___DC C:\Users\Jesús Saavedra\AppData\Roaming\Microsoft\UProof
2025-08-06 14:27 - 2018-03-03 17:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-08-06 08:34 - 2021-03-17 17:20 - 000000000 ____D C:\Users\Jesús Saavedra

==================== Archivos en la raíz de algunos directorios ========

2015-03-31 04:14 - 2015-03-31 04:14 - 000005655 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\aTc838ba8Cr1dirnHZk2UfF7x
2015-03-31 04:14 - 2015-03-31 04:14 - 000004387 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\NX8DdnnvtqOBLE9F
2021-09-29 13:37 - 2021-09-29 13:37 - 000000015 _____ () C:\Users\Jesús Saavedra\AppData\Roaming\obs-virtualcam.txt
2013-05-11 23:12 - 2018-02-20 13:00 - 000000385 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\Rim.Desktop.Exception.log
2013-05-11 21:45 - 2013-05-12 04:35 - 000002257 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2013-05-11 23:12 - 2018-02-20 13:00 - 000000385 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\Rim.DesktopHelper.Exception.log
2014-12-05 16:02 - 2014-11-30 13:11 - 000109120 _RSHC (Un4seen Developments) C:\Users\Jesús Saavedra\AppData\Roaming\Microsoft\clog.txt
2018-04-01 14:25 - 2018-04-01 14:25 - 000000003 _____ () C:\Users\Jesús Saavedra\AppData\Local\wbem.ini

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

socgom · 4 Septiembre, 2025 19:58

continuación del log que quedó en Addition:

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2009-07-13 22:34 - 2019-04-20 17:22 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost

2020-02-17 09:02 - 2025-05-06 09:48 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
41 435

==================== Network ===========================

(Actualmente no existe una corrección automática para esta sección.)

DNS Servers: 1.1.1.1 - 1.0.0.1
Firewall de Windows está habilitado.

Network Binding:
=============
Local Area Connection: Qualcomm Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.30) -> L1C63x64.sys
Wireless Network Connection: Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC -> rtwlane_13.sys

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\java8path;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%CMG_HOME%\CMGJobService;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\ecl\home;C:\ecl\macros;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jesús Saavedra\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-921242894-1989990284-1724683343-1003\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\Innovation\Aqua.jpg
HKU\S-1-5-21-921242894-1989990284-1724683343-1005\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 4) (TamperProtectionSource: 2)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)
HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths|C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\amtlib.dll


==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Inicio^RealTimes.lnk => C:\windows\pss\RealTimes.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Jesús Saavedra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jesús Saavedra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk => C:\windows\pss\Facebook Messenger.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jesús Saavedra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Speed Launcher => 1423670928
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AppleIEDAV => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: ares => "C:\Program Files (x86)\Ares\Ares.exe" -h
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: BlackBerryAutoUpdate => C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
MSCONFIG\startupreg: com.apple.dav.bookmarks.daemon => C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
MSCONFIG\startupreg: Facebook Update => "C:\Users\Jesús Saavedra\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HSON => %ProgramFiles%\TOSHIBA\TBS\HSON.exe
MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Samsung Common SM => "C:\windows\Samsung\ComSMMgr\ssmmgr.exe" /autorun
MSCONFIG\startupreg: SkyDrive => "C:\Users\Jesús Saavedra\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: ToshibaAppPlace => "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
MSCONFIG\startupreg: ToshibaServiceStation => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
MSCONFIG\startupreg: TosWaitSrv => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe
MSCONFIG\startupreg: Uninstall C: => 
MSCONFIG\startupreg: uTorrent => "C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
HKU\S-1-5-21-921242894-1989990284-1724683343-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-921242894-1989990284-1724683343-1003\...\StartupApproved\Run: => "OneDriveSetup"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{D2C4DDCE-C6F7-4409-B060-40E378199449}] => (Allow) C:\Users\Jesús Saavedra\AppData\Local\Sony Mobile\Xperia Flash Tool\Emma.exe (Sony Nordic (Sweden), Filial till Sony Europe B.V.(NL) -> )
FirewallRules: [{6A4E2E68-8319-4A1B-B77A-A5597A8A883C}] => (Allow) C:\Users\Jesús Saavedra\AppData\Local\Sony Mobile\Xperia Flash Tool\Emma.exe (Sony Nordic (Sweden), Filial till Sony Europe B.V.(NL) -> )
FirewallRules: [UDP Query User{B6BA261C-0197-4048-837F-DDFEFD3DFBD8}C:\program files\itunes\itunes.exe] => (Allow) C:\program files\itunes\itunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{FBCA0255-C2D8-48C8-B8F7-14433C80FC76}C:\program files\itunes\itunes.exe] => (Allow) C:\program files\itunes\itunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{A480A7FF-7623-4723-94B5-7BAC633BF9E2}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe (AresGalaxy) [Archivo no firmado]
FirewallRules: [UDP Query User{64BF888F-F21D-48E0-817E-40710D38CDEE}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe (AresGalaxy) [Archivo no firmado]
FirewallRules: [{53D0DB1E-49AD-4E48-B49D-12B81681B92A}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{395B939F-0F0C-420C-B208-E043B1F483BF}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3C561B2D-BEF7-4006-B7F1-C8440D2B8427}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{630B2300-FE84-411B-AF25-B5895622F7BB}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1B8F9440-E412-4BA8-BACC-9F7042796F4F}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0AEF5141-A13D-4734-ACD9-8276410EC4EF}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D8229F84-DA7C-4CC9-B86D-5EEBC59F66D2}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{37F1ABC3-A145-4184-BA0D-5D52F8E0D6C7}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B1A9B84C-64F3-41DD-B34B-0622B863B8FC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{77A9FF57-733B-45B3-B703-D84D20BEAFB7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{EC843C6E-1C2F-49C6-B599-F4EA266C9B20}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{990C3FA1-C220-45D7-88D9-3264578F0AF7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{7AF5CAD7-256D-4F50-BD14-106F74BD1749}C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe => Ningún archivo
FirewallRules: [UDP Query User{B9DE6107-A39E-48D0-A3F2-B855A2E381D2}C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe => Ningún archivo
FirewallRules: [TCP Query User{C679DE8B-0390-456A-B81E-C430743FF60D}C:\users\jesús saavedra\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\jesús saavedra\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [UDP Query User{C04D5B53-9EF9-4A52-9407-64A900B19748}C:\users\jesús saavedra\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\jesús saavedra\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [{0A7EDECA-91D0-4808-B036-78BC39E26938}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{341A0E4F-1372-4F4C-9F04-91A88064FD4D}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{FBE8B812-4FB4-4442-AE14-2CFBAA1EB656}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{E9362554-24A8-4F65-9C5D-F5734CF0F8D6}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{96EB1062-E4B8-4896-BA17-C23C683661E5}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{F1EB09FE-16D4-4B8B-92EF-7BF42EF48659}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [TCP Query User{BDAB431E-00BC-437C-BD73-055B14ADF235}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{4D643BEF-5A81-49A9-971C-EA551CCBFFF6}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{20CABF2F-9C53-4025-959B-6C558A1C7BD6}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Communications, Inc.)
FirewallRules: [{B32A18F5-058A-495C-8A32-232AC87AB496}] => (Allow) C:\Program Files\Privax\HMA VPN\Vpn.exe (Privax Limited -> Privax Limited)
FirewallRules: [{09618175-E168-43E6-83A8-1AA300081F68}] => (Allow) C:\Program Files\Privax\HMA VPN\Vpn.exe (Privax Limited -> Privax Limited)
FirewallRules: [{C6506F9A-608A-40E9-9DB0-2081CAC24E24}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Communications, Inc.)
FirewallRules: [{C2BAC537-F39E-49FF-B6AD-0E3F6BE55BCC}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{5B8F8736-048F-4242-9ECA-6261A999DE74}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{65D8A53A-ADDC-4E41-AF9E-96CD046963BF}] => (Allow) C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{B3E587AF-C7A4-4C0A-AE2C-71131CD144F0}] => (Allow) C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)

==================== Puntos de Restauración =========================

01-09-2025 12:38:59 Scheduled Checkpoint

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================

Errores del sistema:
=============
Error: (09/04/2025 01:22:21 PM) (Source: disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk0\DR0, tiene un bloque defectuoso.

Error: (09/04/2025 01:22:17 PM) (Source: disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk0\DR0, tiene un bloque defectuoso.

Error: (09/04/2025 01:22:13 PM) (Source: disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk0\DR0, tiene un bloque defectuoso.

Error: (09/04/2025 01:22:09 PM) (Source: disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk0\DR0, tiene un bloque defectuoso.

Error: (09/04/2025 01:22:05 PM) (Source: disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk0\DR0, tiene un bloque defectuoso.

Error: (09/04/2025 01:22:00 PM) (Source: disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk0\DR0, tiene un bloque defectuoso.

Error: (09/04/2025 01:21:56 PM) (Source: disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk0\DR0, tiene un bloque defectuoso.

Error: (09/04/2025 01:21:52 PM) (Source: disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk0\DR0, tiene un bloque defectuoso.


Windows Defender:
================
Date: 2025-09-02 20:14:53
Description: 
Microsoft Defender Antivirus ѕčåй ĥąş ъėэи šťőрφёð ьєƒόŗε ċõмρľęτïőи.%й %ŧŠĉäŉ ĨÐ:%ъ{0228A6E1-8FD8-48D7-B243-7E369525758B}%й %ţŠ¢ăń Ţўрě:%вAntimalware%ņ %тŞсąŋ Рªядmёťĕяś:%вQuick Scan%п  %тŮşèř:%вNT AUTHORITY\SYSTEM%ή %τŚţθφ Ґ℮άŝøй:%ъScheduled scan was skipped because the last successful scan was within the last 7 days

Date: 2025-09-01 15:01:40
Description: 
Microsoft Defender Antivirus ѕčåй ĥąş ъėэи šťőрφёð ьєƒόŗε ċõмρľęτïőи.%й %ŧŠĉäŉ ĨÐ:%ъ{ED8B95CC-5836-42DB-B70F-085E703B533E}%й %ţŠ¢ăń Ţўрě:%вAntimalware%ņ %тŞсąŋ Рªядmёťĕяś:%вQuick Scan%п  %тŮşèř:%вNT AUTHORITY\SYSTEM%ή %τŚţθφ Ґ℮άŝøй:%ъScheduled scan was skipped because the last successful scan was within the last 7 days

Date: 2025-09-01 08:17:53
Description: 
Microsoft Defender Antivirus detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/InstallCore&threatid=311991&enterprise=0
Nombre: PUADlManager:Win32/InstallCore
Id.: 311991
Gravedad: Low
Categoría: Potentially Unwanted Software
Ruta de acceso: file:_C:\Users\Jesús Saavedra\AppData\Local\JDownloader 2.0\Uninstall JDownloader.exe
Origen de detección: Local machine
Tipo de detección: Concrete
Origen de detección: Real-Time Protection
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
Versión de inteligencia de seguridad: AV: 1.435.511.0, AS: 1.435.511.0, NIS: 1.435.511.0
Versión de motor: AM: 1.1.25070.4, NIS: 1.1.25070.4

Date: 2025-08-31 15:36:16
Description: 
Microsoft Defender Antivirus ѕčåй ĥąş ъėэи šťőрφёð ьєƒόŗε ċõмρľęτïőи.%й %ŧŠĉäŉ ĨÐ:%ъ{983F737D-4079-42A1-86E8-4EB6309391E9}%й %ţŠ¢ăń Ţўрě:%вAntimalware%ņ %тŞсąŋ Рªядmёťĕяś:%вQuick Scan%п  %тŮşèř:%вNT AUTHORITY\SYSTEM%ή %τŚţθφ Ґ℮άŝøй:%ъScheduled scan was skipped because the last successful scan was within the last 7 days

Date: 2025-08-30 20:18:06
Description: 
Microsoft Defender Antivirus ѕčåй ĥąş ъėэи šťőрφёð ьєƒόŗε ċõмρľęτïőи.%й %ŧŠĉäŉ ĨÐ:%ъ{EF98ED7A-0228-4810-82CD-C3FE629B3478}%й %ţŠ¢ăń Ţўрě:%вAntimalware%ņ %тŞсąŋ Рªядmёťĕяś:%вQuick Scan%п  %тŮşèř:%вNT AUTHORITY\SYSTEM%ή %τŚţθφ Ґ℮άŝøй:%ъRPC connection rundown
Event[0]:

Date: 2025-08-29 17:51:17
Description: 
Microsoft Defender Antivirus detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.435.480.0
Origen de actualización: Microsoft Update Server
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Full
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.25070.4
Código de error: 0x80070102
Descripción del error: The wait operation timed out. 

Date: 2025-08-29 12:29:19
Description: 
Microsoft Defender Antivirus detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.435.466.0
Origen de actualización: Microsoft Update Server
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Full
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.25070.4
Código de error: 0x80070102
Descripción del error: The wait operation timed out. 

Date: 2025-08-28 10:52:07
Description: 
Microsoft Defender Antivirus detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.435.396.0
Origen de actualización: Microsoft Malware Protection Center
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Full
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.25070.4
Código de error: 0x80070020
Descripción del error: The process cannot access the file because it is being used by another process. 

Date: 2025-08-28 10:52:07
Description: 
Microsoft Defender Antivirus detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.435.396.0
Origen de actualización: Microsoft Malware Protection Center
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Full
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.25070.4
Código de error: 0x80070020
Descripción del error: The process cannot access the file because it is being used by another process. 

Date: 2025-08-28 10:52:07
Description: 
Microsoft Defender Antivirus detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.435.396.0
Origen de actualización: Microsoft Malware Protection Center
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Full
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.25070.4
Código de error: 0x80070020
Descripción del error: The process cannot access the file because it is being used by another process. 

CodeIntegrity:
===============
Date: 2025-08-19 09:22:13
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\139.0.7258.128\chrome.dll that did not meet the Microsoft signing level requirements.

Date: 2025-08-11 09:33:10
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe) attempted to load \Device\HarddiskVolume2\Program Files\BraveSoftware\Brave-Browser\Application\139.1.81.131\chrome.dll that did not meet the Microsoft signing level requirements.

Date: 2025-08-11 08:12:16
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\138.0.7204.184\chrome.dll that did not meet the Microsoft signing level requirements.

Date: 2025-08-04 08:37:34
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Información de la memoria =========================== 

BIOS: INSYDE TOSQCI - 1 06/26/2012
Placa base: Intel Corp. Base Board Product Name
Procesador: Intel(R) Core(TM) i3-2330M CPU @ 2.20GHz
Porcentaje de memoria en uso: 71%
RAM física total: 6091.86 MB
RAM física disponible: 1724.64 MB
Virtual total: 12235.86 MB
Virtual disponible: 6152.69 MB

==================== Unidades ================================

Drive c: (TI106234W0C) (Fixed) (Total:579.24 GB) (Free:21.7 GB) (Model: TOSHIBA MK6475GSX) NTFS ==>[sistema con componentes de arranque (obtenido de unidad)]
Drive e: (JESÚS SAAVEDRA 2TB) (Fixed) (Total:1862.92 GB) (Free:485.34 GB) (Model: TOSHIBA External USB 3.0 USB Device) NTFS

\\?\Volume{9643e244-0a9d-11e1-b712-806e6f6e6963}\ (System) (Fixed) (Total:1.46 GB) (Free:1.22 GB) NTFS
\\?\Volume{9deb38f3-0000-0000-0000-002d91000000}\ () (Fixed) (Total:0.94 GB) (Free:0.2 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596.2 GB) (Disk ID: 9DEB38F3)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=579.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=965 MB) - (Type=27)
Partition 4: (Not Active) - (Size=14.5 GB) - (Type=17)

==========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: 9D48441E)
Partition 1: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)

==================== Final de Addition.txt =======================

socgom · 4 Septiembre, 2025 23:44

ahora el log Addition…, @furtivex; va en dos partes porue no cabe en esta nota debido a la cantidad de caracteres…

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 21-08-2025
Ejecutado por Jesús I. Saavedra (04-09-2025 13:33:20)
Ejecutado desde C:\Users\Jesús Saavedra\Desktop
Microsoft Windows 10 Home Versión 22H2 19045.6282 (X64) (2021-03-17 22:29:58)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

(Si una entrada es incluida en el fixlist, será eliminada.)

Administrator (S-1-5-21-921242894-1989990284-1724683343-500 - Administrator - Disabled) => C:\Users\Administrator <==== ATENCIÓN
DefaultAccount (S-1-5-21-921242894-1989990284-1724683343-503 - Limited - Disabled)
DevToolsUser (S-1-5-21-921242894-1989990284-1724683343-1005 - Limited - Enabled) => C:\Users\DevToolsUser
Guest (S-1-5-21-921242894-1989990284-1724683343-501 - Limited - Disabled) => C:\Users\Guest <==== ATENCIÓN
HomeGroupUser$ (S-1-5-21-921242894-1989990284-1724683343-1002 - Limited - Enabled) => C:\Users\HomeGroupUser$ <==== ATENCIÓN
Jesús I. Saavedra (S-1-5-21-921242894-1989990284-1724683343-1000 - Administrator - Enabled) => C:\Users\Jesús Saavedra
Temporal Europa (S-1-5-21-921242894-1989990284-1724683343-1003 - Limited - Enabled) => C:\Users\Temporal Europa
WDAGUtilityAccount (S-1-5-21-921242894-1989990284-1724683343-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.001.20145 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.6.0.79 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Advanced Archive Password Recovery (HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\Advanced Archive Password Recovery) (Version: 4.53 - ElcomSoft Co. Ltd.)
Amazon Kindle (HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\Amazon Kindle) (Version: 1.16.0.44025 - Amazon)
Any Video Converter Professional 3.5.8 (HKLM-x32\...\Any Video Converter Professional_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (64 bits) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{11458AD2-E459-43E3-BEA3-9748C3EF0EFC}) (Version: 18.0.0.45 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.)
Ares (HKLM-x32\...\Ares) (Version: 2.5.5-Build#3081 - AresGalaxy)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
Avast Driver Updater (HKLM\...\Avast Driver Updater) (Version: 25.1.6041.20142 - Gen Digital Inc.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 5.4.2.1921 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandicam.com)
BB Boss version 2.2 (HKLM-x32\...\{EB18E8A3-F008-4655-B425-A3B7F03FFCDD}_is1) (Version: 2.2 - FfejWorks, Inc.)
BlackBerry Desktop Software 7.1 (HKLM-x32\...\{BE5B0450-DCCB-4FE9-93E2-3B38D88A745B}) (Version: 7.1.0.41 - Research In Motion Ltd.) Hidden
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)
BlackBerry Device Software v5.0.0 para el smartphone BlackBerry 8530 (HKLM-x32\...\{C981C4A5-E0B9-41DE-97F3-75E914F9ADAC}) (Version: 5.0.0.1030 (Plataforma 4.2.0.451) - Research In Motion Ltd.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 139.1.81.137 - Brave Software Inc)
CCleaner (HKLM\...\CCleaner) (Version: 6.39 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1990.6 - Piriform Software) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cisco Webex Meetings (HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\ActiveTouchMeetingClient) (Version: 40.8.4 - Cisco Webex LLC)
CMG 2015 General Release (2015.101.G) (HKLM-x32\...\{3A5FB990-5584-4D29-BC50-FDCD07018014}) (Version: 1.0.0.0 - Computer Modelling Group)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Doxillion, convertidor de documentos (HKLM-x32\...\Doxillion) (Version: 2.54 - NCH Software)
Dropbox (HKLM-x32\...\Dropbox) (Version: 221.3.5229 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.985.1 - Dropbox, Inc.) Hidden
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
Eclipse Software 2009.1 (HKLM-x32\...\{49FC4FCD-3752-44DF-90FD-BAFF38A234E3}) (Version: 2009.1 - GeoQuest)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Escritorio movistar Latam (HKLM-x32\...\Escritorio movistar Latam) (Version:  - Movistar)
Express Scribe (HKLM-x32\...\Scribe) (Version: 5.79 - NCH Software)
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Flashtool (HKLM-x32\...\Flashtool) (Version: 0.9.33.0 - Androxyde)
Folder Size for Windows (64-bit) (HKLM\...\{F24FF688-7138-4CCF-A83F-71E9FB01170E}) (Version: 2.5 - Brio)
Freemake Video Converter versión 4.1.13 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.13 - Mixbyte Inc.)
FreeTube 0.19.1 (HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\609c326f-6a5e-5cd1-9fc0-6e966fad073f) (Version: 0.19.1 - PrestonN)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 139.0.7258.155 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 113.0.1.0 - Google LLC)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Earth Pro (HKLM\...\{AE3261A9-F9D9-4410-BB38-7FA1D6B54BDE}) (Version: 7.3.6.10201 - Google)
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
GoToMeeting 10.18.0.19932 (HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\GoToMeeting) (Version: 10.18.0.19932 - LogMeIn, Inc.)
HandBrake 1.5.1 (HKLM-x32\...\HandBrake) (Version: 1.5.1 - )
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
HMA VPN (HKLM\...\Privax HMA) (Version: 25.8.11847.15248 - Privax)
HP Customer Experience Enhancements (HKLM-x32\...\{0CC8AE1D-F5AA-4143-8FAD-E017E0E9EE70}) (Version: 6.0.5.1 - Hewlett-Packard) Hidden
HP Deskjet F4200 All-In-One Driver Software 13.0 Rel. 3 (HKLM\...\{A00C9114-40E6-4C70-A619-7DF264B23485}) (Version: 13.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{8C925017-72A8-4C4A-AF21-84901E26638F}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{8EF98706-3C4B-4C5B-B035-01187E17D0E6}) (Version: 12.15.14.3 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
HUAWEI DataCard Driver 2.96 (HKLM-x32\...\HUAWEI DataCard Driver) (Version: 2.96 - Huawei technologies Co., Ltd.)
Icecream Ebook Reader 6 versión 6.51 (HKLM-x32\...\{67C22DDD-238A-4587-AC0E-2802AE70CB42}_is1) (Version: 6.51 - Icecream Apps)
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
Image Resizer for Windows (64 bit) (HKLM\...\{617CA6E9-D5FB-4017-8130-82E68C56C34D}) (Version: 3.0.4802.35565 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2353 - Intel Corporation)
iTunes (HKLM\...\{10A7CA43-13BB-4C41-8938-87A049DABE95}) (Version: 12.13.6.1 - Apple Inc.)
iVideoMate Video Downloader(Build 2.0.8.1) (HKLM\...\Video Downloader_is1) (Version: 2.0.8.1 - iVideoMate Software)
JAP (HKLM-x32\...\JAP) (Version: 00.18.001 - JAP-Team)
Java 8 Update 441 (64-bit) (HKLM\...\{77724AE4-039E-4CA4-87B4-2F64180441F0}) (Version: 8.0.4410.7 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Libgen Desktop 1.3.5 (64-bit) (HKLM\...\{88846ABC-26D2-4038-B51A-94A092FEB3D2}) (Version: 1.3.5 - Libgen Apps)
Malwarebytes version 4.6.17.334 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.17.334 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3}) (Version: 4.6.01055 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.36 (x64) (HKLM\...\{D6932D97-36F1-40B8-9CDC-CA8365B21000}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.36 (x64) (HKLM\...\{A9E32B25-994B-4856-A12B-0EBED3050410}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.36 (x64) (HKLM\...\{C912E33F-956A-4921-9F55-CC11AE8F09AF}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft Access MUI (Spanish) 2016 (HKLM\...\{90160000-0015-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Audio Enhancement Troubleshooter installer (HKLM\...\{6E0351FF-6A71-45C5-A041-D4D9D8067EAF}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Spanish) 2016 (HKLM\...\{90160000-0090-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291.0_neutral_~_8wekyb3d8bbwe (x64) (HKLM\...\{25E80DAA-FD87-DCE5-202C-CC02F6673002}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 139.0.3405.125 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 139.0.3405.125 - Microsoft Corporation) Hidden
Microsoft Excel MUI (Spanish) 2016 (HKLM\...\{90160000-0016-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Spanish) 2016 (HKLM\...\{90160000-00BA-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Spanish) 2016 (HKLM\...\{90160000-0044-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2016 (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Spanish) 2016 (HKLM\...\{90160000-00E1-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Spanish) 2016 (HKLM\...\{90160000-00E2-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing (Spanish) 2016 (HKLM\...\{90160000-002C-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2016 - English (HKLM\...\{90160000-001F-0409-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Spanish) 2016 (HKLM\...\{90160000-00C1-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Spanish) 2016 (HKLM\...\{90160000-006E-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office zuzenketa-tresnak 2016 - Euskara (HKLM\...\{90160000-001F-042D-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\OneDriveSetup.exe) (Version: 25.149.0803.0003 - Microsoft Corporation)
Microsoft OneNote MUI (Spanish) 2016 (HKLM\...\{90160000-00A1-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Spanish) 2016 (HKLM\...\{90160000-001A-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Spanish) 2016 (HKLM\...\{90160000-0018-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Project MUI (Spanish) 2016 (HKLM\...\{90160000-00B4-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Project Professional 2016 (HKLM\...\{90160000-003B-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Project Professional 2016 (HKLM\...\Office16.PRJPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Publisher MUI (Spanish) 2016 (HKLM\...\{90160000-0019-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Security Client (HKLM\...\{3061DCA5-2D0B-48F9-800F-9D7C1FEB5E78}) (Version: 4.9.0218.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Skype for Business MUI (Spanish) 2016 (HKLM\...\{90160000-012B-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.31301 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visio MUI (Spanish) 2016 (HKLM\...\{90160000-0054-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Visio Professional 2016 (HKLM\...\{90160000-0051-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Visio Professional 2016 (HKLM\...\Office16.VISPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{4014b6a8-d91a-42a0-a855-c6f1f84f36d6}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 x64 Additional Runtime - 14.12.25810 (HKLM\...\{2CD849A7-86A1-34A6-B8F9-D72F5B21A9AE}) (Version: 14.12.25810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.12.25810 (HKLM\...\{C99E2ADC-0347-336E-A603-F1992B09D582}) (Version: 14.12.25810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x86 Additional Runtime - 14.12.25810 (HKLM-x32\...\{7FED75A1-600C-394B-8376-712E2A8861F2}) (Version: 14.12.25810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.12.25810 (HKLM-x32\...\{828952EB-5572-3666-8CA9-000B6CE79350}) (Version: 14.12.25810 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM\...\{61D4736B-3325-4D4A-BD41-8BD206C6A86E}) (Version: 48.144.23186 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM-x32\...\{0532b8f2-12d7-43de-95fc-7b87006758a8}) (Version: 6.0.36.34217 - Microsoft Corporation)
Microsoft Word MUI (Spanish) 2016 (HKLM\...\{90160000-001B-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 es-ES) (HKLM\...\Mozilla Firefox 141.0.3 (x64 es-ES)) (Version: 141.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 136.0.2 - Mozilla)
MSVCRT Redists (HKLM\...\{24DB3A5E-0BC8-11E5-9A27-F04DA23A5C58}) (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 8 Essentials (HKLM-x32\...\{7FD7FB8C-2C75-4A8E-A236-EB23C5C13322}) (Version: 8.3.582 - Nero AG)
neroxml (HKLM-x32\...\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}) (Version: 1.0.0 - Nero AG) Hidden
Netwaiting (HKLM-x32\...\{74B8998B-2B1B-4414-AD5D-17E7E9B5FF0A}) (Version: 1.0.1 - Conexant Systems, Inc)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 25.0.8 - OBS Project)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Opera Stable 120.0.5543.161 (HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\Opera 120.0.5543.161) (Version: 120.0.5543.161 - Opera Software)
Petrel 2009.1 (HKLM-x32\...\{E74EFDC6-2423-4CBB-A107-7A6D1538D990}) (Version: 4.11.1 - Schlumberger)
PIPESIM 2008.1 (HKLM-x32\...\{303A394E-7FD4-4D1A-BBC5-0F62FDBE0E6C}) (Version: 2008.01.0133 - Schlumberger)
PIXresizer 2.0.4 (HKLM-x32\...\PIXresizer_is1) (Version:  - Bluefive software)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Proton VPN (HKLM\...\Proton VPN_is1) (Version: 3.3.0 - Proton AG)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.2309.290 - Trusteer) Hidden
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 1.0.0.15 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0013 - REALTEK Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Revo Uninstaller Pro 4.5.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.5.5 - VS Revo Group, Ltd.)
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.06.00 - Samsung Electronics Co., Ltd.)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Signal 7.21.0 (HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 7.21.0 - Signal Messenger, LLC)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Sony Mobile Software Update Drivers (HKLM\...\{4872001F-F67C-4C54-BC92-281C6A165251}) (Version: 3.2.0.3 - Sony Mobile Communications)
Sony Mobile Xperia Flash Tool (HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\Xperia Flash Tool) (Version: 2.21.2.202101271636 - Sony Mobile Communications Inc.)
SumatraPDF (HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\SumatraPDF) (Version: 3.5.2 - Krzysztof Kowalczyk)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.191 - Synaptics Incorporated)
Telegram Desktop (HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 6.0.2 - Telegram FZ-LLC)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.0 - TOSHIBA CORPORATION)
TOSHIBA Battery Check Utility (HKLM-x32\...\{5468E297-7EF8-4CB3-A091-F8714147793F}) (Version: 1.00.04.01 - Toshiba Client Solutions Co., Ltd.)
TOSHIBA Bulletin Board (HKLM\...\{1C8C049A-145F-4A6E-8290-B5C245EBE39D}) (Version: 1.6.11.64 - TOSHIBA Corporation) Hidden
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{1C8C049A-145F-4A6E-8290-B5C245EBE39D}) (Version: 1.6.11.64 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.11 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{C2F94B5E-201A-4754-8F2F-4395E1D90DA3}) (Version: 1.3.5.64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}) (Version: 4.08.09.00 - TOSHIBA)
TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.9 - TOSHIBA Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.87.4 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.8.0 - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.31 - Toshiba)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.9.64 - TOSHIBA Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.5.5109a - TOSHIBA CORPORATION)
TOSHIBA ReelTime (HKLM\...\{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.21.64 - TOSHIBA Corporation) Hidden
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.21.64 - TOSHIBA Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.2001 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.12 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.2.8 - TOSHIBA Corporation)
TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}) (Version: 4.08.09.00 - TOSHIBA)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.6.1.64 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.3 - TOSHIBA Corporation) Hidden
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.3 - TOSHIBA Corporation)
TOSHIBA Wireless LAN Indicator (HKLM-x32\...\{5B01BCB7-A5D3-476F-AF11-E515BA206591}) (Version: 1.0.5 - TOSHIBA CORPORATION)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.6 - TOSHIBA)
Trusteer Seguridad Terminal (HKLM-x32\...\Rapport_msi) (Version: 3.5.2309.290 - Trusteer)
TweetDeck (HKLM-x32\...\{85D70219-700E-4728-A80D-C394DEF6247E}) (Version: 3.0.2 - Twitter, Inc.)
Update for Skype for Business 2016 (KB5002567) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{AC7565EF-E108-49D4-9F46-5A1AEC72B27B}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB5002567) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PRJPRO_{AC7565EF-E108-49D4-9F46-5A1AEC72B27B}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB5002567) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{AC7565EF-E108-49D4-9F46-5A1AEC72B27B}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB5002567) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.VISPRO_{AC7565EF-E108-49D4-9F46-5A1AEC72B27B}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB5002567) 64-Bit Edition (HKLM\...\{90160000-012B-0C0A-1000-0000000FF1CE}_Office16.PROPLUS_{AC7565EF-E108-49D4-9F46-5A1AEC72B27B}) (Version:  - Microsoft)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{B8D93870-98D1-4980-AFCA-E26563CDFB79}) (Version: 8.94.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{C4BE7550-ECE1-417D-A787-01266DC1F5A6}) (Version: 1.22.0.0 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - (v9.0.30729) (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}) (Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN)
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
WhatsApp (HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\WhatsApp) (Version: 0.2.8361 - WhatsApp)
WinDirStat 1.1.2 (HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\WinDirStat) (Version:  - )
Windows Driver Package - Sony Mobile Communications (ggsomc) SOMCFlashDevice  (12/06/2017 3.2.0.0) (HKLM\...\7AA77B236196DB9A6C04257060560ACDBB626F30) (Version: 12/06/2017 3.2.0.0 - Sony Mobile Communications)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
Wondershare AllMyTube(Build 7.4.9.2) (HKLM-x32\...\AllMyTube_is1) (Version: 7.4.9.2 - Wondershare)
Wondershare Data Recovery(Build 4.7.0.5) (HKLM-x32\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 4.7.0.5 - Wondershare Software Co.,Ltd.)
Wondershare Dr.Fone(Build 2.0.1.3) (HKLM-x32\...\{B2AF05E3-4B0C-44A6-B146-322219BF3562}_is1) (Version: 2.0.1.3 - Wondershare Software Co.,Ltd.)
Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
Youtube Downloader HD v. 3.4.1 (HKLM-x32\...\Youtube Downloader HD_is1) (Version:  - YoutubeDownloaderHD.com)
Zoom Workplace (HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\ZoomUMX) (Version: 6.5.9 (11873) - Zoom Communications, Inc.)

Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2021-04-15] (Adobe Systems Incorporated)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.27.4390.0_x64__rz1tebttyb220 [2025-08-01] (Dolby Laboratories)
Dominoes Block -> C:\Program Files\WindowsApps\15985Yasindewid.DominoesBlock_5.1.8.0_x64__39dp1177718dj [2021-03-15] (Yasin dewid)
Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2025-03-21] (Dropbox Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_161.1.1087.0_x64__v10z8vjag6ke6 [2025-08-31] (HP Inc.)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.23.0_neutral__8xx8rvfyw5nnt [2024-02-16] (Instagram)
PC Manager -> C:\Program Files\WindowsApps\Microsoft.MicrosoftPCManager_3.17.12.0_x64__8wekyb3d8bbwe [2025-08-21] (Microsoft Corporation) [Startup Task]
Power BI Desktop -> C:\Program Files\WindowsApps\Microsoft.MicrosoftPowerBIDesktop_2.146.1254.0_x64__8wekyb3d8bbwe [2025-08-29] (Microsoft Corporation)
Telegram Desktop -> C:\Program Files\WindowsApps\TelegramMessengerLLP.TelegramDesktop_6.0.2.0_x64__t4vj0pshhgkwm [2025-08-02] (Telegram Messenger LLP) [Startup Task]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-11] (Twitter Inc.)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2534.2.0_x64__cv1g1gvanyjgm [2025-08-28] (WhatsApp Inc.) [Startup Task]
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-07-08] (Microsoft Corporation)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-921242894-1989990284-1724683343-1000_Classes\CLSID\{1019ADC7-17CB-4489-AFD5-6642C7400ACE}\localserver32 -> C:\Users\Jesús Saavedra\AppData\Local\Webex\Webex\Applications\ptOIEx64.exe (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-921242894-1989990284-1724683343-1000_Classes\CLSID\{1a46400f-4c81-802a-c2c1-1e9a687a9340}\localserver32 -> C:\Program Files\HandBrake\HandBrake.exe (HandBrake Team) [Archivo no firmado]
CustomCLSID: HKU\S-1-5-21-921242894-1989990284-1724683343-1000_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> C:\Users\Jesús Saavedra\AppData\Local\Microsoft\OneDrive\25.149.0803.0003\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-921242894-1989990284-1724683343-1000_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\Jesús Saavedra\AppData\Local\Microsoft\EdgeUpdate\1.3.195.45\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-921242894-1989990284-1724683343-1000_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\Jesús Saavedra\AppData\Local\Microsoft\EdgeUpdate\1.3.195.45\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-921242894-1989990284-1724683343-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Jesús Saavedra\AppData\Local\GoToMeeting\19796\G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.)
CustomCLSID: HKU\S-1-5-21-921242894-1989990284-1724683343-1000_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> C:\Users\Jesús Saavedra\AppData\Local\Microsoft\OneDrive\25.149.0803.0003\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-921242894-1989990284-1724683343-1000_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\Jesús Saavedra\AppData\Local\Microsoft\Teams\current\Teams.exe => Ningún archivo
CustomCLSID: HKU\S-1-5-21-921242894-1989990284-1724683343-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Jesús Saavedra\Dropbox [2014-10-29 16:31]
CustomCLSID: HKU\S-1-5-21-921242894-1989990284-1724683343-1000_Classes\CLSID\{F46A78BD-06FC-442C-88DF-0500F08F2379}\InprocServer32 -> C:\Users\Jesús Saavedra\AppData\Local\Microsoft\EdgeUpdate\1.3.195.45\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Sin Nombre - {E37CB5F0-51F5-4395-A808-5FA49E399026} -  -> Ningún archivo
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\113.0.1.0\drivefsext.dll [2025-08-25] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\113.0.1.0\drivefsext.dll [2025-08-25] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\113.0.1.0\drivefsext.dll [2025-08-25] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\113.0.1.0\drivefsext.dll [2025-08-25] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\113.0.1.0\drivefsext.dll [2025-08-25] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\113.0.1.0\drivefsext.dll [2025-08-25] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\113.0.1.0\drivefsext.dll [2025-08-25] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\113.0.1.0\drivefsext.dll [2025-08-25] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> Ningún archivo
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2009-03-25] (Nero AG -> Nero AG)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\113.0.1.0\drivefsext.dll [2025-08-25] (Google LLC -> Google LLC.)
ContextMenuHandlers1: [DropboxExt] -> [CC]{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} =>  -> Ningún archivo
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [Image Resizer] -> {51B4D7E5-7568-4234-B4BB-47FB3C016A69} => C:\Program Files\Image Resizer for Windows\ShellExtensions.dll [2013-02-23] (Brice Lambson) [Archivo no firmado]
ContextMenuHandlers1: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-09] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-07-20] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\113.0.1.0\drivefsext.dll [2025-08-25] (Google LLC -> Google LLC.)
ContextMenuHandlers4: [DropboxExt] -> [CC]{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} =>  -> Ningún archivo
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\113.0.1.0\drivefsext.dll [2025-08-25] (Google LLC -> Google LLC.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.78.0.dll [2025-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> Ningún archivo
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-07-20] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> [CC]{2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} =>  -> Ningún archivo
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

Shortcut: C:\Users\Jesús Saavedra\Favorites\Sitio para descargas de NCH Software.lnk -> hxxp://www.nchsoftware.com/es/index.htm
Shortcut: C:\Users\Jesús Saavedra\Documents\Iconos accesos directos\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat ()
ShortcutWithArgument: C:\Users\Jesús Saavedra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Cisco WebEx IM.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=gdgodbfllkenehbjembldlmkjjdafigh
ShortcutWithArgument: C:\Users\Jesús Saavedra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Módulos cargados (Lista blanca) =============

2013-02-23 12:17 - 2013-02-23 12:17 - 000166400 _____ (Brice Lambson) [Archivo no firmado] C:\Program Files\Image Resizer for Windows\ShellExtensions.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\Users\Jesús Saavedra\Downloads\esetonlinescanner.exe:MBAM.Zone.Identifier [257]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) =============

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10438__190909
HKU\S-1-5-21-921242894-1989990284-1724683343-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-921242894-1989990284-1724683343-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-921242894-1989990284-1724683343-1000 -> {B351D155-F565-4E71-9B34-7EBFD4C442F8} URL = 
SearchScopes: HKU\S-1-5-21-921242894-1989990284-1724683343-1003 -> {B351D155-F565-4E71-9B34-7EBFD4C442F8} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2024-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_441\bin\ssv.dll [2024-12-04] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_441\bin\jp2ssv.dll [2024-12-04] (Oracle America, Inc. -> Oracle Corporation)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll [2012-08-24] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2024-01-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies SA -> Skype Technologies S.A.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2012-08-24] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
DPF: HKLM-x32 {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_71-windows-i586.cab
DPF: HKLM-x32 {CAFEEFAC-0017-0000-0071-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_71-windows-i586.cab
DPF: HKLM-x32 {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_71-windows-i586.cab
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\localhost -> localhost

furtivex · 5 Septiembre, 2025 13:02

Hola @socgom

Farbar Recovery Scan Tool: FIX

Nota: tras ejecutar el script (posiblemente), se cerrarán todas las pestañas abiertas del navegador, se cerrará la sesión de sus cuentas y se borrarán los archivos temporales, la papelera de reciclaje, el historial del navegador, las cookies y la caché.

Desactive su antivirus antes de reiniciar. Seleccione el siguiente código:

start::
CloseProcesses:

SystemRestore: On
CreateRestorePoint:

Emptytemp:


Task: {4C1E0492-9D6D-44E5-A237-C75017294B41} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN
Administrator (S-1-5-21-921242894-1989990284-1724683343-500 - Administrator - Disabled) => C:\Users\Administrator <==== ATENCIÓN
Guest (S-1-5-21-921242894-1989990284-1724683343-501 - Limited - Disabled) => C:\Users\Guest <==== ATENCIÓN
HomeGroupUser$ (S-1-5-21-921242894-1989990284-1724683343-1002 - Limited - Enabled) => C:\Users\HomeGroupUser$ <==== ATENCIÓN
S2 ccleaner; "C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe" /svc [X]
S3 ccleanerm; "C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe" /medsvc [X]
Task: {4C1E0492-9D6D-44E5-A237-C75017294B41} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [Ningún archivo]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Ningún archivo]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1990.6\npCCleanerBrowserUpdate3.dll [Ningún archivo]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1990.6\npCCleanerBrowserUpdate3.dll [Ningún archivo]
FF Plugin HKU\.DEFAULT: gastecnologia.com.br/sf/bdv -> C:\WINDOWS\system32\config\systemprofile\AppData\Local\GAS Tecnologia\GBBD\npsf_bdv.dll [Ningún archivo]
FF Plugin HKU\S-1-5-21-921242894-1989990284-1724683343-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [Ningún archivo]
FF Plugin HKU\S-1-5-21-921242894-1989990284-1724683343-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [Ningún archivo]
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo)
FirewallRules: [TCP Query User{7AF5CAD7-256D-4F50-BD14-106F74BD1749}C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe => Ningún archivo
FirewallRules: [UDP Query User{B9DE6107-A39E-48D0-A3F2-B855A2E381D2}C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe => Ningún archivo
FirewallRules: [{0A7EDECA-91D0-4808-B036-78BC39E26938}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{341A0E4F-1372-4F4C-9F04-91A88064FD4D}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{FBE8B812-4FB4-4442-AE14-2CFBAA1EB656}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{E9362554-24A8-4F65-9C5D-F5734CF0F8D6}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{96EB1062-E4B8-4896-BA17-C23C683661E5}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{F1EB09FE-16D4-4B8B-92EF-7BF42EF48659}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
CustomCLSID: HKU\S-1-5-21-921242894-1989990284-1724683343-1000_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\Jesús Saavedra\AppData\Local\Microsoft\Teams\current\Teams.exe => Ningún archivo
ShellExecuteHooks-x32: Sin Nombre - {E37CB5F0-51F5-4395-A808-5FA49E399026} -  -> Ningún archivo
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  -> Ningún archivo
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> Ningún archivo
ContextMenuHandlers1: [DropboxExt] -> [CC]{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} =>  -> Ningún archivo
ContextMenuHandlers1: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers2: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers4: [DropboxExt] -> [CC]{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} =>  -> Ningún archivo
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Ningún archivo
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> Ningún archivo
ContextMenuHandlers6: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers6: [RUShellExt] -> [CC]{2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} =>  -> Ningún archivo
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => no encontrado
FF HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8877}] - C:\Users\Jesús Saavedra\AppData\Local\GAS Tecnologia\GBBD\bdv\xpi => no encontrado
CHR HKU\S-1-5-21-921242894-1989990284-1724683343-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [odifdffdmeannfboglpliamjmoggdmci] - C:\Users\Jesús Saavedra\AppData\Local\GAS Tecnologia\GBBD\bdv\sf.crx <no encontrado>
Task: {4C1E0492-9D6D-44E5-A237-C75017294B41} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [Ningún archivo]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Ningún archivo]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1990.6\npCCleanerBrowserUpdate3.dll [Ningún archivo]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1990.6\npCCleanerBrowserUpdate3.dll [Ningún archivo]
FF Plugin HKU\.DEFAULT: gastecnologia.com.br/sf/bdv -> C:\WINDOWS\system32\config\systemprofile\AppData\Local\GAS Tecnologia\GBBD\npsf_bdv.dll [Ningún archivo]
FF Plugin HKU\S-1-5-21-921242894-1989990284-1724683343-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [Ningún archivo]
FF Plugin HKU\S-1-5-21-921242894-1989990284-1724683343-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [Ningún archivo]
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo)
FirewallRules: [TCP Query User{7AF5CAD7-256D-4F50-BD14-106F74BD1749}C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe => Ningún archivo
FirewallRules: [UDP Query User{B9DE6107-A39E-48D0-A3F2-B855A2E381D2}C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe => Ningún archivo
FirewallRules: [{0A7EDECA-91D0-4808-B036-78BC39E26938}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{341A0E4F-1372-4F4C-9F04-91A88064FD4D}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{FBE8B812-4FB4-4442-AE14-2CFBAA1EB656}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{E9362554-24A8-4F65-9C5D-F5734CF0F8D6}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{96EB1062-E4B8-4896-BA17-C23C683661E5}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{F1EB09FE-16D4-4B8B-92EF-7BF42EF48659}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
CustomCLSID: HKU\S-1-5-21-921242894-1989990284-1724683343-1000_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\Jesús Saavedra\AppData\Local\Microsoft\Teams\current\Teams.exe => Ningún archivo
ShellExecuteHooks-x32: Sin Nombre - {E37CB5F0-51F5-4395-A808-5FA49E399026} -  -> Ningún archivo
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  -> Ningún archivo
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> Ningún archivo
ContextMenuHandlers1: [DropboxExt] -> [CC]{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} =>  -> Ningún archivo
ContextMenuHandlers1: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers2: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers4: [DropboxExt] -> [CC]{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} =>  -> Ningún archivo
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Ningún archivo
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> Ningún archivo
ContextMenuHandlers6: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers6: [RUShellExt] -> [CC]{2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} =>  -> Ningún archivo

HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\MountPoints2: {25113309-83ff-11eb-afaa-047d7b0ddb38} - "E:\IDDApp.exe" 
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 

2015-03-31 04:14 - 2015-03-31 04:14 - 000005655 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\aTc838ba8Cr1dirnHZk2UfF7x
2015-03-31 04:14 - 2015-03-31 04:14 - 000004387 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\NX8DdnnvtqOBLE9F
2021-09-29 13:37 - 2021-09-29 13:37 - 000000015 _____ () C:\Users\Jesús Saavedra\AppData\Roaming\obs-virtualcam.txt
2013-05-11 23:12 - 2018-02-20 13:00 - 000000385 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\Rim.Desktop.Exception.log
2013-05-11 21:45 - 2013-05-12 04:35 - 000002257 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2013-05-11 23:12 - 2018-02-20 13:00 - 000000385 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\Rim.DesktopHelper.Exception.log
2014-12-05 16:02 - 2014-11-30 13:11 - 000109120 _RSHC (Un4seen Developments) C:\Users\Jesús Saavedra\AppData\Roaming\Microsoft\clog.txt
2018-04-01 14:25 - 2018-04-01 14:25 - 000000003 _____ () C:\Users\Jesús Saavedra\AppData\Local\wbem.ini

Guest (S-1-5-21-921242894-1989990284-1724683343-501 - Limited - Disabled) => C:\Users\Guest <==== ATENCIÓN
HomeGroupUser$ (S-1-5-21-921242894-1989990284-1724683343-1002 - Limited - Enabled) => C:\Users\HomeGroupUser$ <==== ATENCIÓN

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Inicio^RealTimes.lnk => C:\windows\pss\RealTimes.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Jesús Saavedra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jesús Saavedra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk => C:\windows\pss\Facebook Messenger.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jesús Saavedra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Speed Launcher => 1423670928
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AppleIEDAV => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: ares => "C:\Program Files (x86)\Ares\Ares.exe" -h
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: BlackBerryAutoUpdate => C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
MSCONFIG\startupreg: com.apple.dav.bookmarks.daemon => C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
MSCONFIG\startupreg: Facebook Update => "C:\Users\Jesús Saavedra\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HSON => %ProgramFiles%\TOSHIBA\TBS\HSON.exe
MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Samsung Common SM => "C:\windows\Samsung\ComSMMgr\ssmmgr.exe" /autorun
MSCONFIG\startupreg: SkyDrive => "C:\Users\Jesús Saavedra\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: ToshibaAppPlace => "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
MSCONFIG\startupreg: ToshibaServiceStation => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
MSCONFIG\startupreg: TosWaitSrv => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe
MSCONFIG\startupreg: Uninstall C: => 
MSCONFIG\startupreg: uTorrent => "C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
HKU\S-1-5-21-921242894-1989990284-1724683343-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-921242894-1989990284-1724683343-1003\...\StartupApproved\Run: => "OneDriveSetup"

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-921242894-1989990284-1724683343-1000 -> {B351D155-F565-4E71-9B34-7EBFD4C442F8} URL = 
SearchScopes: HKU\S-1-5-21-921242894-1989990284-1724683343-1003 -> {B351D155-F565-4E71-9B34-7EBFD4C442F8} URL = 

EmptyEventLogs:

CMD: DISM /Online /Cleanup-image /Restorehealth
CMD: sfc /scannow
CMD: winmgmt /salvagerepository
CMD: winmgmt /verifyrepository
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R

End::

Copie el texto seleccionado (clic derecho - Copiar). Ejecute FRST (FRST64) como administrador. Haga clic en “Reparar” una vez (!) y espere. El programa creará un archivo de registro (Fixlog.txt). Adjúntelo a su próximo mensaje.

El ordenador se reiniciará automáticamente.

Poco espacio de almacenamiento

Drive c: (TI106234W0C) (Fixed) (Total:579.24 GB) (Free:21.7 GB) (Model: TOSHIBA MK6475GSX) NTFS ==>[sistema con componentes de arranque (obtenido de unidad)]

El disco duro tiene actualmente unos 22 GB de espacio libre. Esto es un 3,74% de espacio libre. Recomendaría intentar aumentar este número al 20% o más. Puede usar esta utilidad gratuita llamada WizTree o WinDirStat para determinar qué está ocupando grandes porciones de espacio y mover o eliminar archivos en consecuencia.

socgom · 5 Septiembre, 2025 17:34

Saludos, @furtivex. Le comento, luego de ejecutar la opción FIX del del Farbar Recovery Scan Tool, efectivamente se generó un registro de nombre Fixlog.txt, que copio a continuación, pero además se creó otro archivo de texto, de nombre dxtyprkojuwlepad.txt, que también copiaré a continuación. La laptop no se reinició, sigue observándose lentitud en ejecutar tareas (por ejemplo, abrir un explorador web, o abrir un archivo de ofimática, o simplemente congelándose por varias segundos la pantalla). Dígame, ¿debo reiniciar el computador o no hace falta?

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 21-08-2025
Ejecutado por Jesús I. Saavedra (05-09-2025 11:11:22) Run:1
Ejecutado desde C:\Users\Jesús Saavedra\Desktop
Perfiles cargados: Jesús I. Saavedra & Temporal Europa & DevToolsUser
Modo de Inicio: Normal
==============================================

fixlist contenido:
*****************
[quote="furtivex, post:8, topic:35918"]
```
start::
CloseProcesses:

SystemRestore: On
CreateRestorePoint:

Emptytemp:


Task: {4C1E0492-9D6D-44E5-A237-C75017294B41} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN
Administrator (S-1-5-21-921242894-1989990284-1724683343-500 - Administrator - Disabled) => C:\Users\Administrator <==== ATENCIÓN
Guest (S-1-5-21-921242894-1989990284-1724683343-501 - Limited - Disabled) => C:\Users\Guest <==== ATENCIÓN
HomeGroupUser$ (S-1-5-21-921242894-1989990284-1724683343-1002 - Limited - Enabled) => C:\Users\HomeGroupUser$ <==== ATENCIÓN
S2 ccleaner; "C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe" /svc [X]
S3 ccleanerm; "C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe" /medsvc [X]
Task: {4C1E0492-9D6D-44E5-A237-C75017294B41} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [Ningún archivo]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Ningún archivo]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1990.6\npCCleanerBrowserUpdate3.dll [Ningún archivo]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1990.6\npCCleanerBrowserUpdate3.dll [Ningún archivo]
FF Plugin HKU\.DEFAULT: gastecnologia.com.br/sf/bdv -> C:\WINDOWS\system32\config\systemprofile\AppData\Local\GAS Tecnologia\GBBD\npsf_bdv.dll [Ningún archivo]
FF Plugin HKU\S-1-5-21-921242894-1989990284-1724683343-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [Ningún archivo]
FF Plugin HKU\S-1-5-21-921242894-1989990284-1724683343-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [Ningún archivo]
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo)
FirewallRules: [TCP Query User{7AF5CAD7-256D-4F50-BD14-106F74BD1749}C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe => Ningún archivo
FirewallRules: [UDP Query User{B9DE6107-A39E-48D0-A3F2-B855A2E381D2}C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe => Ningún archivo
FirewallRules: [{0A7EDECA-91D0-4808-B036-78BC39E26938}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{341A0E4F-1372-4F4C-9F04-91A88064FD4D}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{FBE8B812-4FB4-4442-AE14-2CFBAA1EB656}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{E9362554-24A8-4F65-9C5D-F5734CF0F8D6}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{96EB1062-E4B8-4896-BA17-C23C683661E5}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{F1EB09FE-16D4-4B8B-92EF-7BF42EF48659}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
CustomCLSID: HKU\S-1-5-21-921242894-1989990284-1724683343-1000_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\Jesús Saavedra\AppData\Local\Microsoft\Teams\current\Teams.exe => Ningún archivo
ShellExecuteHooks-x32: Sin Nombre - {E37CB5F0-51F5-4395-A808-5FA49E399026} -  -> Ningún archivo
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  -> Ningún archivo
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> Ningún archivo
ContextMenuHandlers1: [DropboxExt] -> [CC]{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} =>  -> Ningún archivo
ContextMenuHandlers1: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers2: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers4: [DropboxExt] -> [CC]{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} =>  -> Ningún archivo
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Ningún archivo
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> Ningún archivo
ContextMenuHandlers6: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers6: [RUShellExt] -> [CC]{2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} =>  -> Ningún archivo
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => no encontrado
FF HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8877}] - C:\Users\Jesús Saavedra\AppData\Local\GAS Tecnologia\GBBD\bdv\xpi => no encontrado
CHR HKU\S-1-5-21-921242894-1989990284-1724683343-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [odifdffdmeannfboglpliamjmoggdmci] - C:\Users\Jesús Saavedra\AppData\Local\GAS Tecnologia\GBBD\bdv\sf.crx <no encontrado>
Task: {4C1E0492-9D6D-44E5-A237-C75017294B41} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [Ningún archivo]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Ningún archivo]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1990.6\npCCleanerBrowserUpdate3.dll [Ningún archivo]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1990.6\npCCleanerBrowserUpdate3.dll [Ningún archivo]
FF Plugin HKU\.DEFAULT: gastecnologia.com.br/sf/bdv -> C:\WINDOWS\system32\config\systemprofile\AppData\Local\GAS Tecnologia\GBBD\npsf_bdv.dll [Ningún archivo]
FF Plugin HKU\S-1-5-21-921242894-1989990284-1724683343-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [Ningún archivo]
FF Plugin HKU\S-1-5-21-921242894-1989990284-1724683343-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [Ningún archivo]
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo)
FirewallRules: [TCP Query User{7AF5CAD7-256D-4F50-BD14-106F74BD1749}C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe => Ningún archivo
FirewallRules: [UDP Query User{B9DE6107-A39E-48D0-A3F2-B855A2E381D2}C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe => Ningún archivo
FirewallRules: [{0A7EDECA-91D0-4808-B036-78BC39E26938}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{341A0E4F-1372-4F4C-9F04-91A88064FD4D}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{FBE8B812-4FB4-4442-AE14-2CFBAA1EB656}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{E9362554-24A8-4F65-9C5D-F5734CF0F8D6}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{96EB1062-E4B8-4896-BA17-C23C683661E5}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{F1EB09FE-16D4-4B8B-92EF-7BF42EF48659}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
CustomCLSID: HKU\S-1-5-21-921242894-1989990284-1724683343-1000_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\Jesús Saavedra\AppData\Local\Microsoft\Teams\current\Teams.exe => Ningún archivo
ShellExecuteHooks-x32: Sin Nombre - {E37CB5F0-51F5-4395-A808-5FA49E399026} -  -> Ningún archivo
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  -> Ningún archivo
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> Ningún archivo
ContextMenuHandlers1: [DropboxExt] -> [CC]{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} =>  -> Ningún archivo
ContextMenuHandlers1: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers2: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers4: [DropboxExt] -> [CC]{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} =>  -> Ningún archivo
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Ningún archivo
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> Ningún archivo
ContextMenuHandlers6: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers6: [RUShellExt] -> [CC]{2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} =>  -> Ningún archivo

HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\MountPoints2: {25113309-83ff-11eb-afaa-047d7b0ddb38} - "E:\IDDApp.exe" 
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 

2015-03-31 04:14 - 2015-03-31 04:14 - 000005655 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\aTc838ba8Cr1dirnHZk2UfF7x
2015-03-31 04:14 - 2015-03-31 04:14 - 000004387 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\NX8DdnnvtqOBLE9F
2021-09-29 13:37 - 2021-09-29 13:37 - 000000015 _____ () C:\Users\Jesús Saavedra\AppData\Roaming\obs-virtualcam.txt
2013-05-11 23:12 - 2018-02-20 13:00 - 000000385 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\Rim.Desktop.Exception.log
2013-05-11 21:45 - 2013-05-12 04:35 - 000002257 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2013-05-11 23:12 - 2018-02-20 13:00 - 000000385 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\Rim.DesktopHelper.Exception.log
2014-12-05 16:02 - 2014-11-30 13:11 - 000109120 _RSHC (Un4seen Developments) C:\Users\Jesús Saavedra\AppData\Roaming\Microsoft\clog.txt
2018-04-01 14:25 - 2018-04-01 14:25 - 000000003 _____ () C:\Users\Jesús Saavedra\AppData\Local\wbem.ini

Guest (S-1-5-21-921242894-1989990284-1724683343-501 - Limited - Disabled) => C:\Users\Guest <==== ATENCIÓN
HomeGroupUser$ (S-1-5-21-921242894-1989990284-1724683343-1002 - Limited - Enabled) => C:\Users\HomeGroupUser$ <==== ATENCIÓN

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Inicio^RealTimes.lnk => C:\windows\pss\RealTimes.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Jesús Saavedra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jesús Saavedra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk => C:\windows\pss\Facebook Messenger.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jesús Saavedra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Speed Launcher => 1423670928
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AppleIEDAV => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: ares => "C:\Program Files (x86)\Ares\Ares.exe" -h
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: BlackBerryAutoUpdate => C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
MSCONFIG\startupreg: com.apple.dav.bookmarks.daemon => C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
MSCONFIG\startupreg: Facebook Update => "C:\Users\Jesús Saavedra\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HSON => %ProgramFiles%\TOSHIBA\TBS\HSON.exe
MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Samsung Common SM => "C:\windows\Samsung\ComSMMgr\ssmmgr.exe" /autorun
MSCONFIG\startupreg: SkyDrive => "C:\Users\Jesús Saavedra\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: ToshibaAppPlace => "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
MSCONFIG\startupreg: ToshibaServiceStation => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
MSCONFIG\startupreg: TosWaitSrv => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe
MSCONFIG\startupreg: Uninstall C: => 
MSCONFIG\startupreg: uTorrent => "C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
HKU\S-1-5-21-921242894-1989990284-1724683343-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-921242894-1989990284-1724683343-1003\...\StartupApproved\Run: => "OneDriveSetup"

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-921242894-1989990284-1724683343-1000 -> {B351D155-F565-4E71-9B34-7EBFD4C442F8} URL = 
SearchScopes: HKU\S-1-5-21-921242894-1989990284-1724683343-1003 -> {B351D155-F565-4E71-9B34-7EBFD4C442F8} URL = 

EmptyEventLogs:

CMD: DISM /Online /Cleanup-image /Restorehealth
CMD: sfc /scannow
CMD: winmgmt /salvagerepository
CMD: winmgmt /verifyrepository
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R

End::
```
[/quote]


*****************

Procesos cerrados correctamente.
SystemRestore: On => Error -> 3%
CreateRestorePoint: Error(1=3%) -> Error al crear un punto de restauración.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4C1E0492-9D6D-44E5-A237-C75017294B41}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C1E0492-9D6D-44E5-A237-C75017294B41}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => eliminado correctamente
Administrator (S-1-5-21-921242894-1989990284-1724683343-500 - Administrator - Disabled) => C:\Users\Administrator <==== ATENCIÓN => No será eliminado con FRST.
Guest (S-1-5-21-921242894-1989990284-1724683343-501 - Limited - Disabled) => C:\Users\Guest <==== ATENCIÓN => No será eliminado con FRST.
HomeGroupUser$ (S-1-5-21-921242894-1989990284-1724683343-1002 - Limited - Enabled) => C:\Users\HomeGroupUser$ <==== ATENCIÓN => No será eliminado con FRST.
HKLM\System\CurrentControlSet\Services\ccleaner => eliminado correctamente
ccleaner => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\ccleanerm => eliminado correctamente
ccleanerm => servicio eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C1E0492-9D6D-44E5-A237-C75017294B41}" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => no encontrado
HKLM\Software\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin => eliminado correctamente
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922 => eliminado correctamente
HKLM\Software\Wow6432Node\MozillaPlugins\@update.ccleanerbrowser.com/CCleaner Browser;version=3 => eliminado correctamente
HKLM\Software\Wow6432Node\MozillaPlugins\@update.ccleanerbrowser.com/CCleaner Browser;version=9 => eliminado correctamente
HKU\.DEFAULT\Software\MozillaPlugins\gastecnologia.com.br/sf/bdv => eliminado correctamente
"C:\WINDOWS\system32\config\systemprofile\AppData\Local\GAS Tecnologia\GBBD\npsf_bdv.dll" => no encontrado
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\Software\MozillaPlugins\@tools.google.com/Google Update;version=3 => eliminado correctamente
"C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll" => no encontrado
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\Software\MozillaPlugins\@tools.google.com/Google Update;version=9 => eliminado correctamente
"C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll" => no encontrado
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo) => Error: Ninguna corrección automática encontrada para esta entrada.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7AF5CAD7-256D-4F50-BD14-106F74BD1749}C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B9DE6107-A39E-48D0-A3F2-B855A2E381D2}C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0A7EDECA-91D0-4808-B036-78BC39E26938}" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{341A0E4F-1372-4F4C-9F04-91A88064FD4D}" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FBE8B812-4FB4-4442-AE14-2CFBAA1EB656}" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E9362554-24A8-4F65-9C5D-F5734CF0F8D6}" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{96EB1062-E4B8-4896-BA17-C23C683661E5}" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F1EB09FE-16D4-4B8B-92EF-7BF42EF48659}" => eliminado correctamente
HKU\S-1-5-21-921242894-1989990284-1724683343-1000_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a} => eliminado correctamente
"HKLM\Software\Wow6432Node{E37CB5F0-51F5-4395-A808-5FA49E399026}" => no encontrado
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Adobe.Acrobat.ContextMenu => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\DropboxExt => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\LavasoftShellExt => eliminado correctamente
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\LavasoftShellExt => eliminado correctamente
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\DropboxExt => eliminado correctamente
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => eliminado correctamente
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Adobe.Acrobat.ContextMenu => eliminado correctamente
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\LavasoftShellExt => eliminado correctamente
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\RUShellExt => eliminado correctamente
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}" => eliminado correctamente
"HKU\S-1-5-21-921242894-1989990284-1724683343-1000\Software\Mozilla\Firefox\Extensions\\{87F8774F-B485-47E2-A755-A40A8A5E8877}" => eliminado correctamente
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\SOFTWARE\Google\Chrome\Extensions\odifdffdmeannfboglpliamjmoggdmci => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C1E0492-9D6D-44E5-A237-C75017294B41}" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => no encontrado
HKLM\Software\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin => no encontrado
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922 => no encontrado
HKLM\Software\Wow6432Node\MozillaPlugins\@update.ccleanerbrowser.com/CCleaner Browser;version=3 => no encontrado
HKLM\Software\Wow6432Node\MozillaPlugins\@update.ccleanerbrowser.com/CCleaner Browser;version=9 => no encontrado
HKU\.DEFAULT\Software\MozillaPlugins\gastecnologia.com.br/sf/bdv => no encontrado
"C:\WINDOWS\system32\config\systemprofile\AppData\Local\GAS Tecnologia\GBBD\npsf_bdv.dll" => no encontrado
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\Software\MozillaPlugins\@tools.google.com/Google Update;version=3 => no encontrado
"C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll" => no encontrado
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\Software\MozillaPlugins\@tools.google.com/Google Update;version=9 => no encontrado
"C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll" => no encontrado
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo) => Error: Ninguna corrección automática encontrada para esta entrada.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7AF5CAD7-256D-4F50-BD14-106F74BD1749}C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe" => no encontrado
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B9DE6107-A39E-48D0-A3F2-B855A2E381D2}C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe" => no encontrado
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0A7EDECA-91D0-4808-B036-78BC39E26938}" => no encontrado
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{341A0E4F-1372-4F4C-9F04-91A88064FD4D}" => no encontrado
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FBE8B812-4FB4-4442-AE14-2CFBAA1EB656}" => no encontrado
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E9362554-24A8-4F65-9C5D-F5734CF0F8D6}" => no encontrado
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{96EB1062-E4B8-4896-BA17-C23C683661E5}" => no encontrado
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F1EB09FE-16D4-4B8B-92EF-7BF42EF48659}" => no encontrado
HKU\S-1-5-21-921242894-1989990284-1724683343-1000_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a} => no encontrado
"HKLM\Software\Wow6432Node{E37CB5F0-51F5-4395-A808-5FA49E399026}" => no encontrado
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay => no encontrado
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Adobe.Acrobat.ContextMenu => no encontrado
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\DropboxExt => no encontrado
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\LavasoftShellExt => no encontrado
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\LavasoftShellExt => no encontrado
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\DropboxExt => no encontrado
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => no encontrado
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Adobe.Acrobat.ContextMenu => no encontrado
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\LavasoftShellExt => no encontrado
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\RUShellExt => no encontrado
"HKU\S-1-5-21-921242894-1989990284-1724683343-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => eliminado correctamente
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{25113309-83ff-11eb-afaa-047d7b0ddb38} => eliminado correctamente
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => eliminado correctamente
C:\Users\Jesús Saavedra\AppData\Roaming\aTc838ba8Cr1dirnHZk2UfF7x => movido correctamente
"C:\Users\Jesús Saavedra\AppData\Roaming\NX8DdnnvtqOBLE9F" => no encontrado
C:\Users\Jesús Saavedra\AppData\Roaming\obs-virtualcam.txt => movido correctamente
C:\Users\Jesús Saavedra\AppData\Roaming\Rim.Desktop.Exception.log => movido correctamente
C:\Users\Jesús Saavedra\AppData\Roaming\Rim.Desktop.HttpServerSetup.log => movido correctamente
C:\Users\Jesús Saavedra\AppData\Roaming\Rim.DesktopHelper.Exception.log => movido correctamente
C:\Users\Jesús Saavedra\AppData\Roaming\Microsoft\clog.txt => movido correctamente
C:\Users\Jesús Saavedra\AppData\Local\wbem.ini => movido correctamente
Guest (S-1-5-21-921242894-1989990284-1724683343-501 - Limited - Disabled) => C:\Users\Guest <==== ATENCIÓN => No será eliminado con FRST.
HomeGroupUser$ (S-1-5-21-921242894-1989990284-1724683343-1002 - Limited - Enabled) => C:\Users\HomeGroupUser$ <==== ATENCIÓN => No será eliminado con FRST.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Inicio^RealTimes.lnk => eliminado correctamente
C:\windows\pss\RealTimes.lnk.CommonStartup => movido correctamente
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => eliminado correctamente
C:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup => movido correctamente
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Jesús Saavedra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => eliminado correctamente
C:\windows\pss\Dropbox.lnk.Startup => movido correctamente
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Jesús Saavedra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk => eliminado correctamente
C:\windows\pss\Facebook Messenger.lnk.Startup => movido correctamente
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Jesús Saavedra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => eliminado correctamente
C:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup => movido correctamente
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Acrobat Assistant 8.0 => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Speed Launcher => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0 => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AppleIEDAV => no encontrado
HKLM\System\CurrentControlSet\Services\AppleIEDAV => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ApplePhotoStreams => no encontrado
HKLM\System\CurrentControlSet\Services\ApplePhotoStreams => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ares => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Autodesk Sync => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BlackBerryAutoUpdate => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\com.apple.dav.bookmarks.daemon => no encontrado
HKLM\System\CurrentControlSet\Services\com.apple.dav.bookmarks.daemon => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Desktop Search => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GoogleDriveSync => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HSON => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\iCloudDrive => no encontrado
HKLM\System\CurrentControlSet\Services\iCloudDrive => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\iCloudServices => no encontrado
HKLM\System\CurrentControlSet\Services\iCloudServices => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NortonOnlineBackupReminder => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Samsung Common SM => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SkyDrive => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spybot-S&D Cleaning => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ToshibaAppPlace => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ToshibaServiceStation => no encontrado
HKLM\System\CurrentControlSet\Services\ToshibaServiceStation => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TosWaitSrv => eliminado correctamente
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSCONFIG\startupreg: Uninstall C: =>" => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent => eliminado correctamente
"HKU\S-1-5-21-921242894-1989990284-1724683343-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\OneDrive" => eliminado correctamente
"HKU\S-1-5-21-921242894-1989990284-1724683343-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\OneDrive" => eliminado correctamente
"HKU\S-1-5-21-921242894-1989990284-1724683343-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\OneDriveSetup" => eliminado correctamente
"HKU\S-1-5-21-921242894-1989990284-1724683343-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\OneDriveSetup" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => eliminado correctamente
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B351D155-F565-4E71-9B34-7EBFD4C442F8} => eliminado correctamente
HKU\S-1-5-21-921242894-1989990284-1724683343-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B351D155-F565-4E71-9B34-7EBFD4C442F8} => eliminado correctamente

=========== EmptyEventLogs: ==========

1229 Event logs cleared. 


================================

========= DISM /Online /Cleanup-image /Restorehealth =========


Fixing is terminated due to reaching maximum fixing time of 60 minutes. <==== ATENCIÓN

Ahora pegaré el log del archivo con nombre extraño:

CloseProcesses:
SystemRestore: On
CreateRestorePoint:
Emptytemp:
Task: {4C1E0492-9D6D-44E5-A237-C75017294B41} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN
Administrator (S-1-5-21-921242894-1989990284-1724683343-500 - Administrator - Disabled) => C:\Users\Administrator <==== ATENCIÓN
Guest (S-1-5-21-921242894-1989990284-1724683343-501 - Limited - Disabled) => C:\Users\Guest <==== ATENCIÓN
HomeGroupUser$ (S-1-5-21-921242894-1989990284-1724683343-1002 - Limited - Enabled) => C:\Users\HomeGroupUser$ <==== ATENCIÓN
S2 ccleaner; "C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe" /svc [X]
S3 ccleanerm; "C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe" /medsvc [X]
Task: {4C1E0492-9D6D-44E5-A237-C75017294B41} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [Ningún archivo]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Ningún archivo]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1990.6\npCCleanerBrowserUpdate3.dll [Ningún archivo]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1990.6\npCCleanerBrowserUpdate3.dll [Ningún archivo]
FF Plugin HKU\.DEFAULT: gastecnologia.com.br/sf/bdv -> C:\WINDOWS\system32\config\systemprofile\AppData\Local\GAS Tecnologia\GBBD\npsf_bdv.dll [Ningún archivo]
FF Plugin HKU\S-1-5-21-921242894-1989990284-1724683343-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [Ningún archivo]
FF Plugin HKU\S-1-5-21-921242894-1989990284-1724683343-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [Ningún archivo]
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo)
FirewallRules: [TCP Query User{7AF5CAD7-256D-4F50-BD14-106F74BD1749}C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe => Ningún archivo
FirewallRules: [UDP Query User{B9DE6107-A39E-48D0-A3F2-B855A2E381D2}C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe => Ningún archivo
FirewallRules: [{0A7EDECA-91D0-4808-B036-78BC39E26938}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{341A0E4F-1372-4F4C-9F04-91A88064FD4D}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{FBE8B812-4FB4-4442-AE14-2CFBAA1EB656}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{E9362554-24A8-4F65-9C5D-F5734CF0F8D6}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{96EB1062-E4B8-4896-BA17-C23C683661E5}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{F1EB09FE-16D4-4B8B-92EF-7BF42EF48659}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
CustomCLSID: HKU\S-1-5-21-921242894-1989990284-1724683343-1000_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\Jesús Saavedra\AppData\Local\Microsoft\Teams\current\Teams.exe => Ningún archivo
ShellExecuteHooks-x32: Sin Nombre - {E37CB5F0-51F5-4395-A808-5FA49E399026} -  -> Ningún archivo
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  -> Ningún archivo
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> Ningún archivo
ContextMenuHandlers1: [DropboxExt] -> [CC]{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} =>  -> Ningún archivo
ContextMenuHandlers1: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers2: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers4: [DropboxExt] -> [CC]{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} =>  -> Ningún archivo
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Ningún archivo
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> Ningún archivo
ContextMenuHandlers6: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers6: [RUShellExt] -> [CC]{2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} =>  -> Ningún archivo
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => no encontrado
FF HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8877}] - C:\Users\Jesús Saavedra\AppData\Local\GAS Tecnologia\GBBD\bdv\xpi => no encontrado
CHR HKU\S-1-5-21-921242894-1989990284-1724683343-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [odifdffdmeannfboglpliamjmoggdmci] - C:\Users\Jesús Saavedra\AppData\Local\GAS Tecnologia\GBBD\bdv\sf.crx <no encontrado>
Task: {4C1E0492-9D6D-44E5-A237-C75017294B41} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [Ningún archivo]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Ningún archivo]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1990.6\npCCleanerBrowserUpdate3.dll [Ningún archivo]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1990.6\npCCleanerBrowserUpdate3.dll [Ningún archivo]
FF Plugin HKU\.DEFAULT: gastecnologia.com.br/sf/bdv -> C:\WINDOWS\system32\config\systemprofile\AppData\Local\GAS Tecnologia\GBBD\npsf_bdv.dll [Ningún archivo]
FF Plugin HKU\S-1-5-21-921242894-1989990284-1724683343-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [Ningún archivo]
FF Plugin HKU\S-1-5-21-921242894-1989990284-1724683343-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [Ningún archivo]
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo)
FirewallRules: [TCP Query User{7AF5CAD7-256D-4F50-BD14-106F74BD1749}C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe => Ningún archivo
FirewallRules: [UDP Query User{B9DE6107-A39E-48D0-A3F2-B855A2E381D2}C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe => Ningún archivo
FirewallRules: [{0A7EDECA-91D0-4808-B036-78BC39E26938}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{341A0E4F-1372-4F4C-9F04-91A88064FD4D}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{FBE8B812-4FB4-4442-AE14-2CFBAA1EB656}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{E9362554-24A8-4F65-9C5D-F5734CF0F8D6}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{96EB1062-E4B8-4896-BA17-C23C683661E5}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{F1EB09FE-16D4-4B8B-92EF-7BF42EF48659}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
CustomCLSID: HKU\S-1-5-21-921242894-1989990284-1724683343-1000_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\Jesús Saavedra\AppData\Local\Microsoft\Teams\current\Teams.exe => Ningún archivo
ShellExecuteHooks-x32: Sin Nombre - {E37CB5F0-51F5-4395-A808-5FA49E399026} -  -> Ningún archivo
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  -> Ningún archivo
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> Ningún archivo
ContextMenuHandlers1: [DropboxExt] -> [CC]{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} =>  -> Ningún archivo
ContextMenuHandlers1: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers2: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers4: [DropboxExt] -> [CC]{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} =>  -> Ningún archivo
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Ningún archivo
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> Ningún archivo
ContextMenuHandlers6: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers6: [RUShellExt] -> [CC]{2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} =>  -> Ningún archivo
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\MountPoints2: {25113309-83ff-11eb-afaa-047d7b0ddb38} - "E:\IDDApp.exe" 
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
2015-03-31 04:14 - 2015-03-31 04:14 - 000005655 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\aTc838ba8Cr1dirnHZk2UfF7x
2015-03-31 04:14 - 2015-03-31 04:14 - 000004387 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\NX8DdnnvtqOBLE9F
2021-09-29 13:37 - 2021-09-29 13:37 - 000000015 _____ () C:\Users\Jesús Saavedra\AppData\Roaming\obs-virtualcam.txt
2013-05-11 23:12 - 2018-02-20 13:00 - 000000385 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\Rim.Desktop.Exception.log
2013-05-11 21:45 - 2013-05-12 04:35 - 000002257 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2013-05-11 23:12 - 2018-02-20 13:00 - 000000385 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\Rim.DesktopHelper.Exception.log
2014-12-05 16:02 - 2014-11-30 13:11 - 000109120 _RSHC (Un4seen Developments) C:\Users\Jesús Saavedra\AppData\Roaming\Microsoft\clog.txt
2018-04-01 14:25 - 2018-04-01 14:25 - 000000003 _____ () C:\Users\Jesús Saavedra\AppData\Local\wbem.ini
Guest (S-1-5-21-921242894-1989990284-1724683343-501 - Limited - Disabled) => C:\Users\Guest <==== ATENCIÓN
HomeGroupUser$ (S-1-5-21-921242894-1989990284-1724683343-1002 - Limited - Enabled) => C:\Users\HomeGroupUser$ <==== ATENCIÓN
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Inicio^RealTimes.lnk => C:\windows\pss\RealTimes.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Jesús Saavedra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jesús Saavedra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk => C:\windows\pss\Facebook Messenger.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jesús Saavedra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Speed Launcher => 1423670928
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AppleIEDAV => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: ares => "C:\Program Files (x86)\Ares\Ares.exe" -h
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: BlackBerryAutoUpdate => C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
MSCONFIG\startupreg: com.apple.dav.bookmarks.daemon => C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
MSCONFIG\startupreg: Facebook Update => "C:\Users\Jesús Saavedra\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HSON => %ProgramFiles%\TOSHIBA\TBS\HSON.exe
MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Samsung Common SM => "C:\windows\Samsung\ComSMMgr\ssmmgr.exe" /autorun
MSCONFIG\startupreg: SkyDrive => "C:\Users\Jesús Saavedra\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: ToshibaAppPlace => "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
MSCONFIG\startupreg: ToshibaServiceStation => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
MSCONFIG\startupreg: TosWaitSrv => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe
MSCONFIG\startupreg: Uninstall C: => 
MSCONFIG\startupreg: uTorrent => "C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
HKU\S-1-5-21-921242894-1989990284-1724683343-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-921242894-1989990284-1724683343-1003\...\StartupApproved\Run: => "OneDriveSetup"
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-921242894-1989990284-1724683343-1000 -> {B351D155-F565-4E71-9B34-7EBFD4C442F8} URL = 
SearchScopes: HKU\S-1-5-21-921242894-1989990284-1724683343-1003 -> {B351D155-F565-4E71-9B34-7EBFD4C442F8} URL = 
EmptyEventLogs:
CMD: DISM /Online /Cleanup-image /Restorehealth
CMD: sfc /scannow
CMD: winmgmt /salvagerepository
CMD: winmgmt /verifyrepository
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R

furtivex · 5 Septiembre, 2025 23:41

Hola @socgom

Intente corregirlo de nuevo, pero use el botón de copiar que se encuentra aquí para copiarlo al portapapeles antes de presionar el botón “Reparar”. Parece que se resaltó incorrectamente y se agotó el tiempo de espera después de 60 minutos.

El archivo extraño también es de FRST. Es un archivo temporal, por lo que sé. Estoy bastante seguro de que se eliminará una vez que se complete la reparación.

socgom · 6 Septiembre, 2025 17:24

Saludos @furtivex, siguiendo la indicación tal cual, utilicé el botón de copiar al portapapeles, y luego ejecutar en modo administrador el Farbar Scan Tool, pulsando después el botón Corregir, me generó este registro que pego a continuación

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 21-08-2025
Ejecutado por Jesús I. Saavedra (06-09-2025 11:56:50) Run:2
Ejecutado desde C:\Users\Jesús Saavedra\Desktop
Perfiles cargados: Jesús I. Saavedra & Temporal Europa & DevToolsUser
Modo de Inicio: Normal
==============================================

fixlist contenido:
*****************
start::
CloseProcesses:

SystemRestore: On
CreateRestorePoint:

Emptytemp:


Task: {4C1E0492-9D6D-44E5-A237-C75017294B41} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN
Administrator (S-1-5-21-921242894-1989990284-1724683343-500 - Administrator - Disabled) => C:\Users\Administrator <==== ATENCIÓN
Guest (S-1-5-21-921242894-1989990284-1724683343-501 - Limited - Disabled) => C:\Users\Guest <==== ATENCIÓN
HomeGroupUser$ (S-1-5-21-921242894-1989990284-1724683343-1002 - Limited - Enabled) => C:\Users\HomeGroupUser$ <==== ATENCIÓN
S2 ccleaner; "C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe" /svc [X]
S3 ccleanerm; "C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe" /medsvc [X]
Task: {4C1E0492-9D6D-44E5-A237-C75017294B41} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [Ningún archivo]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Ningún archivo]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1990.6\npCCleanerBrowserUpdate3.dll [Ningún archivo]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1990.6\npCCleanerBrowserUpdate3.dll [Ningún archivo]
FF Plugin HKU\.DEFAULT: gastecnologia.com.br/sf/bdv -> C:\WINDOWS\system32\config\systemprofile\AppData\Local\GAS Tecnologia\GBBD\npsf_bdv.dll [Ningún archivo]
FF Plugin HKU\S-1-5-21-921242894-1989990284-1724683343-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [Ningún archivo]
FF Plugin HKU\S-1-5-21-921242894-1989990284-1724683343-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [Ningún archivo]
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo)
FirewallRules: [TCP Query User{7AF5CAD7-256D-4F50-BD14-106F74BD1749}C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe => Ningún archivo
FirewallRules: [UDP Query User{B9DE6107-A39E-48D0-A3F2-B855A2E381D2}C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe => Ningún archivo
FirewallRules: [{0A7EDECA-91D0-4808-B036-78BC39E26938}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{341A0E4F-1372-4F4C-9F04-91A88064FD4D}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{FBE8B812-4FB4-4442-AE14-2CFBAA1EB656}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{E9362554-24A8-4F65-9C5D-F5734CF0F8D6}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{96EB1062-E4B8-4896-BA17-C23C683661E5}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{F1EB09FE-16D4-4B8B-92EF-7BF42EF48659}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
CustomCLSID: HKU\S-1-5-21-921242894-1989990284-1724683343-1000_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\Jesús Saavedra\AppData\Local\Microsoft\Teams\current\Teams.exe => Ningún archivo
ShellExecuteHooks-x32: Sin Nombre - {E37CB5F0-51F5-4395-A808-5FA49E399026} -  -> Ningún archivo
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  -> Ningún archivo
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> Ningún archivo
ContextMenuHandlers1: [DropboxExt] -> [CC]{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} =>  -> Ningún archivo
ContextMenuHandlers1: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers2: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers4: [DropboxExt] -> [CC]{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} =>  -> Ningún archivo
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Ningún archivo
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> Ningún archivo
ContextMenuHandlers6: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers6: [RUShellExt] -> [CC]{2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} =>  -> Ningún archivo
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => no encontrado
FF HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8877}] - C:\Users\Jesús Saavedra\AppData\Local\GAS Tecnologia\GBBD\bdv\xpi => no encontrado
CHR HKU\S-1-5-21-921242894-1989990284-1724683343-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [odifdffdmeannfboglpliamjmoggdmci] - C:\Users\Jesús Saavedra\AppData\Local\GAS Tecnologia\GBBD\bdv\sf.crx <no encontrado>
Task: {4C1E0492-9D6D-44E5-A237-C75017294B41} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [Ningún archivo]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Ningún archivo]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1990.6\npCCleanerBrowserUpdate3.dll [Ningún archivo]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1990.6\npCCleanerBrowserUpdate3.dll [Ningún archivo]
FF Plugin HKU\.DEFAULT: gastecnologia.com.br/sf/bdv -> C:\WINDOWS\system32\config\systemprofile\AppData\Local\GAS Tecnologia\GBBD\npsf_bdv.dll [Ningún archivo]
FF Plugin HKU\S-1-5-21-921242894-1989990284-1724683343-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [Ningún archivo]
FF Plugin HKU\S-1-5-21-921242894-1989990284-1724683343-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [Ningún archivo]
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo)
FirewallRules: [TCP Query User{7AF5CAD7-256D-4F50-BD14-106F74BD1749}C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe => Ningún archivo
FirewallRules: [UDP Query User{B9DE6107-A39E-48D0-A3F2-B855A2E381D2}C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe => Ningún archivo
FirewallRules: [{0A7EDECA-91D0-4808-B036-78BC39E26938}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{341A0E4F-1372-4F4C-9F04-91A88064FD4D}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{FBE8B812-4FB4-4442-AE14-2CFBAA1EB656}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{E9362554-24A8-4F65-9C5D-F5734CF0F8D6}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{96EB1062-E4B8-4896-BA17-C23C683661E5}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{F1EB09FE-16D4-4B8B-92EF-7BF42EF48659}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
CustomCLSID: HKU\S-1-5-21-921242894-1989990284-1724683343-1000_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\Jesús Saavedra\AppData\Local\Microsoft\Teams\current\Teams.exe => Ningún archivo
ShellExecuteHooks-x32: Sin Nombre - {E37CB5F0-51F5-4395-A808-5FA49E399026} -  -> Ningún archivo
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  -> Ningún archivo
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> Ningún archivo
ContextMenuHandlers1: [DropboxExt] -> [CC]{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} =>  -> Ningún archivo
ContextMenuHandlers1: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers2: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers4: [DropboxExt] -> [CC]{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} =>  -> Ningún archivo
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Ningún archivo
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> Ningún archivo
ContextMenuHandlers6: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers6: [RUShellExt] -> [CC]{2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} =>  -> Ningún archivo

HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\MountPoints2: {25113309-83ff-11eb-afaa-047d7b0ddb38} - "E:\IDDApp.exe" 
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 

2015-03-31 04:14 - 2015-03-31 04:14 - 000005655 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\aTc838ba8Cr1dirnHZk2UfF7x
2015-03-31 04:14 - 2015-03-31 04:14 - 000004387 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\NX8DdnnvtqOBLE9F
2021-09-29 13:37 - 2021-09-29 13:37 - 000000015 _____ () C:\Users\Jesús Saavedra\AppData\Roaming\obs-virtualcam.txt
2013-05-11 23:12 - 2018-02-20 13:00 - 000000385 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\Rim.Desktop.Exception.log
2013-05-11 21:45 - 2013-05-12 04:35 - 000002257 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2013-05-11 23:12 - 2018-02-20 13:00 - 000000385 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\Rim.DesktopHelper.Exception.log
2014-12-05 16:02 - 2014-11-30 13:11 - 000109120 _RSHC (Un4seen Developments) C:\Users\Jesús Saavedra\AppData\Roaming\Microsoft\clog.txt
2018-04-01 14:25 - 2018-04-01 14:25 - 000000003 _____ () C:\Users\Jesús Saavedra\AppData\Local\wbem.ini

Guest (S-1-5-21-921242894-1989990284-1724683343-501 - Limited - Disabled) => C:\Users\Guest <==== ATENCIÓN
HomeGroupUser$ (S-1-5-21-921242894-1989990284-1724683343-1002 - Limited - Enabled) => C:\Users\HomeGroupUser$ <==== ATENCIÓN

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Inicio^RealTimes.lnk => C:\windows\pss\RealTimes.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Jesús Saavedra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jesús Saavedra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk => C:\windows\pss\Facebook Messenger.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jesús Saavedra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Speed Launcher => 1423670928
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AppleIEDAV => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: ares => "C:\Program Files (x86)\Ares\Ares.exe" -h
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: BlackBerryAutoUpdate => C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
MSCONFIG\startupreg: com.apple.dav.bookmarks.daemon => C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
MSCONFIG\startupreg: Facebook Update => "C:\Users\Jesús Saavedra\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HSON => %ProgramFiles%\TOSHIBA\TBS\HSON.exe
MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Samsung Common SM => "C:\windows\Samsung\ComSMMgr\ssmmgr.exe" /autorun
MSCONFIG\startupreg: SkyDrive => "C:\Users\Jesús Saavedra\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: ToshibaAppPlace => "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
MSCONFIG\startupreg: ToshibaServiceStation => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
MSCONFIG\startupreg: TosWaitSrv => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe
MSCONFIG\startupreg: Uninstall C: => 
MSCONFIG\startupreg: uTorrent => "C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
HKU\S-1-5-21-921242894-1989990284-1724683343-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-921242894-1989990284-1724683343-1003\...\StartupApproved\Run: => "OneDriveSetup"

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-921242894-1989990284-1724683343-1000 -> {B351D155-F565-4E71-9B34-7EBFD4C442F8} URL = 
SearchScopes: HKU\S-1-5-21-921242894-1989990284-1724683343-1003 -> {B351D155-F565-4E71-9B34-7EBFD4C442F8} URL = 

EmptyEventLogs:

CMD: DISM /Online /Cleanup-image /Restorehealth
CMD: sfc /scannow
CMD: winmgmt /salvagerepository
CMD: winmgmt /verifyrepository
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R

End::
*****************

Procesos cerrados correctamente.
SystemRestore: On => Error -> 3%
CreateRestorePoint: Error(1=3%) -> Error al crear un punto de restauración.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C1E0492-9D6D-44E5-A237-C75017294B41}" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => no encontrado
Administrator (S-1-5-21-921242894-1989990284-1724683343-500 - Administrator - Disabled) => C:\Users\Administrator <==== ATENCIÓN => No será eliminado con FRST.
Guest (S-1-5-21-921242894-1989990284-1724683343-501 - Limited - Disabled) => C:\Users\Guest <==== ATENCIÓN => No será eliminado con FRST.
HomeGroupUser$ (S-1-5-21-921242894-1989990284-1724683343-1002 - Limited - Enabled) => C:\Users\HomeGroupUser$ <==== ATENCIÓN => No será eliminado con FRST.
ccleaner => servicio no encontrado.
ccleanerm => servicio no encontrado.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C1E0492-9D6D-44E5-A237-C75017294B41}" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => no encontrado
HKLM\Software\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin => no encontrado
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922 => no encontrado
HKLM\Software\Wow6432Node\MozillaPlugins\@update.ccleanerbrowser.com/CCleaner Browser;version=3 => no encontrado
HKLM\Software\Wow6432Node\MozillaPlugins\@update.ccleanerbrowser.com/CCleaner Browser;version=9 => no encontrado
HKU\.DEFAULT\Software\MozillaPlugins\gastecnologia.com.br/sf/bdv => no encontrado
"C:\WINDOWS\system32\config\systemprofile\AppData\Local\GAS Tecnologia\GBBD\npsf_bdv.dll" => no encontrado
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\Software\MozillaPlugins\@tools.google.com/Google Update;version=3 => no encontrado
"C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll" => no encontrado
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\Software\MozillaPlugins\@tools.google.com/Google Update;version=9 => no encontrado
"C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll" => no encontrado
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo) => Error: Ninguna corrección automática encontrada para esta entrada.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7AF5CAD7-256D-4F50-BD14-106F74BD1749}C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe" => no encontrado
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B9DE6107-A39E-48D0-A3F2-B855A2E381D2}C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe" => no encontrado
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0A7EDECA-91D0-4808-B036-78BC39E26938}" => no encontrado
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{341A0E4F-1372-4F4C-9F04-91A88064FD4D}" => no encontrado
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FBE8B812-4FB4-4442-AE14-2CFBAA1EB656}" => no encontrado
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E9362554-24A8-4F65-9C5D-F5734CF0F8D6}" => no encontrado
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{96EB1062-E4B8-4896-BA17-C23C683661E5}" => no encontrado
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F1EB09FE-16D4-4B8B-92EF-7BF42EF48659}" => no encontrado
HKU\S-1-5-21-921242894-1989990284-1724683343-1000_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a} => no encontrado
"HKLM\Software\Wow6432Node{E37CB5F0-51F5-4395-A808-5FA49E399026}" => no encontrado
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay => no encontrado
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Adobe.Acrobat.ContextMenu => no encontrado
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\DropboxExt => no encontrado
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\LavasoftShellExt => no encontrado
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\LavasoftShellExt => no encontrado
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\DropboxExt => no encontrado
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => no encontrado
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Adobe.Acrobat.ContextMenu => no encontrado
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\LavasoftShellExt => no encontrado
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\RUShellExt => no encontrado
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}" => no encontrado
"HKU\S-1-5-21-921242894-1989990284-1724683343-1000\Software\Mozilla\Firefox\Extensions\\{87F8774F-B485-47E2-A755-A40A8A5E8877}" => no encontrado
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\SOFTWARE\Google\Chrome\Extensions\odifdffdmeannfboglpliamjmoggdmci => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C1E0492-9D6D-44E5-A237-C75017294B41}" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => no encontrado
HKLM\Software\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin => no encontrado
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922 => no encontrado
HKLM\Software\Wow6432Node\MozillaPlugins\@update.ccleanerbrowser.com/CCleaner Browser;version=3 => no encontrado
HKLM\Software\Wow6432Node\MozillaPlugins\@update.ccleanerbrowser.com/CCleaner Browser;version=9 => no encontrado
HKU\.DEFAULT\Software\MozillaPlugins\gastecnologia.com.br/sf/bdv => no encontrado
"C:\WINDOWS\system32\config\systemprofile\AppData\Local\GAS Tecnologia\GBBD\npsf_bdv.dll" => no encontrado
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\Software\MozillaPlugins\@tools.google.com/Google Update;version=3 => no encontrado
"C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll" => no encontrado
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\Software\MozillaPlugins\@tools.google.com/Google Update;version=9 => no encontrado
"C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll" => no encontrado
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo) => Error: Ninguna corrección automática encontrada para esta entrada.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7AF5CAD7-256D-4F50-BD14-106F74BD1749}C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe" => no encontrado
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B9DE6107-A39E-48D0-A3F2-B855A2E381D2}C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe" => no encontrado
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0A7EDECA-91D0-4808-B036-78BC39E26938}" => no encontrado
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{341A0E4F-1372-4F4C-9F04-91A88064FD4D}" => no encontrado
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FBE8B812-4FB4-4442-AE14-2CFBAA1EB656}" => no encontrado
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E9362554-24A8-4F65-9C5D-F5734CF0F8D6}" => no encontrado
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{96EB1062-E4B8-4896-BA17-C23C683661E5}" => no encontrado
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F1EB09FE-16D4-4B8B-92EF-7BF42EF48659}" => no encontrado
HKU\S-1-5-21-921242894-1989990284-1724683343-1000_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a} => no encontrado
"HKLM\Software\Wow6432Node{E37CB5F0-51F5-4395-A808-5FA49E399026}" => no encontrado
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay => no encontrado
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Adobe.Acrobat.ContextMenu => no encontrado
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\DropboxExt => no encontrado
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\LavasoftShellExt => no encontrado
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\LavasoftShellExt => no encontrado
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\DropboxExt => no encontrado
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => no encontrado
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Adobe.Acrobat.ContextMenu => no encontrado
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\LavasoftShellExt => no encontrado
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\RUShellExt => no encontrado
"HKU\S-1-5-21-921242894-1989990284-1724683343-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => no encontrado
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{25113309-83ff-11eb-afaa-047d7b0ddb38} => no encontrado
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2} => no encontrado
"C:\Users\Jesús Saavedra\AppData\Roaming\aTc838ba8Cr1dirnHZk2UfF7x" => no encontrado
"C:\Users\Jesús Saavedra\AppData\Roaming\NX8DdnnvtqOBLE9F" => no encontrado
"C:\Users\Jesús Saavedra\AppData\Roaming\obs-virtualcam.txt" => no encontrado
"C:\Users\Jesús Saavedra\AppData\Roaming\Rim.Desktop.Exception.log" => no encontrado
"C:\Users\Jesús Saavedra\AppData\Roaming\Rim.Desktop.HttpServerSetup.log" => no encontrado
"C:\Users\Jesús Saavedra\AppData\Roaming\Rim.DesktopHelper.Exception.log" => no encontrado
"C:\Users\Jesús Saavedra\AppData\Roaming\Microsoft\clog.txt" => no encontrado
"C:\Users\Jesús Saavedra\AppData\Local\wbem.ini" => no encontrado
Guest (S-1-5-21-921242894-1989990284-1724683343-501 - Limited - Disabled) => C:\Users\Guest <==== ATENCIÓN => No será eliminado con FRST.
HomeGroupUser$ (S-1-5-21-921242894-1989990284-1724683343-1002 - Limited - Enabled) => C:\Users\HomeGroupUser$ <==== ATENCIÓN => No será eliminado con FRST.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Inicio^RealTimes.lnk => no encontrado
"C:\windows\pss\RealTimes.lnk.CommonStartup" => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => no encontrado
"C:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup" => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Jesús Saavedra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => no encontrado
"C:\windows\pss\Dropbox.lnk.Startup" => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Jesús Saavedra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk => no encontrado
"C:\windows\pss\Facebook Messenger.lnk.Startup" => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Jesús Saavedra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => no encontrado
"C:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup" => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Acrobat Assistant 8.0 => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Speed Launcher => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0 => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AppleIEDAV => no encontrado
HKLM\System\CurrentControlSet\Services\AppleIEDAV => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ApplePhotoStreams => no encontrado
HKLM\System\CurrentControlSet\Services\ApplePhotoStreams => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ares => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Autodesk Sync => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BlackBerryAutoUpdate => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\com.apple.dav.bookmarks.daemon => no encontrado
HKLM\System\CurrentControlSet\Services\com.apple.dav.bookmarks.daemon => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Desktop Search => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GoogleDriveSync => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HSON => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\iCloudDrive => no encontrado
HKLM\System\CurrentControlSet\Services\iCloudDrive => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\iCloudServices => no encontrado
HKLM\System\CurrentControlSet\Services\iCloudServices => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NortonOnlineBackupReminder => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Samsung Common SM => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SkyDrive => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spybot-S&D Cleaning => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ToshibaAppPlace => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ToshibaServiceStation => no encontrado
HKLM\System\CurrentControlSet\Services\ToshibaServiceStation => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TosWaitSrv => no encontrado
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSCONFIG\startupreg: Uninstall C: =>" => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent => no encontrado
"HKU\S-1-5-21-921242894-1989990284-1724683343-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\OneDrive" => no encontrado
"HKU\S-1-5-21-921242894-1989990284-1724683343-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\OneDrive" => no encontrado
"HKU\S-1-5-21-921242894-1989990284-1724683343-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\OneDriveSetup" => no encontrado
"HKU\S-1-5-21-921242894-1989990284-1724683343-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\OneDriveSetup" => no encontrado
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => no encontrado
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B351D155-F565-4E71-9B34-7EBFD4C442F8} => no encontrado
HKU\S-1-5-21-921242894-1989990284-1724683343-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B351D155-F565-4E71-9B34-7EBFD4C442F8} => no encontrado

=========== EmptyEventLogs: ==========

1229 Event logs cleared. 


================================

========= DISM /Online /Cleanup-image /Restorehealth =========


Fixing is terminated due to reaching maximum fixing time of 60 minutes. <==== ATENCIÓN

También se creó otro archivo temporal, de nombre nbrwmwcgxr.txt, cuyo registro pego luego de este mensaje:

CloseProcesses:
SystemRestore: On
CreateRestorePoint:
Emptytemp:
Task: {4C1E0492-9D6D-44E5-A237-C75017294B41} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN
Administrator (S-1-5-21-921242894-1989990284-1724683343-500 - Administrator - Disabled) => C:\Users\Administrator <==== ATENCIÓN
Guest (S-1-5-21-921242894-1989990284-1724683343-501 - Limited - Disabled) => C:\Users\Guest <==== ATENCIÓN
HomeGroupUser$ (S-1-5-21-921242894-1989990284-1724683343-1002 - Limited - Enabled) => C:\Users\HomeGroupUser$ <==== ATENCIÓN
S2 ccleaner; "C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe" /svc [X]
S3 ccleanerm; "C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe" /medsvc [X]
Task: {4C1E0492-9D6D-44E5-A237-C75017294B41} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [Ningún archivo]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Ningún archivo]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1990.6\npCCleanerBrowserUpdate3.dll [Ningún archivo]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1990.6\npCCleanerBrowserUpdate3.dll [Ningún archivo]
FF Plugin HKU\.DEFAULT: gastecnologia.com.br/sf/bdv -> C:\WINDOWS\system32\config\systemprofile\AppData\Local\GAS Tecnologia\GBBD\npsf_bdv.dll [Ningún archivo]
FF Plugin HKU\S-1-5-21-921242894-1989990284-1724683343-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [Ningún archivo]
FF Plugin HKU\S-1-5-21-921242894-1989990284-1724683343-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [Ningún archivo]
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo)
FirewallRules: [TCP Query User{7AF5CAD7-256D-4F50-BD14-106F74BD1749}C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe => Ningún archivo
FirewallRules: [UDP Query User{B9DE6107-A39E-48D0-A3F2-B855A2E381D2}C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe => Ningún archivo
FirewallRules: [{0A7EDECA-91D0-4808-B036-78BC39E26938}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{341A0E4F-1372-4F4C-9F04-91A88064FD4D}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{FBE8B812-4FB4-4442-AE14-2CFBAA1EB656}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{E9362554-24A8-4F65-9C5D-F5734CF0F8D6}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{96EB1062-E4B8-4896-BA17-C23C683661E5}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{F1EB09FE-16D4-4B8B-92EF-7BF42EF48659}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
CustomCLSID: HKU\S-1-5-21-921242894-1989990284-1724683343-1000_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\Jesús Saavedra\AppData\Local\Microsoft\Teams\current\Teams.exe => Ningún archivo
ShellExecuteHooks-x32: Sin Nombre - {E37CB5F0-51F5-4395-A808-5FA49E399026} -  -> Ningún archivo
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  -> Ningún archivo
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> Ningún archivo
ContextMenuHandlers1: [DropboxExt] -> [CC]{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} =>  -> Ningún archivo
ContextMenuHandlers1: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers2: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers4: [DropboxExt] -> [CC]{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} =>  -> Ningún archivo
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Ningún archivo
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> Ningún archivo
ContextMenuHandlers6: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers6: [RUShellExt] -> [CC]{2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} =>  -> Ningún archivo
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => no encontrado
FF HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8877}] - C:\Users\Jesús Saavedra\AppData\Local\GAS Tecnologia\GBBD\bdv\xpi => no encontrado
CHR HKU\S-1-5-21-921242894-1989990284-1724683343-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [odifdffdmeannfboglpliamjmoggdmci] - C:\Users\Jesús Saavedra\AppData\Local\GAS Tecnologia\GBBD\bdv\sf.crx <no encontrado>
Task: {4C1E0492-9D6D-44E5-A237-C75017294B41} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [Ningún archivo]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Ningún archivo]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1990.6\npCCleanerBrowserUpdate3.dll [Ningún archivo]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1990.6\npCCleanerBrowserUpdate3.dll [Ningún archivo]
FF Plugin HKU\.DEFAULT: gastecnologia.com.br/sf/bdv -> C:\WINDOWS\system32\config\systemprofile\AppData\Local\GAS Tecnologia\GBBD\npsf_bdv.dll [Ningún archivo]
FF Plugin HKU\S-1-5-21-921242894-1989990284-1724683343-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [Ningún archivo]
FF Plugin HKU\S-1-5-21-921242894-1989990284-1724683343-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Jesús Saavedra\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [Ningún archivo]
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo)
FirewallRules: [TCP Query User{7AF5CAD7-256D-4F50-BD14-106F74BD1749}C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe => Ningún archivo
FirewallRules: [UDP Query User{B9DE6107-A39E-48D0-A3F2-B855A2E381D2}C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jesús saavedra\appdata\local\microsoft\teams\current\teams.exe => Ningún archivo
FirewallRules: [{0A7EDECA-91D0-4808-B036-78BC39E26938}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{341A0E4F-1372-4F4C-9F04-91A88064FD4D}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{FBE8B812-4FB4-4442-AE14-2CFBAA1EB656}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{E9362554-24A8-4F65-9C5D-F5734CF0F8D6}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{96EB1062-E4B8-4896-BA17-C23C683661E5}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{F1EB09FE-16D4-4B8B-92EF-7BF42EF48659}] => (Allow) C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
CustomCLSID: HKU\S-1-5-21-921242894-1989990284-1724683343-1000_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\Jesús Saavedra\AppData\Local\Microsoft\Teams\current\Teams.exe => Ningún archivo
ShellExecuteHooks-x32: Sin Nombre - {E37CB5F0-51F5-4395-A808-5FA49E399026} -  -> Ningún archivo
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  -> Ningún archivo
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> Ningún archivo
ContextMenuHandlers1: [DropboxExt] -> [CC]{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} =>  -> Ningún archivo
ContextMenuHandlers1: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers2: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers4: [DropboxExt] -> [CC]{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} =>  -> Ningún archivo
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Ningún archivo
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> Ningún archivo
ContextMenuHandlers6: [LavasoftShellExt] -> [CC]{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} =>  -> Ningún archivo
ContextMenuHandlers6: [RUShellExt] -> [CC]{2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} =>  -> Ningún archivo
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-921242894-1989990284-1724683343-1000\...\MountPoints2: {25113309-83ff-11eb-afaa-047d7b0ddb38} - "E:\IDDApp.exe" 
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
2015-03-31 04:14 - 2015-03-31 04:14 - 000005655 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\aTc838ba8Cr1dirnHZk2UfF7x
2015-03-31 04:14 - 2015-03-31 04:14 - 000004387 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\NX8DdnnvtqOBLE9F
2021-09-29 13:37 - 2021-09-29 13:37 - 000000015 _____ () C:\Users\Jesús Saavedra\AppData\Roaming\obs-virtualcam.txt
2013-05-11 23:12 - 2018-02-20 13:00 - 000000385 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\Rim.Desktop.Exception.log
2013-05-11 21:45 - 2013-05-12 04:35 - 000002257 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2013-05-11 23:12 - 2018-02-20 13:00 - 000000385 ____C () C:\Users\Jesús Saavedra\AppData\Roaming\Rim.DesktopHelper.Exception.log
2014-12-05 16:02 - 2014-11-30 13:11 - 000109120 _RSHC (Un4seen Developments) C:\Users\Jesús Saavedra\AppData\Roaming\Microsoft\clog.txt
2018-04-01 14:25 - 2018-04-01 14:25 - 000000003 _____ () C:\Users\Jesús Saavedra\AppData\Local\wbem.ini
Guest (S-1-5-21-921242894-1989990284-1724683343-501 - Limited - Disabled) => C:\Users\Guest <==== ATENCIÓN
HomeGroupUser$ (S-1-5-21-921242894-1989990284-1724683343-1002 - Limited - Enabled) => C:\Users\HomeGroupUser$ <==== ATENCIÓN
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Inicio^RealTimes.lnk => C:\windows\pss\RealTimes.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Jesús Saavedra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jesús Saavedra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk => C:\windows\pss\Facebook Messenger.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jesús Saavedra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Speed Launcher => 1423670928
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AppleIEDAV => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: ares => "C:\Program Files (x86)\Ares\Ares.exe" -h
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: BlackBerryAutoUpdate => C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
MSCONFIG\startupreg: com.apple.dav.bookmarks.daemon => C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
MSCONFIG\startupreg: Facebook Update => "C:\Users\Jesús Saavedra\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HSON => %ProgramFiles%\TOSHIBA\TBS\HSON.exe
MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Samsung Common SM => "C:\windows\Samsung\ComSMMgr\ssmmgr.exe" /autorun
MSCONFIG\startupreg: SkyDrive => "C:\Users\Jesús Saavedra\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: ToshibaAppPlace => "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
MSCONFIG\startupreg: ToshibaServiceStation => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
MSCONFIG\startupreg: TosWaitSrv => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe
MSCONFIG\startupreg: Uninstall C: => 
MSCONFIG\startupreg: uTorrent => "C:\Users\Jesús Saavedra\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
HKU\S-1-5-21-921242894-1989990284-1724683343-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-921242894-1989990284-1724683343-1003\...\StartupApproved\Run: => "OneDriveSetup"
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-921242894-1989990284-1724683343-1000 -> {B351D155-F565-4E71-9B34-7EBFD4C442F8} URL = 
SearchScopes: HKU\S-1-5-21-921242894-1989990284-1724683343-1003 -> {B351D155-F565-4E71-9B34-7EBFD4C442F8} URL = 
EmptyEventLogs:
CMD: DISM /Online /Cleanup-image /Restorehealth
CMD: sfc /scannow
CMD: winmgmt /salvagerepository
CMD: winmgmt /verifyrepository
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R

socgom · 30 Septiembre, 2025 14:28

Saludos, @furtivex, gracias de antemano por las indicaciones en los pasos previos; para cuando pueda sugerirme cómo continuar, le agradeceré. Le comento, aun estoy borrando archivos viejos del disco duro, y descartando cosas. Sigue la lentitud en la computadora. Muy amable de su parte

socgom · 5 Noviembre, 2025 15:23

Saludos nuevamente al staff y a la comunidad de Forospyware:

Dado que no recibí respuesta en varios días y quedé a la espera de alguna indicación extra, decidí abrir otro tema para preguntar si era posible intentar solventar o avanzar por esa vía; amablemente el usuario @JCTecn1cal me hizo unas sugerencias para evitar eso, ya que pudiera verse como un irrespeto al usuario que originalmente atendió mi caso, el amigo @furtivex. Por lo tanto cerré ese tema (https://forospyware.com/t/la-laptops-sigue-algo-lenta-y-queda-como-congelada-evidentemente-hay-algo-afect%C3%A1ndola/36028/3), donde no posteé ningún log o cosa parecida, y continúo por aquí.

No sé que hacer, ¿aplico alguna de las funcionalidades (RKill, MalwareBytes, o cualquier otra de ese estilo) que me genere un registro actual del estado de esta computadora? he visto en distintos temas que sugieren que se sigan las pautas específicas que indican seguir, ya que cada caso puede ser distinto.

A a espera de indicaciones, y agradecido con Uds. @JCTecn1cal y @furtivex por las pautas que puedan darme para procurar solventar la lentitud y posible efecto de malware que tiene este dispositivo.

furtivex · 22 Noviembre, 2025 02:39

@socgom Disculpen la demora. He estado muy ocupado últimamente y creí que el problema original estaba resuelto. Por favor, realicen un nuevo escaneo con FRST y publiquen los nuevos registros para que pueda evaluar la situación actual.

Gracias.