Adware.Mindspark y PUP.Optional inborrables

He probado de todo para borrar este adware y 2 pups en mi computadora, al parecer son de chromium, problema similar a este: Ayuda con PUP.Optional.MindSpark.Generic, - nº 7 por libelula39 , lo que vi que si reseolvió, quisiera un script parecido al dado arriba para mi pc. El registro de AdwCleaner:

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build:    08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    10-22-2023
# Duration: 00:00:02
# OS:       Windows 10 (Build 19045.3570)
# Cleaned:  3
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

**Deleted       cknghehebaconkajgiobncfleofebcog**
**Deleted       kpocjpoifmommoiiiamepombpeoaehfh**
**Deleted       kpocjpoifmommoiiiamepombpeoaehfh**

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1420 octets] - [24/09/2023 13:14:41]
AdwCleaner[C00].txt - [1610 octets] - [24/09/2023 13:15:28]
AdwCleaner[S01].txt - [1702 octets] - [24/09/2023 14:40:46]
AdwCleaner[C01].txt - [1836 octets] - [24/09/2023 14:41:02]
AdwCleaner[S02].txt - [1824 octets] - [16/10/2023 18:56:26]
AdwCleaner[C02].txt - [1958 octets] - [16/10/2023 18:57:04]
AdwCleaner[S03].txt - [1946 octets] - [16/10/2023 18:58:40]
AdwCleaner[C03].txt - [2080 octets] - [16/10/2023 18:58:54]
AdwCleaner[S04].txt - [2068 octets] - [16/10/2023 19:07:54]
AdwCleaner[S05].txt - [2129 octets] - [16/10/2023 19:08:27]
AdwCleaner[C05].txt - [2263 octets] - [16/10/2023 19:08:36]
AdwCleaner[S06].txt - [2091 octets] - [16/10/2023 19:09:01]
AdwCleaner[S07].txt - [2312 octets] - [16/10/2023 19:09:28]
AdwCleaner[S08].txt - [2373 octets] - [16/10/2023 19:10:54]
AdwCleaner[S09].txt - [2434 octets] - [16/10/2023 20:06:26]
AdwCleaner[S10].txt - [2495 octets] - [17/10/2023 00:15:56]
AdwCleaner[C10].txt - [2629 octets] - [17/10/2023 00:16:07]
AdwCleaner[S11].txt - [2617 octets] - [17/10/2023 00:29:11]
AdwCleaner[S12].txt - [2678 octets] - [17/10/2023 10:01:21]
AdwCleaner[C12].txt - [2812 octets] - [17/10/2023 10:01:40]
AdwCleaner[S13].txt - [2640 octets] - [17/10/2023 10:48:02]
AdwCleaner[S14].txt - [2701 octets] - [17/10/2023 11:10:28]
AdwCleaner[S15].txt - [2922 octets] - [17/10/2023 11:11:11]
AdwCleaner[C15].txt - [3056 octets] - [17/10/2023 11:14:10]
AdwCleaner[S16].txt - [2884 octets] - [17/10/2023 11:14:32]
AdwCleaner[S17].txt - [3105 octets] - [17/10/2023 11:15:20]
AdwCleaner[S18].txt - [3166 octets] - [17/10/2023 18:20:48]
AdwCleaner[C18].txt - [3300 octets] - [17/10/2023 18:21:06]
AdwCleaner[S19].txt - [3288 octets] - [18/10/2023 00:45:00]
AdwCleaner[C19].txt - [3422 octets] - [18/10/2023 00:46:39]
AdwCleaner[S20].txt - [3410 octets] - [22/10/2023 10:25:55]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C20].txt ##########

Hola buenas @Darkar33, bienvenido al foro. Al ser nuevo te recomiendo que te leas las políticas de este. No porque hayas hecho nada mal, sino para saber más acerca del funcionamiento de este.

Antes de pasar a utilizar el FRST quiero que realices algunos procedimientos de desinfección más para dejar la máquina lo más “limpia” posible para cuando vayamos a utilizar FRST.

[color=#2271b3] EN BUSCA / ELIMINACIÓN DE MALWARE [/color]

[color=#ff00](Mantén conectados todos tus dispositivos externos que tengas como: USBs, discos duros externos, etc).[/color]

[color=#ff00]Por favor, descarga todo el software de los enlaces que pongo/de sus respectivos manuales.[/color]

[color=#ff0000]Ahora ejecutarás una serie de herramientas respetando el orden, los pasos con todos los programas cerrados, incluidos los navegadores.[/color]

Conectas todos tus dispositivos externos (todos los discos duros externos que tengas, así como todas las USB que tengas y discos duros externos si también tienes).

Realiza los pasos que te pongo a continuación, sin cambiar el orden y síguelos al pie de la letra:

0) Descarga Ccleaner Aquí te dejo su manual: Manual de CCleaner , para que sepas como usarlo y configurarlo correctamente.

Lo instalas y lo ejecutas. En la pestaña Limpieza personalizada dejas la configuración predeterminada. Haces clic en Analizar y esperas a que termine. Seguidamente, haz clic en Ejecutar Limpiador. Clic en la pestaña Registro > clic en Buscar Problemas esperas que termine. Finalmente, clic en Reparar Seleccionadas y realizas una Copia de Seguridad del registro de Windows.

1) Descarga, instala, [color=#ff0000]actualiza[/color] y ejecuta Malwarebytes’ Anti-Malware. Aquí te dejo su manual: Manual de Malwarebytes, para que sepas como usarlo y configurarlo correctamente.

• Realizas un Análisis Personalizado, marcando Todas las casillas de la Derecha y de la Izquierda, actualizando si te lo pide. Es decir: conectas todos tus dispositivos externos (todos los discos duros externos que tengas, así como todas las USB que tengas, incluida la que me has dicho anteriormente y marcas todas las unidades de disco disponibles y las siguientes casillas:

[center]1. Analizar objetos en memoria[/center] [center]2. Analizar configuración de inicio y registro[/center] [center]3. Analizar dentro de los archivos[/center]

• Pulsar en “Eliminar Seleccionados” para enviar las infecciones a la cuarentena y Reinicias el ordenador.
• Para acceder posteriormente al informe del análisis te diriges a: Informes >> Registro de análisis >> pulsas en Exportar >> Copiar al Portapapeles y pones el informe en tu próxima respuesta.

2) Descarga Adwcleaner en el escritorio.

• Desactiva tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.
• Ejecuta Adwcleaner.exe [size=2][color=#0000FF](Si usas Windows Vista/7/8 u 10 presiona clic derecho y selecciona “Ejecutar como Administrador.”)[/color][/size]
• Pulsar en el botón Analizar Ahora, y espera a que se termine el análisis. Inmediatamente, pulsa sobre el botón Iniciar Reparación.
• Espera a que termine y sigue las instrucciones que te aparezcan. Si te pidiera Reiniciar, pues reinicias el ordenador pulsando en Aceptar.
• Si no encuentra nada, pulsa en Omitir Reparación.
• El log lo encontrarás en la pestaña Informes, volviendo a abrir el programa, si es necesario o en la siguiente ubicación: C:\AdwCleaner\Logs\AdwCleaner[C0].txt.
• Para más información aquí te dejo su manual: Manual de Adwcleaner.
• Activa de nuevo tu antivirus y cualquier programa de seguridad que tengas activado.

3) Utiliza nuevamente CCleaner tal como te dije en el punto 0.

Pegas los reportes de Malwarebytes y AdwCleaner y comentas como va el problema inicial planteado por el cual abriste este tema. También responde a las preguntas que te haya realizado a lo largo de este Post, siempre que te haya hecho alguna, si no, no

NOTA IMPORTANTE

[color=#ff0000]Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:[/color]

• No realices pasos/acciones que NOSOTROS no te hayamos indicado.
• No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
• No instales NADA (programas/software/complementos/extensiones del navegador…).
• No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
• No realices por tu cuenta otros procedimientos.
• Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

report703×272 3.73 KB

Salu2.

Una vez hayas realizado todo lo descrito en mi anterior mensaje.

Haces esto:

0) Descarga, instala y ejecuta ZHP Cleaner siguiendo su manual, lo descargas, instalas y ejecutas. Cuando termine, elimina todo lo que encuentre.

[color=#2271b3] RESTABLECER NAVEGADORES[/color]

Restablece todos los navegadores que tengas tal y como se indica en esta guía:

OJO, REALIZA SOLO LA PARTE QUE EMPIEZA EN: PUP/Adware en: Internet Explorer y hacia abajo todos los posts que siguen (PUP/Adware en: Mozilla Firefox, PUP/Adware en: Google Chrome) y si tienes algún navegador como Opera o Safari que no salen en la guía, pues haz procedimientos similares y extrapolas de los navegadores que sí que aparecen.

Guía de cómo eliminar Adwares/PUPs

[color=#2271b3] PRÓXIMA RESPUESTA[/color]

Me traes el log de: ZHP Cleaner y respondes a las preguntas que te haya realizado (si no hay, pues no) y comentas como va el PC.

NOTA IMPORTANTE

[color=#ff0000]Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:[/color]

• No realices pasos/acciones que NOSOTROS no te hayamos indicado.
• No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
• No instales NADA (programas/software/complementos/extensiones del navegador…).
• No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
• No realices por tu cuenta otros procedimientos.
• Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

report703×272 3.73 KB

Salu2.

Hola, terminé ya de realizar los pasos descritos anteriormente, aquí te dejo los registros: Registro de Malwarebytes:

Detalles del registro-
Fecha del análisis: 30/10/23
Hora del análisis: 5:51
Archivo de registro: 4be82adc-7712-11ee-a593-0a0027000014.json

-Información del software-
Versión: 4.6.5.293
Versión de los componentes: 1.0.2181
Versión del paquete de actualización: 1.0.76742
Licencia: Gratis

-Información del sistema-
SO: Windows 10 (Build 19045.3570)
CPU: x64
Sistema de archivos: NTFS
Usuario: LAPTOP-0HHCN5FS\darli

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 774778
Amenazas detectadas: 3
Amenazas en cuarentena: 3
Tiempo transcurrido: 4 hr, 35 min, 35 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 3
Generic.Malware.AI.DDS, E:\DOWNLOADS\AUTOLIKER_V35.40NR.ZIP, En cuarentena, 1000002, 0, 1.0.76742, 61EB78C470A7D515EE3E0AA2, dds, 02539265, 8345074FF084BE78B58F8CEA87AC3709, C4258A95A8B21821DE453171D1921B0CB494749EF385D66E4247F3C70F3CB876
PUP.Optional.BundleInstaller, E:\DOWNLOADS\UTWEB_INSTALLER.EXE, En cuarentena, 97, 1127556, 1.0.76742, , ame, , F4F238302D3529B21C6A8BF9ED4F5276, 52BBB9086D5E454B3606B20AAAF380C623F700D529FB6DA788FFCE78432D7D07
Generic.Malware.AI.DDS, D:\ADOBE & MICROSOFT\ACTIVADOROFFICEFINALANDROIDELIZADOS.RAR, En cuarentena, 1000002, 0, 1.0.76742, E8EB30E324C9F784B397287A, dds, 02539265, 63B639DFF4C682489B8252610F6D462A, FDBAABFF4D8F3C8D9C1152EDD9069D6C8212E0EC57E4F306ABBE3691A69AF801

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Aquí el registro de AdwCleaner:

```
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build:    08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    10-30-2023
# Duration: 00:00:02
# OS:       Windows 10 (Build 19045.3570)
# Cleaned:  3
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted       cknghehebaconkajgiobncfleofebcog
Deleted       kpocjpoifmommoiiiamepombpeoaehfh
Deleted       kpocjpoifmommoiiiamepombpeoaehfh

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1580 octets] - [30/10/2023 10:34:05]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
```

y aquí el registro de ZHP cleaner:

```
~ ZHPCleaner v2023.10.26.49 by Nicolas Coolman (2023/10/26)
~ Run by darli (Administrator)  (30/10/2023 10:43:56)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Scanner
~ Report : C:\Users\darli\OneDrive\Escritorio\ZHPCleaner (S).txt
~ Quarantine : C:\Users\darli\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point : 
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit  (Build 19045)


---\\  Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Servicios (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Navegadores de Internet (6)
ENCONTRADOS carpeta: C:\Users\darli\AppData\Local\Google\Chrome\User Data\Default\History    =>.SUP.BrowserHistoric
ENCONTRADOS carpeta: C:\Users\darli\AppData\Local\Microsoft\Edge\User Data\Default\History    =>.SUP.BrowserHistoric
ENCONTRADOS archivo: C:\Users\darli\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data  =>.SUP.BrowserCache
ENCONTRADOS archivo: C:\Users\darli\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data  =>.SUP.BrowserCache
ENCONTRADOS archivo: C:\Users\darli\AppData\Local\Mozilla\Firefox\Profiles\853t7ik9.default\Cache2  =>.SUP.BrowserCache
ENCONTRADOS archivo: C:\Users\darli\AppData\Local\Mozilla\Firefox\Profiles\e1rp8fhk.default-release-1689434021854\Cache2  =>.SUP.BrowserCache


---\\  Hosts carpeta (1)
~ El archivo hosts es legítimo (70)


---\\  Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Explorador ( Archivos, Carpetas ) (12)
ENCONTRADOS carpeta: C:\Users\Public\Desktop\ManyCam.lnk  [Bad : C:\Program Files (x86)\ManyCam\ManyCam.exe](.Visicom Media Inc..)  =>.SUP.VisicomMedia
ENCONTRADOS carpeta: C:\Users\darli\AppData\Local\Google\Chrome\User Data\Default\Preferences    =>ChromiumPreference
ENCONTRADOS carpeta: C:\Users\darli\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences    =>ChromiumPreference
ENCONTRADOS carpeta: C:\Users\darli\AppData\Local\Microsoft\Edge\User Data\Default\Preferences    =>ChromiumPreference
ENCONTRADOS carpeta: C:\Program Files (x86)\ManyCam\ManyCam.exe [Visicom Media Inc. - ManyCam Virtual Webcam]  =>.SUP.VisicomMedia
ENCONTRADOS carpeta: C:\Users\Public\Desktop\ManyCam.lnk    =>.SUP.VisicomMedia
ENCONTRADOS carpeta: C:\ProgramData\ManyCam\Service\service.exe [Visicom Media Inc. - ManyCam Service]  =>.SUP.VisicomMedia
ENCONTRADOS archivo: C:\Program Files (x86)\Skillbrains\lightshot  =>SUP.Optional.Skillbrains
ENCONTRADOS archivo: C:\Program Files (x86)\Skillbrains\Updater  =>SUP.Optional.Skillbrains
ENCONTRADOS archivo: C:\Program Files (x86)\Skillbrains  =>SUP.Optional.Skillbrains
ENCONTRADOS archivo: C:\Users\darli\AppData\Local\Visicom Media\ManyCam  =>.SUP.VisicomMedia
ENCONTRADOS archivo: C:\Users\darli\AppData\Local\Visicom Media  =>.SUP.VisicomMedia


---\\  Registro ( Claves, Valores, Datos) (17)
ENCONTRADOS clave: HKLM\SOFTWARE\POLICIES\Mozilla\Firefox [AdditionalScan 576]  =>.SUP.FirefoxRestriction
ENCONTRADOS clave: HKEY_USERS\S-1-5-21-1691082389-834839770-2912174567-1001\SOFTWARE\SkillBrains []  =>SUP.Optional.Skillbrains
ENCONTRADOS clave: HKEY_USERS\S-1-5-21-1691082389-834839770-2912174567-1001\SOFTWARE\Visicom Media []  =>.SUP.VisicomMedia
ENCONTRADOS clave: HKEY_USERS\S-1-5-21-1691082389-834839770-2912174567-1001\SOFTWARE\Classes\discord-424004941485572097 [URL:Run game 424004941485572097 protocol]  =>.SUP.Discord
ENCONTRADOS clave: HKEY_USERS\S-1-5-21-1691082389-834839770-2912174567-1001\SOFTWARE\Classes\discord-432980957394370572 [URL:Run game 432980957394370572 protocol]  =>.SUP.Discord
ENCONTRADOS clave: HKEY_USERS\S-1-5-21-1691082389-834839770-2912174567-1001\SOFTWARE\Classes\discord-457248854685777932 [URL:Run game 457248854685777932 protocol]  =>.SUP.Discord
ENCONTRADOS clave: HKEY_USERS\S-1-5-21-1691082389-834839770-2912174567-1001\SOFTWARE\Classes\discord-712465656758665259 [URL:Run game 712465656758665259 protocol]  =>.SUP.Discord
ENCONTRADOS clave: HKCU\Software\SkillBrains []  =>SUP.Optional.Skillbrains
ENCONTRADOS clave: HKCU\Software\Visicom Media []  =>.SUP.VisicomMedia
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Classes\bi [bi]  =>Adware.FilesFrog
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Classes\Listbar.SSListBar [Sheridan ActiveListBar Control]  =>PUP.Optional.BHO
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Classes\Listbar.SSListBar.1 [Sheridan ActiveListBar Control]  =>PUP.Optional.BHO
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\Skillbrains []  =>SUP.Optional.Skillbrains
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\Visicom Media []  =>.SUP.VisicomMedia
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ManyCam [Visicom Media Inc.]  =>.SUP.VisicomMedia
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1 [Skillbrains]  =>SUP.Optional.Skillbrains
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [ASUSTeK Computer Inc.]  =>Heuristic.Suspect


---\\  Resumen de elementos en su estación de trabajo (10)
https://nicolascoolman.eu/2023/07/18/les-caches-et-historiques-de-navigateurs/  =>.SUP.BrowserHistoric
https://nicolascoolman.eu/2023/07/18/les-caches-et-historiques-de-navigateurs/  =>.SUP.BrowserCache
https://nicolascoolman.eu/2017/03/18/superfluous-visicommedia/  =>.SUP.VisicomMedia
https://nicolascoolman.eu/2020/10/01/preferences-navigateurs-chromium/  =>ChromiumPreference
https://nicolascoolman.eu/2019/01/sup-skillbrains  =>SUP.Optional.Skillbrains
https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/  =>.SUP.FirefoxRestriction
https://nicolascoolman.eu/forum/Topic/Discord-logiciel-potentiellement-superflu-lps/  =>.SUP.Discord
https://nicolascoolman.eu/2017/10/13/adware-filesfrog/  =>Adware.FilesFrog
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/  =>PUP.Optional.BHO
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/  =>Heuristic.Suspect


---\\ Resultado de la reparación.
~ ninguna reparación hecha
~ Google Chrome OK
~ Microsoft Edge OK
~ Mozilla Firefox OK
~ Microsoft Internet Explorer OK


---\\ STATISTIQUES
~ Items escaneado : 130506
~ Items encontrado : 43
~ artículos cancelados : 0
~ Ahorro de espacio (bytes) : 0
~ Items opciones : 10/18


---\\ OPCIONES NO ACTIVAS
~ Análisis temporal de archivos
~ Análisis temporal de carpetas
~ Análisis de CLSID de carpetas vacías
~ Vaciar otro análisis de carpetas
~ Análisis de carpetas locales vacías
~ Análisis de carpetas locales vacías
~ Análisis de archivos de instalación obsoleto
~ Iniciar navegadores con extensiones eliminadas





~ End of search in 00h15mn42s

---\\  Reporte (0)
ZHPCleaner-[S]-30102023-10_59_38.txt
```

también restablecí todos mis navegadores, a pesar de que solo suelo usar chrome siempre. ni bien terminé todos los procesos, reinicié mi ordenador y antes de abrir cualquier otra cosa, analicé con AdwCleaner, y aún tengo los 2 PUP.Optional y el Adwar.Mindspark, archivo el registro de ese análisis:

```
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build:    08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    10-30-2023
# Duration: 00:00:01
# OS:       Windows 10 (Build 19045.3570)
# Cleaned:  3
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted       cknghehebaconkajgiobncfleofebcog
Deleted       kpocjpoifmommoiiiamepombpeoaehfh
Deleted       kpocjpoifmommoiiiamepombpeoaehfh

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1580 octets] - [30/10/2023 10:34:05]
AdwCleaner[C00].txt - [1714 octets] - [30/10/2023 10:34:19]
AdwCleaner[S01].txt - [1702 octets] - [30/10/2023 11:14:49]
AdwCleaner[S02].txt - [1763 octets] - [30/10/2023 11:25:48]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
```

Hola, buenas @Darkar33 perdona que haya tardado en responder.

Ok.

Malwarebytes >> ha hecho lo que debía de hacer.

AdwCleaner >> ha hecho lo que debía de hacer.

ZHPCleaner >> ha hecho lo que debía de hacer.

Ok.

OK. Jejejeje estos bichos tienen cierta persistencia en el sistema e intentar eliminarlos con herramientas de este tipo no les vamos a hacer nada o poca cosa. Vamos a darles caña.

[color=#2271b3] EN BUSCA / ELIMINACIÓN DE MALWARE [/color]

Desactivas tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.

[color=#ff00]LO DESCARGAS EN TU ESCRITORIO MUY IMPORTANTE[/color] (y no en otro sitio).

Descargas Farbar Recovery Scan Tool [color=#ff00]MUY IMPORTANTE[/color] >> seleccionas la versión adecuada para la arquitectura correspondiente de tu Ordenador (32 o 64bits). ¿Cómo saber si mi Windows es de 32 o 64 bits.?

Una vez descargado FRST, desconectas tu equipo de completamente de Internet (apagas el router) >> Super Importante. Acto seguido, cierras también cualquier otro programa que tengas abierto.

Farbar Recovery Scan Tool

1. Ejecutas el FRST.exe[size=2] (Si utilizas Windows Vista/7/8 o 10, presionas click derecho y seleccionas Ejecutar como Administrador).[/size]

2. Aparecerá una ventana con un mensaje de Disclaimer/Responsabilidad, presionas sobre Si o Yes.

3. En la ventana principal del programa presionas sobre Analizar/Scan y esperas a que finalice el análisis.

4. Aparecerán dos logs/reportes que serán: Frst.txt y Addition.txt, estos quedarán guardados en el escritorio.

[color=#ff00]Activas de nuevo tu antivirus y cualquier programa de seguridad que tengas activado.[/color] [color=#ff00]También conectas nuevamente tu equipo a Internet.[/color]

[color=#2271b3] PRÓXIMA RESPUESTA[/color]

Pegas los reportes de FRST.txt y Addition.txt. Debes de poner ambos reportes todos enteros con absolutamente todo su contenido. Deberás de realizar varios mensajes si recibes un mensaje de error/advertencia indicando que es muy largo dicho reporte que formará el mensaje (más de 50.000 carácteres aprox.).

NOTA IMPORTANTE

[color=#ff0000]Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:[/color]

• No realices pasos/acciones que NOSOTROS no te hayamos indicado.
• No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
• No instales NADA (programas/software/complementos/extensiones del navegador…).
• No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
• No realices por tu cuenta otros procedimientos.
• Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

report703×272 3.73 KB

Salu2.

Reporte Frsr.txt:

```
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 06-10-2023
Ejecutado por darli (administrador) sobre LAPTOP-0HHCN5FS (ASUSTeK COMPUTER INC. TUF Gaming FX505DT_FX505DT) (03-11-2023 10:43:19)
Ejecutado desde C:\Users\darli\OneDrive\Escritorio\FRST64.exe
Perfiles cargados: darli
Plataforma: Microsoft Windows 10 Home Versión 22H2 19045.3570 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSOptimization\AsusOSD.exe
(C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe
(DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <6>
(explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSLinkRemote\AsusLinkRemote.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSLinkNear\AsusLinkNear.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_a4e83a4bfff92e83\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <3>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21640.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21640.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [442936 2020-10-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM\...\Run: [Autodesk Sync] => [X]
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> )
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1092304 2016-03-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Policies\Explorer: [HideSCAMeetNow] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restricción <==== ATENCIÓN
HKLM\Software\Policies\...\system: [EnableActivityFeed] 0
HKLM\Software\Policies\...\system: [PublishUserActivities] 0
HKLM\Software\Policies\...\system: [UploadUserActivities] 0
HKLM\Software\Policies\...\system: [AllowClipboardHistory] 0
HKLM\Software\Policies\...\system: [AllowCrossDeviceClipboard] 0
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\83.0.2.0\GoogleDriveFS.exe [57620256 2023-11-01] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\83.0.2.0\GoogleDriveFS.exe [57620256 2023-11-01] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4377448 2023-10-30] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49958368 2022-02-01] (Google LLC -> )
HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365760 2020-08-23] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\Run: [Monosnap] => C:\Users\darli\AppData\Local\Monosnap\App\Monosnap.exe [317448 2021-10-11] (IMI.VC Advisors UAB -> )
HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\Run: [Hamul] => C:\Users\darli\AppData\Local\Hamul\Hamul.exe [215568 2020-09-29] (Nakama.us Inc. -> Nakama.us)
HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\83.0.2.0\GoogleDriveFS.exe [57620256 2023-11-01] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\Run: [Epic Privacy Browser Installer] => C:\Users\darli\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe [509096 2022-03-10] (Google Inc (TEST) -> Epic Privacy Browser) [Archivo no firmado]
HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42727840 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\Run: [MicrosoftEdgeAutoLaunch_CF55DE46E789CC81D8A11C20381B84FC] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4187176 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\Policies\Explorer: [HideSCAMeetNow] 1
HKU\S-1-5-21-1691082389-834839770-2912174567-500\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\83.0.2.0\GoogleDriveFS.exe [57620256 2023-11-01] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1691082389-834839770-2912174567-500\...\Run: [MicrosoftEdgeAutoLaunch_3EFD3FAB506FA325099A3EE9A1AA66DE] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4187176 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\83.0.2.0\GoogleDriveFS.exe [57620256 2023-11-01] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\EPSON L395 Series 64MonitorBE: C:\Windows\system32\E_YLMBRWE.DLL [182784 2015-12-09] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Archivo no firmado]
HKLM\...\Print\Monitors\Nitro PDF Port 13 Monitor: C:\Windows\system32\NxPrinterMonitor13.dll [360944 2021-02-11] (Nitro Software, Inc. -> Nitro Software, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\118.0.5993.120\Installer\chrmstp.exe [2023-11-03] (Google LLC -> Google LLC)
GroupPolicy: Restricción ? <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) =================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {CBC3CEE3-396B-4FAD-A245-8860C5BFD3FD} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe  -mode=scheduled (Ningún archivo)
Task: {06280A58-FCEF-4D04-9B4B-95073BECB04E} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSOptimization\AsusHotkey.exe [310912 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {62D85229-267E-4225-A32E-120486E34974} - System32\Tasks\ASUS Update Checker 2.0 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSoftwareManager\AsusUpdateChecker.exe [797816 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {9407A34E-C7D4-439D-AAA2-BC89A948894D} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [308584 2022-12-24] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {D85F0579-4A6F-4570-A0FC-6B3CF7C814F2} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1857384 2022-12-24] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {ABBA8984-E05A-4CAB-92E5-1C2B6B846F31} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d63a15fc9b6415 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156208 2020-06-03] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {FCBAEC37-A787-4D14-97AC-BF1586266450} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156208 2020-06-03] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {690019D7-CBA0-4270-BBB6-29A50CB3AA13} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [139091304 2023-09-14] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {03366130-EA30-43B0-AC28-1EABA630EF99} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe  (Ningún archivo)
Task: {CAEF903E-E3FA-4B6F-A101-50DB3FF7FC60} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4147944 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {36C635EE-914E-4439-A0B2-014AA57988D1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {62E02CC5-1BA9-4FB2-A61A-4298C71400BF} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "06cdf19a-850a-47d9-9cb6-9fe4a016f41b" --version "6.17.10746" --silent
Task: {945B4E21-AEC0-4657-AA6E-064BF331591B} - System32\Tasks\CCleanerSkipUAC - darli => C:\Program Files\CCleaner\CCleaner.exe [35664800 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {FD3BD248-9D63-4686-B639-38CE2C88CE61} - System32\Tasks\DSB Notification => C:\Program Files\ASUS\DSB Notification\DSBNotification.exe [782216 2019-01-28] (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {A1763244-939A-4204-907F-FB9F5E4E3857} - System32\Tasks\EPSON L395 Series Update {1D9EE204-A281-4E34-9A65-A0B89F802B88} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRWE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {06ADA131-C67F-4337-94BA-58F4739BCD8F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-23] (Google LLC -> Google LLC)
Task: {FB450D6C-D193-4465-9F6E-DA729830E378} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-23] (Google LLC -> Google LLC)
Task: {1D9CA91D-ABA3-443B-A220-2D9BA14EAAD5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28175360 2023-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {C357C599-DEAD-40C3-8B98-D7513E90418D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28175360 2023-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {287CCD1D-3D9E-468D-9853-258A1AD8094C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306736 2023-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {0D1D274A-E5E5-48C0-8622-C2D4A25AB9A7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306736 2023-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {F74E1BCE-CA49-484A-A2BD-88B0842B3960} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169144 2023-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {C1B78D2C-647B-478F-8697-30D11820F3BC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F04752D2-4A3C-4F3E-B1C6-2FE5E67638E7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B999B25E-8EC4-4E42-9A62-A68DA90F3DEF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8F21205F-3D40-40ED-A90E-933C18CC8FCB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DD530319-D703-45C7-ABC7-36F5A2D7EA98} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-10-26] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {4D80D8D6-3BF7-4E2E-9D71-3A3EB1AA72C2} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [723872 2023-10-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {E872E573-3098-495F-AC5C-3A3C99F3927D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {B2C65050-DB03-4F3C-848C-25CCA5915BE5} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E0CD5379-9819-4D05-8D0A-1E3CC0619F40} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2324DDC0-C137-40DF-A1BF-B9F52EDC086A} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {32FAF263-93D7-4430-A405-66717188891F} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7846D940-19A2-460E-9A8E-5BC19EA4F0A9} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C502CCA7-8CC3-4EED-9558-FA0D5F6BC8F9} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {74586225-5ACE-4937-8DD3-E20496A58C7C} - System32\Tasks\RtkAudUService64_BG => C:\Windows\system32\RtkAudUService64.exe [862192 2019-02-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {DABBD34A-1CE4-4D66-9AD3-D5BA88416F77} - System32\Tasks\update-S-1-5-21-1691082389-834839770-2912174567-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {A5AE3BA8-D324-42A1-A053-ADF3BB5D8C08} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\EPSON L395 Series Update {1D9EE204-A281-4E34-9A65-A0B89F802B88}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRWE.EXE:/EXE:{1D9EE204-A281-4E34-9A65-A0B89F802B88} /F:UpdateWORKGROUP\LAPTOP-0HHCN5FS$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\MyASUSTask.job => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_38716246a7897090\ASUSSystemDiagnosis\ModifyMyASUSSetting.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-1691082389-834839770-2912174567-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 190.113.220.18 190.113.220.51 190.113.220.54
Tcpip\..\Interfaces\{271854cb-b5a8-481f-943d-5e2900896ce2}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{697982ea-6775-4565-8081-20395503a7dc}: [DhcpNameServer] 190.113.220.18 190.113.220.51 190.113.220.54

Edge: 
=======
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
Edge Profile: C:\Users\darli\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-03]
Edge Extension: (Documentos de Google sin conexión) - C:\Users\darli\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-30]
Edge Extension: (Edge relevant text changes) - C:\Users\darli\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-10-30]

FireFox:
========
FF DefaultProfile: 853t7ik9.default
FF ProfilePath: C:\Users\darli\AppData\Roaming\Mozilla\Firefox\Profiles\853t7ik9.default [2022-05-15]
FF ProfilePath: C:\Users\darli\AppData\Roaming\Mozilla\Firefox\Profiles\m9iz7lp5.default-release-1698681956940 [2023-11-03]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi => no encontrado
FF Plugin: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-09-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-09-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-1691082389-834839770-2912174567-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\darli\AppData\Local\Epic Privacy Browser\Installer\1.3.29.13\npEpicUpdate3.dll [2022-03-10] (Google Inc (TEST) -> Epic Privacy Browser) [Archivo no firmado]
FF Plugin HKU\S-1-5-21-1691082389-834839770-2912174567-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\darli\AppData\Local\Epic Privacy Browser\Installer\1.3.29.13\npEpicUpdate3.dll [2022-03-10] (Google Inc (TEST) -> Epic Privacy Browser) [Archivo no firmado]

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\darli\AppData\Local\Google\Chrome\User Data\Default [2023-11-03]
CHR DownloadDir: E:\Downloads
CHR Notifications: Default -> hxxps://web.whatsapp.com; hxxps://www.instagram.com
CHR Session Restore: Default -> está habilitado.
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\darli\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-10-30]
CHR Extension: (WebChatGPT: ChatGPT con acceso a internet) - C:\Users\darli\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpfemeioodjbpieminkklglpmhlngfcn [2023-11-03]
CHR Extension: (MaxAI.me: Usa ChatGPT AI en cualquier lugar en línea) - C:\Users\darli\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhnlakgilnojmhinhkckjpncpbhabphi [2023-11-03]
CHR Extension: (UltraSurf Security, Privacy & Unblock VPN) - C:\Users\darli\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjnbclmflcpookeapghfhapeffmpodij [2023-05-16]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\darli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\darli\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-10-30]
CHR Profile: C:\Users\darli\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-10-30]
CHR Extension: (Presentaciones) - C:\Users\darli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-07-09]
CHR Extension: (Adobe Acrobat) - C:\Users\darli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-07-09]
CHR Extension: (Hojas de cálculo) - C:\Users\darli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-07-09]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\darli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-07-09]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\darli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-09]
CHR Extension: (Menú de aplicaciones de Drive (de Google)) - C:\Users\darli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-07-09]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\darli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-09]
CHR Extension: (Chrome Media Router) - C:\Users\darli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-08-02]
CHR Profile: C:\Users\darli\AppData\Local\Google\Chrome\User Data\Profile 2 [2023-10-30]
CHR Extension: (Adobe Acrobat: herramientas de conversión, edición y firma de PDF) - C:\Users\darli\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-05-12]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\darli\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-25]
CHR Extension: (Menú de aplicaciones de Drive (de Google)) - C:\Users\darli\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-05-25]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\darli\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-19]
CHR Profile: C:\Users\darli\AppData\Local\Google\Chrome\User Data\Profile 3 [2023-10-30]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\darli\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-22]
CHR Extension: (Menú de aplicaciones de Drive (de Google)) - C:\Users\darli\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-06-22]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\darli\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-06-22]
CHR Profile: C:\Users\darli\AppData\Local\Google\Chrome\User Data\System Profile [2023-10-30]
CHR HKU\S-1-5-21-1691082389-834839770-2912174567-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\darli\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2021-07-10]
CHR HKU\S-1-5-21-1691082389-834839770-2912174567-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
```

```
==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [5489224 2023-10-22] (philandro Software GmbH -> AnyDesk Software GmbH)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe [401880 2023-10-17] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156208 2020-06-03] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusAppService; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\AsusAppService\AsusAppService.exe [1177320 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [501608 2023-08-18] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
R2 ASUSLinkNear; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSLinkNear\AsusLinkNear.exe [1631976 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSLinkRemote\AsusLinkRemote.exe [772840 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156208 2020-06-03] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSOptimization\AsusOptimization.exe [508032 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [681832 2023-10-17] (ASUSTeK COMPUTER INC. -> ASUS)
R2 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSoftwareManager\AsusSoftwareManager.exe [1111160 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSwitch\AsusSwitch.exe [641144 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4147944 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [834280 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-03-23] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13233848 2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4582080 2020-08-23] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S2 DTSAPO3Service; C:\WINDOWS\System32\DTS\PC\APO3x\DTSAPO3Service.exe [223640 2019-09-03] (DTS, Inc. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2021-03-23] (EasyAntiCheat Oy -> Epic Games, Inc)
S2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [206304 2020-10-02] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
S2 ManyCam Service; C:\ProgramData\ManyCam\Service\ManyCamService.exe [544984 2016-03-31] (ManyCam -> Visicom Media Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9341488 2023-10-30] (Malwarebytes Inc. -> Malwarebytes)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [1799640 2023-09-20] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14283048 2021-04-29] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746688 2021-04-28] (Oracle Corporation -> Oracle Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe [3116904 2023-10-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe [133584 2023-10-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppService.exe [474768 2017-03-01] (Wondershare software CO., LIMITED -> Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MirrorGo\DriverInstall.exe [111328 2017-05-05] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_a4e83a4bfff92e83\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_a4e83a4bfff92e83\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S2 QMEmulatorService; "C:\Users\darli\OneDrive\Escritorio\TxGameAssistant\AppMarket\QMEmulatorService.exe" [X]

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [59440 2023-08-17] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-23] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSystemAnalysis\AsusSAIO.sys [49312 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSOptimization\AsusWmiAcpi.sys [48808 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-08-23] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-08-23] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheatSys; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.sys [3374096 2021-08-19] (EasyAntiCheat Oy -> EasyAntiCheat Oy)
S3 EnigmaFileMonDriver; C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys [84032 2023-09-24] (Microsoft Windows Hardware Compatibility Publisher -> EnigmaSoft Limited)
U4 googledrivefs31092; C:\WINDOWS\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-28] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [66952 2018-07-29] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-09-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-10-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-28] (ManyCam -> Visicom Media Inc.)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-13] (Nvidia Corporation -> NVIDIA Corporation)
S3 SIVDriver; C:\WINDOWS\system32\Drivers\SIVX64.sys [205552 2021-02-12] (RH Software Ltd -> Ray Hinchliffe)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
R1 TBoxDrv; C:\Program Files\AndroidTbox\TBoxDrv.sys [271600 2017-09-11] (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
S3 tesrsdt; C:\WINDOWS\system32\drivers\tesrsdt.sys [812208 2020-11-26] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 UniSafe; C:\WINDOWS\system32\drivers\UniSafe.sys [581912 2020-11-26] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 usbscan; C:\WINDOWS\system32\DRIVERS\usbscan.sys [49152 2020-10-01] (Microsoft Corporation) [Archivo no firmado]
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2020-08-26] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [239616 2021-04-28] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249536 2021-04-28] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [174728 2021-04-28] (Oracle Corporation -> Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-10-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [572712 2023-10-09] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105872 2023-10-09] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2023-11-03 10:41 - 2023-11-03 10:41 - 000000000 ____D C:\Users\darli\AppData\Roaming\Microsoft\Network
2023-11-01 13:10 - 2023-11-01 13:10 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2023-10-30 10:42 - 2023-10-30 10:59 - 000000000 ____D C:\Users\darli\AppData\Roaming\ZHP
2023-10-30 10:42 - 2023-10-30 10:42 - 000000000 ____D C:\Users\darli\AppData\Local\ZHP
2023-10-30 10:33 - 2023-10-30 10:34 - 000000000 ____D C:\AdwCleaner
2023-10-30 05:42 - 2023-11-03 10:44 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-10-30 05:42 - 2023-11-03 10:14 - 000000000 ____D C:\Program Files\CCleaner
2023-10-30 05:42 - 2023-10-31 10:43 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-10-30 05:42 - 2023-10-31 10:43 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-10-30 05:42 - 2023-10-30 05:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2023-10-26 10:53 - 2023-10-30 05:39 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-10-22 11:37 - 2023-10-22 11:37 - 000000000 ____D C:\Users\darli\AppData\Roaming\EasyAntiCheat
2023-10-22 10:55 - 2023-11-03 10:43 - 000000000 ____D C:\FRST
2023-10-22 10:31 - 2023-10-22 10:32 - 000000249 _____ C:\DelFix.txt
2023-10-22 10:26 - 2023-11-03 10:13 - 000000000 ____D C:\Users\darli\AppData\Roaming\asus_framework
2023-10-17 09:29 - 2023-10-17 09:29 - 000000000 ____D C:\ProgramData\Sophos
2023-10-17 08:47 - 2023-10-30 05:42 - 000002904 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - darli
2023-10-17 00:22 - 2023-10-17 00:22 - 000000000 ____D C:\Users\darli\AppData\Local\OO Software
2023-10-16 23:24 - 2021-02-12 12:24 - 000205552 _____ (Ray Hinchliffe) C:\WINDOWS\system32\Drivers\SIVX64.sys
2023-10-16 19:50 - 2023-10-16 19:50 - 000000000 ____D C:\Users\darli\AppData\Local\mbam
2023-10-16 19:49 - 2023-10-31 10:28 - 000000000 ____D C:\Users\darli\AppData\Local\Malwarebytes
2023-10-16 18:55 - 2023-10-16 18:55 - 000000000 ____D C:\ProgramData\mb3migration
2023-10-16 17:41 - 2023-10-16 17:41 - 000000000 ____D C:\Users\darli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2023-10-16 11:37 - 2023-10-16 11:37 - 000000000 ____D C:\Users\darli\AppData\Local\Backup
2023-10-14 14:00 - 2023-10-14 14:00 - 000016059 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2023-10-14 13:48 - 2023-10-14 13:48 - 000000000 ___HD C:\$WinREAgent
2023-10-12 23:19 - 2023-10-12 23:19 - 000000000 ____D C:\ProgramData\PLUG
2023-10-12 21:39 - 2023-10-12 21:39 - 000000000 ____D C:\Program Files\RUXIM
2023-10-05 23:32 - 2023-10-05 23:32 - 000000000 ____D C:\Users\Administrador\AppData\Local\CEF
2023-10-05 23:31 - 2023-10-05 23:31 - 000000000 ____D C:\Users\Administrador\AppData\Local\Comms
2023-10-05 23:31 - 2023-10-05 23:31 - 000000000 ____D C:\Users\Administrador\ansel
2023-10-05 23:30 - 2023-10-05 23:31 - 000000000 ____D C:\Users\Administrador\AppData\Local\ASUS
2023-10-05 23:30 - 2023-10-05 23:30 - 000000000 ____D C:\Users\Administrador\AppData\Local\ConnectedDevicesPlatform

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2023-11-03 10:40 - 2020-08-23 15:33 - 000000000 ____D C:\Program Files (x86)\Steam
2023-11-03 10:33 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-11-03 10:23 - 2020-08-23 15:18 - 000000000 ____D C:\Users\darli\AppData\Local\D3DSCache
2023-11-03 10:20 - 2020-10-02 05:01 - 000003752 _____ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2023-11-03 10:17 - 2021-12-17 00:13 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-11-03 10:17 - 2020-08-23 15:21 - 000000000 ____D C:\Program Files (x86)\Google
2023-11-03 10:15 - 2020-08-23 15:21 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-11-03 10:14 - 2020-06-03 21:08 - 000000000 ____D C:\ProgramData\NVIDIA
2023-11-02 23:40 - 2020-10-02 04:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-11-02 19:10 - 2020-08-23 15:18 - 000000000 ____D C:\Users\darli\AppData\Local\Packages
2023-11-02 19:10 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-11-02 19:10 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-11-02 12:11 - 2020-06-03 21:12 - 000000000 ____D C:\Program Files\ASUS
2023-11-02 12:05 - 2022-05-15 21:39 - 000000000 ____D C:\Users\darli\AppData\Roaming\Microsoft\PowerPoint
2023-11-02 11:59 - 2020-08-23 15:18 - 000000000 ____D C:\Users\darli\AppData\Local\CrashDumps
2023-11-02 11:11 - 2022-05-20 22:10 - 000002415 _____ C:\Users\darli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-11-01 13:09 - 2019-10-18 12:28 - 000000000 ____D C:\Program Files\Microsoft Office
2023-11-01 08:44 - 2021-09-08 14:47 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-11-01 08:44 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF
2023-11-01 08:37 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-11-01 00:03 - 2022-05-16 08:39 - 000000000 ____D C:\Users\darli\AppData\Roaming\Microsoft\Word
2023-10-31 11:28 - 2020-10-02 05:01 - 000004122 _____ C:\WINDOWS\system32\Tasks\ASUS Update Checker 2.0
2023-10-31 11:28 - 2020-10-02 05:01 - 000003756 _____ C:\WINDOWS\system32\Tasks\ASUS Optimization 36D18D69AFC3
2023-10-30 15:59 - 2022-02-08 21:20 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-10-30 11:17 - 2020-10-02 13:06 - 001804498 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-10-30 11:17 - 2019-12-07 09:55 - 000801892 _____ C:\WINDOWS\system32\perfh00A.dat
2023-10-30 11:17 - 2019-12-07 09:55 - 000159088 _____ C:\WINDOWS\system32\perfc00A.dat
2023-10-30 11:12 - 2023-09-30 19:59 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2023-10-30 11:10 - 2021-05-10 00:58 - 000000000 ____D C:\Program Files\TeamViewer
2023-10-30 11:10 - 2020-10-02 05:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-10-30 11:10 - 2020-10-02 04:56 - 000008192 ___SH C:\DumpStack.log.tmp
2023-10-30 11:09 - 2019-12-07 04:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2023-10-30 05:49 - 2023-09-24 13:25 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-10-30 05:48 - 2023-09-24 13:25 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-10-30 05:48 - 2023-09-24 13:24 - 000000000 ____D C:\Program Files\Malwarebytes
2023-10-30 05:39 - 2023-07-15 10:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-10-30 05:17 - 2020-10-01 11:14 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-10-27 20:00 - 2020-10-02 05:01 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-10-27 20:00 - 2020-10-02 05:01 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-10-27 09:57 - 2023-07-15 10:13 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-10-26 10:49 - 2021-05-27 23:45 - 000007598 _____ C:\Users\darli\AppData\Local\Resmon.ResmonCfg
2023-10-22 12:12 - 2021-06-04 00:44 - 000000000 ____D C:\Users\darli\VirtualBox VMs
2023-10-22 12:12 - 2021-06-04 00:38 - 000000000 ____D C:\Users\darli\.VirtualBox
2023-10-22 12:07 - 2021-06-04 00:38 - 000000000 ____D C:\ProgramData\VirtualBox
2023-10-22 11:40 - 2022-05-17 08:13 - 000000000 ____D C:\Users\darli\AppData\Roaming\Microsoft\Excel
2023-10-22 11:37 - 2023-07-02 20:51 - 000000000 ____D C:\Users\darli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-10-22 10:26 - 2021-06-17 22:40 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2023-10-22 10:26 - 2020-10-02 05:01 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUS
2023-10-22 10:25 - 2020-06-03 21:14 - 000000000 ____D C:\Program Files (x86)\ASUS
2023-10-22 10:01 - 2020-06-03 21:12 - 000000000 ____D C:\ProgramData\ASUS
2023-10-22 09:01 - 2020-11-04 01:35 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2023-10-18 16:50 - 2020-08-23 15:20 - 000000000 ___RD C:\Users\darli\OneDrive
2023-10-17 21:03 - 2020-06-03 21:14 - 000000000 ____D C:\Program Files (x86)\LightingService
2023-10-17 21:03 - 2020-06-03 21:08 - 000000000 ____D C:\ProgramData\Package Cache
2023-10-17 11:30 - 2020-08-23 15:19 - 000000000 ____D C:\Users\darli\AppData\Local\NVIDIA Corporation
2023-10-17 11:16 - 2021-02-28 16:04 - 000000000 ___RD C:\Users\darli\Downloads\B9ECED6F.ASUSPCAssistant_qmba6cd70vzyy!App
2023-10-17 10:58 - 2020-06-03 21:11 - 000000000 ____D C:\ProgramData\Realtek
2023-10-17 10:35 - 2020-08-23 15:20 - 000000000 ____D C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder
2023-10-17 10:20 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-10-17 10:07 - 2023-04-02 19:37 - 000000000 ____D C:\Program Files\7-Zip
2023-10-17 10:04 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-10-17 10:02 - 2020-06-03 21:08 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2023-10-17 00:12 - 2019-12-07 04:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-10-16 23:47 - 2021-06-17 22:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2023-10-16 23:47 - 2021-06-17 22:40 - 000000000 ____D C:\Program Files (x86)\EPSON Software
2023-10-16 23:47 - 2021-06-17 22:39 - 000000000 ____D C:\ProgramData\EPSON
2023-10-16 23:34 - 2022-05-25 16:10 - 000000000 ____D C:\Users\darli\AppData\Roaming\Microsoft\Document Building Blocks
2023-10-16 23:34 - 2022-05-15 21:44 - 000000000 ____D C:\Users\darli\AppData\Roaming\Microsoft\UProof
2023-10-16 23:33 - 2023-07-15 10:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S10 2005
2023-10-16 23:33 - 2020-12-10 19:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2023-10-16 23:33 - 2020-06-03 21:07 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2023-10-16 23:17 - 2022-05-16 16:02 - 000000000 ____D C:\Users\darli\AppData\Roaming\obs-studio
2023-10-16 18:53 - 2023-04-06 19:57 - 000000000 ____D C:\Program Files (x86)\Epic Games
2023-10-16 18:51 - 2021-03-23 18:01 - 000000000 ____D C:\ProgramData\Epic
2023-10-16 18:51 - 2020-10-01 22:00 - 000000000 ____D C:\Users\darli
2023-10-16 17:58 - 2021-02-23 14:14 - 000004218 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{27607F8E-2D5E-4CF9-96E7-033792615D14}
2023-10-16 17:42 - 2022-05-15 22:59 - 000000000 ____D C:\Users\darli\AppData\Roaming\Zoom
2023-10-15 09:08 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-10-15 00:02 - 2020-10-02 04:56 - 000440712 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-10-15 00:00 - 2020-10-01 21:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\es-MX
2023-10-15 00:00 - 2020-10-01 21:34 - 000000000 ____D C:\WINDOWS\es-MX
2023-10-15 00:00 - 2019-12-07 09:55 - 000000000 ____D C:\WINDOWS\SysWOW64\es
2023-10-15 00:00 - 2019-12-07 09:55 - 000000000 ____D C:\WINDOWS\system32\es
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Com
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-10-15 00:00 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\IME
2023-10-15 00:00 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\servicing
2023-10-14 23:59 - 2019-12-07 09:57 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-10-14 23:59 - 2019-12-07 09:57 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-10-14 23:59 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-10-14 23:59 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-10-14 23:59 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-10-14 23:59 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-10-14 14:08 - 2019-12-07 09:57 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2023-10-14 14:08 - 2019-12-07 04:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2023-10-14 14:08 - 2019-12-07 04:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2023-10-14 13:59 - 2020-10-02 04:59 - 003014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-10-14 11:38 - 2020-08-24 00:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-10-14 11:13 - 2020-08-24 00:28 - 181553176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-10-13 01:16 - 2021-04-13 23:34 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2023-10-11 13:48 - 2022-01-10 10:04 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1691082389-834839770-2912174567-1001
2023-10-11 13:48 - 2020-10-02 05:01 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1691082389-834839770-2912174567-1001
2023-10-09 17:27 - 2019-10-18 12:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-10-05 23:47 - 2022-05-15 21:39 - 000000000 ____D C:\Users\darli\AppData\Roaming\Microsoft\Office
2023-10-05 23:47 - 2019-12-07 09:56 - 000000000 ____D C:\WINDOWS\OCR
2023-10-05 23:31 - 2020-10-01 22:00 - 000000000 ____D C:\Users\Administrador
2023-10-05 23:31 - 2020-08-23 16:11 - 000000000 ___RD C:\Users\Administrador\3D Objects
2023-10-05 23:31 - 2020-08-23 16:11 - 000000000 ____D C:\Users\Administrador\AppData\Local\Packages
2023-10-05 23:31 - 2020-06-03 21:06 - 000000000 __RHD C:\Users\Public\AccountPictures

==================== Archivos en la raíz de algunos directorios ========

2023-06-20 18:48 - 2023-06-20 18:48 - 002957224 _____ (Adobe Inc.) C:\ProgramData\33254054184047813588.exe
2023-06-20 18:56 - 2023-06-20 18:56 - 002957224 _____ (Adobe Inc.) C:\ProgramData\48969276489406860942.exe
2023-06-20 18:55 - 2023-06-20 18:55 - 002957224 _____ (Adobe Inc.) C:\ProgramData\70778276883350723911.exe
2023-04-09 09:36 - 2023-04-09 09:36 - 000012288 _____ () C:\Users\darli\AppData\Roaming\emp.bin
2022-05-16 16:03 - 2022-07-13 13:10 - 000000016 _____ () C:\Users\darli\AppData\Roaming\obs-virtualcam.txt
2020-08-24 11:19 - 2020-08-24 11:19 - 000000410 _____ () C:\Users\darli\AppData\Local\oobelibMkey.log
2021-05-27 23:45 - 2023-10-26 10:49 - 000007598 _____ () C:\Users\darli\AppData\Local\Resmon.ResmonCfg
2020-08-23 15:58 - 2020-08-23 15:58 - 000000003 _____ () C:\Users\darli\AppData\Local\updater.log
2020-08-23 15:58 - 2020-08-23 15:58 - 000000424 _____ () C:\Users\darli\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================
```

Reporte Addition:

```
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 06-10-2023
Ejecutado por darli (03-11-2023 10:44:47)
Ejecutado desde C:\Users\darli\OneDrive\Escritorio
Microsoft Windows 10 Home Versión 22H2 19045.3570 (X64) (2020-10-02 10:01:26)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================


(Si una entrada es incluida en el fixlist, será eliminada.)

Administrador (S-1-5-21-1691082389-834839770-2912174567-500 - Administrator - Enabled) => C:\Users\Administrador
darli (S-1-5-21-1691082389-834839770-2912174567-1001 - Administrator - Enabled) => C:\Users\darli
DefaultAccount (S-1-5-21-1691082389-834839770-2912174567-503 - Limited - Disabled)
Invitado (S-1-5-21-1691082389-834839770-2912174567-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1691082389-834839770-2912174567-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\uTorrent) (Version: 3.5.5.45852 - BitTorrent Inc.)
4K Video Downloader (HKLM\...\{94360C20-3425-4BB1-9A75-03A4E69194F8}) (Version: 4.13.0.3800 - Open Media LLC)
7-Zip 22.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2201-000001000000}) (Version: 22.01.00.0 - Igor Pavlov)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 8.0.4 - AnyDesk Software GmbH)
ARMOURY CRATE Service (HKLM\...\{01378DC3-088F-4F55-AAFA-DC6A9CCA292A}) (Version: 5.7.3 - ASUS)
Assassins Creed Valhalla MULTi14 - ElAmigos versión 1.1.2 (HKLM-x32\...\{56CA5418-430C-43BD-A02B-2993D8A641D9}_is1) (Version: 1.1.2 - Ubisoft)
ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.3.3.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM-x32\...\{99c84b70-e56e-4a29-9a3a-10d41c9fcc6d}) (Version: 2.3.3.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Display Component (HKLM-x32\...\{b8af8e27-5c72-412c-bab7-dc6430e70f1b}) (Version: 1.1.23 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.2.4 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM-x32\...\{7f23d3ea-a821-4293-b7f7-34383bf06437}) (Version: 1.2.4 - ASUSTek COMPUTER INC.) Hidden
ASUS Framework Service (HKLM-x32\...\{339A6383-7862-46DA-8A9D-E84180EF9424}) (Version: 4.0.1.5 - ASUSTeK Computer Inc.)
ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.0.34 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM-x32\...\{049c2f12-c730-4efc-81db-0adcf3ff5782}) (Version: 1.0.34 - ASUSTek COMPUTER INC.) Hidden
ASUS MB Peripheral Products (HKLM-x32\...\{a3a1beb0-9f5b-4b4e-8cfa-ef25842faf55}) (Version: 1.0.30 - ASUSTeK Computer Inc.) Hidden
ASUS Mouse HAL (HKLM-x32\...\{a96c7710-4dd8-463e-8f76-c3ad65b248a5}) (Version: 1.0.33 - ASUSTek COMPUTER INC.) Hidden
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.107 - ASUSTeK Computer Inc.) Hidden
Autodesk Vehicle Tracking 2018 (64 bit) Core (HKLM\...\{9BB641F3-24B1-427E-A850-1C02157219EC}) (Version: 18.0.533.0 - Autodesk, Inc.) Hidden
Backup and Sync from Google (HKLM\...\{696895F7-52C7-4C9E-998B-C7E0CC907092}) (Version: 3.57.4256.0809 - Google, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.17 - Piriform)
Comprobación de estado de PC Windows (HKLM\...\{8B474A92-CE3A-4F46-B6F1-6DFA1390F826}) (Version: 3.6.2204.08001 - Microsoft Corporation)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.13.0.1371 - Disc Soft Ltd)
DSB Notification (HKLM\...\{A82D01C4-0F9C-4FD6-9E2F-EDBD1E9826DC}) (Version: 1.2.1 - ASUSTeK COMPUTER INC.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Privacy Browser (HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\Epic Privacy Browser) (Version: 91.0.4472.124 - Epic)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.3 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{71038C40-8258-44D2-BBF4-B6312338172C}) (Version: 2.8.3.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{E244A764-EDD0-46B0-8689-661F6B28D9E5}) (Version: 3.10.0069 - Seiko Epson Corporation)
EPSON L395 Series Printer Uninstall (HKLM\...\EPSON L395 Series) (Version:  - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{189DE071-E0BC-4BA5-8E34-83D5ED12600B}) (Version: 3.2.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version:  - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
GameSDK Service (HKLM-x32\...\{021d69c3-d686-4a94-8fb5-fd1ee782fb14}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.)
GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 118.0.5993.120 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 83.0.2.0 - Google LLC)
Google Earth Pro (HKLM\...\{F27DBA46-80E1-4858-9285-19198FFFBF3D}) (Version: 7.3.6.9345 - Google)
Hamul (HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\Hamul) (Version: 1.6.0 - Nakama)
Human Anatomy Atlas version 7.4.01 (HKLM-x32\...\{0DDE4272-3433-4C74-ADA6-72350805D612}_is1) (Version: 7.4.01 - Visible Body - m!DVT)
HxD Hex Editor 2.5 (HKLM\...\HxD_is1) (Version: 2.5 - Maël Hörz)
IBM SPSS Statistics (HKLM\...\{865E2C89-D9AE-43B9-A33D-81D0C919EF79}) (Version: 29.0.1.0 - IBM Corp)
IBM SPSS Statistics 26 (HKLM\...\{1AC22BAE-DC13-4991-9910-AE3743A4592D}) (Version: 26.0.0.0 - IBM Corp)
Java 8 Update 301 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180301F0}) (Version: 8.0.3010.9 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lightshot-5.5.0.7 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.7 - Skillbrains)
Malwarebytes version 4.6.5.293 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.5.293 - Malwarebytes)
ManyCam 5.1.0 (HKLM-x32\...\ManyCam) (Version: 5.1.0 - Visicom Media Inc.)
Microsoft .NET Core Host - 3.1.10 (x64) (HKLM\...\{52B42932-15C1-45D4-8904-FC3117EEE69B}) (Version: 24.104.29419 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.10 (x64) (HKLM\...\{752B4412-A129-4CB2-AD96-B6D97EAD3090}) (Version: 24.104.29419 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.10 (x64) (HKLM\...\{396D7BC8-E3C8-4B3E-8C60-D50D94FDF09D}) (Version: 24.104.29419 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.10 (x64) (HKLM-x32\...\{4714dd0a-ebab-4f59-a708-f8d7a793b3f5}) (Version: 3.1.10.29419 - Microsoft Corporation)
Microsoft 365 - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 16.0.17029.20000 - Microsoft Corporation)
Microsoft ASP.NET Core 3.1.10 - Shared Framework (HKLM-x32\...\{6efe3294-03d8-4977-9c67-9f57ab075130}) (Version: 3.1.10.20520 - Microsoft Corporation)
Microsoft ASP.NET Core 3.1.10 Shared Framework (x64) (HKLM\...\{7BEAA207-E3EB-3948-BBB3-336B04D8A2F1}) (Version: 3.1.10.20520 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 118.0.2088.76 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\OneDriveSetup.exe) (Version: 23.221.1024.0002 - Microsoft Corporation)
Microsoft OneNote - es-es (HKLM\...\OneNoteFreeRetail - es-es) (Version: 16.0.17029.20000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation)
Microsoft Visual Basic PowerPacks 10.0 (HKLM-x32\...\{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}) (Version: 10.0.20911 - Microsoft)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
MLWapp 2.6 (HKLM\...\MLWapp_is1) (Version: 2.6.0.0 - mylivewallpapers.com)
Monosnap (HKLM-x32\...\{859592B1-E3FF-49B8-A7C3-563440D6257C}) (Version: 4.1.10.26483 - Monosnap)
Mozilla Firefox (x64 es-ES) (HKLM\...\Mozilla Firefox 119.0 (x64 es-ES)) (Version: 119.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 115.0.2 - Mozilla)
Nitro Pro (HKLM\...\{B6642EB0-A5C8-4AFF-AF4C-FF62E9CD0D65}) (Version: 13.35.2.685 - Nitro)
NVIDIA Controlador de audio HD 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 536.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 536.67 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.0.0 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17029.20000 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17029.20000 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.17029.20000 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 6.1.22 (HKLM\...\{573CC601-ED8D-450F-BE6F-A313DD77A4A0}) (Version: 6.1.22 - Oracle Corporation)
ROG Live Service (HKLM\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 2.2.5.0 - ASUSTek COMPUTER INC.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.17.7 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 38.2 - Ubisoft)
uTorrent Web (HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\utweb) (Version: 1.3.0 - Rainberry, Inc.)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version:  - VB-Audio Software)
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 118.0.2088.76 - Microsoft Corporation)
WinRAR 6.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.21.0 - win.rar GmbH)
Wondershare Filmora 10.0.0.91 (HKLM\...\Wondershare Filmora_is1) (Version: 10.0.0.91 - lrepacks.ru)
Wondershare MirrorGo(Version 1.9.0) (HKLM-x32\...\{EE843B49-D9BC-4A9E-A8A7-B9F14C0381C7}_is1) (Version: 1.9.0 - Wondershare)
Zoom (HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\ZoomUMX) (Version: 5.16.2 (22807) - Zoom Video Communications, Inc.)

Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.20025.0_x64__0a9344xs7nr4m [2023-03-17] (Advanced Micro Devices Inc.) [Startup Task]
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.7.3.0_x64__qmba6cd70vzyy [2023-10-22] (ASUSTeK COMPUTER INC.)
Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-09-06] (Microsoft Corporation)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-10-05] (Microsoft Corporation)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa [2023-10-25] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-08-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-08-24] (Microsoft Corporation) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.21027.539.0_x64__8wekyb3d8bbwe [2023-11-02] (Microsoft Corporation)
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.29.0_x64__qmba6cd70vzyy [2023-10-27] (ASUSTeK COMPUTER INC.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-07-18] (NVIDIA Corp.)
Outlook for Windows -> C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2023.920.900_x64__8wekyb3d8bbwe [2023-09-24] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.10160.0_x64__8wekyb3d8bbwe [2023-10-20] (Microsoft Studios) [MS Ad]
WhatsApp Beta -> C:\Program Files\WindowsApps\5319275A.51895FA4EA97F_2.2344.2.0_x64__cv1g1gvanyjgm [2023-11-02] (WhatsApp Inc.) [Startup Task]
Windows Package Manager Source (winget) -> C:\Program Files\WindowsApps\Microsoft.Winget.Source_2023.928.2303.555_neutral__8wekyb3d8bbwe [2023-09-28] (Microsoft Corporation)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\83.0.2.0\drivefsext.dll [2023-11-01] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\83.0.2.0\drivefsext.dll [2023-11-01] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\83.0.2.0\drivefsext.dll [2023-11-01] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\83.0.2.0\drivefsext.dll [2023-11-01] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> Ningún archivo
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\83.0.2.0\drivefsext.dll [2023-11-01] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers1: [Nitro.Pro.ShellExtension.Shim] -> {211B6F25-950C-49CD-AB86-A448EF85686A} => C:\Program Files\Common Files\Nitro\Nitro.Pro.ShellExtension.Shim.dll [2021-02-11] (Nitro Software, Inc. -> Nitro Software, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-08-23] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-08-23] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-10-16] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\83.0.2.0\drivefsext.dll [2023-11-01] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\83.0.2.0\drivefsext.dll [2023-11-01] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_a4e83a4bfff92e83\nvshext.dll [2023-07-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> Ningún archivo
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-10-16] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2023-10-22 10:26 - 2023-09-14 16:02 - 000322048 _____ () [Archivo no firmado] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ac_node_addon\build\Release\ac_node_addon.node
2023-10-22 10:26 - 2023-04-14 14:18 - 000319488 _____ () [Archivo no firmado] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\sharp\build\Release\sharp-win32-ia32.node
2023-10-22 10:26 - 2023-09-14 16:02 - 000541696 _____ () [Archivo no firmado] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\usb\prebuilds\win32-ia32\node.napi.node
2022-07-15 19:00 - 2022-07-15 19:00 - 000094720 _____ (Igor Pavlov) [Archivo no firmado] C:\Program Files\7-Zip\7-zip.dll
2016-05-09 09:20 - 2016-05-09 09:20 - 000132096 _____ (Seiko Epson Corporation) [Archivo no firmado] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\WINDOWS\System32\enppmon.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\WINDOWS\System32:tdsrset_i.gfc [5846]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Video Downloader.lnk:CCF539F03F [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike WaRzOnE.lnk:17D621BEAD [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [3442]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [8570]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SophosVirusRemovalTool => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SophosVirusRemovalTool => ""="Service"

==================== Asociación (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado.)

HKU\S-1-5-21-1691082389-834839770-2912174567-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"

==================== Internet Explorer (Lista blanca) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1691082389-834839770-2912174567-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT170902&iDate=2020-12-11%2010:05:05&iid=72e342fc-e853-49e4-8d5c-5b9203367155&bName=
URLSearchHook: [S-1-5-21-1691082389-834839770-2912174567-500] ATENCIÓN => No se encuentra URLSearchHook predeterminado
SearchScopes: HKU\S-1-5-21-1691082389-834839770-2912174567-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1691082389-834839770-2912174567-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_301\bin\ssv.dll [2021-09-06] (Oracle America, Inc. -> Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO: Sin Nombre -> {AE7CD045-E861-484f-8273-0445EE161910} -> Ningún archivo
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_301\bin\jp2ssv.dll [2021-09-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-11-01] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Sin Nombre - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Ningún archivo
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-01] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\localhost -> localhost

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2019-03-18 23:49 - 2023-10-17 10:07 - 000002820 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0	choice.microsoft.com
0.0.0.0	choice.microsoft.com.nstac.net
0.0.0.0	df.telemetry.microsoft.com
0.0.0.0	oca.telemetry.microsoft.com
0.0.0.0	oca.telemetry.microsoft.com.nsatc.net
0.0.0.0	redir.metaservices.microsoft.com
0.0.0.0	reports.wes.df.telemetry.microsoft.com
0.0.0.0	services.wes.df.telemetry.microsoft.com
0.0.0.0	settings-sandbox.data.microsoft.com
0.0.0.0	settings-win.data.microsoft.com
0.0.0.0	sqm.df.telemetry.microsoft.com
0.0.0.0	sqm.telemetry.microsoft.com
0.0.0.0	sqm.telemetry.microsoft.com.nsatc.net
0.0.0.0	telecommand.telemetry.microsoft.com
0.0.0.0	telecommand.telemetry.microsoft.com.nsatc.net
0.0.0.0	telemetry.appex.bing.net
0.0.0.0	telemetry.microsoft.com
0.0.0.0	telemetry.urs.microsoft.com
0.0.0.0	vortex-sandbox.data.microsoft.com
0.0.0.0	vortex-win.data.microsoft.com
0.0.0.0	vortex.data.microsoft.com
0.0.0.0	watson.telemetry.microsoft.com
0.0.0.0	watson.telemetry.microsoft.com.nsatc.net
0.0.0.0	watson.ppe.telemetry.microsoft.com
0.0.0.0	wes.df.telemetry.microsoft.com
0.0.0.0	vortex-bn2.metron.live.com.nsatc.net
0.0.0.0	vortex-cy2.metron.live.com.nsatc.net
0.0.0.0	watson.live.com
0.0.0.0	watson.microsoft.com
0.0.0.0	feedback.search.microsoft.com

2023-07-15 10:22 - 2023-07-15 10:25 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\
HKU\S-1-5-21-1691082389-834839770-2912174567-1001\Control Panel\Desktop\\Wallpaper -> c:\users\darli\appdata\local\microsoft\windows\themes\roamedthemefiles\desktopbackground\asus.jpg
HKU\S-1-5-21-1691082389-834839770-2912174567-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Firewall de Windows está habilitado.

Network Binding:
=============
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Wi-Fi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
```

```
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run32: => "Autodesk Genuine Service "
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\StartupApproved\Run: => "Monosnap"
HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\StartupApproved\Run: => "Hamul"
HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\StartupApproved\Run: => "Epic Privacy Browser Installer"
HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\StartupApproved\Run: => "GoogleDriveFS"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{461BEE47-0201-41B9-AD53-537D81C6F2DF}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK COMPUTER INC. -> )
FirewallRules: [{BEFE69EB-619E-43BE-A7A1-E41034794BEA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{72792E61-FDBB-43AC-8D5C-FB55AF4B4FBB}] => (Allow) C:\Games\Counter-Strike WaRzOnE\hl.exe (Valve) [Archivo no firmado]
FirewallRules: [{4C2F3E59-D8C2-4AB6-86A9-7EFB4925CF70}] => (Allow) C:\Games\Counter-Strike WaRzOnE\hl.exe (Valve) [Archivo no firmado]
FirewallRules: [{1E468B05-5052-40AB-888C-1188F921BE92}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D127272B-7748-4C5A-B808-CB4FB614CC8E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{45E19EAA-18B1-4288-A540-2E05E2090FE5}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{765779AB-CC5F-4168-9FC2-F5EDAECF02D9}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{F87DE3E6-68C1-41E6-B209-A8AEA7DE2CA7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> )
FirewallRules: [{5A0793E6-0741-4E64-89ED-007041529689}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> )
FirewallRules: [{F32991FF-BE4D-4000-9077-A953C5648A26}] => (Allow) C:\Users\darli\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{27A74C19-D0C4-44D0-B04B-618335ED7BDC}] => (Allow) C:\Users\darli\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{DFF980D3-D8F5-4A56-934D-0E889C640162}] => (Allow) C:\Users\darli\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{9D67E627-B6CA-4550-9729-84D6B63CFDA3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{29F538CC-670D-4E62-9457-78732BBF5299}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0264A61E-090D-4922-A54F-E167C353334F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{B4868E02-4589-4046-9A46-DC21F63C6DDB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{7D709229-5C67-4EFC-B0FA-0063D918C84B}] => (Allow) C:\Program Files\AndroidTbox\THypervBox.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{F5E48DDA-3E5E-4D3B-AB2A-2A1316BAC521}] => (Allow) C:\Program Files\AndroidTbox\TBoxHeadless.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{9A954B9E-7986-4651-B1ED-AED928D4C5C3}] => (Allow) C:\Program Files\AndroidTbox\TBoxNetNAT.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{E8215F70-2F09-4837-A5B6-5D234BF54F75}] => (Allow) C:\Program Files\AndroidTbox\TBoxSDL.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{507F58EE-2652-436F-8410-EF8C485037AC}] => (Allow) C:\Program Files\AndroidTbox\TBoxExtPackHelperApp.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{FEF89EFC-A276-4374-86BB-DBD63B5A7E64}] => (Allow) C:\Program Files\AndroidTbox\USBInstall.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{6093607F-52F4-4FCB-B71E-2E611B83CE23}] => (Allow) C:\Program Files\AndroidTbox\TBoxNetDHCP.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{A7B22505-58F1-4D5F-99A8-E6A9A5298DFC}] => (Allow) C:\Program Files\AndroidTbox\TBoxManage.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{6A5F0AE4-9634-4C04-AB24-EE0C97FB40C3}] => (Allow) C:\Program Files\AndroidTbox\USBUninstall.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{584ED70C-5DF4-4C5F-8BD0-AC57F488789F}] => (Allow) C:\Program Files\AndroidTbox\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{7963AE4A-34AB-41B6-A9A4-F7EDF6A1FCE9}] => (Allow) C:\Program Files\AndroidTbox\SUPLoggerCtl.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{A5852409-59F7-47CD-9F98-1C743A8DACD1}] => (Allow) C:\Program Files\AndroidTbox\NetFltUninstall.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{F70790BF-C38A-455F-A1D6-71A66D3603AC}] => (Allow) C:\Program Files\AndroidTbox\SUPUninstall.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{830AB7AF-037A-4393-A3E8-ED65A6C21220}] => (Allow) C:\Program Files\AndroidTbox\TBoxBalloonCtrl.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{0610ABFA-F87F-4DFD-9A37-B3469EFB2A42}] => (Allow) C:\Program Files\AndroidTbox\SUPInstall.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{FB1C9641-31D6-4CAD-B4E5-503CE414139F}] => (Allow) C:\Program Files\AndroidTbox\TBoxSVC.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{FC193398-1B8D-45D9-8226-9857A2E719A3}] => (Allow) E:\Downloads\AnyDesk (2).exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{1DBCA163-2E10-4246-8C07-E8275443E427}] => (Allow) E:\Downloads\AnyDesk (2).exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{D72E3155-CB0D-4321-A28E-19071A07AA22}] => (Allow) E:\Downloads\AnyDesk (2).exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{53B7B9CD-D746-48B2-8CD3-02FBD36D50AC}] => (Allow) E:\Downloads\AnyDesk (2).exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{DE0EDFF8-BF97-4469-98E1-F00D9E332E43}] => (Allow) E:\Downloads\AnyDesk (2).exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{FA5B1351-D670-4DF9-AE7E-36F83FEE68DE}] => (Allow) E:\Downloads\AnyDesk (2).exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{5F914F4A-A40C-445A-8035-AC678ACB09CF}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3744C7C9-2BB4-4177-B768-753E0FA1CF69}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E871D462-8DF9-44F5-95FB-7BFE7E8C7BB2}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7EEF16ED-3694-49E9-A1B1-334CA700EDAA}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3E999A35-ACDF-4E9E-9A29-1B849206457B}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{1BBDDBFB-2FE7-4795-BDA6-5290D814BE9D}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{16E2C2D3-46DF-428A-8E37-D3D8F1E4BCB7}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{9DB61276-EEC5-47D8-A5F5-F5F29F802D54}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [TCP Query User{9BBA9F01-6A85-4784-BB10-5B2B11E34128}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{555B6D42-557C-478B-8053-8EA184FC2396}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{3BAD6FD3-A11A-4A38-AC86-C520DC41C700}] => (Allow) E:\Downloads\AnyDesk (11).exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{8126ADE0-2A10-4D44-BEF1-521264A83F07}] => (Allow) E:\Downloads\AnyDesk (11).exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{4BAE7B13-D75B-4F0E-A350-F6A34B55EFC4}] => (Allow) E:\Downloads\AnyDesk (11).exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{82DE9872-F5D5-4365-9C05-97D28F11F6E9}] => (Allow) E:\Downloads\AnyDesk (11).exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{520EF2AA-28D8-4AC3-A7C0-6483E639D900}] => (Allow) E:\Downloads\AnyDesk (11).exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{5B930657-76B8-426E-B819-AE7EAD8D1370}] => (Allow) E:\Downloads\AnyDesk (11).exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{AEB50C5C-E8B9-49F2-A7BB-E215F3C817DD}] => (Allow) C:\Users\darli\AppData\Local\Epic Privacy Browser\Application\epic.exe (Hidden Reflex Authors) [Archivo no firmado]
FirewallRules: [TCP Query User{789EEE06-83CD-41B7-BDF7-77B252718357}C:\program files\ibm\spss statistics\stats.exe] => (Allow) C:\program files\ibm\spss statistics\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [UDP Query User{5AD6534B-2891-42EE-9FF8-D458573F1080}C:\program files\ibm\spss statistics\stats.exe] => (Allow) C:\program files\ibm\spss statistics\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{C4113099-B5B4-487C-8179-11232C8AF0ED}] => (Allow) E:\Downloads\AnyDesk (17).exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{0FE53E0C-9A15-4714-B701-66EB16760143}] => (Allow) E:\Downloads\AnyDesk (17).exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{BB3F9839-BC1B-4EC2-BC26-D48A47000168}] => (Allow) E:\Downloads\AnyDesk (17).exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{466D37E1-A661-4D07-9C8B-C47ED30CC7B2}] => (Allow) E:\Downloads\AnyDesk (17).exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{C1B3B352-3033-4A57-AF41-C5C64F7E5155}] => (Allow) E:\Downloads\AnyDesk (17).exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{7724815B-0DFF-4322-9AD4-57703D335BAE}] => (Allow) E:\Downloads\AnyDesk (17).exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{5B55D287-081C-4FC2-BF28-8B54E63D1B15}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{BDFD3CF1-618D-4FE1-9B65-B0C06F5791E1}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{D33CCEC6-FB1E-4ECA-886A-D8BCBF95BE35}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3B51F3C1-9907-49DE-B7F2-8309EA409186}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{A98B9A8E-74B7-4A9A-BB7E-6FD535B66687}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{EDAB09AC-D40E-4060-BB57-72A891AF81B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{1A4F2576-5E2D-4D82-8819-4B1E01F35A0F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{5BEB0B9A-723E-4F96-8CAF-3143A2920855}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\26\stats.com (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{5B45898A-A779-4713-86D7-A8EC2DD95709}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\26\WinWrapIDE.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{D00B0392-446A-4DAE-8108-645A17D4287B}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\26\stats.com (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{CDD62FB3-C7DB-4689-A973-07E2A6771F08}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\26\WinWrapIDE.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{90872D50-7B40-4777-A177-91587003510A}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\26\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{0DA180A0-79EB-4D51-86AD-505CFA0C3CFB}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\26\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{5CF52D96-DE91-4620-8ECA-B028C35F7900}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{135E40E7-1882-4446-8F91-291F76262845}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{95589B8F-01BA-4F21-A51C-5FCA49B6D9B6}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{2CB168C4-6EBC-499B-BA74-7394C8D80935}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{4B7DC64F-8CCF-4E89-9BD3-7C96767A5560}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{C01C5F0B-7E78-4606-BA09-3DA076ECC2ED}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{59D250D1-73D5-40A4-8B7E-2C207A2F41CB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{ED29DC57-C1A5-4DD2-836B-23085C38C524}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{3F4F9E43-69BB-447F-8F11-6D949E73B251}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{43656E88-4F40-48FF-94B3-193B05E467D5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{F80286A1-6F5B-4B0B-9E92-0710237C7648}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{7299F99A-53A2-4174-BBBE-CC75A7E82EA1}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.29.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{36E4601F-BE69-4885-B9A0-A16A42CBFD29}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.29.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{DD89E1C4-3C8D-479F-91AD-7F0884E38EE3}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.29.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{3411570E-6D8F-4E56-97B2-D05955F993CF}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.29.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{87D3FE9A-8DEA-4CD2-B991-C2874D909C05}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\118.0.2088.76\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{488CC236-AA1C-4019-9B93-C9212842A416}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
FirewallRules: [{EF0ABC7F-9C6E-4CF3-96D1-6327A55EDE1C}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
FirewallRules: [{2E1423A5-D062-4EA0-9189-D060DAC199A8}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSLinkNear\AsusLinkNear.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{4D522310-38B6-4A9F-83D1-25B33FEFD825}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSwitch\AsusSwitchNet.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{2E0412EF-8BB4-40B3-B393-08EF1C497F77}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSwitch\AsusSwitchNetMDNS.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{0F202B45-FB76-4BC2-9B1B-8F1B218C681A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{95BC2D89-0B7B-43C6-AADE-704C7644C1D1}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{F258B513-2BD3-402D-BC12-3B0B25173321}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{337F4249-AC30-483A-AD1D-7FAE3F3A1D13}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{75029310-8F6F-460E-B48B-3589688B8C6B}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{CDCBEACC-84A6-4035-A8A0-1E532C47EC99}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{408A8640-0A30-46EF-A20E-EF36556D94C8}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{E7A79FBC-FDC2-474C-AC79-5544898B914F}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK COMPUTER INC. -> )
FirewallRules: [{D0585199-63EE-4D49-8E84-DA873B58C834}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK COMPUTER INC. -> )

==================== Puntos de Restauración =========================

30-10-2023 10:59:03 Punto de control programado

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (11/02/2023 11:59:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: DllHost.exe, versión: 10.0.19041.3570, marca de tiempo: 0x5f959e44
Nombre del módulo con errores: ntdll.dll, versión: 10.0.19041.3570, marca de tiempo: 0x3be1c500
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00000000000634f6
Identificador del proceso con errores: 0x4368
Hora de inicio de la aplicación con errores: 0x01da0da6e8e51b83
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\DllHost.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: cf9e21ae-d004-44fe-920c-2ebf823ca3ef
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (11/01/2023 01:09:36 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: LAPTOP-0HHCN5FS)
Description: No se pudo cerrar la aplicación o el servicio 'Microsoft Office SDX Helper'.

Error: (11/01/2023 12:19:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: DllHost.exe, versión: 10.0.19041.3570, marca de tiempo: 0x5f959e44
Nombre del módulo con errores: ntdll.dll, versión: 10.0.19041.3570, marca de tiempo: 0x3be1c500
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00000000000634f6
Identificador del proceso con errores: 0x47d4
Hora de inicio de la aplicación con errores: 0x01da0cc992168b36
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\DllHost.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: 670849b2-4b4d-4d22-9425-1e1c4229d7f1
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (11/01/2023 12:15:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: ArmouryCrate.UserSessionHelper.exe, versión: 5.7.0.0, marca de tiempo: 0x6507929e
Nombre del módulo con errores: AuraPlugin.dll, versión: 5.7.3.0, marca de tiempo: 0x650a6f7b
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000007f2ef
Identificador del proceso con errores: 0x38e4
Hora de inicio de la aplicación con errores: 0x01da0cc87cb268e4
Ruta de acceso de la aplicación con errores: C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe
Ruta de acceso del módulo con errores: C:\Program Files\ASUS\ARMOURY CRATE Service\AuraPlugIn\AuraPlugin.dll
Identificador del informe: 4f3e6fe3-1726-4916-bb66-7724622cc734
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (11/01/2023 12:15:16 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: ArmouryCrate.UserSessionHelper.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: código de la excepción c0000005, dirección de la excepción 00007FF9BCEFF2EF

Error: (11/01/2023 09:04:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: DllHost.exe, versión: 10.0.19041.3570, marca de tiempo: 0x5f959e44
Nombre del módulo con errores: ntdll.dll, versión: 10.0.19041.3570, marca de tiempo: 0x3be1c500
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00000000000634f6
Identificador del proceso con errores: 0x47d4
Hora de inicio de la aplicación con errores: 0x01da0cc992168b36
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\DllHost.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: 08463949-72a4-4fff-bbe8-56510e0417a9
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (11/01/2023 12:00:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AsusSystemAnalysis.exe, versión: 2.1.28.0, marca de tiempo: 0x650114c0
Nombre del módulo con errores: ntdll.dll, versión: 10.0.19041.3570, marca de tiempo: 0x3be1c500
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x00000000000a2350
Identificador del proceso con errores: 0x3fe4
Hora de inicio de la aplicación con errores: 0x01da0c173a01c476
Ruta de acceso de la aplicación con errores: C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSystemAnalysis\AsusSystemAnalysis.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: a046a827-533c-4cd2-bf2e-a01728d8b226
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (10/31/2023 08:38:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: DllHost.exe, versión: 10.0.19041.3570, marca de tiempo: 0x5f959e44
Nombre del módulo con errores: ntdll.dll, versión: 10.0.19041.3570, marca de tiempo: 0x3be1c500
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00000000000634f6
Identificador del proceso con errores: 0x3cd0
Hora de inicio de la aplicación con errores: 0x01da0c0ee06175c7
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\DllHost.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: 1a7ee46f-911d-40a2-9543-480c0e23aa53
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:


Errores del sistema:
=============
Error: (11/03/2023 10:41:39 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio AnyDesk Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.

Error: (11/02/2023 11:41:46 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-0HHCN5FS)
Description: El servidor B9ECED6F.ASUSPCAssistant_3.1.29.0_x64__qmba6cd70vzyy!App.AppX7kzebfqmdxej6ev77x78grbnx1efgwnw.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (11/02/2023 11:09:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Steam Client Service no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (11/02/2023 11:09:09 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Steam Client Service.

Error: (11/01/2023 03:28:00 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-0HHCN5FS)
Description: El servidor B9ECED6F.ASUSPCAssistant_3.1.29.0_x64__qmba6cd70vzyy!App.AppX7kzebfqmdxej6ev77x78grbnx1efgwnw.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (11/01/2023 08:37:14 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción del servicio ArmouryCrateService.

Error: (11/01/2023 12:04:21 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-0HHCN5FS)
Description: El servidor microsoft.windowscommunicationsapps_16005.14326.21640.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (11/01/2023 12:00:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio ASUS System Analysis terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.


Windows Defender:
================
Date: 2023-11-02 19:08:56
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {07EC8228-5D9E-486F-B133-22D636DDAF4F}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2023-11-02 12:57:26
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {3C71BA26-9135-4ECD-B730-3F20AE8DDCFD}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2023-10-31 21:17:54
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {746B8A36-7059-48B9-9CDE-B3EA1D361C7F}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2023-10-30 11:45:45
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {BE81C6B9-4040-450F-A19B-A4EC295FF9C8}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2023-10-30 11:35:32
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {EE32AB5E-F467-465D-80AB-D7B30C34B623}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2023-01-03 02:28:15
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.381.1526.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.19900.2
Código de error: 0x8024402c
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

CodeIntegrity:
===============
Date: 2023-10-17 11:41:15
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\EdgeWebView\Application\118.0.2088.46\msedgewebview2.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Microsoft signing level requirements.

Date: 2023-10-15 18:02:35
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-10-09 11:53:45
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. FX505DT.316 01/28/2021
Placa base: ASUSTeK COMPUTER INC. FX505DT
Procesador: AMD Ryzen 5 3550H with Radeon Vega Mobile Gfx 
Porcentaje de memoria en uso: 46%
RAM física total: 7616.9 MB
RAM física disponible: 4037.89 MB
Virtual total: 19392.9 MB
Virtual disponible: 13789.02 MB

==================== Unidades ================================

Drive c: (OS) (Fixed) (Total:237.08 GB) (Free:37.02 GB) (Model: KINGSTON RBUSNS8154P3256GJ3) NTFS
Drive d: (Nuevo vol) (Fixed) (Total:431.5 GB) (Free:274.14 GB) (Model: ST1000LM048-2E7172) NTFS
Drive e: (Nuevo vol) (Fixed) (Total:500 GB) (Free:265.11 GB) (Model: ST1000LM048-2E7172) NTFS

\\?\Volume{a4387739-2482-458c-8205-65f09e78f9b3}\ (RECOVERY) (Fixed) (Total:1.12 GB) (Free:0.47 GB) NTFS
\\?\Volume{d63ec520-36da-4c20-b5db-f1c29fa1c4a2}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: E9CD2037)

Partition: GPT.

==================== Final de Addition.txt =======================
```

Hola, esperando no hayas olvivado mi caso, solo para hacerte acrodar del mismo , ya pasaron 3 días, aquí arriba adjunté los 2 registros solicitados, de antemano te agradezco mucho la ayuda.

Hola buenas @Darkar33 sé qué han pasado unos días dese tus logs.

He tenido poco tiempo. Ahora estoy analizando tus logs.

En breves tienes el Script.

Salu2.

Buenas noches, han pasado ya 2 semanas, espero me puedas seguir ayudando con el script porfavor, espero con gusto

Hola, buenas @Darkar33

En primer lugar, disculpa en que haya tardado en responder.

[color=#2271b3] PREGUNTAS [/color]

¿Tú has instalado en tu ordenador los siguientes programas o te suenan? Son estos:

AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 8.0.4 - AnyDesk Software GmbH)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.17.7 - TeamViewer)
4K Video Downloader (HKLM\...\{94360C20-3425-4BB1-9A75-03A4E69194F8}) (Version: 4.13.0.3800 - Open Media LLC)
MLWapp 2.6 (HKLM\...\MLWapp_is1) (Version: 2.6.0.0 - mylivewallpapers.com)
uTorrent Web (HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\utweb) (Version: 1.3.0 - Rainberry, Inc.)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version:  - VB-Audio Software)
Hamul (HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\Hamul) (Version: 1.6.0 - Nakama)

¿Los descargaste del sitio oficial? ¿Son piratas ? ¿O son legales? Dime el estado de cada uno… si es legal… pirata y si lo descargaste del sitio oficial o no.

He detectado en tu equipo los siguientes antivirus instalados:

Windows Defender

Todo y que por el log me lo imagino… ¿Pero qué antivirus utilizas actualmente en tu equipo como protección residente? ¿Y qué Firewall?

También he detectado rastros de los siguientes Antivirus en tu máquina:

McAfee
Sophos

¿Los utilizaste en el pasado? ¿Los desinstalaste? Cuéntame todo acerca de estos…

¿Reconoces la siguiente dirección IP en tu red: 192.168.43.1? Y esto:

Tcpip\..\Interfaces\{271854cb-b5a8-481f-943d-5e2900896ce2}: [DhcpNameServer] 192.168.43.1

¿Que servidores DCHP tienes instalados/configurados en tu máquina?

[color=#2271b3] DESINSTALACIÓN PROGRAMAS[/color]

Para los programas en que te diga: puedes quitarlos. Hazlo así:

Desinstalalos con Revo Uninstaller en su Modo Avanzado. Para ello sigues su manual la parte de desinstalación de programas.

Quitas todos los programas que encuentre Revo con el nombre de: Lightshot, Monosnap, ManyCam, Wondershare Filmora, Wondershare MirrorGo o Wondershare + Lo que sea.

Pues en tu caso tienes instalados los siguientes:

Lightshot-5.5.0.7 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.7 - Skillbrains)
Monosnap (HKLM-x32\...\{859592B1-E3FF-49B8-A7C3-563440D6257C}) (Version: 4.1.10.26483 - Monosnap)
ManyCam 5.1.0 (HKLM-x32\...\ManyCam) (Version: 5.1.0 - Visicom Media Inc.)
Wondershare Filmora 10.0.0.91 (HKLM\...\Wondershare Filmora_is1) (Version: 10.0.0.91 - lrepacks.ru)
Wondershare MirrorGo(Version 1.9.0) (HKLM-x32\...\{EE843B49-D9BC-4A9E-A8A7-B9F14C0381C7}_is1) (Version: 1.9.0 - Wondershare)

Estos deben de quedar completamente desinstalados.

[color=#2271b3] DESINSTALACIÓN EXTENSIONES[/color]

Para las extensiones en que te diga: puedes quitarlas. Hazlo así:

Accedes al Chrome y quitas la extensión llamada McAfee® WebAdvisor.

Ahora debes de hacer una [color=#ff00]COPIA DE SEGURIDAD DEL REGISTRO[/color], para ello:

• Reinicias el ordenador en Modo Normal.

• Descargas DelFix en tu escritorio.

• Doble clic para ejecutarlo. [size=2](Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)[/size]

• Marcas solamente la casilla de [color=#ff00]Create registry backup[/color], el resto te aseguras de que no estén seleccionadas.

• Presionas en Run.

Se abrirá el informe (DelFix.txt), puedes cerrarlo. Pero lo guardas por si en el futuro te lo pido/hace falta.

Seguidamente, CIERRAS TODOS LOS PROGRAMAS, vas a Inicio >> Ejecutar y escribes Notepad.exe

• Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:

Folder: C:\ProgramData\mb3migration
Folder: C:\Users\darli\AppData\Local\OO Software
Folder: C:\ProgramData\PLUG
Folder: C:\Program Files\RUXIM
Folder: C:\Users\Administrador\AppData\Local\CEF
Folder: C:\Users\Administrador\AppData\Local\Comms
Folder: C:\Users\Administrador\ansel
Folder: C:\ProgramData\Package Cache
Folder: C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder
Folder: C:\Users\darli\AppData\Roaming\Microsoft\UProof
Folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S10 2005
File: C:\WINDOWS\system32\Drivers\SIVX64.sys;C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys;C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
VirusTotal: C:\WINDOWS\system32\Drivers\SIVX64.sys;C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys;C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json

HKLM\...\Run: [Autodesk Sync] => [X]
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> )
HKLM\...\Policies\Explorer: [HideSCAMeetNow] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restricción <==== ATENCIÓN
HKLM\Software\Policies\...\system: [EnableActivityFeed] 0
HKLM\Software\Policies\...\system: [PublishUserActivities] 0
HKLM\Software\Policies\...\system: [UploadUserActivities] 0
HKLM\Software\Policies\...\system: [AllowClipboardHistory] 0
HKLM\Software\Policies\...\system: [AllowCrossDeviceClipboard] 0
HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\Run: [Monosnap] => C:\Users\darli\AppData\Local\Monosnap\App\Monosnap.exe [317448 2021-10-11] (IMI.VC Advisors UAB -> )
HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\Policies\Explorer: [HideSCAMeetNow] 1
GroupPolicy: Restricción ? <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restricción <==== ATENCIÓN
Task: {CBC3CEE3-396B-4FAD-A245-8860C5BFD3FD} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe  -mode=scheduled (Ningún archivo)
Task: {03366130-EA30-43B0-AC28-1EABA630EF99} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe  (Ningún archivo)
Task: {DABBD34A-1CE4-4D66-9AD3-D5BA88416F77} - System32\Tasks\update-S-1-5-21-1691082389-834839770-2912174567-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {A5AE3BA8-D324-42A1-A053-ADF3BB5D8C08} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: C:\WINDOWS\Tasks\update-S-1-5-21-1691082389-834839770-2912174567-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi => no encontrado
CHR Extension: (McAfee® WebAdvisor) - C:\Users\darli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-07-09]
S2 ManyCam Service; C:\ProgramData\ManyCam\Service\ManyCamService.exe [544984 2016-03-31] (ManyCam -> Visicom Media Inc.)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppService.exe [474768 2017-03-01] (Wondershare software CO., LIMITED -> Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MirrorGo\DriverInstall.exe [111328 2017-05-05] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 QMEmulatorService; "C:\Users\darli\OneDrive\Escritorio\TxGameAssistant\AppMarket\QMEmulatorService.exe" [X]
S3 EnigmaFileMonDriver; C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys [84032 2023-09-24] (Microsoft Windows Hardware Compatibility Publisher -> EnigmaSoft Limited)
R3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [66952 2018-07-29] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.)
R3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-28] (ManyCam -> Visicom Media Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> Ningún archivo
ContextMenuHandlers1: [Nitro.Pro.ShellExtension.Shim] -> {211B6F25-950C-49CD-AB86-A448EF85686A} => C:\Program Files\Common Files\Nitro\Nitro.Pro.ShellExtension.Shim.dll [2021-02-11] (Nitro Software, Inc. -> Nitro Software, Inc.)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> Ningún archivo
AlternateDataStreams: C:\WINDOWS\System32:tdsrset_i.gfc [5846]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Video Downloader.lnk:CCF539F03F [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike WaRzOnE.lnk:17D621BEAD [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [3442]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [8570]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SophosVirusRemovalTool => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SophosVirusRemovalTool => ""="Service"
HKU\S-1-5-21-1691082389-834839770-2912174567-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT170902&iDate=2020-12-11%2010:05:05&iid=72e342fc-e853-49e4-8d5c-5b9203367155&bName=
URLSearchHook: [S-1-5-21-1691082389-834839770-2912174567-500] ATENCIÓN => No se encuentra URLSearchHook predeterminado
SearchScopes: HKU\S-1-5-21-1691082389-834839770-2912174567-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1691082389-834839770-2912174567-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Sin Nombre -> {AE7CD045-E861-484f-8273-0445EE161910} -> Ningún archivo
Toolbar: HKLM - Sin Nombre - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Ningún archivo
HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\StartupApproved\Run: => "Monosnap"
FirewallRules: [{AEB50C5C-E8B9-49F2-A7BB-E215F3C817DD}] => (Allow) C:\Users\darli\AppData\Local\Epic Privacy Browser\Application\epic.exe (Hidden Reflex Authors) [Archivo no firmado]

C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
C:\Users\darli\AppData\Local\Monosnap\App\Monosnap.exe
C:\Users\darli\AppData\Local\Monosnap
C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
C:\Program Files (x86)\Skillbrains
C:\ProgramData\ManyCam\Service\ManyCamService.exe
C:\ProgramData\ManyCam\
C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppService.exe
C:\Program Files (x86)\Wondershare
C:\Program Files (x86)\Wondershare\MirrorGo\DriverInstall.exe
C:\Program Files (x86)\Wondershare
C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys
C:\WINDOWS\system32\DRIVERS\mcvidrv.sys
C:\WINDOWS\system32\drivers\mcaudrv_x64.sys
2023-10-17 09:29 - 2023-10-17 09:29 - 000000000 ____D C:\ProgramData\Sophos
2023-10-14 13:48 - 2023-10-14 13:48 - 000000000 ___HD C:\$WinREAgent
2023-10-17 21:03 - 2020-06-03 21:14 - 000000000 ____D C:\Program Files (x86)\LightingService
2023-10-13 01:16 - 2021-04-13 23:34 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2023-07-15 10:22 - 2023-07-15 10:25 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END

Lo guardas con el nombre de FIXLIST.TXT en tu escritorio [color=#ff00](MUY IMPORTANTE).[/color] Pues en caso contrario no funcionará el SCRIPT, ambos ficheros (FRST.exe y FIXLIST.TXT ) y deben de estar en la ubicación del ESCRITORIO.

[color=#ff00]El anterior Script de reparación es personalizado para la máquina en concreto para la cual se fabricó y está hecho específicamente por un miembro del Staff. Si se tiene un problema parecido, por favor abra su propio tema para recibir ayuda personalizada y específica. Utilizar Scripts de otros Sistemas puede causar daños graves en su ordenador.[/color]

Finalmente (OJO, en MODO NORMAL):

1. Ejecutas nuevamente FRST.exe [size=2](Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)[/size].

2. Presionas sobre [color=#ff00]Fix/Corregir[/color] y esperas a que finalice el proceso. [color=#ff00]No hagas nada con el PC mientras este realizando dichas reparaciones, incluso si parece ser que se ha quedado colgado. No lo toques y esperas.[/color]

3. Cunado finalice, en el ESCRITORIO se creará el fichero FIXLOG.TXT lo traes en tu próxima respuesta.

4. Reinicias el ordenador en Modo Normal compruebas durante un rato el funcionamiento de este y comentas como sigue el problema inicialmente planteado.

Muy Importante Coloca el reporte que te he pedido como se muestra en la siguiente imagen:

report703×272 3.73 KB

Salu2.

01: Sobre Anydesk, Teamviewer, utorrent son de siito oficial, los demás como 4k video downloader, MLWapp 2.6, Hamul y VB cable(no recuerdo haberlo descargado) no lo sé con certeza

02: sí, solo uso Windows defender, más nada

03: McAfee venia por defecto, lo desinstalé cuando venció su licencia, Sophos no recuerdo haberlo descargado ni usado.

04: No llego a encontrar esa dirección IP en mi red, así que no sabría decirte

Con respecto a los servidores DCHP lo tengo de manera automática del servicio “claro”, además no encuentro esa dirección IP en mi red, por lo tanto no la reconozco.

1: Desisntalé todos ya con Revo Uninstaller en su Modo Avanzado, 2: Desisnstalé la extensión McAfee® WebAdvisor. 3: Hice COPIA DE SEGURIDAD DEL REGISTRO con delfix, ejecutè FRST.exe con el script en el escrtitorio y el FIXLOG.TXT botó lo siguiente:

> Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 05-11-2023 02
> Ejecutado por darli (30-11-2023 11:11:25) Run:1
> Ejecutado desde C:\Users\darli\OneDrive\Escritorio
> Perfiles cargados: darli & Administrador
> Modo de Inicio: Normal
> ==============================================
> 
> fixlist contenido:
> *****************
> START
> CREATERESTOREPOINT:
> CLOSEPROCESSES:
> 
> Folder: C:\ProgramData\mb3migration
> Folder: C:\Users\darli\AppData\Local\OO Software
> Folder: C:\ProgramData\PLUG
> Folder: C:\Program Files\RUXIM
> Folder: C:\Users\Administrador\AppData\Local\CEF
> Folder: C:\Users\Administrador\AppData\Local\Comms
> Folder: C:\Users\Administrador\ansel
> Folder: C:\ProgramData\Package Cache
> Folder: C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder
> Folder: C:\Users\darli\AppData\Roaming\Microsoft\UProof
> Folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S10 2005
> File: C:\WINDOWS\system32\Drivers\SIVX64.sys;C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys;C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
> VirusTotal: C:\WINDOWS\system32\Drivers\SIVX64.sys;C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys;C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
> 
> HKLM\...\Run: [Autodesk Sync] => [X]
> HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> )
> HKLM\...\Policies\Explorer: [HideSCAMeetNow] 1
> HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
> HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restricción <==== ATENCIÓN
> HKLM\Software\Policies\...\system: [EnableActivityFeed] 0
> HKLM\Software\Policies\...\system: [PublishUserActivities] 0
> HKLM\Software\Policies\...\system: [UploadUserActivities] 0
> HKLM\Software\Policies\...\system: [AllowClipboardHistory] 0
> HKLM\Software\Policies\...\system: [AllowCrossDeviceClipboard] 0
> HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\Run: [Monosnap] => C:\Users\darli\AppData\Local\Monosnap\App\Monosnap.exe [317448 2021-10-11] (IMI.VC Advisors UAB -> )
> HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\Policies\Explorer: [] 
> HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\Policies\Explorer: [HideSCAMeetNow] 1
> GroupPolicy: Restricción ? <==== ATENCIÓN
> Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN
> HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
> HKLM\SOFTWARE\Policies\Microsoft\Edge: Restricción <==== ATENCIÓN
> Task: {CBC3CEE3-396B-4FAD-A245-8860C5BFD3FD} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe  -mode=scheduled (Ningún archivo)
> Task: {03366130-EA30-43B0-AC28-1EABA630EF99} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe  (Ningún archivo)
> Task: {DABBD34A-1CE4-4D66-9AD3-D5BA88416F77} - System32\Tasks\update-S-1-5-21-1691082389-834839770-2912174567-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
> Task: {A5AE3BA8-D324-42A1-A053-ADF3BB5D8C08} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
> Task: C:\WINDOWS\Tasks\update-S-1-5-21-1691082389-834839770-2912174567-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
> Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
> Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
> Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
> Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
> Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
> FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi => no encontrado
> CHR Extension: (McAfee® WebAdvisor) - C:\Users\darli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-07-09]
> S2 ManyCam Service; C:\ProgramData\ManyCam\Service\ManyCamService.exe [544984 2016-03-31] (ManyCam -> Visicom Media Inc.)
> S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppService.exe [474768 2017-03-01] (Wondershare software CO., LIMITED -> Wondershare)
> S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MirrorGo\DriverInstall.exe [111328 2017-05-05] (Wondershare Technology Co.,Ltd -> Wondershare)
> S2 QMEmulatorService; "C:\Users\darli\OneDrive\Escritorio\TxGameAssistant\AppMarket\QMEmulatorService.exe" [X]
> S3 EnigmaFileMonDriver; C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys [84032 2023-09-24] (Microsoft Windows Hardware Compatibility Publisher -> EnigmaSoft Limited)
> R3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [66952 2018-07-29] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.)
> R3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-28] (ManyCam -> Visicom Media Inc.)
> ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
> ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> Ningún archivo
> ContextMenuHandlers1: [Nitro.Pro.ShellExtension.Shim] -> {211B6F25-950C-49CD-AB86-A448EF85686A} => C:\Program Files\Common Files\Nitro\Nitro.Pro.ShellExtension.Shim.dll [2021-02-11] (Nitro Software, Inc. -> Nitro Software, Inc.)
> ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> Ningún archivo
> AlternateDataStreams: C:\WINDOWS\System32:tdsrset_i.gfc [5846]
> AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
> AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Video Downloader.lnk:CCF539F03F [3442]
> AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [3442]
> AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike WaRzOnE.lnk:17D621BEAD [3442]
> AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [3442]
> AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [8570]
> HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SophosVirusRemovalTool => ""="Service"
> HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SophosVirusRemovalTool => ""="Service"
> HKU\S-1-5-21-1691082389-834839770-2912174567-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT170902&iDate=2020-12-11%2010:05:05&iid=72e342fc-e853-49e4-8d5c-5b9203367155&bName=
> URLSearchHook: [S-1-5-21-1691082389-834839770-2912174567-500] ATENCIÓN => No se encuentra URLSearchHook predeterminado
> SearchScopes: HKU\S-1-5-21-1691082389-834839770-2912174567-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
> SearchScopes: HKU\S-1-5-21-1691082389-834839770-2912174567-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
> BHO: Sin Nombre -> {AE7CD045-E861-484f-8273-0445EE161910} -> Ningún archivo
> Toolbar: HKLM - Sin Nombre - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Ningún archivo
> HKU\S-1-5-21-1691082389-834839770-2912174567-1001\...\StartupApproved\Run: => "Monosnap"
> FirewallRules: [{AEB50C5C-E8B9-49F2-A7BB-E215F3C817DD}] => (Allow) C:\Users\darli\AppData\Local\Epic Privacy Browser\Application\epic.exe (Hidden Reflex Authors) [Archivo no firmado]
> 
> C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe
> C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
> C:\Users\darli\AppData\Local\Monosnap\App\Monosnap.exe
> C:\Users\darli\AppData\Local\Monosnap
> C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
> C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
> C:\Program Files (x86)\Skillbrains
> C:\ProgramData\ManyCam\Service\ManyCamService.exe
> C:\ProgramData\ManyCam\
> C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppService.exe
> C:\Program Files (x86)\Wondershare
> C:\Program Files (x86)\Wondershare\MirrorGo\DriverInstall.exe
> C:\Program Files (x86)\Wondershare
> C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys
> C:\WINDOWS\system32\DRIVERS\mcvidrv.sys
> C:\WINDOWS\system32\drivers\mcaudrv_x64.sys
> 2023-10-17 09:29 - 2023-10-17 09:29 - 000000000 ____D C:\ProgramData\Sophos
> 2023-10-14 13:48 - 2023-10-14 13:48 - 000000000 ___HD C:\$WinREAgent
> 2023-10-17 21:03 - 2020-06-03 21:14 - 000000000 ____D C:\Program Files (x86)\LightingService
> 2023-10-13 01:16 - 2021-04-13 23:34 - 000000000 ____D C:\ProgramData\Wondershare Filmora
> 2023-07-15 10:22 - 2023-07-15 10:25 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
> 
> CMD: ipconfig /flushdns
> CMD: ipconfig /renew
> CMD: bitsadmin /reset /allusers
> CMD: netsh winsock reset
> CMD: netsh advfirewall reset
> CMD: netsh advfirewall set allprofiles state ON
> CMD: netsh int ipv4 reset
> CMD: netsh int ipv6 reset
> RemoveProxy:
> EmptyTemp:
> Hosts:
> END
> *****************
> 
> El punto de restauración fue creado correctamente.
> Procesos cerrados correctamente.
> 
> ========================= Folder: C:\ProgramData\mb3migration ========================
> 
> 2023-10-16 18:55 - 2023-09-30 19:59 - 000000639 ____A [DD40FDBADC832F1E06B142567A51EE28] () C:\ProgramData\mb3migration\ServiceConfig.json
> 2023-10-16 18:55 - 2023-10-16 18:55 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\mb3migration\Config
> 2023-10-16 18:55 - 2023-10-15 00:08 - 000089441 ____A [AC2BB8A2BAAF67D9795A2D3715648A1E] () C:\ProgramData\mb3migration\Config\AeConfig.json
> 2023-10-16 18:55 - 2023-10-15 00:08 - 000000608 ____A [F352135A4038020EE8635AE44DDD1B98] () C:\ProgramData\mb3migration\Config\ArwControllerConfig.json
> 2023-10-16 18:55 - 2023-10-15 09:17 - 000000846 ____A [CE8800269EF2C6292D211FC86D49ACB2] () C:\ProgramData\mb3migration\Config\CleanControllerConfig.json
> 2023-10-16 18:55 - 2023-10-16 13:31 - 000001425 ____A [291156430F76C597F4072F3D01947491] () C:\ProgramData\mb3migration\Config\CloudConfig.json
> 2023-10-16 18:55 - 2023-10-16 14:49 - 000000107 ____A [C817A18168EE9DEE5458AFE5EE264BE6] () C:\ProgramData\mb3migration\Config\IrisData.json
> 2023-10-16 18:55 - 2023-10-16 11:30 - 000015008 ____A [731F167BB326E161067CA741675FFA15] () C:\ProgramData\mb3migration\Config\LicenseConfig.json
> 2023-10-16 18:55 - 2023-09-24 13:28 - 000010806 ____A [CA7F6F416896F6D108648C94E47CA785] () C:\ProgramData\mb3migration\Config\MbamClientConfig.json
> 2023-10-16 18:55 - 2023-09-24 13:25 - 000465601 ____A [E23B7901D24AFF667447DDCFA680ACC4] () C:\ProgramData\mb3migration\Config\MbamControlStatementConfig.json
> 2023-10-16 18:55 - 2023-09-30 19:58 - 000000303 ____A [2FD0713A98E08E2798AD774AC9F7805B] () C:\ProgramData\mb3migration\Config\MbamWhatsnewConfig.json
> 2023-10-16 18:55 - 2023-09-30 19:58 - 000000301 ____A [58871C17FC9E7606AFB7D711DA427C16] () C:\ProgramData\mb3migration\Config\MdamWhatsnewConfig.json
> 2023-10-16 18:55 - 2023-10-15 09:07 - 000002325 ____A [FB1AC61CD7B7F8B4FEFA2F505941912C] () C:\ProgramData\mb3migration\Config\MwacControllerConfig.json
> 2023-10-16 18:55 - 2023-10-15 00:08 - 000000900 ____A [55E0E917827ABA031A4C626256536123] () C:\ProgramData\mb3migration\Config\PoliciesConfig.json
> 2023-10-16 18:55 - 2023-10-15 00:08 - 000001180 ____A [B07B49260C3BB422F2496778EF03EF10] () C:\ProgramData\mb3migration\Config\RtpConfig.json
> 2023-10-16 18:55 - 2023-10-15 09:07 - 000002220 ____A [F5A83ACC6EB334865BCE769C9086449D] () C:\ProgramData\mb3migration\Config\ScanConfig.json
> 2023-10-16 18:55 - 2023-10-15 09:07 - 000011167 ____A [012795FA9A00B87B133A501716A33891] () C:\ProgramData\mb3migration\Config\SpConfigFile.json
> 2023-10-16 18:55 - 2023-10-16 00:00 - 000001432 ____A [4E2B302C0E55B4F6D4951E67482A20C8] () C:\ProgramData\mb3migration\Config\TelemCtrlConfig.json
> 2023-10-16 18:55 - 2023-09-30 19:58 - 000000387 ____A [11EDB6998AAA30FAB990EF6987CB44AD] () C:\ProgramData\mb3migration\Config\telemetry.json
> 2023-10-16 18:55 - 2023-10-16 18:50 - 000001388 ____A [E5244075D443E97EB36886EEF41E942F] () C:\ProgramData\mb3migration\Config\UpdateControllerConfig.json
> 2023-10-16 18:55 - 2023-10-16 18:55 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\mb3migration\Quarantine
> 2023-10-16 18:55 - 2023-10-01 17:05 - 000002213 ____A [3F2F9E4D2B11DBD4D0A8E08B9B46BE05] () C:\ProgramData\mb3migration\Quarantine\a6f327b1-60a6-11ee-a560-0a0027000014.data
> 2023-10-16 18:55 - 2023-10-01 17:05 - 006418944 ____A [1DF13453887776B6FA8341741B301143] () C:\ProgramData\mb3migration\Quarantine\a6f327b1-60a6-11ee-a560-0a0027000014.quar
> 2023-10-16 18:55 - 2023-10-16 18:55 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\mb3migration\RtpDetections
> 2023-10-16 18:55 - 2023-10-01 17:05 - 000004676 ____A [CDFDDBD03747A5D4C1995E8EF97BD9FC] () C:\ProgramData\mb3migration\RtpDetections\a6f327b0-60a6-11ee-9d19-0a0027000014.json
> 2023-10-16 18:55 - 2023-10-16 18:55 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\mb3migration\ScanResults
> 2023-10-16 18:55 - 2023-10-04 23:06 - 000078818 ____A [6AC09F21BEFFF0F231C479FA62FF7443] () C:\ProgramData\mb3migration\ScanResults\07edc7b6-6334-11ee-ac75-0a0027000014.json
> 2023-10-16 18:55 - 2023-10-09 10:00 - 000078817 ____A [680DA13F0C686B01C91C76DEC97CFE63] () C:\ProgramData\mb3migration\ScanResults\24b4bb06-66b4-11ee-b4f2-0a0027000014.json
> 2023-10-16 18:55 - 2023-10-06 14:51 - 000081954 ____A [7619E147F33DA304FAC99650F2493892] () C:\ProgramData\mb3migration\ScanResults\3f09e70e-6481-11ee-9fb5-0a0027000014.json
> 2023-10-16 18:55 - 2023-10-07 12:31 - 000078818 ____A [325CB57927B1698550EF2A55999F70F1] () C:\ProgramData\mb3migration\ScanResults\653bd256-6536-11ee-87a9-0a0027000014.json
> 2023-10-16 18:55 - 2023-10-01 22:59 - 000078819 ____A [9D2DF060736A647D3FC3F226310A6112] () C:\ProgramData\mb3migration\ScanResults\9cc101c8-60d7-11ee-a0bd-0a0027000014.json
> 2023-10-16 18:55 - 2023-09-28 16:25 - 000094805 ____A [D25B840BC1587A65311F21BCA48648FF] () C:\ProgramData\mb3migration\ScanResults\c69cd016-5e30-11ee-9dee-0a0027000014.json
> 2023-10-16 18:55 - 2023-09-26 19:12 - 000097950 ____A [2A3DBE279FF79A4A04F8BF9EB0D65EBD] () C:\ProgramData\mb3migration\ScanResults\d4d2354e-5cc9-11ee-b760-0a0027000014.json
> 2023-10-16 18:55 - 2023-09-30 12:05 - 000097952 ____A [E5DDE23535A6B63E0B270405B51CB782] () C:\ProgramData\mb3migration\ScanResults\d74b637c-5fb2-11ee-af81-0a0027000014.json
> 2023-10-16 18:55 - 2023-10-02 16:35 - 000078820 ____A [24BF1BE3B57CABD059211704422D190B] () C:\ProgramData\mb3migration\ScanResults\ee5bc37c-616a-11ee-b0ef-0a0027000014.json
> 
> ====== Final de Folder: ======
> 
> 
> ========================= Folder: C:\Users\darli\AppData\Local\OO Software ========================
> 
> 2023-10-17 00:22 - 2023-10-17 00:22 - 000000000 ____D [00000000000000000000000000000000] C:\Users\darli\AppData\Local\OO Software\OO ShutUp10
> 
> ====== Final de Folder: ======
> 
> 
> ========================= Folder: C:\ProgramData\PLUG ========================
> 
> 2023-10-12 23:19 - 2023-11-30 11:08 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\PLUG\Logs
> 2023-11-05 20:03 - 2023-11-30 11:08 - 000131072 ____A [2C33A24E7D7F2ADDB760980C90DF1858] () C:\ProgramData\PLUG\Logs\RUXIMLog.001.etl
> 2023-11-05 20:03 - 2023-11-30 10:35 - 000131072 ____A [B02FFC196C8FEF16E395901C0B41C0A9] () C:\ProgramData\PLUG\Logs\RUXIMLog.002.etl
> 2023-11-05 20:03 - 2023-11-30 09:40 - 000131072 ____A [8A847213E449C25C797FFFBBF832A322] () C:\ProgramData\PLUG\Logs\RUXIMLog.003.etl
> 2023-11-05 20:03 - 2023-11-29 20:33 - 000131072 ____A [AB8418770C69629F30F2DD4BEBFF6D1E] () C:\ProgramData\PLUG\Logs\RUXIMLog.004.etl
> 2023-11-05 20:03 - 2023-11-29 20:33 - 000131072 ____A [62C24643CC14EB439B119FF981CED0AF] () C:\ProgramData\PLUG\Logs\RUXIMLog.006.etl
> 2023-11-05 20:03 - 2023-11-29 09:38 - 000131072 ____A [F87EAA9E80B6455098DBAA64F5F17558] () C:\ProgramData\PLUG\Logs\RUXIMLog.007.etl
> 2023-11-05 20:03 - 2023-11-28 19:30 - 000131072 ____A [3AFB5D8EB78C501FB9DCB151D1343B6F] () C:\ProgramData\PLUG\Logs\RUXIMLog.008.etl
> 2023-11-05 20:03 - 2023-11-28 17:29 - 000131072 ____A [D0EF423A430014540019C313B0B6884D] () C:\ProgramData\PLUG\Logs\RUXIMLog.009.etl
> 2023-11-05 20:03 - 2023-11-28 13:29 - 000131072 ____A [22353AF90103A90564DD1A07499B2D32] () C:\ProgramData\PLUG\Logs\RUXIMLog.010.etl
> 2023-11-05 20:03 - 2023-11-28 13:29 - 000131072 ____A [40982ACB5873EBBEB1E5047F86D7AD99] () C:\ProgramData\PLUG\Logs\RUXIMLog.012.etl
> 2023-11-05 20:03 - 2023-11-28 09:27 - 000131072 ____A [7E6D9EE2A72994CFDAD2856FD09549BA] () C:\ProgramData\PLUG\Logs\RUXIMLog.013.etl
> 2023-11-05 20:03 - 2023-11-28 08:40 - 000131072 ____A [E3F4F4DB057B2680A88125CA2C178DE4] () C:\ProgramData\PLUG\Logs\RUXIMLog.014.etl
> 2023-11-05 20:03 - 2023-11-27 19:42 - 000131072 ____A [FFFEF273AB44F92DA0F7101CCF9C314B] () C:\ProgramData\PLUG\Logs\RUXIMLog.015.etl
> 2023-11-05 20:03 - 2023-11-27 15:42 - 000131072 ____A [DF9453838761AD3707F0EE6F06A4C083] () C:\ProgramData\PLUG\Logs\RUXIMLog.016.etl
> 2023-11-05 20:03 - 2023-11-27 11:42 - 000131072 ____A [09DFCF849CF4A29920A68704BE9BF8B5] () C:\ProgramData\PLUG\Logs\RUXIMLog.017.etl
> 2023-11-05 20:03 - 2023-11-27 11:42 - 000131072 ____A [4FE41DB12025C7271FB3E5FB52EADA20] () C:\ProgramData\PLUG\Logs\RUXIMLog.019.etl
> 2023-11-05 20:03 - 2023-11-25 09:55 - 000131072 ____A [BB7514EF02D244A82C0044F6840D7741] () C:\ProgramData\PLUG\Logs\RUXIMLog.020.etl
> 2023-11-05 20:03 - 2023-11-24 20:48 - 000131072 ____A [C7B09645048CF62D2C035EE9414F9A45] () C:\ProgramData\PLUG\Logs\RUXIMLog.021.etl
> 2023-11-05 20:03 - 2023-11-24 17:10 - 000131072 ____A [2D7D1F2FC88C07429093C3AFE8A8507D] () C:\ProgramData\PLUG\Logs\RUXIMLog.022.etl
> 2023-11-05 20:03 - 2023-11-24 13:10 - 000131072 ____A [CD73B58F0CCA5542520E89924A0A1337] () C:\ProgramData\PLUG\Logs\RUXIMLog.023.etl
> 2023-11-05 20:03 - 2023-11-24 12:48 - 000131072 ____A [D96F3598557DA127B32195094F605DDD] () C:\ProgramData\PLUG\Logs\RUXIMLog.024.etl
> 2023-11-05 20:03 - 2023-11-24 12:48 - 000131072 ____A [C10B6370E7F828B1A5C78F16288589C5] () C:\ProgramData\PLUG\Logs\RUXIMLog.026.etl
> 2023-11-05 20:03 - 2023-11-24 08:48 - 000131072 ____A [B25197069FF4C99E6CEC2DBF8D3AE600] () C:\ProgramData\PLUG\Logs\RUXIMLog.027.etl
> 2023-10-12 23:19 - 2023-11-23 20:21 - 000131072 ____A [F5B48BAE7944836CD74F33303003032E] () C:\ProgramData\PLUG\Logs\RUXIMLog.028.etl
> 2023-10-12 23:19 - 2023-11-23 20:21 - 000131072 ____A [90E932EC510D2B0E33732711C6EE46A8] () C:\ProgramData\PLUG\Logs\RUXIMLog.029.etl
> 2023-10-12 23:19 - 2023-11-23 13:53 - 000131072 ____A [6831C89D5331192A5DA517FF025D7862] () C:\ProgramData\PLUG\Logs\RUXIMLog.030.etl
> 2023-10-12 23:19 - 2023-11-23 10:20 - 000131072 ____A [D1855398C2F12CED0F6B5BE7E0F5E415] () C:\ProgramData\PLUG\Logs\RUXIMLog.031.etl
> 2023-10-12 23:19 - 2023-11-23 10:20 - 000131072 ____A [F4A4FA559992D0BA44B1056E5F6F5F37] () C:\ProgramData\PLUG\Logs\RUXIMLog.033.etl
> 2023-10-12 23:19 - 2023-11-22 22:05 - 000131072 ____A [E432C290D7791E47A57DC4B81E1BF16B] () C:\ProgramData\PLUG\Logs\RUXIMLog.034.etl
> 2023-10-12 23:19 - 2023-11-22 22:05 - 000131072 ____A [75B2A20E86AA4177B6CDFB6516C52590] () C:\ProgramData\PLUG\Logs\RUXIMLog.035.etl
> 2023-10-12 23:19 - 2023-11-22 16:19 - 000131072 ____A [1688E7388555E8FE8157F9D4D3B17BDD] () C:\ProgramData\PLUG\Logs\RUXIMLog.036.etl
> 2023-10-12 23:19 - 2023-11-22 16:09 - 000131072 ____A [332957295A283D30BD8D1F2F319317CA] () C:\ProgramData\PLUG\Logs\RUXIMLog.037.etl
> 2023-10-12 23:19 - 2023-11-22 08:53 - 000131072 ____A [5D3CCBF48B46D152FECF29F611B77912] () C:\ProgramData\PLUG\Logs\RUXIMLog.038.etl
> 2023-10-12 23:19 - 2023-11-22 08:53 - 000131072 ____A [8E7EA89B81766CB920FE9A1421FE5CA4] () C:\ProgramData\PLUG\Logs\RUXIMLog.040.etl
> 2023-10-12 23:19 - 2023-11-21 19:50 - 000131072 ____A [3C01D3B0C17FFB570251E3850C0662B4] () C:\ProgramData\PLUG\Logs\RUXIMLog.041.etl
> 2023-10-12 23:19 - 2023-11-21 15:50 - 000131072 ____A [8CCF81E868ABB5215E6295BFE6FFDF94] () C:\ProgramData\PLUG\Logs\RUXIMLog.042.etl
> 2023-10-12 23:19 - 2023-11-21 13:55 - 000131072 ____A [198543534CCCDA004707D85F64C373D5] () C:\ProgramData\PLUG\Logs\RUXIMLog.043.etl
> 2023-10-12 23:19 - 2023-11-21 13:33 - 000131072 ____A [65EBAB878434703DD3E19DC9FBD58120] () C:\ProgramData\PLUG\Logs\RUXIMLog.044.etl
> 2023-10-12 23:19 - 2023-11-21 11:22 - 000131072 ____A [5D48D3E0CEA4E9498BA155D984C41033] () C:\ProgramData\PLUG\Logs\RUXIMLog.045.etl
> 2023-10-12 23:19 - 2023-11-20 21:26 - 000131072 ____A [A4D0D738DB6B57D97646FEE0339755A3] () C:\ProgramData\PLUG\Logs\RUXIMLog.046.etl
> 2023-10-12 23:19 - 2023-11-20 20:31 - 000131072 ____A [D6FF0FE81D3A7EECBC72A89EC64994FE] () C:\ProgramData\PLUG\Logs\RUXIMLog.047.etl
> 2023-10-12 23:19 - 2023-11-20 20:31 - 000131072 ____A [A72B527577F458B16447867B786BF8ED] () C:\ProgramData\PLUG\Logs\RUXIMLog.049.etl
> 2023-10-12 23:19 - 2023-11-18 18:46 - 000131072 ____A [0804DD70E3E36E0213BA0FF0F5192E7C] () C:\ProgramData\PLUG\Logs\RUXIMLog.050.etl
> 
> ====== Final de Folder: ======
> 
> 
> ========================= Folder: C:\Program Files\RUXIM ========================
> 
> 2023-09-15 20:37 - 2023-09-15 20:37 - 000194032 ____A [6FBAC8FCE6DB989CC62175C8B7DC5550] (Microsoft Windows -> Microsoft Corporation) C:\Program Files\RUXIM\DTUDriver.exe
> 2023-09-15 20:37 - 2023-09-15 20:37 - 000371672 ____A [4162781CD2779BFCC505DD2A3C90246B] (Microsoft Windows -> Microsoft Corporation) C:\Program Files\RUXIM\PLUGScheduler.exe
> 2023-02-10 16:41 - 2023-02-10 16:41 - 000004532 ____A [641305699C519D6012E0456BDCD462F5] () C:\Program Files\RUXIM\plugscheduler.xml
> 2023-09-15 20:37 - 2023-09-15 20:37 - 000538600 ____A [0F56AEDE718CB23D856D919A7480E8D2] (Microsoft Windows -> Microsoft Corporation) C:\Program Files\RUXIM\RUXIMICS.exe
> 2023-09-15 20:37 - 2023-09-15 20:37 - 000416224 ____A [C322B3AA6242470B48D7C5E63B3C8579] (Microsoft Windows -> Microsoft Corporation) C:\Program Files\RUXIM\RUXIMIH.exe
> 2023-09-16 00:22 - 2023-09-16 00:22 - 000213984 ____A [B8C9406F3800DAE07A62D99646717C96] (Microsoft Windows -> ) C:\Program Files\RUXIM\RUXIMPHDialogHandlers.dll
> 2023-09-15 20:37 - 2023-09-15 20:37 - 000333680 ____A [447B23ED3A291EC1C62F6ACA91A85B48] (Microsoft Windows -> Microsoft Corporation) C:\Program Files\RUXIM\SystemEvaluator.dll
> 
> ====== Final de Folder: ======
> 
> 
> ========================= Folder: C:\Users\Administrador\AppData\Local\CEF ========================
> 
> 2023-10-05 23:32 - 2023-10-05 23:32 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Administrador\AppData\Local\CEF\User Data
> 2023-10-05 23:32 - 2023-10-05 23:32 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Administrador\AppData\Local\CEF\User Data\Dictionaries
> 
> ====== Final de Folder: ======
> 
> 
> ========================= Folder: C:\Users\Administrador\AppData\Local\Comms ========================
> 
> 2023-10-05 23:31 - 2023-10-05 23:31 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Administrador\AppData\Local\Comms\Unistore
> 2023-10-05 23:31 - 2023-10-05 23:51 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Administrador\AppData\Local\Comms\Unistore\data
> 2023-10-05 23:32 - 2023-10-05 23:32 - 000000004 ____A [F1D3FF8443297732862DF21DC4E57262] () C:\Users\Administrador\AppData\Local\Comms\Unistore\data\AggregateCache.uca
> 2023-10-05 23:31 - 2023-10-06 00:27 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Administrador\AppData\Local\Comms\UnistoreDB
> 2023-10-05 23:31 - 2023-10-06 00:27 - 000016384 ____A [8B6CD2615427895D0824C18FCBA4DEE2] () C:\Users\Administrador\AppData\Local\Comms\UnistoreDB\store.jfm
> 2023-10-05 23:31 - 2023-10-06 00:27 - 006291456 ____A [8B15333473EA4FE7708C260F362E6B3A] () C:\Users\Administrador\AppData\Local\Comms\UnistoreDB\store.vol
> 2023-10-05 23:31 - 2023-10-05 23:31 - 000008192 ____A [F275640982525F78B429EAC104C139F8] () C:\Users\Administrador\AppData\Local\Comms\UnistoreDB\USS.jcp
> 2023-10-05 23:31 - 2023-10-06 00:27 - 003145728 ____A [8F666B5440B3FBCF075C9A33F1169AB2] () C:\Users\Administrador\AppData\Local\Comms\UnistoreDB\USS.jtx
> 2023-10-05 23:31 - 2023-10-05 23:31 - 003145728 ____A [D1DD210D6B1312CB342B56D02BD5E651] () C:\Users\Administrador\AppData\Local\Comms\UnistoreDB\USSres00001.jrs
> 2023-10-05 23:31 - 2023-10-05 23:31 - 003145728 ____A [D1DD210D6B1312CB342B56D02BD5E651] () C:\Users\Administrador\AppData\Local\Comms\UnistoreDB\USSres00002.jrs
> 2023-10-05 23:31 - 2023-10-05 23:31 - 003145728 ____A [D1DD210D6B1312CB342B56D02BD5E651] () C:\Users\Administrador\AppData\Local\Comms\UnistoreDB\USStmp.jtx
> 
> ====== Final de Folder: ======
> 
> 
> ========================= Folder: C:\Users\Administrador\ansel ========================
> 
> 
> ====== Final de Folder: ======
> 
> 
> ========================= Folder: C:\ProgramData\Package Cache ========================
> 
> 2023-05-17 14:16 - 2023-05-17 14:16 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}v14.36.32532
> 2023-05-17 14:16 - 2023-05-17 14:16 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}v14.36.32532\packages
> 2023-05-17 14:16 - 2023-05-17 14:16 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}v14.36.32532\packages\vcRuntimeAdditional_amd64
> 2023-05-10 09:37 - 2023-05-10 09:37 - 005697180 ____A [46EFC5476E6D948067B9BA2E822FD300] () C:\ProgramData\Package Cache\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}v14.36.32532\packages\vcRuntimeAdditional_amd64\cab1.cab
> 2023-05-10 09:39 - 2023-05-10 09:39 - 000192512 ____A [DD070483EDA0AF71A2E52B65867D7F5D] () C:\ProgramData\Package Cache\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}v14.36.32532\packages\vcRuntimeAdditional_amd64\vc_runtimeAdditional_x64.msi
> 2023-06-20 19:04 - 2023-06-20 19:04 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{010792BA-551A-3AC0-A7EF-0FAB4156C382}v12.0.40664
> 2023-06-20 19:04 - 2023-06-20 19:04 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{010792BA-551A-3AC0-A7EF-0FAB4156C382}v12.0.40664\packages
> 2023-06-20 19:04 - 2023-06-20 19:04 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{010792BA-551A-3AC0-A7EF-0FAB4156C382}v12.0.40664\packages\vcRuntimeAdditional_amd64
> 2017-05-24 16:07 - 2017-05-24 16:07 - 005588515 ____A [F5879F5F3FFA839A280AB853338DE872] () C:\ProgramData\Package Cache\{010792BA-551A-3AC0-A7EF-0FAB4156C382}v12.0.40664\packages\vcRuntimeAdditional_amd64\cab1.cab
> 2017-05-24 16:09 - 2017-05-24 16:09 - 000143360 ____A [4F782799F84CD006F7F1C750AFB04D8C] () C:\ProgramData\Package Cache\{010792BA-551A-3AC0-A7EF-0FAB4156C382}v12.0.40664\packages\vcRuntimeAdditional_amd64\vc_runtimeAdditional_x64.msi
> 2020-06-03 21:12 - 2020-06-03 21:12 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{01D3B7AA-D078-4506-B460-60877FCDDBD6}v2.3.3.0
> 2019-05-17 16:28 - 2019-05-17 16:28 - 000696320 ____A [0D9258BB83ABE07EDDA58FADE491907E] () C:\ProgramData\Package Cache\{01D3B7AA-D078-4506-B460-60877FCDDBD6}v2.3.3.0\AacSetup.msi
> 2023-10-17 11:16 - 2023-10-17 11:16 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{021d69c3-d686-4a94-8fb5-fd1ee782fb14}
> 2023-10-17 11:16 - 2023-10-17 11:16 - 000578928 ____A [97B81A94AF3150F45CA49D0F4C05D074] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\ProgramData\Package Cache\{021d69c3-d686-4a94-8fb5-fd1ee782fb14}\GameSDK.exe
> 2023-10-17 11:16 - 2023-10-17 11:16 - 000000874 ____A [918E64C1DB88348B075630CF606A4720] () C:\ProgramData\Package Cache\{021d69c3-d686-4a94-8fb5-fd1ee782fb14}\state.rsm
> 2023-06-20 19:04 - 2023-06-20 19:04 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}
> 2023-06-20 19:04 - 2023-06-20 19:05 - 000000822 ____A [2836A5A306FC40F40AF832F14099D9B2] () C:\ProgramData\Package Cache\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}\state.rsm
> 2023-06-20 19:04 - 2023-06-20 19:04 - 000465992 ____A [3284088A2D414D65E865004FDB641936] (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Package Cache\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}\vcredist_x64.exe
> 2020-06-03 21:14 - 2020-06-03 21:14 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{049c2f12-c730-4efc-81db-0adcf3ff5782}
> 2020-06-03 21:14 - 2020-06-03 21:14 - 000574728 ____A [E18D2177E8C0E742548593F78E8B78F7] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\ProgramData\Package Cache\{049c2f12-c730-4efc-81db-0adcf3ff5782}\AacKbSetup.exe
> 2020-06-03 21:14 - 2020-06-03 21:14 - 000001048 ____A [F7B4670449EBB28B715E9036258702F3] () C:\ProgramData\Package Cache\{049c2f12-c730-4efc-81db-0adcf3ff5782}\state.rsm
> 2020-08-24 18:53 - 2020-08-24 18:53 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}
> 2020-08-24 18:53 - 2020-08-24 18:53 - 000000808 ____A [955B95B7CBDBCEAF94418FF1F888E1AC] () C:\ProgramData\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\state.rsm
> 2020-08-24 18:53 - 2020-08-24 18:53 - 000461400 ____A [E16E6D68CE1949C9721656390F47CE07] (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe
> 2020-08-23 15:15 - 2020-08-23 15:15 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{0E536061-3B55-4D45-BF58-0BDA261C94B0}v3.04.15
> 2020-07-20 03:48 - 2020-07-20 03:48 - 005001216 ____A [5687C4C92ECF7317192BEA20402637A1] () C:\ProgramData\Package Cache\{0E536061-3B55-4D45-BF58-0BDA261C94B0}v3.04.15\AuraServiceSetup.msi
> 2020-11-03 20:54 - 2020-11-03 20:54 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{0E536061-3B55-4D45-BF58-0BDA261C94B0}v3.04.24
> 2020-10-14 15:44 - 2020-10-14 15:44 - 005066752 ____A [14BA4A85ECA6F31E88DF693D845D785B] () C:\ProgramData\Package Cache\{0E536061-3B55-4D45-BF58-0BDA261C94B0}v3.04.24\AuraServiceSetup.msi
> 2021-01-21 11:44 - 2021-01-21 11:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{0E536061-3B55-4D45-BF58-0BDA261C94B0}v3.04.32
> 2021-01-11 12:01 - 2021-01-11 12:01 - 005095424 ____A [B3EDE4F0ED2DFAE2DAB3EF586949D511] () C:\ProgramData\Package Cache\{0E536061-3B55-4D45-BF58-0BDA261C94B0}v3.04.32\AuraServiceSetup.msi
> 2021-03-30 09:36 - 2021-03-30 09:36 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{0E536061-3B55-4D45-BF58-0BDA261C94B0}v3.04.35
> 2021-03-03 17:59 - 2021-03-03 17:59 - 005132288 ____A [48B9F261AA32C78EA6367F8B9AA2A2CB] () C:\ProgramData\Package Cache\{0E536061-3B55-4D45-BF58-0BDA261C94B0}v3.04.35\AuraServiceSetup.msi
> 2020-06-03 21:14 - 2020-06-03 21:14 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}v1.0.34
> 2019-04-12 13:00 - 2019-04-12 13:00 - 000462848 ____A [46A02E2DB1F14CA79CD7203F75247E8F] () C:\ProgramData\Package Cache\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}v1.0.34\AacSetup.msi
> 2020-08-24 18:53 - 2020-08-24 18:53 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}v12.0.21005
> 2020-08-24 18:53 - 2020-08-24 18:53 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}v12.0.21005\packages
> 2020-08-24 18:53 - 2020-08-24 18:53 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}v12.0.21005\packages\vcRuntimeMinimum_x86
> 2014-03-14 03:40 - 2014-03-14 03:40 - 000997054 ____A [12AD6C51AA6F9DA5CCB2E2B55ABF1910] () C:\ProgramData\Package Cache\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}v12.0.21005\packages\vcRuntimeMinimum_x86\cab1.cab
> 2014-03-14 03:40 - 2014-03-14 03:40 - 000143360 ____A [E3E632C282F2B368BCA82AACB80ACEAF] () C:\ProgramData\Package Cache\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}v12.0.21005\packages\vcRuntimeMinimum_x86\vc_runtimeMinimum_x86.msi
> 2020-06-03 21:14 - 2020-06-03 21:14 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{1838F91B-D481-45AA-B92F-071C62D0A19A}v1.0.33
> 2019-05-14 12:25 - 2019-05-14 12:25 - 007471104 ____A [046D27A57404D1DF1350ED811E9D4A37] () C:\ProgramData\Package Cache\{1838F91B-D481-45AA-B92F-071C62D0A19A}v1.0.33\AacSetup.msi
> 2021-04-14 00:01 - 2021-04-14 00:01 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}
> 2021-04-14 00:01 - 2021-04-14 00:01 - 000000806 ____A [2A8C1FE11DB052564ED419D08E522B67] () C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\state.rsm
> 2021-04-14 00:01 - 2021-04-14 00:00 - 000455720 ____A [1191BA2A9908EE79C0220221233E850A] (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
> 2021-04-14 00:01 - 2021-04-14 00:01 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030
> 2021-04-14 00:01 - 2021-04-14 00:01 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages
> 2021-04-14 00:01 - 2021-04-14 00:01 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages\vcRuntimeAdditional_amd64
> 2013-10-30 05:04 - 2013-10-30 05:04 - 005800228 ____A [0F2E499C601F03D98B7B867A2ECFD4F6] () C:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages\vcRuntimeAdditional_amd64\cab1.cab
> 2013-10-30 05:08 - 2013-10-30 05:08 - 000151552 ____A [9FC89D41A39ABD7CA1351E2274FC9531] () C:\ProgramData\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages\vcRuntimeAdditional_amd64\vc_runtimeAdditional_x64.msi
> 2022-03-10 11:10 - 2022-03-10 11:10 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{396D7BC8-E3C8-4B3E-8C60-D50D94FDF09D}v24.104.29419
> 2020-10-19 19:28 - 2020-10-19 19:28 - 025247744 ____A [C060ABD22651DF4D87CF654E4FE692AB] () C:\ProgramData\Package Cache\{396D7BC8-E3C8-4B3E-8C60-D50D94FDF09D}v24.104.29419\dotnet-runtime-3.1.10-win-x64.msi
> 2023-05-17 14:16 - 2023-05-17 14:16 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{410c0ee1-00bb-41b6-9772-e12c2828b02f}
> 2023-05-17 14:16 - 2023-05-17 14:16 - 000001140 ____A [CBECDD89728BA8472BA4BB874FCBE61E] () C:\ProgramData\Package Cache\{410c0ee1-00bb-41b6-9772-e12c2828b02f}\state.rsm
> 2023-05-17 14:16 - 2023-05-17 14:16 - 000649976 ____A [415E8D504EA08EE2D8515FE87B820910] (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Package Cache\{410c0ee1-00bb-41b6-9772-e12c2828b02f}\VC_redist.x86.exe
> 2020-12-10 18:00 - 2020-12-10 18:00 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{43a03b9c-4770-409c-a999-587b60700b63}
> 2020-12-10 18:00 - 2020-12-10 18:00 - 000546712 ____A [1F595B463F0E27D9FC59E6AD3005A999] (Epic Games Inc. -> Epic Games, Inc.) C:\ProgramData\Package Cache\{43a03b9c-4770-409c-a999-587b60700b63}\LauncherPrereqSetup_x64.exe
> 2020-12-10 18:00 - 2021-03-23 18:05 - 000000768 ____A [05F6C74AF9F7886C30D0189830FCF50A] () C:\ProgramData\Package Cache\{43a03b9c-4770-409c-a999-587b60700b63}\state.rsm
> 2022-03-10 11:10 - 2022-03-10 11:10 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{4714dd0a-ebab-4f59-a708-f8d7a793b3f5}
> 2022-03-10 11:10 - 2022-03-10 11:10 - 000605344 ____A [07B605B414892616BB31F0A018378934] (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Package Cache\{4714dd0a-ebab-4f59-a708-f8d7a793b3f5}\dotnet-runtime-3.1.10-win-x64.exe
> 2022-03-10 11:10 - 2022-03-10 11:10 - 000000896 ____A [E27646B46C1463A482307B9008B7B4A5] () C:\ProgramData\Package Cache\{4714dd0a-ebab-4f59-a708-f8d7a793b3f5}\state.rsm
> 2022-03-10 11:10 - 2022-03-10 11:10 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{52B42932-15C1-45D4-8904-FC3117EEE69B}v24.104.29419
> 2020-10-19 19:28 - 2020-10-19 19:28 - 000679936 ____A [040B7262F95155161F4366E2B3FD62C1] () C:\ProgramData\Package Cache\{52B42932-15C1-45D4-8904-FC3117EEE69B}v24.104.29419\dotnet-host-3.1.10-win-x64.msi
> 2023-06-20 19:04 - 2023-06-20 19:04 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}v12.0.40664
> 2023-06-20 19:04 - 2023-06-20 19:04 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}v12.0.40664\packages
> 2023-06-20 19:04 - 2023-06-20 19:04 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}v12.0.40664\packages\vcRuntimeMinimum_amd64
> 2017-05-24 16:07 - 2017-05-24 16:07 - 001034428 ____A [361903C5FF86511786D7B450301DD640] () C:\ProgramData\Package Cache\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}v12.0.40664\packages\vcRuntimeMinimum_amd64\cab1.cab
> 2017-05-24 16:08 - 2017-05-24 16:08 - 000143360 ____A [87B74C694F295830FFE516BA20DE0B93] () C:\ProgramData\Package Cache\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}v12.0.40664\packages\vcRuntimeMinimum_amd64\vc_runtimeMinimum_x64.msi
> 2023-10-02 20:04 - 2023-10-02 20:04 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{56EEEF7D-0AE3-401A-898B-581719D005AE}v3.07.17
> 2023-05-31 14:32 - 2023-05-31 14:32 - 004739072 ____A [32459F86088450CD58569FA9A961324A] () C:\ProgramData\Package Cache\{56EEEF7D-0AE3-401A-898B-581719D005AE}v3.07.17\AuraServiceSetup.msi
> 2023-11-30 09:45 - 2023-11-30 09:45 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{56EEEF7D-0AE3-401A-898B-581719D005AE}v3.07.26
> 2023-09-28 18:17 - 2023-09-28 18:17 - 004988928 ____A [C1FAD39750749D0CEEE50402BAB883F7] () C:\ProgramData\Package Cache\{56EEEF7D-0AE3-401A-898B-581719D005AE}v3.07.26\AuraServiceSetup.msi
> 2022-03-10 11:06 - 2022-03-10 11:06 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{6efe3294-03d8-4977-9c67-9f57ab075130}
> 2022-03-10 11:06 - 2022-03-10 11:06 - 000587960 ____A [9A1D5B58AF928AC3F7DDED19657656A2] (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Package Cache\{6efe3294-03d8-4977-9c67-9f57ab075130}\AspNetCoreSharedFrameworkBundle-x64.exe
> 2022-03-10 11:06 - 2022-03-10 11:06 - 000000904 ____A [82E962623BCCE19655A0B9A3F14F112C] () C:\ProgramData\Package Cache\{6efe3294-03d8-4977-9c67-9f57ab075130}\state.rsm
> 2023-10-17 11:16 - 2023-10-17 11:16 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}v1.0.5.0
> 2022-05-31 13:54 - 2022-05-31 13:54 - 005914624 ____A [0C7CA6045451C5A59D2EE43E507C5078] () C:\ProgramData\Package Cache\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}v1.0.5.0\GameSDK.msi
> 2023-05-17 14:16 - 2023-05-17 14:16 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{73F77E4E-5A17-46E5-A5FC-8A061047725F}v14.36.32532
> 2023-05-17 14:16 - 2023-05-17 14:16 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{73F77E4E-5A17-46E5-A5FC-8A061047725F}v14.36.32532\packages
> 2023-05-17 14:16 - 2023-05-17 14:16 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{73F77E4E-5A17-46E5-A5FC-8A061047725F}v14.36.32532\packages\vcRuntimeMinimum_x86
> 2023-05-10 09:13 - 2023-05-10 09:13 - 000819777 ____A [F706D550CF905648CCB55B47E1364022] () C:\ProgramData\Package Cache\{73F77E4E-5A17-46E5-A5FC-8A061047725F}v14.36.32532\packages\vcRuntimeMinimum_x86\cab1.cab
> 2023-05-10 09:16 - 2023-05-10 09:16 - 000184320 ____A [7C87329A66D4C22F03ACEA4E817971F9] () C:\ProgramData\Package Cache\{73F77E4E-5A17-46E5-A5FC-8A061047725F}v14.36.32532\packages\vcRuntimeMinimum_x86\vc_runtimeMinimum_x86.msi
> 2022-03-10 11:10 - 2022-03-10 11:10 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{752B4412-A129-4CB2-AD96-B6D97EAD3090}v24.104.29419
> 2020-10-19 19:28 - 2020-10-19 19:28 - 000831488 ____A [D3FE4D31D19B684B1EA3F76D1721C1E9] () C:\ProgramData\Package Cache\{752B4412-A129-4CB2-AD96-B6D97EAD3090}v24.104.29419\dotnet-hostfxr-3.1.10-win-x64.msi
> 2022-03-10 11:06 - 2022-03-10 11:06 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{7BEAA207-E3EB-3948-BBB3-336B04D8A2F1}v3.1.10.20520
> 2020-10-21 01:20 - 2020-10-21 01:20 - 007516160 ____A [1C40D00711EEA19DC17776845EDAE6C6] () C:\ProgramData\Package Cache\{7BEAA207-E3EB-3948-BBB3-336B04D8A2F1}v3.1.10.20520\AspNetCoreSharedFramework-x64.msi
> 2020-06-03 21:13 - 2020-06-03 21:13 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{7f23d3ea-a821-4293-b7f7-34383bf06437}
> 2020-06-03 21:13 - 2020-06-03 21:13 - 000573696 ____A [7643D106B291CEF3307949643E8C1D4F] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\ProgramData\Package Cache\{7f23d3ea-a821-4293-b7f7-34383bf06437}\AacHeadSetSetup.exe
> 2020-06-03 21:13 - 2020-06-03 21:14 - 000001078 ____A [14809413871A5694E69D0B5C93F71DA1] () C:\ProgramData\Package Cache\{7f23d3ea-a821-4293-b7f7-34383bf06437}\state.rsm
> 2023-06-20 19:04 - 2023-06-20 19:04 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{8122DAB1-ED4D-3676-BB0A-CA368196543E}v12.0.40664
> 2023-06-20 19:04 - 2023-06-20 19:04 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{8122DAB1-ED4D-3676-BB0A-CA368196543E}v12.0.40664\packages
> 2023-06-20 19:04 - 2023-06-20 19:04 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{8122DAB1-ED4D-3676-BB0A-CA368196543E}v12.0.40664\packages\vcRuntimeMinimum_x86
> 2017-05-24 16:07 - 2017-05-24 16:07 - 000997193 ____A [258B65EB9FED187051D5FCEC7CE65DC5] () C:\ProgramData\Package Cache\{8122DAB1-ED4D-3676-BB0A-CA368196543E}v12.0.40664\packages\vcRuntimeMinimum_x86\cab1.cab
> 2017-05-24 16:09 - 2017-05-24 16:09 - 000143360 ____A [89D36FCCB34B319B60D1850863E0560B] () C:\ProgramData\Package Cache\{8122DAB1-ED4D-3676-BB0A-CA368196543E}v12.0.40664\packages\vcRuntimeMinimum_x86\vc_runtimeMinimum_x86.msi
> 2023-05-17 14:16 - 2023-05-17 14:16 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{8bdfe669-9705-4184-9368-db9ce581e0e7}
> 2023-05-17 14:16 - 2023-05-17 14:16 - 000001144 ____A [1C61ED2785098E72A952A41C6267666A] () C:\ProgramData\Package Cache\{8bdfe669-9705-4184-9368-db9ce581e0e7}\state.rsm
> 2023-05-17 14:16 - 2023-05-17 14:16 - 000650592 ____A [35E545DAC78234E4040A99CBB53000AC] (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Package Cache\{8bdfe669-9705-4184-9368-db9ce581e0e7}\VC_redist.x64.exe
> 2020-08-24 18:53 - 2020-08-24 18:53 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{929FBD26-9020-399B-9A7A-751D61F0B942}v12.0.21005
> 2020-08-24 18:53 - 2020-08-24 18:53 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{929FBD26-9020-399B-9A7A-751D61F0B942}v12.0.21005\packages
> 2020-08-24 18:53 - 2020-08-24 18:53 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{929FBD26-9020-399B-9A7A-751D61F0B942}v12.0.21005\packages\vcRuntimeAdditional_amd64
> 2014-03-12 20:11 - 2014-03-12 20:11 - 005588256 ____A [0BEEF111C0BFB2062C0BB46AA1370063] () C:\ProgramData\Package Cache\{929FBD26-9020-399B-9A7A-751D61F0B942}v12.0.21005\packages\vcRuntimeAdditional_amd64\cab1.cab
> 2014-03-12 20:11 - 2014-03-12 20:11 - 000143360 ____A [03FF53F29935C047D7630297E17B96E1] () C:\ProgramData\Package Cache\{929FBD26-9020-399B-9A7A-751D61F0B942}v12.0.21005\packages\vcRuntimeAdditional_amd64\vc_runtimeAdditional_x64.msi
> 2020-06-03 21:12 - 2020-06-03 21:12 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{99c84b70-e56e-4a29-9a3a-10d41c9fcc6d}
> 2020-06-03 21:12 - 2020-06-03 21:12 - 000573568 ____A [CCA32BE59D314F13DB6F6DE361B7C4A0] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\ProgramData\Package Cache\{99c84b70-e56e-4a29-9a3a-10d41c9fcc6d}\AacNBDTSetup.exe
> 2020-06-03 21:12 - 2020-06-03 21:13 - 000001004 ____A [3449C93DBCCC059AD9C4C3D400D9B0FF] () C:\ProgramData\Package Cache\{99c84b70-e56e-4a29-9a3a-10d41c9fcc6d}\state.rsm
> 2023-06-20 19:04 - 2023-06-20 19:04 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}
> 2023-06-20 19:04 - 2023-06-20 19:04 - 000000822 ____A [91CDBB5F3119650D3300A20A0A56A3A1] () C:\ProgramData\Package Cache\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}\state.rsm
> 2023-06-20 19:04 - 2023-06-20 19:04 - 000465968 ____A [0CE624D3A5A586C2BDDA26B748DA78D7] (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Package Cache\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}\vcredist_x86.exe
> 2020-06-03 21:14 - 2020-06-03 21:14 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{a3a1beb0-9f5b-4b4e-8cfa-ef25842faf55}
> 2020-06-03 21:14 - 2020-06-03 21:14 - 000573752 ____A [43DCB56B8A2F3E587E325812C2400C66] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\ProgramData\Package Cache\{a3a1beb0-9f5b-4b4e-8cfa-ef25842faf55}\AacTerminalHal.exe
> 2020-06-03 21:14 - 2020-06-03 21:14 - 000001076 ____A [D44017489B53E721A3B38D47E0E69EC8] () C:\ProgramData\Package Cache\{a3a1beb0-9f5b-4b4e-8cfa-ef25842faf55}\state.rsm
> 2020-06-03 21:13 - 2020-06-03 21:13 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}v1.2.4
> 2019-05-13 13:34 - 2019-05-13 13:34 - 006340608 ____A [415521A7B36DFF347095FB4D667D1A2C] () C:\ProgramData\Package Cache\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}v1.2.4\AacHeadSetSetup.msi
> 2020-06-03 21:14 - 2020-06-03 21:14 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{a96c7710-4dd8-463e-8f76-c3ad65b248a5}
> 2020-06-03 21:14 - 2020-06-03 21:14 - 000573752 ____A [27F6A8649C0DFA499ABC97149F728C13] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\ProgramData\Package Cache\{a96c7710-4dd8-463e-8f76-c3ad65b248a5}\AacMouseSetup.exe
> 2020-06-03 21:14 - 2020-06-03 21:14 - 000001048 ____A [BA0847A9E6FA556CFD4309CBEAE79C82] () C:\ProgramData\Package Cache\{a96c7710-4dd8-463e-8f76-c3ad65b248a5}\state.rsm
> 2020-06-03 21:13 - 2020-06-03 21:13 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}v1.1.23
> 2019-05-13 13:40 - 2019-05-13 13:40 - 000630784 ____A [E74FDD16485646DE9EEC91135F163EEC] () C:\ProgramData\Package Cache\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}v1.1.23\AacSetup.msi
> 2021-04-14 00:01 - 2021-04-14 00:01 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030
> 2021-04-14 00:01 - 2021-04-14 00:01 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages
> 2021-04-14 00:01 - 2021-04-14 00:01 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages\vcRuntimeAdditional_x86
> 2013-10-30 05:03 - 2013-10-30 05:03 - 005153816 ____A [D1CADD312B6128EA18ECAC4EE16D25A9] () C:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages\vcRuntimeAdditional_x86\cab1.cab
> 2013-10-30 05:08 - 2013-10-30 05:08 - 000151552 ____A [68F58371E9663E5350183599007E707E] () C:\ProgramData\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages\vcRuntimeAdditional_x86\vc_runtimeAdditional_x86.msi
> 2023-11-30 09:45 - 2023-11-30 09:45 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{b7466853-b157-49df-811e-643beab9cdc7}
> 2023-11-30 09:45 - 2023-11-30 09:45 - 000583936 ____N [0640D25F8B141F9B2B01D9FDBC461B6C] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\ProgramData\Package Cache\{b7466853-b157-49df-811e-643beab9cdc7}\AuraServiceSetup.exe
> 2023-11-30 09:45 - 2023-11-30 09:45 - 000000918 ____A [46895CF4DABFF7DBF1879BB4BB23097C] () C:\ProgramData\Package Cache\{b7466853-b157-49df-811e-643beab9cdc7}\state.rsm
> 2020-06-03 21:13 - 2020-06-03 21:13 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{b8af8e27-5c72-412c-bab7-dc6430e70f1b}
> 2020-06-03 21:13 - 2020-06-03 21:13 - 000573672 ____A [72A5F2F94F3F033A402952E49E88A3CA] (ASUSTek Computer Inc -> ASUSTek COMPUTER INC.) C:\ProgramData\Package Cache\{b8af8e27-5c72-412c-bab7-dc6430e70f1b}\AacDisplaySetup.exe
> 2020-06-03 21:13 - 2020-06-03 21:13 - 000001078 ____A [E7D1FED8B3542EA31E02CE55D0C7BAF6] () C:\ProgramData\Package Cache\{b8af8e27-5c72-412c-bab7-dc6430e70f1b}\state.rsm
> 2021-04-14 00:01 - 2021-04-14 00:01 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030
> 2021-04-14 00:01 - 2021-04-14 00:01 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages
> 2021-04-14 00:01 - 2021-04-14 00:01 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages\vcRuntimeMinimum_x86
> 2013-10-30 05:03 - 2013-10-30 05:03 - 000821681 ____A [AD67CB0E44E4A8FE376FA2AB966F9EB7] () C:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages\vcRuntimeMinimum_x86\cab1.cab
> 2013-10-30 05:08 - 2013-10-30 05:08 - 000151552 ____A [CE58316595A1E008AD322E904B89F06A] () C:\ProgramData\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages\vcRuntimeMinimum_x86\vc_runtimeMinimum_x86.msi
> 2020-06-03 21:14 - 2020-06-03 21:14 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{BFED9861-7D96-4528-89F1-B090ABBF11A7}v1.0.30
> 2019-05-06 16:58 - 2019-05-06 16:58 - 000294912 ____A [D9AAC02F823DC12E0042EAA38B64D7BB] () C:\ProgramData\Package Cache\{BFED9861-7D96-4528-89F1-B090ABBF11A7}v1.0.30\AacSetup.msi
> 2023-05-17 14:16 - 2023-05-17 14:16 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}v14.36.32532
> 2023-05-17 14:16 - 2023-05-17 14:16 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}v14.36.32532\packages
> 2023-05-17 14:16 - 2023-05-17 14:16 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}v14.36.32532\packages\vcRuntimeAdditional_x86
> 2023-05-10 09:19 - 2023-05-10 09:19 - 005175847 ____A [D141D64B6A3287548847ABF5B4C1BC7E] () C:\ProgramData\Package Cache\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}v14.36.32532\packages\vcRuntimeAdditional_x86\cab1.cab
> 2023-05-10 09:21 - 2023-05-10 09:21 - 000184320 ____A [DF1B1EE46DEB824A89F18E228F8A4A41] () C:\ProgramData\Package Cache\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}v14.36.32532\packages\vcRuntimeAdditional_x86\vc_runtimeAdditional_x86.msi
> 2021-04-14 00:01 - 2021-04-14 00:01 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}
> 2021-04-14 00:01 - 2021-04-14 00:01 - 000000806 ____A [EB4EEF13D970CF5A763AF6FB55B21C32] () C:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\state.rsm
> 2021-04-14 00:01 - 2021-04-14 00:01 - 000455576 ____A [2B48F69517044D82E1EE675B1690C08B] (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
> 2021-04-14 00:01 - 2021-04-14 00:01 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030
> 2021-04-14 00:01 - 2021-04-14 00:01 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages
> 2021-04-14 00:01 - 2021-04-14 00:01 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages\vcRuntimeMinimum_amd64
> 2013-10-30 05:03 - 2013-10-30 05:03 - 000809765 ____A [32C54EDFB76FADE125F21C61404140ED] () C:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages\vcRuntimeMinimum_amd64\cab1.cab
> 2013-10-30 05:09 - 2013-10-30 05:09 - 000151552 ____A [36A62E6DB5EB1EA8D800739C7BA8678A] () C:\ProgramData\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages\vcRuntimeMinimum_amd64\vc_runtimeMinimum_x64.msi
> 2020-08-23 15:15 - 2020-08-23 15:15 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}v3.03.53
> 2020-06-15 08:29 - 2020-06-15 08:29 - 000671744 ____A [DB72DCD4B4CC68F11A215791A0271EB2] () C:\ProgramData\Package Cache\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}v3.03.53\SdkSetup.msi
> 2020-11-03 20:54 - 2020-11-03 20:54 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}v3.03.58
> 2020-10-05 10:11 - 2020-10-05 10:11 - 000675840 ____A [8B4CB50A1547B6C443BC8E98D01F3F17] () C:\ProgramData\Package Cache\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}v3.03.58\SdkSetup.msi
> 2021-01-21 11:44 - 2021-01-21 11:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}v3.04.03
> 2021-01-11 10:42 - 2021-01-11 10:42 - 000675840 ____A [0F45D58919C4877982967B0BA3A6A4DC] () C:\ProgramData\Package Cache\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}v3.04.03\SdkSetup.msi
> 2021-03-30 09:36 - 2021-03-30 09:36 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}v3.04.05
> 2021-02-24 10:28 - 2021-02-24 10:28 - 000675840 ____A [136C88B66958CC8518B2760026AE20CD] () C:\ProgramData\Package Cache\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}v3.04.05\SdkSetup.msi
> 2023-02-28 08:40 - 2023-02-28 08:40 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}v3.04.19
> 2022-09-19 17:30 - 2022-09-19 17:30 - 000696320 ____A [AC7A9B4F8F4B19462F2F927C1FFCCDF6] () C:\ProgramData\Package Cache\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}v3.04.19\SdkSetup.msi
> 2023-10-02 20:04 - 2023-10-02 20:04 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}v3.04.32
> 2023-04-24 11:20 - 2023-04-24 11:20 - 000700416 ____A [8F5530F36F7697EBB15084BB1C05FB1F] () C:\ProgramData\Package Cache\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}v3.04.32\SdkSetup.msi
> 2023-11-30 09:45 - 2023-11-30 09:45 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}v3.04.39
> 2023-08-24 18:31 - 2023-08-24 18:31 - 000884736 ____A [9B3877C3CA961BFE23F6CC04FE48C643] () C:\ProgramData\Package Cache\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}v3.04.39\SdkSetup.msi
> 2023-06-20 19:04 - 2023-06-20 19:04 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{D401961D-3A20-3AC7-943B-6139D5BD490A}v12.0.40664
> 2023-06-20 19:04 - 2023-06-20 19:04 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{D401961D-3A20-3AC7-943B-6139D5BD490A}v12.0.40664\packages
> 2023-06-20 19:04 - 2023-06-20 19:04 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{D401961D-3A20-3AC7-943B-6139D5BD490A}v12.0.40664\packages\vcRuntimeAdditional_x86
> 2017-05-24 16:07 - 2017-05-24 16:07 - 004932928 ____A [7FE64755ED8427EE4512760B69CFAEE1] () C:\ProgramData\Package Cache\{D401961D-3A20-3AC7-943B-6139D5BD490A}v12.0.40664\packages\vcRuntimeAdditional_x86\cab1.cab
> 2017-05-24 16:09 - 2017-05-24 16:09 - 000143360 ____A [B547A22DCDCF3D035A56F52F1B16C2B5] () C:\ProgramData\Package Cache\{D401961D-3A20-3AC7-943B-6139D5BD490A}v12.0.40664\packages\vcRuntimeAdditional_x86\vc_runtimeAdditional_x86.msi
> 2023-05-17 14:16 - 2023-05-17 14:16 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}v14.36.32532
> 2023-05-17 14:16 - 2023-05-17 14:16 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}v14.36.32532\packages
> 2023-05-17 14:16 - 2023-05-17 14:16 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}v14.36.32532\packages\vcRuntimeMinimum_amd64
> 2023-05-10 09:33 - 2023-05-10 09:33 - 000958443 ____A [C2DF6CB9082AC285F6ACFE56E3A4430A] () C:\ProgramData\Package Cache\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}v14.36.32532\packages\vcRuntimeMinimum_amd64\cab1.cab
> 2023-05-10 09:35 - 2023-05-10 09:35 - 000192512 ____A [A4075B745D8E506C48581C4A99EC78AA] () C:\ProgramData\Package Cache\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}v14.36.32532\packages\vcRuntimeMinimum_amd64\vc_runtimeMinimum_x64.msi
> 2020-08-24 18:53 - 2020-08-24 18:53 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}
> 2020-08-24 18:53 - 2020-08-24 18:53 - 000000816 ____A [CA6E15DFAFCE6DCE1515796DB608E8D7] () C:\ProgramData\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\state.rsm
> 2020-08-24 18:53 - 2020-08-24 18:53 - 000461368 ____A [2335AB0C0E19C0EF416D07DF66FEE649] (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe
> 2020-08-24 18:53 - 2020-08-24 18:53 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005
> 2020-08-24 18:53 - 2020-08-24 18:53 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\packages
> 2020-08-24 18:53 - 2020-08-24 18:53 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\packages\vcRuntimeAdditional_x86
> 2014-03-14 03:40 - 2014-03-14 03:40 - 004932896 ____A [CFCBFA2494A3E3AB9215AA6E5872ED14] () C:\ProgramData\Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\packages\vcRuntimeAdditional_x86\cab1.cab
> 2014-03-14 03:40 - 2014-03-14 03:40 - 000143360 ____A [D0A78FCAC0B92A149FE51C76371C989A] () C:\ProgramData\Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\packages\vcRuntimeAdditional_x86\vc_runtimeAdditional_x86.msi
> 2020-12-10 18:00 - 2020-12-10 18:01 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Package Cache\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}v1.0.0.0
> 2020-06-18 11:28 - 2020-06-18 11:28 - 011530240 ____A [4D5C9A709F332236559D3BCB27BB81B1] () C:\ProgramData\Package Cache\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}v1.0.0.0\LauncherPrereqSetup_x64.msi
> 
> ====== Final de Folder: ======

========================= Folder: C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder ========================

2020-09-05 07:55 - 2020-09-05 07:55 - 000001108 ____A [065378650DE5D4E02DBA1E7CEA48688B] () C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\Microsoft.Office.Excel_8wekyb3d8bbwe_Logo.jpg
2020-09-05 07:55 - 2020-09-05 07:55 - 000001769 ____A [EB7D283283C0555B0ECF959458ADB4AC] () C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\Microsoft.Office.Excel_8wekyb3d8bbwe_Small.jpg
2020-09-05 07:55 - 2020-09-05 07:55 - 000001941 ____A [FECFD455218B424505B72ADF3F71BB99] () C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\Microsoft.Office.Excel_8wekyb3d8bbwe_Square.jpg
2020-09-05 07:55 - 2020-09-05 07:55 - 000001834 ____A [A49CBFFBB02D04C026A9CC9D47626BB7] () C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\Microsoft.Office.Excel_8wekyb3d8bbwe_Wide.jpg
2020-08-27 07:11 - 2020-08-27 07:11 - 000001363 ____A [8AE5E12EDBB5B0E2E380E6B7F566CC17] () C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\Microsoft.Office.PowerPoint_8wekyb3d8bbwe_Logo.jpg
2020-08-27 07:11 - 2020-08-27 07:11 - 000001790 ____A [81A79E99FBB4DB4AD4EC75EF3C9F1F43] () C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\Microsoft.Office.PowerPoint_8wekyb3d8bbwe_Small.jpg
2020-08-27 07:11 - 2020-08-27 07:11 - 000002467 ____A [52420FD6FF77F227A4D2D42455DDA928] () C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\Microsoft.Office.PowerPoint_8wekyb3d8bbwe_Square.jpg
2020-08-27 07:11 - 2020-08-27 07:11 - 000002358 ____A [9194B69A4867DF2F87625969420B46FB] () C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\Microsoft.Office.PowerPoint_8wekyb3d8bbwe_Wide.jpg
2020-08-25 14:18 - 2020-08-25 14:18 - 000001140 ____A [66D76FE98C7E85CC29B62D727FEEDFC6] () C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\Microsoft.Office.Word_8wekyb3d8bbwe_Logo.jpg
2020-08-25 14:18 - 2020-08-25 14:18 - 000001883 ____A [67D827D3E0A019944959C00C21F02A8D] () C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\Microsoft.Office.Word_8wekyb3d8bbwe_Small.jpg
2020-08-25 14:18 - 2020-08-25 14:18 - 000002081 ____A [D3C3234AF9927211E2A49810C6DC8CEA] () C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\Microsoft.Office.Word_8wekyb3d8bbwe_Square.jpg
2020-08-25 14:18 - 2020-08-25 14:18 - 000001997 ____A [8AF095F855AFDFD617123A03E6A4468E] () C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\Microsoft.Office.Word_8wekyb3d8bbwe_Wide.jpg
2020-08-26 12:50 - 2020-08-26 12:50 - 000004689 ____A [567CAC4A7FE8983334046D499474D84E] () C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\Microsoft.Windows.Photos_8wekyb3d8bbwe_Large.jpg
2020-08-26 12:50 - 2020-08-26 12:50 - 000000945 ____A [49A8CB943E5A44D7EFA4EAF446B5D2E2] () C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\Microsoft.Windows.Photos_8wekyb3d8bbwe_Logo.jpg
2020-08-26 12:50 - 2020-08-26 12:50 - 000001732 ____A [E56092333C730A04E1DBCA2CFC1EA662] () C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\Microsoft.Windows.Photos_8wekyb3d8bbwe_Small.jpg
2020-08-26 12:50 - 2020-08-26 12:50 - 000002430 ____A [ECB3EC523B263C365683C585DC3807C2] () C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\Microsoft.Windows.Photos_8wekyb3d8bbwe_Square.jpg
2020-08-26 12:50 - 2020-08-26 12:50 - 000002633 ____A [D7DEF5C375F7D3120887B601B1FA51DA] () C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\Microsoft.Windows.Photos_8wekyb3d8bbwe_Wide.jpg
2020-09-15 21:01 - 2020-09-15 21:01 - 000003620 ____A [309204D2C619A2DE7AB5C9DB235AA5DC] () C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\Microsoft.WindowsStore_8wekyb3d8bbwe_Large.jpg
2020-09-15 21:01 - 2020-09-15 21:01 - 000000528 ____A [B5CD21124BD0CC31107D6EE1B1B1714B] () C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\Microsoft.WindowsStore_8wekyb3d8bbwe_Logo.jpg
2020-09-15 21:01 - 2020-09-15 21:01 - 000001547 ____A [D33A50F0FABABA2847ACF20252A9F61B] () C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\Microsoft.WindowsStore_8wekyb3d8bbwe_Small.jpg
2020-09-15 21:01 - 2020-09-15 21:01 - 000002066 ____A [0F0B665F1424F47F97EA8BD555871921] () C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\Microsoft.WindowsStore_8wekyb3d8bbwe_Square.jpg
2020-09-15 21:01 - 2020-09-15 21:01 - 000002276 ____A [DA2A3E52FB41D741EDA2A8C6060447C2] () C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\Microsoft.WindowsStore_8wekyb3d8bbwe_Wide.jpg
2020-09-01 14:57 - 2020-09-01 14:57 - 000000000 ____D [00000000000000000000000000000000] C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\9MSPC6MP8FM4
2020-09-01 14:57 - 2020-09-01 14:57 - 000001617 ____A [4D84430C15636CA6D97C04359CE4EF1C] () C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\9MSPC6MP8FM4\044X044.png
2020-09-01 14:57 - 2020-09-01 14:57 - 000002030 ____A [B43BBC272A0BEA89D11CF481D601ACCD] () C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\9MSPC6MP8FM4\071X071.png
2020-09-01 14:57 - 2020-09-01 14:57 - 000003014 ____A [621CFFA8D184AE84912324CB267B97B9] () C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\9MSPC6MP8FM4\150X150.png
2020-09-01 14:57 - 2020-09-01 14:57 - 000007105 ____A [2A3BB6FE8BAAB414968A8E17AA10D2C7] () C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\9MSPC6MP8FM4\300X300.png
2020-09-01 14:57 - 2020-09-01 14:57 - 000003242 ____A [3BB42F64BE019ABB7509925706742D74] () C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\9MSPC6MP8FM4\310X150.png
2020-09-01 15:22 - 2020-09-01 15:22 - 000000000 ____D [00000000000000000000000000000000] C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\9N8MCM1X3928
2020-09-01 15:22 - 2020-09-01 15:22 - 000001796 ____A [AA4FCF2297EBC0F6C6232A03FE13A4B9] () C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\9N8MCM1X3928\044X044.png
2020-09-01 15:22 - 2020-09-01 15:22 - 000011589 ____A [883722628B93D498AFC933A72DC0E0F4] () C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\9N8MCM1X3928\150X150.png
2023-10-17 10:35 - 2023-10-17 10:35 - 000000000 ____D [00000000000000000000000000000000] C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\9NWVGWLHPB1Z
2020-09-15 21:01 - 2020-09-15 21:01 - 000000000 ____D [00000000000000000000000000000000] C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\9PB2MZ1ZMB1S
2020-09-15 21:01 - 2020-09-15 21:01 - 000053585 ____A [2D13D73A618F8B450C95D9500D573A8A] () C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\9PB2MZ1ZMB1S\300X300.png
2020-09-06 12:55 - 2020-09-06 12:55 - 000000000 ____D [00000000000000000000000000000000] C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\9PLK42WD0RC0
2020-09-06 12:55 - 2020-09-06 12:55 - 000001041 ____A [C270B5074A8114B895F612816CFE7528] () C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\9PLK42WD0RC0\300X300.png
2023-11-29 19:56 - 2023-11-29 19:56 - 000000000 ____D [00000000000000000000000000000000] C:\Users\darli\AppData\Local\PlaceholderTileLogoFolder\9WZDNCRFHWLH

====== Final de Folder: ======


========================= Folder: C:\Users\darli\AppData\Roaming\Microsoft\UProof ========================

2022-05-15 21:44 - 2022-05-15 21:44 - 000000002 ____A [F3B25701FE362EC84616A93A45CE9998] () C:\Users\darli\AppData\Roaming\Microsoft\UProof\CUSTOM.DIC
2022-05-16 09:20 - 2022-05-16 09:20 - 000000002 ____A [F3B25701FE362EC84616A93A45CE9998] () C:\Users\darli\AppData\Roaming\Microsoft\UProof\ExcludeDictionaryEN0409.lex
2022-07-08 14:02 - 2022-07-08 14:02 - 000000002 ____A [F3B25701FE362EC84616A93A45CE9998] () C:\Users\darli\AppData\Roaming\Microsoft\UProof\ExcludeDictionaryEN0809.lex
2022-05-16 22:09 - 2022-05-16 22:09 - 000000002 ____A [F3B25701FE362EC84616A93A45CE9998] () C:\Users\darli\AppData\Roaming\Microsoft\UProof\ExcludeDictionaryES040a.lex
2022-05-16 22:06 - 2022-05-16 22:06 - 000000002 ____A [F3B25701FE362EC84616A93A45CE9998] () C:\Users\darli\AppData\Roaming\Microsoft\UProof\ExcludeDictionaryES080a.lex
2022-05-16 09:20 - 2022-05-16 09:20 - 000000002 ____A [F3B25701FE362EC84616A93A45CE9998] () C:\Users\darli\AppData\Roaming\Microsoft\UProof\ExcludeDictionaryES0c0a.lex
2022-05-16 09:20 - 2022-05-16 09:20 - 000000002 ____A [F3B25701FE362EC84616A93A45CE9998] () C:\Users\darli\AppData\Roaming\Microsoft\UProof\ExcludeDictionaryES280a.lex
2022-05-31 18:59 - 2022-05-31 18:59 - 000000002 ____A [F3B25701FE362EC84616A93A45CE9998] () C:\Users\darli\AppData\Roaming\Microsoft\UProof\ExcludeDictionaryES580a.lex
2022-05-16 22:06 - 2022-05-16 22:06 - 000000002 ____A [F3B25701FE362EC84616A93A45CE9998] () C:\Users\darli\AppData\Roaming\Microsoft\UProof\ExcludeDictionaryPB0416.lex

====== Final de Folder: ======


========================= Folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S10 2005 ========================


====== Final de Folder: ======


========================= File: C:\WINDOWS\system32\Drivers\SIVX64.sys;C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys;C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json ========================

C:\WINDOWS\system32\Drivers\SIVX64.sys
El archivo está firmado digitalmente
MD5: EAA5B7329ABA45DCBC7E0812760B5CBD
Fecha de creación y modificación: 2023-10-16 23:24 - 2021-02-12 12:24
Tamaño: 000205552
Atributos: ----A
Nombre de la compañía: RH Software Ltd -> Ray Hinchliffe
Interno Nombre: SIVX64.sys
Original Nombre: SIVX64.sys
Producto: SIVDRIVER
Descripción: System Information Viewer X64 Driver
Archivo Versión: V5.56 (V5.56)
Producto Versión: V5.56
Copyright: Copyright© Ray Hinchliffe 2001-2021
VirusTotal: https://www.virustotal.com/gui/file/11f86bfba36c985aa09ea4a0c9b4229829e0cc4e4bd4588add557b2211da344c/detection/f-11f86bfba36c985aa09ea4a0c9b4229829e0cc4e4bd4588add557b2211da344c-1699929635

C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys
Catalog: C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem2.cat
El archivo está firmado digitalmente
MD5: E7204D7FD7362F0EFAA502A4CB91CA1E
Fecha de creación y modificación: 2020-08-26 22:07 - 2020-08-26 22:07
Tamaño: 000041192
Atributos: ----A
Nombre de la compañía: Vincent Burel -> Windows (R) Win 7 DDK provider
Interno Nombre: vbaudio_cable.sys
Original Nombre: vbaudio_cable.sys
Producto: Windows (R) Win 7 DDK driver
Descripción: VB Virtual Audio Device
Archivo Versión: 6.1.7600.16385 built by: WinDDK
Producto Versión: 6.1.7600.16385
Copyright: Copyright (C)Vincent Burel.2010-2012
VirusTotal: https://www.virustotal.com/gui/file/c7f3be383c81ab9aa642479f95872e40e19a4cfd72d4c8d7de80abc11b713e21/detection/f-c7f3be383c81ab9aa642479f95872e40e19a4cfd72d4c8d7de80abc11b713e21-1698960939

C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
Catalog: C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04~31bf3856ad364e35~amd64~~10.0.19041.3570.cat
El archivo está firmado digitalmente
MD5: 6F56FAE1055C7B2848744839E913C281
Fecha de creación y modificación: 2023-10-14 14:00 - 2023-10-14 14:00
Tamaño: 000016059
Atributos: ----A
Nombre de la compañía: Microsoft Windows -> 
Interno Nombre: 
Original Nombre: 
Producto: 
Descripción: 
Archivo Versión: 
Producto Versión: 
Copyright: 
VirusTotal: 0

====== Final de File: ======

VirusTotal: C:\WINDOWS\system32\Drivers\SIVX64.sys => https://www.virustotal.com/gui/file/11f86bfba36c985aa09ea4a0c9b4229829e0cc4e4bd4588add557b2211da344c/detection/f-11f86bfba36c985aa09ea4a0c9b4229829e0cc4e4bd4588add557b2211da344c-1699929635
VirusTotal: C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys => (3) Error = 500 Internal Server Error

The server has either erred or is incapable of performing the requested operation.

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 
VirusTotal: C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json => (3) Error = 500 Internal Server Error

The server has either erred or is incapable of performing the requested operation.

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Autodesk Sync" => eliminado correctamente
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Lightshot" => no encontrado
"HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAMeetNow" => eliminado correctamente
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => no pudo ser eliminado, clave podría estar protegida
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => eliminado correctamente
"HKLM\Software\Policies\Microsoft\Windows\System\\EnableActivityFeed" => eliminado correctamente
"HKLM\Software\Policies\Microsoft\Windows\System\\PublishUserActivities" => eliminado correctamente
"HKLM\Software\Policies\Microsoft\Windows\System\\UploadUserActivities" => eliminado correctamente
"HKLM\Software\Policies\Microsoft\Windows\System\\AllowClipboardHistory" => eliminado correctamente
"HKLM\Software\Policies\Microsoft\Windows\System\\AllowCrossDeviceClipboard" => eliminado correctamente
"HKU\S-1-5-21-1691082389-834839770-2912174567-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Monosnap" => no encontrado
"HKU\S-1-5-21-1691082389-834839770-2912174567-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => eliminado correctamente
"HKU\S-1-5-21-1691082389-834839770-2912174567-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAMeetNow" => eliminado correctamente

"C:\WINDOWS\system32\GroupPolicy\Machine" carpeta mover:

C:\WINDOWS\system32\GroupPolicy\Machine => movido correctamente
C:\WINDOWS\system32\GroupPolicy\GPT.ini => movido correctamente
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => movido correctamente
C:\ProgramData\NTUSER.pol => movido correctamente
HKLM\SOFTWARE\Policies\Mozilla => eliminado correctamente
HKLM\SOFTWARE\Policies\Microsoft\Edge => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CBC3CEE3-396B-4FAD-A245-8860C5BFD3FD}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CBC3CEE3-396B-4FAD-A245-8860C5BFD3FD}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0 => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeGCInvoker-1.0" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{03366130-EA30-43B0-AC28-1EABA630EF99}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03366130-EA30-43B0-AC28-1EABA630EF99}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\ASUS\P508PowerAgent_sdk => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\P508PowerAgent_sdk" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DABBD34A-1CE4-4D66-9AD3-D5BA88416F77}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DABBD34A-1CE4-4D66-9AD3-D5BA88416F77}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\update-S-1-5-21-1691082389-834839770-2912174567-1001 => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\update-S-1-5-21-1691082389-834839770-2912174567-1001" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A5AE3BA8-D324-42A1-A053-ADF3BB5D8C08}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5AE3BA8-D324-42A1-A053-ADF3BB5D8C08}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\update-sys => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\update-sys" => eliminado correctamente
C:\WINDOWS\Tasks\update-S-1-5-21-1691082389-834839770-2912174567-1001.job => movido correctamente
C:\WINDOWS\Tasks\update-sys.job => movido correctamente
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => eliminado correctamente
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => eliminado correctamente
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => eliminado correctamente
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => eliminado correctamente
"HKLM\Software\Mozilla\Firefox\Extensions\\[email protected]" => eliminado correctamente
CHR Extension: (McAfee® WebAdvisor) - C:\Users\darli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-07-09] => Error: Ninguna corrección automática encontrada para esta entrada.
HKLM\System\CurrentControlSet\Services\ManyCam Service => eliminado correctamente
ManyCam Service => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\WsAppService => eliminado correctamente
WsAppService => servicio eliminado correctamente
WsDrvInst => servicio no encontrado.
HKLM\System\CurrentControlSet\Services\QMEmulatorService => eliminado correctamente
QMEmulatorService => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\EnigmaFileMonDriver => eliminado correctamente
EnigmaFileMonDriver => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\ManyCam => eliminado correctamente
ManyCam => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\mcaudrv_simple => eliminado correctamente
mcaudrv_simple => servicio eliminado correctamente
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Adobe.Acrobat.ContextMenu => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Nitro.Pro.ShellExtension.Shim => eliminado correctamente
HKLM\Software\Classes\CLSID\{211B6F25-950C-49CD-AB86-A448EF85686A} => eliminado correctamente
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Adobe.Acrobat.ContextMenu => eliminado correctamente
C:\WINDOWS\System32 => ":tdsrset_i.gfc" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini => ":B1DA6C571C" ADS eliminado correctamente
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Video Downloader.lnk" => ":CCF539F03F" ADS no encontrado.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk => ":A1B76439FE" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike WaRzOnE.lnk => ":17D621BEAD" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk => ":B96E9B8455" ADS eliminado correctamente
C:\Users\Public\Shared Files => ":VersionCache" ADS eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\SophosVirusRemovalTool => eliminado correctamente
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\SophosVirusRemovalTool => eliminado correctamente
HKU\S-1-5-21-1691082389-834839770-2912174567-1001\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => valor restaurado correctamente
No se pudo restaurar Predeterminado URLSearchHook.
"HKU\S-1-5-21-1691082389-834839770-2912174567-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => eliminado correctamente
HKU\S-1-5-21-1691082389-834839770-2912174567-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910} => eliminado correctamente
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{47833539-D0C5-4125-9FA8-0819E2EAAC93}" => eliminado correctamente
"HKU\S-1-5-21-1691082389-834839770-2912174567-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Monosnap" => eliminado correctamente
"HKU\S-1-5-21-1691082389-834839770-2912174567-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Monosnap" => no encontrado
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AEB50C5C-E8B9-49F2-A7BB-E215F3C817DD}" => eliminado correctamente
"C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe" => no encontrado
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe" => no encontrado
"C:\Users\darli\AppData\Local\Monosnap\App\Monosnap.exe" => no encontrado
"C:\Users\darli\AppData\Local\Monosnap" => no encontrado
"C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe" => no encontrado
C:\Program Files (x86)\Skillbrains\Updater\Updater.exe => movido correctamente

"C:\Program Files (x86)\Skillbrains" carpeta mover:

C:\Program Files (x86)\Skillbrains => movido correctamente
"C:\ProgramData\ManyCam\Service\ManyCamService.exe" => no encontrado
"C:\ProgramData\ManyCam" => no encontrado
C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppService.exe => movido correctamente

"C:\Program Files (x86)\Wondershare" carpeta mover:

C:\Program Files (x86)\Wondershare => movido correctamente
"C:\Program Files (x86)\Wondershare\MirrorGo\DriverInstall.exe" => no encontrado
"C:\Program Files (x86)\Wondershare" => no encontrado
C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys => movido correctamente
C:\WINDOWS\system32\DRIVERS\mcvidrv.sys => movido correctamente
C:\WINDOWS\system32\drivers\mcaudrv_x64.sys => movido correctamente

"C:\ProgramData\Sophos" carpeta mover:

C:\ProgramData\Sophos => movido correctamente

"C:\$WinREAgent" carpeta mover:

C:\$WinREAgent => movido correctamente

"C:\Program Files (x86)\LightingService" carpeta mover:

No pudo ser movido "C:\Program Files (x86)\LightingService" => Programado para moverse al reiniciar.

"C:\ProgramData\Wondershare Filmora" => no encontrado
C:\WINDOWS\system32\drivers\etc\hosts.ics => movido correctamente

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.


========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Wi-Fi mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 3 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 12 mientras los medios
est‚n desconectados.

Adaptador de Ethernet VirtualBox Host-Only Network:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::9595:6934:4ac4:b21b%20
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.56.1
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 

Adaptador de Ethernet Ethernet:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Direcci¢n IPv6 . . . . . . . . . . : 2800:200:fdc0:25a7:8321:1eb0:cdf6:e710
   Direcci¢n IPv6 temporal. . . . . . : 2800:200:fdc0:25a7:a0e5:5e7c:c326:fc16
   V¡nculo: direcci¢n IPv6 local. . . : fe80::6eca:51af:49e7:be7e%7
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.17
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : fe80::a698:13ff:feb3:d5d6%7
                                       192.168.0.1

Adaptador de LAN inal mbrica Wi-Fi:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 3:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 12:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 


========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

{A9237265-D936-4361-A87F-61FCCF8F28A2} canceled.
{9F47036A-89BA-47EE-94AB-490F2BB2A3A0} canceled.
{59EEB29C-C4FB-416C-9F74-22BB79B05DCE} canceled.
{9F95DD38-7912-41AE-B02E-118F8FA8CCD1} canceled.
{10CEBF4C-BB10-4244-B4D5-6242F74F805B} canceled.
{8923F6C2-EEB5-4BBF-B645-370242DA584C} canceled.
{A5F3BC8E-7508-41BE-9574-56784E4AD5C6} canceled.
{2EEFDDCA-BAD9-4013-9105-D8A8AA8351FC} canceled.
{8995B308-D5D4-48BB-9392-603A1BFC8F8E} canceled.
{A2560FF0-9FD2-4CEF-8AAF-49A51DD3B6D3} canceled.
10 out of 10 jobs canceled.


========= Final de CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.



========= Final de CMD: =========


========= netsh advfirewall reset =========

Aceptar



========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar



========= Final de CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.



========= Final de CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.



========= Final de CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-1691082389-834839770-2912174567-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1691082389-834839770-2912174567-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-1691082389-834839770-2912174567-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1691082389-834839770-2912174567-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

=========== EmptyTemp: ==========

FlushDNS => completado
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 34860578 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 434132671 B
Windows/system/drivers => 74382300 B
Edge => 0 B
Chrome => 4944138745 B
Firefox => 607319389 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 15936 B
systemprofile32 => 26766 B
LocalService => 26766 B
NetworkService => 5972998 B
darli => 565367109 B
Administrador => 565463827 B

RecycleBin => 147570025 B
EmptyTemp: => 6.9 GB datos temporales eliminados.

================================

Resultado de los archivos programados para mover (Modo de Inicio: Normal) (Fecha y Hora: 30-11-2023 11:15:34)

C:\Program Files (x86)\LightingService => Se ha movido correctamente

Resultado de las claves programadas para eliminar después de reiniciar:

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => eliminado correctamente

==== Final  Fixlog 11:15:34 ====

Acerca de como va el ordenador, realicé el análisis nuevamente con Malwarebytes AdwCleaner y sigue apareciendo el Adware.Mindspark y PUP.Optionals, que son: (Deleted cknghehebaconkajgiobncfleofebcog Deleted kpocjpoifmommoiiiamepombpeoaehfh Deleted kpocjpoifmommoiiiamepombpeoaehfh), dejo nuevamente el registro de ellos:

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build:    08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    11-30-2023
# Duration: 00:00:01
# OS:       Windows 10 (Build 19045.3693)
# Cleaned:  3
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted       cknghehebaconkajgiobncfleofebcog
Deleted       kpocjpoifmommoiiiamepombpeoaehfh
Deleted       kpocjpoifmommoiiiamepombpeoaehfh

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1580 octets] - [30/10/2023 10:34:05]
AdwCleaner[C00].txt - [1714 octets] - [30/10/2023 10:34:19]
AdwCleaner[S01].txt - [1702 octets] - [30/10/2023 11:14:49]
AdwCleaner[S02].txt - [1763 octets] - [30/10/2023 11:25:48]
AdwCleaner[C02].txt - [1897 octets] - [30/10/2023 11:26:11]
AdwCleaner[S03].txt - [1885 octets] - [30/11/2023 11:34:57]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########

Hola buenas @Darkar33

DESINSTALACIÓN EXTENSIONES

En este caso quitas las extensiones que te detecta el AdwCleaner tal y como se indica en el siguiente enlace:

https://www.howtogeek.com/140464/how-to-manually-uninstall-a-globally-installed-chrome-extension/

Quitas estas:

cknghehebaconkajgiobncfleofebcog
kpocjpoifmommoiiiamepombpeoaehfh

Si el primer método no funciona, pasas al segundo, si el segundo método no funciona, pasas al tercero. Me informas de ello, de como ha ido todo esto.

Salu2.