Algo me cierra carpetas y administrador de tareas

Buenas tardes, Esta tarde, trabajando desde casa he descargado un Excel del ministerio y creo que tenía un virus o algo

A raíz de abrirlo y que no funcionara, me ha empezado a cerrar las fotos, carpetas o similar.

¿Me podríais echar una mano?

Pasé el malwarebytes y me puso 3 cosas en cuarentena pero sigue igual.

…

Estoy intentando seguir vuestros tutoriales. He pasado el CCleaner como el manual y el malwarebytes. No me han detectado nada nuevo y no he podido guardar copia de seguridad del registro porque me cierra el programa casa vez que intento guardar algo (casa vez que se abre algo de carpetas) y no me deja abrir: Adwcleaner FRST64 Rkill con el nombre cambiado a iExplorer.

El FRST parece abrirse pero desaparece. Los otros 2 dan un error y no abren. Todo lo he abierto como administrador y lo he hecho sin conexión hasta ahora que estoy pasando el Eset online scanner

Hola @KnightAnubis

Vamos a ver si podemos hacer algo

Si tenes el archivo subilo a virustotal quizás nos de algo de informacion util y copia y pega la url del analisis.

Luego en modo seguro con funciones de red

• ¿Cómo iniciar Windows 8/8.1 en Modo Seguro? - Guías, manuales, tutoriales y más - ForoSpyware

(Mantén conectados todos tus dispositivos externos que tengas como: USBs, discos duros externos, etc).

Por favor, descarga todo el software de los enlaces que pongo/de sus respectivos manuales.

Ahora ejecutarás una serie de herramientas respetando el orden los pasos con todos los programas cerrados incluidos los navegadores.

Conectas todos tus dispositivos externos (todos los discos duros externos que tengas, así como todas las USB que tengas y discos duros externos si también tienes.

Realiza los pasos que te pongo a continuación, sin cambiar el orden y síguelos al pie de la letra:

0) Descarga Ccleaner. Aquí te dejo su manual: Manual de CCleaner , para que sepas como usarlo y configurarlo correctamente.

Lo instalas y lo ejecutas. En la pestaña Limpieza personalizada dejas la configuración predeterminada. Haces clic en Analizar y esperas a que termine. Seguidamente haz clic en Ejecutar Limpiador. Clic en la pestaña Registro > clic en Buscar Problemas esperas que termine. Finalmente clic en Reparar Seleccionadas y realizas una Copia de Seguridad del registro de Windows.

1) Descarga, instala, actualiza y ejecuta Malwarebytes’ Anti-Malware. Aquí te dejo su manual: Manual de Malwarebytes , para que sepas como usarlo y configurarlo correctamente.

• Realizas un Análisis Personalizado, marcando Todas las casillas (menos la que dice analizar rootkits) de la Derecha y de la Izquierda, actualizando si te lo pide. Es decir: conectas todos tus dispositivos externos (todos los discos duros externos que tengas, así como todas las USB que tengas y marcas todas las unidades de disco disponibles y las siguientes casillas:

1. Analizar objetos en memoria
2. Analizar configuracion de inicio y registro
3. Analizar dentro de los archivos

• Pulsar en “Eliminar Seleccionados” para enviar las infecciones a la cuarentena y Reinicias el ordenador.
• Para acceder posteriormente al informe del análisis te diriges a: Informes >> Registro de análisis >> pulsas en Exportar >> Copiar al Portapapeles y pones el informe en tu próxima respuesta.

2) Descarga Adwcleaner en el escritorio.

• Desactiva tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.
• Ejecuta Adwcleaner.exe (Si usas Windows Vista/7/8 u 10 presiona clic derecho y selecciona “Ejecutar como Administrador.”)
• Pulsar en el botón Analizar Ahora, y espera a que se termine el análisis. Inmediatamente pulsa sobre el botón Iniciar Reparación.
• Espera a que termine y sigue las instrucciones que te aparezcan. Si te pidiera Reiniciar, pues reinicias el ordenador pulsando en Aceptar.
• Si no encuentra nada, pulsa en Omitir Reparación.
• El log lo encontrarás en la pestaña Informes, volviendo a abrir el programa, si es necesario o en la siguiente ubicación: C:\AdwCleaner\Logs\AdwCleaner[C0].txt.
• Para más información aquí te dejo su manual: Manual de Adwcleaner.
• Activa de nuevo tu antivirus y cualquier programa de seguridad que tengas activado.

3) Utiliza nuevamente CCleaner tal como te dije en el punto 0.

Pegas los reportes de Malwarebytes y AdwCleaner y comentas como va el problema inicial planteado por el cual abriste este tema. También responde a las preguntas que te haya realizado a lo largo de este Post, siempre que te haya hecho alguna, si no, no

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

• No realices pasos/acciones que NOSOTROS no te hayamos indicado.
• No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
• No instales NADA (programas/software/complementos/extensiones del navegador…).
• No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
• No realices por tu cuenta otros procedimientos.
• Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

report703×272 3.73 KB

Salu2.

Buenas de nuevo y muchas gracias por vuestra ayuda.

En cuanto al “excel trampa”, decir que me puse nervioso y lo borré.

Informe Malwarebytes:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 16/6/22
Hora del análisis: 7:55
Archivo de registro: e6fa191e-ed38-11ec-86a0-408d5c1426e8.json

-Información del software-
Versión: 4.5.10.200
Versión de los componentes: 1.0.1702
Versión del paquete de actualización: 1.0.56180
Licencia: Gratis

-Información del sistema-
SO: Windows 10 (Build 19044.1766)
CPU: x64
Sistema de archivos: NTFS
Usuario: Gonzalo-PC\Gonzalo

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 824472
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 45 min, 31 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Reporte de AdwCleaner (curiosamente no me funcionaba Avira en este modo y no pude inciarlo):

# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build:    03-23-2022
# Database: 2022-03-15.3 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    06-16-2022
# Duration: 00:00:00
# OS:       Windows 10 Home
# Cleaned:  0
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2020 octets] - [16/06/2022 00:15:12]
AdwCleaner[C00].txt - [2140 octets] - [16/06/2022 00:15:53]
AdwCleaner[S01].txt - [1528 octets] - [16/06/2022 08:42:52]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Siento ser pesado porque decís que no escribamos nada si no nos preguntáis, pero creo que en estos informes no sale nada, dado que ayer estuve leyéndoos y haciendo alguna cosa más. Me explico como:

Después del último paso que os he indicado en el primer post, ejecuté el Eset online y me detectó 6 incidencias. NO TERMINÓ porque salió un pantallazo azul.

Al reiniciarse el Eset tenía 6 archivos en cuarentena. Y Malwarebytes los 3 en cuarentena que encontró inicialmente.

Volví a iniciar los pasos de, con administrador y sin internet ni antivirus:

Completo de Ccleaner Rkill esta vez se ejecutó y tuvo este informe:

# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build:    03-23-2022
# Database: 2022-03-15.3 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    06-16-2022
# Duration: 00:00:00
# OS:       Windows 10 Home
# Cleaned:  0
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2020 octets] - [16/06/2022 00:15:12]
AdwCleaner[C00].txt - [2140 octets] - [16/06/2022 00:15:53]
AdwCleaner[S01].txt - [1528 octets] - [16/06/2022 08:42:52]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Adwcleaner, lo ejecuté, funcionó esta vez y tuve este informe:

# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build:    03-23-2022
# Database: 2022-03-15.3 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    06-16-2022
# Duration: 00:00:01
# OS:       Windows 10 Home
# Cleaned:  7
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7D2B3E1D-D096-4594-9D8F-A6667F12E0AC}
Deleted       HKLM\Software\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Deleted       HKLM\Software\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Deleted       HKLM\Software\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted       banggood.com

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted       Preinstalled.ASUSProductRegistration   Folder   C:\Program Files (x86)\ASUS\APRP
Deleted       Preinstalled.ASUSProductRegistration   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2020 octets] - [16/06/2022 00:15:12]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

FRST, se ejecutó esta vez y salió este informe:

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 15-06-2022
Ejecutado por Gonzalo (administrador) sobre GONZALO-PC (Gigabyte Technology Co., Ltd. Z97X-Gaming 3) (16-06-2022 00:17:42)
Ejecutado desde C:\Users\Gonzalo\Desktop
Perfiles cargados: Gonzalo
Plataforma: Microsoft Windows 10 Home Versión 21H2 19044.1706 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(C:\Program Files (x86)\Avira\Antivirus\avguard.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\10.1.0.3194\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(services.exe ->) (CyberLink -> CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
(services.exe ->) (CyberLink -> CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer) C:\Program Files (x86)\Razer\RzUpdateEngineService\RzUpdateEngineService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RZSurroundHelper] => C:\WINDOWS\system32\RZSurroundHelper.exe [384240 2019-11-11] (Razer USA Ltd. -> )
HKLM\...\Run: [RZTHXHelper] => C:\WINDOWS\system32\RZTHXHelper.exe [385264 2020-04-26] (Razer USA Ltd. -> )
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3069768 2022-06-03] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [332848 2022-05-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [668376 2021-05-11] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe [2913648 2021-05-10] (Autodesk, Inc. -> Autodesk)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5237416 2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restricción <==== ATENCIÓN
HKU\S-1-5-21-3099137771-1455174418-2327952307-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36836592 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3099137771-1455174418-2327952307-1001\...\Run: [] => [X]
HKU\S-1-5-21-3099137771-1455174418-2327952307-1001\...\Policies\Explorer: [DisallowCpl] 1
HKU\S-1-5-21-3099137771-1455174418-2327952307-1001\...\Policies\Explorer: [] 
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65496 2021-04-21] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\doPDF   6 Monitor: C:\Windows\system32\dopdfmn6.dll [22168 2008-12-02] (Softland -> Softland)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\102.0.5005.115\Installer\chrmstp.exe [2022-06-13] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
GroupPolicy: Restricción ? <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {03613F8C-0154-44F4-ACCB-36E2F8AA45AD} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\7 => C:\Program Files (x86)\Creative\Creative Live! Cam\VideoFX\StartFX.exe [24576 2006-06-09] (Creative Technology Ltd.) [Archivo no firmado]
Task: {09D97BED-03BB-40C5-9CDB-85D618136814} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\3 => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Ningún archivo)
Task: {0A83DD08-0D06-4C54-86E4-EE9A551E2FBE} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\2 => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0D130386-7B33-4169-B085-47B5303380D7} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {1232F43A-B672-4FE7-97CC-2499FA8F123C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Ningún archivo)
Task: {13FCC05D-94D1-406D-BB54-5C4D408F8A79} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (Ningún archivo)
Task: {1C0936E8-FFDD-41B5-9147-4D5EB582404A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Ningún archivo)
Task: {1F016139-9187-4212-AFFC-192895246AE7} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Ningún archivo)
Task: {2E530DAA-3A24-490E-9852-E8856410494B} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Ningún archivo)
Task: {30829EBC-72C8-4BFD-AEA3-7E29BCE7DB04} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Ningún archivo)
Task: {3FA320A4-D487-4602-897B-62E48669EFE6} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\6 => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-02-17] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
Task: {402F58BC-6AFE-46E6-8A00-951E33A4BC0B} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\5 => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [332848 2022-05-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) -> -launch "C:\ProgramData\Avira\SystemSpeedup\Delay Load for ALL\Killer Network Manager.lnk" -minimize
Task: {43AA5B35-719C-4841-A2A0-D6F93111773B} - System32\Tasks\EOSv3 Scheduler onTime => D:\Descargas\esetonlinescanner_esn.exe SCHED (Ningún archivo)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {499B7144-3BC2-4927-B935-4320E1D25F39} - \Microsoft\Windows\Setup\EOSNotify -> Ningún archivo <==== ATENCIÓN
Task: {4B4B3456-FC31-414A-A9B6-F1A5641D7E95} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Ningún archivo)
Task: {4CD24CBC-B1E8-4F38-A006-F23D40B84F5F} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe -LogonOrUnlock (Ningún archivo)
Task: {4F0BAE94-8DAA-4468-9EAB-8C116393B60B} - System32\Tasks\EOSv3 Scheduler onLogOn => D:\Descargas\esetonlinescanner_esn.exe LOGON (Ningún archivo)
Task: {5037F930-3288-444D-B6B2-00BF18896833} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-05-11] (Piriform Software Ltd -> Piriform)
Task: {5699F5B9-726F-41D4-80CC-BB8B7DBDA9AD} - System32\Tasks\{C07CE0B2-17A1-45B9-84EF-8938AF78D8A0} => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [114017640 2021-08-10] (Skype Software Sarl -> Skype Technologies S.A.)
Task: {56CA7765-1DB8-45DD-B34C-71B999EC6080} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Ningún archivo)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5E86D8BC-1B7D-42BF-A6AF-BF59FD1DE19D} - System32\Tasks\{41F46CD9-14DE-4E9C-8956-17BD7D13217B} => C:\Windows\system32\pcalua.exe -a "D:\Gonzalo\Ramon Campayo\Curso de lectura rápida\Pack1\Instalación Pack 1 TSR.exe" -d "D:\Gonzalo\Ramon Campayo\Curso de lectura rápida\Pack1"
Task: {6047E6C3-147E-4CFA-89AF-0A2252839157} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\4 => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) [Archivo no firmado]
Task: {60F74482-6272-46C8-B784-92DA699D9519} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2648424 2021-11-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {64897F99-FE72-4F1C-8E6C-6764F291D5B5} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\1 => C:\Program Files (x86)\Shark Zone M20\Monitor.EXE [471040 2014-07-15] () [Archivo no firmado]
Task: {6C0615DD-0B5F-4039-9947-0F61CE085DB4} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {70E9846C-BD0F-4117-99C7-BC076AE4D768} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Ningún archivo)
Task: {7279AE6F-B17F-40D7-8B5F-17103B308763} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1647416 2022-05-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {7C257B9F-8786-43A1-96E3-687741A10319} - System32\Tasks\Avira_Security_Update => C:\WINDOWS\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {7E788995-B7C9-4102-9450-095D9B4CA9F0} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Ningún archivo)
Task: {811A0552-F59A-471B-8367-3534F7A0E026} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Ningún archivo)
Task: {8414B7C8-73BC-4C37-970B-4B400486B1C6} - \GoogleUpdateTaskUserS-1-5-21-3099137771-1455174418-2327952307-1000Core -> Ningún archivo <==== ATENCIÓN
Task: {8A3FEDE8-10C5-4AF6-8A50-5A43DF7F7330} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {92228868-0FA8-4778-839A-2E9D0286A367} - System32\Tasks\CCleanerSkipUAC - Gonzalo => C:\Program Files\CCleaner\CCleaner.exe [30924528 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {959569F6-4A98-4613-B45C-7FBC99326C22} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {960C22DB-F7E8-44FA-B378-2273F97FDD9C} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Ningún archivo)
Task: {99460A54-5D7C-4FF2-815F-7E303B09F746} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {9E472A2B-A38B-4888-97D8-AAC7125ED481} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-29] (Google Inc -> Google Inc.)
Task: {A3714F30-F05B-4E47-9FD4-74F276242510} - \Microsoft\Windows\Setup\EOSNotify2 -> Ningún archivo <==== ATENCIÓN
Task: {A5AB1AA0-B922-40A5-96D7-D8F37A1BF144} - \GoogleUpdateTaskUserS-1-5-21-3099137771-1455174418-2327952307-1000UA -> Ningún archivo <==== ATENCIÓN
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B512213F-2E88-44E1-A518-84C6ABA9A3AB} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {B5D8AFE8-BD7D-4F75-BC7B-681707FCDA74} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Ningún archivo)
Task: {B615AE4A-B557-448A-B352-32B07C54296C} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {B615AE4A-B557-448A-B352-32B07C54296C} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {B615AE4A-B557-448A-B352-32B07C54296C} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
Task: {BA4D5CFE-B582-4D5C-B93F-9B0B40A3205B} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Ningún archivo)
Task: {BEEB0C4F-2903-4C57-B076-228728619180} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {C152B474-E2DC-46B1-B6C2-DC858B71ED85} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Ningún archivo)
Task: {C8C523CA-BC9D-49D8-A769-688B6FCE9846} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [256336 2022-05-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {CD2565DD-4653-4B20-810D-63817B6F146B} - System32\Tasks\{964C642F-3536-4EF5-8BA4-B081B43F0B72} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.31.80.104/es/abandoninstall?page=tsMain
Task: {CFAA3138-1135-4C47-873C-D5CD1BBCB37B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Ningún archivo)
Task: {D25EF09B-2D01-42A5-8C02-6D7236DF60E4} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {D28A7FEA-6CEE-48A8-A3F5-563D056653CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-29] (Google Inc -> Google Inc.)
Task: {D3F1BD32-F7DD-4016-96FF-BFCE268E1BE3} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Ningún archivo)
Task: {DF6AC915-D004-45EF-8FB0-2ED5F9872AFC} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Ningún archivo)
Task: {E1A218AD-2D86-4FA7-B1E2-B847358138E0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Ningún archivo)
Task: {E2E6481A-0932-46B5-A3A1-B9654C75E246} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Ningún archivo)
Task: {E3611B4A-8813-42D2-8B4B-653C1115AFAA} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe (Ningún archivo)
Task: {E7FA4286-D785-4716-8FFC-583B9D96B17B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC0F5C1A-A9FE-448C-A5BF-84C3168BD5F5} - System32\Tasks\{564C74AB-0372-44DD-987F-49DE9345B2C5} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.85.105/es/abandoninstall?page=tsMain
Task: {EC100D74-D1F6-4508-A99E-6F9EAA7F5F79} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe /StartRecording (Ningún archivo)
Task: {EC2A6A69-623E-4956-97D1-A0D589070B35} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe -Daily (Ningún archivo)
Task: {EE64E71E-4557-4001-88AA-E74B498D24B2} - System32\Tasks\AviraSystemSpeedupVerify => C:\Program Files (x86)\Avira\System Speedup\setup\avira_speedup_setup.exe [32819448 2022-05-16] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
Task: {EF79184D-93BB-4540-A290-CAF66C405FF1} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Ningún archivo)
Task: {F3AA74E2-969C-4312-9CC9-8577CA59EA01} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [332848 2022-05-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {F67B7548-CE33-4F7A-8F95-7A2CBD77A6A9} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Ningún archivo)
Task: {F7776707-6B23-465E-9645-32A94C8CF7AC} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1112576 2017-05-19] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3297818284-2278180918-2745220028-1000Core.job => C:\Users\usuario\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3297818284-2278180918-2745220028-1000UA.job => C:\Users\usuario\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATENCIÓN (Restricción - Zones)
Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 212.166.210.82 212.166.132.104
Tcpip\..\Interfaces\{8CD1709D-E3E4-43B7-9FFB-E787ADC4A432}: [DhcpNameServer] 212.166.210.82 212.166.132.104
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restricción <==== ATENCIÓN

Edge: 
=======
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Gonzalo\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-15]
Edge HomePage: Default -> hxxp://www.google.es/
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Gonzalo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-03-06]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF ProfilePath: C:\Users\Gonzalo\AppData\Roaming\Mozilla\Firefox\Profiles\pwBcTOG9.default [2021-02-18]
FF Extension: (Avira Password Manager) - C:\Users\Gonzalo\AppData\Roaming\Mozilla\Firefox\Profiles\pwBcTOG9.default\Extensions\[email protected] [2019-09-04]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-04-20]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll [2012-06-13] (Adobe Systems Incorporated -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-02-25] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-02-25] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Gonzalo\AppData\Local\Google\Chrome\User Data\Default [2022-06-15]
CHR DownloadDir: C:\Users\Gonzalo\Desktop
CHR HomePage: Default -> hxxp://www.google.es/
CHR Session Restore: Default -> está habilitado.
CHR Extension: (Just Black) - C:\Users\Gonzalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2020-08-09]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Gonzalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2020-05-21]
CHR Extension: (Thea) - C:\Users\Gonzalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eempehimgjdipjalffmbnmjeanfkjiac [2022-03-08]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Gonzalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-15]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Gonzalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-06-09]
CHR Extension: (WhatFont) - C:\Users\Gonzalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2020-04-04]
CHR Extension: (Betaflight - Configurator) - C:\Users\Gonzalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdaghagfopacdngbohiknlhcocjccjao [2018-12-07]
CHR Extension: (Kindle Cloud Reader) - C:\Users\Gonzalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lolflkiacpkijeinkicebbhjcjjdhchf [2017-05-18]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Gonzalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1050920 2021-05-11] (Autodesk, Inc. -> Autodesk Inc.)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16930616 2019-12-18] (Autodesk, Inc. -> Autodesk)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [203264 2009-08-18] (AMD) [Archivo no firmado]
R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1206648 2021-07-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [538000 2021-07-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [485048 2021-07-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [485048 2021-07-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574832 2022-01-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Archivo no firmado]
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3000608 2022-03-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [386864 2022-03-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [264456 2022-05-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [282008 2022-05-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [789744 2022-05-11] (Piriform Software Ltd -> )
S2 CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [83240 2011-04-20] (CyberLink -> )
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2015-10-29] (Creative Labs) [Archivo no firmado]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2015-10-29] (Creative Labs) [Archivo no firmado]
S2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [406016 2011-09-14] (Creative Technology Ltd) [Archivo no firmado]
R2 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [70952 2011-03-31] (CyberLink -> CyberLink)
R2 CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe [312616 2011-03-31] (CyberLink -> CyberLink)
S2 ImDskSvc; C:\WINDOWS\system32\imdsksvc.exe [25720 2019-07-17] (Avira Operations GmbH & Co. KG -> Olof Lagerkvist)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8524512 2022-05-13] (Malwarebytes Inc. -> Malwarebytes)
S2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [Archivo no firmado]
R2 Razer Update Service; C:\Program Files (x86)\Razer\RzUpdateEngineService\RzUpdateEngineService.exe [408912 2020-04-02] (Razer USA Ltd. -> Razer)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S2 RzSndSrv; C:\WINDOWS\system32\RZSurroundService.exe [353520 2019-11-11] (Razer USA Ltd. -> Razer)
S2 RzThxSrv; C:\WINDOWS\system32\RZTHXService.exe [357104 2020-04-26] (Razer USA Ltd. -> Razer)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10595144 2022-06-03] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2020-01-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22848 2021-07-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [209088 2021-11-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2020-01-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2020-01-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bflwfx64.sys [67888 2013-02-13] (Qualcomm Atheros, Inc. -> Qualcomm Atheros, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Archivo no firmado]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Archivo no firmado]
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [24056 2016-01-14] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Archivo no firmado]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2016-07-11] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Archivo no firmado]
R3 GM312Fltr; C:\WINDOWS\system32\drivers\GM312Fltr.sys [10624 2013-08-21] (Microsoft Windows Hardware Compatibility Publisher -> LXD Development, Inc.)
R2 ImDisk; C:\WINDOWS\System32\DRIVERS\imdisk.sys [95376 2019-07-17] (Microsoft Windows Hardware Compatibility Publisher -> Olof Lagerkvist)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-04-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 NETw5s64; C:\WINDOWS\System32\DRIVERS\NETw5s64.sys [7675392 2010-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S3 NVFLASH; C:\Windows\system32\drivers\nvflash.sys [15648 2014-01-06] (NVIDIA Corporation -> )
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [50248 2021-08-19] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [9229176 2020-12-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R0 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [91896 2017-03-20] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
R0 secnvmeF; C:\WINDOWS\System32\drivers\secnvmeF.sys [30664 2017-03-20] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
R3 sRZTHXSpatial; C:\WINDOWS\System32\drivers\RZTHXSpatial.sys [172024 2020-04-26] (Razer USA Ltd. -> Windows (R) Win 7 DDK provider)
R3 sRZVAD; C:\WINDOWS\System32\drivers\RZSurround.sys [172208 2019-11-11] (Razer USA Ltd. -> Windows (R) Win 7 DDK provider)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8596912 2022-06-03] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [148976 2011-04-12] (CyberLink -> CyberLink Corp.)
U3 idsvc; no ImagePath
S3 libusb0; \SystemRoot\system32\DRIVERS\libusb0.sys [X]

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2022-06-16 00:17 - 2022-06-16 00:18 - 000037749 _____ C:\Users\Gonzalo\Desktop\FRST.txt
2022-06-16 00:16 - 2022-06-16 00:17 - 000000000 ____D C:\FRST
2022-06-16 00:16 - 2022-06-16 00:16 - 000002140 _____ C:\Users\Gonzalo\Desktop\AdwCleaner[C00].txt
2022-06-16 00:14 - 2022-06-16 00:15 - 000000000 ____D C:\AdwCleaner
2022-06-16 00:13 - 2022-06-16 00:13 - 000003708 _____ C:\Users\Gonzalo\Desktop\Rkill.txt
2022-06-15 22:52 - 2022-06-15 22:52 - 2594070693 ____N C:\WINDOWS\MEMORY.DMP
2022-06-15 22:52 - 2022-06-15 22:52 - 001145468 _____ C:\WINDOWS\Minidump\061522-66390-01.dmp
2022-06-15 22:10 - 2022-06-15 22:10 - 000000000 ___HD C:\$WinREAgent
2022-06-15 20:10 - 2022-06-16 00:12 - 000001384 _____ C:\Users\Gonzalo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-06-15 20:10 - 2022-06-16 00:12 - 000001278 _____ C:\Users\Gonzalo\Desktop\ESET Online Scanner.lnk
2022-06-15 19:04 - 2022-06-15 19:04 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-06-15 19:00 - 2022-06-15 19:01 - 015274968 _____ (ESET) C:\Users\Gonzalo\Desktop\esetonlinescanner.exe
2022-06-15 18:54 - 2022-06-15 18:54 - 002368000 _____ (Farbar) C:\Users\Gonzalo\Desktop\FRST64.exe
2022-06-15 18:46 - 2022-06-15 18:50 - 008551608 _____ (Malwarebytes) C:\Users\Gonzalo\Desktop\adwcleaner.exe
2022-06-15 18:32 - 2022-06-15 18:32 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Gonzalo\Desktop\iExplore.exe
2022-06-15 18:19 - 2022-06-15 18:19 - 000000000 ___HD C:\$SysReset
2022-06-07 19:28 - 2022-06-07 19:21 - 000001188 _____ C:\Users\Gonzalo\Desktop\Cuestionario UAS.lnk
2022-06-07 19:21 - 2022-06-07 19:21 - 000001188 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cuestionario UAS.lnk
2022-06-07 19:21 - 2022-06-07 19:21 - 000000000 ____D C:\Program Files (x86)\Cuestionario UAS
2022-06-07 17:00 - 2022-06-07 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Agisoft
2022-06-07 16:59 - 2022-06-07 16:59 - 000000000 ____D C:\Program Files\Agisoft
2022-06-03 12:17 - 2022-06-03 12:17 - 000003888 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Maintenance
2022-06-03 12:17 - 2022-06-03 12:17 - 000003428 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2022-06-01 00:13 - 2022-06-01 00:13 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2022-06-01 00:13 - 2022-06-01 00:13 - 000002241 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2022-05-24 13:25 - 2022-05-24 13:25 - 000001675 _____ C:\Users\Gonzalo\Desktop\metashape.exe - Acceso directo.lnk
2022-05-24 11:38 - 2022-05-24 11:38 - 000000000 ____D C:\Users\Gonzalo\AppData\Local\data
2022-05-24 11:38 - 2022-05-24 11:38 - 000000000 ____D C:\Users\Gonzalo\AppData\Local\Agisoft
2022-05-24 11:38 - 2022-05-24 11:38 - 000000000 ____D C:\Users\Gonzalo\.ipython
2022-05-24 11:38 - 2022-05-24 11:38 - 000000000 ____D C:\ProgramData\Reprise
2022-05-24 11:37 - 2022-05-24 11:37 - 000000000 ____D C:\Users\Gonzalo\AppData\Roaming\Agisoft
2022-05-23 17:35 - 2022-05-23 17:35 - 000000000 __HDC C:\ProgramData\{DA437C79-B695-45AA-ADE4-FE5784F094A1}
2022-05-23 17:35 - 2022-05-23 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GeneradorGML
2022-05-23 16:58 - 2022-05-23 16:58 - 000000000 ____D C:\ProgramData\Piriform
2022-05-22 23:47 - 2022-05-25 20:11 - 000000000 ____D C:\DRON

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2022-06-16 00:15 - 2015-11-02 01:05 - 000000000 ____D C:\ProgramData\NVIDIA
2022-06-16 00:15 - 2015-10-29 19:26 - 000000000 ____D C:\Program Files (x86)\ASUS
2022-06-16 00:15 - 2012-06-13 18:11 - 000000000 ____D C:\Program Files (x86)\Google
2022-06-15 23:45 - 2020-11-12 11:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-06-15 22:59 - 2020-11-12 11:12 - 001927724 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-06-15 22:59 - 2019-12-07 16:55 - 000828688 _____ C:\WINDOWS\system32\perfh00A.dat
2022-06-15 22:59 - 2019-12-07 16:55 - 000175030 _____ C:\WINDOWS\system32\perfc00A.dat
2022-06-15 22:59 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-06-15 22:54 - 2020-05-16 00:12 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2022-06-15 22:54 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-06-15 22:54 - 2015-10-30 01:34 - 000000000 ____D C:\Program Files\CCleaner
2022-06-15 22:53 - 2021-12-15 10:49 - 000000000 ____D C:\WINDOWS\Minidump
2022-06-15 22:52 - 2021-11-10 13:04 - 000000000 ____D C:\ProgramData\Autodesk
2022-06-15 22:52 - 2020-11-12 11:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-06-15 22:52 - 2020-11-12 11:10 - 000000000 ____D C:\Users\Gonzalo
2022-06-15 22:52 - 2019-09-04 18:09 - 000000000 ____D C:\Users\Public\Speedup Sessions
2022-06-15 22:52 - 2016-06-27 17:18 - 000000000 __SHD C:\Users\Gonzalo\IntelGraphicsProfiles
2022-06-15 22:52 - 2015-10-29 20:27 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-06-15 20:09 - 2017-02-18 17:46 - 000000000 ____D C:\Users\Gonzalo\AppData\Local\CrashDumps
2022-06-15 19:20 - 2020-11-12 11:16 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-06-15 13:54 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-06-15 13:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-06-15 12:02 - 2021-11-11 19:44 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-06-15 12:01 - 2021-11-11 19:44 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-06-15 08:21 - 2020-09-01 03:45 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-06-15 08:21 - 2020-09-01 03:45 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-06-14 11:23 - 2020-01-27 02:27 - 000000000 ____D C:\Users\Gonzalo\AppData\Local\Packages
2022-06-14 08:14 - 2021-11-10 13:14 - 000000000 ____D C:\ProgramData\boost_interprocess
2022-06-13 23:27 - 2015-10-29 19:21 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-06-13 23:27 - 2015-10-29 19:21 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-06-13 23:23 - 2021-10-16 10:50 - 000000000 ____D C:\Program Files\Riot Vanguard
2022-06-13 16:09 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-06-13 14:07 - 2021-02-18 18:04 - 000051485 _____ C:\Users\Gonzalo\.pdfbox.cache
2022-06-13 14:07 - 2021-02-18 18:02 - 000000000 ____D C:\Users\Gonzalo\.afirma
2022-06-07 20:18 - 2020-03-04 17:45 - 000000000 ____D C:\Users\Gonzalo\AppData\Roaming\discord
2022-06-07 19:54 - 2020-03-04 17:45 - 000000000 ____D C:\Users\Gonzalo\AppData\Local\Discord
2022-06-06 17:09 - 2016-08-14 15:08 - 000000000 ____D C:\Users\Gonzalo\AppData\Roaming\vlc
2022-06-03 12:17 - 2021-04-14 23:26 - 000001078 _____ C:\Users\Public\Desktop\Avira.lnk
2022-06-03 12:17 - 2021-04-14 23:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2022-06-03 12:17 - 2020-11-12 11:16 - 000003478 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2022-06-02 08:30 - 2021-12-13 12:31 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3099137771-1455174418-2327952307-1001
2022-06-02 08:30 - 2020-11-12 11:16 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3099137771-1455174418-2327952307-1001
2022-06-02 08:30 - 2020-11-12 11:10 - 000002423 _____ C:\Users\Gonzalo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-06-01 10:22 - 2020-01-27 02:43 - 000000000 ____D C:\ProgramData\Packages
2022-06-01 00:13 - 2016-06-27 17:27 - 000000000 ____D C:\Program Files\Google
2022-05-26 16:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-05-25 00:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-05-24 13:27 - 2017-07-05 17:55 - 000007602 _____ C:\Users\Gonzalo\AppData\Local\Resmon.ResmonCfg
2022-05-23 18:27 - 2021-11-10 13:02 - 000000000 ____D C:\Autodesk
2022-05-19 08:27 - 2022-03-02 14:17 - 000000000 ____D C:\Users\Gonzalo\AppData\Roaming\COPERT
2022-05-18 08:23 - 2015-10-30 01:35 - 000000000 ____D C:\ProgramData\Avira
2022-05-18 08:23 - 2015-10-30 01:35 - 000000000 ____D C:\Program Files (x86)\Avira

==================== Archivos en la raíz de algunos directorios ========

2017-12-04 20:24 - 2019-02-25 12:28 - 000008704 _____ () C:\Users\Gonzalo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-11-18 13:36 - 2021-11-18 13:36 - 000000410 _____ () C:\Users\Gonzalo\AppData\Local\oobelibMkey.log
2017-07-05 17:55 - 2022-05-24 13:27 - 000007602 _____ () C:\Users\Gonzalo\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Volví a ejecutar Eset y debió de dar otro pantallazo azul porque me encontré el ordenador reiniciado al volver.

El informe del primer análisis de Malwarebytes que detectó algo fue:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 15/6/22
Hora del análisis: 18:02
Archivo de registro: 97f6cab6-ecc4-11ec-bdc9-408d5c1426e8.json

-Información del software-
Versión: 4.5.9.198
Versión de los componentes: 1.0.1699
Versión del paquete de actualización: 1.0.56164
Licencia: Gratis

-Información del sistema-
SO: Windows 10 (Build 19044.1706)
CPU: x64
Sistema de archivos: NTFS
Usuario: Gonzalo-PC\Gonzalo

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 461681
Amenazas detectadas: 3
Amenazas en cuarentena: 3
Tiempo transcurrido: 5 min, 16 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 1
HackTool.KMSpico, C:\PROGRAM FILES\KMSPICO, En cuarentena, 6725, 921550, 1.0.56164, , ame, , , 

Archivo: 2
HackTool.AutoKMS, C:\WINDOWS\SECOH-QAD.EXE, En cuarentena, 3556, 1020674, 1.0.56164, 256810A56FC4EC5094B6765C, dds, 01816520, 38DE5B216C33833AF710E88F7F64FC98, 9896A6FCB9BB5AC1EC5297B4A65BE3F647589ADF7C37B45F3F7466DECD6A4A7F
RiskWare.AutoKMS, C:\WINDOWS\SECOH-QAD.DLL, En cuarentena, 6991, 947069, 1.0.56164, , ame, , 6D7FDBF9CEAC51A76750FD38CF801F30, 0398221231CFF97E1FDC03D357AC4610AFB8F3CDDE4C90A9EC4D7823B405699E

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Después os leí e hice lo que me dijisteis.

Rkill sigue encontrando lo mismo. Pero el problema parece haber desaparecido. No he hecho apenas nada, como me habéis dicho, pero ya no me cierra fotos, carpetas, ni administrador de tareas.

No se si tengo que borrar archivos de cuarentena (los que me deja) o si puedo desinstalar el Eset sin riesgo.

No volveré a tocar nada hasta que me digáis.

Perdonad y gracias.

Perdón, no encuentro el botón para editar. El programa Rkill se ejecutó correctamente y tuvo este informe:

Rkill 2.9.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2022 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 06/16/2022 07:17:05 AM in x64 mode.
Windows Version: Windows 10 Home 

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Windows\System32\atiesrxx.exe (PID: 1844) [WD-HEUR]
 * C:\Windows\System32\atieclxx.exe (PID: 1296) [WD-HEUR]
 * C:\Windows\SysWOW64\ASGT.exe (PID: 10328) [WD-HEUR]

3 proccesses terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Searching for Missing Digital Signatures: 

 * No issues found.

Checking HOSTS File: 

 * HOSTS file entries found: 

  127.0.0.1	www.007guard.com
  127.0.0.1	007guard.com
  127.0.0.1	008i.com
  127.0.0.1	www.008k.com
  127.0.0.1	008k.com
  127.0.0.1	www.00hq.com
  127.0.0.1	00hq.com
  127.0.0.1	010402.com
  127.0.0.1	www.032439.com
  127.0.0.1	032439.com
  127.0.0.1	www.0scan.com
  127.0.0.1	0scan.com
  127.0.0.1	1000gratisproben.com
  127.0.0.1	www.1000gratisproben.com
  127.0.0.1	1001namen.com
  127.0.0.1	www.1001namen.com
  127.0.0.1	www.100888290cs.com
  127.0.0.1	100888290cs.com
  127.0.0.1	100sexlinks.com
  127.0.0.1	www.100sexlinks.com

  20 out of 15235 HOSTS entries shown.
  Please review HOSTS file for further entries.

Program finished at: 06/16/2022 07:17:52 AM
Execution time: 0 hours(s), 0 minute(s), and 47 seconds(s)

Disculpad, no debió de copiar bien la otra vez.

Hola @KnightAnubis

Justo te iba a pedir ese reporte. Me gustaría si tenes el reporte de eset, si no sabes como sacarlo me lo indicas y te digo como.

El reporte de farbar esta incompleto, falta el log de addition.txt

Saludos

Perdón, es verdad.

Decir que el de Rkill lo hice 2 veces y salió igual, uno antes de pasar todos los otros programas, y este último anterior, después. Por lo que me mosquea que pueda seguir algo ahí.

El addition:

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 15-06-2022
Ejecutado por Gonzalo (16-06-2022 00:18:27)
Ejecutado desde C:\Users\Gonzalo\Desktop
Microsoft Windows 10 Home Versión 21H2 19044.1706 (X64) (2020-11-12 09:16:49)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================


(Si una entrada es incluida en el fixlist, será eliminada.)

Administrador (S-1-5-21-3099137771-1455174418-2327952307-500 - Administrator - Disabled) => C:\Users\Administrador
DefaultAccount (S-1-5-21-3099137771-1455174418-2327952307-503 - Limited - Disabled)
Gonzalo (S-1-5-21-3099137771-1455174418-2327952307-1001 - Administrator - Enabled) => C:\Users\Gonzalo
Invitado (S-1-5-21-3099137771-1455174418-2327952307-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3099137771-1455174418-2327952307-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Avira Antivirus (Disabled - Up to date) {8EAC8D5C-B3AA-95AA-3DF1-2845CDD09CBE}
AV: Avira Antivirus (Disabled - Up to date) {8A154ED8-4428-DB2D-0E3F-BD82C448FD94}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Avira Antivirus (Enabled - Up to date) {35CD6CB8-9590-9A24-0741-1337B657D603}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

7.1 Surround Sound (HKLM-x32\...\Razer Surround Sound) (Version: 1.0.1.15 - Razer Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.001.20150 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.2.202.235 - Adobe Systems Incorporated)
Advanced Video FX Engine (HKLM-x32\...\Advanced Video FX Engine) (Version:  - )
Agisoft Metashape Professional (HKLM\...\{2AA9233C-3EBF-4771-ADA0-7F0C5AB9C0CD}) (Version: 1.8.1 - Agisoft)
Aplicación de escritorio de Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 8.2.0.34 - Autodesk)
Aplicaciones destacadas de Autodesk 2020-2021 (HKLM-x32\...\{2CBD494D-0A3E-4CB3-AFB3-8CE1734613B0}) (Version: 3.1.0 - Autodesk)
ArcGIS Desktop 10.8 (HKLM-x32\...\ArcGIS Desktop 10.8) (Version: 10.8.12790 - Environmental Systems Research Institute, Inc.)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.6.8.3 - ASUSTek COMPUTER INC.)
AutoCAD 2021 - Español (Spanish) (HKLM\...\{28B89EEF-4101-040A-2102-CF3F3A09B77D}) (Version: 24.0.47.0 - Autodesk) Hidden
Autodesk App Manager 2020-2021 (HKLM-x32\...\{DB92FEA7-F78C-469E-B138-E2303220F0C4}) (Version: 3.1.0 - Autodesk)
Autodesk AutoCAD 2021 - Español (Spanish) (HKLM\...\AutoCAD 2021 - Español (Spanish)) (Version: 24.0.47.0 - Autodesk)
Autodesk Genuine Service (HKLM\...\{1C5DB7B1-CE18-438C-B071-3AD6B8ADA5A0}) (Version: 4.4.0.85 - Autodesk)
Autodesk Material Library 2021 (HKLM-x32\...\{6774FD60-7D4B-4D57-BE56-2702A07C9701}) (Version: 19.1.22.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2021 (HKLM-x32\...\{6EFAD582-86C1-4AB2-97C5-2070D0B90E08}) (Version: 19.1.22.0 - Autodesk)
Autodesk Single Sign On Component (HKLM\...\{951BB060-1350-4C93-BD83-D966C51D4005}) (Version: 11.2.0.1802 - Autodesk)
AutoFirma (HKLM\...\AutoFirma) (Version: 1.7.1 - Gobierno de España)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2201.2134 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.41.1.25731 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.67.29263 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version:  - Avira Operations GmbH & Co. KG;)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.19.0.11413 - Avira Operations GmbH & Co. KG) Hidden
Blackmagic RAW Common Components (HKLM\...\{7C42C191-D936-4CA3-9B25-829BF37F1ECD}) (Version: 2.3 - Blackmagic Design)
calibre (HKLM-x32\...\{F8B80815-02B9-41C3-88C4-DA539BDC1635}) (Version: 5.27.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 6.00 - Piriform)
Chinese Simplified Fonts Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-2447-0000-A00000000003}) (Version: 10.0.0 - Adobe Systems Incorporated)
Comprobación de estado de PC Windows (HKLM\...\{8B474A92-CE3A-4F46-B6F1-6DFA1390F826}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Configurador FNMT (HKLM-x32\...\ConfiguradorFnmt) (Version: 1.0.2 - FNMT-RCM)
Conversor Numérico (HKLM-x32\...\{66BA9385-3A69-4DCC-8CD9-8ACF00AD530F}) (Version: 1.73.0000 - Nombre de su organización)
COPERT (HKLM\...\{77BE76A0-8D88-4070-BF5A-3C6FD069202D}) (Version: 5.5.1 - EMISIA S.A.)
Cuestionario UAS versión 2.0 (HKLM-x32\...\{7EFA81A0-9F06-4169-AA1C-CD14CAC53982}_is1) (Version: 2.0 - AESA)
CyberLink PowerDVD 11 (HKLM-x32\...\{F232C87C-6E92-4775-8210-DFE90B7777D9}) (Version: 11.0.1620.51 - CyberLink Corp.) Hidden
CyberLink PowerDVD 11 (HKLM-x32\...\InstallShield_{F232C87C-6E92-4775-8210-DFE90B7777D9}) (Version: 11.0.1620.51 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DaVinci Resolve (HKLM\...\{0DE05B8E-6889-4616-8428-850274AB0700}) (Version: 17.4.60004 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{7667C543-084F-47F7-BC60-175FC25E9D6F}) (Version: 2.0.1.0 - Blackmagic Design)
Discord (HKU\S-1-5-21-3099137771-1455174418-2327952307-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
doPDF 6.1  printer (HKLM\...\doPDF 6  printer_is1) (Version:  - Softland)
DriversCloud.com (64 bits) (HKLM\...\{94730EE8-7EA4-4AC3-9E19-A6139C1389E9}) (Version: 10.1.0.1 - Cybelsoft)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
ePUBee Magic (HKLM-x32\...\ePUBee Magic) (Version: 1.0.0.11 - ePUBee)
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
GeneradorGML (HKLM-x32\...\{4110EA23-A5BB-4249-9870-1ABF23B6C4B6}) (Version: 1.1.2 - Colegio Oficial de Aparejadores y A.T. de Almería) Hidden
GeneradorGML (HKLM-x32\...\GeneradorGML) (Version:  - Colegio Oficial de Aparejadores y A.T. de Almería)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 102.0.5005.115 - Google LLC)
Google Earth Pro (HKLM\...\{DE181B35-ACEF-4DB0-86D9-731D5767ABB1}) (Version: 7.3.4.8642 - Google)
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
Guardar en la versión web y para dispositivos móviles de Autodesk (HKLM\...\{A9005AC0-4AD8-4E84-B1F7-EE38BB6BCC2D}) (Version: 3.0.26 - Autodesk)
Intel(R) Chipset Device Software (HKLM\...\{9A431D9C-9FC9-454E-AC8D-15DBAA6ED0F7}) (Version: 10.0.26 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.39.1003 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{69AAE674-929D-4A17-B108-623E8FDD6EE7}) (Version: 10.0.39.1003 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{6C9B8590-9D31-4802-92A2-0DDFE9708C4C}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{013FAB2E-017D-4330-8179-B5FE02E7F81C}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4206 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.4.65 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{5EA6BC70-0CFC-413D-8465-8506B6F46EE0}) (Version: 1.39.141.0 - Intel Corporation) Hidden
K-Lite Codec Pack (64-bit) v3.3.0 (HKLM\...\KLiteCodecPack64_is1) (Version: 3.3.0 - )
M20 Gaming Mouse Driver (HKLM-x32\...\{D0E01BE3-1E25-4457-B25A-4D44F352C371}) (Version:  - )
Malwarebytes version 4.5.9.198 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.9.198 - Malwarebytes)
Microsoft .NET Framework 4.8 (ESN) (HKLM\...\{005D18A8-12ED-3D43-B183-F4CE22BDD547}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (HKLM\...\{16735AF7-1D8D-3681-94A5-C578A61EC832}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft Access MUI (Spanish) 2013 (HKLM\...\{90150000-0015-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft DCF MUI (Spanish) 2013 (HKLM\...\{90150000-0090-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 102.0.1245.41 - Microsoft Corporation)
Microsoft Excel MUI (Spanish) 2013 (HKLM\...\{90150000-0016-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Spanish) 2013 (HKLM\...\{90150000-00BA-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Spanish) 2013 (HKLM\...\{90150000-0044-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Spanish) 2013 (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Spanish) 2013 (HKLM\...\{90150000-00E1-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Spanish) 2013 (HKLM\...\{90150000-00E2-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing (Spanish) 2013 (HKLM\...\{90150000-002C-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Spanish) 2013 (HKLM\...\{90150000-00C1-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Spanish) 2013 (HKLM\...\{90150000-006E-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office zuzenketa-tresnak 2013 - Euskara (HKLM\...\{90150000-001F-042D-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3099137771-1455174418-2327952307-1001\...\OneDriveSetup.exe) (Version: 22.099.0508.0001 - Microsoft Corporation)
Microsoft OneNote MUI (Spanish) 2013 (HKLM\...\{90150000-00A1-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Spanish) 2013 (HKLM\...\{90150000-001A-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Spanish) 2013 (HKLM\...\{90150000-0018-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Publisher MUI (Spanish) 2013 (HKLM\...\{90150000-0019-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29913 (HKLM\...\{620A7633-7A09-42A8-8580-076A4483C4B0}) (Version: 14.28.29913 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29913 (HKLM\...\{EECDD137-13DA-46ED-ADA0-BDF7F8BE65B8}) (Version: 14.28.29913 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29913 (HKLM-x32\...\{572DCD10-CF2E-43D1-8151-8BD9AC9086D0}) (Version: 14.28.29913 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29913 (HKLM-x32\...\{6236EBBD-F50F-40B3-B819-8DB0C608308C}) (Version: 14.28.29913 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Word MUI (Spanish) 2013 (HKLM\...\{90150000-001B-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Controlador de audio HD 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PowerLine Utility (HKLM-x32\...\{762E248A-F922-42D6-B577-A47B0AB558D2}) (Version: 1.1.810 - TP-LINK)
Qualcomm Atheros Bandwidth Control Filter Driver (HKLM\...\{ABFED5A0-7D10-4617-A816-DD2D3B85706D}) (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (HKLM\...\{E970CE81-6F26-4274-8E4E-5AFC000FB888}) (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{FE5DFB80-6937-4154-A2C7-EF845C1301F8}) (Version: 1.0.30.1259 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (HKLM\...\{401FADAA-1C16-4721-9F02-19067E1A1CA8}) (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.1.0.1120 - Samsung Electronics)
Samsung NVM Express Driver (HKLM-x32\...\{b04488a2-b602-496c-bee1-c8b3f068dc11}) (Version: 2.2.0.1703 - Samsung Electronics)
Samsung NVM Express Driver 2.2.0.1703 (HKLM\...\{BDFEC366-DB3C-4330-9459-C4934C8CB5F2}) (Version: 2.2.0.1703 - Samsung Electronics Co., Ltd) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0015-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0016-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0018-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0019-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001A-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}_Office15.PROPLUS_{7D51497F-786F-4695-A0FB-45A5C2CCD74F}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{835E4BED-E265-4103-AE14-0B4C70CF3FE8}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{1F7000D3-A917-4AD2-BA55-59E6FDAF062A}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}_Office15.PROPLUS_{72C9E028-F9E7-4172-AC45-0C8029B591D5}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-042D-1000-0000000FF1CE}_Office15.PROPLUS_{4D556DC4-C08F-4F31-BE84-FE705AABA288}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}_Office15.PROPLUS_{6426C68E-311A-43CE-86C1-98A8A397F315}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{4BF13B26-3A95-4E42-900A-DEB16FDA75A0}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-002C-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{B39009D8-2648-44FF-B603-2A8234E219B1}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0044-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-006E-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{6670E5F0-8543-49D7-BFAD-124F7AB659D2}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0090-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00A1-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00BA-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1931508C-C004-4983-81E3-70BE6252904B}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{FC62B217-264F-43AA-8389-97AC35035184}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E1-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E2-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version:  - Microsoft) Hidden
Skype versión 8.75 (HKLM-x32\...\Skype_is1) (Version: 8.75 - Skype Technologies S.A.)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{5a6a5d15-d5af-417c-b08f-f7e5eb1f98af}) (Version: 10.0.26 - Intel(R) Corporation) Hidden
Sound Blaster X-Fi MB3 (HKLM-x32\...\{3689CE39-3173-4952-B7AF-F1A9D6F9A288}) (Version: 1.00.03 - Creative Technology Limited)
THX Spatial Audio (HKLM-x32\...\THX Spatial Audio) (Version: 1.0.4.18 - Razer Inc.)
Turbo-Speed Reader 1.1 (HKLM-x32\...\Turbo-Speed Reader 1.1) (Version: 1.1 - Ramón Campayo)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
VALORANT (HKU\S-1-5-21-3099137771-1455174418-2327952307-1001\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 101.0.1210.53 - Microsoft Corporation)
Windows Live Communications Platform (HKLM-x32\...\{D45240D3-B6B3-4FF9-B243-54ECE3E10066}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{1B8ABA62-74F0-47ED-B18C-A43128E591B8}) (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (HKLM-x32\...\{0B0F231F-CE6A-483D-AA23-77B364F75917}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (HKLM\...\{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (HKLM-x32\...\{4A275FD1-2F24-4274-8C01-813F5AD1A92D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (HKLM-x32\...\{EB4DF488-AAEF-406F-A341-CB2AAA315B90}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{A41A708E-3BE6-4561-855D-44027C1CF0F8}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (HKLM-x32\...\{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE (HKLM-x32\...\{682B3E4F-696A-42DE-A41C-4C07EA1678B4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (HKLM-x32\...\{200FEC62-3C34-4D60-9CE8-EC372E01C08F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (HKLM-x32\...\{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{ED86C4AB-D1E5-42CF-BFA3-56BAAE617D4E}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 6.02 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)

Packages:
=========
Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-01-18] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-30] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.5310.0_x64__8wekyb3d8bbwe [2022-06-07] (Microsoft Studios) [MS Ad]

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-3099137771-1455174418-2327952307-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2021\acad.exe (Autodesk, Inc. -> Autodesk, Inc.) [Archivo no firmado]
CustomCLSID: HKU\S-1-5-21-3099137771-1455174418-2327952307-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2021\acad.exe (Autodesk, Inc. -> Autodesk, Inc.) [Archivo no firmado]
CustomCLSID: HKU\S-1-5-21-3099137771-1455174418-2327952307-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2021\es-ES\acadficn.dll (Autodesk Asia Pte. Ltd. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2020-01-22] (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2020-01-22] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-07-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2022-05-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-13] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2022-05-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2022-05-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-13] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-07-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [100352 2010-03-10] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2018-09-26] (Beepa P/L) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2018-09-26] (Beepa P/L) [Archivo no firmado]

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\Gonzalo\Desktop\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl
ShortcutWithArgument: C:\Users\Gonzalo\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_cnciopoikihiagdjbjpnocolokfelagl\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl
ShortcutWithArgument: C:\Users\Gonzalo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Betaflight - Configurator.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=kdaghagfopacdngbohiknlhcocjccjao
ShortcutWithArgument: C:\Users\Gonzalo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl
ShortcutWithArgument: C:\Users\Gonzalo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl
ShortcutWithArgument: C:\Users\Gonzalo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\6f319d938f0c7ae8\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl

==================== Módulos cargados (Lista blanca) =============

2021-04-21 04:20 - 2021-04-21 04:20 - 000021504 _____ (Adobe Systems Inc.) [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\es_es\Acrobat Elements\ContextMenuShim64.esp
2012-06-13 18:06 - 2011-03-31 10:52 - 000499712 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\MSVCP71.dll
2012-06-13 18:06 - 2011-03-31 10:52 - 000348160 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\MSVCR71.dll
2022-05-12 19:00 - 2022-05-12 19:00 - 003091456 _____ (Newtonsoft) [Archivo no firmado] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\5f210f649909b9012c217ac1b4349a54\Newtonsoft.Json.ni.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0:477C16134C [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk:1069064143 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk:9185529B88 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk:937024FEE8 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk:399E325E95 [10]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado.)

HKU\S-1-5-21-3099137771-1455174418-2327952307-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"

==================== Internet Explorer (Lista blanca) ==========

HKU\S-1-5-21-3099137771-1455174418-2327952307-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.es/
HKU\S-1-5-21-3099137771-1455174418-2327952307-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://es.msn.com/?ocid=OIE9HP
HKU\S-1-5-21-3099137771-1455174418-2327952307-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://es.msn.com/?ocid=OIE9HP
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-04-21] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-04-21] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-04-21] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-04-21] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-04-21] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-04-21] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
IE Session Restore: HKU\S-1-5-21-3099137771-1455174418-2327952307-1001 -> está habilitado.
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2021-08-17] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2009-07-14 04:34 - 2022-06-07 16:52 - 000442817 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	www.100888290cs.com
127.0.0.1	100888290cs.com
127.0.0.1	100sexlinks.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	www.10sek.com
127.0.0.1	10sek.com
127.0.0.1	1-2005-search.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	www.123fporn.info
127.0.0.1	123fporn.info
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123moviedownload.com
127.0.0.1	123moviedownload.com

Hay 15206 más lineas.


==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Calibre2\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\AutoFirma\AutoFirma
HKU\S-1-5-21-3099137771-1455174418-2327952307-1001\Control Panel\Desktop\\Wallpaper -> d:\gonzalo\fotos\fotos 2018\canadá\2018-08-13\dsc02295.jpg
HKU\S-1-5-21-3099137771-1455174418-2327952307-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 212.166.210.82 - 212.166.132.104
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo)
Firewall de Windows está habilitado.

Network Binding:
=============
Conexión de área local: Qualcomm Atheros Bandwidth Control -> BF_NdisLwf (enabled) 
Conexión de área local 2: Qualcomm Atheros Bandwidth Control -> BF_NdisLwf (enabled) 

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: RemoteControl11 => "C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe"
MSCONFIG\startupreg: Sound Blaster X-Fi MB 3 => "C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB3\Sound Blaster X-Fi MB3\SBXFIMB3.exe" /r
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "V0250Mon.exe"
HKLM\...\StartupApproved\Run32: => "V0250Cfg.exe"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Autodesk Genuine Service "
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKU\S-1-5-21-3099137771-1455174418-2327952307-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3099137771-1455174418-2327952307-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3099137771-1455174418-2327952307-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

continuación del anterior:

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [UDP Query User{A8842886-C5E6-43A2-9DD1-C709A31F149D}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{F955FEFF-8264-4D54-8DBC-16A0850A1458}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{A29013F5-93D2-4C30-8E5B-08FF87220661}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{C64217DB-A9D7-4C94-8FAC-22D2BADAFEC6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{BF0BEA55-BFEB-4F52-A273-2086BABB5FD0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe (CyberLink -> CyberLink)
FirewallRules: [{6EC160A8-DA2F-45EB-ADAC-6AE4C2D66014}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD11\Movie\PowerDVD Cinema\PowerDVDCinema11.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{DDDCA0DF-109D-47D4-9068-EE1E47EE08CF}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A67AEB85-AA7D-4A94-8CFC-ABD4C787201A}] => (Allow) LPort=2869
FirewallRules: [{B638BDC5-C777-4D0A-B020-6638612645DE}] => (Allow) LPort=1900
FirewallRules: [{A4FFCD08-26FC-4A32-BA2B-12EDADD07080}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BF6E667A-9EB7-4A6D-86AB-AD98508ED35F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{383B928F-9454-4609-9CA5-6EDB56F2945A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0B4AA400-DB45-4E18-A7C4-BBA53EAE38A3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9EB93B5B-09F9-40C7-9F0D-20F59C1F7BE6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EBC7E6A8-DF97-484F-AA41-7AE03186CFEC}] => (Allow) S:\Warhammer Total War y Steam\Steam.exe => Ningún archivo
FirewallRules: [{3666F03E-1A8F-45CB-A1E7-72FCF1970FA7}] => (Allow) S:\Warhammer Total War y Steam\Steam.exe => Ningún archivo
FirewallRules: [{8A887888-8C11-41DE-A0B3-CA80A844398E}] => (Allow) S:\Warhammer Total War y Steam\bin\cef\cef.win7\steamwebhelper.exe => Ningún archivo
FirewallRules: [{E0FBFBEC-72F9-4EF3-852E-338A3757F728}] => (Allow) S:\Warhammer Total War y Steam\bin\cef\cef.win7\steamwebhelper.exe => Ningún archivo
FirewallRules: [{8E0FB9CD-F25F-4714-AD34-6548F3353605}] => (Allow) S:\Warhammer Total War y Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe => Ningún archivo
FirewallRules: [{159F7F8B-818E-4071-8CC6-62C40637EA57}] => (Allow) S:\Warhammer Total War y Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe => Ningún archivo
FirewallRules: [{B64F0050-01D1-41CC-811B-97C35EA4A54B}] => (Allow) F:\Warhammer Total War y Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F91817A2-D53E-43B2-94B0-FA8A33CEB5C1}] => (Allow) F:\Warhammer Total War y Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{49C4F966-43B4-4B29-A265-8BE32C391E69}F:\warhammer total war y steam\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) F:\warhammer total war y steam\steamapps\common\total war warhammer ii\warhammer2.exe (The Creative Assembly Ltd -> The Creative Assembly Ltd)
FirewallRules: [UDP Query User{85EEF7C3-2821-482C-A2D6-7A2A1F6137F8}F:\warhammer total war y steam\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) F:\warhammer total war y steam\steamapps\common\total war warhammer ii\warhammer2.exe (The Creative Assembly Ltd -> The Creative Assembly Ltd)
FirewallRules: [{4329014F-AC07-4CD7-B631-4AC5A577F826}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{792132EA-FB03-4C37-BB06-A9F3F6ECA7DD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F5C2B5E9-4318-4BFF-B055-63D151A6ED55}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D927AC59-4BB6-4542-AB56-92E36E0AC5BD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{7D9DAECA-976C-4CF8-935D-A350F562E5FF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{64F2D751-23E8-4490-8506-E111762CE214}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{1790EBAF-F751-4741-97FD-9A6AC2E4B6A1}] => (Allow) F:\Warhammer Total War y Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{57A77755-C2C1-4BA3-83D1-89F06C6BD457}] => (Allow) F:\Warhammer Total War y Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{EDB359F3-4C55-48B6-9067-3293F22A5607}] => (Allow) F:\Warhammer Total War y Steam\steamapps\common\Liftoff\Liftoff.exe () [Archivo no firmado]
FirewallRules: [{936F3A95-A5F2-4BF6-A7D2-6D30C1A35990}] => (Allow) F:\Warhammer Total War y Steam\steamapps\common\Liftoff\Liftoff.exe () [Archivo no firmado]
FirewallRules: [{8786B270-D9A7-485D-8AF7-DF0A18CF3EC6}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft)
FirewallRules: [{8CD8AAC2-A366-4193-842B-79DE9BC3108C}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft)
FirewallRules: [TCP Query User{794B84BC-B39F-4E94-9758-DBB193AA4960}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [UDP Query User{9B50572E-B452-4EDD-A2D8-E140EEA43CDF}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [TCP Query User{A7A2E556-8DC0-46C0-890F-B1FDE32DF2F8}F:\davinci\resolve.exe] => (Allow) F:\davinci\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{252BF885-EF9C-40BB-98A4-C9323CE1C601}F:\davinci\resolve.exe] => (Allow) F:\davinci\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{6C1402E2-DB07-44B1-858D-990328159249}F:\davinci\fuscript.exe] => (Allow) F:\davinci\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{205F6571-8979-4623-B796-DBA6F174D7D3}F:\davinci\fuscript.exe] => (Allow) F:\davinci\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{51E31120-B668-4253-B336-A3C6F81FA0DB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2A83A16F-95C1-46E3-A2A9-79397213783C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{096FF419-6C13-4F1F-AD35-89E5B17EFC27}] => (Allow) F:\Warhammer Total War y Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Ltd -> Creative Assembly Ltd)
FirewallRules: [{D807165A-2129-48EC-B2A0-4F65115F7988}] => (Allow) F:\Warhammer Total War y Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Ltd -> Creative Assembly Ltd)
FirewallRules: [{3E9F60F2-3602-4B5D-B8E8-508914A06092}] => (Allow) C:\Program Files\Razer\RzAppEngine\rzappengine.exe (Razer USA Ltd. -> Razer Inc.)
FirewallRules: [TCP Query User{C66B4747-A51A-4729-9501-A78B1913F35D}D:\valorant\riot games\riot client\riotclientservices.exe] => (Allow) D:\valorant\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{9E1F6D7F-D0DF-4811-A823-FEE1257DF6DF}D:\valorant\riot games\riot client\riotclientservices.exe] => (Allow) D:\valorant\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{A796237B-20A5-42CC-8DBB-B4EA9A8CC9AC}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{559290B9-CEED-4B4E-AE1A-3D69E74A5A6A}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{57EAF05D-80F9-4337-A93D-4FA4CBFF141D}] => (Allow) F:\Davinci\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{C6034683-44B7-4BE4-BF39-C39E58D42AE7}] => (Allow) F:\Davinci\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{F089D184-5095-41DB-8BCF-190C4B65F0A1}] => (Allow) F:\Davinci\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{A231264F-4AA1-429B-A701-E3DCFFD97809}] => (Allow) F:\Davinci\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{65FD6E60-C0FF-413F-9044-6DD96A95E92D}] => (Allow) F:\Davinci\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{CAFC78CE-7F2E-4073-9638-E47B96FFC66C}] => (Allow) F:\Davinci\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{63509A01-C999-4679-B83E-A5E25315BF1D}] => (Allow) F:\Davinci\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{B96431EE-277C-4959-BE9F-36D635FA2B65}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\101.0.1210.53\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{78AE8A65-5FAF-4D69-A5F0-9D1023600D3D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{40AF861E-60EA-4556-B650-A3E5D9299AAF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{74BC4BE1-B4D1-478D-8F31-56C4029CC9B6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0791F50E-D0F8-466B-ADE1-25FA6AE88283}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{47C564B0-A7A7-459B-8004-840CF7DE6D9E}] => (Allow) F:\Warhammer Total War y Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Ltd -> Creative Assembly Ltd)
FirewallRules: [{439BC431-274A-4401-82D0-3B16B1CAA0ED}] => (Allow) F:\Warhammer Total War y Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Ltd -> Creative Assembly Ltd)
FirewallRules: [{D3F4882C-2CB6-453F-81E0-66104C583698}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Puntos de Restauración =========================

16-06-2022 00:15:41 AdwCleaner_BeforeCleaning_16/06/2022_00:15:38

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (06/15/2022 08:09:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: FRST64.exe, versión: 15.6.2022.0, marca de tiempo: 0x62a9eeb5
Nombre del módulo con errores: COMCTL32.dll, versión: 6.10.19041.1110, marca de tiempo: 0xdb2b08ef
Código de excepción: 0xc000041d
Desplazamiento de errores: 0x0000000000074ac5
Identificador del proceso con errores: 0xf0c
Hora de inicio de la aplicación con errores: 0x01d880e31fc5da7e
Ruta de acceso de la aplicación con errores: C:\Users\Gonzalo\Desktop\FRST64.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e\COMCTL32.dll
Identificador del informe: e0782f62-95ff-47ac-9cb7-54c46956b61d
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/15/2022 08:09:58 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows no puede tener acceso al archivo  por alguna de las siguientes razones:
Hay un problema con la conexión de red, con el disco donde se almacena este archivo o con los controladores
de almacenamiento instalados en este equipo; o bien no se encuentra el disco.
Windows cerró el programa Farbar Recovery Scan Tool por este error.

Programa: Farbar Recovery Scan Tool
Archivo: 

El valor del error se muestra en la sección Datos adicionales.
Acción del usuario
1. Abra el archivo de nuevo.
Podría ser solo un problema temporal que se corrige al ejecutar el programa de nuevo.
2.
Si todavía no se puede tener acceso al archivo y 
	- Está en la red,
el administrador de red debe comprobar que no exista ningún problema con la red y que es posible ponerse en contacto con el servidor.
	- Está en un disco extraíble, como un disquete o un CD-ROM, compruebe que el disco esté insertado en el equipo.
3. Compruebe y repare el sistema de archivos ejecutando CHKDSK. Para ejecutar CHKDSK, haga clic en Inicio y después en Ejecutar; escriba CMD y después haga clic en Aceptar. En el símbolo del sistema, escriba CHKDSK /F y después presione Entrar.
4. Si el problema continúa, restaure el archivo a partir de una copia de seguridad.
5. Compruebe si se pueden abrir otros archivos en el mismo disco. Si no se pueden abrir, el disco podría estar dañado. Si se trata de un disco duro, póngase en contacto con el administrador o con el fabricante del hardware del equipo
para obtener ayuda adicional.

Datos adicionales
Valor del error:00000000
Tipo de disco: 0

Error: (06/15/2022 08:09:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: FRST64.exe, versión: 15.6.2022.0, marca de tiempo: 0x62a9eeb5
Nombre del módulo con errores: COMCTL32.dll, versión: 6.10.19041.1110, marca de tiempo: 0xdb2b08ef
Código de excepción: 0xc000001d
Desplazamiento de errores: 0x0000000000074ac5
Identificador del proceso con errores: 0xf0c
Hora de inicio de la aplicación con errores: 0x01d880e31fc5da7e
Ruta de acceso de la aplicación con errores: C:\Users\Gonzalo\Desktop\FRST64.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e\COMCTL32.dll
Identificador del informe: 30586d4f-e1d6-42b0-96e3-634ac6ad171f
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/15/2022 08:09:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: FRST64.exe, versión: 15.6.2022.0, marca de tiempo: 0x62a9eeb5
Nombre del módulo con errores: COMCTL32.dll, versión: 6.10.19041.1110, marca de tiempo: 0xdb2b08ef
Código de excepción: 0xc000041d
Desplazamiento de errores: 0x0000000000074ac5
Identificador del proceso con errores: 0x604
Hora de inicio de la aplicación con errores: 0x01d880e30bf18e5a
Ruta de acceso de la aplicación con errores: C:\Users\Gonzalo\Desktop\FRST64.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e\COMCTL32.dll
Identificador del informe: 8af7c088-44fc-4cc8-8fc7-43a50c4fc908
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/15/2022 08:09:25 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows no puede tener acceso al archivo  por alguna de las siguientes razones:
Hay un problema con la conexión de red, con el disco donde se almacena este archivo o con los controladores
de almacenamiento instalados en este equipo; o bien no se encuentra el disco.
Windows cerró el programa Farbar Recovery Scan Tool por este error.

Programa: Farbar Recovery Scan Tool
Archivo: 

El valor del error se muestra en la sección Datos adicionales.
Acción del usuario
1. Abra el archivo de nuevo.
Podría ser solo un problema temporal que se corrige al ejecutar el programa de nuevo.
2.
Si todavía no se puede tener acceso al archivo y 
	- Está en la red,
el administrador de red debe comprobar que no exista ningún problema con la red y que es posible ponerse en contacto con el servidor.
	- Está en un disco extraíble, como un disquete o un CD-ROM, compruebe que el disco esté insertado en el equipo.
3. Compruebe y repare el sistema de archivos ejecutando CHKDSK. Para ejecutar CHKDSK, haga clic en Inicio y después en Ejecutar; escriba CMD y después haga clic en Aceptar. En el símbolo del sistema, escriba CHKDSK /F y después presione Entrar.
4. Si el problema continúa, restaure el archivo a partir de una copia de seguridad.
5. Compruebe si se pueden abrir otros archivos en el mismo disco. Si no se pueden abrir, el disco podría estar dañado. Si se trata de un disco duro, póngase en contacto con el administrador o con el fabricante del hardware del equipo
para obtener ayuda adicional.

Datos adicionales
Valor del error:00000000
Tipo de disco: 0

Error: (06/15/2022 08:09:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: FRST64.exe, versión: 15.6.2022.0, marca de tiempo: 0x62a9eeb5
Nombre del módulo con errores: COMCTL32.dll, versión: 6.10.19041.1110, marca de tiempo: 0xdb2b08ef
Código de excepción: 0xc000001d
Desplazamiento de errores: 0x0000000000074ac5
Identificador del proceso con errores: 0x604
Hora de inicio de la aplicación con errores: 0x01d880e30bf18e5a
Ruta de acceso de la aplicación con errores: C:\Users\Gonzalo\Desktop\FRST64.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e\COMCTL32.dll
Identificador del informe: ebbebd9e-57fe-4f60-b93d-c37f156c1566
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/15/2022 08:09:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: conhost.exe, versión: 10.0.19041.1566, marca de tiempo: 0x56b24be3
Nombre del módulo con errores: comctl32.DLL, versión: 6.10.19041.1110, marca de tiempo: 0xdb2b08ef
Código de excepción: 0xc000041d
Desplazamiento de errores: 0x0000000000074ac5
Identificador del proceso con errores: 0x40e4
Hora de inicio de la aplicación con errores: 0x01d880e3026018bd
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\conhost.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e\comctl32.DLL
Identificador del informe: 09533f46-95e5-48f8-bace-150994613621
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/15/2022 08:09:09 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows no puede tener acceso al archivo  por alguna de las siguientes razones:
Hay un problema con la conexión de red, con el disco donde se almacena este archivo o con los controladores
de almacenamiento instalados en este equipo; o bien no se encuentra el disco.
Windows cerró el programa Console Window Host por este error.

Programa: Console Window Host
Archivo: 

El valor del error se muestra en la sección Datos adicionales.
Acción del usuario
1. Abra el archivo de nuevo.
Podría ser solo un problema temporal que se corrige al ejecutar el programa de nuevo.
2.
Si todavía no se puede tener acceso al archivo y 
	- Está en la red,
el administrador de red debe comprobar que no exista ningún problema con la red y que es posible ponerse en contacto con el servidor.
	- Está en un disco extraíble, como un disquete o un CD-ROM, compruebe que el disco esté insertado en el equipo.
3. Compruebe y repare el sistema de archivos ejecutando CHKDSK. Para ejecutar CHKDSK, haga clic en Inicio y después en Ejecutar; escriba CMD y después haga clic en Aceptar. En el símbolo del sistema, escriba CHKDSK /F y después presione Entrar.
4. Si el problema continúa, restaure el archivo a partir de una copia de seguridad.
5. Compruebe si se pueden abrir otros archivos en el mismo disco. Si no se pueden abrir, el disco podría estar dañado. Si se trata de un disco duro, póngase en contacto con el administrador o con el fabricante del hardware del equipo
para obtener ayuda adicional.

Datos adicionales
Valor del error:00000000
Tipo de disco: 0


Errores del sistema:
=============
Error: (06/16/2022 12:15:52 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Avira Phantom VPN terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 5000 milisegundos: Reiniciar el servicio.

Error: (06/16/2022 12:15:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio NVIDIA Network Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (06/16/2022 12:15:52 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

Error: (06/16/2022 12:15:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) Dynamic Application Loader Host Interface Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (06/16/2022 12:15:52 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Avira Optimizer Host terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.

Error: (06/16/2022 12:15:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio CLHNServiceForPowerDVD se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (06/16/2022 12:15:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio NVIDIA GeForce Experience Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (06/16/2022 12:15:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Qualcomm Atheros Killer Service V2 se terminó de manera inesperada. Esto ha sucedido 1 veces.


CodeIntegrity:
===============
Date: 2022-06-15 20:03:54
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. F6 04/21/2015
Placa base: Gigabyte Technology Co., Ltd. Z97X-Gaming 3
Procesador: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Porcentaje de memoria en uso: 24%
RAM física total: 16244.84 MB
RAM física disponible: 12192.38 MB
Virtual total: 32628.84 MB
Virtual disponible: 28571.14 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:118.69 GB) (Free:33.49 GB) (Model: Samsung SSD 850 PRO 128GB) NTFS
Drive d: (Datos) (Fixed) (Total:1862.92 GB) (Free:404.91 GB) (Model: ST2000DM001-1ER164) NTFS
Drive f: (960 EVO SSD) (Fixed) (Total:209.47 GB) (Free:122.69 GB) (Model: NVMe Samsung SSD 960 SCSI Disk Device) NTFS

\\?\Volume{99aed444-7e60-11e5-a419-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{e44e16d7-0000-0000-0000-20ac1d000000}\ () (Fixed) (Total:0.55 GB) (Free:0.11 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: E44E16AF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: E44E16D7)
Partition 1: (Not Active) - (Size=118.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=564 MB) - (Type=27)

==========================================================
Disk: 2 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Final de Addition.txt =======================

El de Eset, lo realicé 2 veces, las 2 con pantalla azul y solo he encontrado este log en la carpeta Temp. No veo ningún sitio del programa donde estén registros:

20:10:28 # product=EOS
# version=8
# ESETOnlineScanner.exe=3.6.6.0
# EOSSerial=52b399b413efc0468150eb5c8944cee4
# end=init
# country="Spain"
# lang=3082
20:12:00 Updating
20:12:01 Update Init
20:12:16 Update Download
20:12:27 esets_scanner_update returned -1 esets_gle=12
20:12:27 g_uiModuleBuild: 44227
20:12:27 Update Finalize
20:12:27 Call m_esets_charon_send
20:12:27 Call m_esets_charon_destroy
20:12:27 Retrying Update
20:12:27 Updating
20:12:27 Update Init
20:12:42 Update Download
20:12:42 esets_scanner_update returned -1 esets_gle=12
20:12:42 g_uiModuleBuild: 44227
20:12:42 Update Finalize
20:12:42 Call m_esets_charon_send
20:12:42 Call m_esets_charon_destroy
20:12:42 Retrying Update
20:12:42 Updating
20:12:42 Update Init
20:12:57 Update Download
20:13:09 esets_scanner_update returned -1 esets_gle=12
20:13:09 g_uiModuleBuild: 44227
20:13:09 Update Finalize
20:13:09 Call m_esets_charon_send
20:13:09 Call m_esets_charon_destroy
20:13:46 Updating
20:13:46 Update Init
20:13:47 Call m_esets_charon_setup_create
20:13:47 Call m_esets_charon_create
20:13:47 m_esets_charon_create OK
20:13:47 Call m_esets_charon_start_send_thread
20:13:47 Call m_esets_charon_setup_set
20:13:47 m_esets_charon_setup_set OK
20:13:47 Scanner engine: 44227
20:14:01 Update Download
20:14:01 esets_scanner_update returned -1 esets_gle=12
20:14:01 g_uiModuleBuild: 44227
20:14:01 Update Finalize
20:14:01 Call m_esets_charon_send
20:14:01 Call m_esets_charon_destroy
20:14:01 Retrying Update
20:14:01 Updating
20:14:01 Update Init
20:14:16 Update Download
20:14:27 esets_scanner_update returned -1 esets_gle=12
20:14:27 g_uiModuleBuild: 44227
20:14:27 Update Finalize
20:14:27 Call m_esets_charon_send
20:14:27 Call m_esets_charon_destroy
20:14:28 Retrying Update
20:14:28 Updating
20:14:28 Update Init
20:14:43 Update Download
20:14:43 esets_scanner_update returned -1 esets_gle=12
20:14:43 g_uiModuleBuild: 44227
20:14:43 Update Finalize
20:14:43 Call m_esets_charon_send
20:14:43 Call m_esets_charon_destroy
20:15:31 Updating
20:15:31 Update Init
20:15:38 # product=EOS
# version=8
# flags=0
# av=0
# fw=7
# admin=1
# ESETOnlineScanner.exe=3.6.6.0
# EOSSerial=52b399b413efc0468150eb5c8944cee4
# engine=44227
# end=finished
# bannerClicked=0
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# sfx_checked=true
# utc_time=2022-06-15 18:15:38
# local_time=2022-06-15 20:15:38 (+0100, Hora de verano romance)
# country="Spain"
# lang=3082
# osver=10.0.19044 NT 
# compatibility_mode_1='Avira Antivirus'
# compatibility_mode=1817 16777213 100 96 4667 39169999 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 88 28339382 79610843 0 0
# compatibility_mode_1='Malwarebytes'
# compatibility_mode=18433 16777214 66 96 3584 18667902 0 0
# scanned=54
# found=0
# cleaned=0
# scan_time=7
# scan_type=3
# flow=|scr|intro||promo|eis||scr|home||scr|scan_type||scr|default||scr|pua||scr|adv_settings||scr|pua||scr|updating||scr|updating||click|use_old_modules||scr|scanning||scr|updating||click|use_old_modules||scr|scanning||scr|no_threats||scr|upsell||promo|eis||scr|default
# periodic=1,1
# test=default
# email=
# stats_enabled=1
20:15:38 Call m_esets_charon_send
20:15:38 Call m_esets_charon_destroy
20:15:39 Call m_esets_charon_send
20:15:39 Call m_esets_charon_destroy
20:15:39 Call m_esets_charon_send
20:15:39 Call m_esets_charon_destroy
20:16:09 # product=EOS
# version=8
# ESETOnlineScanner.exe=3.6.6.0
# EOSSerial=52b399b413efc0468150eb5c8944cee4
# end=init
# country="Spain"
# lang=3082
20:16:43 Updating
20:16:43 Update Init
20:16:58 Update Download
20:24:14 esets_scanner_reload returned 0
20:24:14 g_uiModuleBuild: 53850
20:24:14 Update Finalize
20:24:14 Call m_esets_charon_send
20:24:14 Call m_esets_charon_destroy
20:24:14 Updated modules version: 53850
20:24:25 Call m_esets_charon_setup_create
20:24:25 Call m_esets_charon_create
20:24:25 m_esets_charon_create OK
20:24:25 Call m_esets_charon_start_send_thread
20:24:25 Call m_esets_charon_setup_set
20:24:25 m_esets_charon_setup_set OK
20:24:25 Scanner engine: 53850
22:52:55 # product=EOS
# version=8
# ESETOnlineScanner.exe=3.6.6.0
# EOSSerial=52b399b413efc0468150eb5c8944cee4
# end=init
# country="Spain"
# lang=3082
22:53:19 Updating
22:53:19 Update Init
22:53:30 Update Download
22:53:56 esets_scanner_reload returned 0
22:53:56 g_uiModuleBuild: 53852
22:53:56 Update Finalize
22:53:56 Call m_esets_charon_send
22:53:56 Call m_esets_charon_destroy
22:53:56 Updated modules version: 53852
22:54:07 Call m_esets_charon_setup_create
22:54:07 Call m_esets_charon_create
22:54:07 m_esets_charon_create OK
22:54:07 Call m_esets_charon_start_send_thread
22:54:07 Call m_esets_charon_setup_set
22:54:07 m_esets_charon_setup_set OK
22:54:07 Scanner engine: 53852
00:12:34 Call m_esets_charon_send
00:12:34 Call m_esets_charon_destroy
00:12:34 Call m_esets_charon_send
00:12:34 Call m_esets_charon_destroy
00:12:40 # product=EOS
# version=8
# ESETOnlineScanner.exe=3.6.6.0
# EOSSerial=52b399b413efc0468150eb5c8944cee4
# end=init
# country="Spain"
# lang=3082
00:13:24 Call m_esets_charon_send
00:13:24 Call m_esets_charon_destroy
01:12:04 # product=EOS
# version=8
# ESETOnlineScanner.exe=3.6.6.0
# EOSSerial=52b399b413efc0468150eb5c8944cee4
# end=init
# country="Spain"
# lang=3082
01:15:00 Updating
01:15:00 Update Init
01:15:11 Update Download
01:15:11 g_uiModuleBuild: 53852
01:15:11 Update Finalize
01:15:11 Call m_esets_charon_send
01:15:11 Call m_esets_charon_destroy
01:15:11 Updated modules version: 53852
01:15:22 Call m_esets_charon_setup_create
01:15:22 Call m_esets_charon_create
01:15:22 m_esets_charon_create OK
01:15:22 Call m_esets_charon_start_send_thread
01:15:22 Call m_esets_charon_setup_set
01:15:22 m_esets_charon_setup_set OK
01:15:22 Scanner engine: 53852
07:16:17 # product=EOS
# version=8
# ESETOnlineScanner.exe=3.6.6.0
# EOSSerial=52b399b413efc0468150eb5c8944cee4
# end=init
# country="Spain"
# lang=3082
07:16:57 Call m_esets_charon_send
07:16:57 Call m_esets_charon_destroy
07:25:01 # product=EOS
# version=8
# ESETOnlineScanner.exe=3.6.6.0
# EOSSerial=52b399b413efc0468150eb5c8944cee4
# end=init
# country="Spain"
# lang=3082
07:26:56 Call m_esets_charon_send
07:26:57 Call m_esets_charon_destroy
23:05:21 # product=EOS
# version=8
# ESETOnlineScanner.exe=3.6.6.0
# EOSSerial=52b399b413efc0468150eb5c8944cee4
# end=init
# country="Spain"
# lang=3082

Lo que hay en cuarentena es esto:

1905×601 93.5 KB

2889×597 71 KB

Muchas gracias de nuevo por la ayuda

Hola @KnightAnubis

Veo muchas cosas rotas en el reporte de farbar y algunos procesos extraños. Vamos a realizar otros pasos para ver si no hay nada raro dando vuelta y luego sacaremos reportes limpios para hacer un script.

Descarga Malwarebytes-AntiRootkits sigues las instrucciones de su manual y me traes sus correspondientes Informes de análisis: Mbar-log.txt y System-log.txt tal como se indica en su manual (Actualizando la Database).

Descarga, instala y ejecuta TDSKiller . Marca todas las casillas (Loaded Modules, Verify file digital signatures y Detect TDLFS file system). Sí te pide reiniciar lo haces, ejecutas de nuevo la herramienta y al marcar nuevamente las casillas que te he dicho, ya te dejara analizar.

Traes los reportes para ver si hay algo raro y luego pasaremos otros programas para ver si arreglan las entradas rotas.

Saludos

Hecho… No se si me gusta o me raya que no encuentre ninguno nada de nada…

Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org

Database version:
  main:    v2022.06.16.06
  rootkit: v2022.06.16.06

Windows 10 x64 NTFS
Internet Explorer 11.789.19041.0
Gonzalo :: GONZALO-PC [administrator]

17/06/2022 0:03:28
mbar-log-2022-06-17 (00-03-28).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 296225
Time elapsed: 21 minute(s), 53 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.10.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 10.0.9200 Windows 10 x64

Account is Administrative

Internet Explorer version: 11.789.19041.0

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED
CPU speed: 3.200000 GHz
Memory total: 17033949184, free: 12902739968

Downloaded database version: v2022.06.16.06
Downloaded database version: v2022.06.16.06
Downloaded database version: v2018.01.20.01
=======================================
Initializing...
Driver version: 4.3.0.15
------------ Kernel report ------------
     06/17/2022 00:03:23
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\System32\drivers\FLTMGR.SYS
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\System32\drivers\ksecdd.sys
\SystemRoot\System32\drivers\clipsp.sys
\SystemRoot\System32\drivers\cmimcext.sys
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\ntosext.sys
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\cng.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\WppRecorder.sys
\SystemRoot\system32\drivers\SleepStudyHelper.sys
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\system32\drivers\SgrmAgent.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\system32\drivers\WindowsTrustedRT.sys
\SystemRoot\System32\drivers\IntelTA.sys
\SystemRoot\System32\drivers\WindowsTrustedRTProxy.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\system32\drivers\CEA.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\storahci.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\secnvme.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\drivers\wfplwfs.sys
\SystemRoot\system32\DRIVERS\avdevprot.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volume.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\secnvmeF.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\drivers\iorate.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\??\C:\Program Files\Riot Vanguard\vgk.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\system32\drivers\filecrypt.sys
\SystemRoot\system32\drivers\tbs.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_65ab9a260dbf7467\BasicDisplay.sys
\SystemRoot\System32\DriverStore\FileRepository\basicrender.inf_amd64_df49c4daa6251397\BasicRender.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\CimFS.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afunix.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\bflwfx64.sys
\SystemRoot\System32\drivers\vwififlt.sys
\SystemRoot\System32\drivers\pacer.sys
\SystemRoot\System32\drivers\ndiscap.sys
\SystemRoot\system32\drivers\netbios.sys
\SystemRoot\System32\drivers\Vid.sys
\SystemRoot\System32\drivers\winhvr.sys
\SystemRoot\system32\DRIVERS\avkmgr.sys
\SystemRoot\system32\DRIVERS\avipbb.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\gpuenergydrv.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\drivers\bam.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\drivers\phantomtap.sys
\SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys
\SystemRoot\System32\drivers\kdnic.sys
\SystemRoot\System32\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys
\SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_60daf66a00f2e0b6\nvlddmkm.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\portcls.sys
\SystemRoot\System32\drivers\drmk.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\system32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\TeeDriverW8x64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\e2xw10x64.sys
\SystemRoot\System32\drivers\serial.sys
\SystemRoot\System32\drivers\serenum.sys
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\acpipagr.sys
\SystemRoot\System32\drivers\RZSurround.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\drivers\RZTHXSpatial.sys
\SystemRoot\System32\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\System32\drivers\IntcDAud.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\MBfilt64.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\win32kbase.sys
\SystemRoot\System32\win32kfull.sys
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\drivers\dump_storahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\system32\drivers\GM312Fltr.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\dxgmms2.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\wcifs.sys
\SystemRoot\system32\drivers\cldflt.sys
\SystemRoot\system32\drivers\storqosflt.sys
\SystemRoot\system32\DRIVERS\avgntflt.sys
\SystemRoot\system32\drivers\bindflt.sys
\SystemRoot\system32\drivers\msquic.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\drivers\lltdio.sys
\SystemRoot\system32\drivers\mslldp.sys
\SystemRoot\system32\drivers\rspndr.sys
\SystemRoot\System32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\avnetflt.sys
\SystemRoot\system32\DRIVERS\imdisk.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\drivers\mmcss.sys
\SystemRoot\system32\drivers\mqac.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\system32\drivers\Ndu.sys
\??\C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\??\C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl
\SystemRoot\System32\drivers\rassstp.sys
\SystemRoot\System32\DRIVERS\NDProxy.sys
\SystemRoot\System32\drivers\AgileVpn.sys
\SystemRoot\System32\drivers\rasl2tp.sys
\SystemRoot\System32\drivers\raspptp.sys
\SystemRoot\System32\DRIVERS\raspppoe.sys
\SystemRoot\System32\DRIVERS\ndistapi.sys
\SystemRoot\System32\drivers\ndiswan.sys
\SystemRoot\System32\drivers\rdpvideominiport.sys
\SystemRoot\System32\cdd.dll
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\7533A87F.sys
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2022.06.16.06
  rootkit: v2022.06.16.06

<<<2>>>
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffffda840f0e4060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffda840f0e5040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffda840f0e4060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
DevicePointer: 0xffffda840f0a5ba0, DeviceName: Unknown, DriverName: \Driver\secnvmeF\
DevicePointer: 0xffffda840ce94040, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffda840cdc92a0, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffda840ce74050, DeviceName: \Device\00000035\, DriverName: \Driver\storahci\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffda840f0e3060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffda840f0e2850, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffda840f0e3060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffda840f0a58d0, DeviceName: Unknown, DriverName: \Driver\secnvmeF\
DevicePointer: 0xffffda840c5599b0, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffda840ce92e10, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffda840cdc7050, DeviceName: \Device\00000034\, DriverName: \Driver\storahci\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: E44E16AF

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 204800
    Partition is bootable
    Partition file system is NTFS

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 206848  Numsec = 3906818048
    Partition is not bootable
    Partition file system is NTFS

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 2000398934016 bytes
Sector size: 512 bytes

Done!
Drive 1
This is a System drive
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: E44E16D7

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 248906745
    Partition is not bootable
    Partition file system is NTFS

    Partition 1 type is Other (0x27)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 248909824  Numsec = 1155072
    Partition is not bootable
    Partition file system is NTFS

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 128035676160 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 2, DevicePointer: 0xffffda840f1080a0, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffda840f0e59a0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffda840f1080a0, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
DevicePointer: 0xffffda840f0e56d0, DeviceName: Unknown, DriverName: \Driver\secnvmeF\
DevicePointer: 0xffffda840cfd0050, DeviceName: \Device\00000037\, DriverName: \Driver\secnvme\
------------ End ----------
Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 2
Scanning MBR on drive 2...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 0

GPT Protective MBR Partition information:

    Partition 0 type is EFI-GPT (0xee)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1  Numsec = 4294967295

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

GPT Partition information:

    GPT Header Signature 4546492050415254
    GPT Header Revision 65536 Size 92 CRC 901730276
    GPT Header CurrentLba = 1 BackupLba 488397167
    GPT Header FirstUsableLba 34  LastUsableLba 488397134
    GPT Header Guid b0458f95-26ba-4cf2-a17d-b88b7e6bb5c0
    GPT Header Contains 128 partition entries starting at LBA 2
    GPT Header Partition entry size = 128

    Backup GPT header Signature 4546492050415254
    Backup GPT header Revision 65536 Size 92 CRC 901730276
    Backup GPT header CurrentLba = 488397167 BackupLba 1
    Backup GPT header FirstUsableLba 34  LastUsableLba 488397134
    Backup GPT header Guid b0458f95-26ba-4cf2-a17d-b88b7e6bb5c0
    Backup GPT header Contains 128 partition entries starting at LBA 488397135
    Backup GPT header Partition entry size = 128

    Partition 0 Type e3c9e316-b5c-4db8-817d-f92df0215ae
    Partition ID 5eb60cce-94c0-4463-a4fa-56d24d7847e
    FirstLBA 34  Last LBA 262177
    Attributes 0
    Partition Name         Microsoft reserved partition

    Partition 1 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID 5cafe25e-b1bb-4377-bb71-50adced1683e
    FirstLBA 264192  Last LBA 439556095
    Attributes 0
    Partition Name                 Basic data partition

Disk Size: 250059350016 bytes
Sector size: 512 bytes

Done!
File "C:\Windows\System32\KERNELBASE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\apphelp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\psapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\user32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\win32u.dll" is sparse (flags = 32768)
File "C:\Windows\System32\gdi32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\GDI32FULL.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MSVCP_WIN.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\ucrtbase.dll" is sparse (flags = 32768)
File "C:\Windows\System32\advapi32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\msvcrt.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sechost.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rpcrt4.dll" is sparse (flags = 32768)
File "C:\Windows\System32\imm32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\shell32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ole32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\combase.dll" is sparse (flags = 32768)
File "C:\Windows\System32\shlwapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wintrust.dll" is sparse (flags = 32768)
File "C:\Windows\System32\version.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wininet.dll" is sparse (flags = 32768)
File "C:\Windows\System32\netapi32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\netutils.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ws2_32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\imagehlp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\userenv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\IPHLPAPI.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\mpr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\comdlg32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\SHCore.dll" is sparse (flags = 32768)
File "C:\Windows\System32\oleaut32.dll" is sparse (flags = 32768)
File "C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.19041.1110_none_c0da534e38c01f4d\comctl32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\winmm.dll" is sparse (flags = 32768)
File "C:\Windows\System32\winspool.drv" is sparse (flags = 32768)
File "C:\Windows\System32\sfc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sfc_os.dll" is sparse (flags = 32768)
File "C:\Windows\System32\cryptsp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rsaenh.dll" is sparse (flags = 32768)
File "C:\Windows\System32\bcrypt.dll" is sparse (flags = 32768)
File "C:\Windows\System32\CRYPTBASE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\BCRYPTPRIMITIVES.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\crypt32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\msasn1.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wkscli.dll" is sparse (flags = 32768)
File "C:\Windows\System32\cscapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\uxtheme.dll" is sparse (flags = 32768)
File "C:\Windows\System32\iertutil.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sspicli.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.STORAGE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\wldp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\profapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ONDEMANDCONNROUTEHELPER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\winhttp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\KERNEL.APPCORE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\mswsock.dll" is sparse (flags = 32768)
File "C:\Windows\System32\nsi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\winnsi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\urlmon.dll" is sparse (flags = 32768)
File "C:\Windows\System32\srvcli.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dnsapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rasadhlp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\FWPUCLNT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\schannel.dll" is sparse (flags = 32768)
File "C:\Windows\System32\MSKEYPROTECT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\ntasn1.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dpapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\cryptnet.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ncrypt.dll" is sparse (flags = 32768)
File "C:\Windows\System32\NCRYPTSSLP.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\msctf.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dhcpcsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ntmarta.dll" is sparse (flags = 32768)
File "C:\Windows\System32\clbcatq.dll" is sparse (flags = 32768)
File "C:\Windows\System32\cfgmgr32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\TEXTINPUTFRAMEWORK.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\COREMESSAGING.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\COREUICOMPONENTS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WinTypes.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wtsapi32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\winsta.dll" is sparse (flags = 32768)
File "C:\Windows\System32\propsys.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.STATEREPOSITORYPS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.FILEEXPLORER.COMMON.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\mssprxy.dll" is sparse (flags = 32768)
File "C:\Windows\System32\coml2.dll" is sparse (flags = 32768)
File "C:\Windows\System32\smss.exe" is sparse (flags = 32768)
File "C:\Windows\System32\csrss.exe" is sparse (flags = 32768)
File "C:\Windows\System32\wininit.exe" is sparse (flags = 32768)
File "C:\Windows\System32\services.exe" is sparse (flags = 32768)
File "C:\Windows\System32\lsass.exe" is sparse (flags = 32768)
File "C:\Windows\System32\svchost.exe" is sparse (flags = 32768)
File "C:\Windows\System32\FONTDRVHOST.EXE" is sparse (flags = 32768)
File "C:\Windows\MICROSOFT.NET\FRAMEWORK64\v3.0\WPF\PRESENTATIONFONTCACHE.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\powrprof.dll" is sparse (flags = 32768)
File "C:\Windows\System32\oleacc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WINMMBASE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\umpdc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\spoolsv.exe" is sparse (flags = 32768)
File "C:\Windows\System32\dbghelp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dbgcore.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rasapi32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rasman.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rtutils.dll" is sparse (flags = 32768)
File "C:\Windows\System32\secur32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wevtapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\msi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\DHCPCSVC6.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\NapiNSP.dll" is sparse (flags = 32768)
File "C:\Windows\System32\pnrpnsp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wshbth.dll" is sparse (flags = 32768)
File "C:\Windows\System32\nlaapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\winrnr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\esent.dll" is sparse (flags = 32768)
File "C:\Windows\System32\Wldap32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\activeds.dll" is sparse (flags = 32768)
File "C:\Windows\System32\adsldpc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\samcli.dll" is sparse (flags = 32768)
File "C:\Windows\System32\logoncli.dll" is sparse (flags = 32768)
File "C:\Windows\System32\fltLib.dll" is sparse (flags = 32768)
File "C:\Windows\System32\setupapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\msimg32.dll" is sparse (flags = 32768)
File "C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.1706_none_d94bc52be10975a7\GdiPlus.dll" is sparse (flags = 32768)
File "C:\Windows\MICROSOFT.NET\FRAMEWORK\V4.0.30319\mscoreei.dll" is sparse (flags = 32768)
File "C:\Windows\MICROSOFT.NET\FRAMEWORK\V4.0.30319\clr.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a403a0b75e95c07da2caa7f780446a62\MSCORLIB.NI.DLL" is sparse (flags = 32768)
File "C:\Windows\MICROSOFT.NET\FRAMEWORK\V4.0.30319\clrjit.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System\8544565b0ccfddb579837a5d8887dbad\System.ni.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\57764fb7ec10bfe068aade4e141f0be5\System.Core.ni.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\c3ba0c5cd8e2291e66f7e6ae120df2fb\System.ServiceProcess.ni.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\cd5694667611daff5df925fb79b44ae7\WindowsBase.ni.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\074da4c6824bc84932350b813f62f7fe\PresentationCore.ni.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\fc8c48c599d389c092583c5fc0f6e563\PresentationFramework.ni.dll" is sparse (flags = 32768)
File "C:\Windows\System32\gpapi.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\1b4ba721e83857649d0137f5084983eb\System.Configuration.ni.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\a31aa6dffae217ee1ebf503e3a6fd9b5\System.Xml.ni.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Compba577418#\fb81aa337669c0c2d82340fd832cac8b\System.ComponentModel.Composition.ni.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\8e4de111e65ece1e7f697fff168a1289\System.Runtime.Serialization.ni.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\bba84ae26f2d323e67bf8946eb8b11b7\System.Data.Linq.ni.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt19c51595#\d2ec15b0acb5fd2bb81705272aea2473\System.Runtime.Caching.ni.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\d06877b5a0df441a8dc4c7b8d95b5d41\System.Numerics.ni.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\b33508951b10a4a6b8165cf7244a1245\System.Data.ni.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Security\618d2c58a817810e78ce5203261ca9c1\System.Security.ni.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\10304f8c2eca783d5a5e446c9271fcad\System.Management.ni.dll" is sparse (flags = 32768)
File "C:\Windows\System32\netprofm.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WEBSOCKET.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\wbem\wmiutils.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wbemcomn.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wbem\wbemprox.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wbem\wbemsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wbem\fastprox.dll" is sparse (flags = 32768)
File "C:\Windows\System32\amsi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\npmproxy.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\eea1d3dee084895158a9bfa490b3ad11\System.Web.ni.dll" is sparse (flags = 32768)
File "C:\Windows\MICROSOFT.NET\FRAMEWORK\V4.0.30319\WEBENGINE4.DLL" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\54266b3392c6ae9eafc92b05c0c2627b\Microsoft.CSharp.ni.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\304a3d2a01eae17e475232bf0332ce4c\System.Dynamic.ni.dll" is sparse (flags = 32768)
File "C:\Windows\System32\pdh.dll" is sparse (flags = 32768)
File "C:\Windows\MICROSOFT.NET\FRAMEWORK\V4.0.30319\ASPNET_PERF.DLL" is sparse (flags = 32768)
File "C:\Windows\MICROSOFT.NET\FRAMEWORK\V2.0.50727\ASPNET_PERF.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\tapi32.dll" is sparse (flags = 32768)
File "C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984\comctl32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\perfdisk.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wmiclnt.dll" is sparse (flags = 32768)
File "C:\Windows\System32\perfos.dll" is sparse (flags = 32768)
File "C:\Windows\System32\taskschd.dll" is sparse (flags = 32768)
File "C:\Windows\System32\xmllite.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sxs.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b606c1e70f3b5d8ab4c5aa5559477048\System.Drawing.ni.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWSCODECS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\THUMBCACHE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MrmCoreR.dll" is sparse (flags = 32768)
File "C:\Windows\System32\FIREWALLAPI.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\fwbase.dll" is sparse (flags = 32768)
File "C:\Windows\System32\FWPOLICYIOMGR.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\wbem\wbemdisp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\tbs.dll" is sparse (flags = 32768)
File "C:\Windows\System32\webio.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dllhost.exe" is sparse (flags = 32768)
File "C:\Windows\System32\SECURITYHEALTHSERVICE.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\SEARCHINDEXER.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\wsock32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\devobj.dll" is sparse (flags = 32768)
File "C:\Windows\System32\SGRMBROKER.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\winlogon.exe" is sparse (flags = 32768)
File "C:\Windows\System32\dwm.exe" is sparse (flags = 32768)
File "C:\Windows\System32\sihost.exe" is sparse (flags = 32768)
File "C:\Windows\System32\TASKHOSTW.EXE" is sparse (flags = 32768)
File "C:\Windows\explorer.exe" is sparse (flags = 32768)
File "C:\Windows\System32\SETTINGSYNCHOST.EXE" is sparse (flags = 32768)
File "C:\Windows\SYSTEMAPPS\MICROSOFT.WINDOWS.STARTMENUEXPERIENCEHOST_CW5N1H2TXYEWY\STARTMENUEXPERIENCEHOST.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\RUNTIMEBROKER.EXE" is sparse (flags = 32768)
File "C:\Windows\SYSTEMAPPS\MICROSOFT.WINDOWS.SEARCH_CW5N1H2TXYEWY\SEARCHAPP.EXE" is sparse (flags = 32768)
File "C:\Windows\SYSTEMAPPS\MICROSOFTWINDOWS.CLIENT.CBS_CW5N1H2TXYEWY\TEXTINPUTHOST.EXE" is sparse (flags = 32768)
File "C:\Windows\SYSTEMAPPS\SHELLEXPERIENCEHOST_CW5N1H2TXYEWY\SHELLEXPERIENCEHOST.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\edputil.dll" is sparse (flags = 32768)
File "C:\Windows\System32\APPRESOLVER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\BCP47LANGS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\slc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sppc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ONECORECOMMONPROXYSTUB.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\ONECOREUAPCOMMONPROXYSTUB.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\pcacli.dll" is sparse (flags = 32768)
File "C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\98823a756db81b85a5a16b80b6b0615d\System.Windows.Forms.ni.dll" is sparse (flags = 32768)
File "C:\Windows\System32\DWrite.dll" is sparse (flags = 32768)
File "C:\Windows\System32\TEXTSHAPING.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\msacm32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\audiodg.exe" is sparse (flags = 32768)
File "C:\Windows\System32\SEARCHPROTOCOLHOST.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\POLICYMANAGER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MSVCP110_WIN.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\EXPLORERFRAME.DLL" is sparse (flags = 32768)
File "C:\Windows\SysWOW64\cmd.exe" is sparse (flags = 32768)
File "C:\Windows\System32\cmdext.dll" is sparse (flags = 32768)
File "C:\Windows\System32\conhost.exe" is sparse (flags = 32768)
File "C:\Windows\System32\SEARCHFILTERHOST.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\credssp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\userinit.exe" is sparse (flags = 32768)
File "C:\Windows\System32\scecli.dll" is sparse (flags = 32768)
File "C:\Windows\System32\msv1_0.dll" is sparse (flags = 32768)
File "C:\Windows\System32\kerberos.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wdigest.dll" is sparse (flags = 32768)
File "C:\Windows\System32\TSpkg.dll" is sparse (flags = 32768)
File "C:\Windows\System32\pku2u.dll" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\appid.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\AcpiDev.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\fvevol.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\1394ohci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\flpydisk.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mspclock.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\acpiex.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\acpi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\asyncmac.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\storvsc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\amdk8.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\acpipagr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\isapnp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\acpitime.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ufx01000.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\Ucx01000.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\Acx01000.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mrxsmb20.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mpsdrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\afd.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hidi2c.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\afunix.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\sdstor.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ahcache.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\amdppm.sys" is sparse (flags = 32768)
File "C:\Windows\System32\alg.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\IPMIDrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\APPLOCKERFLTR.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\cdfs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\clfs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wcnfs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wcifs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\srv2.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\atapi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hyperkbd.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pciide.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\SerCx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\SpbCx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\fdc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\bindflt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\PktMon.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\bowser.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\bthenum.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\HYPERVIDEO.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\MICROSOFT.BLUETOOTH.LEGACY.LEENUMERATOR.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\portcfg.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\BthMini.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\bthport.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\BTHUSB.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\bttflt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\BUTTONCONVERTER.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\cng.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hidbth.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\cdrom.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\cldflt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mup.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\CmBatt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\condrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\CREDENTIALENROLLMENTMANAGER.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mountmgr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pacer.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\dam.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\dfsc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\disk.sys" is sparse (flags = 32768)
File "C:\Windows\System32\DiagSvcs\DIAGNOSTICSHUB.STANDARDCOLLECTOR.SERVICE.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\dmvsc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\drmkaud.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\serial.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\dxgkrnl.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\EHSTORCLASS.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\EHSTORTCGDRV.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\errdev.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\fileinfo.sys" is sparse (flags = 32768)
File "C:\Windows\System32\FXSSVC.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vmstorfl.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ipfltdrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\FILETRACE.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\fltMgr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\monitor.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\FSDEPENDS.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ndisuio.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\MSGPIOCLX.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rasl2tp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mrxsmb.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\HdAudio.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hdaudbus.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hidbatt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\HIDINTERRUPT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hidspi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hidusb.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\http.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\HVSERVICE.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hwpolicy.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ndproxy.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\i8042prt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\INDIRECTKMD.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\intelide.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\intelpep.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\intelppm.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\iorate.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\scfilter.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ipnat.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\msiscsi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\kbdclass.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\kbdhid.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ksecdd.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ksecpkg.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ksthunk.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\luafv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\msisadrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mstee.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\MbbCx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mmcss.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mskssrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wimmount.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mrxdav.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\modem.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mspqm.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mouclass.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mouhid.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\msquic.sys" is sparse (flags = 32768)
File "C:\Windows\System32\VSSVC.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\MSHIDKMDF.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mssmbios.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\MTConfig.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\nwifi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\netbios.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\netvsc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ndis.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\NDISIMPLATFORM.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ndistapi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\NDISVIRTUALBUS.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ndiswan.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\NETADAPTERCX.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\netbt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\NPSVCTRIG.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\nsiproxy.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\parport.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\partmgr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pcw.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pdc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pcmcia.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\PEAuth.sys" is sparse (flags = 32768)
File "C:\Windows\System32\PERCEPTIONSIMULATION\PERCEPTIONSIMULATIONSERVICE.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\RDPVIDEOMINIPORT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\raspptp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\processr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ramdisk.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rasacd.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\agilevpn.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\raspppoe.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rassstp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rdbss.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rdpdr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\sbp2port.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\sdbus.sys" is sparse (flags = 32768)
File "C:\Windows\System32\SENSORDATASERVICE.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\serenum.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\SerCx2.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\sermouse.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\sfloppy.sys" is sparse (flags = 32768)
File "C:\Windows\System32\Spectrum.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\SPACEPORT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\sppsvc.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\srvnet.sys" is sparse (flags = 32768)
File "C:\Windows\System32\OpenSSH\SSH-AGENT.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\storahci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\stornvme.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\STORQOSFLT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\storufs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\tcpip.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\tpm.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\tdx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vdrvroot.sys" is sparse (flags = 32768)
File "C:\Windows\System32\TIERINGENGINESERVICE.EXE" is sparse (flags = 32768)
File "C:\Windows\SERVICING\TRUSTEDINSTALLER.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\TsUsbGD.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\uaspstor.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\Udecx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\UcmCx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\UCMUCSICX.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\udfs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\umpass.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\USBAUDIO.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbccgp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\USBXHCI.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbuhci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbohci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbehci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbhub.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\USBHUB3.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbprint.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usb80236.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbser.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\USBSTOR.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\vds.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\VERIFIEREXT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vhdmp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\Vid.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vhf.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vmbus.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\VMBusHID.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\volmgr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\volmgrx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\volsnap.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\volume.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vsmraid.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vwifibus.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vwififlt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vwifimp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wacompen.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\WUDFRd.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wanarp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\wbengine.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\Wdf01000.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\WdiWiFi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wfplwfs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\winnat.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wmiacpi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\wbem\WmiApSrv.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ws2ifsl.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\WUDFPf.sys" is sparse (flags = 32768)
File "C:\Windows\System32\NATURALAUTH.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\umpnpmgr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\AarSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rpcss.dll" is sparse (flags = 32768)
File "C:\Windows\System32\appinfo.dll" is sparse (flags = 32768)
File "C:\Windows\System32\DISPBROKER.DESKTOP.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MESSAGINGSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MICROSOFT.BLUETOOTH.USERSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\appidsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.STATEREPOSITORY.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\AUDIOENDPOINTBUILDER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WALLETSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\APPXDEPLOYMENTSERVER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\EMBEDDEDMODESVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\smphost.dll" is sparse (flags = 32768)
File "C:\Windows\System32\GRAPHICSPERFSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\psmsrv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\APPREADINESS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\BCASTDVRUSERSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\audiosrv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\AUTOTIMESVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\wwansvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wlidsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wlansvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wcncsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wevtsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\AxInstSv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\RpcEpMap.dll" is sparse (flags = 32768)
File "C:\Windows\System32\CDPUSERSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\dssvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\bdesvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\CAPTURESERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\BFE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\XBLAUTHMANAGER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\netman.dll" is sparse (flags = 32768)
File "C:\Windows\System32\DEVICESETUPMANAGER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\cdpsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\umpo.dll" is sparse (flags = 32768)
File "C:\Windows\System32\qmgr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\CBDHSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ClipSVC.dll" is sparse (flags = 32768)
File "C:\Windows\System32\BTAGSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\BTHAVCTPSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\vac.dll" is sparse (flags = 32768)
File "C:\Windows\System32\das.dll" is sparse (flags = 32768)
File "C:\Windows\System32\profsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\pnrpsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\provsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\CAPABILITYACCESSMANAGER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\certprop.dll" is sparse (flags = 32768)
File "C:\Windows\System32\CONSENTUXCLIENT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\XBOXGIPSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\TETHERINGSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\cryptsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\DEFRAGSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\DEVICEACCESS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.DEVICES.PICKER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\DEVICESFLOWBROKER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\dhcpcore.dll" is sparse (flags = 32768)
File "C:\Windows\System32\DiagSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dot3svc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\DIAGTRACK.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MICROSOFT.GRAPHICS.DISPLAY.DISPLAYENHANCEMENTSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.INTERNAL.MANAGEMENT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\dnsrslvr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WERCPLSUPPORT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\eapsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\efssvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ENTERPRISEAPPMGMTSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\FntCache.dll" is sparse (flags = 32768)
File "C:\Windows\System32\es.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sdrsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\srvsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\FRAMESERVER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\upnphost.dll" is sparse (flags = 32768)
File "C:\Windows\System32\fhsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\gpsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\hidserv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\lltdsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ListSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\IKEEXT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\INSTALLSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\iphlpsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\keyiso.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wscsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WsmSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wersvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wecsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wcmsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wkssvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\LICENSEMANAGERSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\lpasvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\lmhsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ipnathlp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\lsm.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WORKFOLDERSSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\LANGUAGEOVERLAYSERVER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MIXEDREALITYRUNTIME.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MPSSVC.dll" is sparse (flags = 32768)
File "C:\Windows\System32\iscsiexe.dll" is sparse (flags = 32768)
File "C:\Windows\System32\nsisvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\nlasvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ngcsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\NCBSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\netlogon.dll" is sparse (flags = 32768)
File "C:\Windows\System32\trkwks.dll" is sparse (flags = 32768)
File "C:\Windows\System32\NETPROFMSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\NETSETUPSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\icsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\NGCCTNRSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\APHOSTSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\pcasvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\p2psvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\PHONESERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\PIMINDEXMAINTENANCE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\icsvcext.dll" is sparse (flags = 32768)
File "C:\Windows\System32\IPSECSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\PRINTWORKFLOWSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\PUSHTOINSTALL.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\qwave.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rasauto.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rasmans.dll" is sparse (flags = 32768)
File "C:\Windows\System32\mprdim.dll" is sparse (flags = 32768)
File "C:\Windows\System32\RDXSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\RMapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\schedsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\SCardSvr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\XBLGAMESAVE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\SCDEVICEENUM.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\SEMgrSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\SENSORSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\SessEnv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\SHAREDREALITYSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\shsvcs.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.SHAREDPC.ACCOUNTMANAGER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\SMSROUTERSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\StorSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sstpsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ssdpsrv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wiaservc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\svsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\swprv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\inetsrv\iisw3adm.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sysmain.dll" is sparse (flags = 32768)
File "C:\Windows\System32\SYSTEMEVENTSBROKERSERVER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\TabSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\termsrv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\tapisrv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\TIMEBROKERSERVER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\TOKENBROKER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MITIGATIONCLIENT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\TZAUTOUPDATE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWSUDK.SHELLCOMMON.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\umrdp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\Unistore.dll" is sparse (flags = 32768)
File "C:\Windows\System32\USERDATASERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\usermgr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\usosvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\vaultsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\w32time.dll" is sparse (flags = 32768)
File "C:\Windows\System32\inetsrv\w3logsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WAASMEDICSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\wbiosrvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WebClnt.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WFDSCONMGRSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\wiarpc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wbem\WMIsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\FLIGHTSETTINGS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.MANAGEMENT.SERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WPCDESKTOPMONSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WPDBUSENUM.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WPNSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WPNUSERSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\wuaueng.dll" is sparse (flags = 32768)
File "C:\Windows\System32\XBOXNETAPISVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\iedkcs32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ie4uinit.exe" is sparse (flags = 32768)
File "C:\Windows\System32\rundll32.exe" is sparse (flags = 32768)
File "C:\Windows\SysWOW64\rundll32.exe" is sparse (flags = 32768)
File "C:\Windows\System32\config\systemprofile\AppData\Local\DataSharing\Storage\DSTokenDB2.dat" is sparse (flags = 32768)
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-206848-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-1-248909824-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-r.mbam...
Removal finished

y el de Karpersky:

00:29:03.0355 0x1df4  TDSS rootkit removing tool 3.1.0.28 Apr  9 2019 21:11:46
00:29:04.0272 0x1df4  ============================================================
00:29:04.0272 0x1df4  Current date / time: 2022/06/17 00:29:04.0272
00:29:04.0272 0x1df4  SystemInfo:
00:29:04.0273 0x1df4  
00:29:04.0273 0x1df4  OS Version: 10.0.19044 ServicePack: 0.0
00:29:04.0273 0x1df4  Product type: Workstation
00:29:04.0273 0x1df4  ComputerName: GONZALO-PC
00:29:04.0273 0x1df4  UserName: Gonzalo
00:29:04.0273 0x1df4  Windows directory: C:\WINDOWS
00:29:04.0273 0x1df4  System windows directory: C:\WINDOWS
00:29:04.0273 0x1df4  Running under WOW64
00:29:04.0273 0x1df4  Processor architecture: Intel x64
00:29:04.0273 0x1df4  Number of processors: 4
00:29:04.0273 0x1df4  Page size: 0x1000
00:29:04.0273 0x1df4  Boot type: Normal boot
00:29:04.0273 0x1df4  CodeIntegrityOptions = 0x00000001
00:29:04.0273 0x1df4  ============================================================
00:29:04.0274 0x1df4  KLMD ARK init status: drvProperties = 0xEF0F02, osBuild = 19041.0, osProperties = 0x1D
00:29:04.0274 0x1df4  KLMD BG init status: drvProperties = 0xEF0F02, osBuild = 19041.0, osProperties = 0x1D
00:29:04.0274 0x1df4  BG loaded
00:29:04.0290 0x1df4  System UUID: {C95BF01A-E5F2-0300-3E4E-89409D4EE501}
00:29:04.0347 0x1df4  !crdlk
00:29:04.0470 0x1df4  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
00:29:04.0565 0x1df4  Drive \Device\Harddisk1\DR1 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
00:29:04.0621 0x1df4  Drive \Device\Harddisk2\DR2 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
00:29:04.0622 0x1df4  ============================================================
00:29:04.0622 0x1df4  \Device\Harddisk0\DR0:
00:29:04.0623 0x1df4  MBR partitions:
00:29:04.0623 0x1df4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
00:29:04.0623 0x1df4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE8DD5000
00:29:04.0623 0x1df4  \Device\Harddisk1\DR1:
00:29:04.0623 0x1df4  MBR partitions:
00:29:04.0623 0x1df4  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xED603F9
00:29:04.0623 0x1df4  \Device\Harddisk2\DR2:
00:29:04.0623 0x1df4  GPT partitions:
00:29:04.0623 0x1df4  \Device\Harddisk2\DR2\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {5EB60CCE-94C0-4463-A4FA-56D24D78470E}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
00:29:04.0623 0x1df4  \Device\Harddisk2\DR2\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {5CAFE25E-B1BB-4377-BB71-50ADCED1683E}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x1A2F1000
00:29:04.0623 0x1df4  MBR partitions:
00:29:04.0623 0x1df4  ============================================================
00:29:04.0624 0x1df4  C: <-> \Device\Harddisk1\DR1\Partition1
00:29:04.0640 0x1df4  D: <-> \Device\Harddisk0\DR0\Partition2
00:29:04.0640 0x1df4  F: <-> \Device\Harddisk2\DR2\Partition2
00:29:04.0640 0x1df4  ============================================================
00:29:04.0640 0x1df4  Initialize success
00:29:04.0640 0x1df4  ============================================================
00:30:27.0331 0x04e0  ============================================================
00:30:27.0331 0x04e0  Scan started
00:30:27.0331 0x04e0  Mode: Manual; SigCheck; TDLFS; 
00:30:27.0331 0x04e0  ============================================================
00:30:27.0331 0x04e0  KSN ping started
00:30:27.0425 0x04e0  KSN ping finished: true
00:30:28.0097 0x04e0  ================ Scan BIOS =================================
00:30:28.0097 0x04e0  BIOS info: vendor = American Megatrends Inc., version = F6, releaseDate = 04/21/2015
00:30:28.0097 0x04e0  Base board info: manufacturer = Gigabyte Technology Co., Ltd., product = Z97X-Gaming 3, version = x.x
00:30:29.0456 0x04e0  [ FCBFDE4E83D6B0799588168FC5C51DEB, A0C85A3A03EB3C115E2FCCC9612E41D69A235C9A28063604EDED3556CE4EF1EA ] BIOS
00:30:29.0456 0x04e0  BIOS - ok
00:30:29.0456 0x04e0  ================ Scan system memory ========================
00:30:29.0456 0x04e0  System memory - ok
00:30:29.0456 0x04e0  ================ Scan services =============================
00:30:29.0487 0x04e0  1394ohci - ok
00:30:29.0487 0x04e0  3ware - ok
00:30:29.0487 0x04e0  AarSvc - ok
00:30:29.0503 0x04e0  ACPI - ok
00:30:29.0503 0x04e0  AcpiDev - ok
00:30:29.0503 0x04e0  acpiex - ok
00:30:29.0503 0x04e0  acpipagr - ok
00:30:29.0503 0x04e0  [ 33B5ED555018128792AFFCDC9AF7AFD2, 1E7C5FADA2486EE31289A4BEFB70AEA173190671C64995441651903CF31E5033 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
00:30:29.0550 0x04e0  AcpiPmi - ok
00:30:29.0550 0x04e0  acpitime - ok
00:30:29.0550 0x04e0  Acx01000 - ok
00:30:29.0581 0x04e0  [ 96E12D60887AED12B03320AFF44B554F, 03DA78DE5CE0FB38A575539C8FBB0E75BD7F3C8D8F17B4CAE5E075DF3307754F ] AdAppMgrSvc     C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
00:30:29.0612 0x04e0  AdAppMgrSvc - ok
00:30:29.0612 0x04e0  [ 431B9F2E0D4145164D572671395B4B31, 5D336098251ED4E50D3EAB55A37CD9486F0479893A2D9B5FB849D1486FA63FAD ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
00:30:29.0628 0x04e0  AdobeARMservice - ok
00:30:29.0628 0x04e0  ADP80XX - ok
00:30:29.0628 0x04e0  AdskLicensingService - ok
00:30:29.0643 0x04e0  AFD - ok
00:30:29.0643 0x04e0  afunix - ok
00:30:29.0675 0x04e0  [ C20CA26CDE768CA950C622B866292FC2, 007B142A02B3676F320F9BBB92AAAE1589938FD19D20701655114CE84588526B ] AGSService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
00:30:29.0721 0x04e0  AGSService - ok
00:30:29.0721 0x04e0  ahcache - ok
00:30:29.0721 0x04e0  [ 526FE18DB976D9A1AE19FBC53FA690B1, 4E2623243A9BB61F7211E591C24EDB70B07974A7FA21E3F14C683F27E975777F ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
00:30:29.0753 0x04e0  AJRouter - ok
00:30:29.0753 0x04e0  ALG - ok
00:30:29.0753 0x04e0  [ D696F317BD465A602566F8E1DCCE15F7, 6CE77CD4221C0854986F760D1944DF9F4255192D99630D43A0527A6D58D83406 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
00:30:29.0768 0x04e0  AMD External Events Utility - detected UnsignedFile.Multi.Generic ( 1 )
00:30:29.0893 0x04e0  Detect skipped due to KSN trusted
00:30:29.0893 0x04e0  AMD External Events Utility - ok
00:30:29.0909 0x04e0  amdgpio2 - ok
00:30:29.0909 0x04e0  amdi2c - ok
00:30:29.0925 0x04e0  AmdK8 - ok
00:30:29.0940 0x04e0  AmdPPM - ok
00:30:29.0940 0x04e0  amdsata - ok
00:30:29.0940 0x04e0  amdsbs - ok
00:30:29.0940 0x04e0  amdxata - ok
00:30:29.0971 0x04e0  [ 216D2A60427390282103B308D86E179B, C9DAAE0CD5BB2F0BA194EBB7E0A98DD708F5181861FF30E8A3B2E729489E2355 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
00:30:30.0003 0x04e0  AntiVirMailService - ok
00:30:30.0018 0x04e0  [ DA531DBDE4F0E56B499F405EBCC7EF32, D381E4DF956C553DF1A1CC98905ED4E1C18E03BE7C7E815DF511177BBA498F2E ] AntivirProtectedService C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
00:30:30.0034 0x04e0  AntivirProtectedService - ok
00:30:30.0050 0x04e0  [ D84B8015A1736A139A8EDBD20BAF4418, 2AA3B80CBCE24DE34C30992B76DBFA0D4CC53DEE22D5BCF67092C271A2F257F5 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
00:30:30.0050 0x04e0  AntiVirSchedulerService - ok
00:30:30.0065 0x04e0  [ D84B8015A1736A139A8EDBD20BAF4418, 2AA3B80CBCE24DE34C30992B76DBFA0D4CC53DEE22D5BCF67092C271A2F257F5 ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
00:30:30.0081 0x04e0  AntiVirService - ok
00:30:30.0096 0x04e0  [ 731714C010A07A69B51FF60A25DEDD82, 610E695666F2F2AA41C9BA5078993E107CDE27D368DA6943371D7A0D42B8FEBB ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
00:30:30.0112 0x04e0  AntiVirWebService - ok
00:30:30.0112 0x04e0  [ 929D8C927E33378726CCAB85B67394A4, 8420A6D78FE94305C1F15FFADA20ADDEA141CAC98210B312AAB4C7BF45B138FE ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
00:30:30.0128 0x04e0  AppHostSvc - ok
00:30:30.0128 0x04e0  AppID - ok
00:30:30.0128 0x04e0  AppIDSvc - ok
00:30:30.0143 0x04e0  Appinfo - ok
00:30:30.0143 0x04e0  applockerfltr - ok
00:30:30.0143 0x04e0  AppReadiness - ok
00:30:30.0143 0x04e0  AppXSvc - ok
00:30:30.0143 0x04e0  arcsas - ok
00:30:30.0159 0x04e0  [ E536856E96A7605EBF580D62A868E5FE, 70D0F6ECB05E923C1B274605CB3320091D35D7622003FF7E4806645519C70F01 ] ASGT            C:\Windows\SysWOW64\ASGT.exe
00:30:30.0175 0x04e0  ASGT - detected UnsignedFile.Multi.Generic ( 1 )
00:30:30.0331 0x04e0  Detect skipped due to KSN trusted
00:30:30.0331 0x04e0  ASGT - ok
00:30:30.0362 0x04e0  [ E521372979F4F1AB092B6FC18EAF76F6, 64FAE007652F3F416E3F700BD4C80BFCA19B5076ABB231A549167A2C7D9A5A1A ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
00:30:30.0378 0x04e0  aspnet_state - ok
00:30:30.0378 0x04e0  AsyncMac - ok
00:30:30.0378 0x04e0  atapi - ok
00:30:30.0393 0x04e0  AudioEndpointBuilder - ok
00:30:30.0393 0x04e0  Audiosrv - ok
00:30:30.0393 0x04e0  autotimesvc - ok
00:30:30.0393 0x04e0  [ 04BE924DF267A19A78324A3895AA9819, B01A4AF25604FA82C2DAC88F3CE08AFC23F189296F6C17DA1C4497A52564A641 ] avdevprot       C:\WINDOWS\system32\DRIVERS\avdevprot.sys
00:30:30.0409 0x04e0  avdevprot - ok
00:30:30.0409 0x04e0  [ 3D839782B438B45C6D9194C3AA2ABC4B, FADE509B607AF3905744A4BDC994BA83D41FABF985E0538CA6A51277C2912378 ] avelam          C:\WINDOWS\system32\drivers\avelam.sys
00:30:30.0425 0x04e0  avelam - ok
00:30:30.0425 0x04e0  [ EC059AF10524644BDDCC073916E78375, 868ECDF543865035A3703E8837869441683B8AB396EAADF6AAA0E455E8393C5E ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
00:30:30.0440 0x04e0  avgntflt - ok
00:30:30.0440 0x04e0  [ C8D33C5B49A4760F2D81710EBA839BA2, 80D9D7444623175794A51B6710F99E911943BB58A7A9621BC53D0D4BDE304DAA ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
00:30:30.0456 0x04e0  avipbb - ok
00:30:30.0503 0x04e0  [ CFD1D4467582ED541FE46A51F7E5A085, 333551FE964109021C3FD428EAD4F9572759E2246CA87DB1D37EA32BD4F22E88 ] AviraOptimizerHost C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
00:30:30.0565 0x04e0  AviraOptimizerHost - ok
00:30:30.0581 0x04e0  [ 9539840D77623CCD8A14BE860BF6BCC5, 739DECEDABC93666863DC13DDAF71F4D932D1B189361DF816BE8400B9F140D11 ] AviraPhantomVPN C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
00:30:30.0596 0x04e0  AviraPhantomVPN - ok
00:30:30.0612 0x04e0  [ B5E41CFC6BC511828E92AE71AFCAC810, F64D6864CE21F9D07AE19F036F8BD807621A968B13775C3E7B53863D64DE4C93 ] AviraSecurity   C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
00:30:30.0628 0x04e0  AviraSecurity - ok
00:30:30.0628 0x04e0  [ EEE9BFF8F7B0D6CD7B21A26051588CAA, A14A4F646DB8BF83E8C840A3AF28B5FFDC6D7966EF2909B23DBAF9056BC64D75 ] AviraSecurityUpdater C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe
00:30:30.0643 0x04e0  AviraSecurityUpdater - ok
00:30:30.0659 0x04e0  [ 40786E1AC650F9F7E8B67A672B5EB69E, C754DD80F8F3E19144FFB01A17AACE2176CB5A8DD404A38CE6EC4ED88B6AF759 ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
00:30:30.0659 0x04e0  avkmgr - ok
00:30:30.0659 0x04e0  [ 6582D694C9CEEA44096EA333E5D38FC6, BCD3FE682E4E8040877B6AC27593CD9697EC9D6AC13C8E434CC697DC07DF22AC ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
00:30:30.0675 0x04e0  avnetflt - ok
00:30:30.0675 0x04e0  AxInstSV - ok
00:30:30.0675 0x04e0  b06bdrv - ok
00:30:30.0675 0x04e0  [ 26E2320D24C66EB72B36EB71EBEF2558, 7D06B6499FE915480DF4DAD658281C8B85F7AD71F49B089A270AE0B45713F2E9 ] bam             C:\WINDOWS\system32\drivers\bam.sys
00:30:30.0690 0x04e0  bam - ok
00:30:30.0690 0x04e0  BasicDisplay - ok
00:30:30.0706 0x04e0  BasicRender - ok
00:30:30.0706 0x04e0  BcastDVRUserService - ok
00:30:30.0706 0x04e0  [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
00:30:30.0721 0x04e0  bcmfn2 - ok
00:30:30.0721 0x04e0  BDESVC - ok
00:30:30.0737 0x04e0  [ 4280B427B81EB8C265F3206E2298761E, 121AF03BBE6ECC1622C2540805A30AE9555EB5D5FE25B55939C045ECE7FC37EB ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
00:30:30.0753 0x04e0  Beep - ok
00:30:30.0753 0x04e0  BFE - ok
00:30:30.0753 0x04e0  [ 35BAC943C9C9C501B2DB888858D41F99, 4EDA511CC7029ECB757E2B7B90903503DC649B7B5060238D6418EF4506E172A5 ] BfLwf           C:\WINDOWS\system32\DRIVERS\bflwfx64.sys
00:30:30.0768 0x04e0  BfLwf - ok
00:30:30.0768 0x04e0  bindflt - ok
00:30:30.0768 0x04e0  BITS - ok
00:30:30.0768 0x04e0  BluetoothUserService - ok
00:30:30.0768 0x04e0  bowser - ok
00:30:30.0784 0x04e0  BrokerInfrastructure - ok
00:30:30.0784 0x04e0  BTAGService - ok
00:30:30.0784 0x04e0  [ 7F09708B8C651A0C0E2A2725136BA254, 0442A18BBED4E323265C66561C8F8C171D8E934E9089C12B94D1DFDBB057B737 ] BthA2dp         C:\WINDOWS\System32\drivers\BthA2dp.sys
00:30:30.0799 0x04e0  BthA2dp - detected UnsignedFile.Multi.Generic ( 1 )
00:30:30.0924 0x04e0  Detect skipped due to KSN trusted
00:30:30.0924 0x04e0  BthA2dp - ok
00:30:30.0924 0x04e0  BthAvctpSvc - ok
00:30:30.0924 0x04e0  BthEnum - ok
00:30:30.0940 0x04e0  [ 7AE44E94C6B1DF488AA309824DEAD643, 91C72C54142A0D4E5A5F33268850CEB8315AA30C2F0B74A9FFA962887ABAC797 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
00:30:30.0940 0x04e0  BthHFEnum - detected UnsignedFile.Multi.Generic ( 1 )
00:30:31.0065 0x04e0  Detect skipped due to KSN trusted
00:30:31.0065 0x04e0  BthHFEnum - ok
00:30:31.0081 0x04e0  BthLEEnum - ok
00:30:31.0081 0x04e0  BthMini - ok
00:30:31.0081 0x04e0  [ 11D609CC74F0EB1DF6C0171331CDE9A1, 9412DC92F16C0B8A937D6FB1AD83D7169F4EC0F08FAE0E2B244346428CE99EE1 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
00:30:31.0096 0x04e0  BTHMODEM - ok
00:30:31.0096 0x04e0  BTHPORT - ok
00:30:31.0096 0x04e0  [ D293AC628357F2F75B8579087F732970, 1E536D8863D695944214D55E9B0B4BFE04F705DB7ECA18A0CF8B37AAF4893B1E ] bthserv         C:\WINDOWS\system32\bthserv.dll
00:30:31.0143 0x04e0  bthserv - ok
00:30:31.0143 0x04e0  BTHUSB - ok
00:30:31.0143 0x04e0  bttflt - ok
00:30:31.0143 0x04e0  buttonconverter - ok
00:30:31.0143 0x04e0  [ E7690568D2A5FA3D4E6D28B42358A122, CDBD820B6D383EC0A8151EA4300435C2BAD085EC55DB185C5E16CAF961443888 ] CAD             C:\WINDOWS\System32\drivers\CAD.sys
00:30:31.0159 0x04e0  CAD - ok
00:30:31.0159 0x04e0  camsvc - ok
00:30:31.0159 0x04e0  CaptureService - ok
00:30:31.0174 0x04e0  cbdhsvc - ok
00:30:31.0190 0x04e0  [ C4EC8CEDC9D5E55812FE641ABF85E1C9, 6EEE45308D200B493B8332CE00B104142DD977362251A26D7E0A1E54CF49FCF4 ] CCleanerPerformanceOptimizerService C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
00:30:31.0206 0x04e0  CCleanerPerformanceOptimizerService - ok
00:30:31.0206 0x04e0  cdfs - ok
00:30:31.0221 0x04e0  CDPSvc - ok
00:30:31.0221 0x04e0  CDPUserSvc - ok
00:30:31.0221 0x04e0  cdrom - ok
00:30:31.0221 0x04e0  CertPropSvc - ok
00:30:31.0221 0x04e0  cht4iscsi - ok
00:30:31.0221 0x04e0  cht4vbd - ok
00:30:31.0237 0x04e0  CimFS - ok
00:30:31.0237 0x04e0  [ 115CC1E142CE29C9006D59943108DF47, 564FA08C5BEC6DAF1A83C80C9139A6E1AA7E05D251DB3BA379B57C9FDAE83E1B ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
00:30:31.0253 0x04e0  circlass - ok
00:30:31.0253 0x04e0  CldFlt - ok
00:30:31.0253 0x04e0  CLFS - ok
00:30:31.0253 0x04e0  [ 4AA6694FB767BBFF6A8EF080806447BD, 4920B3683FDE19A86453C76E08C23132B037D254AFB7147E84130C06AA90B0F8 ] CLHNServiceForPowerDVD C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
00:30:31.0268 0x04e0  CLHNServiceForPowerDVD - ok
00:30:31.0268 0x04e0  ClipSVC - ok
00:30:31.0284 0x04e0  CmBatt - ok
00:30:31.0284 0x04e0  CNG - ok
00:30:31.0284 0x04e0  [ A46B4D1484227900F7615FE2A569D828, A06B8002E7A708890222C777DDF8B67FED7015C0943C1FC4F9036E9F9DC14494 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
00:30:31.0299 0x04e0  cnghwassist - ok
00:30:31.0299 0x04e0  [ 99392FDADF3CE5EB47403E5A52866E6F, 63CEF51971EB85D9823CE9A95F1ED9907D20525ED8E32230068CC36E9082A8C3 ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys
00:30:31.0315 0x04e0  CompositeBus - ok
00:30:31.0315 0x04e0  COMSysApp - ok
00:30:31.0315 0x04e0  condrv - ok
00:30:31.0315 0x04e0  ConsentUxUserSvc - ok
00:30:31.0315 0x04e0  CoreMessagingRegistrar - ok
00:30:31.0331 0x04e0  [ C248D1CD850BDB079AE0B9774FA2EE79, A81A6625CC6BEA439E9654E1142061B6E4CC7AF6D83E09547D956B8C4FA411DB ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
00:30:31.0409 0x04e0  cphs - ok
00:30:31.0409 0x04e0  [ C8BD651E13895B93ED9EC5B4F1DF42BC, D86D6BF0BA3C09B49B3A52C86A7F3B3856A27F79EDD86A8FFA469D9A5F196E8D ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
00:30:31.0424 0x04e0  Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
00:30:31.0549 0x04e0  Detect skipped due to KSN trusted
00:30:31.0549 0x04e0  Creative ALchemy AL6 Licensing Service - ok
00:30:31.0549 0x04e0  [ C0EAD9F8AB83D41FF07303C75589C2B8, C89CAC39BCD2FA2DCC56D7EE84FF66127BCECCAE400E119FE41BF4C4D769504B ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
00:30:31.0565 0x04e0  Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
00:30:31.0706 0x04e0  Detect skipped due to KSN trusted
00:30:31.0706 0x04e0  Creative Audio Engine Licensing Service - ok
00:30:31.0721 0x04e0  CredentialEnrollmentManagerUserSvc - ok
00:30:31.0721 0x04e0  CredentialEnrollmentManagerUserSvc_3e79b - ok
00:30:31.0737 0x04e0  CryptSvc - ok
00:30:31.0753 0x04e0  [ 9D85CAA293D827271AA49D741BBBC076, E51D6ACB77AE730D12037E79CEC9A9966F503A7E4356D02BC94B6C143E8F10E4 ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
00:30:31.0768 0x04e0  CTAudSvcService - detected UnsignedFile.Multi.Generic ( 1 )
00:30:31.0909 0x04e0  Detect skipped due to KSN trusted
00:30:31.0909 0x04e0  CTAudSvcService - ok
00:30:31.0924 0x04e0  [ D3484412EAE43685E3AD304C9979F30E, 0F45C056C3E2FE541FF2BD3914CDC823CF4048A57B967E07B95DFF673E968F35 ] CyberLink PowerDVD 11.0 Monitor Service C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
00:30:31.0956 0x04e0  CyberLink PowerDVD 11.0 Monitor Service - ok
00:30:31.0956 0x04e0  [ 4B0F03AF88FF89441EF57175849C3961, E758730704E52C7D2F8D061B6D40788D3F92F490A5A2F9F01E71C3CD959CA6E7 ] CyberLink PowerDVD 11.0 Service C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe
00:30:31.0971 0x04e0  CyberLink PowerDVD 11.0 Service - ok
00:30:31.0987 0x04e0  dam - ok
00:30:31.0987 0x04e0  DcomLaunch - ok
00:30:31.0987 0x04e0  defragsvc - ok
00:30:31.0987 0x04e0  DeviceAssociationBrokerSvc - ok
00:30:32.0003 0x04e0  DeviceAssociationService - ok
00:30:32.0003 0x04e0  DeviceInstall - ok
00:30:32.0003 0x04e0  DevicePickerUserSvc - ok
00:30:32.0003 0x04e0  DevicesFlowUserSvc - ok
00:30:32.0003 0x04e0  [ F8BE99B9EA9B110F7CB3F46BA844C1FF, EABF953864C0AE4FB6426C0B7E92DD81EE4A8852081F9D2EA02B61D4C8DB6188 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
00:30:32.0049 0x04e0  DevQueryBroker - ok
00:30:32.0065 0x04e0  Dfsc - ok
00:30:32.0065 0x04e0  Dhcp - ok
00:30:32.0065 0x04e0  diagnosticshub.standardcollector.service - ok
00:30:32.0065 0x04e0  diagsvc - ok
00:30:32.0065 0x04e0  DiagTrack - ok
00:30:32.0065 0x04e0  disk - ok
00:30:32.0081 0x04e0  DispBrokerDesktopSvc - ok
00:30:32.0081 0x04e0  DisplayEnhancementService - ok
00:30:32.0081 0x04e0  DmEnrollmentSvc - ok
00:30:32.0081 0x04e0  dmvsc - ok
00:30:32.0081 0x04e0  [ 2E8A026D6680C301ADF6D4B301A4CE8B, 2FDB34E2A61457308B0FEC938A2D6351F63D02BB67DC87FE4F2534E0048C8E89 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
00:30:32.0112 0x04e0  dmwappushservice - ok
00:30:32.0112 0x04e0  Dnscache - ok
00:30:32.0112 0x04e0  dot3svc - ok
00:30:32.0128 0x04e0  [ 9E65C33CB7FB50453F7F4407070EAF53, A8707BD19D584DAECA39990A2E791194140AFCA4FCE31F23CC7E931DF8C17361 ] DPS             C:\WINDOWS\system32\dps.dll
00:30:32.0143 0x04e0  DPS - ok
00:30:32.0143 0x04e0  drmkaud - ok
00:30:32.0143 0x04e0  DsmSvc - ok
00:30:32.0159 0x04e0  DsSvc - ok
00:30:32.0159 0x04e0  [ 81DF23EC4009D307479D5C169539CD67, 65AEE1E876CBE801A763F14930D15CF2E6A10697620B5903AA04BA30585A5676 ] DusmSvc         C:\WINDOWS\System32\dusmsvc.dll
00:30:32.0190 0x04e0  DusmSvc - ok
00:30:32.0190 0x04e0  DXGKrnl - ok
00:30:32.0190 0x04e0  Eaphost - ok
00:30:32.0190 0x04e0  ebdrv - ok
00:30:32.0190 0x04e0  [ D21437C262283650E8349AFA573AC03A, 9C256D462F0640855E1AB3D2C658CB4EDD7E061EB2782FD03481196D5ED93DB5 ] edgeupdate      C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
00:30:32.0206 0x04e0  edgeupdate - ok
00:30:32.0221 0x04e0  [ D21437C262283650E8349AFA573AC03A, 9C256D462F0640855E1AB3D2C658CB4EDD7E061EB2782FD03481196D5ED93DB5 ] edgeupdatem     C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
00:30:32.0221 0x04e0  edgeupdatem - ok
00:30:32.0221 0x04e0  EFS - ok
00:30:32.0237 0x04e0  EhStorClass - ok
00:30:32.0237 0x04e0  EhStorTcgDrv - ok
00:30:32.0237 0x04e0  embeddedmode - ok
00:30:32.0237 0x04e0  EntAppSvc - ok
00:30:32.0237 0x04e0  [ DB6C3DBF15DCFE149E247B44FEA6AD46, 2AD4F0E20A48174C47D0B7E5F8EF152ED1299B8B67530DA0648DAD3E94E48F7C ] epmntdrv        C:\Windows\system32\epmntdrv.sys
00:30:32.0268 0x04e0  epmntdrv - detected UnsignedFile.Multi.Generic ( 1 )
00:30:32.0409 0x04e0  Detect skipped due to KSN trusted
00:30:32.0409 0x04e0  epmntdrv - ok
00:30:32.0424 0x04e0  ErrDev - ok
00:30:32.0440 0x04e0  [ 08C997734B2CECE882656BB2855E6E76, B3C1DEF26C9C9123D34395717220B450C705B5FA9FC8E321ADC444A4D63E6F36 ] EuGdiDrv        C:\Windows\system32\EuGdiDrv.sys
00:30:32.0456 0x04e0  EuGdiDrv - detected UnsignedFile.Multi.Generic ( 1 )
00:30:32.0581 0x04e0  Detect skipped due to KSN trusted
00:30:32.0581 0x04e0  EuGdiDrv - ok
00:30:32.0596 0x04e0  EventLog - ok
00:30:32.0596 0x04e0  EventSystem - ok
00:30:32.0612 0x04e0  exfat - ok
00:30:32.0612 0x04e0  fastfat - ok
00:30:32.0627 0x04e0  Fax - ok
00:30:32.0627 0x04e0  fdc - ok
00:30:32.0627 0x04e0  [ 0439B82F6034ADA3E71C0C9F169082BD, 0918728669077235B2F2DB7EE22CE819FA570D8A7A497BA5F11E76774EA75099 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
00:30:32.0659 0x04e0  fdPHost - ok
00:30:32.0659 0x04e0  [ AD64C91B3CC71226785DCE688842E5AB, 056E1091468D268E7970045AB329EB3DFF48BB6B22448046A14C309678847B6E ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
00:30:32.0674 0x04e0  FDResPub - ok
00:30:32.0674 0x04e0  fhsvc - ok
00:30:32.0674 0x04e0  [ 8E59D944EE4EFAED65A341A71297C4CD, CFFFD7007AB7FB04ECB44D0079BFE8EEB53AECC988135199C388AF425EBCF2AD ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
00:30:32.0690 0x04e0  FileCrypt - ok
00:30:32.0706 0x04e0  FileInfo - ok
00:30:32.0706 0x04e0  Filetrace - ok
00:30:32.0721 0x04e0  [ 72DFA987180596D9521287CCC8B724F5, FA59F2913E00F0FD27564A8131B590C28BAB94D6DF3E84D99A75BA2C5EECA1AE ] FlexNet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
00:30:32.0752 0x04e0  FlexNet Licensing Service - ok
00:30:32.0752 0x04e0  flpydisk - ok
00:30:32.0752 0x04e0  FltMgr - ok
00:30:32.0752 0x04e0  FontCache - ok
00:30:32.0768 0x04e0  FontCache3.0.0.0 - ok
00:30:32.0768 0x04e0  FrameServer - ok
00:30:32.0768 0x04e0  FsDepends - ok
00:30:32.0768 0x04e0  Fs_Rec - ok
00:30:32.0768 0x04e0  fvevol - ok
00:30:32.0768 0x04e0  [ A1E06E4E8CB863C74DE428D4D6681185, DA46502C009FD4C847A547610DEE2684A5A583467BF76009BD46104AAE2F6B1B ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
00:30:32.0799 0x04e0  gencounter - ok
00:30:32.0815 0x04e0  genericusbfn - ok
00:30:32.0831 0x04e0  [ B17D0BDBDDF4BD4709D6CA3147D409C0, B83F0D9891190226D2D7D50DE27B61B5FC04B6942C37B78856C45B3309527D9B ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
00:30:32.0846 0x04e0  GfExperienceService - ok
00:30:32.0862 0x04e0  [ 258CB477AA1EB2D98AA5C0AB53997CE8, 9F55F0BF8595C76C83C7899552A663CC0DBCEAB77F2A2C3A731503C15866F6C9 ] GM312Fltr       C:\WINDOWS\system32\drivers\GM312Fltr.sys
00:30:32.0862 0x04e0  GM312Fltr - ok
00:30:32.0893 0x04e0  [ 1787D90390CEF982B4AC730A8270FD39, B05C155A3CB933E4FD1F1E82916BA482C4F317239205B32551FF44CC5A479C05 ] GoogleChromeElevationService C:\Program Files (x86)\Google\Chrome\Application\102.0.5005.115\elevation_service.exe
00:30:32.0940 0x04e0  GoogleChromeElevationService - ok
00:30:32.0940 0x04e0  GPIOClx0101 - ok
00:30:32.0940 0x04e0  gpsvc - ok
00:30:32.0940 0x04e0  [ 8C06046B6A8C1ACDAEA15682058FDFB4, 3E0CC301249B7D8D5BEB932F4DFD1EAB8037679EC153772F63B430713903B0AC ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
00:30:32.0956 0x04e0  GpuEnergyDrv - ok
00:30:32.0956 0x04e0  GraphicsPerfSvc - ok
00:30:32.0971 0x04e0  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:30:32.0971 0x04e0  gupdate - ok
00:30:32.0971 0x04e0  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:30:32.0987 0x04e0  gupdatem - ok
00:30:32.0987 0x04e0  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
00:30:33.0002 0x04e0  gusvc - ok
00:30:33.0002 0x04e0  HdAudAddService - ok
00:30:33.0002 0x04e0  HDAudBus - ok
00:30:33.0002 0x04e0  HidBatt - ok
00:30:33.0002 0x04e0  HidBth - ok
00:30:33.0002 0x04e0  hidi2c - ok
00:30:33.0018 0x04e0  hidinterrupt - ok
00:30:33.0018 0x04e0  [ 6B46E3061EC0523CB46ED28060FCD946, 6089305AF73CC584963865482448CD5CA4252EC9BD3E72AF16D45E4F95C3EBF2 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
00:30:33.0034 0x04e0  HidIr - ok
00:30:33.0034 0x04e0  hidserv - ok
00:30:33.0034 0x04e0  hidspi - ok
00:30:33.0034 0x04e0  HidUsb - ok
00:30:33.0034 0x04e0  HpSAMD - ok
00:30:33.0034 0x04e0  HTTP - ok
00:30:33.0049 0x04e0  [ 849A66D34BC2DAD0044FAC2FEE1AF956, A5F6858AA556D9180C303EA3ED02EB6D6D8EB55A100B3918654281A01198D8E8 ] hvcrash         C:\WINDOWS\System32\drivers\hvcrash.sys
00:30:33.0049 0x04e0  hvcrash - ok
00:30:33.0049 0x04e0  [ 855F55BB462B7D8B6BC31A94A592DF3D, 776C772E69CF9D81D8511201813DD79F2106DC7D2547B4FA700432AE9B73C202 ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
00:30:33.0081 0x04e0  HvHost - ok
00:30:33.0081 0x04e0  hvservice - ok
00:30:33.0096 0x04e0  [ 5DC7DFED5FEDD923B874B51D0C6752BB, 69714A8B74EB02282572B34E156051FFC10693B816905CE18A8C6C8CCB95B846 ] HwNClx0101      C:\WINDOWS\system32\Drivers\mshwnclx.sys
00:30:33.0096 0x04e0  HwNClx0101 - ok
00:30:33.0112 0x04e0  hwpolicy - ok
00:30:33.0112 0x04e0  hyperkbd - ok
00:30:33.0112 0x04e0  HyperVideo - ok
00:30:33.0112 0x04e0  i8042prt - ok
00:30:33.0112 0x04e0  iagpio - ok
00:30:33.0112 0x04e0  iai2c - ok
00:30:33.0127 0x04e0  iaLPSS2i_GPIO2 - ok
00:30:33.0127 0x04e0  iaLPSS2i_GPIO2_BXT_P - ok
00:30:33.0127 0x04e0  iaLPSS2i_GPIO2_CNL - ok
00:30:33.0127 0x04e0  iaLPSS2i_GPIO2_GLK - ok
00:30:33.0127 0x04e0  iaLPSS2i_I2C - ok
00:30:33.0127 0x04e0  iaLPSS2i_I2C_BXT_P - ok
00:30:33.0143 0x04e0  iaLPSS2i_I2C_CNL - ok
00:30:33.0143 0x04e0  iaLPSS2i_I2C_GLK - ok
00:30:33.0143 0x04e0  iaLPSSi_GPIO - ok
00:30:33.0143 0x04e0  iaLPSSi_I2C - ok
00:30:33.0143 0x04e0  iaStorAVC - ok
00:30:33.0143 0x04e0  iaStorV - ok
00:30:33.0159 0x04e0  ibbus - ok
00:30:33.0159 0x04e0  icssvc - ok
00:30:33.0268 0x04e0  [ E4E5B3C6EC025DFC8DEB31BA9EACC3F3, 44D4CEB5B4B981838CE9A969F14DAEB3E2B0AD8415FCF984194EC7DF9F514699 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
00:30:33.0393 0x04e0  igfx - ok
00:30:33.0409 0x04e0  [ 4548476A880376F4EA87908543F11DDB, 0E07CB97A539A536BBD1D989FB1C547686B69259D9DA83B4EF939DC9617A2DFD ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
00:30:33.0424 0x04e0  igfxCUIService2.0.0.0 - ok
00:30:33.0424 0x04e0  IKEEXT - ok
00:30:33.0424 0x04e0  [ 5DA68316CE804653D0ECA95691A6EB82, 9EB7BD46C6E85A365DE6F7A3B95D6FBB5D068051F0D6752EF3A8DF9202FBBA9A ] ImDisk          C:\WINDOWS\system32\DRIVERS\imdisk.sys
00:30:33.0440 0x04e0  ImDisk - ok
00:30:33.0440 0x04e0  [ 579815EA4FABB7D2C391C2E24BC42E9B, 4665B11F21B6BF648E5A78FF18E045F45A149A3069FE2B9EA333333DA1F13C6A ] ImDskSvc        C:\WINDOWS\system32\imdsksvc.exe
00:30:33.0456 0x04e0  ImDskSvc - ok
00:30:33.0456 0x04e0  IndirectKmd - ok
00:30:33.0471 0x04e0  InstallService - ok
00:30:33.0534 0x04e0  [ 3A2D6740F51BE48C0FD01AD907329DEE, 4FD899CD6E3B3D5C9803E52CB72F002B6CFC144D524FAF6845CF6D115EC6E059 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
00:30:33.0596 0x04e0  IntcAzAudAddService - ok
00:30:33.0612 0x04e0  [ E300D1E37B737ED14F7A08CD5604E5D9, 5C1135081E29D7F4A97D5CAA2C8FBE1DD04EC7A3D8E648E69F2AA9EBDD88EBBB ] IntcDAud        C:\WINDOWS\System32\drivers\IntcDAud.sys
00:30:33.0627 0x04e0  IntcDAud - ok
00:30:33.0643 0x04e0  [ 5E7F2CE9E9BF48521298D1C6729145C5, 0FD2350D5A26EDEA4F83F2E3D22FD0047AEA4623096C6FF7A70F8248B185FBC8 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
00:30:33.0674 0x04e0  Intel(R) Capability Licensing Service TCP IP Interface - ok
00:30:33.0674 0x04e0  intelide - ok
00:30:33.0674 0x04e0  intelpep - ok
00:30:33.0674 0x04e0  [ AECBF5BE2F9A2A50B978E0BF31041A81, A62F436C66DEFEB438A7891857DFB830995714A7E4FE4BDCA6B4EB1606BD2101 ] intelpmax       C:\WINDOWS\System32\drivers\intelpmax.sys
00:30:33.0690 0x04e0  intelpmax - ok
00:30:33.0690 0x04e0  intelppm - ok
00:30:33.0690 0x04e0  iorate - ok
00:30:33.0690 0x04e0  IpFilterDriver - ok
00:30:33.0706 0x04e0  iphlpsvc - ok
00:30:33.0706 0x04e0  IPMIDRV - ok
00:30:33.0706 0x04e0  IPNAT - ok
00:30:33.0706 0x04e0  [ B5B6D1F86E40E785D6650DB923DB6BEA, 7A2D92A2274E0379B5FA6351D18E2F0DD55960BB783EA3528FE9E303E1A4256D ] IPT             C:\WINDOWS\System32\drivers\ipt.sys
00:30:33.0721 0x04e0  IPT - ok
00:30:33.0721 0x04e0  [ 77494E26B28465D2A09B9455F8A3B34E, B778D4BC71A5F5CF687175CA53AC342E4740156D4B96E6E96D918BD46C2C1459 ] IpxlatCfgSvc    C:\WINDOWS\System32\IpxlatCfg.dll
00:30:33.0737 0x04e0  IpxlatCfgSvc - ok
00:30:33.0737 0x04e0  isapnp - ok
00:30:33.0752 0x04e0  iScsiPrt - ok
00:30:33.0752 0x04e0  ItSas35i - ok
00:30:33.0752 0x04e0  [ 1C3EF75B521DB60E951711440648B0D5, 95F594ADB6CCDE5CB7E0601B90A611D3A39485419D078CEB6DB84FFC0AC7E6A7 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
00:30:33.0768 0x04e0  jhi_service - ok
00:30:33.0768 0x04e0  kbdclass - ok
00:30:33.0768 0x04e0  kbdhid - ok
00:30:33.0768 0x04e0  kdnic - ok
00:30:33.0768 0x04e0  KeyIso - ok
00:30:33.0784 0x04e0  KillerEth - ok
00:30:33.0784 0x04e0  KSecDD - ok
00:30:33.0784 0x04e0  KSecPkg - ok
00:30:33.0784 0x04e0  ksthunk - ok
00:30:33.0799 0x04e0  [ DAE67BD7EC6ED569438F5CA38BFBB458, 672CA98525D6DD799A01A3BC3A62AB7B4544D62ECEB3615FAC05BFB97B389D23 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
00:30:33.0877 0x04e0  KtmRm - ok
00:30:33.0877 0x04e0  LanmanServer - ok
00:30:33.0877 0x04e0  LanmanWorkstation - ok
00:30:33.0877 0x04e0  [ A997488F4EDAAD59C748CF9FB1D9DAC0, A0B145041F984DD4E0A6F8D0E9C8363DA6F2DA7460E140F028C320CEAC03759C ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
00:30:33.0893 0x04e0  lfsvc - ok
00:30:33.0909 0x04e0  libusb0 - ok
00:30:33.0909 0x04e0  LicenseManager - ok
00:30:33.0909 0x04e0  [ 78779BD92081CB27967E77561683AFBE, 05EC91E194336D1BB1EE323E70FAC54F6DC0CEF53FD4925F394399531A37A0DD ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
00:30:33.0924 0x04e0  lltdio - ok
00:30:33.0924 0x04e0  lltdsvc - ok
00:30:33.0924 0x04e0  lmhosts - ok
00:30:33.0940 0x04e0  [ 631ABC3E8FF50F9B70B9A52568B1F5F6, 9F3286C95A2D2BFA0D7082F648E2FBBA339C06188F950AE1FE3A797B644AD813 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
00:30:33.0955 0x04e0  LMS - ok
00:30:33.0955 0x04e0  LSI_SAS - ok
00:30:33.0955 0x04e0  LSI_SAS2i - ok
00:30:33.0955 0x04e0  LSI_SAS3i - ok
00:30:33.0955 0x04e0  LSI_SSS - ok
00:30:33.0971 0x04e0  LSM - ok
00:30:33.0971 0x04e0  luafv - ok
00:30:33.0971 0x04e0  LxpSvc - ok
00:30:33.0971 0x04e0  [ AE03D8F1B7863268EAED2FE0105ED75F, F5172A1A3E24FC5271FCB0118861EA0EC33AA8ABB01AE9CAD50E2F032B92486C ] MapsBroker      C:\WINDOWS\System32\moshost.dll
00:30:34.0002 0x04e0  MapsBroker - ok
00:30:34.0002 0x04e0  mausbhost - ok
00:30:34.0002 0x04e0  mausbip - ok
00:30:34.0002 0x04e0  [ 6A21162E1C8A9F65787B14BC439EB077, 8B7990E1C676F53918E41F6B18B20179D77E598352D9243B05E2EA22B2D9E4FE ] MBAMChameleon   C:\WINDOWS\System32\Drivers\MbamChameleon.sys
00:30:34.0034 0x04e0  MBAMChameleon - ok
00:30:34.0034 0x04e0  [ 9E77C51E14FA9A323EE1635DC74ECC07, B5619D758AE6A65C1663F065E53E6B68A00511E7D7ACCB3E07ED94BFD0B1EDE0 ] MbamElam        C:\WINDOWS\system32\DRIVERS\MbamElam.sys
00:30:34.0049 0x04e0  MbamElam - ok
00:30:34.0159 0x04e0  [ 0C36E7F85B910C6346355A1DD86F9D1E, 1BE288560186EC30A150295DA6F13C15C73DFC7E3FDB866F66BE68D749E12BCC ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
00:30:34.0330 0x04e0  MBAMService - ok
00:30:34.0346 0x04e0  [ 1DC6D344EE9B6B024BA23278891DB9A5, 823E1C7321E177B006C1F3FD1EC8B99607A12D2C3C321F3A6CBBCF7030B6C240 ] MBAMSwissArmy   C:\WINDOWS\System32\Drivers\mbamswissarmy.sys
00:30:34.0362 0x04e0  MBAMSwissArmy - ok
00:30:34.0362 0x04e0  MbbCx - ok
00:30:34.0362 0x04e0  [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt          C:\WINDOWS\system32\drivers\MBfilt64.sys
00:30:34.0377 0x04e0  MBfilt - ok
00:30:34.0377 0x04e0  megasas - ok
00:30:34.0377 0x04e0  megasas2i - ok
00:30:34.0377 0x04e0  megasas35i - ok
00:30:34.0377 0x04e0  megasr - ok
00:30:34.0393 0x04e0  [ 3484F25E401832D1143CEA73EFFFDF33, F7F305F2527DC427BD48FF0994D70E44FBBC102BAF0DE96CF201C7837977A2E2 ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
00:30:34.0409 0x04e0  MEIx64 - ok
00:30:34.0409 0x04e0  MessagingService - ok
00:30:34.0409 0x04e0  MicrosoftEdgeElevationService - ok
00:30:34.0409 0x04e0  [ B74FFC6301B3312A9F59E04E487BC72A, 76F71824E80D10EB71BEDE5EE3A64CAD7CAC3DDFBB6670D1537E6B75FF0217E9 ] Microsoft_Bluetooth_AvrcpTransport C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys
00:30:34.0424 0x04e0  Microsoft_Bluetooth_AvrcpTransport - ok
00:30:34.0424 0x04e0  MixedRealityOpenXRSvc - ok
00:30:34.0440 0x04e0  mlx4_bus - ok
00:30:34.0440 0x04e0  MMCSS - ok
00:30:34.0440 0x04e0  Modem - ok
00:30:34.0440 0x04e0  monitor - ok
00:30:34.0440 0x04e0  mouclass - ok
00:30:34.0440 0x04e0  mouhid - ok
00:30:34.0455 0x04e0  mountmgr - ok
00:30:34.0455 0x04e0  mpsdrv - ok
00:30:34.0455 0x04e0  mpssvc - ok
00:30:34.0455 0x04e0  [ 5AE0BB0321E93008E78B1394E0A5A660, 8E691EF94A164F47EC745E41DC8089F32C6045A0749398F843E1AF726DD0EF28 ] MQAC            C:\WINDOWS\system32\drivers\mqac.sys
00:30:34.0471 0x04e0  MQAC - ok
00:30:34.0471 0x04e0  MRxDAV - ok
00:30:34.0487 0x04e0  mrxsmb - ok
00:30:34.0487 0x04e0  mrxsmb20 - ok
00:30:34.0487 0x04e0  [ E587396A4C8151ABBF13A96C4465DE31, A3AA5D51E34657479CFCDC3DBB7821B7255F7CB57D5686B7F709A7953AD537EB ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
00:30:34.0502 0x04e0  MsBridge - ok
00:30:34.0502 0x04e0  [ 2EF846AC66E181BE820B513DBC15B5D2, EDFE71025C352D0DABEC7B9506C5945BB0EC11F8DB540DB8CB1116C2EA1648A8 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
00:30:34.0534 0x04e0  MSDTC - ok
00:30:34.0534 0x04e0  Msfs - ok
00:30:34.0534 0x04e0  [ 6092FD060EC4132A799BDAD61845DDB7, B45F9D3A71FC8A73AED3C5B8CF6F14A25EBDD3D4D47C9F39FFCD75C7D22F4A9E ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
00:30:34.0549 0x04e0  msgpiowin32 - ok
00:30:34.0549 0x04e0  mshidkmdf - ok
00:30:34.0549 0x04e0  [ 9E90FE6DF363D2427A5C773120E7B27D, 1FDB7E28CCAF757603C4B754E1AC9C470E5E60E85DE067375902F108F5E34608 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
00:30:34.0565 0x04e0  mshidumdf - ok
00:30:34.0565 0x04e0  msisadrv - ok
00:30:34.0565 0x04e0  MSiSCSI - ok
00:30:34.0565 0x04e0  msiserver - ok
00:30:34.0580 0x04e0  MSKSSRV - ok
00:30:34.0580 0x04e0  [ 9FB5040C8CEAE4C32B7884ECBBCAFDAF, 0EC3E53C5B1B202440DE22A5BF7E1EBE9AF5BBB6BA69DB9D018A6D8EC97B477E ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
00:30:34.0596 0x04e0  MsLldp - ok
00:30:34.0596 0x04e0  [ AEC7A2ADEEA66EF5F748E71C47BB98EE, 31C40262695497117CBA5693A0EF1C4FCD84B27563592271B60F28F4AF6888C2 ] MSMQ            C:\WINDOWS\system32\mqsvc.exe
00:30:34.0612 0x04e0  MSMQ - ok
00:30:34.0612 0x04e0  MSPCLOCK - ok
00:30:34.0612 0x04e0  MSPQM - ok
00:30:34.0612 0x04e0  MsQuic - ok
00:30:34.0627 0x04e0  MsRPC - ok
00:30:34.0627 0x04e0  mssmbios - ok
00:30:34.0627 0x04e0  MSTEE - ok
00:30:34.0627 0x04e0  MTConfig - ok
00:30:34.0627 0x04e0  Mup - ok
00:30:34.0627 0x04e0  mvumis - ok
00:30:34.0643 0x04e0  NativeWifiP - ok
00:30:34.0643 0x04e0  NaturalAuthentication - ok
00:30:34.0643 0x04e0  [ D47A20839608B8213065D7AFC8C42195, 7B0187BE9705ED2F925616C13B3744BAC0A9C96B21BE503D96BC9EE7EE125B33 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
00:30:34.0674 0x04e0  NcaSvc - ok
00:30:34.0674 0x04e0  NcbService - ok
00:30:34.0674 0x04e0  [ 8C938E851CDF2CE30BBEA14555B61820, F853F526C811893BD40B1124BAEC543099381E7BF091729B6A6665DF3CE10B94 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
00:30:34.0705 0x04e0  NcdAutoSetup - ok
00:30:34.0705 0x04e0  ndfltr - ok
00:30:34.0705 0x04e0  NDIS - ok
00:30:34.0705 0x04e0  [ 6BEC0929C7A7BF2A7C44F585ECC7DAEB, 5F6395268CBD26A4B90960479040C114B2C8A3F24C188C2D5F62D6AB43A637D1 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
00:30:34.0721 0x04e0  NdisCap - ok
00:30:34.0721 0x04e0  NdisImPlatform - ok
00:30:34.0721 0x04e0  NdisTapi - ok
00:30:34.0737 0x04e0  Ndisuio - ok
00:30:34.0737 0x04e0  NdisVirtualBus - ok
00:30:34.0737 0x04e0  NdisWan - ok
00:30:34.0737 0x04e0  ndiswanlegacy - ok
00:30:34.0752 0x04e0  [ 33CDAEDC7CBE8339A8324CEC2461BFB4, DAAEACDB4506D2BDDED61957D92FB4983E11D9CE6E7B25119B4CBFB431C945F4 ] NDKPing         C:\WINDOWS\system32\drivers\NDKPing.sys
00:30:34.0752 0x04e0  NDKPing - ok
00:30:34.0752 0x04e0  ndproxy - ok
00:30:34.0768 0x04e0  [ 77621E74FD79B267071A0D12C643A48A, 8228B7D1237A0FFABCCC150B299EA494C8F0CB4CCB51AB0DBFF08CBAA9EFC4BB ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
00:30:34.0784 0x04e0  Ndu - ok
00:30:34.0784 0x04e0  NetAdapterCx - ok
00:30:34.0784 0x04e0  NetBIOS - ok
00:30:34.0784 0x04e0  NetBT - ok
00:30:34.0784 0x04e0  Netlogon - ok
00:30:34.0799 0x04e0  Netman - ok
00:30:34.0799 0x04e0  [ B9D455C60292DF5FCB064834CA5802AA, 75DCE4E5FA08CCEAF4D3D30FE8E26903FCDD14CC852E820F63B40F374C706DBD ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:30:34.0815 0x04e0  NetMsmqActivator - ok
00:30:34.0815 0x04e0  [ B9D455C60292DF5FCB064834CA5802AA, 75DCE4E5FA08CCEAF4D3D30FE8E26903FCDD14CC852E820F63B40F374C706DBD ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:30:34.0830 0x04e0  NetPipeActivator - ok
00:30:34.0830 0x04e0  netprofm - ok
00:30:34.0830 0x04e0  NetSetupSvc - ok
00:30:34.0830 0x04e0  [ B9D455C60292DF5FCB064834CA5802AA, 75DCE4E5FA08CCEAF4D3D30FE8E26903FCDD14CC852E820F63B40F374C706DBD ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:30:34.0846 0x04e0  NetTcpActivator - ok
00:30:34.0846 0x04e0  [ B9D455C60292DF5FCB064834CA5802AA, 75DCE4E5FA08CCEAF4D3D30FE8E26903FCDD14CC852E820F63B40F374C706DBD ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:30:34.0862 0x04e0  NetTcpPortSharing - ok
00:30:34.0862 0x04e0  netvsc - ok
00:30:34.0971 0x04e0  [ 39EDE676D17F37AF4573C2B33EC28ACA, 6C897C8B72D7AC1385302E58509688790CC5F428E967485F92C3CD646907EF59 ] NETw5s64        C:\WINDOWS\system32\DRIVERS\NETw5s64.sys
00:30:35.0160 0x04e0  NETw5s64 - ok
00:30:35.0175 0x04e0  NgcCtnrSvc - ok
00:30:35.0175 0x04e0  NgcSvc - ok
00:30:35.0175 0x04e0  NlaSvc - ok
00:30:35.0191 0x04e0  [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] NPF             C:\WINDOWS\system32\drivers\npf.sys
00:30:35.0191 0x04e0  NPF - ok
00:30:35.0191 0x04e0  Npfs - ok
00:30:35.0206 0x04e0  npsvctrig - ok
00:30:35.0206 0x04e0  nsi - ok
00:30:35.0206 0x04e0  nsiproxy - ok
00:30:35.0206 0x04e0  Ntfs - ok
00:30:35.0222 0x04e0  [ 7420B2E1F65642129B6E23BD42F752AA, 8BFC6B2070912B3F9A63BFCCD3C631937E4070CD76C4A82DBB2CE6F4CED7D3B4 ] ntk_PowerDVD    C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys
00:30:35.0222 0x04e0  ntk_PowerDVD - ok
00:30:35.0222 0x04e0  Null - ok
00:30:35.0222 0x04e0  nvdimm - ok
00:30:35.0238 0x04e0  [ EA4F586EC10A09E2514D03D3E7AB89BF, D9799CC66AEAFB3A83CE82BBC20082F5E3370AB7942B8426D71AA91B1FE2B5F7 ] NVFLASH         C:\Windows\system32\drivers\nvflash.sys
00:30:35.0238 0x04e0  NVFLASH - ok
00:30:35.0238 0x04e0  [ ABB68652E13D1B2ED20436717F49856F, C59A6708F78218DEB0AC6D68055C9B4443EA13E33266B8F350610466F6D492EE ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
00:30:35.0253 0x04e0  NVHDA - ok
00:30:35.0269 0x04e0  nvlddmkm - ok
00:30:35.0300 0x04e0  [ C2909BD26906E1D05D77B1D48B48E94A, 5642571FFDBDC63F0E3B1477337103517ABF7C50EBEDA63EF8E162E44C7B2538 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
00:30:35.0331 0x04e0  NvNetworkService - ok
00:30:35.0331 0x04e0  nvraid - ok
00:30:35.0331 0x04e0  nvstor - ok
00:30:35.0347 0x04e0  [ 60C9EC53F9CFBFBE38E9C79B88A6B19F, D89D6C62AB0A3224D850B639E4D7D7265BF183BEE0C60F27FEDDF0194504B078 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
00:30:35.0347 0x04e0  NvStreamKms - ok
00:30:35.0347 0x04e0  [ 27898446EB58E832A30321E211500CBB, 5B3354C372DF32D1F25996A69637F18D11856B226E22CF84AC04DB6544EED92E ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
00:30:35.0363 0x04e0  nvvad_WaveExtensible - ok
00:30:35.0363 0x04e0  OneSyncSvc - ok
00:30:35.0363 0x04e0  [ B197683E3828E48E8258E13B99A02EF9, 9C5C712DC2AD1B559FB14891E7C53395447821FC7F60D843FC7AC0DAA90FEA68 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:30:35.0378 0x04e0  ose64 - ok
00:30:35.0378 0x04e0  p2pimsvc - ok
00:30:35.0394 0x04e0  p2psvc - ok
00:30:35.0394 0x04e0  Parport - ok
00:30:35.0394 0x04e0  partmgr - ok
00:30:35.0394 0x04e0  PcaSvc - ok
00:30:35.0410 0x04e0  pci - ok
00:30:35.0410 0x04e0  pciide - ok
00:30:35.0410 0x04e0  pcmcia - ok
00:30:35.0410 0x04e0  pcw - ok
00:30:35.0410 0x04e0  pdc - ok
00:30:35.0410 0x04e0  PEAUTH - ok
00:30:35.0425 0x04e0  perceptionsimulation - ok
00:30:35.0425 0x04e0  percsas2i - ok
00:30:35.0425 0x04e0  percsas3i - ok
00:30:35.0441 0x04e0  [ 2FC7CFCEDBF7E038351C7CEB1036D2E1, 41D7DA706F0CF613DF768B6795CD09C5C1035F9F101051FB58F5042EB4352DB6 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
00:30:35.0488 0x04e0  PerfHost - ok
00:30:35.0503 0x04e0  [ 7513D18BAAFA3384276F74AE45D19D40, 2F7801552AE07F3C3D1ED3EA62A3EB3F7DDEDA1CEE20123EADC4E416A4550E3D ] phantomtap      C:\WINDOWS\System32\drivers\phantomtap.sys
00:30:35.0519 0x04e0  phantomtap - ok
00:30:35.0519 0x04e0  PhoneSvc - ok
00:30:35.0519 0x04e0  PimIndexMaintenanceSvc - ok
00:30:35.0519 0x04e0  PktMon - ok
00:30:35.0550 0x04e0  [ 9E431A5D697432DD6F4DB48C9A185104, 44C16E194258C9143A45F4022F9C5DE229E217D6FF7F944F105FE631BE9EF4A7 ] pla             C:\WINDOWS\system32\pla.dll
00:30:35.0613 0x04e0  pla - ok
00:30:35.0628 0x04e0  PlugPlay - ok
00:30:35.0628 0x04e0  pmem - ok
00:30:35.0628 0x04e0  [ 2769F200292C0F941A10BD60C33EA4A6, B8345C32585C45E6248D7194B1071F2B8617718E7C9B270AAF44C132D029DB4C ] PNPMEM          C:\WINDOWS\System32\drivers\pnpmem.sys
00:30:35.0644 0x04e0  PNPMEM - ok
00:30:35.0644 0x04e0  [ 6AAAC8AD69AEFBE5FE04738B687EE85E, 83427082298E2FC021D5D39A43DB4A5783D95213F2CA8D3A997DB6C815BD9CB2 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
00:30:35.0660 0x04e0  PNRPAutoReg - ok
00:30:35.0660 0x04e0  PNRPsvc - ok
00:30:35.0675 0x04e0  PolicyAgent - ok
00:30:35.0675 0x04e0  portcfg - ok
00:30:35.0675 0x04e0  Power - ok
00:30:35.0675 0x04e0  PptpMiniport - ok
00:30:35.0738 0x04e0  [ 3127E95DA937135CD3D3219C40956072, E6B6A97A79D8389EFC51EBAFF1007D4DACFAB0C142BC189C66CD2E6FFF8DC65E ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
00:30:35.0831 0x04e0  PrintNotify - ok
00:30:35.0847 0x04e0  PrintWorkflowUserSvc - ok
00:30:35.0847 0x04e0  Processor - ok
00:30:35.0847 0x04e0  ProfSvc - ok
00:30:35.0847 0x04e0  Psched - ok
00:30:35.0863 0x04e0  PushToInstall - ok
00:30:35.0863 0x04e0  [ 86D9A906B8467AE1E331296AFE0F083F, 01B332F0A291C64EB537D17E8B971D0157C72606F9396BAAF2C4479519E26353 ] Qualcomm Atheros Killer Service V2 C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
00:30:35.0878 0x04e0  Qualcomm Atheros Killer Service V2 - detected UnsignedFile.Multi.Generic ( 1 )
00:30:36.0019 0x04e0  Detect skipped due to KSN trusted
00:30:36.0019 0x04e0  Qualcomm Atheros Killer Service V2 - ok
00:30:36.0035 0x04e0  QWAVE - ok
00:30:36.0050 0x04e0  [ CE51A9A997D2830C6C64A36D7F8D8879, 706D683CAF92C259C121222446D34ED43F6E8872407C3615E2ED118ACD24D21D ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
00:30:36.0081 0x04e0  QWAVEdrv - ok
00:30:36.0081 0x04e0  Ramdisk - ok
00:30:36.0097 0x04e0  RasAcd - ok
00:30:36.0097 0x04e0  RasAgileVpn - ok
00:30:36.0097 0x04e0  RasAuto - ok
00:30:36.0097 0x04e0  Rasl2tp - ok
00:30:36.0113 0x04e0  RasMan - ok
00:30:36.0113 0x04e0  RasPppoe - ok
00:30:36.0113 0x04e0  RasSstp - ok
00:30:36.0128 0x04e0  [ 90ABF3C40D46563775A3F6E95B9B1490, 727C55C0FCE9CCD853AAE232173C8F0721B0FE75646B6C3F9541775E7A4D80DC ] Razer Update Service C:\Program Files (x86)\Razer\RzUpdateEngineService\RzUpdateEngineService.exe
00:30:36.0128 0x04e0  Razer Update Service - ok
00:30:36.0144 0x04e0  rdbss - ok
00:30:36.0144 0x04e0  [ B7BAD23CA994EFF8EA11261626326004, 056495FB4A54984CE9D28D7B45550990D4A4B0736669F0F69138BEF51A695EFA ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
00:30:36.0160 0x04e0  rdpbus - ok
00:30:36.0160 0x04e0  RDPDR - ok
00:30:36.0160 0x04e0  RdpVideoMiniport - ok
00:30:36.0175 0x04e0  [ B4A6F3BFB5A07DAF4E18C14A6337A226, F906865E349390D24A3DCBC563154BBB9F307B97361832BE93BC9D44A9F3B486 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
00:30:36.0175 0x04e0  rdyboost - ok
00:30:36.0191 0x04e0  ReFS - ok
00:30:36.0191 0x04e0  ReFSv1 - ok
00:30:36.0191 0x04e0  RemoteAccess - ok
00:30:36.0191 0x04e0  [ 58B3C0A2B0C130838588EF519ADCE495, 60360DD8EA1802C8F95EB93531FF9666BE1148253E6A1BD706D4CA98955C0F6E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
00:30:36.0238 0x04e0  RemoteRegistry - ok
00:30:36.0238 0x04e0  RetailDemo - ok
00:30:36.0238 0x04e0  [ D2EE9CCE0187C616E50D61EB30ECA262, 825C918D22FC8DBF3EE9BDB41D121A0AC3CCBFFBA147E2B26F0197552E0675DE ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
00:30:36.0253 0x04e0  RFCOMM - ok
00:30:36.0269 0x04e0  [ 4DD0EFE49F0C020DAFEAE6F5F231362C, DF04978AF6CD34C8251B3DDE381CD77518684DCB1D2B16BD2DAFEE63AC9D5858 ] rhproxy         C:\WINDOWS\System32\drivers\rhproxy.sys
00:30:36.0285 0x04e0  rhproxy - ok
00:30:36.0285 0x04e0  RmSvc - ok
00:30:36.0285 0x04e0  [ B60F58F175DE20A6739194E85B035178, 6E66D6041AF0B69896E4556F9FF3A3AA70CF4B09FFBE68E14E60313C5E3FFDDB ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
00:30:36.0300 0x04e0  rpcapd - ok
00:30:36.0300 0x04e0  RpcEptMapper - ok
00:30:36.0300 0x04e0  [ D45676C47616B9ABBFAEC97DD3B240A8, E13985D667F66B7A0082356F23270F61A57B8C2DD211B1E09D66D7970D7B4D6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
00:30:36.0316 0x04e0  RpcLocator - ok
00:30:36.0316 0x04e0  RpcSs - ok
00:30:36.0316 0x04e0  [ EABD30C39742A79913B595A5B6F809D4, 9067160F566220A2B21FEEE181729A796A3F3EECF75FFB75815BE5CCC7BBA64F ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
00:30:36.0331 0x04e0  rspndr - ok
00:30:36.0456 0x04e0  [ 458B1858BE5C8582558168FEE4630675, E8742FCEA7B34FE5DE45118CB0A1218C58FBEB7D69D7C91A5D141AB5C6559E9E ] RtlWlanu        C:\WINDOWS\System32\drivers\rtwlanu.sys
00:30:36.0628 0x04e0  RtlWlanu - ok
00:30:36.0644 0x04e0  [ 6539E801861C94854F0B668ABB197C90, 2AC7EAB351D996750997BFCA60013C08F5266975AB05CC7CFD3125CEA57BA67B ] RzSndSrv        C:\WINDOWS\system32\RZSurroundService.exe
00:30:36.0659 0x04e0  RzSndSrv - ok
00:30:36.0675 0x04e0  [ F514385984D3C4B40BCD9F6B0FA63FB2, B4EF487363D32FA8085AFF077084F0BDE6BE8CD6974B2AB638DB4F04224EAA00 ] RzThxSrv        C:\WINDOWS\system32\RZTHXService.exe
00:30:36.0691 0x04e0  RzThxSrv - ok
00:30:36.0691 0x04e0  [ 5914CC0C1E99A3C1711BDB1E224526D1, 54BB8636F27282B396D487B3FEA8BD73F2F6FE6DA4DE8D718EE498F75A6A5DCE ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
00:30:36.0706 0x04e0  s3cap - ok
00:30:36.0706 0x04e0  SamSs - ok
00:30:36.0706 0x04e0  sbp2port - ok
00:30:36.0706 0x04e0  SCardSvr - ok
00:30:36.0706 0x04e0  ScDeviceEnum - ok
00:30:36.0722 0x04e0  scfilter - ok
00:30:36.0722 0x04e0  Schedule - ok
00:30:36.0722 0x04e0  scmbus - ok
00:30:36.0722 0x04e0  SCPolicySvc - ok
00:30:36.0722 0x04e0  sdbus - ok
00:30:36.0738 0x04e0  [ 3200667DB433F0A2032FAF4DC02E2089, 5E940CA63AD21CEA08C334AC61D985BAFDBA7DCB2D388F355B5C72EFA3E23E0A ] SDFRd           C:\WINDOWS\System32\drivers\SDFRd.sys
00:30:36.0738 0x04e0  SDFRd - ok
00:30:36.0738 0x04e0  SDRSVC - ok
00:30:36.0753 0x04e0  sdstor - ok
00:30:36.0753 0x04e0  [ 016706A76857F914C99D2472B1E79BF9, 39A114EB591E243E0429DA7279413F046626DE7B52E057DDBCD26A0A1BF327FB ] seclogon        C:\WINDOWS\system32\seclogon.dll
00:30:36.0769 0x04e0  seclogon - ok
00:30:36.0784 0x04e0  [ 5FC975B95F1B4FC4CBAE89FDD1E7B3B4, 2F0A20CAE263837693594ED813528C640F7CD9B6BF0479346065BD957D54E1B2 ] secnvme         C:\WINDOWS\system32\drivers\secnvme.sys
00:30:36.0784 0x04e0  secnvme - ok
00:30:36.0784 0x04e0  [ 3C0EB477839E4B48FEF3F790F8A4FF61, E3A69D2E0A4B15738A7265D0A0D3C1C26695C3D566D61FF06B1BCED445BB78F5 ] secnvmeF        C:\WINDOWS\system32\drivers\secnvmeF.sys
00:30:36.0800 0x04e0  secnvmeF - ok
00:30:36.0800 0x04e0  SecurityHealthService - ok
00:30:36.0800 0x04e0  SEMgrSvc - ok
00:30:36.0800 0x04e0  [ 1EA7972A4C7163FF1D3EFE9988404D4E, 56A94B1617815C1E8A79D832B0F0CBA683C3080105CC4C87DBB9B8EAB4CD2690 ] SENS            C:\WINDOWS\System32\sens.dll
00:30:36.0831 0x04e0  SENS - ok
00:30:36.0831 0x04e0  SensorDataService - ok
00:30:36.0831 0x04e0  SensorService - ok
00:30:36.0831 0x04e0  [ 0BCFFAD6F3B180DD60C941B01768F733, A0B73C1BF636F14504B69606999287B6FE148C958A4F6E31E9022FF129A048E0 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
00:30:36.0863 0x04e0  SensrSvc - ok
00:30:36.0863 0x04e0  SerCx - ok
00:30:36.0863 0x04e0  SerCx2 - ok
00:30:36.0878 0x04e0  Serenum - ok
00:30:36.0878 0x04e0  Serial - ok
00:30:36.0878 0x04e0  sermouse - ok
00:30:36.0894 0x04e0  SessionEnv - ok
00:30:36.0894 0x04e0  sfloppy - ok
00:30:36.0894 0x04e0  [ C05648C2BE6176BE557D9C7F02916388, C65D8FEDDCD9A52B04F42C64DAD2A499BF51246D36042E8DC09DD04C4C0B7BEE ] SgrmAgent       C:\WINDOWS\system32\drivers\SgrmAgent.sys
00:30:36.0909 0x04e0  SgrmAgent - ok
00:30:36.0909 0x04e0  SgrmBroker - ok
00:30:36.0909 0x04e0  SharedAccess - ok
00:30:36.0909 0x04e0  SharedRealitySvc - ok
00:30:36.0909 0x04e0  ShellHWDetection - ok
00:30:36.0925 0x04e0  shpamsvc - ok
00:30:36.0925 0x04e0  SiSRaid2 - ok
00:30:36.0925 0x04e0  SiSRaid4 - ok
00:30:36.0925 0x04e0  SmartSAMD - ok
00:30:36.0941 0x04e0  smphost - ok
00:30:36.0941 0x04e0  SmsRouter - ok
00:30:36.0941 0x04e0  [ 1971BBC71602B928CF9257759E3C05E8, 9D665698FF26ED333AD385B4B7A6C0F2B6806371D278E281FA4188002A5317E8 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
00:30:36.0972 0x04e0  SNMPTRAP - ok
00:30:36.0972 0x04e0  [ 27B7D9E872939EBB34C30343F991893D, 879AFDC8C50487ED0D3CB58C70A206E185F94BE75C25C31C387F3F08740771F9 ] spaceparser     C:\WINDOWS\system32\drivers\spaceparser.sys
00:30:36.0988 0x04e0  spaceparser - ok
00:30:36.0988 0x04e0  spaceport - ok
00:30:37.0003 0x04e0  [ AB3BDEC793187CEDF1229AC98BB7DEDF, D2EA0C5FC534C89310207AA26A8816B30FEEF3F2708A067D8BB93D3CFF9C3936 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
00:30:37.0003 0x04e0  SpatialGraphFilter - ok
00:30:37.0019 0x04e0  SpbCx - ok
00:30:37.0019 0x04e0  spectrum - ok
00:30:37.0019 0x04e0  Spooler - ok
00:30:37.0019 0x04e0  sppsvc - ok
00:30:37.0019 0x04e0  srv2 - ok
00:30:37.0034 0x04e0  srvnet - ok
00:30:37.0034 0x04e0  [ 02DC11A441669C70D3CD1CBAAB662772, 015ADB5D8D1B92DE7C2460303DD75FA60DCC3629B26D056C4911B6B811BEBF40 ] sRZTHXSpatial   C:\WINDOWS\System32\drivers\RZTHXSpatial.sys
00:30:37.0050 0x04e0  sRZTHXSpatial - ok
00:30:37.0050 0x04e0  [ CC0B7413543AF78169578B8F8932BF7E, 635118D2C5363066E5CF72074F0329B89C5E39D6B6B0E7760AF8171246E6D187 ] sRZVAD          C:\WINDOWS\System32\drivers\RZSurround.sys
00:30:37.0050 0x04e0  sRZVAD - ok
00:30:37.0066 0x04e0  SSDPSRV - ok
00:30:37.0066 0x04e0  ssh-agent - ok
00:30:37.0066 0x04e0  SstpSvc - ok
00:30:37.0066 0x04e0  StateRepository - ok
00:30:37.0113 0x04e0  [ 786C58C5DFBC5DCBA04A18FFA97668FE, CBA4F62C1BBDE0C03BB847539E5C84B5AE9EFE1E6BA5551F2C24750175E97A8B ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
00:30:37.0175 0x04e0  Steam Client Service - ok
00:30:37.0191 0x04e0  stexstor - ok
00:30:37.0191 0x04e0  stisvc - ok
00:30:37.0191 0x04e0  storahci - ok
00:30:37.0191 0x04e0  storflt - ok
00:30:37.0191 0x04e0  stornvme - ok
00:30:37.0206 0x04e0  storqosflt - ok
00:30:37.0206 0x04e0  StorSvc - ok
00:30:37.0206 0x04e0  storufs - ok
00:30:37.0206 0x04e0  storvsc - ok
00:30:37.0222 0x04e0  svsvc - ok
00:30:37.0222 0x04e0  swenum - ok
00:30:37.0222 0x04e0  swprv - ok
00:30:37.0238 0x04e0  Synth3dVsc - ok
00:30:37.0238 0x04e0  SysMain - ok
00:30:37.0238 0x04e0  SystemEventsBroker - ok
00:30:37.0238 0x04e0  TabletInputService - ok
00:30:37.0238 0x04e0  TapiSrv - ok
00:30:37.0253 0x04e0  Tcpip - ok
00:30:37.0253 0x04e0  Tcpip6 - ok
00:30:37.0253 0x04e0  [ 57BE670CF1D93717B628271B404D658A, EDD4C58EDAB985C87D6101D9CA5620146EE2BB8A1B899C635DD4CD36541DD46E ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
00:30:37.0269 0x04e0  tcpipreg - ok
00:30:37.0269 0x04e0  tdx - ok
00:30:37.0284 0x04e0  Telemetry - ok
00:30:37.0284 0x04e0  [ C225B94F2B27AC97C3E66C0550AEA249, 6F88375DD12A648B77BB6EB4BE527FF6678EE76A2059DB5B4CC971CDB31D0DB8 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
00:30:37.0300 0x04e0  terminpt - ok
00:30:37.0300 0x04e0  TermService - ok
00:30:37.0300 0x04e0  [ 8EC4197962A0349DFFBDC11586099DB8, 8DD5348A4983C376F63E6B209227D4D02300555F8C80A0E0DB2EA16074ABC334 ] Themes          C:\WINDOWS\system32\themeservice.dll
00:30:37.0331 0x04e0  Themes - ok
00:30:37.0331 0x04e0  TieringEngineService - ok
00:30:37.0347 0x04e0  TimeBrokerSvc - ok
00:30:37.0347 0x04e0  TokenBroker - ok
00:30:37.0347 0x04e0  TPM - ok
00:30:37.0347 0x04e0  TrkWks - ok
00:30:37.0363 0x04e0  TroubleshootingSvc - ok
00:30:37.0363 0x04e0  TrustedInstaller - ok
00:30:37.0363 0x04e0  [ F613A8618CC19DD96D1E0C81C5DCB7D1, AD6DE675AC033BE6BF75FF6303EAED4B5C672689D3AEC6DB94816D60E19B7030 ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
00:30:37.0378 0x04e0  TsUsbFlt - ok
00:30:37.0378 0x04e0  TsUsbGD - ok
00:30:37.0394 0x04e0  [ 6244FD1056BF170E38245B4B9042BFDF, C32908B3C5800CD52EF9BDD26C77B8162831CFD19DBF1D399941B17FB909AD94 ] tunnel          C:\WINDOWS\system32\drivers\tunnel.sys
00:30:37.0409 0x04e0  tunnel - ok
00:30:37.0409 0x04e0  [ 9A744CC3D804EC38A6C2C65BC3C6FCD8, 28CDF1A8614444F4A7249FB7189B423579CA91D1373138CD3E6C048CE6D2799F ] TVALZ           C:\WINDOWS\system32\drivers\TVALZ_O.SYS
00:30:37.0409 0x04e0  TVALZ - ok
00:30:37.0409 0x04e0  tzautoupdate - ok
00:30:37.0425 0x04e0  UASPStor - ok
00:30:37.0425 0x04e0  UcmCx0101 - ok
00:30:37.0425 0x04e0  [ 229B33B8499F4F2AAB1F3B590423611F, E70A2D9EEEF0C6894A0DB7990CFF6ECE3B8F389FD30B7B1949FCBDD3300B6148 ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
00:30:37.0441 0x04e0  UcmTcpciCx0101 - ok
00:30:37.0456 0x04e0  [ 7FDC3A6FD8547468CE554C8821640103, 3626760AEE42EE36E047DA6899A81E0646DFBA344A234270EAE5D635F049BE37 ] UcmUcsiAcpiClient C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys
00:30:37.0456 0x04e0  UcmUcsiAcpiClient - ok
00:30:37.0472 0x04e0  UcmUcsiCx0101 - ok
00:30:37.0472 0x04e0  Ucx01000 - ok
00:30:37.0472 0x04e0  UdeCx - ok
00:30:37.0472 0x04e0  udfs - ok
00:30:37.0472 0x04e0  UdkUserSvc - ok
00:30:37.0488 0x04e0  UEFI - ok
00:30:37.0488 0x04e0  Ufx01000 - ok
00:30:37.0488 0x04e0  UfxChipidea - ok
00:30:37.0503 0x04e0  ufxsynopsys - ok
00:30:37.0503 0x04e0  [ 13B9189CA51D925FF78151A0E14C40CE, 78AEDD6D13C45B2E080BC26527CCF3BDABF764A2108249BA8B3AC4387C6A6376 ] uhssvc          C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
00:30:37.0519 0x04e0  uhssvc - ok
00:30:37.0534 0x04e0  umbus - ok
00:30:37.0534 0x04e0  UmPass - ok
00:30:37.0534 0x04e0  UmRdpService - ok
00:30:37.0534 0x04e0  UnistoreSvc - ok
00:30:37.0550 0x04e0  upnphost - ok
00:30:37.0550 0x04e0  [ 5C33B91675BE0C9693358C1AAA723D20, A5BB54ABBB0F7B13ACCA0997F567A81395688C6D68EB87F67F688737DC16918F ] UrsChipidea     C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys
00:30:37.0566 0x04e0  UrsChipidea - ok
00:30:37.0566 0x04e0  [ ADFAB87405AE22290E24D0E8E6141AF1, BC0982BEFE4CABEA1E260C8A3266EA18A4CA158A07D1C5176890A04CC3B6A84A ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
00:30:37.0566 0x04e0  UrsCx01000 - ok
00:30:37.0581 0x04e0  [ BBDE7BF496327115DD744E7D4105C7BC, 5A8CC47603A1C9D58A30A5E897F1BCDC56199B08317B9FF319D469D6DD6CAAF0 ] UrsSynopsys     C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys
00:30:37.0581 0x04e0  UrsSynopsys - ok
00:30:37.0597 0x04e0  usbaudio - ok
00:30:37.0597 0x04e0  [ FB9F25ACEBCBAEABFE30CACCB17D4EE6, 7D38FA294DA179E5535E3E481746F07E2AE47CE57192C2D1C5B780B583FD9C6D ] usbaudio2       C:\WINDOWS\System32\drivers\usbaudio2.sys
00:30:37.0613 0x04e0  usbaudio2 - ok
00:30:37.0613 0x04e0  usbccgp - ok
00:30:37.0628 0x04e0  [ 11561FC5BAA2DEB5AC8B179B591A882E, 2AD595BF4ABC146D8F533981848FF8271E983038566937BEB48A6A8F09BC60FB ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
00:30:37.0644 0x04e0  usbcir - ok
00:30:37.0644 0x04e0  usbehci - ok
00:30:37.0644 0x04e0  usbhub - ok
00:30:37.0644 0x04e0  USBHUB3 - ok
00:30:37.0644 0x04e0  usbohci - ok
00:30:37.0659 0x04e0  usbprint - ok
00:30:37.0659 0x04e0  usbrndis6 - ok
00:30:37.0659 0x04e0  usbser - ok
00:30:37.0659 0x04e0  USBSTOR - ok
00:30:37.0675 0x04e0  usbuhci - ok
00:30:37.0675 0x04e0  USBXHCI - ok
00:30:37.0675 0x04e0  UserDataSvc - ok
00:30:37.0675 0x04e0  UserManager - ok
00:30:37.0691 0x04e0  UsoSvc - ok
00:30:37.0691 0x04e0  VacSvc - ok
00:30:37.0691 0x04e0  VaultSvc - ok
00:30:37.0691 0x04e0  vdrvroot - ok
00:30:37.0706 0x04e0  vds - ok
00:30:37.0706 0x04e0  VerifierExt - ok
00:30:37.0847 0x04e0  [ 1837CF103FFC87FBFC30A210952B1ABE, 3D94F94A9093CA713AE7868C8112C708A51448765A9D8FCE05B837020ED73FCB ] vgc             C:\Program Files\Riot Vanguard\vgc.exe
00:30:38.0066 0x04e0  vgc - ok
00:30:38.0191 0x04e0  [ 514180CC8965AAE807447ED01E5F08BD, C7017CCB987A0BD0E986BFCCE42B2C77D3FF7B682343D22C8151E548F9E92CC0 ] vgk             C:\Program Files\Riot Vanguard\vgk.sys
00:30:38.0362 0x04e0  vgk - ok
00:30:38.0362 0x04e0  vhdmp - ok
00:30:38.0378 0x04e0  vhf - ok
00:30:38.0378 0x04e0  Vid - ok
00:30:38.0378 0x04e0  [ B37F0BF662BB504F0A9C247F24C281AD, 6281D573D9AD9AA204778C3823737726E882B17657B23CF5458C012FF7990E52 ] VirtualRender   

2ª parte karperky:

C:\WINDOWS\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys
00:30:38.0394 0x04e0  VirtualRender - ok
00:30:38.0394 0x04e0  vmbus - ok
00:30:38.0394 0x04e0  VMBusHID - ok
00:30:38.0409 0x04e0  [ E5BB075B6B5A1DA3C3F48CA5DFF54E77, E13E8F9523F51F976084561C9D0A843CAF550FA233521FF13FFE1C5634CA6472 ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
00:30:38.0409 0x04e0  vmgid - ok
00:30:38.0409 0x04e0  vmicguestinterface - ok
00:30:38.0425 0x04e0  vmicheartbeat - ok
00:30:38.0425 0x04e0  vmickvpexchange - ok
00:30:38.0425 0x04e0  vmicrdv - ok
00:30:38.0425 0x04e0  vmicshutdown - ok
00:30:38.0425 0x04e0  vmictimesync - ok
00:30:38.0441 0x04e0  vmicvmsession - ok
00:30:38.0441 0x04e0  vmicvss - ok
00:30:38.0441 0x04e0  volmgr - ok
00:30:38.0441 0x04e0  volmgrx - ok
00:30:38.0456 0x04e0  volsnap - ok
00:30:38.0456 0x04e0  volume - ok
00:30:38.0456 0x04e0  [ A37A7788DABE4FF6E33FE50D7A33D8E8, 9E99D9D27BA3DFA6F89C77B9AD91BE495F15E4F612BB63B209157DFA13BCD7E0 ] vpci            C:\WINDOWS\system32\drivers\vpci.sys
00:30:38.0472 0x04e0  vpci - ok
00:30:38.0472 0x04e0  vsmraid - ok
00:30:38.0472 0x04e0  VSS - ok
00:30:38.0472 0x04e0  VSTXRAID - ok
00:30:38.0487 0x04e0  vwifibus - ok
00:30:38.0487 0x04e0  vwififlt - ok
00:30:38.0487 0x04e0  vwifimp - ok
00:30:38.0487 0x04e0  W32Time - ok
00:30:38.0503 0x04e0  w3logsvc - ok
00:30:38.0503 0x04e0  WaaSMedicSvc - ok
00:30:38.0503 0x04e0  WacomPen - ok
00:30:38.0503 0x04e0  WalletService - ok
00:30:38.0519 0x04e0  wanarp - ok
00:30:38.0519 0x04e0  wanarpv6 - ok
00:30:38.0519 0x04e0  [ 8449398F11D49864117105679B539816, 8FD3B9C72066D6A983D062DE72EEF9769339EACBF4E0D303B9E12343C9D5DE6C ] WarpJITSvc      C:\WINDOWS\System32\Windows.WARP.JITService.dll
00:30:38.0581 0x04e0  WarpJITSvc - ok
00:30:38.0581 0x04e0  WAS - ok
00:30:38.0597 0x04e0  wbengine - ok
00:30:38.0597 0x04e0  WbioSrvc - ok
00:30:38.0597 0x04e0  wcifs - ok
00:30:38.0597 0x04e0  Wcmsvc - ok
00:30:38.0612 0x04e0  wcncsvc - ok
00:30:38.0612 0x04e0  wcnfs - ok
00:30:38.0612 0x04e0  [ 5925250BDDB94B0A5FA0E7FEED36C520, 0845344F7BFAA94AF90920A5346078E6261EEA3A1A77795DDA5B70B38609348B ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
00:30:38.0628 0x04e0  WdBoot - ok
00:30:38.0628 0x04e0  [ CD1C4678B0F07D23612D5839398552C8, 8C7128CC40EEB931C3BD2C97A37890525E315657A871901EC637D67C00D19C36 ] WDC_SAM         C:\WINDOWS\System32\drivers\wdcsam64.sys
00:30:38.0644 0x04e0  WDC_SAM - ok
00:30:38.0644 0x04e0  Wdf01000 - ok
00:30:38.0659 0x04e0  [ C150CD7072592B0BCBB7DACFFC6904CD, 0F4D31410401CC564A5D1FCEF5ED2898DAFB7418C1B39D746E88451CC3518ACA ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
00:30:38.0675 0x04e0  WdFilter - ok
00:30:38.0675 0x04e0  [ BB37AF6E45E0F69222E057A74B4AFE1E, 4662064205BEC0DB7B10F1412E0A09A6E5E3B16DE443AEF7F79ACA3ACE24A51D ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
00:30:38.0691 0x04e0  WdiServiceHost - ok
00:30:38.0706 0x04e0  [ BB37AF6E45E0F69222E057A74B4AFE1E, 4662064205BEC0DB7B10F1412E0A09A6E5E3B16DE443AEF7F79ACA3ACE24A51D ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
00:30:38.0722 0x04e0  WdiSystemHost - ok
00:30:38.0722 0x04e0  wdiwifi - ok
00:30:38.0737 0x04e0  [ A6C92A5F2982EBB8788E0690C19048C4, 85C54A99DD43DC1FAC7FD2A31288CEC7501F795DE8FA86857790F4CCD5AF7C18 ] WdmCompanionFilter C:\WINDOWS\system32\drivers\WdmCompanionFilter.sys
00:30:38.0737 0x04e0  WdmCompanionFilter - ok
00:30:38.0737 0x04e0  [ C5552A3A54408AB9A0DC341E21F5EF67, 67838896B7E04EBBE2AA089F09913789A5E8C4B7E7436397135F1F68BB86F03A ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
00:30:38.0753 0x04e0  WdNisDrv - ok
00:30:38.0753 0x04e0  WdNisSvc - ok
00:30:38.0769 0x04e0  WebClient - ok
00:30:38.0769 0x04e0  Wecsvc - ok
00:30:38.0769 0x04e0  [ CBA85827716DE89106F8E4AD7430620C, EF2FEAD68FE003DAC52BC2098962F397DF80B7DCD79A8F45012A050C7C0E2DB1 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
00:30:38.0784 0x04e0  WEPHOSTSVC - ok
00:30:38.0784 0x04e0  wercplsupport - ok
00:30:38.0800 0x04e0  WerSvc - ok
00:30:38.0800 0x04e0  WFDSConMgrSvc - ok
00:30:38.0800 0x04e0  WFPLWFS - ok
00:30:38.0800 0x04e0  WiaRpc - ok
00:30:38.0816 0x04e0  WIMMount - ok
00:30:38.0816 0x04e0  WinDefend - ok
00:30:38.0816 0x04e0  [ B434A84F46C70F4E67B70ED70F024B7F, 64EEB8093BA2590E83D83C5AF7C2A025B88AF5681143BCA83671104266FEEA99 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
00:30:38.0831 0x04e0  WindowsTrustedRT - ok
00:30:38.0831 0x04e0  [ 982774B74EE1419D641CEB66E394A4BA, 090C4CE6B76B3904B5AE73E4F1EEBCE619194C358874D7584537012F954C54BE ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
00:30:38.0847 0x04e0  WindowsTrustedRTProxy - ok
00:30:38.0847 0x04e0  WinHttpAutoProxySvc - ok
00:30:38.0847 0x04e0  WinMad - ok
00:30:38.0862 0x04e0  Winmgmt - ok
00:30:38.0862 0x04e0  WinNat - ok
00:30:38.0862 0x04e0  WinRM - ok
00:30:38.0878 0x04e0  [ 91D3DC62C6EDDB6554CE14C0E0B4290F, 6F8F89B350FC6BC0D23A50C593F02514854AB7D6CD234D8C8AD4B5DDDD586BA0 ] WINUSB          C:\WINDOWS\System32\drivers\WinUsb.sys
00:30:38.0894 0x04e0  WINUSB - ok
00:30:38.0894 0x04e0  WinVerbs - ok
00:30:38.0894 0x04e0  wisvc - ok
00:30:38.0909 0x04e0  WlanSvc - ok
00:30:38.0909 0x04e0  wlidsvc - ok
00:30:38.0909 0x04e0  wlpasvc - ok
00:30:38.0909 0x04e0  WManSvc - ok
00:30:38.0909 0x04e0  WmiAcpi - ok
00:30:38.0925 0x04e0  wmiApSrv - ok
00:30:38.0925 0x04e0  WMPNetworkSvc - ok
00:30:38.0925 0x04e0  Wof - ok
00:30:38.0941 0x04e0  workfolderssvc - ok
00:30:38.0941 0x04e0  WpcMonSvc - ok
00:30:38.0941 0x04e0  WPDBusEnum - ok
00:30:38.0941 0x04e0  [ 024924C9E79F51560B9133EEAB866BBF, F4D464BC02C7B96EF72AA9229A99A1AD32F56390F97972C33525EF0D85304261 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
00:30:38.0956 0x04e0  WpdUpFltr - ok
00:30:38.0956 0x04e0  WpnService - ok
00:30:38.0972 0x04e0  WpnUserService - ok
00:30:38.0972 0x04e0  ws2ifsl - ok
00:30:38.0972 0x04e0  wscsvc - ok
00:30:38.0972 0x04e0  WSearch - ok
00:30:38.0987 0x04e0  wuauserv - ok
00:30:38.0987 0x04e0  WudfPf - ok
00:30:38.0987 0x04e0  WUDFRd - ok
00:30:39.0003 0x04e0  WUDFWpdFs - ok
00:30:39.0003 0x04e0  WUDFWpdMtp - ok
00:30:39.0003 0x04e0  WwanSvc - ok
00:30:39.0003 0x04e0  XblAuthManager - ok
00:30:39.0019 0x04e0  XblGameSave - ok
00:30:39.0019 0x04e0  xboxgip - ok
00:30:39.0019 0x04e0  XboxGipSvc - ok
00:30:39.0019 0x04e0  XboxNetApiSvc - ok
00:30:39.0034 0x04e0  xinputhid - ok
00:30:39.0034 0x04e0  [ 1870A74EE2901CA09FFBFE79A5EE0E94, EB79E50A8BC345AC727877D047CF3E669E61354659D6B84416683B29F22E6350 ] {329F96B6-DF1E-4328-BFDA-39EA953C1312} C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl
00:30:39.0050 0x04e0  {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok
00:30:39.0050 0x04e0  ================ Scan global ===============================
00:30:39.0050 0x04e0  [ Global ] - ok
00:30:39.0050 0x04e0  ================ Scan MBR ==================================
00:30:39.0050 0x04e0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:30:39.0284 0x04e0  \Device\Harddisk0\DR0 - ok
00:30:39.0300 0x04e0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
00:30:39.0331 0x04e0  \Device\Harddisk1\DR1 - ok
00:30:39.0331 0x04e0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
00:30:39.0362 0x04e0  \Device\Harddisk2\DR2 - ok
00:30:39.0362 0x04e0  ================ Scan VBR ==================================
00:30:39.0362 0x04e0  [ 2B3E561EF87A7C400D6070354FD97414 ] \Device\Harddisk0\DR0\Partition1
00:30:39.0362 0x04e0  \Device\Harddisk0\DR0\Partition1 - ok
00:30:39.0362 0x04e0  [ ADFA8548388A5BE597883C71CCE12699 ] \Device\Harddisk0\DR0\Partition2
00:30:39.0362 0x04e0  \Device\Harddisk0\DR0\Partition2 - ok
00:30:39.0378 0x04e0  [ 48A5F9CCF1C47D9EF148B5C23BCA5D6B ] \Device\Harddisk1\DR1\Partition1
00:30:39.0378 0x04e0  \Device\Harddisk1\DR1\Partition1 - ok
00:30:39.0378 0x04e0  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk2\DR2\Partition1
00:30:39.0378 0x04e0  \Device\Harddisk2\DR2\Partition1 - ok
00:30:39.0378 0x04e0  [ 7C0F07ECC3980E9CBE921432CC175619 ] \Device\Harddisk2\DR2\Partition2
00:30:39.0378 0x04e0  \Device\Harddisk2\DR2\Partition2 - ok
00:30:39.0378 0x04e0  ================ Scan active images ========================
00:30:39.0378 0x04e0  ================ Scan generic autorun ======================
00:30:39.0394 0x04e0  [ 783C99AFD4C2AE6950FA5694389D2CFA, 570B37A7A3FFDAFCCECCC33CBC1968FEB857B73CA3CB4DFFEDC2E67E9ABD0878 ] C:\WINDOWS\system32\SecurityHealthSystray.exe
00:30:39.0409 0x04e0  SecurityHealth - ok
00:30:39.0519 0x04e0  [ A15FF7FFA54109281D5742D396271DFC, 2551B6203E594087858FA514FD73DC652AEC45AAAADDFC50240F4AC2BF5C1879 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
00:30:39.0644 0x04e0  RTHDVCPL - ok
00:30:39.0659 0x04e0  [ 10DD6D25BBEAB5BDA35E3B681BADF99C, 2E0095E5FB1B84AFF1388BB78A413FC8459818E86EF00BDB8C2FE15E346E2405 ] C:\WINDOWS\system32\RZSurroundHelper.exe
00:30:39.0675 0x04e0  RZSurroundHelper - ok
00:30:39.0690 0x04e0  [ D561DAE30E396E41AB1D119A94B3966C, 7A13F8AA9032A8543A478B6498F1FE693A3312F2FA87C8086B21040641E6C5D4 ] C:\WINDOWS\system32\RZTHXHelper.exe
00:30:39.0706 0x04e0  RZTHXHelper - ok
00:30:39.0753 0x04e0  [ DF7D35E1DC6172051E0C7BE6250C3508, D3E07D5BB63086DB9BF6A20D9FFD12878AECD1AE1C52A8D97772025FA8771B01 ] C:\Program Files\Riot Vanguard\vgtray.exe
00:30:39.0815 0x04e0  Riot Vanguard - ok
00:30:39.0831 0x04e0  [ 35641379D8F16BF3D6024191261AA6EF, 8566F0549FB35261DBDA9F526EF86320BB3723C31DE075AF3882B21BE15E1091 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
00:30:39.0847 0x04e0  AdobeAAMUpdater-1.0 - ok
00:30:39.0847 0x04e0  [ E670829378C40F4649672A9161C3A545, 21D9CAF0BE408AB658CD3188EC0DC05AEB7285DE5D91A62F042F21BD21AF44D8 ] C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe
00:30:39.0862 0x04e0  Avira System Speedup User Starter - ok
00:30:39.0878 0x04e0  [ A3FC203319BD887E14FA978EC6233AC7, 87D6B0566B1D044408F3A17B501EA377AB3AEBBBB06DC5F19A88FD18B4C82BFA ] C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
00:30:39.0894 0x04e0  Autodesk Desktop App - ok
00:30:39.0940 0x04e0  [ 163FA50C6B7B6348987E15AC9DD3D94F, 2CAE6DE6C36CA7950B8E3227F8AC323472D5F4E8D74D4CED0506A7F1BC07C893 ] C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe
00:30:40.0003 0x04e0  Autodesk Genuine Service  - ok
00:30:40.0065 0x04e0  [ 6459CF6711D7592FD41FADDE6F93603A, 2B714331D1B873F52EE827132EE6173A42F20FB29F8C7652A01C5EAF02FD627A ] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe
00:30:40.0175 0x04e0  Acrobat Assistant 8.0 - ok
00:30:40.0190 0x04e0  OneDriveSetup - ok
00:30:40.0190 0x04e0  OneDriveSetup - ok
00:30:40.0190 0x04e0  CCleaner Smart Cleaning - ok
00:30:40.0190 0x04e0  OneDriveSetup - ok
00:30:40.0206 0x04e0  [ 251E51E2FEDCE8BB82763D39D631EF89, 2682086ACE1970D5573F971669591B731F87D749406927BD7A7A4B58C3C662E9 ] C:\Program Files (x86)\Windows Mail\wab.exe
00:30:40.0237 0x04e0  WAB Migrate - ok
00:30:40.0237 0x04e0  Waiting for KSN requests completion. In queue: 184
00:30:41.0284 0x04e0  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgentWin7.exe ( 15.0.2106.2106 ), 0x40000 ( disabled : updated )
00:30:41.0284 0x04e0  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe ( 15.0.2106.2106 ), 0x41000 ( enabled : updated )
00:30:41.0284 0x04e0  AV detected via SS2: Windows Defender, windowsdefender:// (  ), 0x60100 ( disabled : updated )
00:30:41.0300 0x04e0  Win FW state via NFP2: enabled ( trusted )
00:30:41.0394 0x04e0  ============================================================
00:30:41.0394 0x04e0  Scan finished
00:30:41.0394 0x04e0  ============================================================
00:30:41.0409 0x04b0  Detected object count: 0
00:30:41.0409 0x04b0  Actual detected object count: 0

Hola nuevamente

Realiza lo siguiente y luego trae un nuevo reporte de farbar

Descarga e instala Glary Utilities

• Una ves instalado, le das click derecho y lo ejecutas como administrador.
• Vas a la pestaña mantenimiento en 1-click marcas todas las casillas y presionas en buscar problemas.
• Esperas que termine y presionas en reparar problemas y esperas que termine.

Descarga e instala Argente Utilities

• Al momento de instalarlo te aparecerá un cartelito que te ofrecerá mantenimiento automático, desactiva toda las opciones menos la de buscar actualizaciones.
• Cancela el primer análisis que realiza el programa automáticamente y ve a configuración → one click maintance y desactivas la opcion de spyware inmunize y presiona en aceptar.
• Ve a la pestaña Mantenimiento → one click maintenance → presionas en iniciar análisis esperas que termine y presionas en reparar todo los problemas

Saludos

Hecho la parte de Glary Utilities, ha encontrado muchas cosas y corregido todo.

Argente Utilities he seguido el primer paso y antes de empezar el análisis me ha dicho que restaurar el sistema estaba desactivado, que si quería activarlo. Le he dicho que sí y ha dado error, que no podía hacerlo. Se ha puesto a hacer una copia de seguridad de manera automática, no podía hacer yo nada mientras. Ha limpiado de todo menos Spyware

El farbar:

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 16-06-2022
Ejecutado por Gonzalo (administrador) sobre GONZALO-PC (Gigabyte Technology Co., Ltd. Z97X-Gaming 3) (17-06-2022 01:20:09)
Ejecutado desde C:\Users\Gonzalo\Desktop
Perfiles cargados: Gonzalo & Administrador
Plataforma: Microsoft Windows 10 Home Versión 21H2 19044.1766 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

() [Archivo no firmado] C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(atiesrxx.exe ->) (AMD) [Archivo no firmado] C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe ->) (Autodesk, Inc. -> Autodesk Inc.) C:\Windows\Temp\AdAppMgrUpdater.exe
(C:\Program Files (x86)\Avira\Antivirus\avguard.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <19>
(explorer.exe ->) (Razer USA Ltd. -> ) C:\Windows\System32\RZSurroundHelper.exe
(explorer.exe ->) (Razer USA Ltd. -> ) C:\Windows\System32\RZTHXHelper.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(services.exe ->) () [Archivo no firmado] C:\Windows\SysWOW64\ASGT.exe
(services.exe ->) (AMD) [Archivo no firmado] C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\10.1.0.3194\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Olof Lagerkvist) C:\Windows\System32\imdsksvc.exe
(services.exe ->) (Creative Technology Ltd) [Archivo no firmado] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(services.exe ->) (CyberLink -> ) C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
(services.exe ->) (CyberLink -> CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
(services.exe ->) (CyberLink -> CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(services.exe ->) (Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(services.exe ->) (Qualcomm Atheros) [Archivo no firmado] C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer) C:\Program Files (x86)\Razer\RzUpdateEngineService\RzUpdateEngineService.exe
(services.exe ->) (Razer USA Ltd. -> Razer) C:\Windows\System32\RZSurroundService.exe
(services.exe ->) (Razer USA Ltd. -> Razer) C:\Windows\System32\RZTHXService.exe
(svchost.exe ->) () [Archivo no firmado] C:\Program Files (x86)\Shark Zone M20\Monitor.exe
(svchost.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(svchost.exe ->) (Creative Technology Ltd.) [Archivo no firmado] C:\Program Files (x86)\Creative\Creative Live! Cam\VideoFX\StartFX.exe
(svchost.exe ->) (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RZSurroundHelper] => C:\WINDOWS\system32\RZSurroundHelper.exe [384240 2019-11-11] (Razer USA Ltd. -> )
HKLM\...\Run: [RZTHXHelper] => C:\WINDOWS\system32\RZTHXHelper.exe [385264 2020-04-26] (Razer USA Ltd. -> )
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3069768 2022-06-03] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [332848 2022-05-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [668376 2021-05-11] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe [2913648 2021-05-10] (Autodesk, Inc. -> Autodesk)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5237416 2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restricción <==== ATENCIÓN
HKU\S-1-5-21-3099137771-1455174418-2327952307-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36836592 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3099137771-1455174418-2327952307-1001\...\Policies\Explorer: [DisallowCpl] 1
HKU\S-1-5-21-3099137771-1455174418-2327952307-1001\...\Policies\Explorer: [] 
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65496 2021-04-21] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\doPDF   6 Monitor: C:\Windows\system32\dopdfmn6.dll [22168 2008-12-02] (Softland -> Softland)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\102.0.5005.115\Installer\chrmstp.exe [2022-06-13] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
BootExecute: autocheck autochk *  
GroupPolicy: Restricción ? <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {03613F8C-0154-44F4-ACCB-36E2F8AA45AD} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\7 => C:\Program Files (x86)\Creative\Creative Live! Cam\VideoFX\StartFX.exe [24576 2006-06-09] (Creative Technology Ltd.) [Archivo no firmado]
Task: {09D97BED-03BB-40C5-9CDB-85D618136814} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\3 => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Ningún archivo)
Task: {0A83DD08-0D06-4C54-86E4-EE9A551E2FBE} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\2 => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0D130386-7B33-4169-B085-47B5303380D7} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {1232F43A-B672-4FE7-97CC-2499FA8F123C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Ningún archivo)
Task: {13FCC05D-94D1-406D-BB54-5C4D408F8A79} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (Ningún archivo)
Task: {1C0936E8-FFDD-41B5-9147-4D5EB582404A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Ningún archivo)
Task: {1F016139-9187-4212-AFFC-192895246AE7} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Ningún archivo)
Task: {2E530DAA-3A24-490E-9852-E8856410494B} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Ningún archivo)
Task: {30829EBC-72C8-4BFD-AEA3-7E29BCE7DB04} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Ningún archivo)
Task: {3FA320A4-D487-4602-897B-62E48669EFE6} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\6 => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-02-17] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
Task: {402F58BC-6AFE-46E6-8A00-951E33A4BC0B} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\5 => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [332848 2022-05-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) -> -launch "C:\ProgramData\Avira\SystemSpeedup\Delay Load for ALL\Killer Network Manager.lnk" -minimize
Task: {43AA5B35-719C-4841-A2A0-D6F93111773B} - System32\Tasks\EOSv3 Scheduler onTime => D:\Descargas\esetonlinescanner_esn.exe SCHED (Ningún archivo)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {499B7144-3BC2-4927-B935-4320E1D25F39} - \Microsoft\Windows\Setup\EOSNotify -> Ningún archivo <==== ATENCIÓN
Task: {4B4B3456-FC31-414A-A9B6-F1A5641D7E95} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Ningún archivo)
Task: {4CD24CBC-B1E8-4F38-A006-F23D40B84F5F} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe -LogonOrUnlock (Ningún archivo)
Task: {4F0BAE94-8DAA-4468-9EAB-8C116393B60B} - System32\Tasks\EOSv3 Scheduler onLogOn => D:\Descargas\esetonlinescanner_esn.exe LOGON (Ningún archivo)
Task: {5037F930-3288-444D-B6B2-00BF18896833} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-05-11] (Piriform Software Ltd -> Piriform)
Task: {5699F5B9-726F-41D4-80CC-BB8B7DBDA9AD} - System32\Tasks\{C07CE0B2-17A1-45B9-84EF-8938AF78D8A0} => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [114017640 2021-08-10] (Skype Software Sarl -> Skype Technologies S.A.)
Task: {56CA7765-1DB8-45DD-B34C-71B999EC6080} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Ningún archivo)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5E86D8BC-1B7D-42BF-A6AF-BF59FD1DE19D} - System32\Tasks\{41F46CD9-14DE-4E9C-8956-17BD7D13217B} => C:\Windows\system32\pcalua.exe -a "D:\Gonzalo\Ramon Campayo\Curso de lectura rápida\Pack1\Instalación Pack 1 TSR.exe" -d "D:\Gonzalo\Ramon Campayo\Curso de lectura rápida\Pack1"
Task: {6047E6C3-147E-4CFA-89AF-0A2252839157} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\4 => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) [Archivo no firmado]
Task: {60F74482-6272-46C8-B784-92DA699D9519} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2648424 2021-11-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {64897F99-FE72-4F1C-8E6C-6764F291D5B5} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\1 => C:\Program Files (x86)\Shark Zone M20\Monitor.EXE [471040 2014-07-15] () [Archivo no firmado]
Task: {6C0615DD-0B5F-4039-9947-0F61CE085DB4} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {70E9846C-BD0F-4117-99C7-BC076AE4D768} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Ningún archivo)
Task: {7279AE6F-B17F-40D7-8B5F-17103B308763} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1647416 2022-05-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {7C257B9F-8786-43A1-96E3-687741A10319} - System32\Tasks\Avira_Security_Update => C:\WINDOWS\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {7E788995-B7C9-4102-9450-095D9B4CA9F0} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Ningún archivo)
Task: {811A0552-F59A-471B-8367-3534F7A0E026} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Ningún archivo)
Task: {8414B7C8-73BC-4C37-970B-4B400486B1C6} - \GoogleUpdateTaskUserS-1-5-21-3099137771-1455174418-2327952307-1000Core -> Ningún archivo <==== ATENCIÓN
Task: {8A3FEDE8-10C5-4AF6-8A50-5A43DF7F7330} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {92228868-0FA8-4778-839A-2E9D0286A367} - System32\Tasks\CCleanerSkipUAC - Gonzalo => C:\Program Files\CCleaner\CCleaner.exe [30924528 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {959569F6-4A98-4613-B45C-7FBC99326C22} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {960C22DB-F7E8-44FA-B378-2273F97FDD9C} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Ningún archivo)
Task: {99460A54-5D7C-4FF2-815F-7E303B09F746} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {9E472A2B-A38B-4888-97D8-AAC7125ED481} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-29] (Google Inc -> Google Inc.)
Task: {A3714F30-F05B-4E47-9FD4-74F276242510} - \Microsoft\Windows\Setup\EOSNotify2 -> Ningún archivo <==== ATENCIÓN
Task: {A5AB1AA0-B922-40A5-96D7-D8F37A1BF144} - \GoogleUpdateTaskUserS-1-5-21-3099137771-1455174418-2327952307-1000UA -> Ningún archivo <==== ATENCIÓN
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B512213F-2E88-44E1-A518-84C6ABA9A3AB} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {B5D8AFE8-BD7D-4F75-BC7B-681707FCDA74} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Ningún archivo)
Task: {B615AE4A-B557-448A-B352-32B07C54296C} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {B615AE4A-B557-448A-B352-32B07C54296C} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {B615AE4A-B557-448A-B352-32B07C54296C} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
Task: {BA4D5CFE-B582-4D5C-B93F-9B0B40A3205B} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Ningún archivo)
Task: {BEEB0C4F-2903-4C57-B076-228728619180} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {C152B474-E2DC-46B1-B6C2-DC858B71ED85} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Ningún archivo)
Task: {C8C523CA-BC9D-49D8-A769-688B6FCE9846} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [256336 2022-05-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {CD2565DD-4653-4B20-810D-63817B6F146B} - System32\Tasks\{964C642F-3536-4EF5-8BA4-B081B43F0B72} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.31.80.104/es/abandoninstall?page=tsMain
Task: {CFAA3138-1135-4C47-873C-D5CD1BBCB37B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Ningún archivo)
Task: {D25EF09B-2D01-42A5-8C02-6D7236DF60E4} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {D28A7FEA-6CEE-48A8-A3F5-563D056653CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-29] (Google Inc -> Google Inc.)
Task: {D3F1BD32-F7DD-4016-96FF-BFCE268E1BE3} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Ningún archivo)
Task: {DF6AC915-D004-45EF-8FB0-2ED5F9872AFC} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Ningún archivo)
Task: {E1A218AD-2D86-4FA7-B1E2-B847358138E0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Ningún archivo)
Task: {E2E6481A-0932-46B5-A3A1-B9654C75E246} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Ningún archivo)
Task: {E3611B4A-8813-42D2-8B4B-653C1115AFAA} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe (Ningún archivo)
Task: {E7FA4286-D785-4716-8FFC-583B9D96B17B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC0F5C1A-A9FE-448C-A5BF-84C3168BD5F5} - System32\Tasks\{564C74AB-0372-44DD-987F-49DE9345B2C5} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.85.105/es/abandoninstall?page=tsMain
Task: {EC100D74-D1F6-4508-A99E-6F9EAA7F5F79} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe /StartRecording (Ningún archivo)
Task: {EC2A6A69-623E-4956-97D1-A0D589070B35} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe -Daily (Ningún archivo)
Task: {EE64E71E-4557-4001-88AA-E74B498D24B2} - System32\Tasks\AviraSystemSpeedupVerify => C:\Program Files (x86)\Avira\System Speedup\setup\avira_speedup_setup.exe [32819448 2022-05-16] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
Task: {EF79184D-93BB-4540-A290-CAF66C405FF1} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Ningún archivo)
Task: {F3AA74E2-969C-4312-9CC9-8577CA59EA01} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [332848 2022-05-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {F67B7548-CE33-4F7A-8F95-7A2CBD77A6A9} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Ningún archivo)
Task: {F7776707-6B23-465E-9645-32A94C8CF7AC} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1112576 2017-05-19] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3297818284-2278180918-2745220028-1000Core.job => C:\Users\usuario\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3297818284-2278180918-2745220028-1000UA.job => C:\Users\usuario\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATENCIÓN (Restricción - Zones)
Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 212.166.210.82 212.166.132.104
Tcpip\..\Interfaces\{8CD1709D-E3E4-43B7-9FFB-E787ADC4A432}: [DhcpNameServer] 212.166.210.82 212.166.132.104
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restricción <==== ATENCIÓN

Edge: 
=======
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Gonzalo\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-17]
Edge HomePage: Default -> hxxp://www.google.es/
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Gonzalo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-03-06]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF ProfilePath: C:\Users\Gonzalo\AppData\Roaming\Mozilla\Firefox\Profiles\pwBcTOG9.default [2021-02-18]
FF Extension: (Avira Password Manager) - C:\Users\Gonzalo\AppData\Roaming\Mozilla\Firefox\Profiles\pwBcTOG9.default\Extensions\[email protected] [2019-09-04]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-04-20]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll [2012-06-13] (Adobe Systems Incorporated -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-02-25] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-02-25] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Gonzalo\AppData\Local\Google\Chrome\User Data\Default [2022-06-17]
CHR DownloadDir: C:\Users\Gonzalo\Desktop
CHR Notifications: Default -> hxxps://drive.google.com; hxxps://mail.google.com; hxxps://pmacw.eagreatassetto.xyz; hxxps://web.telegram.org; hxxps://www.elcomercio.es
CHR HomePage: Default -> hxxp://www.google.es/
CHR Session Restore: Default -> está habilitado.
CHR Extension: (Just Black) - C:\Users\Gonzalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2020-08-09]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Gonzalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2020-05-21]
CHR Extension: (Thea) - C:\Users\Gonzalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eempehimgjdipjalffmbnmjeanfkjiac [2022-03-08]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Gonzalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-15]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Gonzalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-06-09]
CHR Extension: (WhatFont) - C:\Users\Gonzalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2020-04-04]
CHR Extension: (Betaflight - Configurator) - C:\Users\Gonzalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdaghagfopacdngbohiknlhcocjccjao [2018-12-07]
CHR Extension: (Kindle Cloud Reader) - C:\Users\Gonzalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lolflkiacpkijeinkicebbhjcjjdhchf [2017-05-18]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Gonzalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1050920 2021-05-11] (Autodesk, Inc. -> Autodesk Inc.)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16930616 2019-12-18] (Autodesk, Inc. -> Autodesk)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [203264 2009-08-18] (AMD) [Archivo no firmado]
R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1206648 2021-07-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [538000 2021-07-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [485048 2021-07-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [485048 2021-07-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574832 2022-01-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Archivo no firmado]
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3000608 2022-03-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [386864 2022-03-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [264456 2022-05-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [282008 2022-05-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [789744 2022-05-11] (Piriform Software Ltd -> )
R2 CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [83240 2011-04-20] (CyberLink -> )
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2015-10-29] (Creative Labs) [Archivo no firmado]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2015-10-29] (Creative Labs) [Archivo no firmado]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [406016 2011-09-14] (Creative Technology Ltd) [Archivo no firmado]
R2 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [70952 2011-03-31] (CyberLink -> CyberLink)
R2 CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe [312616 2011-03-31] (CyberLink -> CyberLink)
R2 GUBootService; C:\Program Files (x86)\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe [883544 2022-06-14] (Glarysoft LTD -> Glarysoft Ltd)
S3 GUPMService; C:\Program Files (x86)\Glary Utilities 5\GUPMService.exe [74064 2022-06-14] (Glarysoft LTD -> Glarysoft Ltd)
R2 ImDskSvc; C:\WINDOWS\system32\imdsksvc.exe [25720 2019-07-17] (Avira Operations GmbH & Co. KG -> Olof Lagerkvist)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8677120 2022-06-16] (Malwarebytes Inc. -> Malwarebytes)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [Archivo no firmado]
R2 Razer Update Service; C:\Program Files (x86)\Razer\RzUpdateEngineService\RzUpdateEngineService.exe [408912 2020-04-02] (Razer USA Ltd. -> Razer)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R2 RzSndSrv; C:\WINDOWS\system32\RZSurroundService.exe [353520 2019-11-11] (Razer USA Ltd. -> Razer)
R2 RzThxSrv; C:\WINDOWS\system32\RZTHXService.exe [357104 2020-04-26] (Razer USA Ltd. -> Razer)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10595144 2022-06-03] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2020-01-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22848 2021-07-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [209088 2021-11-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2020-01-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2020-01-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bflwfx64.sys [67888 2013-02-13] (Qualcomm Atheros, Inc. -> Qualcomm Atheros, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Archivo no firmado]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Archivo no firmado]
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [24056 2016-01-14] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Archivo no firmado]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2016-07-11] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Archivo no firmado]
R3 GM312Fltr; C:\WINDOWS\system32\drivers\GM312Fltr.sys [10624 2013-08-21] (Microsoft Windows Hardware Compatibility Publisher -> LXD Development, Inc.)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [30720 2022-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd)
R2 ImDisk; C:\WINDOWS\System32\DRIVERS\imdisk.sys [95376 2019-07-17] (Microsoft Windows Hardware Compatibility Publisher -> Olof Lagerkvist)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-04-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-06-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 NETw5s64; C:\WINDOWS\System32\DRIVERS\NETw5s64.sys [7675392 2010-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S3 NVFLASH; C:\Windows\system32\drivers\nvflash.sys [15648 2014-01-06] (NVIDIA Corporation -> )
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [50248 2021-08-19] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [9229176 2020-12-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R0 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [91896 2017-03-20] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
R0 secnvmeF; C:\WINDOWS\System32\drivers\secnvmeF.sys [30664 2017-03-20] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
R3 sRZTHXSpatial; C:\WINDOWS\System32\drivers\RZTHXSpatial.sys [172024 2020-04-26] (Razer USA Ltd. -> Windows (R) Win 7 DDK provider)
R3 sRZVAD; C:\WINDOWS\System32\drivers\RZSurround.sys [172208 2019-11-11] (Razer USA Ltd. -> Windows (R) Win 7 DDK provider)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8596912 2022-06-03] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [148976 2011-04-12] (CyberLink -> CyberLink Corp.)
U3 idsvc; no ImagePath
S3 libusb0; \SystemRoot\system32\DRIVERS\libusb0.sys [X]

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2022-06-17 01:19 - 2022-06-17 01:19 - 000000000 ____D C:\Users\Gonzalo\Desktop\FRST-OlderVersion
2022-06-17 00:52 - 2022-06-17 01:16 - 000000000 ____D C:\Program Files (x86)\Argente Utilities
2022-06-17 00:52 - 2022-06-17 00:52 - 000001143 _____ C:\Users\Public\Desktop\Argente Utilities.lnk
2022-06-17 00:52 - 2022-06-17 00:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Argente Utilities
2022-06-17 00:49 - 2022-06-17 00:50 - 000000000 ____D C:\ProgramData\GlarySoft
2022-06-17 00:48 - 2022-06-17 00:48 - 000030720 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2022-06-17 00:48 - 2022-06-17 00:48 - 000001165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2022-06-17 00:48 - 2022-06-17 00:48 - 000001153 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2022-06-17 00:48 - 2022-06-17 00:48 - 000000000 ____D C:\Users\Gonzalo\AppData\Roaming\GlarySoft
2022-06-17 00:48 - 2022-06-17 00:48 - 000000000 ____D C:\Users\Gonzalo\AppData\Roaming\DiskDefrag
2022-06-17 00:48 - 2022-06-17 00:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2022-06-17 00:48 - 2022-06-17 00:48 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5
2022-06-17 00:47 - 2022-06-17 00:48 - 008169074 _____ (Raúl Argente ) C:\Users\Gonzalo\Desktop\AUtilities-old.exe
2022-06-17 00:46 - 2022-06-17 00:46 - 020382448 _____ (Glarysoft Ltd) C:\Users\Gonzalo\Desktop\gu5setup.exe
2022-06-17 00:29 - 2022-06-17 00:38 - 000145858 _____ C:\TDSSKiller.3.1.0.28_17.06.2022_00.29.03_log.txt
2022-06-17 00:27 - 2022-06-17 00:28 - 000007210 _____ C:\TDSSKiller.3.1.0.28_17.06.2022_00.27.03_log.txt
2022-06-17 00:03 - 2022-06-17 00:03 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\7533A87F.sys
2022-06-17 00:02 - 2022-06-17 00:26 - 000000000 ____D C:\Users\Gonzalo\Desktop\mbar
2022-06-17 00:02 - 2022-06-17 00:26 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2022-06-17 00:01 - 2022-06-17 00:01 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Gonzalo\Desktop\mbar-1.10.3.1001.exe
2022-06-16 23:55 - 2022-06-16 23:55 - 005054744 _____ (AO Kaspersky Lab) C:\Users\Gonzalo\Desktop\tdsskiller.exe
2022-06-16 23:05 - 2022-06-16 23:26 - 000001278 _____ C:\Users\Gonzalo\Desktop\ESET Online Scanner.lnk
2022-06-16 08:50 - 2022-06-16 08:50 - 000000130 _____ C:\WINDOWS\ntbtlog.txt
2022-06-16 08:44 - 2022-06-16 08:44 - 000001718 _____ C:\Users\Gonzalo\Desktop\AdwCleaner[C01].txt
2022-06-16 07:52 - 2022-06-16 07:52 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-06-16 07:50 - 2022-06-16 07:50 - 000000036 _____ C:\Users\Gonzalo\Desktop\Apagar Windows 8-Iniciar a prueba de fallos.bat
2022-06-16 02:35 - 2022-06-16 02:35 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll
2022-06-16 02:34 - 2022-06-16 02:34 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-06-16 02:34 - 2022-06-16 02:34 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-06-16 02:34 - 2022-06-16 02:34 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2022-06-16 02:34 - 2022-06-16 02:34 - 000011787 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-06-16 02:28 - 2022-06-16 02:28 - 000000000 ___HD C:\$WinREAgent
2022-06-16 00:18 - 2022-06-16 00:19 - 000073059 _____ C:\Users\Gonzalo\Desktop\Addition.txt
2022-06-16 00:17 - 2022-06-17 01:20 - 000041006 _____ C:\Users\Gonzalo\Desktop\FRST.txt
2022-06-16 00:16 - 2022-06-17 01:20 - 000000000 ____D C:\FRST
2022-06-16 00:16 - 2022-06-16 00:16 - 000002140 _____ C:\Users\Gonzalo\Desktop\AdwCleaner[C00].txt
2022-06-16 00:14 - 2022-06-16 00:15 - 000000000 ____D C:\AdwCleaner
2022-06-16 00:13 - 2022-06-16 07:17 - 000003710 _____ C:\Users\Gonzalo\Desktop\Rkill.txt
2022-06-15 20:10 - 2022-06-16 23:26 - 000001384 _____ C:\Users\Gonzalo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-06-15 19:00 - 2022-06-15 19:01 - 015274968 _____ (ESET) C:\Users\Gonzalo\Desktop\esetonlinescanner.exe
2022-06-15 18:54 - 2022-06-17 01:19 - 002368512 _____ (Farbar) C:\Users\Gonzalo\Desktop\FRST64.exe
2022-06-15 18:46 - 2022-06-15 18:50 - 008551608 _____ (Malwarebytes) C:\Users\Gonzalo\Desktop\adwcleaner.exe
2022-06-15 18:32 - 2022-06-15 18:32 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Gonzalo\Desktop\iExplore.exe
2022-06-15 18:19 - 2022-06-15 18:19 - 000000000 ___HD C:\$SysReset
2022-06-07 19:28 - 2022-06-07 19:21 - 000001188 _____ C:\Users\Gonzalo\Desktop\Cuestionario UAS.lnk
2022-06-07 19:21 - 2022-06-07 19:21 - 000001188 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cuestionario UAS.lnk
2022-06-07 19:21 - 2022-06-07 19:21 - 000000000 ____D C:\Program Files (x86)\Cuestionario UAS
2022-06-07 17:00 - 2022-06-07 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Agisoft
2022-06-07 16:59 - 2022-06-07 16:59 - 000000000 ____D C:\Program Files\Agisoft
2022-06-03 12:17 - 2022-06-03 12:17 - 000003888 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Maintenance
2022-06-03 12:17 - 2022-06-03 12:17 - 000003428 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2022-06-01 00:13 - 2022-06-01 00:13 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2022-06-01 00:13 - 2022-06-01 00:13 - 000002241 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2022-05-24 13:25 - 2022-05-24 13:25 - 000001675 _____ C:\Users\Gonzalo\Desktop\metashape.exe - Acceso directo.lnk
2022-05-24 11:38 - 2022-05-24 11:38 - 000000000 ____D C:\Users\Gonzalo\AppData\Local\data
2022-05-24 11:38 - 2022-05-24 11:38 - 000000000 ____D C:\Users\Gonzalo\AppData\Local\Agisoft
2022-05-24 11:38 - 2022-05-24 11:38 - 000000000 ____D C:\Users\Gonzalo\.ipython
2022-05-24 11:38 - 2022-05-24 11:38 - 000000000 ____D C:\ProgramData\Reprise
2022-05-24 11:37 - 2022-05-24 11:37 - 000000000 ____D C:\Users\Gonzalo\AppData\Roaming\Agisoft
2022-05-23 17:35 - 2022-05-23 17:35 - 000000000 __HDC C:\ProgramData\{DA437C79-B695-45AA-ADE4-FE5784F094A1}
2022-05-23 17:35 - 2022-05-23 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GeneradorGML
2022-05-23 16:58 - 2022-05-23 16:58 - 000000000 ____D C:\ProgramData\Piriform
2022-05-22 23:47 - 2022-05-25 20:11 - 000000000 ____D C:\DRON

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2022-06-17 01:16 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-06-17 01:16 - 2015-11-02 01:05 - 000000000 ____D C:\ProgramData\NVIDIA
2022-06-17 01:16 - 2012-06-13 18:07 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 11
2022-06-17 01:16 - 2012-06-13 18:05 - 000000000 ____D C:\ProgramData\Temp
2022-06-17 01:15 - 2012-06-13 18:11 - 000000000 ____D C:\Program Files (x86)\Google
2022-06-17 00:50 - 2018-06-04 23:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
2022-06-17 00:50 - 2017-09-27 16:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aplicación de Blizzard
2022-06-17 00:43 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-06-17 00:35 - 2020-11-12 11:12 - 001927724 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-06-17 00:35 - 2019-12-07 16:55 - 000828688 _____ C:\WINDOWS\system32\perfh00A.dat
2022-06-17 00:35 - 2019-12-07 16:55 - 000175030 _____ C:\WINDOWS\system32\perfc00A.dat
2022-06-17 00:31 - 2020-05-16 00:12 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2022-06-17 00:30 - 2015-10-30 01:34 - 000000000 ____D C:\Program Files\CCleaner
2022-06-17 00:29 - 2021-11-10 13:04 - 000000000 ____D C:\ProgramData\Autodesk
2022-06-17 00:29 - 2019-09-04 18:09 - 000000000 ____D C:\Users\Public\Speedup Sessions
2022-06-17 00:28 - 2020-11-12 11:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-06-17 00:28 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-06-17 00:28 - 2016-06-27 17:18 - 000000000 __SHD C:\Users\Gonzalo\IntelGraphicsProfiles
2022-06-17 00:28 - 2015-10-29 20:27 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-06-17 00:03 - 2021-11-11 19:42 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-06-16 14:47 - 2020-11-12 11:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-06-16 12:38 - 2021-12-13 12:31 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3099137771-1455174418-2327952307-1001
2022-06-16 12:38 - 2020-11-12 11:16 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3099137771-1455174418-2327952307-1001
2022-06-16 12:38 - 2020-11-12 11:10 - 000002423 _____ C:\Users\Gonzalo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-06-16 12:35 - 2021-11-11 19:44 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-06-16 08:50 - 2021-11-11 19:44 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-06-16 08:48 - 2016-06-27 17:27 - 000000000 ____D C:\Program Files\Google
2022-06-16 08:45 - 2015-10-30 01:34 - 000001048 _____ C:\Users\Public\Desktop\CCleaner.lnk
2022-06-16 07:31 - 2021-11-10 13:14 - 000000000 ____D C:\ProgramData\boost_interprocess
2022-06-16 06:11 - 2020-11-30 13:51 - 000003614 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b8d43664761a
2022-06-16 06:11 - 2020-11-12 11:16 - 000003708 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-06-16 02:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-06-16 02:52 - 2020-11-12 11:09 - 000634144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-06-16 02:51 - 2020-11-12 11:10 - 000000000 ____D C:\Users\Gonzalo
2022-06-16 02:51 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-06-16 02:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-06-16 02:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-06-16 02:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-06-16 02:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-06-16 02:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-06-16 02:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-06-16 02:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-06-16 02:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-06-16 02:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-06-16 02:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-06-16 02:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-06-16 02:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-06-16 02:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-06-16 02:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-06-16 02:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-06-16 02:51 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2022-06-16 02:36 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-06-16 02:34 - 2020-11-12 11:09 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-06-16 02:27 - 2015-10-30 19:03 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-06-16 02:19 - 2022-03-21 14:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2022-06-16 02:19 - 2015-10-30 19:03 - 145918784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-06-16 01:07 - 2021-12-15 10:49 - 000000000 ____D C:\WINDOWS\Minidump
2022-06-16 01:07 - 2017-02-18 17:46 - 000000000 ____D C:\Users\Gonzalo\AppData\Local\CrashDumps
2022-06-16 00:15 - 2015-10-29 19:26 - 000000000 ____D C:\Program Files (x86)\ASUS
2022-06-15 19:20 - 2020-11-12 11:16 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-06-15 13:54 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-06-15 12:01 - 2021-11-11 19:44 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-06-15 08:21 - 2020-09-01 03:45 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-06-15 08:21 - 2020-09-01 03:45 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-06-14 11:23 - 2020-01-27 02:27 - 000000000 ____D C:\Users\Gonzalo\AppData\Local\Packages
2022-06-13 23:27 - 2015-10-29 19:21 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-06-13 23:27 - 2015-10-29 19:21 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-06-13 23:23 - 2021-10-16 10:50 - 000000000 ____D C:\Program Files\Riot Vanguard
2022-06-13 14:07 - 2021-02-18 18:04 - 000051485 _____ C:\Users\Gonzalo\.pdfbox.cache
2022-06-13 14:07 - 2021-02-18 18:02 - 000000000 ____D C:\Users\Gonzalo\.afirma
2022-06-07 20:18 - 2020-03-04 17:45 - 000000000 ____D C:\Users\Gonzalo\AppData\Roaming\discord
2022-06-07 19:54 - 2020-03-04 17:45 - 000000000 ____D C:\Users\Gonzalo\AppData\Local\Discord
2022-06-06 17:09 - 2016-08-14 15:08 - 000000000 ____D C:\Users\Gonzalo\AppData\Roaming\vlc
2022-06-03 12:17 - 2021-04-14 23:26 - 000001078 _____ C:\Users\Public\Desktop\Avira.lnk
2022-06-03 12:17 - 2021-04-14 23:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2022-06-03 12:17 - 2020-11-12 11:16 - 000003478 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2022-06-01 10:22 - 2020-01-27 02:43 - 000000000 ____D C:\ProgramData\Packages
2022-05-26 16:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-05-25 00:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-05-24 13:27 - 2017-07-05 17:55 - 000007602 _____ C:\Users\Gonzalo\AppData\Local\Resmon.ResmonCfg
2022-05-23 18:27 - 2021-11-10 13:02 - 000000000 ____D C:\Autodesk
2022-05-19 08:27 - 2022-03-02 14:17 - 000000000 ____D C:\Users\Gonzalo\AppData\Roaming\COPERT
2022-05-18 08:23 - 2015-10-30 01:35 - 000000000 ____D C:\ProgramData\Avira
2022-05-18 08:23 - 2015-10-30 01:35 - 000000000 ____D C:\Program Files (x86)\Avira

==================== Archivos en la raíz de algunos directorios ========

2017-12-04 20:24 - 2019-02-25 12:28 - 000008704 _____ () C:\Users\Gonzalo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-11-18 13:36 - 2021-11-18 13:36 - 000000410 _____ () C:\Users\Gonzalo\AppData\Local\oobelibMkey.log
2017-07-05 17:55 - 2022-05-24 13:27 - 000007602 _____ () C:\Users\Gonzalo\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

adittion:

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 16-06-2022
Ejecutado por Gonzalo (17-06-2022 01:21:12)
Ejecutado desde C:\Users\Gonzalo\Desktop
Microsoft Windows 10 Home Versión 21H2 19044.1766 (X64) (2020-11-12 09:16:49)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================


(Si una entrada es incluida en el fixlist, será eliminada.)

Administrador (S-1-5-21-3099137771-1455174418-2327952307-500 - Administrator - Disabled) => C:\Users\Administrador
DefaultAccount (S-1-5-21-3099137771-1455174418-2327952307-503 - Limited - Disabled)
Gonzalo (S-1-5-21-3099137771-1455174418-2327952307-1001 - Administrator - Enabled) => C:\Users\Gonzalo
Invitado (S-1-5-21-3099137771-1455174418-2327952307-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3099137771-1455174418-2327952307-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Avira Antivirus (Disabled - Up to date) {8EAC8D5C-B3AA-95AA-3DF1-2845CDD09CBE}
AV: Avira Antivirus (Disabled - Up to date) {8A154ED8-4428-DB2D-0E3F-BD82C448FD94}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Avira Antivirus (Enabled - Up to date) {35CD6CB8-9590-9A24-0741-1337B657D603}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

7.1 Surround Sound (HKLM-x32\...\Razer Surround Sound) (Version: 1.0.1.15 - Razer Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.001.20150 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.2.202.235 - Adobe Systems Incorporated)
Advanced Video FX Engine (HKLM-x32\...\Advanced Video FX Engine) (Version:  - )
Agisoft Metashape Professional (HKLM\...\{2AA9233C-3EBF-4771-ADA0-7F0C5AB9C0CD}) (Version: 1.8.1 - Agisoft)
Aplicación de escritorio de Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 8.2.0.34 - Autodesk)
Aplicaciones destacadas de Autodesk 2020-2021 (HKLM-x32\...\{2CBD494D-0A3E-4CB3-AFB3-8CE1734613B0}) (Version: 3.1.0 - Autodesk)
ArcGIS Desktop 10.8 (HKLM-x32\...\ArcGIS Desktop 10.8) (Version: 10.8.12790 - Environmental Systems Research Institute, Inc.)
Argente Utilities 1.0.7.0 (HKLM-x32\...\Argente Utilities_is1) (Version: 1.0.7.0 - Raúl Argente)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.6.8.3 - ASUSTek COMPUTER INC.)
AutoCAD 2021 - Español (Spanish) (HKLM\...\{28B89EEF-4101-040A-2102-CF3F3A09B77D}) (Version: 24.0.47.0 - Autodesk) Hidden
Autodesk App Manager 2020-2021 (HKLM-x32\...\{DB92FEA7-F78C-469E-B138-E2303220F0C4}) (Version: 3.1.0 - Autodesk)
Autodesk AutoCAD 2021 - Español (Spanish) (HKLM\...\AutoCAD 2021 - Español (Spanish)) (Version: 24.0.47.0 - Autodesk)
Autodesk Genuine Service (HKLM\...\{1C5DB7B1-CE18-438C-B071-3AD6B8ADA5A0}) (Version: 4.4.0.85 - Autodesk)
Autodesk Material Library 2021 (HKLM-x32\...\{6774FD60-7D4B-4D57-BE56-2702A07C9701}) (Version: 19.1.22.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2021 (HKLM-x32\...\{6EFAD582-86C1-4AB2-97C5-2070D0B90E08}) (Version: 19.1.22.0 - Autodesk)
Autodesk Single Sign On Component (HKLM\...\{951BB060-1350-4C93-BD83-D966C51D4005}) (Version: 11.2.0.1802 - Autodesk)
AutoFirma (HKLM\...\AutoFirma) (Version: 1.7.1 - Gobierno de España)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2201.2134 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.41.1.25731 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.67.29263 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version:  - Avira Operations GmbH & Co. KG;)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.19.0.11413 - Avira Operations GmbH & Co. KG) Hidden
Blackmagic RAW Common Components (HKLM\...\{7C42C191-D936-4CA3-9B25-829BF37F1ECD}) (Version: 2.3 - Blackmagic Design)
calibre (HKLM-x32\...\{F8B80815-02B9-41C3-88C4-DA539BDC1635}) (Version: 5.27.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 6.00 - Piriform)
Chinese Simplified Fonts Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-2447-0000-A00000000003}) (Version: 10.0.0 - Adobe Systems Incorporated)
Comprobación de estado de PC Windows (HKLM\...\{8B474A92-CE3A-4F46-B6F1-6DFA1390F826}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Configurador FNMT (HKLM-x32\...\ConfiguradorFnmt) (Version: 1.0.2 - FNMT-RCM)
Conversor Numérico (HKLM-x32\...\{66BA9385-3A69-4DCC-8CD9-8ACF00AD530F}) (Version: 1.73.0000 - Nombre de su organización)
COPERT (HKLM\...\{77BE76A0-8D88-4070-BF5A-3C6FD069202D}) (Version: 5.5.1 - EMISIA S.A.)
Cuestionario UAS versión 2.0 (HKLM-x32\...\{7EFA81A0-9F06-4169-AA1C-CD14CAC53982}_is1) (Version: 2.0 - AESA)
CyberLink PowerDVD 11 (HKLM-x32\...\{F232C87C-6E92-4775-8210-DFE90B7777D9}) (Version: 11.0.1620.51 - CyberLink Corp.) Hidden
CyberLink PowerDVD 11 (HKLM-x32\...\InstallShield_{F232C87C-6E92-4775-8210-DFE90B7777D9}) (Version: 11.0.1620.51 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DaVinci Resolve (HKLM\...\{0DE05B8E-6889-4616-8428-850274AB0700}) (Version: 17.4.60004 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{7667C543-084F-47F7-BC60-175FC25E9D6F}) (Version: 2.0.1.0 - Blackmagic Design)
Discord (HKU\S-1-5-21-3099137771-1455174418-2327952307-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
doPDF 6.1  printer (HKLM\...\doPDF 6  printer_is1) (Version:  - Softland)
DriversCloud.com (64 bits) (HKLM\...\{94730EE8-7EA4-4AC3-9E19-A6139C1389E9}) (Version: 10.1.0.1 - Cybelsoft)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
ePUBee Magic (HKLM-x32\...\ePUBee Magic) (Version: 1.0.0.11 - ePUBee)
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
GeneradorGML (HKLM-x32\...\{4110EA23-A5BB-4249-9870-1ABF23B6C4B6}) (Version: 1.1.2 - Colegio Oficial de Aparejadores y A.T. de Almería) Hidden
GeneradorGML (HKLM-x32\...\GeneradorGML) (Version:  - Colegio Oficial de Aparejadores y A.T. de Almería)
Glary Utilities 5.190 (HKLM-x32\...\Glary Utilities 5) (Version: 5.190.0.219 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 102.0.5005.115 - Google LLC)
Google Earth Pro (HKLM\...\{DE181B35-ACEF-4DB0-86D9-731D5767ABB1}) (Version: 7.3.4.8642 - Google)
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
Guardar en la versión web y para dispositivos móviles de Autodesk (HKLM\...\{A9005AC0-4AD8-4E84-B1F7-EE38BB6BCC2D}) (Version: 3.0.26 - Autodesk)
Intel(R) Chipset Device Software (HKLM\...\{9A431D9C-9FC9-454E-AC8D-15DBAA6ED0F7}) (Version: 10.0.26 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.39.1003 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{69AAE674-929D-4A17-B108-623E8FDD6EE7}) (Version: 10.0.39.1003 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{6C9B8590-9D31-4802-92A2-0DDFE9708C4C}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{013FAB2E-017D-4330-8179-B5FE02E7F81C}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4206 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.4.65 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{5EA6BC70-0CFC-413D-8465-8506B6F46EE0}) (Version: 1.39.141.0 - Intel Corporation) Hidden
K-Lite Codec Pack (64-bit) v3.3.0 (HKLM\...\KLiteCodecPack64_is1) (Version: 3.3.0 - )
M20 Gaming Mouse Driver (HKLM-x32\...\{D0E01BE3-1E25-4457-B25A-4D44F352C371}) (Version:  - )
Malwarebytes version 4.5.10.200 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.10.200 - Malwarebytes)
Microsoft .NET Framework 4.8 (ESN) (HKLM\...\{005D18A8-12ED-3D43-B183-F4CE22BDD547}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (HKLM\...\{16735AF7-1D8D-3681-94A5-C578A61EC832}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft Access MUI (Spanish) 2013 (HKLM\...\{90150000-0015-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft DCF MUI (Spanish) 2013 (HKLM\...\{90150000-0090-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 102.0.1245.41 - Microsoft Corporation)
Microsoft Excel MUI (Spanish) 2013 (HKLM\...\{90150000-0016-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Spanish) 2013 (HKLM\...\{90150000-00BA-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Spanish) 2013 (HKLM\...\{90150000-0044-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Spanish) 2013 (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Spanish) 2013 (HKLM\...\{90150000-00E1-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Spanish) 2013 (HKLM\...\{90150000-00E2-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing (Spanish) 2013 (HKLM\...\{90150000-002C-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Spanish) 2013 (HKLM\...\{90150000-00C1-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Spanish) 2013 (HKLM\...\{90150000-006E-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office zuzenketa-tresnak 2013 - Euskara (HKLM\...\{90150000-001F-042D-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3099137771-1455174418-2327952307-1001\...\OneDriveSetup.exe) (Version: 22.111.0522.0002 - Microsoft Corporation)
Microsoft OneNote MUI (Spanish) 2013 (HKLM\...\{90150000-00A1-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Spanish) 2013 (HKLM\...\{90150000-001A-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Spanish) 2013 (HKLM\...\{90150000-0018-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Publisher MUI (Spanish) 2013 (HKLM\...\{90150000-0019-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29913 (HKLM\...\{620A7633-7A09-42A8-8580-076A4483C4B0}) (Version: 14.28.29913 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29913 (HKLM\...\{EECDD137-13DA-46ED-ADA0-BDF7F8BE65B8}) (Version: 14.28.29913 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29913 (HKLM-x32\...\{572DCD10-CF2E-43D1-8151-8BD9AC9086D0}) (Version: 14.28.29913 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29913 (HKLM-x32\...\{6236EBBD-F50F-40B3-B819-8DB0C608308C}) (Version: 14.28.29913 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Word MUI (Spanish) 2013 (HKLM\...\{90150000-001B-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Controlador de audio HD 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PowerLine Utility (HKLM-x32\...\{762E248A-F922-42D6-B577-A47B0AB558D2}) (Version: 1.1.810 - TP-LINK)
Qualcomm Atheros Bandwidth Control Filter Driver (HKLM\...\{ABFED5A0-7D10-4617-A816-DD2D3B85706D}) (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (HKLM\...\{E970CE81-6F26-4274-8E4E-5AFC000FB888}) (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{FE5DFB80-6937-4154-A2C7-EF845C1301F8}) (Version: 1.0.30.1259 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (HKLM\...\{401FADAA-1C16-4721-9F02-19067E1A1CA8}) (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.1.0.1120 - Samsung Electronics)
Samsung NVM Express Driver (HKLM-x32\...\{b04488a2-b602-496c-bee1-c8b3f068dc11}) (Version: 2.2.0.1703 - Samsung Electronics)
Samsung NVM Express Driver 2.2.0.1703 (HKLM\...\{BDFEC366-DB3C-4330-9459-C4934C8CB5F2}) (Version: 2.2.0.1703 - Samsung Electronics Co., Ltd) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0015-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0016-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0018-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0019-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001A-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}_Office15.PROPLUS_{7D51497F-786F-4695-A0FB-45A5C2CCD74F}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{835E4BED-E265-4103-AE14-0B4C70CF3FE8}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{1F7000D3-A917-4AD2-BA55-59E6FDAF062A}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}_Office15.PROPLUS_{72C9E028-F9E7-4172-AC45-0C8029B591D5}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-042D-1000-0000000FF1CE}_Office15.PROPLUS_{4D556DC4-C08F-4F31-BE84-FE705AABA288}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}_Office15.PROPLUS_{6426C68E-311A-43CE-86C1-98A8A397F315}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{4BF13B26-3A95-4E42-900A-DEB16FDA75A0}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-002C-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{B39009D8-2648-44FF-B603-2A8234E219B1}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0044-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-006E-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{6670E5F0-8543-49D7-BFAD-124F7AB659D2}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0090-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00A1-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00BA-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1931508C-C004-4983-81E3-70BE6252904B}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{FC62B217-264F-43AA-8389-97AC35035184}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E1-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E2-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{33DB1FFE-31AB-43FB-962E-E3FA8C6DDFAD}) (Version:  - Microsoft) Hidden
Skype versión 8.75 (HKLM-x32\...\Skype_is1) (Version: 8.75 - Skype Technologies S.A.)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{5a6a5d15-d5af-417c-b08f-f7e5eb1f98af}) (Version: 10.0.26 - Intel(R) Corporation) Hidden
Sound Blaster X-Fi MB3 (HKLM-x32\...\{3689CE39-3173-4952-B7AF-F1A9D6F9A288}) (Version: 1.00.03 - Creative Technology Limited)
THX Spatial Audio (HKLM-x32\...\THX Spatial Audio) (Version: 1.0.4.18 - Razer Inc.)
Turbo-Speed Reader 1.1 (HKLM-x32\...\Turbo-Speed Reader 1.1) (Version: 1.1 - Ramón Campayo)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
VALORANT (HKU\S-1-5-21-3099137771-1455174418-2327952307-1001\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 101.0.1210.53 - Microsoft Corporation)
Windows Live Communications Platform (HKLM-x32\...\{D45240D3-B6B3-4FF9-B243-54ECE3E10066}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{1B8ABA62-74F0-47ED-B18C-A43128E591B8}) (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (HKLM-x32\...\{0B0F231F-CE6A-483D-AA23-77B364F75917}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (HKLM\...\{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (HKLM-x32\...\{4A275FD1-2F24-4274-8C01-813F5AD1A92D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (HKLM-x32\...\{EB4DF488-AAEF-406F-A341-CB2AAA315B90}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{A41A708E-3BE6-4561-855D-44027C1CF0F8}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (HKLM-x32\...\{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE (HKLM-x32\...\{682B3E4F-696A-42DE-A41C-4C07EA1678B4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (HKLM-x32\...\{200FEC62-3C34-4D60-9CE8-EC372E01C08F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (HKLM-x32\...\{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{ED86C4AB-D1E5-42CF-BFA3-56BAAE617D4E}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 6.02 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)

Packages:
=========
Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-01-18] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-30] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.5310.0_x64__8wekyb3d8bbwe [2022-06-07] (Microsoft Studios) [MS Ad]

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-3099137771-1455174418-2327952307-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2021\acad.exe (Autodesk, Inc. -> Autodesk, Inc.) [Archivo no firmado]
CustomCLSID: HKU\S-1-5-21-3099137771-1455174418-2327952307-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2021\acad.exe (Autodesk, Inc. -> Autodesk, Inc.) [Archivo no firmado]
CustomCLSID: HKU\S-1-5-21-3099137771-1455174418-2327952307-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2021\es-ES\acadficn.dll (Autodesk Asia Pte. Ltd. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2020-01-22] (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2020-01-22] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2022-06-14] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-07-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2022-05-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2022-06-14] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-13] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2022-05-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2022-05-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2022-06-14] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-13] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-07-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [100352 2010-03-10] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2018-09-26] (Beepa P/L) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2018-09-26] (Beepa P/L) [Archivo no firmado]

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\Gonzalo\Desktop\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl
ShortcutWithArgument: C:\Users\Gonzalo\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_cnciopoikihiagdjbjpnocolokfelagl\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl
ShortcutWithArgument: C:\Users\Gonzalo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Betaflight - Configurator.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=kdaghagfopacdngbohiknlhcocjccjao
ShortcutWithArgument: C:\Users\Gonzalo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl
ShortcutWithArgument: C:\Users\Gonzalo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl
ShortcutWithArgument: C:\Users\Gonzalo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\6f319d938f0c7ae8\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl

==================== Módulos cargados (Lista blanca) =============

2017-03-26 20:29 - 2006-06-09 16:48 - 000253952 ____N () [Archivo no firmado] C:\Program Files (x86)\Creative\Creative Live! Cam\VideoFX\EyeCatcherEx.dll
2016-09-02 16:30 - 2014-07-01 09:00 - 000057344 _____ () [Archivo no firmado] C:\Program Files (x86)\Shark Zone M20\lan.dll
2021-04-21 04:20 - 2021-04-21 04:20 - 000021504 _____ (Adobe Systems Inc.) [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\es_es\Acrobat Elements\ContextMenuShim64.esp
2009-08-18 01:52 - 2009-08-18 01:52 - 000251904 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\WINDOWS\system32\atiadlxx.dll
2017-03-26 20:29 - 2006-03-14 14:31 - 000380987 ____N (Intel Corporation) [Archivo no firmado] C:\Program Files (x86)\Creative\Creative Live! Cam\VideoFX\highgui097.dll
2015-10-29 19:53 - 2015-02-17 08:53 - 000074240 ____R (Intel Corporation) [Archivo no firmado] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2017-03-26 20:29 - 2005-07-26 17:34 - 000802864 ____N (Intel Corporation.) [Archivo no firmado] C:\Program Files (x86)\Creative\Creative Live! Cam\VideoFX\cv097.dll
2017-03-26 20:29 - 2005-07-26 15:49 - 001040436 ____N (Intel Corporation.) [Archivo no firmado] C:\Program Files (x86)\Creative\Creative Live! Cam\VideoFX\cxcore097.dll
2012-06-13 18:06 - 2011-03-31 10:52 - 000499712 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\MSVCP71.dll
2012-06-13 18:06 - 2011-03-31 10:52 - 000348160 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\MSVCR71.dll
2022-06-16 13:51 - 2022-06-16 13:51 - 003091456 _____ (Newtonsoft) [Archivo no firmado] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\fbd91d0b0c038bc0466e585075b1f989\Newtonsoft.Json.ni.dll
2015-11-01 23:20 - 2014-08-14 14:47 - 001283136 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Archivo no firmado] C:\WINDOWS\system32\nvspcap64.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0:477C16134C [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk:1069064143 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk:9185529B88 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk:937024FEE8 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk:399E325E95 [10]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\43983253.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\43983253.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado.)

HKU\S-1-5-21-3099137771-1455174418-2327952307-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"

==================== Internet Explorer (Lista blanca) ==========

HKU\S-1-5-21-3099137771-1455174418-2327952307-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.es/
HKU\S-1-5-21-3099137771-1455174418-2327952307-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://es.msn.com/?ocid=OIE9HP
HKU\S-1-5-21-3099137771-1455174418-2327952307-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://es.msn.com/?ocid=OIE9HP
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-04-21] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-04-21] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-04-21] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-04-21] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-04-21] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-04-21] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
IE Session Restore: HKU\S-1-5-21-3099137771-1455174418-2327952307-1001 -> está habilitado.
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2021-08-17] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2009-07-14 04:34 - 2022-06-07 16:52 - 000442817 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	www.100888290cs.com
127.0.0.1	100888290cs.com
127.0.0.1	100sexlinks.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	www.10sek.com
127.0.0.1	10sek.com
127.0.0.1	1-2005-search.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	www.123fporn.info
127.0.0.1	123fporn.info
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123moviedownload.com
127.0.0.1	123moviedownload.com

Hay 15206 más lineas.


==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

adition 2:

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Calibre2\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\AutoFirma\AutoFirma
HKU\S-1-5-21-3099137771-1455174418-2327952307-1001\Control Panel\Desktop\\Wallpaper -> d:\gonzalo\fotos\fotos 2018\canadá\2018-08-13\dsc02295.jpg
HKU\S-1-5-21-3099137771-1455174418-2327952307-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 212.166.210.82 - 212.166.132.104
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo)
Firewall de Windows está habilitado.

Network Binding:
=============
Conexión de área local: Qualcomm Atheros Bandwidth Control -> BF_NdisLwf (enabled) 
Conexión de área local 2: Qualcomm Atheros Bandwidth Control -> BF_NdisLwf (enabled) 

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: RemoteControl11 => "C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe"
MSCONFIG\startupreg: Sound Blaster X-Fi MB 3 => "C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB3\Sound Blaster X-Fi MB3\SBXFIMB3.exe" /r
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "V0250Mon.exe"
HKLM\...\StartupApproved\Run32: => "V0250Cfg.exe"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Autodesk Genuine Service "
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKU\S-1-5-21-3099137771-1455174418-2327952307-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3099137771-1455174418-2327952307-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3099137771-1455174418-2327952307-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [UDP Query User{A8842886-C5E6-43A2-9DD1-C709A31F149D}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{F955FEFF-8264-4D54-8DBC-16A0850A1458}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{A29013F5-93D2-4C30-8E5B-08FF87220661}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{C64217DB-A9D7-4C94-8FAC-22D2BADAFEC6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{BF0BEA55-BFEB-4F52-A273-2086BABB5FD0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe (CyberLink -> CyberLink)
FirewallRules: [{6EC160A8-DA2F-45EB-ADAC-6AE4C2D66014}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD11\Movie\PowerDVD Cinema\PowerDVDCinema11.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{DDDCA0DF-109D-47D4-9068-EE1E47EE08CF}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A67AEB85-AA7D-4A94-8CFC-ABD4C787201A}] => (Allow) LPort=2869
FirewallRules: [{B638BDC5-C777-4D0A-B020-6638612645DE}] => (Allow) LPort=1900
FirewallRules: [{A4FFCD08-26FC-4A32-BA2B-12EDADD07080}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BF6E667A-9EB7-4A6D-86AB-AD98508ED35F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{383B928F-9454-4609-9CA5-6EDB56F2945A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0B4AA400-DB45-4E18-A7C4-BBA53EAE38A3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9EB93B5B-09F9-40C7-9F0D-20F59C1F7BE6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EBC7E6A8-DF97-484F-AA41-7AE03186CFEC}] => (Allow) S:\Warhammer Total War y Steam\Steam.exe => Ningún archivo
FirewallRules: [{3666F03E-1A8F-45CB-A1E7-72FCF1970FA7}] => (Allow) S:\Warhammer Total War y Steam\Steam.exe => Ningún archivo
FirewallRules: [{8A887888-8C11-41DE-A0B3-CA80A844398E}] => (Allow) S:\Warhammer Total War y Steam\bin\cef\cef.win7\steamwebhelper.exe => Ningún archivo
FirewallRules: [{E0FBFBEC-72F9-4EF3-852E-338A3757F728}] => (Allow) S:\Warhammer Total War y Steam\bin\cef\cef.win7\steamwebhelper.exe => Ningún archivo
FirewallRules: [{8E0FB9CD-F25F-4714-AD34-6548F3353605}] => (Allow) S:\Warhammer Total War y Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe => Ningún archivo
FirewallRules: [{159F7F8B-818E-4071-8CC6-62C40637EA57}] => (Allow) S:\Warhammer Total War y Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe => Ningún archivo
FirewallRules: [{B64F0050-01D1-41CC-811B-97C35EA4A54B}] => (Allow) F:\Warhammer Total War y Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F91817A2-D53E-43B2-94B0-FA8A33CEB5C1}] => (Allow) F:\Warhammer Total War y Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{49C4F966-43B4-4B29-A265-8BE32C391E69}F:\warhammer total war y steam\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) F:\warhammer total war y steam\steamapps\common\total war warhammer ii\warhammer2.exe (The Creative Assembly Ltd -> The Creative Assembly Ltd)
FirewallRules: [UDP Query User{85EEF7C3-2821-482C-A2D6-7A2A1F6137F8}F:\warhammer total war y steam\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) F:\warhammer total war y steam\steamapps\common\total war warhammer ii\warhammer2.exe (The Creative Assembly Ltd -> The Creative Assembly Ltd)
FirewallRules: [{4329014F-AC07-4CD7-B631-4AC5A577F826}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{792132EA-FB03-4C37-BB06-A9F3F6ECA7DD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F5C2B5E9-4318-4BFF-B055-63D151A6ED55}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D927AC59-4BB6-4542-AB56-92E36E0AC5BD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{7D9DAECA-976C-4CF8-935D-A350F562E5FF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{64F2D751-23E8-4490-8506-E111762CE214}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{1790EBAF-F751-4741-97FD-9A6AC2E4B6A1}] => (Allow) F:\Warhammer Total War y Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{57A77755-C2C1-4BA3-83D1-89F06C6BD457}] => (Allow) F:\Warhammer Total War y Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{EDB359F3-4C55-48B6-9067-3293F22A5607}] => (Allow) F:\Warhammer Total War y Steam\steamapps\common\Liftoff\Liftoff.exe () [Archivo no firmado]
FirewallRules: [{936F3A95-A5F2-4BF6-A7D2-6D30C1A35990}] => (Allow) F:\Warhammer Total War y Steam\steamapps\common\Liftoff\Liftoff.exe () [Archivo no firmado]
FirewallRules: [{8786B270-D9A7-485D-8AF7-DF0A18CF3EC6}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft)
FirewallRules: [{8CD8AAC2-A366-4193-842B-79DE9BC3108C}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft)
FirewallRules: [TCP Query User{794B84BC-B39F-4E94-9758-DBB193AA4960}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [UDP Query User{9B50572E-B452-4EDD-A2D8-E140EEA43CDF}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [TCP Query User{A7A2E556-8DC0-46C0-890F-B1FDE32DF2F8}F:\davinci\resolve.exe] => (Allow) F:\davinci\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{252BF885-EF9C-40BB-98A4-C9323CE1C601}F:\davinci\resolve.exe] => (Allow) F:\davinci\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{6C1402E2-DB07-44B1-858D-990328159249}F:\davinci\fuscript.exe] => (Allow) F:\davinci\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{205F6571-8979-4623-B796-DBA6F174D7D3}F:\davinci\fuscript.exe] => (Allow) F:\davinci\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{51E31120-B668-4253-B336-A3C6F81FA0DB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2A83A16F-95C1-46E3-A2A9-79397213783C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{096FF419-6C13-4F1F-AD35-89E5B17EFC27}] => (Allow) F:\Warhammer Total War y Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Ltd -> Creative Assembly Ltd)
FirewallRules: [{D807165A-2129-48EC-B2A0-4F65115F7988}] => (Allow) F:\Warhammer Total War y Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Ltd -> Creative Assembly Ltd)
FirewallRules: [{3E9F60F2-3602-4B5D-B8E8-508914A06092}] => (Allow) C:\Program Files\Razer\RzAppEngine\rzappengine.exe (Razer USA Ltd. -> Razer Inc.)
FirewallRules: [TCP Query User{C66B4747-A51A-4729-9501-A78B1913F35D}D:\valorant\riot games\riot client\riotclientservices.exe] => (Allow) D:\valorant\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{9E1F6D7F-D0DF-4811-A823-FEE1257DF6DF}D:\valorant\riot games\riot client\riotclientservices.exe] => (Allow) D:\valorant\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{A796237B-20A5-42CC-8DBB-B4EA9A8CC9AC}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{559290B9-CEED-4B4E-AE1A-3D69E74A5A6A}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{57EAF05D-80F9-4337-A93D-4FA4CBFF141D}] => (Allow) F:\Davinci\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{C6034683-44B7-4BE4-BF39-C39E58D42AE7}] => (Allow) F:\Davinci\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{F089D184-5095-41DB-8BCF-190C4B65F0A1}] => (Allow) F:\Davinci\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{A231264F-4AA1-429B-A701-E3DCFFD97809}] => (Allow) F:\Davinci\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{65FD6E60-C0FF-413F-9044-6DD96A95E92D}] => (Allow) F:\Davinci\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{CAFC78CE-7F2E-4073-9638-E47B96FFC66C}] => (Allow) F:\Davinci\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{63509A01-C999-4679-B83E-A5E25315BF1D}] => (Allow) F:\Davinci\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{B96431EE-277C-4959-BE9F-36D635FA2B65}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\101.0.1210.53\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{78AE8A65-5FAF-4D69-A5F0-9D1023600D3D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{40AF861E-60EA-4556-B650-A3E5D9299AAF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{74BC4BE1-B4D1-478D-8F31-56C4029CC9B6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0791F50E-D0F8-466B-ADE1-25FA6AE88283}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{47C564B0-A7A7-459B-8004-840CF7DE6D9E}] => (Allow) F:\Warhammer Total War y Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Ltd -> Creative Assembly Ltd)
FirewallRules: [{439BC431-274A-4401-82D0-3B16B1CAA0ED}] => (Allow) F:\Warhammer Total War y Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Ltd -> Creative Assembly Ltd)
FirewallRules: [{D3F4882C-2CB6-453F-81E0-66104C583698}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Puntos de Restauración =========================


==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (06/16/2022 12:38:26 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Windows no puede cargar el archivo DLL del contador extensible "C:\WINDOWS\system32\sysmain.dll" (código de error de Win32 126).

Error: (06/15/2022 08:09:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: FRST64.exe, versión: 15.6.2022.0, marca de tiempo: 0x62a9eeb5
Nombre del módulo con errores: COMCTL32.dll, versión: 6.10.19041.1110, marca de tiempo: 0xdb2b08ef
Código de excepción: 0xc000041d
Desplazamiento de errores: 0x0000000000074ac5
Identificador del proceso con errores: 0xf0c
Hora de inicio de la aplicación con errores: 0x01d880e31fc5da7e
Ruta de acceso de la aplicación con errores: C:\Users\Gonzalo\Desktop\FRST64.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e\COMCTL32.dll
Identificador del informe: e0782f62-95ff-47ac-9cb7-54c46956b61d
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/15/2022 08:09:58 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows no puede tener acceso al archivo  por alguna de las siguientes razones:
Hay un problema con la conexión de red, con el disco donde se almacena este archivo o con los controladores
de almacenamiento instalados en este equipo; o bien no se encuentra el disco.
Windows cerró el programa Farbar Recovery Scan Tool por este error.

Programa: Farbar Recovery Scan Tool
Archivo: 

El valor del error se muestra en la sección Datos adicionales.
Acción del usuario
1. Abra el archivo de nuevo.
Podría ser solo un problema temporal que se corrige al ejecutar el programa de nuevo.
2.
Si todavía no se puede tener acceso al archivo y 
	- Está en la red,
el administrador de red debe comprobar que no exista ningún problema con la red y que es posible ponerse en contacto con el servidor.
	- Está en un disco extraíble, como un disquete o un CD-ROM, compruebe que el disco esté insertado en el equipo.
3. Compruebe y repare el sistema de archivos ejecutando CHKDSK. Para ejecutar CHKDSK, haga clic en Inicio y después en Ejecutar; escriba CMD y después haga clic en Aceptar. En el símbolo del sistema, escriba CHKDSK /F y después presione Entrar.
4. Si el problema continúa, restaure el archivo a partir de una copia de seguridad.
5. Compruebe si se pueden abrir otros archivos en el mismo disco. Si no se pueden abrir, el disco podría estar dañado. Si se trata de un disco duro, póngase en contacto con el administrador o con el fabricante del hardware del equipo
para obtener ayuda adicional.

Datos adicionales
Valor del error:00000000
Tipo de disco: 0

Error: (06/15/2022 08:09:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: FRST64.exe, versión: 15.6.2022.0, marca de tiempo: 0x62a9eeb5
Nombre del módulo con errores: COMCTL32.dll, versión: 6.10.19041.1110, marca de tiempo: 0xdb2b08ef
Código de excepción: 0xc000001d
Desplazamiento de errores: 0x0000000000074ac5
Identificador del proceso con errores: 0xf0c
Hora de inicio de la aplicación con errores: 0x01d880e31fc5da7e
Ruta de acceso de la aplicación con errores: C:\Users\Gonzalo\Desktop\FRST64.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e\COMCTL32.dll
Identificador del informe: 30586d4f-e1d6-42b0-96e3-634ac6ad171f
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/15/2022 08:09:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: FRST64.exe, versión: 15.6.2022.0, marca de tiempo: 0x62a9eeb5
Nombre del módulo con errores: COMCTL32.dll, versión: 6.10.19041.1110, marca de tiempo: 0xdb2b08ef
Código de excepción: 0xc000041d
Desplazamiento de errores: 0x0000000000074ac5
Identificador del proceso con errores: 0x604
Hora de inicio de la aplicación con errores: 0x01d880e30bf18e5a
Ruta de acceso de la aplicación con errores: C:\Users\Gonzalo\Desktop\FRST64.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e\COMCTL32.dll
Identificador del informe: 8af7c088-44fc-4cc8-8fc7-43a50c4fc908
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/15/2022 08:09:25 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows no puede tener acceso al archivo  por alguna de las siguientes razones:
Hay un problema con la conexión de red, con el disco donde se almacena este archivo o con los controladores
de almacenamiento instalados en este equipo; o bien no se encuentra el disco.
Windows cerró el programa Farbar Recovery Scan Tool por este error.

Programa: Farbar Recovery Scan Tool
Archivo: 

El valor del error se muestra en la sección Datos adicionales.
Acción del usuario
1. Abra el archivo de nuevo.
Podría ser solo un problema temporal que se corrige al ejecutar el programa de nuevo.
2.
Si todavía no se puede tener acceso al archivo y 
	- Está en la red,
el administrador de red debe comprobar que no exista ningún problema con la red y que es posible ponerse en contacto con el servidor.
	- Está en un disco extraíble, como un disquete o un CD-ROM, compruebe que el disco esté insertado en el equipo.
3. Compruebe y repare el sistema de archivos ejecutando CHKDSK. Para ejecutar CHKDSK, haga clic en Inicio y después en Ejecutar; escriba CMD y después haga clic en Aceptar. En el símbolo del sistema, escriba CHKDSK /F y después presione Entrar.
4. Si el problema continúa, restaure el archivo a partir de una copia de seguridad.
5. Compruebe si se pueden abrir otros archivos en el mismo disco. Si no se pueden abrir, el disco podría estar dañado. Si se trata de un disco duro, póngase en contacto con el administrador o con el fabricante del hardware del equipo
para obtener ayuda adicional.

Datos adicionales
Valor del error:00000000
Tipo de disco: 0

Error: (06/15/2022 08:09:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: FRST64.exe, versión: 15.6.2022.0, marca de tiempo: 0x62a9eeb5
Nombre del módulo con errores: COMCTL32.dll, versión: 6.10.19041.1110, marca de tiempo: 0xdb2b08ef
Código de excepción: 0xc000001d
Desplazamiento de errores: 0x0000000000074ac5
Identificador del proceso con errores: 0x604
Hora de inicio de la aplicación con errores: 0x01d880e30bf18e5a
Ruta de acceso de la aplicación con errores: C:\Users\Gonzalo\Desktop\FRST64.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e\COMCTL32.dll
Identificador del informe: ebbebd9e-57fe-4f60-b93d-c37f156c1566
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/15/2022 08:09:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: conhost.exe, versión: 10.0.19041.1566, marca de tiempo: 0x56b24be3
Nombre del módulo con errores: comctl32.DLL, versión: 6.10.19041.1110, marca de tiempo: 0xdb2b08ef
Código de excepción: 0xc000041d
Desplazamiento de errores: 0x0000000000074ac5
Identificador del proceso con errores: 0x40e4
Hora de inicio de la aplicación con errores: 0x01d880e3026018bd
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\conhost.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e\comctl32.DLL
Identificador del informe: 09533f46-95e5-48f8-bace-150994613621
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:


Errores del sistema:
=============
Error: (06/16/2022 09:06:45 AM) (Source: DCOM) (EventID: 10005) (User: Gonzalo-PC)
Description: Error de DCOM "1084" al intentar iniciar el servicio camsvc con argumentos "No disponible" para ejecutar el servidor:
Windows.Internal.CapabilityAccess.CapabilityAccess

Error: (06/16/2022 09:05:08 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1084" al intentar iniciar el servicio UsoSvc con argumentos "No disponible" para ejecutar el servidor:
{B91D5831-B1BD-4608-8198-D72E155020F7}

Error: (06/16/2022 09:05:08 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1084" al intentar iniciar el servicio UsoSvc con argumentos "No disponible" para ejecutar el servidor:
{B91D5831-B1BD-4608-8198-D72E155020F7}

Error: (06/16/2022 09:03:34 AM) (Source: DCOM) (EventID: 10005) (User: Gonzalo-PC)
Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (06/16/2022 09:03:34 AM) (Source: DCOM) (EventID: 10005) (User: Gonzalo-PC)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (06/16/2022 09:00:08 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1084" al intentar iniciar el servicio UsoSvc con argumentos "No disponible" para ejecutar el servidor:
{B91D5831-B1BD-4608-8198-D72E155020F7}

Error: (06/16/2022 09:00:08 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1084" al intentar iniciar el servicio UsoSvc con argumentos "No disponible" para ejecutar el servidor:
{B91D5831-B1BD-4608-8198-D72E155020F7}

Error: (06/16/2022 08:59:52 AM) (Source: DCOM) (EventID: 10005) (User: Gonzalo-PC)
Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}


CodeIntegrity:
===============
Date: 2022-06-16 13:52:21
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2022-06-16 13:52:21
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll that did not meet the Microsoft signing level requirements.

Date: 2022-06-16 13:52:21
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2022-06-16 13:52:20
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2022-06-16 13:48:31
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2022-06-16 13:48:31
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll that did not meet the Microsoft signing level requirements.

Date: 2022-06-16 13:48:30
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.


==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. F6 04/21/2015
Placa base: Gigabyte Technology Co., Ltd. Z97X-Gaming 3
Procesador: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Porcentaje de memoria en uso: 27%
RAM física total: 16244.84 MB
RAM física disponible: 11771.46 MB
Virtual total: 32628.84 MB
Virtual disponible: 27712.86 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:118.69 GB) (Free:38.64 GB) (Model: Samsung SSD 850 PRO 128GB) NTFS
Drive d: (Datos) (Fixed) (Total:1862.92 GB) (Free:404.9 GB) (Model: ST2000DM001-1ER164) NTFS
Drive f: (960 EVO SSD) (Fixed) (Total:209.47 GB) (Free:122.69 GB) (Model: NVMe Samsung SSD 960 SCSI Disk Device) NTFS

\\?\Volume{99aed444-7e60-11e5-a419-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{e44e16d7-0000-0000-0000-20ac1d000000}\ () (Fixed) (Total:0.55 GB) (Free:0.11 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: E44E16AF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: E44E16D7)
Partition 1: (Not Active) - (Size=118.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=564 MB) - (Type=27)

==========================================================
Disk: 2 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Final de Addition.txt =======================

¿Entonces esto se queda ya como terminado? ¿Queda algo pendiente? ¿Tendría que hacer algo más o haríais algo más?

Muchas gracias y un saludo

Hola @KnightAnubis

Estoy esperando el visto bueno del script para poder indicarte los pasos para ejecutarlo.

Saludos

Ok, si no te dice el script si me puede decir alguien…

Muchas gracias

Hola @KnightAnubis

Disculpa la tardanza

Deshabilita nuevamente tu antivirus: ¿Cómo deshabilitar temporalmente su Antivirus?

En el equipo, con los demás programas cerrados abra el notepad; puede abrirlo en la barra de búsqueda de windows y escribiendo notepad.exe

Posteriormente, copie y pegue este script de reparación dentro del Notepad comenzando en Start y terminando en End:

Start
SystemRestore: On
CreateRestorePoint:
CloseProcesses:

HKLM\...\Run: [] => [X]
HKU\S-1-5-21-3099137771-1455174418-2327952307-1001\...\Policies\Explorer: [DisallowCpl] 1
GroupPolicy: Restricción ? <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN

Task: {09D97BED-03BB-40C5-9CDB-85D618136814} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\3 => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Ningún archivo)
Task: {1232F43A-B672-4FE7-97CC-2499FA8F123C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Ningún archivo)
Task: {13FCC05D-94D1-406D-BB54-5C4D408F8A79} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (Ningún archivo)
Task: {1C0936E8-FFDD-41B5-9147-4D5EB582404A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Ningún archivo)
Task: {1F016139-9187-4212-AFFC-192895246AE7} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Ningún archivo)
Task: {2E530DAA-3A24-490E-9852-E8856410494B} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Ningún archivo)
Task: {30829EBC-72C8-4BFD-AEA3-7E29BCE7DB04} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Ningún archivo)
Task: {499B7144-3BC2-4927-B935-4320E1D25F39} - \Microsoft\Windows\Setup\EOSNotify -> Ningún archivo <==== ATENCIÓN
Task: {4B4B3456-FC31-414A-A9B6-F1A5641D7E95} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Ningún archivo)
Task: {4CD24CBC-B1E8-4F38-A006-F23D40B84F5F} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe -LogonOrUnlock (Ningún archivo)
Task: {4F0BAE94-8DAA-4468-9EAB-8C116393B60B} - System32\Tasks\EOSv3 Scheduler onLogOn => D:\Descargas\esetonlinescanner_esn.exe LOGON (Ningún archivo)
Task: {43AA5B35-719C-4841-A2A0-D6F93111773B} - System32\Tasks\EOSv3 Scheduler onTime => D:\Descargas\esetonlinescanner_esn.exe SCHED (Ningún archivo)
Task: {4CD24CBC-B1E8-4F38-A006-F23D40B84F5F} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe -LogonOrUnlock (Ningún archivo)
Task: {4F0BAE94-8DAA-4468-9EAB-8C116393B60B} - System32\Tasks\EOSv3 Scheduler onLogOn => D:\Descargas\esetonlinescanner_esn.exe LOGON (Ningún archivo)
Task: {56CA7765-1DB8-45DD-B34C-71B999EC6080} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Ningún archivo)
Task: {70E9846C-BD0F-4117-99C7-BC076AE4D768} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Ningún archivo)
Task: {7E788995-B7C9-4102-9450-095D9B4CA9F0} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Ningún archivo)
Task: {811A0552-F59A-471B-8367-3534F7A0E026} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Ningún archivo)
Task: {8414B7C8-73BC-4C37-970B-4B400486B1C6} - \GoogleUpdateTaskUserS-1-5-21-3099137771-1455174418-2327952307-1000Core -> Ningún archivo <==== ATENCIÓN
Task: {960C22DB-F7E8-44FA-B378-2273F97FDD9C} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Ningún archivo)
Task: {A3714F30-F05B-4E47-9FD4-74F276242510} - \Microsoft\Windows\Setup\EOSNotify2 -> Ningún archivo <==== ATENCIÓN
Task: {A5AB1AA0-B922-40A5-96D7-D8F37A1BF144} - \GoogleUpdateTaskUserS-1-5-21-3099137771-1455174418-2327952307-1000UA -> Ningún archivo <==== ATENCIÓN
Task: {B5D8AFE8-BD7D-4F75-BC7B-681707FCDA74} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Ningún archivo)
Task: {BA4D5CFE-B582-4D5C-B93F-9B0B40A3205B} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Ningún archivo)
Task: {C152B474-E2DC-46B1-B6C2-DC858B71ED85} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Ningún archivo)
Task: {CFAA3138-1135-4C47-873C-D5CD1BBCB37B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Ningún archivo)
Task: {D3F1BD32-F7DD-4016-96FF-BFCE268E1BE3} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Ningún archivo)
Task: {DF6AC915-D004-45EF-8FB0-2ED5F9872AFC} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Ningún archivo)
Task: {E1A218AD-2D86-4FA7-B1E2-B847358138E0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Ningún archivo)
Task: {E2E6481A-0932-46B5-A3A1-B9654C75E246} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Ningún archivo)
Task: {E3611B4A-8813-42D2-8B4B-653C1115AFAA} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe (Ningún archivo)
Task: {EC0F5C1A-A9FE-448C-A5BF-84C3168BD5F5} - System32\Tasks\{564C74AB-0372-44DD-987F-49DE9345B2C5} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.85.105/es/abandoninstall?page=tsMain
Task: {EC100D74-D1F6-4508-A99E-6F9EAA7F5F79} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe /StartRecording (Ningún archivo)
Task: {EC2A6A69-623E-4956-97D1-A0D589070B35} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe -Daily (Ningún archivo)
Task: {EF79184D-93BB-4540-A290-CAF66C405FF1} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Ningún archivo)
Task: {F67B7548-CE33-4F7A-8F95-7A2CBD77A6A9} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Ningún archivo)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATENCIÓN (Restricción - Zones)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restricción <==== ATENCIÓN

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo

AlternateDataStreams: C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0:477C16134C [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk:1069064143 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk:9185529B88 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk:937024FEE8 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk:399E325E95 [10]


FirewallRules: [{A67AEB85-AA7D-4A94-8CFC-ABD4C787201A}] => (Allow) LPort=2869
FirewallRules: [{B638BDC5-C777-4D0A-B020-6638612645DE}] => (Allow) LPort=1900
FirewallRules: [{EBC7E6A8-DF97-484F-AA41-7AE03186CFEC}] => (Allow) S:\Warhammer Total War y Steam\Steam.exe => Ningún archivo
FirewallRules: [{3666F03E-1A8F-45CB-A1E7-72FCF1970FA7}] => (Allow) S:\Warhammer Total War y Steam\Steam.exe => Ningún archivo
FirewallRules: [{8A887888-8C11-41DE-A0B3-CA80A844398E}] => (Allow) S:\Warhammer Total War y Steam\bin\cef\cef.win7\steamwebhelper.exe => Ningún archivo
FirewallRules: [{E0FBFBEC-72F9-4EF3-852E-338A3757F728}] => (Allow) S:\Warhammer Total War y Steam\bin\cef\cef.win7\steamwebhelper.exe => Ningún archivo
FirewallRules: [{8E0FB9CD-F25F-4714-AD34-6548F3353605}] => (Allow) S:\Warhammer Total War y Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe => Ningún archivo
FirewallRules: [{159F7F8B-818E-4071-8CC6-62C40637EA57}] => (Allow) S:\Warhammer Total War y Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe => Ningún archivo

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
End

• Vaya a Archivo y selecciona Guardar Como.
• En la parte de Codificación elija Unicode o UTF8 según le de la opción.
• Guárdelo bajo el nombre de fixlist.txt en el escritorio al igual que FRST. Esto es muy importante.

¡ATENCIÓN! El anterior Script de reparación fue hecho específicamente por un miembro del Staff para este usuario, si tiene un problema similar por favor abra su propio tema para recibir ayuda personalizada. Usar Scripts de otros usuarios puede causar daños a su equipo

• Ejecute Frst.exe. y presione el botón Fix / Corregir
• Espere pacientemente a que termine y no use el equipo. Al terminar el equipo podría reiniciarse
• La Herramienta guardará el reporte en su escritorio (Fixlog.txt).

Pega el reporte y comenta como va todo

Saludos

Buenos días y muchas gracias!

Copio el reporte, de momento veo que se han borrado muchas configuraciones previas, pero parece ir todo normal. Si tengo que hacer alguna cosa más me comentáis. Con los programas instalados, qué hago? Entiendo que el ESET se queda por tener archivos en cuarentena, pero el resto?

De nuevo, muchísimas gracias!

Saludossssssssss!

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 05-07-2022
Ejecutado por Gonzalo (07-07-2022 09:39:30) Run:1
Ejecutado desde C:\Users\Gonzalo\Desktop
Perfiles cargados: Gonzalo & Administrador
Modo de Inicio: Normal
==============================================

fixlist contenido:
*****************
Start
SystemRestore: On
CreateRestorePoint:
CloseProcesses:

HKLM\...\Run: [] => [X]
HKU\S-1-5-21-3099137771-1455174418-2327952307-1001\...\Policies\Explorer: [DisallowCpl] 1
GroupPolicy: Restricción ? <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN

Task: {09D97BED-03BB-40C5-9CDB-85D618136814} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\3 => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Ningún archivo)
Task: {1232F43A-B672-4FE7-97CC-2499FA8F123C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Ningún archivo)
Task: {13FCC05D-94D1-406D-BB54-5C4D408F8A79} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (Ningún archivo)
Task: {1C0936E8-FFDD-41B5-9147-4D5EB582404A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Ningún archivo)
Task: {1F016139-9187-4212-AFFC-192895246AE7} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Ningún archivo)
Task: {2E530DAA-3A24-490E-9852-E8856410494B} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Ningún archivo)
Task: {30829EBC-72C8-4BFD-AEA3-7E29BCE7DB04} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Ningún archivo)
Task: {499B7144-3BC2-4927-B935-4320E1D25F39} - \Microsoft\Windows\Setup\EOSNotify -> Ningún archivo <==== ATENCIÓN
Task: {4B4B3456-FC31-414A-A9B6-F1A5641D7E95} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Ningún archivo)
Task: {4CD24CBC-B1E8-4F38-A006-F23D40B84F5F} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe -LogonOrUnlock (Ningún archivo)
Task: {4F0BAE94-8DAA-4468-9EAB-8C116393B60B} - System32\Tasks\EOSv3 Scheduler onLogOn => D:\Descargas\esetonlinescanner_esn.exe LOGON (Ningún archivo)
Task: {43AA5B35-719C-4841-A2A0-D6F93111773B} - System32\Tasks\EOSv3 Scheduler onTime => D:\Descargas\esetonlinescanner_esn.exe SCHED (Ningún archivo)
Task: {4CD24CBC-B1E8-4F38-A006-F23D40B84F5F} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe -LogonOrUnlock (Ningún archivo)
Task: {4F0BAE94-8DAA-4468-9EAB-8C116393B60B} - System32\Tasks\EOSv3 Scheduler onLogOn => D:\Descargas\esetonlinescanner_esn.exe LOGON (Ningún archivo)
Task: {56CA7765-1DB8-45DD-B34C-71B999EC6080} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Ningún archivo)
Task: {70E9846C-BD0F-4117-99C7-BC076AE4D768} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Ningún archivo)
Task: {7E788995-B7C9-4102-9450-095D9B4CA9F0} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Ningún archivo)
Task: {811A0552-F59A-471B-8367-3534F7A0E026} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Ningún archivo)
Task: {8414B7C8-73BC-4C37-970B-4B400486B1C6} - \GoogleUpdateTaskUserS-1-5-21-3099137771-1455174418-2327952307-1000Core -> Ningún archivo <==== ATENCIÓN
Task: {960C22DB-F7E8-44FA-B378-2273F97FDD9C} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Ningún archivo)
Task: {A3714F30-F05B-4E47-9FD4-74F276242510} - \Microsoft\Windows\Setup\EOSNotify2 -> Ningún archivo <==== ATENCIÓN
Task: {A5AB1AA0-B922-40A5-96D7-D8F37A1BF144} - \GoogleUpdateTaskUserS-1-5-21-3099137771-1455174418-2327952307-1000UA -> Ningún archivo <==== ATENCIÓN
Task: {B5D8AFE8-BD7D-4F75-BC7B-681707FCDA74} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Ningún archivo)
Task: {BA4D5CFE-B582-4D5C-B93F-9B0B40A3205B} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Ningún archivo)
Task: {C152B474-E2DC-46B1-B6C2-DC858B71ED85} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Ningún archivo)
Task: {CFAA3138-1135-4C47-873C-D5CD1BBCB37B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Ningún archivo)
Task: {D3F1BD32-F7DD-4016-96FF-BFCE268E1BE3} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Ningún archivo)
Task: {DF6AC915-D004-45EF-8FB0-2ED5F9872AFC} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Ningún archivo)
Task: {E1A218AD-2D86-4FA7-B1E2-B847358138E0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Ningún archivo)
Task: {E2E6481A-0932-46B5-A3A1-B9654C75E246} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Ningún archivo)
Task: {E3611B4A-8813-42D2-8B4B-653C1115AFAA} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe (Ningún archivo)
Task: {EC0F5C1A-A9FE-448C-A5BF-84C3168BD5F5} - System32\Tasks\{564C74AB-0372-44DD-987F-49DE9345B2C5} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.85.105/es/abandoninstall?page=tsMain
Task: {EC100D74-D1F6-4508-A99E-6F9EAA7F5F79} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe /StartRecording (Ningún archivo)
Task: {EC2A6A69-623E-4956-97D1-A0D589070B35} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe -Daily (Ningún archivo)
Task: {EF79184D-93BB-4540-A290-CAF66C405FF1} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Ningún archivo)
Task: {F67B7548-CE33-4F7A-8F95-7A2CBD77A6A9} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Ningún archivo)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATENCIÓN (Restricción - Zones)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restricción <==== ATENCIÓN

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo

AlternateDataStreams: C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0:477C16134C [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk:1069064143 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk:9185529B88 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk:937024FEE8 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk:399E325E95 [10]


FirewallRules: [{A67AEB85-AA7D-4A94-8CFC-ABD4C787201A}] => (Allow) LPort=2869
FirewallRules: [{B638BDC5-C777-4D0A-B020-6638612645DE}] => (Allow) LPort=1900
FirewallRules: [{EBC7E6A8-DF97-484F-AA41-7AE03186CFEC}] => (Allow) S:\Warhammer Total War y Steam\Steam.exe => Ningún archivo
FirewallRules: [{3666F03E-1A8F-45CB-A1E7-72FCF1970FA7}] => (Allow) S:\Warhammer Total War y Steam\Steam.exe => Ningún archivo
FirewallRules: [{8A887888-8C11-41DE-A0B3-CA80A844398E}] => (Allow) S:\Warhammer Total War y Steam\bin\cef\cef.win7\steamwebhelper.exe => Ningún archivo
FirewallRules: [{E0FBFBEC-72F9-4EF3-852E-338A3757F728}] => (Allow) S:\Warhammer Total War y Steam\bin\cef\cef.win7\steamwebhelper.exe => Ningún archivo
FirewallRules: [{8E0FB9CD-F25F-4714-AD34-6548F3353605}] => (Allow) S:\Warhammer Total War y Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe => Ningún archivo
FirewallRules: [{159F7F8B-818E-4071-8CC6-62C40637EA57}] => (Allow) S:\Warhammer Total War y Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe => Ningún archivo

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
End
*****************

SystemRestore: On => completado
El punto de restauración fue creado correctamente.
Procesos cerrados correctamente.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => eliminado correctamente
"HKU\S-1-5-21-3099137771-1455174418-2327952307-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisallowCpl" => eliminado correctamente
C:\WINDOWS\system32\GroupPolicy\Machine => movido correctamente
C:\WINDOWS\system32\GroupPolicy\GPT.ini => movido correctamente
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => movido correctamente
C:\ProgramData\NTUSER.pol => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{09D97BED-03BB-40C5-9CDB-85D618136814}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09D97BED-03BB-40C5-9CDB-85D618136814}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Avira\System Speedup\Delayed Startup\All users\3 => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avira\System Speedup\Delayed Startup\All users\3" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1232F43A-B672-4FE7-97CC-2499FA8F123C}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1232F43A-B672-4FE7-97CC-2499FA8F123C}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ConfigureInternetTimeService" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{13FCC05D-94D1-406D-BB54-5C4D408F8A79}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{13FCC05D-94D1-406D-BB54-5C4D408F8A79}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate_scheduled" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1C0936E8-FFDD-41B5-9147-4D5EB582404A}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C0936E8-FFDD-41B5-9147-4D5EB582404A}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW2" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1F016139-9187-4212-AFFC-192895246AE7}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F016139-9187-4212-AFFC-192895246AE7}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\UpdateRecordPath" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2E530DAA-3A24-490E-9852-E8856410494B}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E530DAA-3A24-490E-9852-E8856410494B}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ehDRMInit" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{30829EBC-72C8-4BFD-AEA3-7E29BCE7DB04}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{30829EBC-72C8-4BFD-AEA3-7E29BCE7DB04}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PeriodicScanRetry" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{499B7144-3BC2-4927-B935-4320E1D25F39}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{499B7144-3BC2-4927-B935-4320E1D25F39}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOSNotify" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4B4B3456-FC31-414A-A9B6-F1A5641D7E95}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4B4B3456-FC31-414A-A9B6-F1A5641D7E95}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4CD24CBC-B1E8-4F38-A006-F23D40B84F5F}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4CD24CBC-B1E8-4F38-A006-F23D40B84F5F}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\End Of Support\Notify1" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4F0BAE94-8DAA-4468-9EAB-8C116393B60B}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F0BAE94-8DAA-4468-9EAB-8C116393B60B}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onLogOn => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onLogOn" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{43AA5B35-719C-4841-A2A0-D6F93111773B}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43AA5B35-719C-4841-A2A0-D6F93111773B}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onTime => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onTime" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4CD24CBC-B1E8-4F38-A006-F23D40B84F5F}" => no encontrado
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\End Of Support\Notify1" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\End Of Support\Notify1" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F0BAE94-8DAA-4468-9EAB-8C116393B60B}" => no encontrado
"C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onLogOn" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onLogOn" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{56CA7765-1DB8-45DD-B34C-71B999EC6080}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56CA7765-1DB8-45DD-B34C-71B999EC6080}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\mcupdate => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{70E9846C-BD0F-4117-99C7-BC076AE4D768}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{70E9846C-BD0F-4117-99C7-BC076AE4D768}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RecordingRestart" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E788995-B7C9-4102-9450-095D9B4CA9F0}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E788995-B7C9-4102-9450-095D9B4CA9F0}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RegisterSearch" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{811A0552-F59A-471B-8367-3534F7A0E026}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{811A0552-F59A-471B-8367-3534F7A0E026}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\InstallPlayReady" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8414B7C8-73BC-4C37-970B-4B400486B1C6}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8414B7C8-73BC-4C37-970B-4B400486B1C6}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-3099137771-1455174418-2327952307-1000Core" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{960C22DB-F7E8-44FA-B378-2273F97FDD9C}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{960C22DB-F7E8-44FA-B378-2273F97FDD9C}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\DispatchRecoveryTasks" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A3714F30-F05B-4E47-9FD4-74F276242510}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A3714F30-F05B-4E47-9FD4-74F276242510}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOSNotify2" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A5AB1AA0-B922-40A5-96D7-D8F37A1BF144}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5AB1AA0-B922-40A5-96D7-D8F37A1BF144}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-3099137771-1455174418-2327952307-1000UA" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B5D8AFE8-BD7D-4F75-BC7B-681707FCDA74}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B5D8AFE8-BD7D-4F75-BC7B-681707FCDA74}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ReindexSearchRoot" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BA4D5CFE-B582-4D5C-B93F-9B0B40A3205B}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA4D5CFE-B582-4D5C-B93F-9B0B40A3205B}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrRecoveryTask" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C152B474-E2DC-46B1-B6C2-DC858B71ED85}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C152B474-E2DC-46B1-B6C2-DC858B71ED85}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscovery" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CFAA3138-1135-4C47-873C-D5CD1BBCB37B}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFAA3138-1135-4C47-873C-D5CD1BBCB37B}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\SqlLiteRecoveryTask" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D3F1BD32-F7DD-4016-96FF-BFCE268E1BE3}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D3F1BD32-F7DD-4016-96FF-BFCE268E1BE3}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURActivate" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DF6AC915-D004-45EF-8FB0-2ED5F9872AFC}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF6AC915-D004-45EF-8FB0-2ED5F9872AFC}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURDiscovery" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E1A218AD-2D86-4FA7-B1E2-B847358138E0}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1A218AD-2D86-4FA7-B1E2-B847358138E0}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW1" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E2E6481A-0932-46B5-A3A1-B9654C75E246}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2E6481A-0932-46B5-A3A1-B9654C75E246}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ActivateWindowsSearch" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E3611B4A-8813-42D2-8B4B-653C1115AFAA}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3611B4A-8813-42D2-8B4B-653C1115AFAA}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\ASUS\ASUS Product Register Service => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\ASUS Product Register Service" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC0F5C1A-A9FE-448C-A5BF-84C3168BD5F5}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC0F5C1A-A9FE-448C-A5BF-84C3168BD5F5}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\{564C74AB-0372-44DD-987F-49DE9345B2C5} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{564C74AB-0372-44DD-987F-49DE9345B2C5}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC100D74-D1F6-4508-A99E-6F9EAA7F5F79}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC100D74-D1F6-4508-A99E-6F9EAA7F5F79}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\StartRecording => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\StartRecording" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC2A6A69-623E-4956-97D1-A0D589070B35}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC2A6A69-623E-4956-97D1-A0D589070B35}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\End Of Support\Notify2" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EF79184D-93BB-4540-A290-CAF66C405FF1}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF79184D-93BB-4540-A290-CAF66C405FF1}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrScheduleTask" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F67B7548-CE33-4F7A-8F95-7A2CBD77A6A9}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F67B7548-CE33-4F7A-8F95-7A2CBD77A6A9}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\MediaCenterRecoveryTask" => eliminado correctamente
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 => eliminado correctamente
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => eliminado correctamente
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => eliminado correctamente
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => eliminado correctamente
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => eliminado correctamente
C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 => ":477C16134C" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk => ":1069064143" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk => ":9185529B88" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk => ":937024FEE8" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk => ":399E325E95" ADS eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A67AEB85-AA7D-4A94-8CFC-ABD4C787201A}" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B638BDC5-C777-4D0A-B020-6638612645DE}" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EBC7E6A8-DF97-484F-AA41-7AE03186CFEC}" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3666F03E-1A8F-45CB-A1E7-72FCF1970FA7}" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8A887888-8C11-41DE-A0B3-CA80A844398E}" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E0FBFBEC-72F9-4EF3-852E-338A3757F728}" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8E0FB9CD-F25F-4714-AD34-6548F3353605}" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{159F7F8B-818E-4071-8CC6-62C40637EA57}" => eliminado correctamente

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local 2 mientras los medios
est‚n desconectados.

Adaptador desconocido Conexi¢n de  rea local 2:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de Ethernet Conexi¢n de  rea local:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.14
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.0.1

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

0 out of 0 jobs canceled.

========= Final de CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= Final de CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-3099137771-1455174418-2327952307-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-3099137771-1455174418-2327952307-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 140307362 B
Java, Discord, Steam htmlcache => 1215468874 B
Windows/system/drivers => 7612036 B
Edge => 90112 B
Chrome => 1085837781 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 4590 B
NetworkService => 4590 B
Gonzalo => 93695888 B
Administrador => 93752319 B

RecycleBin => 352546 B
EmptyTemp: => 2.5 GB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 09:40:38 ====