Archivo vbs en mejor torrent malaware

Pues como podeis leer en el titulo me he descargado un archvio de mejor torrent y era un malaware como os e podido leer por aqui. Archivo vbs en mejor torrent ya hice lo que pone en este post pero no se si está bien os dejo los informes.

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 8/1/21
Hora del análisis: 22:04
Archivo de registro: 1c4af98e-51f5-11eb-9a9f-fcaa14d9a8de.json

-Información del software-
Versión: 4.3.0.98
Versión de los componentes: 1.0.1130
Versión del paquete de actualización: 1.0.35423
Licencia: Gratis

-Información del sistema-
SO: Windows 10 (Build 19041.685)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-946LB9P\Ivan

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 309120
Amenazas detectadas: 14
Amenazas en cuarentena: 14
Tiempo transcurrido: 9 min, 16 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 4
PUP.Optional.Conduit, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En cuarentena, 139, 236865, , , , , , 
PUP.Optional.Conduit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En cuarentena, 139, 236865, , , , , , 
PUP.Optional.Conduit, HKU\S-1-5-21-2955591635-108404769-2477485047-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, En cuarentena, 139, 236865, 1.0.35423, , ame, , , 
PUP.Optional.DefaultSearch, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\nladljmabboanhihfkjacnnkgjhnokhj, En cuarentena, 7683, 550469, 1.0.35423, , ame, , , 

Valor del registro: 2
PUP.Optional.Conduit, HKU\S-1-5-21-2955591635-108404769-2477485047-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, En cuarentena, 139, 236865, 1.0.35423, , ame, , , 
PUP.Optional.Conduit, HKU\S-1-5-21-2955591635-108404769-2477485047-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TOPRESULTURL, En cuarentena, 139, 236865, 1.0.35423, , ame, , , 

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 8
Trojan.WMIHijacker, C:\USERS\IVAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\WORLD OF WARSHIPS.LNK, Sustituido, 10555, 514947, 1.0.35423, , ame, , F193CB9030D36BE9E31DB2E806BADB51, DD4155A1CE01F20DE3DF62D88B90954497D7FA07F8E2200A7F8D6F4C788E1989
Trojan.WMIHijacker, C:\USERS\IVAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\WORLD OF TANKS.LNK, Sustituido, 10555, 514947, 1.0.35423, , ame, , 5168DE0A47D3B3F9E8EB1E61D57403BC, 51C21F5DD6A5472B4B3904D620B8B8EDCF4F376F92C7B468270BE768FAC592C2
Trojan.WMIHijacker, C:\USERS\IVAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\WARFACE.LNK, Sustituido, 10555, 514947, 1.0.35423, , ame, , 5D43A1B4BE578985ACB6BCB6510AC272, BC86DC247DF285BE46CE0C383F2BD7DC9FF74E5D47374637FF60B86C46D24713
Malware.AI.3322026345, C:\USERS\IVAN\APPDATA\ROAMING\UTORRENT\UPDATES\3.5.5_45776.EXE, En cuarentena, 1000000, 0, 1.0.35423, 003A98F6104CB33CC6021969, dds, 01063878, 1BF678B622715B47F55B4452C7179096, 7BDFE9BD77D2D838455EB775D9792A9677F50A277BEEF01BEF6CA20BE2001EF3
Trojan.WMIHijacker, C:\USERS\IVAN\DESKTOP\WARFACE.LNK, Sustituido, 10555, 514947, 1.0.35423, , ame, , 40CABF12B4D1731DEDD53EEA2F71CAB6, 4BAD03407677146C5B3C6F48B29D71D628822C25A437AC73E641E583E6954611
Trojan.WMIHijacker, C:\USERS\IVAN\DESKTOP\WORLD OF TANKS.LNK, Sustituido, 10555, 514947, 1.0.35423, , ame, , 2BF5A4C7A1F9E5DA6B3783F88F892AA2, 4F02CAEBA7D20AC402B3B5C76EA23224A8BEAAB037A6EB036615983AA97EAFC9
Trojan.WMIHijacker, C:\USERS\IVAN\DESKTOP\WORLD OF WARSHIPS.LNK, Sustituido, 10555, 514947, 1.0.35423, , ame, , B72895C2AF71E84BD017E5850F1DE9E4, A3BC3BC2DED906DBC0846DA8050B7C05CC952EBF06F507F8F9317C72CF89D30E
PUP.Optional.BundleInstaller, C:\USERS\IVAN\DOWNLOADS\UTWEB_INSTALLER.EXE, En cuarentena, 150, 790622, 1.0.35423, , ame, , B3C26480934A4C81593DFC81E8D80FD7, 405E773CF7E4D96F6D9F1ABE3CD3D7B707142BA3399FBE0753EF13173F9D011D

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build:    10-08-2020
# Database: 2020-09-29.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    01-08-2021
# Duration: 00:00:26
# OS:       Windows 10 Home
# Cleaned:  19
# Failed:   2


***** [ Services ] *****

Deleted       WCAssistantService

***** [ Folders ] *****

Deleted       C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted       C:\Users\Ivan\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_MRPQ523XMEO0CM2M0N5VJ25Z3NZKGEP4
Deleted       C:\Users\Ivan\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
Deleted       C:\Users\Ivan\AppData\Roaming\Lavasoft\Web Companion
Not Deleted   C:\Program Files (x86)\Lavasoft\Web Companion
Not Deleted   C:\ProgramData\Lavasoft\Web Companion

***** [ Files ] *****

Deleted       C:\Users\Ivan\Downloads\Hola-Setup.exe

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Lavasoft\Web Companion
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted       HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{811cf048-ed96-4ad4-a9f3-099001c60c4b}|DisplayIcon
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{811cf048-ed96-4ad4-a9f3-099001c60c4b}|DisplayName
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{811cf048-ed96-4ad4-a9f3-099001c60c4b}|UninstallString
Deleted       HKLM\System\Setup\FirstBoot\Services\WCAssistantService
Deleted       HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKU\.DEFAULT\Software\Mozilla\NativeMessagingHosts\com.webcompanion.native
Deleted       HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3529 octets] - [08/01/2021 22:15:58]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64 
Ran by Ivan (Administrator) on 08/01/2021 at 22:28:04,73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 3 

Successfully deleted: C:\ProgramData\lavasoft\web companion (Folder) 
Successfully deleted: C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm (Folder) 
Successfully deleted: C:\Program Files (x86)\lavasoft\web companion (Folder) 



Registry: 3 

Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_C76D497934B1A0EE0E3BF23C3F10F9A7 (Registry Value) 
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08/01/2021 at 22:34:44,31
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 05-01-2021
Ejecutado por Ivan (administrador) sobre DESKTOP-946LB9P (Gigabyte Technology Co., Ltd. H81M-S2PV) (08-01-2021 22:36:15)
Ejecutado desde C:\Users\Ivan\Downloads
Perfiles cargados: Ivan
Platform: Windows 10 Home Versión 2004 19041.685 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2012.1004.3.0_x64__8wekyb3d8bbwe\XboxAppServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16418560 2016-01-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [175504 2020-12-12] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-2955591635-108404769-2477485047-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3411232 2020-12-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-2955591635-108404769-2477485047-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [735336 2019-02-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-2955591635-108404769-2477485047-1001\...\Run: [Spotify] => C:\Users\Ivan\AppData\Roaming\Spotify\Spotify.exe [23325416 2020-11-11] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2955591635-108404769-2477485047-1001\...\Run: [ESET Notifier] => C:\ProgramData\ESET Notifier\ESET Notifier.exe [2461752 2020-03-03] (ONTINET COM SL -> ) <==== ATENCIÓN
HKU\S-1-5-21-2955591635-108404769-2477485047-1001\...\Run: [uTorrent] => C:\Users\Ivan\AppData\Roaming\uTorrent\uTorrent.exe [2142936 2021-01-07] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-2955591635-108404769-2477485047-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-11-26] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2955591635-108404769-2477485047-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50010064 2020-11-03] (Google LLC -> )
HKU\S-1-5-21-2955591635-108404769-2477485047-1001\...\Run: [Monosnap] => C:\Users\Ivan\AppData\Local\Monosnap\App\Monosnap.exe [318464 2020-10-15] (IMI.VC Advisors UAB -> )
HKU\S-1-5-21-2955591635-108404769-2477485047-1001\...\Run: [Discord] => C:\Users\Ivan\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2955591635-108404769-2477485047-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2955591635-108404769-2477485047-1001\...\MountPoints2: {4f104737-6417-11e9-9bd4-fcaa14d9a8de} - "E:\setup.exe" 
HKU\S-1-5-21-2955591635-108404769-2477485047-1001\...\MountPoints2: {9607e79d-2ad7-11e9-9bd0-fcaa14d9a8de} - "D:\setup.exe" 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-02] (Google LLC -> Google LLC)
Startup: C:\Users\Ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2020-08-13]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Ivan\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
GroupPolicy: Restricción ? <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {0813317E-98D7-4FA0-98DA-4F42FB2245C7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-23] (Google Inc -> Google Inc.)
Task: {30A95FD9-0B3D-46B9-A9E2-E4097A16AB70} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887792 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {32D4A2E0-1485-4190-82EF-1735DFE72DD5} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3560944 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {352E7C0A-1A66-4C89-A431-4790A32E2FB9} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {4D7CDF41-48F3-4C43-AB58-2E3DE80B58A8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [856048 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4F735D10-1676-4689-91F7-8C6AE2A923E0} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [563184 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5ACC0FA2-EFEB-4CEF-836D-94B533DBD471} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [1004528 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5E4D20F1-3A8D-44E3-A7A7-2E9610B3759B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [856048 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6092618E-51A0-45CD-9CFF-DE44F3E9D096} - System32\Tasks\ESETNotifierUpdate => cmd.exe /C move /Y "C:\\ProgramData\\ESET Notifier\\new\\ESET Notifier.exe" "C:\\ProgramData\\ESET Notifier\\ESET Notifier.exe" && rmdir /q /s "C:\\ProgramData\\ESET Notifier\\new"
Task: {82B69750-B46A-4A76-AEB6-340654F259D9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {AF6383C7-9E64-4097-BB24-00A723F21163} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2955591635-108404769-2477485047-1001 => C:\Users\Ivan\AppData\Local\MEGAsync\MEGAupdater.exe [1818360 2020-10-05] (Mega Limited -> Mega Limited)
Task: {B2889094-2612-4D38-AF8F-6A7B03F2F3C8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B4D71E1B-3E9D-4F5A-9A08-5E474B0906A2} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887792 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B5A2D1A5-7E8E-44BC-AA4B-64B238075945} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {BF11F5BF-6521-4DA4-AF6B-2FEDC4CBAAB5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [124624 2020-06-03] (Mozilla Corporation -> Mozilla Foundation)
Task: {D2AFE1DA-3697-469B-A1F0-B7B4E973B8EE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-23] (Google Inc -> Google Inc.)
Task: {E261E241-1214-45E5-9EDD-5C49F87D9E1F} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887792 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E58CB176-2E8C-423B-BB9E-05AE362E3423} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887792 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F3011252-AA06-4299-89E8-79BD4572EB94} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8061de5d-9a6c-419e-867e-060a7c83454d}: [DhcpNameServer] 192.168.1.1

Edge: 
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Ivan\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-08]

FireFox:
========
FF DefaultProfile: 4j98eov4.default
FF ProfilePath: C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\4j98eov4.default [2020-06-30]
FF ProfilePath: C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\bv7yp7hv.default-release [2021-01-08]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-01-08]

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default [2021-01-08]
CHR Notifications: Default -> hxxps://a.mp3pro.xyz; hxxps://simparentlydisco.com; hxxps://social.i-say.com; hxxps://thethandarinhec.info; hxxps://web.whatsapp.com; hxxps://www.flvto.biz; hxxps://www.instagram.com; hxxps://www.maisonsdumonde.com; hxxps://www.motor24.pt; hxxps://www.youtubeconverter.io
CHR HomePage: Default -> hxxp://www.google.es/
CHR StartupUrls: Default -> "hxxp://www.google.es/"
CHR Extension: (Traductor de Google) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-08-18]
CHR Extension: (Presentaciones) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-23]
CHR Extension: (Safe Torrent Scanner) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2020-11-19]
CHR Extension: (I'm a Gentleman) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjaicccalbbickikgdegaihmajaidpd [2019-02-04]
CHR Extension: (Documentos) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-27]
CHR Extension: (Google Drive) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]
CHR Extension: (Asify) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\biehagnkgckkagkbpncoieiknahmngdg [2020-12-03]
CHR Extension: (MEGA) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2021-01-08]
CHR Extension: (YouTube) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-27]
CHR Extension: (Image-Toolbar) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpgaepnhfockgofcejphihfafgmenofb [2020-02-13]
CHR Extension: (HTML To PDF With Google Drive) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\danehgdifhkfhinpaagjnafacpcgakci [2019-02-04]
CHR Extension: (Unitrans) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhoomabpflmndikhoiolpogmjlnegben [2021-01-07]
CHR Extension: (Grabador de pantalla para Google Chrome) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\eclbecdgdoahkliaijlpkigldlkojjdn [2020-09-22]
CHR Extension: (Facebook Pixel Helper) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2020-10-06]
CHR Extension: (Hojas de cálculo) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-23]
CHR Extension: (Quick Javascript Switcher) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\geddoclleiomckbhadiaipdggiiccfje [2020-04-23]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-19]
CHR Extension: (MagicScroll eBook Reader) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgnmgfdoiplfmhgghbmlphanpfmjble [2019-02-04]
CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-01-07]
CHR Extension: (VPN gratuita: Betternet, un servidor proxy para VPN con acceso ilimitado) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjknjjomckknofjidppipffbpoekiipm [2020-10-14]
CHR Extension: (Descargar videos de Facebook) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgknmjhmcbimcpdmmfeafjbdccaheaeg [2020-08-21]
CHR Extension: (Oberlo - Aliexpress.com Product Importer) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmanipjnbjnhoicdnooapcnfonebefel [2021-01-07]
CHR Extension: (SimilarWeb - Traffic Rank & Website Analysis) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp [2021-01-07]
CHR Extension: (goo.gl URL Shortener (Unofficial)) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblijlcdoidgdpfknkckljiocdbnlagk [2019-02-04]
CHR Extension: (DP Analizar - Shopify Product Revealer) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jalemjhlkmlndagafafnkcboggnekbif [2020-11-13]
CHR Extension: (My Ad Finder) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdelodjlpgkjenhcongcfdcocmjgjbci [2020-11-01]
CHR Extension: (Grabador de pantalla) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdopnakmnlnccgpfpmjmdjjohmcdgabp [2020-12-07]
CHR Extension: (Commerce Inspector) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kefmekfmfacbdefimlancoccpocmgmpb [2020-07-22]
CHR Extension: (Renovador anuncios) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kildnefaphmmdphfoakdddiaodnnajhe [2021-01-07]
CHR Extension: (Turbo Ad Finder) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjbjojolojmokicddfeaamkodihccdcl [2020-04-30]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-10-13]
CHR Extension: (Two Captions for YouTube & Netflix) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpeonmjfimoijceaalocpgjjchocbiap [2020-08-25]
CHR Extension: (Similar Sites - Descubra sitios web similares) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\necpbmbhhdiplmfhmjicabdeighkndkn [2020-10-21]
CHR Extension: (PowerAdSpy - Ad Intelligence) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkecaphdplhfmmbkcfnknejeonfnifbn [2021-01-08]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-06]
CHR Extension: (M.A.S Intereses by Convierte Más) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\oflppnoenieelboglaciiajahgidgfhg [2020-10-29]
CHR Extension: (Reverso - Traducción, diccionario) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\onhiacboedfinnofagfgoaanfedhmfab [2020-07-06]
CHR Extension: (Screenshot Master: Captura de página completa) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfaljlepkegmfnidgahckeidofinndof [2020-11-16]
CHR Extension: (CybrHome - Explore The Internet) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgpjpgmppammfnfbeigagmaoapjhbkmh [2020-07-28]
CHR Extension: (Gmail) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Google Similar Pages) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjnfggphgdjblhfjaphkjhfpiiekbbej [2020-05-12]
CHR Extension: (Chrome Media Router) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-20]
CHR Extension: (Ventanita de YouTube™) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pofekaindcmmojfnfgbpklepkjfilcep [2019-02-04]
CHR Profile: C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-01-08]
CHR Profile: C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\System Profile [2021-01-08]
CHR HKU\S-1-5-21-2955591635-108404769-2477485047-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4132456 2019-02-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-12-12] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-12-12] (ESET, spol. s r.o. -> ESET)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-08] (Malwarebytes Inc -> Malwarebytes)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13109264 2020-06-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Archivo no firmado]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-02-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-02-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [160992 2020-12-12] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [109360 2020-12-12] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2020-12-12] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [190464 2020-12-12] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43720 2020-12-12] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70048 2020-12-12] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107784 2020-12-12] (ESET, spol. s r.o. -> ESET)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2021-01-08] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2021-01-08] (Malwarebytes Inc -> Malwarebytes)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-01-08 22:36 - 2021-01-08 22:39 - 000024384 _____ C:\Users\Ivan\Downloads\FRST.txt
2021-01-08 22:34 - 2021-01-08 22:34 - 000001306 _____ C:\Users\Ivan\Desktop\JRT.txt
2021-01-08 22:24 - 2021-01-08 22:24 - 000000000 ____D C:\Users\Ivan\AppData\LocalLow\uTorrent
2021-01-08 22:20 - 2021-01-08 22:20 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-01-08 22:02 - 2021-01-08 22:02 - 000179144 _____ C:\Users\Ivan\Documents\cc_20210108_220244.reg
2021-01-08 21:44 - 2021-01-08 22:38 - 000000000 ____D C:\FRST
2021-01-08 21:42 - 2021-01-08 22:16 - 000000000 ____D C:\AdwCleaner
2021-01-08 21:42 - 2021-01-08 21:42 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-01-08 21:42 - 2021-01-08 21:42 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-01-08 21:42 - 2021-01-08 21:42 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-01-08 21:42 - 2021-01-08 21:42 - 000000000 ____D C:\Users\Ivan\AppData\Local\mbam
2021-01-08 21:41 - 2021-01-08 21:41 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-01-08 21:41 - 2021-01-08 21:41 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-01-08 21:41 - 2021-01-08 21:41 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-01-08 21:35 - 2021-01-08 22:25 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-01-08 21:35 - 2021-01-08 21:35 - 000002886 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-01-08 21:35 - 2021-01-08 21:35 - 000000000 ____D C:\Program Files\Malwarebytes
2021-01-08 21:34 - 2021-01-08 22:24 - 000000000 ____D C:\Program Files\CCleaner
2021-01-08 21:34 - 2021-01-08 21:34 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-01-08 21:34 - 2021-01-08 21:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-01-08 21:33 - 2021-01-08 21:33 - 001790024 _____ (Malwarebytes) C:\Users\Ivan\Downloads\JRT.exe
2021-01-08 21:12 - 2021-01-08 21:14 - 002282496 _____ (Farbar) C:\Users\Ivan\Downloads\FRST64.exe
2021-01-08 21:09 - 2021-01-08 21:11 - 008447152 _____ (Malwarebytes) C:\Users\Ivan\Downloads\adwcleaner_8.0.8.exe
2021-01-08 21:08 - 2021-01-08 21:16 - 030536752 _____ (Piriform Software Ltd) C:\Users\Ivan\Downloads\ccsetup575.exe
2021-01-08 21:08 - 2021-01-08 21:11 - 002086424 _____ (Malwarebytes) C:\Users\Ivan\Downloads\MBSetup.exe
2021-01-08 20:33 - 2021-01-08 20:49 - 000000000 ____D C:\bvjab
2020-12-23 21:44 - 2020-12-23 21:44 - 000000000 ____D C:\Users\Ivan\Downloads\Star Wars El ascenso de Skywalker [BluRay 1080p][AC3 5.1 Castellano DTS 5.1-Ingles+Subs][ES-EN]
2020-12-23 21:44 - 2020-12-23 21:44 - 000000000 ____D C:\Users\Ivan\Downloads\Han Solo una Historia de Star Wars [BluRay 1080p][AC3 5.1 Castellano DTS 5.1-Ingles+Subs][ES-EN]
2020-12-23 21:42 - 2020-12-23 21:42 - 000000000 ____D C:\Users\Ivan\Downloads\Saga star wars
2020-12-23 21:41 - 2020-12-23 21:41 - 000350564 _____ C:\Users\Ivan\Downloads\Saga star wars.rar
2020-12-19 19:36 - 2020-12-19 19:36 - 007741030 _____ C:\Users\Ivan\Downloads\2021 feliictacion2.psd
2020-12-19 19:16 - 2020-12-19 19:16 - 000197743 _____ C:\Users\Ivan\Downloads\2021 feliictacion.jps
2020-12-19 19:15 - 2020-12-19 19:15 - 002949301 _____ C:\Users\Ivan\Downloads\2021 feliictacion.psd
2020-12-09 23:02 - 2020-12-09 23:02 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-09 23:02 - 2020-12-09 23:02 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-09 23:02 - 2020-12-09 23:02 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-09 23:02 - 2020-12-09 23:02 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-09 23:02 - 2020-12-09 23:02 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-09 23:01 - 2020-12-09 23:01 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-09 23:01 - 2020-12-09 23:01 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-09 23:01 - 2020-12-09 23:01 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-09 23:01 - 2020-12-09 23:01 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-09 23:01 - 2020-12-09 23:01 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-09 23:01 - 2020-12-09 23:01 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-09 23:01 - 2020-12-09 23:01 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-09 23:00 - 2020-12-09 23:00 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-09 23:00 - 2020-12-09 23:00 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-09 23:00 - 2020-12-09 23:00 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-09 23:00 - 2020-12-09 23:00 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-09 23:00 - 2020-12-09 23:00 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-09 23:00 - 2020-12-09 23:00 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-09 23:00 - 2020-12-09 23:00 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-09 22:59 - 2020-12-09 22:59 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-09 22:59 - 2020-12-09 22:59 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-09 22:59 - 2020-12-09 22:59 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-01-08 22:32 - 2019-02-04 16:38 - 000000000 ____D C:\ProgramData\Lavasoft
2021-01-08 22:32 - 2019-02-04 16:38 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2021-01-08 22:31 - 2019-01-23 10:18 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-08 22:30 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-08 22:27 - 2020-10-08 19:26 - 001772926 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-08 22:27 - 2019-12-07 15:55 - 000788218 _____ C:\WINDOWS\system32\perfh00A.dat
2021-01-08 22:27 - 2019-12-07 15:55 - 000155606 _____ C:\WINDOWS\system32\perfc00A.dat
2021-01-08 22:27 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-08 22:27 - 2019-01-27 19:42 - 000000000 ____D C:\Program Files (x86)\Steam
2021-01-08 22:26 - 2019-02-04 16:38 - 000000000 ____D C:\Users\Ivan\AppData\Roaming\uTorrent
2021-01-08 22:21 - 2019-01-23 09:57 - 000000000 __SHD C:\Users\Ivan\IntelGraphicsProfiles
2021-01-08 22:20 - 2019-01-23 09:57 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-01-08 22:19 - 2020-10-08 19:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-08 22:19 - 2020-10-08 19:00 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-08 22:19 - 2020-07-03 10:39 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-08 22:17 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-08 22:16 - 2020-10-08 19:58 - 000000000 ____D C:\ProgramData\af06075
2021-01-08 22:16 - 2019-02-04 16:38 - 000000000 ____D C:\Users\Ivan\AppData\Roaming\Lavasoft
2021-01-08 22:16 - 2019-02-04 16:38 - 000000000 ____D C:\Users\Ivan\AppData\Local\Lavasoft
2021-01-08 22:16 - 2019-02-04 16:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2021-01-08 22:14 - 2019-12-28 15:19 - 000001983 _____ C:\Users\Ivan\AppData\Roaming\Microsoft\Windows\Start Menu\World of Warships.lnk
2021-01-08 22:14 - 2019-12-28 15:19 - 000001967 _____ C:\Users\Ivan\AppData\Roaming\Microsoft\Windows\Start Menu\World of Tanks.lnk
2021-01-08 22:14 - 2019-12-28 15:19 - 000001959 _____ C:\Users\Ivan\Desktop\World of Warships.lnk
2021-01-08 22:14 - 2019-12-28 15:19 - 000001943 _____ C:\Users\Ivan\Desktop\World of Tanks.lnk
2021-01-08 22:14 - 2019-12-28 15:19 - 000001907 _____ C:\Users\Ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Warface.lnk
2021-01-08 22:14 - 2019-12-28 15:19 - 000001883 _____ C:\Users\Ivan\Desktop\Warface.lnk
2021-01-08 22:04 - 2019-02-08 00:38 - 000000000 ____D C:\Users\Ivan\AppData\Local\CrashDumps
2021-01-08 22:01 - 2020-07-03 10:39 - 000000000 ____D C:\Users\Ivan\AppData\Roaming\TeamViewer
2021-01-08 22:01 - 2019-02-07 23:59 - 000000000 ____D C:\Users\Ivan\AppData\Roaming\DAEMON Tools Lite
2021-01-08 21:58 - 2020-09-07 14:46 - 000000000 ___DC C:\WINDOWS\Panther
2021-01-08 21:42 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-08 21:31 - 2020-10-08 19:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-08 21:07 - 2020-06-25 22:04 - 000000000 ____D C:\Users\Ivan\AppData\Roaming\discord
2021-01-08 21:06 - 2019-04-21 10:30 - 000000000 ____D C:\Users\Ivan\AppData\Local\BitTorrentHelper
2021-01-08 20:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-08 04:30 - 2020-07-06 09:16 - 000002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-08 04:30 - 2020-07-06 09:16 - 000002261 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-01-08 04:30 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-08 04:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-07 18:07 - 2020-03-08 20:26 - 000000000 ___RD C:\Users\Ivan\Google Drive
2021-01-07 18:03 - 2019-01-21 05:37 - 000000000 ___RD C:\Users\Ivan\OneDrive
2020-12-21 19:32 - 2019-02-24 12:44 - 000000000 ____D C:\Users\Ivan\AppData\Local\Spotify
2020-12-21 19:22 - 2019-02-24 12:44 - 000000000 ____D C:\Users\Ivan\AppData\Roaming\Spotify
2020-12-19 18:34 - 2020-04-22 13:00 - 000000000 ____D C:\Users\Ivan\Desktop\Grupo B
2020-12-12 16:05 - 2019-10-03 15:13 - 000190464 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2020-12-12 16:05 - 2019-10-03 15:13 - 000160992 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2020-12-12 16:05 - 2019-10-03 15:13 - 000109360 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2020-12-12 16:05 - 2019-10-03 15:13 - 000107784 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2020-12-12 16:05 - 2019-10-03 15:13 - 000070048 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2020-12-12 16:05 - 2019-10-03 09:55 - 000043720 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2020-12-12 16:04 - 2019-09-30 08:20 - 000015288 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys
2020-12-12 04:21 - 2019-06-05 19:39 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-10 03:01 - 2020-10-08 19:01 - 000580616 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-10 02:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-10 02:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-10 02:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-10 02:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-10 02:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-10 02:58 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-10 02:58 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-09 23:11 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp

==================== Archivos en la raíz de algunos directorios ========

2020-04-26 22:03 - 2020-04-26 22:03 - 000000128 ____H () C:\Users\Ivan\AppData\Roaming\ecf00c38dc807e105d881c433a6b455dd2c606b6

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 05-01-2021
Ejecutado por Ivan (08-01-2021 22:41:45)
Ejecutado desde C:\Users\Ivan\Downloads
Windows 10 Home Versión 2004 19041.685 (X64) (2020-10-08 18:49:02)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-2955591635-108404769-2477485047-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2955591635-108404769-2477485047-503 - Limited - Disabled)
Invitado (S-1-5-21-2955591635-108404769-2477485047-501 - Limited - Disabled)
Ivan (S-1-5-21-2955591635-108404769-2477485047-1001 - Administrator - Enabled) => C:\Users\Ivan
WDAGUtilityAccount (S-1-5-21-2955591635-108404769-2477485047-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: ESET Security (Disabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Disabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
FW: ESET Cortafuegos (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
FW: ESET Cortafuegos (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-2955591635-108404769-2477485047-1001\...\uTorrent) (Version: 3.5.5.45852 - BitTorrent Inc.)
7-Zip 20.00 alpha (x64) (HKLM\...\7-Zip) (Version: 20.00 alpha - Igor Pavlov)
Actualización de NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_3) (Version: 21.0.3 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 2.3 64-bit (HKLM\...\{AA45E50C-1447-48CD-9B49-61B82ED1F95C}) (Version: 2.3.1 - Adobe)
Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Backup and Sync from Google (HKLM\...\{3A8CD593-8CF9-45B4-9932-FC41CBC14E15}) (Version: 3.53.3404.7585 - Google, Inc.)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.43.7 - Bethesda Softworks)
Camtasia 2020 (HKLM\...\{62B139B9-5587-45A2-A609-14487E627811}) (Version: 20.0.0.20874 - TechSmith Corporation) Hidden
Camtasia 2020 (HKLM-x32\...\{c0cdffc3-9777-4cc0-8c4e-a506c2d65f85}) (Version: 20.0.0.20874 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
Crusader Kings II Holy Fury (HKLM-x32\...\Crusader Kings II Holy Fury_is1) (Version:  - )
Crusader Kings III (HKU\S-1-5-21-2955591635-108404769-2477485047-1001\...\Crusader Kings III) (Version:  - HOODLUM)
Crusader Kings III Royal Edition MULTi7 - ElAmigos versión 1.0 (HKLM-x32\...\{390B5299-2855-4561-AFD9-E8EB1306138B}_is1) (Version: 1.0 - Paradox Interactive)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.10.0.0770 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-2955591635-108404769-2477485047-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.35 - NVIDIA Corporation) Hidden
ESET Security (HKLM\...\{6D46484B-0BE2-4060-9CD3-FA87ED960ED9}) (Version: 14.0.22.0 - ESET, spol. s r.o.)
Free Cam 8 (HKLM-x32\...\{31FACC6B-2EB0-4092-B715-FE8B8916A967}) (Version: 8.7.27159 - iSpring Solutions Inc.)
GameInput Redistributable (HKLM-x32\...\{6710BAE4-C559-9D3C-DADB-464879F18148}) (Version: 10.1.19041.3225 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4364 - Intel Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LibreOffice 6.2.3.2 (HKLM\...\{31C3855A-DA3A-4FC4-AE9B-1B4ACF89A2C4}) (Version: 6.2.3.2 - The Document Foundation)
Links version 1.0 (HKU\S-1-5-21-2955591635-108404769-2477485047-1001\...\Links_is1) (Version: 1.0 - Links) <==== ATENCIÓN
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.75 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-2955591635-108404769-2477485047-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Monosnap (HKLM-x32\...\{21F40EF5-FA11-4486-99C1-997B06B70A80}) (Version: 4.1.2.27790 - Monosnap)
Mozilla Firefox 77.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 77.0.1 (x64 es-ES)) (Version: 77.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 77.0.1 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden
NVIDIA Controlador de la controladora 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.16.0.140 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.140 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
Panel de control de NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden
Paradox Launcher v2 (HKLM\...\{A92DB5D9-A24D-4678-9F91-B4FA6D895718}) (Version: 2.0.4.0 - Paradox Interactive)
Pelis Magnet (HKU\S-1-5-21-2955591635-108404769-2477485047-1001\...\Pelis Magnet) (Version: 0.7.0.0 - PopFilms)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Spotify (HKU\S-1-5-21-2955591635-108404769-2477485047-1001\...\Spotify) (Version: 1.1.45.621.gdddebadc - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sudden Strike 4 MULTi10 - ElAmigos versión 1.15 (HKLM-x32\...\{E32DC15A-113F-4107-AA58-5349DA46F0A5}_is1) (Version: 1.15 - Kalypso Media Digital)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.7.6 - TeamViewer)
Telegram Desktop version 2.3.1 (HKU\S-1-5-21-2955591635-108404769-2477485047-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.3.1 - Telegram FZ-LLC)
The Lord of the Rings The Return of the King MULTi9 - ElAmigos versión 1.0 (HKLM-x32\...\{CD64F801-C942-4B1E-A291-7B23EA6C8511}_is1) (Version: 1.0 - Electronic Arts)
TP-LINK TL-WN722N Driver (HKLM-x32\...\{F9C15685-38A9-46A1-9826-97204015C19C}) (Version: 1.3.1 - TP-LINK)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{13668B9F-F140-4BAB-AB06-08E0D43564F4}) (Version: 2.51.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Uso a distancia de tu PS4 (HKLM-x32\...\{B93B8523-78A1-4949-8D16-94CA8B72FC88}) (Version: 2.7.0.07270 - Sony Interactive Entertainment Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Wondershare Filmora9(Build 9.4.5) (HKLM\...\Wondershare Filmora9_is1) (Version:  - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)

Packages:
=========
Age of Empires II: Definitive Edition -> C:\Program Files\WindowsApps\Microsoft.MSPhoenix_101.101.43210.0_x64__8wekyb3d8bbwe [2020-11-25] (Microsoft Studios)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.183.600.0_x86__kgqvnymyfvs32 [2020-12-11] (king.com)
Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-09] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-25] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-27] (Microsoft Studios) [MS Ad]
MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-2955591635-108404769-2477485047-1001_Classes\CLSID\{210D5987-1CA8-48F9-8C85-E84D4EB1108B} -> [MEGAsync] => C:\Users\Ivan\Documents\MEGAsync [2020-04-24 16:05]
CustomCLSID: HKU\S-1-5-21-2955591635-108404769-2477485047-1001_Classes\CLSID\{ca31933b-b116-4444-9c6d-e5103390fb76}\localserver32 -> C:\Program Files\TechSmith\Camtasia 2020\CamtasiaStudio.exe (TechSmith Corporation -> TechSmith Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Ivan\AppData\Local\MEGAsync\ShellExtX64.dll [2020-10-05] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Ivan\AppData\Local\MEGAsync\ShellExtX64.dll [2020-10-05] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Ivan\AppData\Local\MEGAsync\ShellExtX64.dll [2020-10-05] (Mega Limited -> )
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-11-03] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-11-03] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-11-03] (Google LLC -> Google)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Ivan\AppData\Local\MEGAsync\ShellExtX64.dll [2020-10-05] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Ivan\AppData\Local\MEGAsync\ShellExtX64.dll [2020-10-05] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Ivan\AppData\Local\MEGAsync\ShellExtX64.dll [2020-10-05] (Mega Limited -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2020-02-06] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Ningún archivo
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-12-12] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-11-03] (Google LLC -> Google)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Ivan\AppData\Local\MEGAsync\ShellExtX64.dll [2020-10-05] (Mega Limited -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-02-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-12-12] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Ivan\AppData\Local\MEGAsync\ShellExtX64.dll [2020-10-05] (Mega Limited -> )
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-02-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-08] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Ivan\AppData\Local\MEGAsync\ShellExtX64.dll [2020-10-05] (Mega Limited -> )
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Ningún archivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2020-02-06] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-11-03] (Google LLC -> Google)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Ivan\AppData\Local\MEGAsync\ShellExtX64.dll [2020-10-05] (Mega Limited -> )
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2019-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2020-02-06] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-12-12] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-08] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Ningún archivo
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2020-06-08 18:43 - 2020-02-06 14:00 - 000076800 _____ (Igor Pavlov) [Archivo no firmado] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

HKU\S-1-5-21-2955591635-108404769-2477485047-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2955591635-108404769-2477485047-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2955591635-108404769-2477485047-1001\...\localhost -> localhost

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2015-07-10 12:04 - 2015-07-10 12:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKU\S-1-5-21-2955591635-108404769-2477485047-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ivan\Desktop\Esther\44853553_2316395471768500_4870295173369692160_n.jpg
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-2955591635-108404769-2477485047-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-2955591635-108404769-2477485047-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2955591635-108404769-2477485047-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2955591635-108404769-2477485047-1001\...\StartupApproved\Run: => "Monosnap"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [UDP Query User{C16AD09C-EBF6-4D11-A44B-7FF35C3F569F}C:\program files (x86)\steam\steamapps\common\total war saga thrones of britannia\thrones.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war saga thrones of britannia\thrones.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [TCP Query User{0343DC43-BBAD-4981-9BEE-C0C9F08C37C9}C:\program files (x86)\steam\steamapps\common\total war saga thrones of britannia\thrones.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war saga thrones of britannia\thrones.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [UDP Query User{0C9A0CAC-AAE0-4443-BF45-77A0401C9D4B}C:\users\ivan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ivan\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{46E2A247-AA33-4A29-B309-07731EF4BE3B}C:\users\ivan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ivan\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{16931203-C23E-4FAE-9521-330E12BE04F3}] => (Allow) LPort=8321
FirewallRules: [{E33AA68F-86F8-4A9D-BE75-7B666DC91890}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1B458275-19B7-470F-A0CF-AAB4BEC12EAA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{099DD39B-1452-49C6-B411-2379F5DA18F8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B45BBB4B-AA51-4D36-982A-505481981D4E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{87BB9FFD-15FD-42A2-AC48-807F0D3BF324}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D23757C2-AD9F-446C-9590-0B62FF519F59}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{10E92812-9E19-4641-B9DF-4A626537473B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Saga Thrones of Britannia\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{F4D9114E-6A76-4E14-8329-2564F6A67A0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Saga Thrones of Britannia\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [UDP Query User{4F87BD04-5B4A-47C9-B55F-493BE1DC2CB2}C:\users\ivan\appdata\local\pelis magnet\pelismagnet.exe] => (Allow) C:\users\ivan\appdata\local\pelis magnet\pelismagnet.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{A10A407A-7868-4298-88A0-8CC71A8FAD5B}C:\users\ivan\appdata\local\pelis magnet\pelismagnet.exe] => (Allow) C:\users\ivan\appdata\local\pelis magnet\pelismagnet.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{18031B5D-102F-4096-A217-4D07F2304500}C:\users\ivan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ivan\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{44C89292-635C-418A-86A9-10EAE5E64B89}C:\users\ivan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ivan\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{97C75B80-6964-4B23-B4A9-9350407FAC48}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{FF911AFE-DA71-4FF4-942C-D1E364ECE09A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{90220A74-359A-4207-87F6-08B964CCD077}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{53716211-E3BA-4ADB-8F23-53C7817A48FD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{032754BE-50FC-4ED2-8473-7E0CBB86227A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D30A7304-1A67-42D3-A68E-2B3CB4C040B5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6A69D3F9-C7A1-425B-B547-2CED5A4B4C49}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{74E36554-8865-4FF2-9591-010EE4A1417F}] => (Allow) C:\Users\Ivan\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{AECBD2D5-B1C3-4E18-8E05-6B19744E33D1}] => (Allow) C:\Users\Ivan\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{39EB343D-F779-4C93-89C7-F4CA707E389A}] => (Allow) C:\Program Files (x86)\Sony\PS4 Remote Play\RemotePlay.exe (Sony Interactive Entertainment Inc. -> Sony Interactive Entertainment Inc.)
FirewallRules: [{1B8280FE-449B-426E-B588-F67C24C6C92F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{22E4B8AB-B6EE-4BCE-9A64-2EBCC684DC91}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{757A7C2F-35B0-41EB-990D-B7BA269644F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [Archivo no firmado]
FirewallRules: [{ABED8A1F-87D4-440D-951F-999E35A7975E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [Archivo no firmado]
FirewallRules: [{2FBFDE99-6C6B-43DA-8EF6-6449003E38AA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{08A9472D-A2AA-47E6-8A21-EE3A6970F7D3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{2154F08B-3281-4BB4-B6A9-D4EB582CC44A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2.exe (Digitalmindsoft) [Archivo no firmado]
FirewallRules: [{26ADDEF8-3CBB-461B-B8AC-62B971E8F5C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2.exe (Digitalmindsoft) [Archivo no firmado]
FirewallRules: [{D1AE54CA-45F3-4203-B491-02415B8E8105}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe (Digitalmindsoft) [Archivo no firmado]
FirewallRules: [{9708331E-2F62-4C32-B916-F1D2C9999B0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe (Digitalmindsoft) [Archivo no firmado]
FirewallRules: [{0688BEE0-A9C8-4AE5-A441-67BED6B05E49}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{78D4D2F0-FD20-4319-AE78-EC045802F90A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Wars Battlefront II Classic\GameData\BattlefrontII.exe () [Archivo no firmado]
FirewallRules: [{B246B7DB-342A-468B-9277-3D9844C6090F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Wars Battlefront II Classic\GameData\BattlefrontII.exe () [Archivo no firmado]
FirewallRules: [{07F7B79F-BA11-4237-9783-8036B45F018E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{8D7DF9AF-3990-406C-AF14-D3C7E83B2EDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{0D261A13-7DBD-4B8D-9BD0-51FCE4DD33E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Attila\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{F76AAB88-F8DA-41DE-854C-470DBE2EA170}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Attila\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{B09FB3EE-99D4-4B86-B214-F002FB18A4A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Saga Thrones of Britannia\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{F300B525-4665-4CE8-AB8F-230BE241A412}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Saga Thrones of Britannia\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{2F6AC3F2-D808-46FA-9CEE-1A74DC8E0C7C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{20D3B277-2C7D-46E0-90AF-F43B516643D4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A5E53D58-2F2A-48DD-BD3B-71AB9E3B720E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1B3E6AC6-CF91-422C-AFE3-486243571EAF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Puntos de Restauración =========================

19-12-2020 01:41:57 Punto de control programado
08-01-2021 01:05:27 Punto de control programado
08-01-2021 22:28:17 JRT Pre-Junkware Removal

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (01/08/2021 10:27:10 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error al actualizar el estado de  a SECURITY_PRODUCT_STATE_ON.

Error: (01/08/2021 10:24:44 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error al actualizar el estado de  a SECURITY_PRODUCT_STATE_ON.

Error: (01/08/2021 10:24:44 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error al actualizar el estado de  a SECURITY_PRODUCT_STATE_ON.

Error: (01/08/2021 10:24:44 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: El servicio del Centro de seguridad de Windows no puede cargar las instancias de FirewallProduct desde el almacén de datos.

Error: (01/08/2021 10:17:13 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (01/08/2021 10:17:13 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (01/08/2021 10:17:12 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (01/08/2021 10:17:12 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]


Errores del sistema:
=============
Error: (01/08/2021 10:30:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

Error: (01/08/2021 10:30:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 1000 milisegundos: Reiniciar el servicio.

Error: (01/08/2021 10:27:34 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Servicio Orquestador de actualizaciones no respondió después de iniciar.

Error: (01/08/2021 10:16:50 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-946LB9P)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (01/08/2021 10:16:48 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-946LB9P)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (01/08/2021 10:16:47 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-946LB9P)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (01/08/2021 10:16:47 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-946LB9P)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (01/08/2021 10:16:47 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-946LB9P)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.


Windows Defender:
===================================
Date: 2021-01-08 20:49:42.0380000Z
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Glupteba!ml&threatid=2147748182&enterprise=0
Nombre: Trojan:Win32/Glupteba!ml
Id.: 2147748182
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_E:\setup.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-946LB9P\Ivan
Nombre de proceso: C:\Windows\explorer.exe
Versión de inteligencia de seguridad: AV: 1.329.1863.0, AS: 1.329.1863.0, NIS: 1.329.1863.0
Versión de motor: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2021-01-08 20:34:45.3240000Z
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Glupteba!ml&threatid=2147748182&enterprise=0
Nombre: Trojan:Win32/Glupteba!ml
Id.: 2147748182
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_E:\setup.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-946LB9P\Ivan
Nombre de proceso: C:\Users\Ivan\AppData\Roaming\uTorrent\uTorrent.exe
Versión de inteligencia de seguridad: AV: 1.329.1863.0, AS: 1.329.1863.0, NIS: 1.329.1863.0
Versión de motor: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2021-01-08 20:32:00.0820000Z
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Glupteba!ml&threatid=2147748182&enterprise=0
Nombre: Trojan:Win32/Glupteba!ml
Id.: 2147748182
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_E:\setup.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-946LB9P\Ivan
Nombre de proceso: C:\Program Files\WinRAR\WinRAR.exe
Versión de inteligencia de seguridad: AV: 1.329.1863.0, AS: 1.329.1863.0, NIS: 1.329.1863.0
Versión de motor: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2021-01-08 20:30:28.8110000Z
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Glupteba!ml&threatid=2147748182&enterprise=0
Nombre: Trojan:Win32/Glupteba!ml
Id.: 2147748182
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_E:\setup.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-946LB9P\Ivan
Nombre de proceso: C:\Program Files\WinRAR\WinRAR.exe
Versión de inteligencia de seguridad: AV: 1.329.1863.0, AS: 1.329.1863.0, NIS: 1.329.1863.0
Versión de motor: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2021-01-08 20:30:01.5160000Z
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Glupteba!ml&threatid=2147748182&enterprise=0
Nombre: Trojan:Win32/Glupteba!ml
Id.: 2147748182
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_E:\setup.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-946LB9P\Ivan
Nombre de proceso: C:\Program Files\WinRAR\WinRAR.exe
Versión de inteligencia de seguridad: AV: 1.329.1863.0, AS: 1.329.1863.0, NIS: 1.329.1863.0
Versión de motor: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2021-01-07 17:55:57.1650000Z
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.329.245.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.17700.4
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2021-01-07 17:55:57.1640000Z
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.329.245.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.17700.4
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2021-01-07 17:55:57.1620000Z
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.329.245.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.17700.4
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2021-01-07 17:55:57.1390000Z
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.329.245.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.17700.4
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2021-01-07 17:55:57.1380000Z
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.329.245.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.17700.4
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

CodeIntegrity:
===================================

Date: 2021-01-08 22:27:10.5700000Z
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-08 22:27:10.5340000Z
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-08 22:27:10.4560000Z
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-08 22:27:10.4230000Z
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-08 22:26:57.8350000Z
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-08 22:26:56.7170000Z
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-08 22:26:56.2980000Z
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-08 22:26:55.7250000Z
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. F8 06/19/2014
Placa base: Gigabyte Technology Co., Ltd. H81M-S2PV
Procesador: Intel(R) Core(TM) i3-4170 CPU @ 3.70GHz
Porcentaje de memoria en uso: 18%
RAM física total: 16269.88 MB
RAM física disponible: 13281.95 MB
Virtual total: 20109.88 MB
Virtual disponible: 17192.79 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:464.34 GB) (Free:92.65 GB) NTFS

\\?\Volume{84f334dc-c2c6-4bc5-8f04-4327d22bf5f5}\ (Recuperación) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{74eb6e33-464e-4bd2-b66b-2f4ffb730893}\ () (Fixed) (Total:0.86 GB) (Free:0.43 GB) NTFS
\\?\Volume{c6e8ef89-3f7d-ddb2-b5ca-15b2a699e3e4}\ () (Fixed) (Total:19.97 GB) (Free:0 GB) NTFS
\\?\Volume{6b91d4bd-8153-48a0-9285-83ba87d1951a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: A1C855AD)

Partition: GPT.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 1.

==================== Final de Addition.txt =======================

Hola @Rallye_Group_B. Bienvenido al foro.

En los informes que envías no aparece ningún archivo con extensión VBS. De todas formas si sólo bajaste el archivo con extensión VBS y no lo ejecutaste, entonces el maleware no se ha instalado en tu equipo. Lo que tienes que hacer, que supongo habrás hecho ya, es borrar el archivo VBS. Bórralo también de la papelera.