-hace mas de un año tuve un problema que se me colo un troyano porque soy bobo, y bueno obtuvo datos mios lo envie a un tecnico y crei que se habia limpiado pero me llegan correos que van a filtar informacion si no pago y que aun anda en mi pc y bueno tengo miedo y pido ayuda para estar 100% seguro
-eh probado con muchos de sus programas que proporcionaban en otras publicaciones algunas me detectaba y otras no y bueno seguia los pasos pero al final nose si lo limpiaba bien
Hola, buenas @Itenshi23 bienvenido al foro. Al ser nuevo le recomiendo que se lea usted las Click aquí: políticas de este. No porque haya hecho usted nada mal, sino para saber más acerca del funcionamiento de este.
Aclarado esto, voy a intentar ayudarle pero antes necesito que me responda usted a algunas preguntas:
Le hago una pregunta @Itenshi23: ¿Le ha realizado usted un proceso de análisis con su Suite de Seguridad a su ordenador? ¿Dispone usted de los Informes y/o Reportes que le a generado las diferentes Suite de Seguridad cuando usted le ha realizado los procesos de análisis a su ordenador en busca de virus e infecciones? Mándeme usted los Informes y/o Reportes para que pueda revisarlos.
@Itenshi23 ¿Se ha descargado e instalado usted algún programa en su ordenador de alguna página no fiable?
Para poder enviarme usted el Informe y/o Reporte correctamente que le solicite a partir de ahora en este tema realice usted los siguientes pasos que le indico a continuación:
Como se muestra en el siguiente EJEMPLO:
Quedo a la espera de su respuesta!
Si e hecho mucho de los procedimientos que seguia en otras publicaciones pero las elimine porque no me llegaba ningun correo durante 1 mes asi que pense que habia terminado todo hasta que me llego un correo hoy tengo unos reportes que son del FRST64
FRST (primer reporte)
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 04-04-2023
Ejecutado por Acosta (administrador) sobre DESKTOP-3U2CKDG (Gigabyte Technology Co., Ltd. B450M DS3H) (04-04-2023 09:34:19)
Ejecutado desde C:\Users\Acosta\Downloads
Perfiles cargados: Acosta
Plataforma: Microsoft Windows 10 Pro Versión 22H2 19045.2788 (X64) Idioma: Español (México)
Navegador predeterminado: Opera
Modo de Inicio: Normal
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Users\Acosta\AppData\Local\Programs\Opera GX\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Acosta\AppData\Local\Programs\Opera GX\96.0.4693.127\opera_crashreporter.exe
(C:\Users\Acosta\AppData\Roaming\Zoom\bin\Zoom.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Users\Acosta\AppData\Local\Zoom\plugin\cef_x64\zCefAgent.exe <6>
(C:\Users\Acosta\AppData\Roaming\Zoom\bin\Zoom.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Users\Acosta\AppData\Roaming\Zoom\bin\CptHost.exe
(cmd.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(DriverStore\FileRepository\u0390115.inf_amd64_994a5edc14fb71f6\B389920\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0390115.inf_amd64_994a5edc14fb71f6\B389920\atieclxx.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Opera Norway AS -> Opera Software) C:\Users\Acosta\AppData\Local\Programs\Opera GX\opera.exe <27>
(services.exe ->) () [Archivo no firmado] C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0390115.inf_amd64_994a5edc14fb71f6\B389920\atiesrxx.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Windows\System32\GigabyteUpdateService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ee6fe91a35eb809c\RtkAudUService64.exe <2>
(svchost.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Users\Acosta\AppData\Roaming\Zoom\bin\Zoom.exe <2>
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [194704 2023-01-16] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ee6fe91a35eb809c\RtkAudUService64.exe [3450728 2022-02-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3088752 2023-03-10] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe --checkInstall (Ningún archivo)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restricción <==== ATENCIÓN
HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4362600 2023-03-24] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\Acosta\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\Run: [MicrosoftEdgeAutoLaunch_201A338FFE00E5AA3CFFD34B8D6358CA] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4056016 2023-03-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\Run: [AMDNoiseSuppression] => "C:\Windows\system32\AMD\ANR\AMDNoiseSuppression.exe" (Ningún archivo)
Startup: C:\Users\Acosta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeepL auto-start.lnk [2023-03-21]
ShortcutTarget: DeepL auto-start.lnk -> C:\Users\Acosta\AppData\Roaming\0install.net\desktop-integration\stubs\1eae01f3cdb5ff0ecf683b15a60a1489573c1188cb34abc205fcf7a924b4e54d\auto-start.exe () [Archivo no firmado]
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {114CA16D-A63E-4A41-8C5D-07BC076057D0} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-03-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {1A62EBC0-AEAC-4C75-A62F-EDC00A8D13AD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8304592 2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {1FD64832-CE78-4ACB-B703-50E334B11126} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [291768 2023-03-27] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {3F9BB779-248E-4DCB-BE42-1EBF24542C34} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {45ECD4EA-FC22-4892-A754-C90C77E4AC2A} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s (Ningún archivo)
Task: {62C69D23-90CE-4E79-A47C-E15DC7E53465} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-03-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {66BCCAA4-5FD7-4611-83B0-62EAD7B79ED8} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [67472 2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {68919F54-C6E0-4167-B1E2-180848AE84DC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23244744 2022-05-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {90CCBC29-9FC6-482E-AA4D-3B7E800CA7F3} - System32\Tasks\Remove AdwCleaner Application => CMD.EXE /C DEL /F /Q "C:\Users\Acosta\Downloads\adwcleaner.exe"
Task: {950EF12E-9065-4E3F-80F1-C9BC7AB751D3} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-03-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {A2452F86-E92F-46A5-9A34-E81D228A545B} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1653999056 => C:\Users\Acosta\AppData\Local\Programs\Opera GX\launcher.exe [2637208 2023-03-28] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Acosta\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {AFFA49C9-0471-4589-848A-1714D550A5FA} - System32\Tasks\Opera GX scheduled Autoupdate 1653180064 => C:\Users\Acosta\AppData\Local\Programs\Opera GX\launcher.exe [2637208 2023-03-28] (Opera Norway AS -> Opera Software)
Task: {B166D992-F874-48DB-AE17-FA7CB3688B6D} - System32\Tasks\Uninstall AdwCleaner Application => C:\Users\Acosta\Downloads\adwcleaner.exe [8791352 2023-04-04] (Malwarebytes Inc. -> Malwarebytes)
Task: {BA2E06B0-E493-4AB2-8B76-C84C7AD4ABB4} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [183736 2023-03-27] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {C20A5239-198A-424A-9812-731330804531} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [59832 2023-03-27] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {D1DC3AFD-DC1A-41DF-B09C-A0954DA04391} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144792 2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {D8F9D77B-FBC1-456F-AB48-F5F6A667491F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8304592 2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {DF447DD8-7515-417C-80BE-1BC4D19FF525} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23244744 2022-05-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {F3CDE4A1-E23F-4590-A14B-798280CF18C0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144792 2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Tcpip\Parameters: [DhcpNameServer] 200.48.225.146 200.48.225.130
Tcpip\..\Interfaces\{03354a15-186c-4d79-bf61-d1b62ffa21b8}: [DhcpNameServer] 200.48.225.146 200.48.225.130
Edge:
=======
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\Acosta\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2023-04-04]
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-05-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-05-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-03-20] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-2383643560-2673399571-3057379336-1001) Opera GXStable - "C:\Users\Acosta\AppData\Local\Programs\Opera GX\Launcher.exe"
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
S3 AntiCheatExpert Service; C:\Program Files\AntiCheatExpert\SGuard\x64\SGuardSvc64.exe [2696560 2023-02-15] (HIGH MORALE DEVELOPMENTS LIMITED -> )
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9712432 2022-11-09] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11988424 2022-05-20] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1136040 2022-11-27] (EasyAntiCheat Oy -> Epic Games, Inc)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3549872 2023-01-16] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3549872 2023-01-16] (ESET, spol. s r.o. -> ESET)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-12-09] (Epic Games Inc. -> Epic Games, Inc.)
R2 MyService1; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [18944 2021-04-08] () [Archivo no firmado]
S4 Parsec; C:\Program Files\Parsec\pservice.exe [424584 2022-10-17] (Parsec Cloud, Inc. -> Parsec)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [285088 2023-04-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [11060856 2023-03-10] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2210.6-0\NisSrv.exe [3191272 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2210.6-0\MsMpEng.exe [133544 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 GigabyteUpdateService; C:\Windows\system32\GigabyteUpdateService.exe [861328 2023-04-04] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S2 OCButtonService; "C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\OcButtonService.exe" [X]
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S3 ACE-BASE; C:\Windows\system32\drivers\ACE-BASE.sys [1660968 2023-03-27] (HIGH MORALE DEVELOPMENTS LIMITED -> ANTICHEATEXPERT.COM)
R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [36248 2022-10-14] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [36928 2022-09-16] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R2 AMDRyzenMasterDriverV20; C:\Windows\system32\AMDRyzenMasterDriver.sys [48328 2023-03-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_1a1a381a2c0e293c\amdsafd.sys [113056 2022-08-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0390115.inf_amd64_994a5edc14fb71f6\B389920\amdkmdag.sys [100244912 2023-03-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [59920 2022-05-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [198416 2023-01-16] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [119904 2023-01-16] (ESET, spol. s r.o. -> ESET)
S4 edevmonm; C:\Windows\System32\DRIVERS\edevmonm.sys [120928 2023-01-16] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [16336 2022-08-23] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [237208 2023-01-16] (ESET, spol. s r.o. -> ESET)
S4 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [55392 2023-01-16] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [81696 2023-01-16] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [122504 2023-01-16] (ESET, spol. s r.o. -> ESET)
S3 gdrv3; C:\Windows\System32\drivers\gdrv3.sys [45248 2023-04-03] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 HoYoProtect; C:\Windows\system32\HoYoKProtect.sys [3669520 2023-02-21] (Microsoft Windows Hardware Compatibility Publisher -> miHoYo)
S3 ksophon_x64; C:\Windows\system32\drivers\ksophon_x64.sys [9986168 2022-09-15] (PROXIMA BETA PTE. LIMITED -> PROXIMA BETE)
R2 Ld9BoxSup; C:\Program Files\ldplayer9box\Ld9BoxSup.sys [376144 2023-03-16] (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation)
R0 MsSecCore; C:\Windows\System32\drivers\msseccore.sys [26480 2023-04-02] (Microsoft Windows -> Microsoft Corporation)
S3 MsSecWfp; C:\Windows\System32\drivers\mssecwfp.sys [29568 2023-04-02] (Microsoft Windows -> Microsoft Corporation)
R2 NPF; C:\Program Files (x86)\iVMS-4200 Site\Drivers\npf64.sys [36600 2022-09-25] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 RvNetMP60; C:\Windows\System32\drivers\RvNetMP60.sys [69048 2021-12-20] (Famatech Corp. -> Famatech Corp.)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [22292248 2023-03-10] (Riot Games, Inc. -> Riot Games, Inc.)
R1 ViGEmBus; C:\Windows\System32\drivers\ViGEmBus.sys [165744 2022-03-14] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49616 2022-11-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [469288 2022-11-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-10] (Microsoft Windows -> Microsoft Corporation)
S3 R0HYDRA; \??\C:\Program Files (x86)\PROJECT HYDRA\HYDRA.sys [X]
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) (Lista blanca) =========
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2023-04-04 09:34 - 2023-04-04 09:34 - 000019237 _____ C:\Users\Acosta\Downloads\FRST.txt
2023-04-04 09:34 - 2023-04-04 09:34 - 000000000 ____D C:\FRST
2023-04-04 09:33 - 2023-04-04 09:33 - 002380288 _____ (Farbar) C:\Users\Acosta\Downloads\FRST64.exe
2023-04-04 09:00 - 2023-04-04 09:00 - 000003308 _____ C:\Windows\system32\Tasks\Remove AdwCleaner Application
2023-04-04 09:00 - 2023-04-04 09:00 - 000003290 _____ C:\Windows\system32\Tasks\Uninstall AdwCleaner Application
2023-04-04 08:59 - 2023-04-04 08:59 - 008791352 _____ (Malwarebytes) C:\Users\Acosta\Downloads\adwcleaner.exe
2023-04-04 08:33 - 2023-04-04 08:57 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\ZHP
2023-04-04 08:33 - 2023-04-04 08:33 - 000000876 _____ C:\Users\Acosta\Desktop\ZHPCleaner.lnk
2023-04-04 08:33 - 2023-04-04 08:33 - 000000000 ____D C:\Users\Acosta\AppData\Local\ZHP
2023-04-04 08:32 - 2023-04-04 08:32 - 003306696 _____ (Nicolas Coolman) C:\Users\Acosta\Downloads\ZHPCleaner.exe
2023-04-04 08:24 - 2023-04-04 08:32 - 000310940 _____ C:\TDSSKiller.3.1.0.28_04.04.2023_08.24.51_log.txt
2023-04-04 08:24 - 2023-04-04 08:24 - 005054744 _____ (AO Kaspersky Lab) C:\Users\Acosta\Downloads\tdsskiller.exe
2023-04-03 23:21 - 2023-04-03 23:21 - 000000000 ____D C:\Users\Acosta\AppData\LocalLow\AMD
2023-04-03 23:12 - 2023-04-03 23:12 - 000000000 ____D C:\Users\Acosta\AppData\Local\AMD_Common
2023-04-03 23:11 - 2023-04-04 08:12 - 000000000 ____D C:\Users\Acosta\AppData\Local\D3DSCache
2023-04-03 23:09 - 2023-04-04 06:55 - 000003120 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2023-04-03 23:09 - 2023-04-03 23:12 - 000000000 ____D C:\ProgramData\AMD
2023-04-03 23:09 - 2023-04-03 23:09 - 000003484 _____ C:\Windows\system32\Tasks\ModifyLinkUpdate
2023-04-03 23:09 - 2023-04-03 23:09 - 000000000 ____D C:\Windows\system32\AMD
2023-04-03 23:09 - 2023-04-03 23:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2023-04-03 23:08 - 2023-04-03 23:08 - 000003152 _____ C:\Windows\system32\Tasks\StartCN
2023-04-03 23:08 - 2023-04-03 23:08 - 000003072 _____ C:\Windows\system32\Tasks\StartDVR
2023-04-03 23:08 - 2023-04-03 23:08 - 000002622 _____ C:\Windows\system32\Tasks\AMDRyzenMasterSDKTask
2023-04-03 23:08 - 2023-04-03 23:08 - 000000000 ____D C:\Users\Acosta\AppData\Local\AMDSoftwareInstaller
2023-04-03 23:08 - 2023-04-03 23:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ Adrenalin Edition
2023-04-03 23:08 - 2023-03-26 23:16 - 003033288 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\AMDBugReportTool.exe
2023-04-03 22:51 - 2023-04-03 22:52 - 000000000 ____D C:\Users\Acosta\Desktop\[Guru3D.com]-DDU
2023-04-03 22:47 - 2023-04-04 06:55 - 000089232 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Windows\system32\GigabyteDownloadAssistant.exe
2023-04-03 22:47 - 2023-04-03 22:47 - 000000000 ____D C:\ProgramData\GIGABYTE
2023-04-03 22:36 - 2023-04-04 06:55 - 000875536 _____ C:\Windows\system32\wpbbin.exe
2023-04-03 22:36 - 2023-04-04 06:55 - 000861328 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Windows\system32\GigabyteUpdateService.exe
2023-04-03 22:27 - 2023-04-03 22:27 - 000036352 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Windows\gdrv3.sys
2023-04-03 22:11 - 2023-04-03 22:11 - 000000000 ___HD C:\Program Files (x86)\Temp
2023-04-03 22:11 - 2023-04-03 22:11 - 000000000 ____D C:\Program Files (x86)\Realtek
2023-04-03 22:11 - 2022-02-21 01:33 - 001163096 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
2023-04-03 22:11 - 2021-05-16 20:50 - 002875968 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2023-04-03 21:58 - 2023-04-03 22:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gigabyte
2023-04-03 21:51 - 2023-04-03 22:00 - 000045248 ____N (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Windows\system32\Drivers\gdrv3.sys
2023-04-03 21:50 - 2023-04-03 22:27 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2023-04-03 21:50 - 2023-04-03 22:27 - 000000000 ____D C:\Program Files (x86)\Gigabyte
2023-04-03 16:50 - 2023-04-03 16:50 - 027958470 _____ C:\Users\Acosta\Downloads\9488 ZUN - ZUN Nonstop Medley.osz
2023-04-03 00:27 - 2023-04-03 00:27 - 000000000 ____D C:\Windows\system32\Drivers\mde
2023-04-02 22:07 - 2023-04-02 22:07 - 000000221 _____ C:\Users\Acosta\Desktop\Killing Floor Mod Defence Alliance 2.url
2023-04-02 22:07 - 2023-04-02 22:07 - 000000220 _____ C:\Users\Acosta\Desktop\Killing Floor.url
2023-04-02 18:49 - 2023-04-02 18:49 - 000000000 ___HD C:\$WinREAgent
2023-04-02 06:50 - 2023-04-02 06:51 - 000000000 ____D C:\Users\Acosta\Desktop\xd
2023-04-01 23:07 - 2023-04-01 23:07 - 001388622 _____ C:\Users\Acosta\Downloads\aris_cantando.wav
2023-04-01 22:58 - 2023-04-02 13:51 - 000007597 _____ C:\Users\Acosta\AppData\Local\Resmon.ResmonCfg
2023-04-01 19:40 - 2023-04-01 19:40 - 000000975 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2023-04-01 19:22 - 2023-04-01 19:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2023-04-01 19:22 - 2023-04-01 19:40 - 000000000 ____D C:\Program Files\CPUID
2023-04-01 19:22 - 2023-04-01 19:22 - 000000981 _____ C:\Users\Public\Desktop\CPUID CPU-Z Gigabyte.lnk
2023-04-01 17:28 - 2023-04-01 17:44 - 000003144 _____ C:\Windows\system32\Tasks\MSIAfterburner
2023-04-01 16:26 - 2023-04-01 16:26 - 000000000 ____D C:\Users\Acosta\AppData\Local\Downloaded Installations
2023-04-01 15:15 - 2023-04-01 15:15 - 000000000 ___HD C:\Windows\msdownld.tmp
2023-04-01 15:15 - 2023-04-01 15:15 - 000000000 ____D C:\Windows\SysWOW64\directx
2023-03-31 12:22 - 2023-03-31 12:22 - 002185088 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2023-03-31 12:22 - 2023-03-31 12:22 - 002185088 _____ C:\Windows\system32\vulkaninfo.exe
2023-03-31 12:22 - 2023-03-31 12:22 - 001619376 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-03-31 12:22 - 2023-03-31 12:22 - 001619376 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2023-03-31 12:22 - 2023-03-31 12:22 - 001500360 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 001500360 _____ C:\Windows\system32\vulkan-1.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 001231512 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 001231512 _____ C:\Windows\SysWOW64\vulkan-1.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 000791472 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 000704904 _____ C:\Windows\system32\hiprt0200064.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 000668552 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 000596360 _____ C:\Windows\system32\GameManager64.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 000538032 _____ C:\Windows\system32\libsmi_guest.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 000532352 _____ C:\Windows\system32\dgtrayicon.exe
2023-03-31 12:22 - 2023-03-31 12:22 - 000531336 _____ C:\Windows\system32\libsmi_host.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 000492416 _____ C:\Windows\system32\EEURestart.exe
2023-03-31 12:22 - 2023-03-31 12:22 - 000449968 _____ C:\Windows\SysWOW64\GameManager32.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 000351104 _____ C:\Windows\system32\clinfo.exe
2023-03-31 12:22 - 2023-03-31 12:22 - 000196488 _____ C:\Windows\system32\mantle64.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 000176008 _____ C:\Windows\system32\mantleaxl64.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 000155936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 000153480 _____ C:\Windows\SysWOW64\mantle32.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 000137648 _____ C:\Windows\SysWOW64\mantleaxl32.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 000125704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 000041352 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 000038320 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 100644744 _____ C:\Windows\system32\amd_comgr.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 084666240 _____ C:\Windows\SysWOW64\amd_comgr32.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 002018736 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 001701000 _____ (AMD) C:\Windows\system32\amf-mft-mjpeg-decoder64.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 001537968 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 001537968 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 001378312 _____ (AMD) C:\Windows\SysWOW64\amf-mft-mjpeg-decoder32.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000938416 _____ (AMD) C:\Windows\system32\atieclxx.exe
2023-03-31 12:21 - 2023-03-31 12:21 - 000525744 _____ C:\Windows\system32\atieah64.exe
2023-03-31 12:21 - 2023-03-31 12:21 - 000514480 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000463280 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000394672 _____ C:\Windows\SysWOW64\atieah32.exe
2023-03-31 12:21 - 2023-03-31 12:21 - 000379824 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000256392 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000216960 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000200416 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000186240 _____ (AMD) C:\Windows\system32\atimuixx.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000173952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000163312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000137096 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000134576 _____ C:\Windows\system32\atidxx64.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000132528 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000128384 _____ C:\Windows\system32\amdxc64.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000108464 _____ C:\Windows\SysWOW64\atidxx32.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000108464 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000103816 _____ C:\Windows\SysWOW64\amdxc32.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000064944 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ati2erec.dll
2023-03-31 12:20 - 2023-03-31 12:20 - 007190480 _____ C:\Windows\system32\amdsmi.exe
2023-03-31 12:20 - 2023-03-31 12:20 - 002257288 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdsasrv64.dll
2023-03-31 12:20 - 2023-03-31 12:20 - 001310600 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdsacli64.dll
2023-03-31 12:20 - 2023-03-31 12:20 - 001039280 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdsacli32.dll
2023-03-31 12:20 - 2023-03-31 12:20 - 000933296 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2023-03-31 12:20 - 2023-03-31 12:20 - 000761264 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2023-03-31 12:20 - 2023-03-31 12:20 - 000461232 _____ C:\Windows\system32\amdlogum.exe
2023-03-31 12:20 - 2023-03-31 12:20 - 000222064 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll
2023-03-31 12:20 - 2023-03-31 12:20 - 000177744 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll
2023-03-31 12:19 - 2023-03-31 12:19 - 016164784 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdhip64.dll
2023-03-31 12:19 - 2023-03-31 12:19 - 004354432 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdadlx64.dll
2023-03-31 12:19 - 2023-03-31 12:19 - 004160392 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdadlx32.dll
2023-03-31 12:19 - 2023-03-31 12:19 - 000558512 _____ C:\Windows\system32\amdgfxinfo64.dll
2023-03-31 12:19 - 2023-03-31 12:19 - 000553256 _____ C:\Windows\system32\amdmiracast.dll
2023-03-31 12:19 - 2023-03-31 12:19 - 000422320 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2023-03-31 12:19 - 2023-03-31 12:19 - 000155936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2023-03-31 12:19 - 2023-03-31 12:19 - 000125704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2023-03-31 12:18 - 2023-03-31 12:18 - 000165784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2023-03-31 12:18 - 2023-03-31 12:18 - 000140216 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2023-03-31 11:28 - 2023-03-31 11:28 - 094930880 _____ C:\Windows\system32\amdxc64.so
2023-03-31 11:28 - 2023-03-31 11:28 - 030284712 _____ C:\Windows\system32\hiprt02000_amd.hipfb
2023-03-31 11:28 - 2023-03-31 11:28 - 022879832 _____ C:\Windows\system32\hiprt02000_nv.fatbin
2023-03-31 11:28 - 2023-03-31 11:28 - 002170168 _____ C:\Windows\system32\oro_compiled_kernels.fatbin
2023-03-31 11:28 - 2023-03-31 11:28 - 001464232 _____ C:\Windows\system32\oro_compiled_kernels.hipfb
2023-03-31 11:28 - 2023-03-31 11:28 - 000154384 _____ C:\Windows\system32\samu_krnl_ci.sbin
2023-03-31 11:28 - 2023-03-31 11:28 - 000138832 _____ C:\Windows\system32\samu_krnl_isv_ci.sbin
2023-03-31 11:28 - 2023-03-31 11:28 - 000128048 _____ C:\Windows\system32\kapp_ci.sbin
2023-03-31 11:28 - 2023-03-31 11:28 - 000121168 _____ C:\Windows\system32\kapp_si.sbin
2023-03-30 10:58 - 2023-04-03 23:08 - 000000000 ____D C:\Program Files\AMD
2023-03-30 10:57 - 2023-04-03 23:07 - 000000000 ____D C:\AMD
2023-03-30 10:52 - 2023-04-03 22:59 - 001266998 _____ C:\Windows\ntbtlog.txt
2023-03-27 17:02 - 2023-03-27 17:02 - 000001828 _____ C:\Users\Acosta\Desktop\CrystalDiskInfo.lnk
2023-03-27 17:02 - 2023-03-27 17:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2023-03-27 17:02 - 2023-03-27 17:02 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2023-03-27 14:49 - 2023-03-27 14:49 - 000000348 _____ C:\Windows\Tasks\GlaryInitialize 5.job
2023-03-27 14:48 - 2023-03-27 14:48 - 000004964 _____ C:\Users\Acosta\Documents\cc_20230327_144813.reg
2023-03-27 14:46 - 2023-03-27 14:47 - 000300234 _____ C:\Users\Acosta\Documents\cc_20230327_144615.reg
2023-03-27 13:21 - 2023-03-27 13:21 - 000000000 ____D C:\Users\Acosta\Doctor Web
2023-03-27 12:04 - 2023-03-27 12:04 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\5E262A75.sys
2023-03-27 00:03 - 2023-03-27 00:03 - 000856504 _____ (Advanced Micro Devices) C:\Windows\system32\Device.dll
2023-03-27 00:03 - 2023-03-27 00:03 - 000061368 _____ (Advanced Micro Devices) C:\Windows\system32\Platform.dll
2023-03-26 23:31 - 2023-03-26 23:31 - 000048328 _____ (Advanced Micro Devices) C:\Windows\system32\AMDRyzenMasterDriver.sys
2023-03-26 12:40 - 2023-03-30 15:58 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\osu
2023-03-26 12:40 - 2023-03-26 12:52 - 000000000 ____D C:\Users\Acosta\AppData\Local\osulazer
2023-03-26 12:40 - 2023-03-26 12:40 - 000002284 _____ C:\Users\Acosta\Desktop\osu!(lazer).lnk
2023-03-25 13:10 - 2023-03-26 19:56 - 000000000 ____D C:\Users\Acosta\AppData\Local\GeometryDash
2023-03-20 10:10 - 2023-04-03 00:27 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\DeepL_SE
2023-03-20 10:10 - 2023-03-20 17:13 - 000003786 _____ C:\Users\Acosta\Desktop\DeepL.lnk
2023-03-20 10:10 - 2023-03-20 10:10 - 000002291 _____ C:\Users\Acosta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DeepL.lnk
2023-03-20 10:10 - 2023-03-20 10:10 - 000000000 ____D C:\Users\Acosta\AppData\Local\ToastNotificationManagerCompat
2023-03-20 10:09 - 2023-03-20 10:10 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\0install.net
2023-03-20 10:09 - 2023-03-20 10:10 - 000000000 ____D C:\Users\Acosta\AppData\Local\0install.net
2023-03-19 17:38 - 2023-03-19 17:38 - 000000665 _____ C:\Users\Public\Desktop\Dead Cells.lnk
2023-03-19 17:38 - 2023-03-19 17:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Cells
2023-03-16 00:52 - 2023-03-16 00:52 - 000000760 _____ C:\Users\Acosta\AppData\Roaming\Microsoft\Windows\Start Menu\LDMultiPlayer.lnk
2023-03-16 00:52 - 2023-03-16 00:52 - 000000714 _____ C:\Users\Acosta\Desktop\LDPlayer9.lnk
2023-03-16 00:52 - 2023-03-16 00:52 - 000000714 _____ C:\Users\Acosta\AppData\Roaming\Microsoft\Windows\Start Menu\LDPlayer9.lnk
2023-03-16 00:52 - 2023-03-16 00:52 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LDPlayer9
2023-03-16 00:52 - 2023-03-16 00:52 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LDMultiPlayer
2023-03-16 00:52 - 2023-03-16 00:52 - 000000000 ____D C:\Program Files\ldplayer9box
2023-03-10 17:10 - 2023-03-10 17:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2023-03-10 17:10 - 2023-03-10 17:10 - 000000000 ____D C:\Program Files\qBittorrent
2023-03-07 00:24 - 2023-03-07 00:24 - 000000000 ____D C:\Users\Public\Documents\Blackmagic Design
2023-03-07 00:24 - 2023-03-07 00:24 - 000000000 ____D C:\Users\Acosta\Documents\Blackmagic Design
2023-03-07 00:23 - 2023-03-07 00:23 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\Blackmagic Design
2023-03-07 00:18 - 2023-03-24 13:03 - 000001998 _____ C:\Users\Acosta\Desktop\DaVinci Resolve.lnk
2023-03-07 00:18 - 2023-03-07 00:18 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2023-03-07 00:18 - 2023-03-07 00:18 - 000000000 ____D C:\ProgramData\Blackmagic Design
2023-03-07 00:18 - 2023-03-07 00:18 - 000000000 ____D C:\Program Files\Blackmagic Design
2023-03-07 00:17 - 2023-03-07 00:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2023-03-07 00:17 - 2023-03-07 00:17 - 000000000 ____D C:\Program Files (x86)\Blackmagic Design
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2023-04-04 08:43 - 2022-05-21 20:58 - 000000000 ____D C:\ProgramData\SquirrelMachineInstalls
2023-04-04 08:33 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\NDF
2023-04-04 07:55 - 2022-08-09 10:28 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\tof_launcher
2023-04-04 07:55 - 2022-06-11 00:24 - 000000000 ____D C:\Users\Acosta\AppData\Local\CrashDumps
2023-04-04 07:36 - 2022-05-20 23:07 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-04-04 07:36 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-04-04 07:36 - 2019-12-07 04:13 - 000000000 ____D C:\Windows\INF
2023-04-04 07:02 - 2022-05-20 23:16 - 001677940 _____ C:\Windows\system32\PerfStringBackup.INI
2023-04-04 07:02 - 2019-12-07 10:02 - 000746864 _____ C:\Windows\system32\perfh00A.dat
2023-04-04 07:02 - 2019-12-07 10:02 - 000144722 _____ C:\Windows\system32\perfc00A.dat
2023-04-04 06:58 - 2023-01-05 16:41 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2023-04-04 06:55 - 2023-02-22 12:12 - 000003112 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2023-04-04 06:55 - 2022-05-20 23:07 - 000008192 ___SH C:\DumpStack.log.tmp
2023-04-04 06:55 - 2022-05-20 23:07 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-04-04 06:55 - 2019-12-07 04:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-04-03 23:45 - 2022-11-02 23:31 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\discord
2023-04-03 23:37 - 2023-02-22 12:18 - 000000000 ____D C:\Users\Acosta\AppData\Local\AMD
2023-04-03 23:25 - 2022-11-10 22:29 - 000000000 ____D C:\Users\Acosta\.Ld9VirtualBox
2023-04-03 23:24 - 2022-11-02 23:31 - 000000000 ____D C:\Users\Acosta\AppData\Local\Discord
2023-04-03 22:59 - 2022-06-14 19:21 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2023-04-03 22:12 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-04-03 22:12 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\AppReadiness
2023-04-03 18:40 - 2023-02-18 18:01 - 000000685 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firestorm Launcher.lnk
2023-04-03 18:40 - 2023-01-05 15:26 - 000000000 ____D C:\ProgramData\Riot Games
2023-04-03 18:40 - 2022-06-13 13:09 - 000002470 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2023-04-03 18:40 - 2022-06-13 13:09 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2023-04-03 18:40 - 2022-06-13 13:09 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2023-04-03 18:40 - 2022-05-24 22:30 - 000001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2023-04-03 18:40 - 2022-05-20 23:21 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2023-04-03 06:28 - 2022-05-21 19:41 - 000004238 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1653180064
2023-04-03 06:28 - 2022-05-21 19:41 - 000001441 _____ C:\Users\Acosta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera GX.lnk
2023-04-03 00:27 - 2022-05-20 23:07 - 000440584 _____ C:\Windows\system32\FNTCACHE.DAT
2023-04-03 00:27 - 2019-12-07 10:05 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-04-03 00:27 - 2019-12-07 04:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-04-03 00:27 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-04-03 00:27 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-04-03 00:27 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SystemResources
2023-04-03 00:27 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-04-03 00:27 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\oobe
2023-04-03 00:27 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\es-MX
2023-04-03 00:27 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\Dism
2023-04-03 00:27 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\DDFs
2023-04-03 00:27 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-04-03 00:27 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\bcastdvr
2023-04-03 00:26 - 2022-05-21 21:04 - 000000000 ____D C:\Program Files (x86)\Steam
2023-04-02 22:07 - 2022-06-15 12:39 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-04-02 18:54 - 2019-12-07 04:03 - 000000000 ____D C:\Windows\CbsTemp
2023-04-02 18:52 - 2022-05-20 23:09 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-04-02 13:42 - 2022-05-20 23:10 - 000000000 ____D C:\Users\Acosta
2023-04-02 08:40 - 2022-11-25 23:11 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\obs-studio
2023-04-01 22:07 - 2022-06-06 19:48 - 000000000 ____D C:\Users\Acosta\AppData\Local\osu!
2023-04-01 09:58 - 2022-05-20 23:07 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-04-01 00:46 - 2022-10-11 22:04 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-04-01 00:45 - 2022-05-22 13:41 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\qBittorrent
2023-03-31 14:01 - 2022-05-20 23:19 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-03-30 22:04 - 2022-06-13 13:09 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2023-03-30 08:27 - 2022-08-09 10:35 - 000000000 ____D C:\Users\Acosta\AppData\Local\Hotta
2023-03-27 17:14 - 2022-05-25 10:10 - 000000000 ____D C:\Users\Acosta\AppData\Local\ESET
2023-03-27 14:44 - 2023-02-15 01:57 - 000000000 ____D C:\Windows\Minidump
2023-03-27 14:44 - 2022-05-21 00:06 - 000000000 ____D C:\Windows\Panther
2023-03-27 14:11 - 2019-12-07 04:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-03-27 00:42 - 2023-02-15 01:57 - 000000000 ____D C:\ProgramData\AntiCheatExpert
2023-03-27 00:42 - 2023-02-15 01:56 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\nikke_launcher
2023-03-27 00:05 - 2023-02-15 01:57 - 001660968 _____ (ANTICHEATEXPERT.COM) C:\Windows\system32\Drivers\ACE-BASE.sys
2023-03-26 12:52 - 2022-10-17 20:57 - 000000000 ____D C:\Users\Acosta\AppData\Local\SquirrelClowdTemp
2023-03-26 12:40 - 2022-10-17 20:57 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ppy Pty Ltd
2023-03-21 21:53 - 2022-05-20 23:07 - 000003636 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-21 21:53 - 2022-05-20 23:07 - 000003512 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-20 10:10 - 2022-10-17 20:57 - 000000000 ____D C:\Users\Acosta\AppData\Local\Sentry
2023-03-19 19:53 - 2023-02-16 19:53 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\Goldberg SteamEmu Saves
2023-03-16 00:54 - 2022-12-07 13:42 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\XuanZhi9
2023-03-15 12:42 - 2019-12-07 10:02 - 000000000 ____D C:\Windows\system32\Drivers\es-MX
2023-03-15 12:37 - 2022-05-20 23:22 - 000000000 ____D C:\Windows\system32\MRT
2023-03-15 12:36 - 2022-05-20 23:22 - 153620824 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-03-08 15:56 - 2022-09-24 01:47 - 000000000 ____D C:\Users\Acosta\AppData\Local\Battle.net
2023-03-07 00:18 - 2022-05-22 15:56 - 000000000 ____D C:\ProgramData\Package Cache
2023-03-05 20:11 - 2022-10-09 20:00 - 000000000 ____D C:\Program Files (x86)\Battle.net
2023-03-05 00:08 - 2023-03-04 23:35 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\Path of Exile
==================== Archivos en la raíz de algunos directorios ========
2022-12-07 13:44 - 2022-12-07 13:44 - 000000064 _____ () C:\Users\Acosta\AppData\Roaming\changzhi_leidian.data
2022-12-07 13:44 - 2022-12-07 13:44 - 000000064 _____ () C:\Users\Acosta\AppData\Roaming\changzhi_mplayer.data
2023-02-15 01:55 - 2023-02-15 01:55 - 000000992 _____ () C:\Users\Acosta\AppData\Roaming\nikke_launcher.reg
2022-11-25 23:31 - 2022-11-25 23:31 - 000000015 _____ () C:\Users\Acosta\AppData\Roaming\obs-virtualcam.txt
2022-08-09 10:28 - 2022-08-09 11:44 - 000001004 _____ () C:\Users\Acosta\AppData\Roaming\tof_launcher.reg
2022-06-09 12:49 - 2022-06-09 13:14 - 000003584 _____ () C:\Users\Acosta\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2023-04-01 22:58 - 2023-04-02 13:51 - 000007597 _____ () C:\Users\Acosta\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
==================== Final de FRST.txt ========================
FRST Addition
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 04-04-2023
Ejecutado por Acosta (04-04-2023 09:34:56)
Ejecutado desde C:\Users\Acosta\Downloads
Microsoft Windows 10 Pro Versión 22H2 19045.2788 (X64) (2022-05-21 04:08:22)
Modo de Inicio: Normal
==========================================================
==================== Cuentas: =============================
(Si una entrada es incluida en el fixlist, será eliminada.)
Acosta (S-1-5-21-2383643560-2673399571-3057379336-1001 - Administrator - Enabled) => C:\Users\Acosta
Administrador (S-1-5-21-2383643560-2673399571-3057379336-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2383643560-2673399571-3057379336-503 - Limited - Disabled)
Invitado (S-1-5-21-2383643560-2673399571-3057379336-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2383643560-2673399571-3057379336-504 - Limited - Disabled)
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AV: ESET Security (Disabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Cortafuegos (Disabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
@BIOS (HKLM-x32\...\{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.22.0718.1 - GIGABYTE) Hidden
@BIOS (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.22.0718.1 - GIGABYTE)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1034-1033-7760-BC15014EA700}) (Version: 23.001.20093 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601042}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 4.09.21.138 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.19.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 23.4.1 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{e455060c-4aab-450b-84bd-ab13c2920456}) (Version: 4.09.21.138 - Advanced Micro Devices, Inc.) Hidden
Apache NetBeans IDE 14 (HKLM\...\nbi-nb-all-14.0.0.220601.0) (Version: 14 - Apache NetBeans)
APP Center (HKLM-x32\...\{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.22.1031.1 - Gigabyte) Hidden
APP Center (HKLM-x32\...\InstallShield_{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.22.1031.1 - Gigabyte)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Blackmagic RAW Common Components (HKLM\...\{BF73F11D-8A70-438B-A357-38E1F1A62164}) (Version: 2.8 - Blackmagic Design)
Branding64 (HKLM\...\{0DB6E0DC-607A-42C1-A3CE-7567A9F85AF4}) (Version: 1.00.0008 - Advanced Micro Devices, Inc.) Hidden
Comprobación de estado de PC Windows (HKLM\...\{8B474A92-CE3A-4F46-B6F1-6DFA1390F826}) (Version: 3.6.2204.08001 - Microsoft Corporation)
CPUID CPU-Z Gigabyte 2.05 (HKLM\...\CPUID CPU-Z Gigabyte_is1) (Version: 2.05 - CPUID, Inc.)
CPUID HWMonitor 1.50 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.50 - CPUID, Inc.)
CrystalDiskInfo 8.17.14 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.17.14 - Crystal Dew World)
DaVinci Resolve (HKLM\...\{7A0D85EC-72B0-4060-943C-169B1EF74C62}) (Version: 18.1.40009 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{7FA59352-9416-49BB-A98F-FDF3C95C8214}) (Version: 2.0.6.0 - Blackmagic Design)
Dead Cells MULTi12 - ElAmigos versión 06.03.2023 (HKLM-x32\...\{D9DF535E-0EC4-4715-B8F8-6AA6D7D1AF96}_is1) (Version: 06.03.2023 - Motion Twin)
DeepL (HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\https%3a##appdownload.deepl.com#windows#0install#deepl.xml) (Version: - DeepL SE)
Eclipse Temurin JDK con Hotspot 8u332-b09 (x64) (HKLM\...\{EA74D77A-7A51-4D97-8811-7152CA4C773A}) (Version: 8.0.332.9 - Eclipse Adoptium)
Epic Games Launcher (HKLM-x32\...\{532DD55D-9AEC-4D28-B84E-3D312F8F1E81}) (Version: 1.3.23.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.)
ESET Security (HKLM\...\{7640EC0A-921E-44D1-9165-DE31D473EAE3}) (Version: 16.0.26.0 - ESET, spol. s r.o.)
Firestorm Launcher versión 2.0 (HKLM-x32\...\{F4B56459-9812-461D-A6C7-5A1CF7CF5609}_is1) (Version: 2.0 - Firestorm)
Genshin Impact (HKLM\...\Genshin Impact) (Version: 2.24.1.0 - COGNOSPHERE PTE. LTD.)
HoloCureLauncher (HKLM\...\{1D9D1218-5244-4C84-902A-DD9F91B92C3C}) (Version: 1.0.2 - HoloCure)
iVMS-4200 (HKLM-x32\...\{CE2F96D0-63D2-4B9C-A8D6-0D1A60840BD8}) (Version: 3.8.1.4 - Hangzhou Hikvision Digital Technology Co., Ltd.)
Java 8 Update 321 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180321F0}) (Version: 8.0.3210.7 - Oracle Corporation)
Java SE Development Kit 8 Update 321 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180321}) (Version: 8.0.3210.7 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LDPlayer (HKLM-x32\...\LDPlayer9) (Version: 9.0.36 - XUANZHI INTERNATIONAL CO., LIMITED)
Microsoft .NET 6.0 Templates 6.0.400 (x64) (HKLM\...\{6108C224-9459-437C-BF24-F3576B542486}) (Version: 24.7.9423 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.8 (x64) (HKLM\...\{9245BB2A-DDFE-4B50-BD96-74676A97C677}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.8 (x64_arm) (HKLM\...\{116BB497-6EF9-40D5-8169-399FA8C44F05}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.8 (x64_arm64) (HKLM\...\{6C547448-603E-4A32-B7FC-6BB78CFCC728}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.8 (x64_x86) (HKLM\...\{BD4F6F6A-88EB-4466-8F69-EA7897FA5EDD}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.8 (x64) (HKLM\...\{6950FA03-8B88-4675-B685-FB21CA1762CC}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.8 (x64) (HKLM\...\{3C3CA326-3F1D-43B7-B0AD-CBC06B2DED5A}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.8 (x64) (HKLM\...\{7CEA3ABF-FE24-42AF-ADE6-B4A3EE346743}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET SDK 6.0.400 (x64) (HKLM-x32\...\{89cdd9a9-cb38-4d90-8f20-b141cb9cffc8}) (Version: 6.4.22.37103 - Microsoft Corporation)
Microsoft .NET Standard Targeting Pack - 2.1.0 (x64) (HKLM\...\{A7036CFB-B403-4598-85FF-D397ABB88173}) (Version: 24.0.28113 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 6.0.8 (x64) (HKLM\...\{D12C4399-F7EE-4105-A34A-D8DCC7C81A3A}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET Toolset 6.0.400 (x64) (HKLM\...\{78E6A6FE-9999-4CB1-86AE-52E2193C8CCE}) (Version: 24.5.9423 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.8 Shared Framework (x64) (HKLM\...\{FA97D589-B37E-3B49-A8D2-4764029773FE}) (Version: 6.0.8.22363 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.8 Targeting Pack (x64) (HKLM\...\{1C5B2A67-5828-33F9-9FB3-BE5780644781}) (Version: 6.0.8.22363 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 111.0.1661.62 - Microsoft Corporation)
Microsoft Office Profesional Plus 2019 - es-es (HKLM\...\ProPlus2019Retail - es-es) (Version: 16.0.15225.20204 - Microsoft Corporation)
Microsoft Project - es-es (HKLM\...\ProjectPro2019Retail - es-es) (Version: 16.0.15225.20204 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{56F27690-F6EA-3356-980A-02BA379506EE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{1b103cea-f037-4504-81de-956057b442c3}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.71.2 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.8 (x64) (HKLM\...\{EB3983F9-3D60-456D-A11A-C1366C79AD3E}) (Version: 48.35.45540 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 6.0.8 (x64) (HKLM\...\{939D4E60-912A-4D02-BA11-EC9B4B9FAE92}) (Version: 48.35.45540 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft.NET.Sdk.Android.Manifest-6.0.300 (HKLM\...\{F4E591C2-810D-4D36-B4F9-DC55103019D1}) (Version: 128.75.16384 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.iOS.Manifest-6.0.300 (HKLM\...\{BBA9C60D-75E7-44EE-922D-069AA85C8EC1}) (Version: 125.191.42208 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.MacCatalyst.Manifest-6.0.300 (HKLM\...\{FEB76EC8-02F4-46E6-8031-BE403766D13A}) (Version: 125.191.42208 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.macOS.Manifest-6.0.300 (HKLM\...\{F590F859-2F6A-4559-9D09-A8FC442AF16B}) (Version: 100.255.42208 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Maui.Manifest-6.0.300 (HKLM\...\{C2863251-07E7-44A0-B2F8-4C4E2AF08937}) (Version: 24.78.0 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.tvOS.Manifest-6.0.300 (HKLM\...\{69B1631F-5F98-4C6C-B757-46B0ECC8EDBB}) (Version: 125.191.42208 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.Manifest (HKLM\...\{7CBF3451-2A94-4DFD-8355-6B97C5EABB26}) (Version: 48.27.39026 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.Manifest (HKLM\...\{DBB48387-294D-4179-81CB-B06A97F8CD8E}) (Version: 48.3.40665 - Microsoft Corporation) Hidden
NIKKE (HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\nikke_launcher) (Version: - Level Infinite)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 28.1.2 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15225.20150 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15225.20194 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.15128.20178 - Microsoft Corporation) Hidden
Opera GX Stable 96.0.4693.127 (HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\Opera GX 96.0.4693.127) (Version: 96.0.4693.127 - Opera Software)
osu! (HKLM-x32\...\{9efe7748-d3c7-4442-9411-846ea7121e15}) (Version: latest - ppy Pty Ltd)
osu! (HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\osulazer) (Version: 2023.326.1 - ppy Pty Ltd)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Parsec (HKLM-x32\...\Parsec) (Version: 150-85c - Parsec Cloud Inc.)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.5.2 - The qBittorrent project)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9313.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.56.119.2022 - Realtek)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
RyzenMasterSDK (HKLM\...\{AD8B6B2B-861B-47F8-AD73-9DF1523F45EC}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tower of Fantasy (HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\tof_launcher) (Version: - Hotta Studio)
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
VALORANT (HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 111.0.1661.62 - Microsoft Corporation)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\ZoomUMX) (Version: 5.10.4 (5035) - Zoom Video Communications, Inc.)
Packages:
=========
Complemento de motor multimedia para Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-06-23] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.32.261.0_x64__dt26b99r8h8gj [2023-04-03] (Realtek Semiconductor Corp)
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
CustomCLSID: HKU\S-1-5-21-2383643560-2673399571-3057379336-1001_Classes\CLSID\{b72e6f5e-f6e0-a9eb-461b-6118363bd15c}\localserver32 -> D:\Deepl\sha256new_VWHRA5W4M2PQCCQ67TH5E6WWJ6BDO2AOAGGVOCKAYS5J636HFPRQ\DeepL.exe (DeepL SE -> DeepL SE)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-01-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-01-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2023-03-27] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-01-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Lista blanca) ====================
==================== Accesos directos & WMI ========================
==================== Módulos cargados (Lista blanca) =============
==================== Alternate Data Streams (Lista blanca) ========
(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)
AlternateDataStreams: C:\Windows\tracing:? [16]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk:1FA7E99ECA [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firestorm Launcher.lnk:7B66F3DBEE [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk:5465085A2F [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [3442]
==================== Modo Seguro (Lista blanca) ==================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
==================== Asociación (Lista blanca) =================
==================== Internet Explorer (Lista blanca) ==========
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_321\bin\ssv.dll [2022-05-24] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_321\bin\jp2ssv.dll [2022-05-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2019-12-07 04:14 - 2019-12-07 04:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Eclipse Adoptium\jdk-8.0.332.9-hotspot\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\
HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Acosta\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\wallpaperflare.com_wallpaper.jpg
DNS Servers: 200.48.225.146 - 200.48.225.130
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall de Windows está habilitado.
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
(Si una entrada es incluida en el fixlist, será eliminada.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Parsec => 2
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run32: => "Discord"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "RadminVPN"
HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\StartupApproved\StartupFolder: => "DeepL auto-start.lnk"
HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\StartupApproved\Run: => "Opera GX Browser Assistant"
HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_201A338FFE00E5AA3CFFD34B8D6358CA"
HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
FirewallRules: [TCP Query User{4DA0F2A6-1C5D-4A60-8A9F-ADBBB43AF0E2}C:\users\acosta\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\acosta\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{32BA2710-890F-4F48-A1D7-7BB855EDEF05}C:\users\acosta\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\acosta\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{1D1D6F69-0A50-42E4-A714-9DD23CF87343}C:\users\acosta\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\acosta\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{9988BD1D-61BE-4BCA-97E9-EE20479EB4B8}C:\users\acosta\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\acosta\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{E7394D35-00B5-4A70-92E5-32CB1AA3839F}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{1A6E474A-2587-4ADF-A3BC-3BCA2ABD37CA}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C966ABEE-42B9-4937-B7C9-2359D6770815}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{68192CEF-BBC5-4614-A5FC-BC42544FCA2A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7E2FBF45-F690-42EF-9C72-903C405E1D92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [Archivo no firmado]
FirewallRules: [{71243DBE-7C4D-4E7D-A3E7-4D16AF7795CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [Archivo no firmado]
FirewallRules: [{9086CABB-9008-4727-AB0C-8CE0ECF85AB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\launch.exe () [Archivo no firmado]
FirewallRules: [{F44B75BB-46C0-4654-9904-406A6F62CFAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\launch.exe () [Archivo no firmado]
FirewallRules: [{D0A84D75-753C-44F5-9B04-75BAFD29F77E}] => (Allow) C:\Users\Acosta\AppData\Local\TofMiniLoader\TofMiniLoader.exe (PROXIMA BETA PTE. LIMITED -> )
FirewallRules: [{CA871B67-11C3-4069-B060-B17E41DCBBCB}] => (Allow) C:\Users\Acosta\AppData\Local\TofMiniLoader\TofMiniLoader.exe (PROXIMA BETA PTE. LIMITED -> )
FirewallRules: [{C35E24D2-E6F6-47B3-BB31-C15C7191DC4F}] => (Allow) C:\Tower Of Fantasy\Hotta\Binaries\Win64\INTLWebViewHelper.exe (PROXIMA BETA PTE. LIMITED -> )
FirewallRules: [TCP Query User{0BED9C09-2155-4027-A12A-244FF04AAF19}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{1DB51078-1520-40E6-ABA1-777BF4536627}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{2100CA17-1A2E-4D4A-BC28-F9871924E934}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Archivo no firmado]
FirewallRules: [{4371A9ED-BC10-4C33-B3E9-75631E795C49}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Archivo no firmado]
FirewallRules: [{E72BEAB0-C258-4E47-9AC9-2777BCF61EC0}] => (Allow) C:\Program Files\Parsec\parsecd.exe (Parsec Cloud, Inc. -> Parsec)
FirewallRules: [TCP Query User{7B05BCD7-44E8-4F0A-B37B-2E2AA00B5BB0}C:\users\acosta\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\acosta\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{C4EBD969-D99B-4337-B980-1CCC354095AF}C:\users\acosta\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\acosta\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{428af563-e3d3-4b3d-b110-a3c644a01344}] => (Allow) C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation)
FirewallRules: [{af9f1981-8d17-48f5-9b7c-8898f3b78da0}] => (Allow) C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation)
FirewallRules: [TCP Query User{2156EBDB-5665-466C-8835-2BEFDCE53777}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{0D731244-947B-4DF4-B7BF-A6A5F8E2B76D}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{2a807145-22b2-403d-a809-d1712f58ed95}] => (Allow) C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation)
FirewallRules: [{96486E57-26ED-4BC8-BD9E-CD452BC68E0F}] => (Allow) C:\Users\Acosta\AppData\Local\TofMiniLoader\TofMiniLoader.exe (PROXIMA BETA PTE. LIMITED -> )
FirewallRules: [{6DB59F78-FB2E-4F72-8784-535D0827BBEC}] => (Allow) C:\Users\Acosta\AppData\Local\TofMiniLoader\TofMiniLoader.exe (PROXIMA BETA PTE. LIMITED -> )
FirewallRules: [{decb6873-d888-4334-b65c-8d1173021cd6}] => (Allow) C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation)
FirewallRules: [TCP Query User{5E3403B8-EE92-4785-AE41-BEB5AA2D16AA}C:\program files (x86)\ivms-4200 site\ivms-4200 client\server\ivms-4200.topology.s\ivms-4200.topology.s.exe] => (Allow) C:\program files (x86)\ivms-4200 site\ivms-4200 client\server\ivms-4200.topology.s\ivms-4200.topology.s.exe (Hangzhou Hikvision Digital Tech.Co.,Ltd -> )
FirewallRules: [UDP Query User{CC9F2D7F-1C50-4444-A1CC-D17650DF1B4C}C:\program files (x86)\ivms-4200 site\ivms-4200 client\server\ivms-4200.topology.s\ivms-4200.topology.s.exe] => (Allow) C:\program files (x86)\ivms-4200 site\ivms-4200 client\server\ivms-4200.topology.s\ivms-4200.topology.s.exe (Hangzhou Hikvision Digital Tech.Co.,Ltd -> )
FirewallRules: [TCP Query User{664E320B-4E08-452A-B101-5E8EA7131BBD}C:\program files (x86)\ivms-4200 site\ivms-4200 client\server\ivms-4200.devicemanagement.s\ivms-4200.devicemanagement.s.exe] => (Allow) C:\program files (x86)\ivms-4200 site\ivms-4200 client\server\ivms-4200.devicemanagement.s\ivms-4200.devicemanagement.s.exe (Hangzhou Hikvision Digital Tech.Co.,Ltd -> )
FirewallRules: [UDP Query User{A130CBDE-3ABD-4D45-B043-729029495BB1}C:\program files (x86)\ivms-4200 site\ivms-4200 client\server\ivms-4200.devicemanagement.s\ivms-4200.devicemanagement.s.exe] => (Allow) C:\program files (x86)\ivms-4200 site\ivms-4200 client\server\ivms-4200.devicemanagement.s\ivms-4200.devicemanagement.s.exe (Hangzhou Hikvision Digital Tech.Co.,Ltd -> )
FirewallRules: [TCP Query User{3AA017F3-004D-4484-88F3-CB0A8E4F0896}C:\program files (x86)\ivms-4200 site\ivms-4200 client\client\ivms-4200.video.c\ivms-4200.video.c.exe] => (Allow) C:\program files (x86)\ivms-4200 site\ivms-4200 client\client\ivms-4200.video.c\ivms-4200.video.c.exe (Hangzhou Hikvision Digital Tech.Co.,Ltd -> )
FirewallRules: [UDP Query User{59EF94A7-32A2-4978-B687-6839EA6551B3}C:\program files (x86)\ivms-4200 site\ivms-4200 client\client\ivms-4200.video.c\ivms-4200.video.c.exe] => (Allow) C:\program files (x86)\ivms-4200 site\ivms-4200 client\client\ivms-4200.video.c\ivms-4200.video.c.exe (Hangzhou Hikvision Digital Tech.Co.,Ltd -> )
FirewallRules: [TCP Query User{EDA9DB04-9265-4FA3-AA72-823D7E38D9C0}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{C4C2C5A8-D27F-4870-A615-422232CEC3BF}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{F7BDD6D8-2305-4203-BF54-7FB4D7797380}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0A49564D-8CCE-46BE-A9DE-1B7C8BD64C56}] => (Allow) C:\Tower Of Fantasy\Launcher\intl_service\intl_service.exe (PROXIMA BETA PTE. LIMITED -> PROXIMA BETA PTE. LIMITED)
FirewallRules: [{18fd5e10-1219-48da-977a-d98053a96d23}] => (Allow) C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation)
FirewallRules: [TCP Query User{0FBC456D-ACE2-47E7-8B17-66615804B811}D:\overwatch\_retail_\overwatch.exe] => (Allow) D:\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{488C976C-49FD-441B-9816-957E7131081F}D:\overwatch\_retail_\overwatch.exe] => (Allow) D:\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{FF6F6164-A58A-4918-BF48-D7161BEAE1A3}] => (Allow) C:\Users\Acosta\AppData\Local\NikkeMiniloader\NikkeMiniloader.exe (PROXIMA BETA PTE. LIMITED -> )
FirewallRules: [{4FDCD4C0-B9CE-4022-8203-CCF2F93D7C7D}] => (Allow) C:\Users\Acosta\AppData\Local\NikkeMiniloader\NikkeMiniloader.exe (PROXIMA BETA PTE. LIMITED -> )
FirewallRules: [{6D0B6AFD-E9D6-4C7A-A8F4-4F6A0D4BF33F}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Archivo no firmado]
FirewallRules: [{E509DAA2-1E5E-4C22-B80E-898384E94680}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Archivo no firmado]
FirewallRules: [{A7377D36-FFC6-4189-9FF8-0D1C995159AF}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{35DCDBEA-4A19-40D4-8289-797168360787}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{8AE27558-D82D-48FA-B070-6E0D68517E92}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{0A07A74B-CE25-420C-87E7-FA7F98CF3024}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{AA721801-569C-4356-B65C-649EA996170A}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{38C94179-9B07-4194-978B-44210EF6DA08}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{4D8D5384-9AEB-4864-B93D-AC5D8668A6B0}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{FDDF0A3D-60ED-4875-97BB-9E5A3EAA25BE}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games)
FirewallRules: [UDP Query User{69CCAF98-EE64-40FD-9C8E-93FFF4EE4754}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games)
FirewallRules: [{118031F2-CBB7-4C27-9534-BCE2706B17AB}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Archivo no firmado]
FirewallRules: [{66AA405D-CD3C-4234-93D8-DC9A20BFDE02}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Archivo no firmado]
FirewallRules: [{662c6e16-860f-4866-82c4-28c5799288ed}] => (Allow) C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation)
FirewallRules: [TCP Query User{4F6D141B-937F-4152-A4FE-232951AE88D1}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{DEDCB229-FDE3-4A4B-93C4-BA4720787FBB}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{8D7A5ADC-D7E1-485D-BFC9-F070C0FB2C19}D:\dead cells\deadcells.exe] => (Allow) D:\dead cells\deadcells.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{8B3E9A53-FED2-4E8E-8D6E-09BF4A8C3F9F}D:\dead cells\deadcells.exe] => (Allow) D:\dead cells\deadcells.exe () [Archivo no firmado]
FirewallRules: [{9825F045-DF7A-4182-8FA1-C3D0871DEC72}] => (Allow) C:\Users\Acosta\AppData\Local\Programs\Opera GX\96.0.4693.117\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{831D271C-FC89-4489-A3C7-15B2AF634DEC}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\111.0.1661.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{50473DC7-8B19-4514-8400-3483810E7562}] => (Allow) D:\SteamLibrary\steamapps\common\KillingFloor\System\KillingFloor.exe () [Archivo no firmado]
FirewallRules: [{F37EA106-1C15-4AFD-A3DE-74C0C3831D49}] => (Allow) D:\SteamLibrary\steamapps\common\KillingFloor\System\KillingFloor.exe () [Archivo no firmado]
FirewallRules: [{F8290B22-6895-4CBC-B65D-1BAD962CB049}] => (Allow) C:\Users\Acosta\AppData\Local\Programs\Opera GX\96.0.4693.127\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{E01A2912-10AC-4F8A-B4A8-A37534A0E237}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{E94571A3-2B75-4B89-AA9C-C4CCA2D4021B}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
==================== Puntos de Restauración =========================
30-03-2023 10:58:49 Radeon Installer
02-04-2023 18:17:18 Se ha instalado DirectX
02-04-2023 18:49:12 Instalador de Módulos de Windows
02-04-2023 18:50:01 Instalador de Módulos de Windows
04-04-2023 08:42:56 ZHPcleaner
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
==================== Errores del registro de eventos: ========================
Errores de aplicación:
==================
Error: (04/04/2023 08:05:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: wmiprvse.exe, versión: 10.0.19041.546, marca de tiempo: 0x5da7ab91
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0x80131623
Desplazamiento de errores: 0x00007fff74cd200f
Identificador del proceso con errores: 0x265c
Hora de inicio de la aplicación con errores: 0x01d966f62076a9b1
Ruta de acceso de la aplicación con errores: C:\Windows\system32\wbem\wmiprvse.exe
Ruta de acceso del módulo con errores: unknown
Identificador del informe: af072e17-a5e0-4096-b822-3cd1acf6f7c5
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (04/04/2023 08:05:28 AM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application: wmiprvse.exe
Framework Version: v4.0.30319
Description: The application requested process termination through System.Environment.FailFast(string message).
Message: El proveedor ha iniciado una excepción inesperada:
System.IO.FileLoadException:
File name: 'Microsoft.AppV.AppvClientComConsumer, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'
at Microsoft.AppV.AppvPublishingServerWMI.AppvPublishingServer.EnumeratePublishingServers()
Stack:
at System.Environment.FailFast(System.String)
at WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink)
Error: (04/04/2023 08:05:27 AM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (04/04/2023 08:05:27 AM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
Error: (04/04/2023 08:05:27 AM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003
Error: (04/04/2023 07:54:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: bad_module_info, versión: 0.0.0.0, marca de tiempo: 0x00000000
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00007ffff2f93526
Identificador del proceso con errores: 0x2528
Hora de inicio de la aplicación con errores: 0x01d966f3bff1415d
Ruta de acceso de la aplicación con errores: bad_module_info
Ruta de acceso del módulo con errores: unknown
Identificador del informe: c671c33d-a712-4404-b232-373b5b3bc8a0
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (04/04/2023 06:55:55 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Error en la inicialización de la inscripción de certificados de SCEP para WORKGROUP\DESKTOP-3U2CKDG$ a través de https://AMD-KeyId-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Tue, 04 Apr 2023 11:55:57 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 2649eda3-2bb7-4a5c-91fa-68759c0c96c5
Método: GET(625ms)
Fase: GetCACaps
No encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (04/03/2023 11:24:37 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Error en la inicialización de la inscripción de certificados de SCEP para WORKGROUP\DESKTOP-3U2CKDG$ a través de https://AMD-KeyId-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Tue, 04 Apr 2023 04:24:38 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 45d25382-d6ee-4ca0-9e1d-629a71714450
Método: GET(703ms)
Fase: GetCACaps
No encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Errores del sistema:
=============
Error: (04/04/2023 06:55:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio OCButtonService no pudo iniciarse debido al siguiente error:
El sistema no puede encontrar el archivo especificado.
Error: (04/03/2023 11:24:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio OCButtonService no pudo iniciarse debido al siguiente error:
El sistema no puede encontrar el archivo especificado.
Error: (04/03/2023 11:20:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio OCButtonService no pudo iniciarse debido al siguiente error:
El sistema no puede encontrar el archivo especificado.
Error: (04/03/2023 11:19:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio OCButtonService no pudo iniciarse debido al siguiente error:
El sistema no puede encontrar el archivo especificado.
Error: (04/03/2023 11:09:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio OCButtonService no pudo iniciarse debido al siguiente error:
El sistema no puede encontrar el archivo especificado.
Error: (04/03/2023 11:00:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio AMDRyzenMasterDriverV20 no pudo iniciarse debido al siguiente error:
El sistema no puede encontrar el archivo especificado.
Error: (04/03/2023 11:00:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio OCButtonService no pudo iniciarse debido al siguiente error:
El sistema no puede encontrar el archivo especificado.
Error: (04/03/2023 10:59:37 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-3U2CKDG)
Description: Error de DCOM "1084" al intentar iniciar el servicio TokenBroker con argumentos "No disponible" para ejecutar el servidor:
Windows.Internal.Security.Authentication.Web.TokenBrokerInternal
Windows Defender:
================
Date: 2022-11-10 23:33:59
Description:
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {A2C3FF88-FC29-4267-87FE-6C36E97A020C}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2022-11-10 23:07:00
Description:
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {78C1838E-2763-4925-BEC2-A925A63CB752}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2022-11-10 23:02:36
Description:
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {66F4A4AD-6FAC-4F0C-816C-8B9EA24A1108}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2023-04-04 09:31:20
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
==================== Información de la memoria ===========================
BIOS: American Megatrends International, LLC. F64a 02/09/2023
Placa base: Gigabyte Technology Co., Ltd. B450M DS3H-CF
Procesador: AMD Ryzen 5 5600G with Radeon Graphics
Porcentaje de memoria en uso: 57%
RAM física total: 12155.35 MB
RAM física disponible: 5186.29 MB
Virtual total: 18555.35 MB
Virtual disponible: 9977.44 MB
==================== Unidades ================================
Drive c: () (Fixed) (Total:483.47 GB) (Free:221.35 GB) (Model: WDC WDS960G2G0C-00AJM0) NTFS
Drive d: (Nuevo vol) (Fixed) (Total:410.16 GB) (Free:235.48 GB) (Model: WDC WDS960G2G0C-00AJM0) NTFS
\\?\Volume{950b20cd-4c5a-4a62-84e6-fd9dc6398eb8}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{8c174cf9-6a6f-4ebd-99a7-83206b2a4192}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Tabla de particiones ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 894.3 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Final de Addition.txt =======================
respondiento a la segunda pregunta: habia descargado hace mas de una año un programa porque queria un juego y me entro un troyano, lo lleve a un tecnico pero cuento me lo devolvieron parecia todo bien pero me comenzo a llegar correos que tenian mis datos y que los ivan a filtrar si no cumplia sus peticiones
Edit: ya leí las normas de la pagina y las politicas
@Itenshi23 no haga caso usted a esos correos son estafas para que usted acceda a los dichos correos que usted me comenta y le roben toda su información incluso le puedan robar sus datos bancarios.
Por lo tanto @Itenshi23 no acceda usted a los dichos correos que usted me comenta y no haga caso de esos correos y no proporcione usted ningún tipo de información que se le soliciten en los dichos correos que usted me comenta.
Con respecto al Informe y/o Reporte que usted me ha mandado déjeme usted un poco de tiempo para poder analizarlo correctamente el dicho Informe y/o Reporte que usted me ha enviado para poder realizarle el Script de Reparación.
En cuanto tenga realizado el Script de Reparación se lo mando a usted a este tema.
Salu2
disuclpeme que no a halla dicho esto que como 2 o 3 meses de que me lo trajieran y cambiase las contraseñas todos mis correos, en un correo me aparecio una imagen de mi pc antigua porque mi barra de marcadores era uno que tenia y me puso las contraseñas antiguas que tenia de mis cuentas pero la ignore porque como vi que eran las antiguas no le tome atencion (lo llleve al tecnico a los 3 dias de que descargue el programa), esos correos no ya no estan cuando me mandaron el mensaje nuevo en unas de mis cuentas
@Itenshi23 no abra usted el dicho correo nuevo que le han mandado en una de sus cuentas, haga usted caso omiso, es decir, no haga caso usted del dicho correo que le han enviado nuevo a una de sus cuentas y no proporcione usted ningún tipo de información en el dicho correo nuevo que usted me comenta que le han mandado a una de sus cuentas ya que si usted proporciona al dicho correo nuevo que le han enviado algún tipo de información estará usted proporcionando toda esa información a una servidor externo que a su vez puede tener acceso a alguna persona externa robándole así todos los datos que usted proporcione al dicho correo nuevo que le han enviado será victima usted de un robo de sus datos personales incluso bancarios por lo tanto usted no proporcione ningún tipo de información que le puedan solicitar en el dicho correo nuevo que le hayan mandado a alguna de sus cuentas.
En cuanto tenga listo el Script de Reparación se lo envío a usted a este tema.
Salu2
Hola, buenas @Itenshi23
Ahora debes de hacer una COPIA DE SEGURIDAD DEL REGISTRO, para ello:
Reinicias el ordenador en Modo Normal.
Descargas DelFix en tu escritorio.
Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)
Marcas solamente la casilla de Create registry backup, el resto te aseguras de que no estén seleccionadas.
Presionas en Run.
Se abrirá el informe (DelFix.txt), puedes cerrarlo. Pero lo guardas por si en el futuro te lo pido/hace falta.
Seguidamente, CIERRAS TODOS LOS PROGRAMAS, vas a Inicio >> Ejecutar y escribes Notepad.exe
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe --checkInstall (Ningún archivo)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restricción <==== ATENCIÓN
HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\Run: [AMDNoiseSuppression] => "C:\Windows\system32\AMD\ANR\AMDNoiseSuppression.exe" (Ningún archivo)
Task: {45ECD4EA-FC22-4892-A754-C90C77E4AC2A} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s (Ningún archivo)
2023-04-03 23:21 - 2023-04-03 23:21 - 000000000 ____D C:\Users\Acosta\AppData\LocalLow\AMD
AlternateDataStreams: C:\Windows\tracing:? [16]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk:1FA7E99ECA [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firestorm Launcher.lnk:7B66F3DBEE [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk:5465085A2F [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [3442]
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
ENDLo guardas con el nombre de FIXLIST.TXT en tu escritorio (MUY IMPORTANTE). Pues en caso contrario no funcionará el SCRIPT, ambos ficheros (FRST.exe y FIXLIST.TXT ) y deben de estar en la ubicación del ESCRITORIO.
En la parte de Codificación elija Unicode o UTF8 según le de la opción.
El anterior Script de reparación es personalizado para la máquina en concreto para la cual se fabricó y está hecho específicamente por un miembro del Staff. Si se tiene un problema parecido, por favor abra su propio tema para recibir ayuda personalizada y específica. Utilizar Scripts de otros Sistemas puede causar daños graves en su ordenador.
Finalmente (OJO, en MODO NORMAL):
Ejecutas nuevamente FRST.exe (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador).
Presionas sobre Fix/Corregir y esperas a que finalice el proceso. No hagas nada con el PC mientras este realizando dichas reparaciones, incluso si parece ser que se ha quedado colgado. No lo toques y esperas.
Cunado finalice, en el ESCRITORIO se creará el fichero FIXLOG.TXT lo traes en tu próxima respuesta. Aparte, comentas como ha ido lo de la extensión.
Reinicias el ordenador en Modo Normal compruebas durante un rato el funcionamiento de este y comentas como sigue el problema inicialmente planteado.
Muy Importante Coloca el reporte que te he pedido como se muestra en la siguiente imagen:
Salu2.
FIXLOG:
Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 04-04-2023
Ejecutado por Acosta (04-04-2023 13:01:56) Run:1
Ejecutado desde C:\Users\Acosta\Desktop
Perfiles cargados: Acosta
Modo de Inicio: Normal
==============================================
fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe --checkInstall (Ningún archivo)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restricción <==== ATENCIÓN
HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\Run: [AMDNoiseSuppression] => "C:\Windows\system32\AMD\ANR\AMDNoiseSuppression.exe" (Ningún archivo)
Task: {45ECD4EA-FC22-4892-A754-C90C77E4AC2A} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s (Ningún archivo)
2023-04-03 23:21 - 2023-04-03 23:21 - 000000000 ____D C:\Users\Acosta\AppData\LocalLow\AMD
AlternateDataStreams: C:\Windows\tracing:? [16]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk:1FA7E99ECA [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firestorm Launcher.lnk:7B66F3DBEE [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk:5465085A2F [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [3442]
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************
El punto de restauración fue creado correctamente.
Procesos cerrados correctamente.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Discord" => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => valor restaurado correctamente
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => valor restaurado correctamente
"HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AMDNoiseSuppression" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{45ECD4EA-FC22-4892-A754-C90C77E4AC2A}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45ECD4EA-FC22-4892-A754-C90C77E4AC2A}" => eliminado correctamente
C:\Windows\System32\Tasks\MSIAfterburner => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MSIAfterburner" => eliminado correctamente
C:\Users\Acosta\AppData\LocalLow\AMD => movido correctamente
C:\Windows\tracing => ":?" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini => ":B1DA6C571C" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk => ":A1B76439FE" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk => ":1FA7E99ECA" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk => ":BE32D07BC5" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk => ":B96E9B8455" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firestorm Launcher.lnk => ":7B66F3DBEE" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk => ":60EC9648C0" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk => ":5465085A2F" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk => ":F20EF51E1F" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk => ":1DC1525F34" ADS eliminado correctamente
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= Final de CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
Adaptador de Ethernet Ethernet:
Sufijo DNS espec¡fico para la conexi¢n. . : hitronhub.home
V¡nculo: direcci¢n IPv6 local. . . : fe80::6ad5:ec02:bc32:8ff0%2
Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.12
M scara de subred . . . . . . . . . . . . : 255.255.255.0
Puerta de enlace predeterminada . . . . . : 192.168.1.1
Adaptador de t£nel Teredo Tunneling Pseudo-Interface:
Sufijo DNS espec¡fico para la conexi¢n. . :
Direcci¢n IPv6 . . . . . . . . . . : 2001:0:2877:7aa:3cf5:7920:4abd:31e1
V¡nculo: direcci¢n IPv6 local. . . : fe80::3cf5:7920:4abd:31e1%10
Puerta de enlace predeterminada . . . . . : ::
========= Final de CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.
Unable to cancel {30DBC4CF-2FFB-4B7F-82C2-FFA3818BCD5C}.
{AF0EBD83-F891-47AC-9723-79837A659374} canceled.
1 out of 2 jobs canceled.
========= Final de CMD: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= Final de CMD: =========
========= netsh advfirewall reset =========
Aceptar
========= Final de CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Aceptar
========= Final de CMD: =========
========= netsh int ipv4 reset =========
Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= Final de CMD: =========
========= netsh int ipv6 reset =========
Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= Final de CMD: =========
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
========= Final de RemoveProxy: =========
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.
=========== EmptyTemp: ==========
FlushDNS => completado
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 101386042 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 1415677056 B
Windows/system/drivers => 3871486 B
Edge => 0 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 187946 B
NetworkService => 187946 B
Acosta => 1009067059 B
RecycleBin => 0 B
EmptyTemp: => 2.4 GB datos temporales eliminados.
================================
El sistema necesita reiniciarse.
==== Final de Fixlog 13:02:14 ====
Buenas @Itenshi23 ahora reinicie usted su ordenador para que los cambios surjan efecto!
Cuando haya reiniciado su ordenador me lo comunica usted por aquí!
Quedo a la espera de su respuesta!
Listo ya reinicie mi PC
Ahora, realice usted los siguientes pasos:
EN BUSCA / ELIMINACIÓN DE MALWARE
Desactivas tu antivirus 
Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.
LO DESCARGAS EN TU ESCRITORIO MUY IMPORTANTE (y no en otro sitio).
Descargas Farbar Recovery Scan Tool MUY IMPORTANTE >> seleccionas la versión adecuada para la arquitectura correspondiente de tu Ordenador (32 o 64bits). ¿Cómo saber si mi Windows es de 32 o 64 bits.?
Farbar Recovery Scan Tool
Ejecutas el FRST.exe (Si utilizas Windows Vista/7/8 o 10, presionas click derecho y seleccionas Ejecutar como Administrador).
Aparecerá una ventana con un mensaje de Disclaimer/Responsabilidad, presionas sobre Si o Yes.
En la ventana principal del programa presionas sobre Analizar/Scan y esperas a que finalice el análisis.
Aparecerán dos logs/reportes que serán: Frst.txt y Addition.txt, estos quedarán guardados en el escritorio.
Activas de nuevo tu antivirus y cualquier programa de seguridad que tengas activado. También conectas nuevamente tu equipo a Internet.
PRÓXIMA RESPUESTA
Pegas los reportes de FRST.txt y Addition.txt. Debes de poner ambos reportes todos enteros con absolutamente todo su contenido. Deberás de realizar varios mensajes si recibes un mensaje de error/advertencia indicando que es muy largo dicho reporte que formará el mensaje (más de 50.000 carácteres aprox.).
NOTA IMPORTANTE
Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:
- No realices pasos/acciones que NOSOTROS no te hayamos indicado.
- No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
- No instales NADA (programas/software/complementos/extensiones del navegador…).
- No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
- No realices por tu cuenta otros procedimientos.
- Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.
Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:
Quedo a la espera de su respuesta!
FRST
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 04-04-2023
Ejecutado por Acosta (administrador) sobre DESKTOP-3U2CKDG (Gigabyte Technology Co., Ltd. B450M DS3H) (04-04-2023 13:29:58)
Ejecutado desde C:\Users\Acosta\Desktop
Perfiles cargados: Acosta
Plataforma: Microsoft Windows 10 Pro Versión 22H2 19045.2788 (X64) Idioma: Español (México)
Navegador predeterminado: Opera
Modo de Inicio: Normal
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(cmd.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(DriverStore\FileRepository\u0390115.inf_amd64_994a5edc14fb71f6\B389920\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0390115.inf_amd64_994a5edc14fb71f6\B389920\atieclxx.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(services.exe ->) () [Archivo no firmado] C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0390115.inf_amd64_994a5edc14fb71f6\B389920\atiesrxx.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Windows\System32\GigabyteUpdateService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ee6fe91a35eb809c\RtkAudUService64.exe <2>
(svchost.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [194704 2023-01-16] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ee6fe91a35eb809c\RtkAudUService64.exe [3450728 2022-02-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3088752 2023-03-10] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4362600 2023-03-24] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\Acosta\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\Run: [MicrosoftEdgeAutoLaunch_201A338FFE00E5AA3CFFD34B8D6358CA] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4056016 2023-03-29] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\Acosta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeepL auto-start.lnk [2023-03-21]
ShortcutTarget: DeepL auto-start.lnk -> C:\Users\Acosta\AppData\Roaming\0install.net\desktop-integration\stubs\1eae01f3cdb5ff0ecf683b15a60a1489573c1188cb34abc205fcf7a924b4e54d\auto-start.exe () [Archivo no firmado]
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {114CA16D-A63E-4A41-8C5D-07BC076057D0} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-03-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {1A62EBC0-AEAC-4C75-A62F-EDC00A8D13AD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8304592 2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {1FD64832-CE78-4ACB-B703-50E334B11126} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [291768 2023-03-27] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {3F9BB779-248E-4DCB-BE42-1EBF24542C34} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {66BCCAA4-5FD7-4611-83B0-62EAD7B79ED8} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [67472 2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {68919F54-C6E0-4167-B1E2-180848AE84DC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23244744 2022-05-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {90CCBC29-9FC6-482E-AA4D-3B7E800CA7F3} - System32\Tasks\Remove AdwCleaner Application => CMD.EXE /C DEL /F /Q "C:\Users\Acosta\Downloads\adwcleaner.exe"
Task: {A2452F86-E92F-46A5-9A34-E81D228A545B} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1653999056 => C:\Users\Acosta\AppData\Local\Programs\Opera GX\launcher.exe [2637208 2023-03-28] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Acosta\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {AFFA49C9-0471-4589-848A-1714D550A5FA} - System32\Tasks\Opera GX scheduled Autoupdate 1653180064 => C:\Users\Acosta\AppData\Local\Programs\Opera GX\launcher.exe [2637208 2023-03-28] (Opera Norway AS -> Opera Software)
Task: {B166D992-F874-48DB-AE17-FA7CB3688B6D} - System32\Tasks\Uninstall AdwCleaner Application => C:\Users\Acosta\Downloads\adwcleaner.exe [8791352 2023-04-04] (Malwarebytes Inc. -> Malwarebytes)
Task: {BA2E06B0-E493-4AB2-8B76-C84C7AD4ABB4} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [183736 2023-03-27] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {C20A5239-198A-424A-9812-731330804531} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [59832 2023-03-27] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {C67948E8-3115-4481-9045-A0536534264B} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-03-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {D1DC3AFD-DC1A-41DF-B09C-A0954DA04391} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144792 2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {D496C0FA-7378-4E86-9DAD-494F243AEB6F} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-03-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {D8F9D77B-FBC1-456F-AB48-F5F6A667491F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8304592 2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {DF447DD8-7515-417C-80BE-1BC4D19FF525} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23244744 2022-05-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {F3CDE4A1-E23F-4590-A14B-798280CF18C0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144792 2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Tcpip\Parameters: [DhcpNameServer] 200.48.225.146 200.48.225.130
Tcpip\..\Interfaces\{03354a15-186c-4d79-bf61-d1b62ffa21b8}: [DhcpNameServer] 200.48.225.146 200.48.225.130
Edge:
=======
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\Acosta\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2023-04-04]
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-05-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-05-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-03-20] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-2383643560-2673399571-3057379336-1001) Opera GXStable - "C:\Users\Acosta\AppData\Local\Programs\Opera GX\Launcher.exe"
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
S3 AntiCheatExpert Service; C:\Program Files\AntiCheatExpert\SGuard\x64\SGuardSvc64.exe [2696560 2023-02-15] (HIGH MORALE DEVELOPMENTS LIMITED -> )
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9712432 2022-11-09] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11988424 2022-05-20] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1136040 2022-11-27] (EasyAntiCheat Oy -> Epic Games, Inc)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3549872 2023-01-16] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3549872 2023-01-16] (ESET, spol. s r.o. -> ESET)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-12-09] (Epic Games Inc. -> Epic Games, Inc.)
R2 MyService1; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [18944 2021-04-08] () [Archivo no firmado]
S4 Parsec; C:\Program Files\Parsec\pservice.exe [424584 2022-10-17] (Parsec Cloud, Inc. -> Parsec)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [285088 2023-04-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [11060856 2023-03-10] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2210.6-0\NisSrv.exe [3191272 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2210.6-0\MsMpEng.exe [133544 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 GigabyteUpdateService; C:\Windows\system32\GigabyteUpdateService.exe [861328 2023-04-04] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S2 OCButtonService; "C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\OcButtonService.exe" [X]
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S3 ACE-BASE; C:\Windows\system32\drivers\ACE-BASE.sys [1660968 2023-03-27] (HIGH MORALE DEVELOPMENTS LIMITED -> ANTICHEATEXPERT.COM)
R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [36248 2022-10-14] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [36928 2022-09-16] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R2 AMDRyzenMasterDriverV20; C:\Windows\system32\AMDRyzenMasterDriver.sys [48328 2023-03-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_1a1a381a2c0e293c\amdsafd.sys [113056 2022-08-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0390115.inf_amd64_994a5edc14fb71f6\B389920\amdkmdag.sys [100244912 2023-03-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [59920 2022-05-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [198416 2023-01-16] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [119904 2023-01-16] (ESET, spol. s r.o. -> ESET)
S4 edevmonm; C:\Windows\System32\DRIVERS\edevmonm.sys [120928 2023-01-16] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [16336 2022-08-23] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [237208 2023-01-16] (ESET, spol. s r.o. -> ESET)
S4 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [55392 2023-01-16] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [81696 2023-01-16] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [122504 2023-01-16] (ESET, spol. s r.o. -> ESET)
S3 gdrv3; C:\Windows\System32\drivers\gdrv3.sys [45248 2023-04-03] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 HoYoProtect; C:\Windows\system32\HoYoKProtect.sys [3669520 2023-02-21] (Microsoft Windows Hardware Compatibility Publisher -> miHoYo)
S3 ksophon_x64; C:\Windows\system32\drivers\ksophon_x64.sys [9986168 2022-09-15] (PROXIMA BETA PTE. LIMITED -> PROXIMA BETE)
R2 Ld9BoxSup; C:\Program Files\ldplayer9box\Ld9BoxSup.sys [376144 2023-03-16] (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation)
R0 MsSecCore; C:\Windows\System32\drivers\msseccore.sys [26480 2023-04-02] (Microsoft Windows -> Microsoft Corporation)
S3 MsSecWfp; C:\Windows\System32\drivers\mssecwfp.sys [29568 2023-04-02] (Microsoft Windows -> Microsoft Corporation)
R2 NPF; C:\Program Files (x86)\iVMS-4200 Site\Drivers\npf64.sys [36600 2022-09-25] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 RvNetMP60; C:\Windows\System32\drivers\RvNetMP60.sys [69048 2021-12-20] (Famatech Corp. -> Famatech Corp.)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [22292248 2023-03-10] (Riot Games, Inc. -> Riot Games, Inc.)
R1 ViGEmBus; C:\Windows\System32\drivers\ViGEmBus.sys [165744 2022-03-14] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49616 2022-11-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [469288 2022-11-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-10] (Microsoft Windows -> Microsoft Corporation)
S3 R0HYDRA; \??\C:\Program Files (x86)\PROJECT HYDRA\HYDRA.sys [X]
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) (Lista blanca) =========
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2023-04-04 13:29 - 2023-04-04 13:30 - 000017832 _____ C:\Users\Acosta\Desktop\FRST.txt
2023-04-04 13:26 - 2023-04-04 13:26 - 002380288 _____ (Farbar) C:\Users\Acosta\Desktop\FRST64.exe
2023-04-04 13:25 - 2023-04-04 13:28 - 000000000 ____D C:\Users\Acosta\Desktop\Nueva carpeta
2023-04-04 12:55 - 2023-04-04 12:55 - 000000254 _____ C:\Users\Acosta\Downloads\DelFix.txt
2023-04-04 11:16 - 2023-04-04 11:17 - 000310656 _____ C:\TDSSKiller.3.1.0.28_04.04.2023_11.16.44_log.txt
2023-04-04 09:49 - 2023-04-04 12:54 - 000000254 _____ C:\DelFix.txt
2023-04-04 09:49 - 2023-04-04 09:49 - 000000000 ____D C:\Windows\ERUNT
2023-04-04 09:44 - 2023-04-04 09:44 - 000797760 _____ C:\Users\Acosta\Downloads\delfix_1.013.exe
2023-04-04 09:34 - 2023-04-04 13:30 - 000000000 ____D C:\FRST
2023-04-04 09:00 - 2023-04-04 09:00 - 000003308 _____ C:\Windows\system32\Tasks\Remove AdwCleaner Application
2023-04-04 09:00 - 2023-04-04 09:00 - 000003290 _____ C:\Windows\system32\Tasks\Uninstall AdwCleaner Application
2023-04-04 08:59 - 2023-04-04 08:59 - 008791352 _____ (Malwarebytes) C:\Users\Acosta\Downloads\adwcleaner.exe
2023-04-04 08:33 - 2023-04-04 08:57 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\ZHP
2023-04-04 08:33 - 2023-04-04 08:33 - 000000876 _____ C:\Users\Acosta\Desktop\ZHPCleaner.lnk
2023-04-04 08:33 - 2023-04-04 08:33 - 000000000 ____D C:\Users\Acosta\AppData\Local\ZHP
2023-04-04 08:32 - 2023-04-04 08:32 - 003306696 _____ (Nicolas Coolman) C:\Users\Acosta\Downloads\ZHPCleaner.exe
2023-04-04 08:24 - 2023-04-04 08:32 - 000310940 _____ C:\TDSSKiller.3.1.0.28_04.04.2023_08.24.51_log.txt
2023-04-04 08:24 - 2023-04-04 08:24 - 005054744 _____ (AO Kaspersky Lab) C:\Users\Acosta\Downloads\tdsskiller.exe
2023-04-03 23:12 - 2023-04-03 23:12 - 000000000 ____D C:\Users\Acosta\AppData\Local\AMD_Common
2023-04-03 23:11 - 2023-04-04 08:12 - 000000000 ____D C:\Users\Acosta\AppData\Local\D3DSCache
2023-04-03 23:09 - 2023-04-04 13:10 - 000003120 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2023-04-03 23:09 - 2023-04-03 23:12 - 000000000 ____D C:\ProgramData\AMD
2023-04-03 23:09 - 2023-04-03 23:09 - 000003484 _____ C:\Windows\system32\Tasks\ModifyLinkUpdate
2023-04-03 23:09 - 2023-04-03 23:09 - 000000000 ____D C:\Windows\system32\AMD
2023-04-03 23:09 - 2023-04-03 23:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2023-04-03 23:08 - 2023-04-03 23:08 - 000003152 _____ C:\Windows\system32\Tasks\StartCN
2023-04-03 23:08 - 2023-04-03 23:08 - 000003072 _____ C:\Windows\system32\Tasks\StartDVR
2023-04-03 23:08 - 2023-04-03 23:08 - 000002622 _____ C:\Windows\system32\Tasks\AMDRyzenMasterSDKTask
2023-04-03 23:08 - 2023-04-03 23:08 - 000000000 ____D C:\Users\Acosta\AppData\Local\AMDSoftwareInstaller
2023-04-03 23:08 - 2023-04-03 23:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ Adrenalin Edition
2023-04-03 23:08 - 2023-03-26 23:16 - 003033288 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\AMDBugReportTool.exe
2023-04-03 22:51 - 2023-04-03 22:52 - 000000000 ____D C:\Users\Acosta\Desktop\[Guru3D.com]-DDU
2023-04-03 22:47 - 2023-04-04 13:10 - 000089232 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Windows\system32\GigabyteDownloadAssistant.exe
2023-04-03 22:47 - 2023-04-03 22:47 - 000000000 ____D C:\ProgramData\GIGABYTE
2023-04-03 22:36 - 2023-04-04 13:10 - 000875536 _____ C:\Windows\system32\wpbbin.exe
2023-04-03 22:36 - 2023-04-04 13:10 - 000861328 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Windows\system32\GigabyteUpdateService.exe
2023-04-03 22:27 - 2023-04-03 22:27 - 000036352 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Windows\gdrv3.sys
2023-04-03 22:11 - 2023-04-03 22:11 - 000000000 ___HD C:\Program Files (x86)\Temp
2023-04-03 22:11 - 2023-04-03 22:11 - 000000000 ____D C:\Program Files (x86)\Realtek
2023-04-03 22:11 - 2022-02-21 01:33 - 001163096 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
2023-04-03 22:11 - 2021-05-16 20:50 - 002875968 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2023-04-03 21:58 - 2023-04-03 22:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gigabyte
2023-04-03 21:51 - 2023-04-03 22:00 - 000045248 ____N (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Windows\system32\Drivers\gdrv3.sys
2023-04-03 21:50 - 2023-04-03 22:27 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2023-04-03 21:50 - 2023-04-03 22:27 - 000000000 ____D C:\Program Files (x86)\Gigabyte
2023-04-03 16:50 - 2023-04-03 16:50 - 027958470 _____ C:\Users\Acosta\Downloads\9488 ZUN - ZUN Nonstop Medley.osz
2023-04-03 00:27 - 2023-04-03 00:27 - 000000000 ____D C:\Windows\system32\Drivers\mde
2023-04-02 22:07 - 2023-04-02 22:07 - 000000221 _____ C:\Users\Acosta\Desktop\Killing Floor Mod Defence Alliance 2.url
2023-04-02 22:07 - 2023-04-02 22:07 - 000000220 _____ C:\Users\Acosta\Desktop\Killing Floor.url
2023-04-02 18:49 - 2023-04-02 18:49 - 000000000 ___HD C:\$WinREAgent
2023-04-02 06:50 - 2023-04-02 06:51 - 000000000 ____D C:\Users\Acosta\Desktop\xd
2023-04-01 23:07 - 2023-04-01 23:07 - 001388622 _____ C:\Users\Acosta\Downloads\aris_cantando.wav
2023-04-01 22:58 - 2023-04-02 13:51 - 000007597 _____ C:\Users\Acosta\AppData\Local\Resmon.ResmonCfg
2023-04-01 19:40 - 2023-04-01 19:40 - 000000975 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2023-04-01 19:22 - 2023-04-01 19:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2023-04-01 19:22 - 2023-04-01 19:40 - 000000000 ____D C:\Program Files\CPUID
2023-04-01 19:22 - 2023-04-01 19:22 - 000000981 _____ C:\Users\Public\Desktop\CPUID CPU-Z Gigabyte.lnk
2023-04-01 16:26 - 2023-04-01 16:26 - 000000000 ____D C:\Users\Acosta\AppData\Local\Downloaded Installations
2023-04-01 15:15 - 2023-04-01 15:15 - 000000000 ___HD C:\Windows\msdownld.tmp
2023-04-01 15:15 - 2023-04-01 15:15 - 000000000 ____D C:\Windows\SysWOW64\directx
2023-03-31 12:22 - 2023-03-31 12:22 - 002185088 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2023-03-31 12:22 - 2023-03-31 12:22 - 002185088 _____ C:\Windows\system32\vulkaninfo.exe
2023-03-31 12:22 - 2023-03-31 12:22 - 001619376 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-03-31 12:22 - 2023-03-31 12:22 - 001619376 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2023-03-31 12:22 - 2023-03-31 12:22 - 001500360 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 001500360 _____ C:\Windows\system32\vulkan-1.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 001231512 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 001231512 _____ C:\Windows\SysWOW64\vulkan-1.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 000791472 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 000704904 _____ C:\Windows\system32\hiprt0200064.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 000668552 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 000596360 _____ C:\Windows\system32\GameManager64.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 000538032 _____ C:\Windows\system32\libsmi_guest.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 000532352 _____ C:\Windows\system32\dgtrayicon.exe
2023-03-31 12:22 - 2023-03-31 12:22 - 000531336 _____ C:\Windows\system32\libsmi_host.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 000492416 _____ C:\Windows\system32\EEURestart.exe
2023-03-31 12:22 - 2023-03-31 12:22 - 000449968 _____ C:\Windows\SysWOW64\GameManager32.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 000351104 _____ C:\Windows\system32\clinfo.exe
2023-03-31 12:22 - 2023-03-31 12:22 - 000196488 _____ C:\Windows\system32\mantle64.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 000176008 _____ C:\Windows\system32\mantleaxl64.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 000155936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 000153480 _____ C:\Windows\SysWOW64\mantle32.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 000137648 _____ C:\Windows\SysWOW64\mantleaxl32.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 000125704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 000041352 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2023-03-31 12:22 - 2023-03-31 12:22 - 000038320 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 100644744 _____ C:\Windows\system32\amd_comgr.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 084666240 _____ C:\Windows\SysWOW64\amd_comgr32.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 002018736 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 001701000 _____ (AMD) C:\Windows\system32\amf-mft-mjpeg-decoder64.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 001537968 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 001537968 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 001378312 _____ (AMD) C:\Windows\SysWOW64\amf-mft-mjpeg-decoder32.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000938416 _____ (AMD) C:\Windows\system32\atieclxx.exe
2023-03-31 12:21 - 2023-03-31 12:21 - 000525744 _____ C:\Windows\system32\atieah64.exe
2023-03-31 12:21 - 2023-03-31 12:21 - 000514480 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000463280 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000394672 _____ C:\Windows\SysWOW64\atieah32.exe
2023-03-31 12:21 - 2023-03-31 12:21 - 000379824 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000256392 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000216960 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000200416 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000186240 _____ (AMD) C:\Windows\system32\atimuixx.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000173952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000163312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000137096 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000134576 _____ C:\Windows\system32\atidxx64.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000132528 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000128384 _____ C:\Windows\system32\amdxc64.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000108464 _____ C:\Windows\SysWOW64\atidxx32.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000108464 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000103816 _____ C:\Windows\SysWOW64\amdxc32.dll
2023-03-31 12:21 - 2023-03-31 12:21 - 000064944 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ati2erec.dll
2023-03-31 12:20 - 2023-03-31 12:20 - 007190480 _____ C:\Windows\system32\amdsmi.exe
2023-03-31 12:20 - 2023-03-31 12:20 - 002257288 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdsasrv64.dll
2023-03-31 12:20 - 2023-03-31 12:20 - 001310600 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdsacli64.dll
2023-03-31 12:20 - 2023-03-31 12:20 - 001039280 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdsacli32.dll
2023-03-31 12:20 - 2023-03-31 12:20 - 000933296 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2023-03-31 12:20 - 2023-03-31 12:20 - 000761264 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2023-03-31 12:20 - 2023-03-31 12:20 - 000461232 _____ C:\Windows\system32\amdlogum.exe
2023-03-31 12:20 - 2023-03-31 12:20 - 000222064 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll
2023-03-31 12:20 - 2023-03-31 12:20 - 000177744 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll
2023-03-31 12:19 - 2023-03-31 12:19 - 016164784 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdhip64.dll
2023-03-31 12:19 - 2023-03-31 12:19 - 004354432 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdadlx64.dll
2023-03-31 12:19 - 2023-03-31 12:19 - 004160392 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdadlx32.dll
2023-03-31 12:19 - 2023-03-31 12:19 - 000558512 _____ C:\Windows\system32\amdgfxinfo64.dll
2023-03-31 12:19 - 2023-03-31 12:19 - 000553256 _____ C:\Windows\system32\amdmiracast.dll
2023-03-31 12:19 - 2023-03-31 12:19 - 000422320 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2023-03-31 12:19 - 2023-03-31 12:19 - 000155936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2023-03-31 12:19 - 2023-03-31 12:19 - 000125704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2023-03-31 12:18 - 2023-03-31 12:18 - 000165784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2023-03-31 12:18 - 2023-03-31 12:18 - 000140216 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2023-03-31 11:28 - 2023-03-31 11:28 - 094930880 _____ C:\Windows\system32\amdxc64.so
2023-03-31 11:28 - 2023-03-31 11:28 - 030284712 _____ C:\Windows\system32\hiprt02000_amd.hipfb
2023-03-31 11:28 - 2023-03-31 11:28 - 022879832 _____ C:\Windows\system32\hiprt02000_nv.fatbin
2023-03-31 11:28 - 2023-03-31 11:28 - 002170168 _____ C:\Windows\system32\oro_compiled_kernels.fatbin
2023-03-31 11:28 - 2023-03-31 11:28 - 001464232 _____ C:\Windows\system32\oro_compiled_kernels.hipfb
2023-03-31 11:28 - 2023-03-31 11:28 - 000154384 _____ C:\Windows\system32\samu_krnl_ci.sbin
2023-03-31 11:28 - 2023-03-31 11:28 - 000138832 _____ C:\Windows\system32\samu_krnl_isv_ci.sbin
2023-03-31 11:28 - 2023-03-31 11:28 - 000128048 _____ C:\Windows\system32\kapp_ci.sbin
2023-03-31 11:28 - 2023-03-31 11:28 - 000121168 _____ C:\Windows\system32\kapp_si.sbin
2023-03-30 10:58 - 2023-04-03 23:08 - 000000000 ____D C:\Program Files\AMD
2023-03-30 10:57 - 2023-04-03 23:07 - 000000000 ____D C:\AMD
2023-03-30 10:52 - 2023-04-03 22:59 - 001266998 _____ C:\Windows\ntbtlog.txt
2023-03-27 17:02 - 2023-03-27 17:02 - 000001828 _____ C:\Users\Acosta\Desktop\CrystalDiskInfo.lnk
2023-03-27 17:02 - 2023-03-27 17:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2023-03-27 17:02 - 2023-03-27 17:02 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2023-03-27 14:49 - 2023-03-27 14:49 - 000000348 _____ C:\Windows\Tasks\GlaryInitialize 5.job
2023-03-27 14:48 - 2023-03-27 14:48 - 000004964 _____ C:\Users\Acosta\Documents\cc_20230327_144813.reg
2023-03-27 14:46 - 2023-03-27 14:47 - 000300234 _____ C:\Users\Acosta\Documents\cc_20230327_144615.reg
2023-03-27 13:21 - 2023-03-27 13:21 - 000000000 ____D C:\Users\Acosta\Doctor Web
2023-03-27 12:04 - 2023-03-27 12:04 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\5E262A75.sys
2023-03-27 00:03 - 2023-03-27 00:03 - 000856504 _____ (Advanced Micro Devices) C:\Windows\system32\Device.dll
2023-03-27 00:03 - 2023-03-27 00:03 - 000061368 _____ (Advanced Micro Devices) C:\Windows\system32\Platform.dll
2023-03-26 23:31 - 2023-03-26 23:31 - 000048328 _____ (Advanced Micro Devices) C:\Windows\system32\AMDRyzenMasterDriver.sys
2023-03-26 12:40 - 2023-03-30 15:58 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\osu
2023-03-26 12:40 - 2023-03-26 12:52 - 000000000 ____D C:\Users\Acosta\AppData\Local\osulazer
2023-03-26 12:40 - 2023-03-26 12:40 - 000002284 _____ C:\Users\Acosta\Desktop\osu!(lazer).lnk
2023-03-25 13:10 - 2023-03-26 19:56 - 000000000 ____D C:\Users\Acosta\AppData\Local\GeometryDash
2023-03-20 10:10 - 2023-04-03 00:27 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\DeepL_SE
2023-03-20 10:10 - 2023-03-20 17:13 - 000003786 _____ C:\Users\Acosta\Desktop\DeepL.lnk
2023-03-20 10:10 - 2023-03-20 10:10 - 000002291 _____ C:\Users\Acosta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DeepL.lnk
2023-03-20 10:10 - 2023-03-20 10:10 - 000000000 ____D C:\Users\Acosta\AppData\Local\ToastNotificationManagerCompat
2023-03-20 10:09 - 2023-03-20 10:10 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\0install.net
2023-03-20 10:09 - 2023-03-20 10:10 - 000000000 ____D C:\Users\Acosta\AppData\Local\0install.net
2023-03-19 17:38 - 2023-03-19 17:38 - 000000665 _____ C:\Users\Public\Desktop\Dead Cells.lnk
2023-03-19 17:38 - 2023-03-19 17:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Cells
2023-03-16 00:52 - 2023-03-16 00:52 - 000000760 _____ C:\Users\Acosta\AppData\Roaming\Microsoft\Windows\Start Menu\LDMultiPlayer.lnk
2023-03-16 00:52 - 2023-03-16 00:52 - 000000714 _____ C:\Users\Acosta\Desktop\LDPlayer9.lnk
2023-03-16 00:52 - 2023-03-16 00:52 - 000000714 _____ C:\Users\Acosta\AppData\Roaming\Microsoft\Windows\Start Menu\LDPlayer9.lnk
2023-03-16 00:52 - 2023-03-16 00:52 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LDPlayer9
2023-03-16 00:52 - 2023-03-16 00:52 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LDMultiPlayer
2023-03-16 00:52 - 2023-03-16 00:52 - 000000000 ____D C:\Program Files\ldplayer9box
2023-03-10 17:10 - 2023-03-10 17:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2023-03-10 17:10 - 2023-03-10 17:10 - 000000000 ____D C:\Program Files\qBittorrent
2023-03-07 00:24 - 2023-03-07 00:24 - 000000000 ____D C:\Users\Public\Documents\Blackmagic Design
2023-03-07 00:24 - 2023-03-07 00:24 - 000000000 ____D C:\Users\Acosta\Documents\Blackmagic Design
2023-03-07 00:23 - 2023-03-07 00:23 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\Blackmagic Design
2023-03-07 00:18 - 2023-03-24 13:03 - 000001998 _____ C:\Users\Acosta\Desktop\DaVinci Resolve.lnk
2023-03-07 00:18 - 2023-03-07 00:18 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2023-03-07 00:18 - 2023-03-07 00:18 - 000000000 ____D C:\ProgramData\Blackmagic Design
2023-03-07 00:18 - 2023-03-07 00:18 - 000000000 ____D C:\Program Files\Blackmagic Design
2023-03-07 00:17 - 2023-03-07 00:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2023-03-07 00:17 - 2023-03-07 00:17 - 000000000 ____D C:\Program Files (x86)\Blackmagic Design
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2023-04-04 13:25 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-04-04 13:17 - 2022-05-20 23:16 - 001677940 _____ C:\Windows\system32\PerfStringBackup.INI
2023-04-04 13:17 - 2019-12-07 10:02 - 000746864 _____ C:\Windows\system32\perfh00A.dat
2023-04-04 13:17 - 2019-12-07 10:02 - 000144722 _____ C:\Windows\system32\perfc00A.dat
2023-04-04 13:17 - 2019-12-07 04:13 - 000000000 ____D C:\Windows\INF
2023-04-04 13:13 - 2023-01-05 16:41 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2023-04-04 13:10 - 2023-02-22 12:12 - 000003112 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2023-04-04 13:10 - 2022-05-20 23:07 - 000008192 ___SH C:\DumpStack.log.tmp
2023-04-04 13:10 - 2022-05-20 23:07 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-04-04 13:10 - 2019-12-07 04:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-04-04 12:47 - 2022-11-10 22:29 - 000000000 ____D C:\Users\Acosta\.Ld9VirtualBox
2023-04-04 08:43 - 2022-05-21 20:58 - 000000000 ____D C:\ProgramData\SquirrelMachineInstalls
2023-04-04 08:33 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\NDF
2023-04-04 07:55 - 2022-08-09 10:28 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\tof_launcher
2023-04-04 07:55 - 2022-06-11 00:24 - 000000000 ____D C:\Users\Acosta\AppData\Local\CrashDumps
2023-04-04 07:36 - 2022-05-20 23:07 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-04-03 23:45 - 2022-11-02 23:31 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\discord
2023-04-03 23:37 - 2023-02-22 12:18 - 000000000 ____D C:\Users\Acosta\AppData\Local\AMD
2023-04-03 23:24 - 2022-11-02 23:31 - 000000000 ____D C:\Users\Acosta\AppData\Local\Discord
2023-04-03 22:59 - 2022-06-14 19:21 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2023-04-03 22:12 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-04-03 22:12 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\AppReadiness
2023-04-03 18:40 - 2023-02-18 18:01 - 000000685 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firestorm Launcher.lnk
2023-04-03 18:40 - 2023-01-05 15:26 - 000000000 ____D C:\ProgramData\Riot Games
2023-04-03 18:40 - 2022-06-13 13:09 - 000002470 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2023-04-03 18:40 - 2022-06-13 13:09 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2023-04-03 18:40 - 2022-06-13 13:09 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2023-04-03 18:40 - 2022-05-24 22:30 - 000001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2023-04-03 18:40 - 2022-05-20 23:21 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2023-04-03 06:28 - 2022-05-21 19:41 - 000004238 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1653180064
2023-04-03 06:28 - 2022-05-21 19:41 - 000001441 _____ C:\Users\Acosta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera GX.lnk
2023-04-03 00:27 - 2022-05-20 23:07 - 000440584 _____ C:\Windows\system32\FNTCACHE.DAT
2023-04-03 00:27 - 2019-12-07 10:05 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-04-03 00:27 - 2019-12-07 04:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-04-03 00:27 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-04-03 00:27 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-04-03 00:27 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SystemResources
2023-04-03 00:27 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-04-03 00:27 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\oobe
2023-04-03 00:27 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\es-MX
2023-04-03 00:27 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\Dism
2023-04-03 00:27 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\DDFs
2023-04-03 00:27 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-04-03 00:27 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\bcastdvr
2023-04-03 00:26 - 2022-05-21 21:04 - 000000000 ____D C:\Program Files (x86)\Steam
2023-04-02 22:07 - 2022-06-15 12:39 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-04-02 18:54 - 2019-12-07 04:03 - 000000000 ____D C:\Windows\CbsTemp
2023-04-02 18:52 - 2022-05-20 23:09 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-04-02 13:42 - 2022-05-20 23:10 - 000000000 ____D C:\Users\Acosta
2023-04-02 08:40 - 2022-11-25 23:11 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\obs-studio
2023-04-01 22:07 - 2022-06-06 19:48 - 000000000 ____D C:\Users\Acosta\AppData\Local\osu!
2023-04-01 09:58 - 2022-05-20 23:07 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-04-01 00:46 - 2022-10-11 22:04 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-04-01 00:45 - 2022-05-22 13:41 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\qBittorrent
2023-03-31 14:01 - 2022-05-20 23:19 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-03-30 22:04 - 2022-06-13 13:09 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2023-03-30 08:27 - 2022-08-09 10:35 - 000000000 ____D C:\Users\Acosta\AppData\Local\Hotta
2023-03-27 17:14 - 2022-05-25 10:10 - 000000000 ____D C:\Users\Acosta\AppData\Local\ESET
2023-03-27 14:44 - 2023-02-15 01:57 - 000000000 ____D C:\Windows\Minidump
2023-03-27 14:44 - 2022-05-21 00:06 - 000000000 ____D C:\Windows\Panther
2023-03-27 14:11 - 2019-12-07 04:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-03-27 00:42 - 2023-02-15 01:57 - 000000000 ____D C:\ProgramData\AntiCheatExpert
2023-03-27 00:42 - 2023-02-15 01:56 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\nikke_launcher
2023-03-27 00:05 - 2023-02-15 01:57 - 001660968 _____ (ANTICHEATEXPERT.COM) C:\Windows\system32\Drivers\ACE-BASE.sys
2023-03-26 12:52 - 2022-10-17 20:57 - 000000000 ____D C:\Users\Acosta\AppData\Local\SquirrelClowdTemp
2023-03-26 12:40 - 2022-10-17 20:57 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ppy Pty Ltd
2023-03-21 21:53 - 2022-05-20 23:07 - 000003636 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-21 21:53 - 2022-05-20 23:07 - 000003512 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-20 10:10 - 2022-10-17 20:57 - 000000000 ____D C:\Users\Acosta\AppData\Local\Sentry
2023-03-19 19:53 - 2023-02-16 19:53 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\Goldberg SteamEmu Saves
2023-03-16 00:54 - 2022-12-07 13:42 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\XuanZhi9
2023-03-15 12:42 - 2019-12-07 10:02 - 000000000 ____D C:\Windows\system32\Drivers\es-MX
2023-03-15 12:37 - 2022-05-20 23:22 - 000000000 ____D C:\Windows\system32\MRT
2023-03-15 12:36 - 2022-05-20 23:22 - 153620824 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-03-08 15:56 - 2022-09-24 01:47 - 000000000 ____D C:\Users\Acosta\AppData\Local\Battle.net
2023-03-07 00:18 - 2022-05-22 15:56 - 000000000 ____D C:\ProgramData\Package Cache
2023-03-05 20:11 - 2022-10-09 20:00 - 000000000 ____D C:\Program Files (x86)\Battle.net
2023-03-05 00:08 - 2023-03-04 23:35 - 000000000 ____D C:\Users\Acosta\AppData\Roaming\Path of Exile
==================== Archivos en la raíz de algunos directorios ========
2022-12-07 13:44 - 2022-12-07 13:44 - 000000064 _____ () C:\Users\Acosta\AppData\Roaming\changzhi_leidian.data
2022-12-07 13:44 - 2022-12-07 13:44 - 000000064 _____ () C:\Users\Acosta\AppData\Roaming\changzhi_mplayer.data
2023-02-15 01:55 - 2023-02-15 01:55 - 000000992 _____ () C:\Users\Acosta\AppData\Roaming\nikke_launcher.reg
2022-11-25 23:31 - 2022-11-25 23:31 - 000000015 _____ () C:\Users\Acosta\AppData\Roaming\obs-virtualcam.txt
2022-08-09 10:28 - 2022-08-09 11:44 - 000001004 _____ () C:\Users\Acosta\AppData\Roaming\tof_launcher.reg
2022-06-09 12:49 - 2022-06-09 13:14 - 000003584 _____ () C:\Users\Acosta\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2023-04-01 22:58 - 2023-04-02 13:51 - 000007597 _____ () C:\Users\Acosta\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
==================== Final de FRST.txt ========================
Addition
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 04-04-2023
Ejecutado por Acosta (04-04-2023 13:30:28)
Ejecutado desde C:\Users\Acosta\Desktop
Microsoft Windows 10 Pro Versión 22H2 19045.2788 (X64) (2022-05-21 04:08:22)
Modo de Inicio: Normal
==========================================================
==================== Cuentas: =============================
(Si una entrada es incluida en el fixlist, será eliminada.)
Acosta (S-1-5-21-2383643560-2673399571-3057379336-1001 - Administrator - Enabled) => C:\Users\Acosta
Administrador (S-1-5-21-2383643560-2673399571-3057379336-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2383643560-2673399571-3057379336-503 - Limited - Disabled)
Invitado (S-1-5-21-2383643560-2673399571-3057379336-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2383643560-2673399571-3057379336-504 - Limited - Disabled)
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AV: ESET Security (Disabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Cortafuegos (Disabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
@BIOS (HKLM-x32\...\{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.22.0718.1 - GIGABYTE) Hidden
@BIOS (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.22.0718.1 - GIGABYTE)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1034-1033-7760-BC15014EA700}) (Version: 23.001.20093 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601042}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 4.09.21.138 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.19.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 23.4.1 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{e455060c-4aab-450b-84bd-ab13c2920456}) (Version: 4.09.21.138 - Advanced Micro Devices, Inc.) Hidden
Apache NetBeans IDE 14 (HKLM\...\nbi-nb-all-14.0.0.220601.0) (Version: 14 - Apache NetBeans)
APP Center (HKLM-x32\...\{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.22.1031.1 - Gigabyte) Hidden
APP Center (HKLM-x32\...\InstallShield_{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.22.1031.1 - Gigabyte)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Blackmagic RAW Common Components (HKLM\...\{BF73F11D-8A70-438B-A357-38E1F1A62164}) (Version: 2.8 - Blackmagic Design)
Branding64 (HKLM\...\{0DB6E0DC-607A-42C1-A3CE-7567A9F85AF4}) (Version: 1.00.0008 - Advanced Micro Devices, Inc.) Hidden
Comprobación de estado de PC Windows (HKLM\...\{8B474A92-CE3A-4F46-B6F1-6DFA1390F826}) (Version: 3.6.2204.08001 - Microsoft Corporation)
CPUID CPU-Z Gigabyte 2.05 (HKLM\...\CPUID CPU-Z Gigabyte_is1) (Version: 2.05 - CPUID, Inc.)
CPUID HWMonitor 1.50 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.50 - CPUID, Inc.)
CrystalDiskInfo 8.17.14 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.17.14 - Crystal Dew World)
DaVinci Resolve (HKLM\...\{7A0D85EC-72B0-4060-943C-169B1EF74C62}) (Version: 18.1.40009 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{7FA59352-9416-49BB-A98F-FDF3C95C8214}) (Version: 2.0.6.0 - Blackmagic Design)
Dead Cells MULTi12 - ElAmigos versión 06.03.2023 (HKLM-x32\...\{D9DF535E-0EC4-4715-B8F8-6AA6D7D1AF96}_is1) (Version: 06.03.2023 - Motion Twin)
DeepL (HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\https%3a##appdownload.deepl.com#windows#0install#deepl.xml) (Version: - DeepL SE)
Eclipse Temurin JDK con Hotspot 8u332-b09 (x64) (HKLM\...\{EA74D77A-7A51-4D97-8811-7152CA4C773A}) (Version: 8.0.332.9 - Eclipse Adoptium)
Epic Games Launcher (HKLM-x32\...\{532DD55D-9AEC-4D28-B84E-3D312F8F1E81}) (Version: 1.3.23.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.)
ESET Security (HKLM\...\{7640EC0A-921E-44D1-9165-DE31D473EAE3}) (Version: 16.0.26.0 - ESET, spol. s r.o.)
Firestorm Launcher versión 2.0 (HKLM-x32\...\{F4B56459-9812-461D-A6C7-5A1CF7CF5609}_is1) (Version: 2.0 - Firestorm)
Genshin Impact (HKLM\...\Genshin Impact) (Version: 2.24.1.0 - COGNOSPHERE PTE. LTD.)
HoloCureLauncher (HKLM\...\{1D9D1218-5244-4C84-902A-DD9F91B92C3C}) (Version: 1.0.2 - HoloCure)
iVMS-4200 (HKLM-x32\...\{CE2F96D0-63D2-4B9C-A8D6-0D1A60840BD8}) (Version: 3.8.1.4 - Hangzhou Hikvision Digital Technology Co., Ltd.)
Java 8 Update 321 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180321F0}) (Version: 8.0.3210.7 - Oracle Corporation)
Java SE Development Kit 8 Update 321 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180321}) (Version: 8.0.3210.7 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LDPlayer (HKLM-x32\...\LDPlayer9) (Version: 9.0.36 - XUANZHI INTERNATIONAL CO., LIMITED)
Microsoft .NET 6.0 Templates 6.0.400 (x64) (HKLM\...\{6108C224-9459-437C-BF24-F3576B542486}) (Version: 24.7.9423 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.8 (x64) (HKLM\...\{9245BB2A-DDFE-4B50-BD96-74676A97C677}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.8 (x64_arm) (HKLM\...\{116BB497-6EF9-40D5-8169-399FA8C44F05}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.8 (x64_arm64) (HKLM\...\{6C547448-603E-4A32-B7FC-6BB78CFCC728}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.8 (x64_x86) (HKLM\...\{BD4F6F6A-88EB-4466-8F69-EA7897FA5EDD}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.8 (x64) (HKLM\...\{6950FA03-8B88-4675-B685-FB21CA1762CC}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.8 (x64) (HKLM\...\{3C3CA326-3F1D-43B7-B0AD-CBC06B2DED5A}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.8 (x64) (HKLM\...\{7CEA3ABF-FE24-42AF-ADE6-B4A3EE346743}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET SDK 6.0.400 (x64) (HKLM-x32\...\{89cdd9a9-cb38-4d90-8f20-b141cb9cffc8}) (Version: 6.4.22.37103 - Microsoft Corporation)
Microsoft .NET Standard Targeting Pack - 2.1.0 (x64) (HKLM\...\{A7036CFB-B403-4598-85FF-D397ABB88173}) (Version: 24.0.28113 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 6.0.8 (x64) (HKLM\...\{D12C4399-F7EE-4105-A34A-D8DCC7C81A3A}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET Toolset 6.0.400 (x64) (HKLM\...\{78E6A6FE-9999-4CB1-86AE-52E2193C8CCE}) (Version: 24.5.9423 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.8 Shared Framework (x64) (HKLM\...\{FA97D589-B37E-3B49-A8D2-4764029773FE}) (Version: 6.0.8.22363 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.8 Targeting Pack (x64) (HKLM\...\{1C5B2A67-5828-33F9-9FB3-BE5780644781}) (Version: 6.0.8.22363 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 111.0.1661.62 - Microsoft Corporation)
Microsoft Office Profesional Plus 2019 - es-es (HKLM\...\ProPlus2019Retail - es-es) (Version: 16.0.15225.20204 - Microsoft Corporation)
Microsoft Project - es-es (HKLM\...\ProjectPro2019Retail - es-es) (Version: 16.0.15225.20204 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{56F27690-F6EA-3356-980A-02BA379506EE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{1b103cea-f037-4504-81de-956057b442c3}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.71.2 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.8 (x64) (HKLM\...\{EB3983F9-3D60-456D-A11A-C1366C79AD3E}) (Version: 48.35.45540 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 6.0.8 (x64) (HKLM\...\{939D4E60-912A-4D02-BA11-EC9B4B9FAE92}) (Version: 48.35.45540 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft.NET.Sdk.Android.Manifest-6.0.300 (HKLM\...\{F4E591C2-810D-4D36-B4F9-DC55103019D1}) (Version: 128.75.16384 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.iOS.Manifest-6.0.300 (HKLM\...\{BBA9C60D-75E7-44EE-922D-069AA85C8EC1}) (Version: 125.191.42208 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.MacCatalyst.Manifest-6.0.300 (HKLM\...\{FEB76EC8-02F4-46E6-8031-BE403766D13A}) (Version: 125.191.42208 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.macOS.Manifest-6.0.300 (HKLM\...\{F590F859-2F6A-4559-9D09-A8FC442AF16B}) (Version: 100.255.42208 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Maui.Manifest-6.0.300 (HKLM\...\{C2863251-07E7-44A0-B2F8-4C4E2AF08937}) (Version: 24.78.0 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.tvOS.Manifest-6.0.300 (HKLM\...\{69B1631F-5F98-4C6C-B757-46B0ECC8EDBB}) (Version: 125.191.42208 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.Manifest (HKLM\...\{7CBF3451-2A94-4DFD-8355-6B97C5EABB26}) (Version: 48.27.39026 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.Manifest (HKLM\...\{DBB48387-294D-4179-81CB-B06A97F8CD8E}) (Version: 48.3.40665 - Microsoft Corporation) Hidden
NIKKE (HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\nikke_launcher) (Version: - Level Infinite)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 28.1.2 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15225.20150 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15225.20194 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.15128.20178 - Microsoft Corporation) Hidden
Opera GX Stable 96.0.4693.127 (HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\Opera GX 96.0.4693.127) (Version: 96.0.4693.127 - Opera Software)
osu! (HKLM-x32\...\{9efe7748-d3c7-4442-9411-846ea7121e15}) (Version: latest - ppy Pty Ltd)
osu! (HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\osulazer) (Version: 2023.326.1 - ppy Pty Ltd)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Parsec (HKLM-x32\...\Parsec) (Version: 150-85c - Parsec Cloud Inc.)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.5.2 - The qBittorrent project)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9313.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.56.119.2022 - Realtek)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
RyzenMasterSDK (HKLM\...\{AD8B6B2B-861B-47F8-AD73-9DF1523F45EC}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tower of Fantasy (HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\tof_launcher) (Version: - Hotta Studio)
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
VALORANT (HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 111.0.1661.62 - Microsoft Corporation)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\ZoomUMX) (Version: 5.10.4 (5035) - Zoom Video Communications, Inc.)
Packages:
=========
Complemento de motor multimedia para Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-06-23] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.32.261.0_x64__dt26b99r8h8gj [2023-04-03] (Realtek Semiconductor Corp)
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
CustomCLSID: HKU\S-1-5-21-2383643560-2673399571-3057379336-1001_Classes\CLSID\{b72e6f5e-f6e0-a9eb-461b-6118363bd15c}\localserver32 -> D:\Deepl\sha256new_VWHRA5W4M2PQCCQ67TH5E6WWJ6BDO2AOAGGVOCKAYS5J636HFPRQ\DeepL.exe (DeepL SE -> DeepL SE)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-01-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-01-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2023-03-27] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-01-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Lista blanca) ====================
==================== Accesos directos & WMI ========================
==================== Módulos cargados (Lista blanca) =============
==================== Alternate Data Streams (Lista blanca) ========
==================== Modo Seguro (Lista blanca) ==================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
==================== Asociación (Lista blanca) =================
==================== Internet Explorer (Lista blanca) ==========
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_321\bin\ssv.dll [2022-05-24] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_321\bin\jp2ssv.dll [2022-05-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2019-12-07 04:14 - 2023-04-04 13:02 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Eclipse Adoptium\jdk-8.0.332.9-hotspot\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\
HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Acosta\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\wallpaperflare.com_wallpaper.jpg
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall de Windows está habilitado.
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
(Si una entrada es incluida en el fixlist, será eliminada.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Parsec => 2
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run32: => "Discord"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "RadminVPN"
HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\StartupApproved\StartupFolder: => "DeepL auto-start.lnk"
HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\StartupApproved\Run: => "Opera GX Browser Assistant"
HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_201A338FFE00E5AA3CFFD34B8D6358CA"
HKU\S-1-5-21-2383643560-2673399571-3057379336-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Puntos de Restauración =========================
30-03-2023 10:58:49 Radeon Installer
02-04-2023 18:17:18 Se ha instalado DirectX
02-04-2023 18:49:12 Instalador de Módulos de Windows
02-04-2023 18:50:01 Instalador de Módulos de Windows
04-04-2023 08:42:56 ZHPcleaner
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
==================== Errores del registro de eventos: ========================
Errores de aplicación:
==================
Error: (04/04/2023 01:10:41 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Error en la inicialización de la inscripción de certificados de SCEP para WORKGROUP\DESKTOP-3U2CKDG$ a través de https://AMD-KeyId-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Tue, 04 Apr 2023 18:10:40 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 575b05d3-e353-4425-9f89-30534c33b0a8
Método: GET(579ms)
Fase: GetCACaps
No encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (04/04/2023 01:02:49 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Error en la inicialización de la inscripción de certificados de SCEP para WORKGROUP\DESKTOP-3U2CKDG$ a través de https://AMD-KeyId-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Tue, 04 Apr 2023 18:02:48 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: fe9cee02-f90e-4d6d-9bbf-6b4209dc6926
Método: GET(688ms)
Fase: GetCACaps
No encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (04/04/2023 01:02:03 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x8007001f, Uno de los dispositivos conectados al sistema no funciona.
.
Operación:
Ejecutando operación asincrónica
Contexto:
Estado actual: DoSnapshotSet
Error: (04/04/2023 01:01:57 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.
Operación:
Recopilando datos del escritor
Contexto:
Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
Nombre del escritor: System Writer
Id. de instancia del escritor: {3593737d-6883-46d5-bc53-1204f6acc4ba}
Error: (04/04/2023 08:05:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: wmiprvse.exe, versión: 10.0.19041.546, marca de tiempo: 0x5da7ab91
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0x80131623
Desplazamiento de errores: 0x00007fff74cd200f
Identificador del proceso con errores: 0x265c
Hora de inicio de la aplicación con errores: 0x01d966f62076a9b1
Ruta de acceso de la aplicación con errores: C:\Windows\system32\wbem\wmiprvse.exe
Ruta de acceso del módulo con errores: unknown
Identificador del informe: af072e17-a5e0-4096-b822-3cd1acf6f7c5
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (04/04/2023 08:05:28 AM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application: wmiprvse.exe
Framework Version: v4.0.30319
Description: The application requested process termination through System.Environment.FailFast(string message).
Message: El proveedor ha iniciado una excepción inesperada:
System.IO.FileLoadException:
File name: 'Microsoft.AppV.AppvClientComConsumer, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'
at Microsoft.AppV.AppvPublishingServerWMI.AppvPublishingServer.EnumeratePublishingServers()
Stack:
at System.Environment.FailFast(System.String)
at WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink)
Error: (04/04/2023 08:05:27 AM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (04/04/2023 08:05:27 AM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
Errores del sistema:
=============
Error: (04/04/2023 01:10:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio OCButtonService no pudo iniciarse debido al siguiente error:
El sistema no puede encontrar el archivo especificado.
Error: (04/04/2023 01:02:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio OCButtonService no pudo iniciarse debido al siguiente error:
El sistema no puede encontrar el archivo especificado.
Error: (04/04/2023 01:02:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Instalador de módulos de Windows terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.
Error: (04/04/2023 01:02:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Search terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.
Error: (04/04/2023 01:02:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio GIGABYTE Update Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (04/04/2023 01:02:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio GIGABYTE Adjust se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (04/04/2023 01:02:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Microsoft Office Click-to-Run Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.
Error: (04/04/2023 01:02:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Adobe Acrobat Update Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Windows Defender:
================
Date: 2022-11-10 23:33:59
Description:
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {A2C3FF88-FC29-4267-87FE-6C36E97A020C}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2022-11-10 23:07:00
Description:
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {78C1838E-2763-4925-BEC2-A925A63CB752}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2022-11-10 23:02:36
Description:
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {66F4A4AD-6FAC-4F0C-816C-8B9EA24A1108}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2023-04-04 13:24:25
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2023-04-04 13:13:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Información de la memoria ===========================
BIOS: American Megatrends International, LLC. F64a 02/09/2023
Placa base: Gigabyte Technology Co., Ltd. B450M DS3H-CF
Procesador: AMD Ryzen 5 5600G with Radeon Graphics
Porcentaje de memoria en uso: 26%
RAM física total: 12155.35 MB
RAM física disponible: 8880.62 MB
Virtual total: 18555.35 MB
Virtual disponible: 14173.24 MB
==================== Unidades ================================
Drive c: () (Fixed) (Total:483.47 GB) (Free:222.45 GB) (Model: WDC WDS960G2G0C-00AJM0) NTFS
Drive d: (Nuevo vol) (Fixed) (Total:410.16 GB) (Free:235.48 GB) (Model: WDC WDS960G2G0C-00AJM0) NTFS
\\?\Volume{950b20cd-4c5a-4a62-84e6-fd9dc6398eb8}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{8c174cf9-6a6f-4ebd-99a7-83206b2a4192}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Tabla de particiones ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 894.3 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Final de Addition.txt =======================
Buenas @Itenshi23 déjeme usted unos días para poder analizar el Informe y/o Reporte ya que en este momento tengo que salir un momento a realizar unas gestiones.
En cuando vuelva lo reviso y valoro si le tengo que mandar otro Script de Reparación.
Ahora, en primer lugar, realice usted lo siguiente:
Un click en el botón: Inicio (
) >> de la lista que te sale busca y un click en la carpeta que pone: 
>> un click en: 
>> un click donde dice: 
>> un click donde dice: >> 
Maximice usted la pantalla y me manda usted una ó varias Capturas de Pantalla con todo lo que se refleje!
Quedo a la espera de su respuesta!
no se preocupe termines sus cosas tranquilamente
Muchas gracias @Itenshi23, en cuanto haya realizado las gestiones estoy de nuevo con usted.
Salu2
buenas?, ya paso mas de una semana asi que nose si ya termino de analizar con el reporte?
