Ayuda con Virus Doble Tilde

Modusinoperandi · 12 Diciembre, 2023 00:27

Buen dia, amigos:

Quisiera solicitar su ayuda / orientacion sobre un problema que tengo con mi computador personal desde hace unos dias, y es que por mas que lo he intentado, no logro escribir las palabras con tildes correctamente, donde al escribir alguno, en vez de aparecer sobre la letra tildada, se generan 2 tildes previos a la letra, como por ejemplo “aqu´´i”.

Luego de revisar en varios lugares, pensando que podia tratarse de un problema de configuracion de idioma/teclado, comence a encontrar informacion en diversos lugares sobre que podria tratarse de un virus/malware. Y asi fue como llegue a este sitio.

Revisando en varios post de personas con una problematica similar, intente resolverlo por mi cuenta, siguiendo una estrategia que vi repetida en casi todos los post similares, esto es:

CCleaner
MalwareBytes
Adwcleaner
CCleaner

Si bien en primera instancia hubo 2 detecciones por parte de MalwareBytes y 1 por parte de Adwcleaner, tras lo cual mi computador funciono temporalmente de manera correcta, luego de un rato volvio a presentarse la misma problematica, y a pesar de volver a ejecutar la estrategia, esta vez las herramientas en cuestion no detectaron absolutamente nada, y mi molesto problema persiste.

Revisando en su web, encontre otra indicacion recurrente, mediante el uso de FRST para generar unos informes. Siguiendo las instrucciones de uso de la herramienta que encontre en esas publicaciones, ejecute la aplicacion en mi equipo y genere los informes los cuales pegare en los mensajes subsiguientes, con la intencion de que por favor me puedan ayudar a resolver este problema.

Agradezco desde ya su ayuda

PD: Sepan disculpar la falta de tildes

Modusinoperandi · 12 Diciembre, 2023 00:28

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 10-12-2023 Ejecutado por Spider Build (administrador) sobre DESKTOP-JOAB8PM (Gigabyte Technology Co., Ltd. B450M DS3H V2) (11-12-2023 21:11:35) Ejecutado desde C:\Users\Spider Build\Desktop\FRST64.exe Perfiles cargados: Spider Build Plataforma: Microsoft Windows 11 Pro Versión 22H2 22621.2715 (X64) Idioma: Español (España, internacional) Navegador predeterminado: Chrome Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE → Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE → Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe (C:\Program Files\NoMachine\bin\nxserver.bin ->) (NoMachine S.a.r.l. → NoMachine) C:\Program Files\NoMachine\bin\nxd.exe (C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE → Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSSrcExt.exe (C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE → Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe (ctfmon.exe ->) (Microsoft Windows → Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (explorer.exe ->) (Riot Games, Inc. → Riot Games, Inc.) C:\Riot Games\Riot Client\RiotClientServices.exe (Google LLC → Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler.exe (Google LLC → Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler64.exe (lsass.exe ->) (NoMachine S.a.r.l. → NoMachine) C:\Program Files\NoMachine\bin\nxserver.bin (NoMachine S.a.r.l. → NoMachine) C:\Program Files\NoMachine\bin\nxnode.bin (NoMachine S.a.r.l. → NoMachine) C:\Program Files\NoMachine\bin\nxrunner.bin (Panda Security S.L. → Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe (PIRIFORM SOFTWARE LIMITED → Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (services.exe ->) (Microsoft Corporation → Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2> (services.exe ->) (Microsoft Windows Publisher → Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher → Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe (services.exe ->) (NoMachine S.a.r.l. → NoMachine) C:\Program Files\NoMachine\bin\nxservice64.exe (services.exe ->) (Panda Security S.L. → Panda Security S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\pselamsvc.exe (services.exe ->) (Panda Security S.L. → Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe (services.exe ->) (Panda Security S.L. → Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe (services.exe ->) (Panda Security S.L. → Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe (sihost.exe ->) (Microsoft Corporation → ) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2023.11110.29003.0_x64__8wekyb3d8bbwe\PhotosService\PhotosService.exe (svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 → ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2348.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe (svchost.exe ->) (Microsoft Corporation → ) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2023.11110.29003.0_x64__8wekyb3d8bbwe\PhotosApp.exe (svchost.exe ->) (Microsoft Corporation → Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe (svchost.exe ->) (Microsoft Windows → Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows → Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe (svchost.exe ->) (Microsoft Windows Publisher → Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3>

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM.…\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ee6fe91a35eb809c\RtkAudUService64.exe [3450728 2022-02-16] (Realtek Semiconductor Corp. → Realtek Semiconductor) HKLM-x32.…\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [186984 2022-11-02] (Panda Security S.L. → Panda Security, S.L.) HKLM-x32.…\RunOnce: [PreRun] => C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [14632 2016-02-26] (GIGA-BYTE TECHNOLOGY CO., LTD. → ) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restricción <==== ATENCIÓN HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restricción <==== ATENCIÓN HKU\S-1-5-21-2003286275-1029051536-776888162-1001.…\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [70912472 2023-11-15] (Riot Games, Inc. → Riot Games, Inc.) HKU\S-1-5-21-2003286275-1029051536-776888162-1001.…\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4386664 2023-12-07] (Valve Corp. → Valve Corporation) HKU\S-1-5-21-2003286275-1029051536-776888162-1001.…\Run: [MicrosoftEdgeAutoLaunch_2F4EB5A0FF11F0FD09C9D129BA49678F] => “C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe” --no-startup-window --win-session-start [3788736 2023-12-07] (Microsoft Corporation → Microsoft Corporation) HKU\S-1-5-21-2003286275-1029051536-776888162-1001.…\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44529568 2023-11-21] (PIRIFORM SOFTWARE LIMITED → Piriform Software Ltd) HKLM.…\Print\Monitors\NoMachine Port Monitor: C:\Program Files\NoMachine\bin\libnxlp64.dll [6711776 2023-11-08] (NoMachine S.a.r.l. → ) HKLM\Software\Microsoft\Active Setup\Installed Components: [>OpenVPN_UserSetup] → reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] → C:\Program Files\Google\Chrome\Application\120.0.6099.71\Installer\chrmstp.exe [2023-12-06] (Google LLC → Google LLC) HKLM\Software.…\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] → Lsa: [Authentication Packages] msv1_0 nxlsa

==================== Tareas programadas (Lista blanca) =================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {34ADEFE8-89DB-43BC-8C0B-14BB34D69F6D} - no ruta de acceso de archivo. <==== ATENCIÓN Task: {4712660C-CE25-41A9-8344-C71EBC3B3A53} - no ruta de acceso de archivo. <==== ATENCIÓN Task: {494B9035-F561-420E-8C91-4C2CD6663214} - \Microsoft\Windows\Windows Media Sharing\UpdateLibrary → Ningún archivo <==== ATENCIÓN Task: {5290031A-C746-4BF7-8055-1B0C3D515F92} - no ruta de acceso de archivo. <==== ATENCIÓN Task: {70CC231D-6AF8-4365-B6D8-20940B0E77E8} - no ruta de acceso de archivo. <==== ATENCIÓN Task: {86221B7F-99CB-4D13-941F-DA04E86D22C1} - no ruta de acceso de archivo. <==== ATENCIÓN Task: {87094343-6C1F-4855-A6B9-305BA74AB761} - no ruta de acceso de archivo. <==== ATENCIÓN Task: {97CFCC8C-071C-4DD8-9ACF-5F46C4EBC887} - no ruta de acceso de archivo. <==== ATENCIÓN Task: {B993AB78-281C-48E3-B475-70EC4670D2F6} - no ruta de acceso de archivo. <==== ATENCIÓN Task: {C50020CC-3D59-4D20-8757-8718543DC60C} - no ruta de acceso de archivo. <==== ATENCIÓN Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - no ruta de acceso de archivo. <==== ATENCIÓN Task: {CD8B0CC5-78C7-4DD9-88CB-115614CD6A2B} - no ruta de acceso de archivo. <==== ATENCIÓN Task: {DC00679A-002C-4C9B-B7A9-95CB365F6D9F} - no ruta de acceso de archivo. <==== ATENCIÓN Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - no ruta de acceso de archivo. <==== ATENCIÓN Task: {F71653E7-1907-4196-822A-ACF5D63564EB} - no ruta de acceso de archivo. <==== ATENCIÓN Task: {6BAB9E95-5883-4EEA-B853-89047173729A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-11-21] (PIRIFORM SOFTWARE LIMITED → Piriform Software Ltd) Task: {7C352BAC-9004-4304-9149-074FA6ACC4C1} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-11-21] (PIRIFORM SOFTWARE LIMITED → Piriform Software) → --product 90 --send dumps|report --path “C:\Program Files\CCleaner\LOG” --programpath “C:\Program Files\CCleaner” --guid “e2f88a0e-7154-4242-9fc9-5a612ff488b2” --version “6.18.10838” --silent Task: {4B2E0E95-F6B6-43BC-A6C8-5E57E1FD93D7} - System32\Tasks\CCleanerSkipUAC - Spider Build => C:\Program Files\CCleaner\CCleaner.exe [37546912 2023-11-21] (PIRIFORM SOFTWARE LIMITED → Piriform Software Ltd) Task: {FD2A8D9F-C146-40D5-AB08-C0EE81E16EEA} - System32\Tasks\GoogleUpdateTaskMachineCore{7552BFE5-3D45-493B-9919-0D89B727B300} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-07-14] (Google LLC → Google LLC) Task: {11A493AF-FFAC-49DD-8CBB-DFE856E9425F} - System32\Tasks\GoogleUpdateTaskMachineUA{FB79D144-84E3-48CE-B76F-37AD7942C75C} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-07-14] (Google LLC → Google LLC) Task: {BB5C3143-09C1-4CA6-9852-39791F0EC5DA} - System32\Tasks\Microsoft\Windows\Autochk\ODBProviders => C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe [58856 2022-05-07] (Microsoft Corporation → Microsoft Corporation) → C:\ProgramData\TailFramework\ScokZeveloper\vonmNiaZplap.dll /U <==== ATENCIÓN

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 200.30.192.14 190.160.0.13 190.160.0.15 Tcpip..\Interfaces{eb6f3a2a-b8bb-44c1-8360-b88824d26af5}: [DhcpNameServer] 200.30.192.14 190.160.0.13 190.160.0.15

Edge:

Edge Profile: C:\Users\Spider Build\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-11] Edge Extension: (Documentos de Google sin conexión) - C:\Users\Spider Build\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-25] Edge Extension: (Edge relevant text changes) - C:\Users\Spider Build\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-25]

Chrome:

CHR DefaultProfile: Default CHR Profile: C:\Users\Spider Build\AppData\Local\Google\Chrome\User Data\Default [2023-12-11] CHR Extension: (Documentos de Google sin conexión) - C:\Users\Spider Build\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-16] CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\Spider Build\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-11-28] CHR Extension: (Shazam: identifica música desde tu navegador) - C:\Users\Spider Build\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2023-10-20] CHR Extension: (Vue.js devtools) - C:\Users\Spider Build\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhdogjmejiglipccpnnnanhbledajbpd [2023-10-10] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Spider Build\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-07-14] CHR Extension: (Google Drive) - C:\Users\Spider Build\AppData\Local\Default [2023-12-11] CHR Profile: C:\Users\Spider Build\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-12-11] CHR Extension: (Documentos de Google sin conexión) - C:\Users\Spider Build\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-15] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Spider Build\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-08-15] CHR Profile: C:\Users\Spider Build\AppData\Local\Google\Chrome\User Data\System Profile [2023-08-15]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 CloudBackupRestoreSvc; C:\WINDOWS\System32\CloudRestoreLauncher.dll [1355776 2023-11-15] (Microsoft Windows → Microsoft Corporation) S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9405400 2023-12-11] (Malwarebytes Inc. → Malwarebytes) S2 MyService1; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [18944 2021-04-08] () [Archivo no firmado] R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [118504 2022-10-31] (Panda Security S.L. → Panda Security, S.L.) R2 nxservice; C:\Program Files\NoMachine\bin\nxservice64.exe [7120208 2023-11-08] (NoMachine S.a.r.l. → NoMachine) S3 Panda VPN Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe [320848 2017-11-19] (AnchorFree Inc → ) R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [84176 2019-02-19] (Panda Security S.L. → Panda Security, S.L.) R2 pselamsvc; C:\Program Files (x86)\Panda Security\Panda Security Protection\pselamsvc.exe [195224 2022-09-26] (Panda Security S.L. → Panda Security S.L.) R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [78840 2022-11-02] (Panda Security S.L. → Panda Security, S.L.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534584 2023-11-15] (Microsoft Windows Publisher → Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-08] (Microsoft Windows Publisher → Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-08] (Microsoft Windows Publisher → Microsoft Corporation) S2 GigabyteUpdateService; C:\WINDOWS\system32\GigabyteUpdateService.exe [861328 2023-12-11] (GIGA-BYTE TECHNOLOGY CO., LTD. → GIGA-BYTE TECHNOLOGY CO., LTD.)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc → The OpenVPN Project) R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [54720 2022-08-08] (Advanced Micro Devices Inc. → Advanced Micro Devices, Inc.) R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [36928 2022-09-16] (ASMedia Technology Inc. → Advanced Micro Devices, Inc) R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0382620.inf_amd64_c4aa916e2e433e7b\B382773\amdkmdag.sys [94457184 2022-08-31] (Advanced Micro Devices Inc. → Advanced Micro Devices, Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [544768 2023-07-15] (Microsoft Corporation) [Archivo no firmado] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2023-07-15] (Microsoft Corporation) [Archivo no firmado] S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Archivo no firmado] R3 gdrv3; C:\Windows\System32\drivers\gdrv3.sys [45248 2023-07-12] (GIGA-BYTE TECHNOLOGY CO., LTD. → GIGA-BYTE TECHNOLOGY CO., LTD.) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-12-11] (Microsoft Windows Early Launch Anti-malware Publisher → Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2023-12-11] (Microsoft Windows Hardware Compatibility Publisher → Malwarebytes) R1 NNSDNS; C:\WINDOWS\system32\DRIVERS\NNSDNS.sys [146184 2022-11-06] (WatchGuard Technologies, Inc. → Panda Security, S.L.) R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [215264 2022-11-06] (WatchGuard Technologies, Inc. → Panda Security, S.L.) R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [128744 2022-11-06] (WatchGuard Technologies, Inc. → Panda Security, S.L.) R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [146664 2022-11-06] (WatchGuard Technologies, Inc. → Panda Security, S.L.) R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [151152 2022-10-10] (Microsoft Windows Hardware Compatibility Publisher → Panda Security, S.L.) R1 NNSNHWFP; C:\WINDOWS\system32\DRIVERS\NNSNHWFP.sys [211208 2022-12-06] (WatchGuard Technologies, Inc. → Panda Security, S.L.) R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [164568 2022-11-06] (WatchGuard Technologies, Inc. → Panda Security, S.L.) R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [137960 2022-11-06] (WatchGuard Technologies, Inc. → Panda Security, S.L.) R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [407264 2022-11-06] (WatchGuard Technologies, Inc. → Panda Security, S.L.) R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [575720 2022-11-06] (WatchGuard Technologies, Inc. → Panda Security, S.L.) R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [125672 2022-11-06] (WatchGuard Technologies, Inc. → Panda Security, S.L.) R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [335064 2022-11-06] (WatchGuard Technologies, Inc. → Panda Security, S.L.) S3 nxaudio; C:\WINDOWS\system32\drivers\nxaudio.sys [38200 2019-10-08] (Microsoft Windows Hardware Compatibility Publisher → NoMachine) R2 nxfs; C:\Program Files\NoMachine\bin\drivers\nxdisk\amd64\nxfs.sys [66032 2020-02-18] (Microsoft Windows Hardware Compatibility Publisher → NoMachine) R2 nxusbf; C:\WINDOWS\System32\drivers\nxusbf.sys [114784 2022-09-13] (Microsoft Windows Hardware Compatibility Publisher → NoMachine S.a.r.l) R3 nxusbh; C:\WINDOWS\System32\drivers\nxusbh.sys [121936 2022-09-13] (Microsoft Windows Hardware Compatibility Publisher → NoMachine S.a.r.l) R3 nxusbs; C:\WINDOWS\System32\drivers\nxusbs.sys [33872 2022-09-13] (Microsoft Windows Hardware Compatibility Publisher → NoMachine S.a.r.l) R2 PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [198376 2022-11-02] (WatchGuard Technologies, Inc. → Panda Security, S.L.) S0 psinelam; C:\WINDOWS\System32\DRIVERS\psinelam.sys [26080 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher → Panda Security, S.L.) R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [176360 2022-11-02] (WatchGuard Technologies, Inc. → Panda Security, S.L.) R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [218856 2022-11-02] (WatchGuard Technologies, Inc. → Panda Security, S.L.) R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [150760 2022-11-02] (WatchGuard Technologies, Inc. → Panda Security, S.L.) R2 PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [162536 2022-11-02] (WatchGuard Technologies, Inc. → Panda Security, S.L.) R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [130280 2022-11-02] (WatchGuard Technologies, Inc. → Panda Security, S.L.) U3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [72984 2019-02-20] (Panda Security S.L. → Panda Security, S.L.) S4 UCPD; C:\WINDOWS\System32\drivers\UCPD.sys [29184 2023-09-13] (Microsoft Windows → Microsoft Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-08] (Microsoft Windows Early Launch Anti-malware Publisher → Microsoft Corporation) U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows → Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-08] (Microsoft Windows → Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-08] (Microsoft Windows → Microsoft Corporation) S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2023-12-11 21:11 - 2023-12-11 21:11 - 000021847 _____ C:\Users\Spider Build\Desktop\FRST.txt 2023-12-11 21:11 - 2023-12-11 21:11 - 000000000 ____D C:\FRST 2023-12-11 21:09 - 2023-12-11 21:09 - 002385408 _____ (Farbar) C:\Users\Spider Build\Desktop\FRST64.exe 2023-12-11 18:26 - 2023-12-11 18:26 - 000802980 _____ C:\WINDOWS\system32\perfh00A.dat 2023-12-11 18:26 - 2023-12-11 18:26 - 000160308 _____ C:\WINDOWS\system32\perfc00A.dat 2023-12-11 18:18 - 2023-12-11 18:18 - 000001982 _____ C:\Users\Spider Build\Documents\cc_20231211_181834.reg 2023-12-11 18:16 - 2023-12-11 18:17 - 000000000 ____D C:\AdwCleaner 2023-12-11 18:13 - 2023-12-11 21:04 - 000000000 ____D C:\Users\Spider Build\AppData\Local\Malwarebytes 2023-12-11 18:13 - 2023-12-11 18:13 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2023-12-11 18:12 - 2023-12-11 18:12 - 000000000 ____D C:\ProgramData\Malwarebytes 2023-12-11 18:12 - 2023-12-11 18:12 - 000000000 ____D C:\Program Files\Malwarebytes 2023-12-11 18:11 - 2023-12-11 18:11 - 000112700 _____ C:\Users\Spider Build\Documents\cc_20231211_181120.reg 2023-12-11 18:09 - 2023-12-11 21:10 - 000000000 ____D C:\Program Files\CCleaner 2023-12-11 18:09 - 2023-12-11 18:19 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job 2023-12-11 18:09 - 2023-12-11 18:11 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2023-12-11 18:09 - 2023-12-11 18:11 - 000003380 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting 2023-12-11 18:09 - 2023-12-11 18:09 - 000002932 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Spider Build 2023-12-11 18:09 - 2023-12-11 18:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2023-12-11 18:08 - 2023-12-11 18:16 - 008791352 _____ (Malwarebytes) C:\Users\Spider Build\Desktop\adwcleaner.exe 2023-12-11 17:49 - 2023-12-11 17:49 - 000003710 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{44D0F42E-0874-4CF3-85FC-EC1D9845CC62} 2023-12-11 17:49 - 2023-12-11 17:49 - 000003586 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{C8F780CA-5E36-4F0F-9E3A-00205847CF36} 2023-12-11 12:53 - 2023-12-11 17:42 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2023-12-11 12:53 - 2023-12-11 12:53 - 000000000 ____D C:\Users\Spider Build\AppData\Local\mbam 2023-12-08 23:21 - 2023-12-08 23:21 - 000000000 ____D C:\Users\Spider Build\AppData\Local\NVIDIA Corporation 2023-12-08 23:19 - 2023-12-08 23:19 - 000000000 ____D C:\Users\Spider Build\AppData\Local\UnrealEngine 2023-12-08 23:19 - 2023-12-08 23:19 - 000000000 ____D C:\Users\Spider Build\AppData\Local\TekkenGame 2023-12-08 23:19 - 2023-12-08 23:19 - 000000000 ____D C:\Users\Public\Documents\Steam 2023-12-08 23:06 - 2023-12-08 23:39 - 000001605 _____ C:\Users\Public\Desktop\Tekken 7.lnk 2023-12-08 23:06 - 2023-12-08 23:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tekken 7 2023-12-08 22:50 - 2023-12-08 22:50 - 000000000 ____D C:\Games 2023-12-08 22:14 - 2023-12-08 22:15 - 000000000 ____D C:\Users\Spider Build\Downloads\TEK7KEN7Del7uxeEdit7io-Update5 10-elamigos 2023-12-08 21:55 - 2023-12-08 22:49 - 000000000 ____D C:\Users\Spider Build\Downloads\TEK7KEN7Del7uxeEdit7ion-4 20-elamigos 2023-12-08 21:48 - 2023-12-11 21:07 - 000000000 ____D C:\Users\Spider Build\AppData\Local\Default 2023-12-08 21:48 - 2023-12-08 21:48 - 000000000 ____D C:\Users\Spider Build\AppData\Local\DesktopCleanup 2023-12-08 21:48 - 2023-12-08 21:48 - 000000000 ____D C:\Users\Spider Build\AppData\Local\Adaware 2023-12-05 12:27 - 2023-12-05 12:28 - 000000000 ____D C:\Users\Spider Build\Downloads\ETickets 2023-11-15 10:28 - 2023-11-15 10:28 - 000016240 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2023-11-15 10:25 - 2023-11-15 10:26 - 000000000 ___HD C:$WinREAgent 2023-11-11 13:47 - 2023-11-11 13:47 - 000483595 _____ C:\WINDOWS\gethelp_audiotroubleshooter_latestpackage.zip 2023-11-11 13:47 - 2023-11-11 13:47 - 000000000 ____D C:\ProgramData\WindowsPerformanceRecorder

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2023-12-11 21:04 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SystemTemp 2023-12-11 20:57 - 2023-07-14 16:17 - 000000000 ____D C:\Program Files (x86)\Google 2023-12-11 20:54 - 2022-05-07 02:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-12-11 20:53 - 2023-07-14 16:36 - 000000000 ____D C:\Users\Spider Build\AppData\Roaming\Microsoft\MMC 2023-12-11 20:48 - 2023-07-14 17:20 - 000000000 ____D C:\Users\Spider Build.nx 2023-12-11 20:34 - 2023-08-20 15:57 - 000000000 ____D C:\Program Files (x86)\Steam 2023-12-11 20:19 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-12-11 18:26 - 2023-07-15 17:11 - 001801816 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-12-11 18:26 - 2022-05-07 02:22 - 000000000 ____D C:\WINDOWS\INF 2023-12-11 18:19 - 2023-07-15 17:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-12-11 18:19 - 2023-07-15 17:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-12-11 18:19 - 2023-07-12 12:38 - 000089232 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\system32\GigabyteDownloadAssistant.exe 2023-12-11 18:19 - 2023-07-12 12:22 - 000875536 _____ C:\WINDOWS\system32\wpbbin.exe 2023-12-11 18:19 - 2023-07-12 12:22 - 000861328 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\system32\GigabyteUpdateService.exe 2023-12-11 18:19 - 2023-07-12 12:22 - 000012288 ___SH C:\DumpStack.log.tmp 2023-12-11 18:19 - 2022-05-07 02:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2023-12-11 18:12 - 2022-05-07 02:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2023-12-11 18:10 - 2023-08-19 12:17 - 000000000 ____D C:\Users\Spider Build\AppData\Local\CrashDumps 2023-12-11 18:10 - 2023-08-14 14:54 - 000000000 ____D C:\WINDOWS\Minidump 2023-12-11 18:10 - 2023-07-15 15:59 - 000000000 ___DC C:\WINDOWS\Panther 2023-12-11 17:40 - 2023-07-15 17:03 - 000000000 ____D C:\Users\Spider Build\AppData\Roaming\Microsoft\Spelling 2023-12-11 12:47 - 2023-07-15 17:04 - 000000000 ____D C:\Users\nx.nx 2023-12-11 12:42 - 2022-05-07 02:17 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-12-11 12:39 - 2022-05-07 02:24 - 000000000 ___HD C:\Program Files\WindowsApps 2023-12-11 12:29 - 2023-07-12 12:40 - 000000000 ____D C:\Users\Spider Build\AppData\Local\PlaceholderTileLogoFolder 2023-12-11 12:29 - 2023-07-12 12:38 - 000000000 ____D C:\Users\Spider Build\AppData\Local\Packages 2023-12-11 12:29 - 2023-07-12 12:38 - 000000000 ____D C:\ProgramData\Packages 2023-12-11 00:27 - 2023-07-15 05:16 - 000000000 ____D C:\Users\Spider Build\AppData\Local\Vivox 2023-12-10 23:37 - 2023-07-14 17:15 - 000000000 ____D C:\ProgramData\Riot Games 2023-12-08 23:52 - 2023-07-12 12:23 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-12-08 21:53 - 2023-07-12 12:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2023-12-08 21:48 - 2023-09-26 17:36 - 000000000 ____D C:\Users\Spider Build\Downloads\Vue 2023-12-08 21:48 - 2023-08-28 17:48 - 000000000 ____D C:\Users\Spider Build\Downloads\Libros 2023-12-08 21:48 - 2023-07-12 12:38 - 000000000 ___SD C:\Users\Spider Build\AppData\Roaming\Microsoft\Protect 2023-12-06 19:57 - 2023-07-14 16:17 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-12-06 19:52 - 2023-07-15 17:06 - 000003928 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{FB79D144-84E3-48CE-B76F-37AD7942C75C} 2023-12-06 19:52 - 2023-07-15 17:06 - 000003804 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{7552BFE5-3D45-493B-9919-0D89B727B300} 2023-12-06 00:19 - 2023-11-07 13:13 - 002754152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll 2023-12-06 00:19 - 2023-11-07 13:13 - 000634880 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll 2023-12-06 00:19 - 2023-11-07 13:13 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_3.dll 2023-12-06 00:19 - 2023-11-07 13:13 - 000214632 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll 2023-12-06 00:19 - 2023-11-07 13:13 - 000194040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll 2023-12-06 00:19 - 2023-11-07 13:13 - 000145000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll 2023-12-06 00:19 - 2023-11-07 13:13 - 000095848 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe 2023-12-06 00:19 - 2023-11-07 13:13 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe 2023-11-29 09:41 - 2023-07-12 12:38 - 000000000 ____D C:\Users\Spider Build\AppData\Local\D3DSCache 2023-11-23 11:28 - 2023-10-10 11:11 - 000000000 ____D C:\Users\Spider Build\Downloads\Martina 2023-11-16 21:45 - 2023-08-20 15:58 - 000000000 ____D C:\Users\Spider Build\AppData\Local\Steam 2023-11-15 20:11 - 2023-10-11 20:23 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView 2023-11-15 20:11 - 2023-07-15 17:03 - 000295688 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-11-15 20:11 - 2023-07-15 11:54 - 000000000 ____D C:\WINDOWS\system32\Drivers\es-MX 2023-11-15 20:11 - 2022-05-07 07:28 - 000000000 ___SD C:\WINDOWS\system32\AppV 2023-11-15 20:11 - 2022-05-07 07:20 - 000000000 ____D C:\WINDOWS\SysWOW64\es 2023-11-15 20:11 - 2022-05-07 07:20 - 000000000 ____D C:\WINDOWS\system32\es 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ___SD C:\WINDOWS\system32\UNP 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\UUS 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SystemResources 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\vi-VN 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\setup 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\migwiz 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\id-ID 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\gl-ES 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\eu-ES 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\et-EE 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\es-MX 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\Dism 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\DDFs 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\ca-ES 2023-11-15 20:11 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\appraiser 2023-11-15 20:10 - 2022-05-07 07:28 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2023-11-15 20:10 - 2022-05-07 02:24 - 000000000 ___RD C:\WINDOWS\PrintDialog 2023-11-15 20:10 - 2022-05-07 02:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2023-11-15 20:10 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\ShellExperiences 2023-11-15 20:10 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\ShellComponents 2023-11-15 20:10 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\Provisioning 2023-11-15 20:10 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\DiagTrack 2023-11-15 20:10 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\bcastdvr 2023-11-15 20:10 - 2022-05-07 02:24 - 000000000 ____D C:\Program Files\Common Files\System 2023-11-15 20:10 - 2022-05-07 02:17 - 000000000 ____D C:\WINDOWS\servicing 2023-11-15 10:41 - 2022-05-07 02:24 - 000000000 ____D C:\ProgramData\USOPrivate 2023-11-15 10:33 - 2023-07-12 12:50 - 000000000 ____D C:\WINDOWS\system32\MRT 2023-11-15 10:32 - 2023-07-12 12:50 - 182871392 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2023-11-15 10:32 - 2022-05-07 07:28 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll 2023-11-15 10:32 - 2022-05-07 02:25 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll 2023-11-15 10:32 - 2022-05-07 02:25 - 000076800 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll 2023-11-15 10:32 - 2022-05-07 02:24 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2023-11-15 10:32 - 2022-05-07 02:24 - 000118784 _____ (Khronos Group) C:\WINDOWS\system32\opencl.dll 2023-11-15 10:29 - 2023-07-15 17:04 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2023-11-11 13:41 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\ServiceState

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Modusinoperandi · 12 Diciembre, 2023 00:28

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 10-12-2023
Ejecutado por Spider Build (11-12-2023 21:13:12)
Ejecutado desde C:\Users\Spider Build\Desktop
Microsoft Windows 11 Pro Versión 22H2 22621.2715 (X64) (2023-07-15 20:06:10)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================


(Si una entrada es incluida en el fixlist, será eliminada.)

Administrador (S-1-5-21-2003286275-1029051536-776888162-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2003286275-1029051536-776888162-503 - Limited - Disabled)
Invitado (S-1-5-21-2003286275-1029051536-776888162-501 - Limited - Disabled)
nx (S-1-5-21-2003286275-1029051536-776888162-1003 - Administrator - Enabled) => C:\Users\nx
Spider Build (S-1-5-21-2003286275-1029051536-776888162-1001 - Administrator - Enabled) => C:\Users\Spider Build
WDAGUtilityAccount (S-1-5-21-2003286275-1029051536-776888162-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Malwarebytes (Disabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Panda Dome (Disabled - Up to date) {E18DAE3C-0817-EA74-9F24-3E92157CCE76}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 4.09.21.138 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.19.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 22.20.24 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{e455060c-4aab-450b-84bd-ab13c2920456}) (Version: 4.09.21.138 - Advanced Micro Devices, Inc.) Hidden
APP Center (HKLM-x32\...\{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.22.1031.1 - Gigabyte) Hidden
APP Center (HKLM-x32\...\InstallShield_{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.22.1031.1 - Gigabyte)
CCleaner (HKLM\...\CCleaner) (Version: 6.18 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 120.0.6099.71 - Google LLC)
League of Legends (HKU\S-1-5-21-2003286275-1029051536-776888162-1001\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
Malwarebytes version 4.6.7.301 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.7.301 - Malwarebytes)
Microsoft .NET Host - 6.0.24 (x64) (HKLM\...\{D3A225CD-8D33-41B4-A171-BD75FA1CBC43}) (Version: 48.96.4014 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.24 (x64) (HKLM\...\{1FACB768-CB68-43B5-BB26-1898E1959990}) (Version: 48.96.4014 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.24 (x64) (HKLM\...\{666FEAD5-547D-451D-B0A7-4DCB3648D53D}) (Version: 48.96.4014 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.61 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 (HKLM-x32\...\{69BCE4AC-9572-3271-A2FB-9423BDA36A43}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 (HKLM-x32\...\{BBF2AC74-720C-3CB3-8291-5E34039232FA}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-2003286275-1029051536-776888162-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.83.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.24 (x64) (HKLM\...\{956E923F-CC4F-423A-BE6C-18F5FA7D8D5B}) (Version: 48.96.4015 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.24 (x64) (HKLM-x32\...\{09d31d87-6c77-48e4-a640-870603e16c20}) (Version: 6.0.24.33018 - Microsoft Corporation)
NoMachine (HKLM\...\NoMachine_is1) (Version: 8.10.1 - NoMachine S.a.r.l.)
Panda Devices Agent (HKLM-x32\...\{DB0164A2-ADE9-4FEE-B080-D506BDD6427F}) (Version: 1.08.09 - Panda Security) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.09 - Panda Security) Hidden
Panda Dome (HKLM\...\{0D347763-D316-459F-A25D-3DBEF3B2A7CE}) (Version: 12.02.10 - Panda Security) Hidden
Panda Dome (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 22.00.01.0000 - Panda Security)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9313.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.56.119.2022 - Realtek)
Riot Client  (HKU\S-1-5-21-2003286275-1029051536-776888162-1001\...\Riot Game Riot_Client.) (Version:  - Riot Games, Inc)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TEKKEN 7 Deluxe Edition MULTi11 - ElAmigos version 4.20 (HKLM-x32\...\{6A5D71D7-EE7F-48E3-9AD6-D05D354050B7}_is1) (Version: 4.20 - Bandai Namco Entertainment)
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.61 - Microsoft Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 6.22 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.22.0 - win.rar GmbH)

Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m [2023-07-29] (Advanced Micro Devices Inc.) [Startup Task]
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.700.323.0_x64__8wekyb3d8bbwe [2023-11-23] (Microsoft Corporation)
Ink.Handwriting.es-ES.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.es-ES.1.0_0.237.110.0_x64__8wekyb3d8bbwe [2023-12-11] (Microsoft Corporation)
Ink.Handwriting.es-ES.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.es-ES.1.0_0.237.110.0_x86__8wekyb3d8bbwe [2023-12-11] (Microsoft Corporation)
Ink.Handwriting.Main.es-ES.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.Main.es-ES.1.0_0.237.110.0_x64__8wekyb3d8bbwe [2023-12-11] (Microsoft Corporation)
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.4.10270.0_x64__8wekyb3d8bbwe [2023-11-09] (Microsoft Studios) [MS Ad]
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_2.8.10203.0_x64__8wekyb3d8bbwe [2023-11-01] (Microsoft Studios) [MS Ad]
Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2023-11-15] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.32.261.0_x64__dt26b99r8h8gj [2023-07-12] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11210.0_x64__8wekyb3d8bbwe [2023-12-11] (Microsoft Studios) [MS Ad]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2348.4.0_x64__cv1g1gvanyjgm [2023-12-08] (WhatsApp Inc.) [Startup Task]
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2023-11-15] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2023-07-17] (win.rar GmbH)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2023-01-02] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-05-29] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-05-29] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-12-11] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} =>  -> Ningún archivo
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2023-01-02] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-12-11] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2023-01-02] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-05-29] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-05-29] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\Spider Build\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) ->  --load-extension="C:\Users\Spider Build\AppData\Local\Default"
ShortcutWithArgument: C:\Users\Spider Build\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) ->  --load-extension="C:\Users\Spider Build\AppData\Local\Default"

==================== Módulos cargados (Lista blanca) =============

2023-11-07 13:13 - 2023-12-06 00:19 - 000634880 _____ (Microsoft Corporation) [Archivo no firmado] C:\WINDOWS\SYSTEM32\gameplatformservices.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\Users\Spider Build\Desktop\adwcleaner.exe:MBAM.Zone.Identifier [140]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========


==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2019-12-07 06:14 - 2019-12-07 06:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKU\S-1-5-21-2003286275-1029051536-776888162-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Spider Build\Downloads\Walls\pexels-irina-iriser-785293.jpg
HKU\S-1-5-21-2003286275-1029051536-776888162-1003\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [UDP Query User{573CFB4A-53E4-4406-A21E-EBC38614E2FB}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{AFEE4BE5-FA4F-44E2-9D09-8B91C11EB6BE}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{0425FD38-CB4C-42F8-B79C-124D9719F3D8}] => (Allow) C:\Program Files\NoMachine\bin\nxrunner.bin (NoMachine S.a.r.l. -> NoMachine)
FirewallRules: [{F0B951D6-5038-4BFC-A282-73F936CBF02C}] => (Allow) C:\Program Files\NoMachine\bin\nxrunner.bin (NoMachine S.a.r.l. -> NoMachine)
FirewallRules: [{DFA05C39-B281-4618-8EF8-41C84AA9E1C2}] => (Allow) C:\Program Files\NoMachine\bin\nxnode.bin (NoMachine S.a.r.l. -> NoMachine)
FirewallRules: [{2B746A76-8C07-48A8-8585-D6C49D6FDE89}] => (Allow) C:\Program Files\NoMachine\bin\nxnode.bin (NoMachine S.a.r.l. -> NoMachine)
FirewallRules: [{BB2069CB-56DC-4334-B75D-540CA40D95A5}] => (Allow) C:\Program Files\NoMachine\bin\nxserver.bin (NoMachine S.a.r.l. -> NoMachine)
FirewallRules: [{5F2BC2AF-E5B1-4288-B2D6-1500CBACB22E}] => (Allow) C:\Program Files\NoMachine\bin\nxserver.bin (NoMachine S.a.r.l. -> NoMachine)
FirewallRules: [{C0C1CFF4-EA63-45CF-A6DD-9FFC0A4098D2}] => (Allow) C:\Program Files\NoMachine\bin\nxd.exe (NoMachine S.a.r.l. -> NoMachine)
FirewallRules: [{26C0B4E3-E647-4337-845C-D14C6608A612}] => (Allow) C:\Program Files\NoMachine\bin\nxd.exe (NoMachine S.a.r.l. -> NoMachine)
FirewallRules: [{8BFBDF20-8CFB-4558-9175-5CD066D390E6}] => (Allow) C:\Program Files\NoMachine\bin\nxplayer.bin (NoMachine S.a.r.l. -> NoMachine)
FirewallRules: [{D4B03539-09D2-4F40-BD97-21D83CE6C73C}] => (Allow) C:\Program Files\NoMachine\bin\nxplayer.bin (NoMachine S.a.r.l. -> NoMachine)
FirewallRules: [{A080D56B-78D1-45E6-8546-F943EFF37C20}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{72971964-805D-4AE1-B678-178B08AC662D}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{D77F8248-3645-494E-B71E-A59C2EBEE29A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BA4C4FE6-7E66-4C27-AD98-336CC41E2463}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C0747A85-652B-406E-9A0E-E23277F5EF2D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{CC1DD498-8640-4036-80EB-7B7F5EAEE821}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{83F24739-A43B-425F-B6F3-497DD6D1701E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Universe Sandbox 2\Universe Sandbox x64.exe () [Archivo no firmado]
FirewallRules: [{7FEDFBBC-9797-412A-8BCD-F5759447786E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Universe Sandbox 2\Universe Sandbox x64.exe () [Archivo no firmado]
FirewallRules: [{3840769A-54FB-45E9-B3A1-BE474B05CE05}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23231.411.2342.9597_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{232D44BD-0342-41AD-9BF0-D51E21FF7927}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23231.411.2342.9597_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6B19F05C-631A-4690-BE31-00ADBC4BAFFD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.103.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{46BC747A-FB54-4C35-BA6D-53BA18085C01}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.103.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{48486B62-8052-459B-86C0-0CD0935D462A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.103.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C1F41A09-25D2-4D2F-AA71-FC88CC255351}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.103.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{2453D6A6-4C58-41ED-8CE2-74CB15AE4659}C:\users\spider build\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\spider build\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{2A5A6D01-580F-4E0C-AED7-B7E8A0D0ABAD}C:\users\spider build\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\spider build\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{422E9299-8A0D-45F7-B557-F1EC8899F9FD}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{CC3B2BF0-BB87-4457-B854-145ACDE374DB}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.61\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Puntos de Restauración =========================

08-12-2023 21:55:08 {5d890c89-a27c-4248-85b5-c3cab119a638}

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: NoMachine Microphone Adapter
Description: NoMachine Microphone Adapter
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NoMachine
Service: nxaudio
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (12/11/2023 12:46:41 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (12/11/2023 12:46:41 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (12/11/2023 12:46:41 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (12/11/2023 12:46:41 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (12/11/2023 12:39:49 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: El programa PhoneExperienceHost.exe versión 1.23092.158.0 dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre este problema, comprueba el historial de problemas en el panel de control de Seguridad y mantenimiento.

Error: (12/09/2023 12:14:40 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Error al generar el contexto de activación para "c:\d.exe". Error en el archivo de manifiesto o directiva "c:\d.exe" en la línea 0.
Sintaxis XML no válida.

Error: (12/09/2023 12:14:40 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Error al generar el contexto de activación para "c:\c.exe". Error en el archivo de manifiesto o directiva "c:\c.exe" en la línea 0.
Sintaxis XML no válida.

Error: (12/09/2023 12:14:40 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Error al generar el contexto de activación para "c:\b.exe". Error en el archivo de manifiesto o directiva "c:\b.exe" en la línea 0.
Sintaxis XML no válida.


Errores del sistema:
=============
Error: (12/11/2023 09:10:24 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-JOAB8PM)
Description: No se puede iniciar un servidor DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Error 
"2147942767"
al iniciar este comando:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (12/11/2023 08:49:49 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JOAB8PM)
Description: El servidor {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (12/11/2023 08:47:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Steam Client Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (12/11/2023 08:47:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NoMachine Device Server terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 5000 milisegundos: Reiniciar el servicio.

Error: (12/11/2023 08:47:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Panda Devices Agent terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 300000 milisegundos: Reiniciar el servicio.

Error: (12/11/2023 08:47:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Realtek Audio Universal Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (12/11/2023 08:47:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio GIGABYTE Update Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (12/11/2023 08:47:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio GIGABYTE Adjust se terminó de manera inesperada. Esto ha sucedido 1 veces.


Windows Defender:
================
Date: 2023-08-28 20:09:06
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {9A241AA6-1D11-4A49-BD57-475EDA654B02}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM 

Date: 2023-08-27 19:56:32
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {C1E1DF6A-C779-45B6-8733-8D6F26F8760C}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM 

Date: 2023-07-21 11:23:59
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {B62A9129-6D82-4199-869D-F535DD1655D8}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM 

CodeIntegrity:
===============
Date: 2023-12-11 21:08:49
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. 


==================== Información de la memoria =========================== 

BIOS: American Megatrends International, LLC. F64a 02/09/2023
Placa base: Gigabyte Technology Co., Ltd. B450M DS3H V2
Procesador: AMD Ryzen 5 5600G with Radeon Graphics 
Porcentaje de memoria en uso: 28%
RAM física total: 15739.43 MB
RAM física disponible: 11325.79 MB
Virtual total: 16763.43 MB
Virtual disponible: 11224.39 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:465.01 GB) (Free:262.2 GB) (Model: CT500P3SSD8) NTFS

\\?\Volume{246487d0-6a7a-4d6c-8df7-133aec2ccf4b}\ () (Fixed) (Total:0.63 GB) (Free:0.07 GB) NTFS
\\?\Volume{efad9e44-a188-446d-ac84-5101763faa4a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Final de Addition.txt =======================

MIXU · 6 Enero, 2024 15:54

Hola buenas @Modusinoperandi

Primero de todo, disculpa en que no hayas recibido respuesta/ayuda en tu tema.

¿Sigues necesitando ayuda acerca del problema qué comentaste inicialmente en este tema?

Si es así, dímelo y por mi parte a partir del 16 de Enero podré seguir atendiendo tu caso. Puede que antes, pero el 16 de Enero. Seguro.

Debo decirte que este tipo de malware si no es con FARBAR o similares, la gran mayoría de veces no puede eliminarse así como así y tiene su dificultad.

Salu2.