hola hace unos dias mi cuenta de istagram correo facebook etc fueron hackeadas, pero no fueron todas a la vez. era como por partes un dia facebook otro instagram y finalmente el correo.

También me paso que se bajo solo de yotube un archivo llamado see o wach sin extension.

El caso que pase el windows defender y se bloqueo en un analisis manual al tratar de eliminar o desinfectar solo sin pedir ninguna accion, un archivo que tenia algun virus ya que me lo habia bajado como otro nombre y tenia programas y utilidades para rootear moviles y parece que herramientas de hacking para móviles. windows defender nunca me analizo los archivos descargados windows defender se bloqueo y no volvio arrancar mas, ni la proteccion contra virus , ni la del navegador y aplicaciones.

instale el avast despues le pase disco de rescate de kapersky

Me detectaron estos virus aparte de una coleccion enorme en el archivo winrar que nunca fue abierto.

trojanwin32-vbcyptmsr en un pdf malware-gen trjt este en un video vbs:dropper-dv trj esto no lo recuerdo

Estoy seguro que abierto el un video bajado de internet y el pdf que no recuerdo que hay pero seguro que lo he abierto.

Estos dos archivos los habré bajado y abierto hace 2 años el pdf recientemente por que hice una limpia de pdf hace poco.

Me preocupa que windows defender no los haya detectado en varios años.

Me baje algunos archivos de internet y tengo varios discos duros con copias de seguridad por lo que es posible que tenga esos archivos duplicados en varios sitios

He cambiado de disco duro por que el que tenia era un m2 ya que ponia que su salud estaba al 20% y necesito un adaptador m2 a sata para poder conectarlo en el pc que voy a usar para desinfectar todo. antes de rescatar algunos archivos que necesito.

como no puedo hacerlo?.

todo a la vez me es imposible conectar todos los usb que tengo discos duros internos y externos en este pc.

En estos discos duros habra alguna instalacion de windows ya que en algun momento pase de disco duro normal a ssd y de ssd a m2 usándose estos archivos como copias de seguridad de lo que tuvieran.

Debería repetir el proceso varias veces completo no solo analizar las unidades exteriores o internas recién conectadas?

un saludo gracias

Hola @pilu y bienvenidos al foro.

Veamos qué está pasando con el sistema. Comience con los siguientes escáneres:

Descarga DoesNotBelong a tu escritorio

• Desactiva tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.

• Ejecuta DoesNotBelong.exe (Presiona clic derecho y selecciona “Ejecutar como Administrador.”)

• Aceptas los disclaimers que aparezcan.

• Esperas que termine.

• Al finalizar generara un reporte que deberás pegar en tu próxima respuesta.

Por favor, descargue Farbar Recovery Scan Tool de acuerdo a su tipo de sistema y guárdelo en el Escritorio del sistema.

¿Cómo saber si mi Windows es de 32 o 64 bits?

• Haga clic con el botón derecho sobre él y seleccionar “Ejecutar como Administrador”, para ejecutar la herramienta con permisos de administrador.

• Cuando la herramienta se abra, haga clic en Sí para aceptar el Disclaimer/ Descargo de responsabilidad.

• Haga clic en el botón Scan (Analizar) y espere a que termine.

• La herramienta creará dos informes FRST.txt y Addition.txt ubicados en el mismo directorio desde el que se ejecuta la herramienta.

• Por favor, traiga el contenido de estos reportes en su próxima respuesta.

• Activa de nuevo tu antivirus y cualquier programa de seguridad que tengas activado.

¿Como Pegar Reportes en el Foro?

Saludos

gracias me pongo a ello

al intentar descargar el furtivex

me dice esto

Su conexión no es privada.

Es posible que los atacantes estén intentando robar su información de furtivex.net (por ejemplo contraseñas, mensajes o tarjetas de crédito). Más información sobre esta advertencia

net::ERR_CERT_AUTHORITY_INVALID

lo descargo?

@pilu Hola

Sí, continúe. Es un falso positivo del software de seguridad

Saludos

perdona me es imposible descargarlo me bloquea la web la operadora.

Secure Net ha bloqueado el contenido.

El contenido de furtivex.net se ha considerado inseguro. Secure Net te recomienda cerrar esta página y seguir navegando.

me lo puedo bajar de otro sitio¿?

@pilu Hola

¿No hay forma de deshabilitar SecureNet? Puede probar desde el modo seguro con funciones de red.

El enlace espejo está aquí: Downloads - DoesNotBelong - Download Now - ToolsLib

Si continúa dándole problemas, pase a los siguientes pasos, por favor

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 31-07-2025
Ejecutado por carlos (administrador) sobre DESKTOP-ED7Q277 (08-08-2025 10:37:18)
Ejecutado desde C:\Users\carlos\Downloads\FRST64 (1).exe
Perfiles cargados: carlos
Plataforma: Microsoft Windows 10 Pro Versión 22H2 19045.6159 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: IE
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Users\carlos\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\carlos\AppData\Local\Programs\Opera\120.0.5543.161\opera_crashreporter.exe
(explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\carlos\AppData\Local\FluxSoftware\Flux\flux.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <57>
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\carlos\AppData\Local\Microsoft\OneDrive\25.137.0715.0001\Microsoft.SharePoint.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Opera Norway AS -> Opera Software) C:\Users\carlos\AppData\Local\Programs\Opera\opera.exe <16>
(services.exe ->) () [Archivo no firmado] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Software Development Products -> ) C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25070.5-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25070.5-0\MsMpEng.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\carlos\AppData\Local\Microsoft\OneDrive\25.137.0715.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(svchost.exe ->) (Skype Software Sarl -> Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [MalTray] => C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe [818640 2016-09-05] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-694184031-744807502-3984899651-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [43984 2016-09-05] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-694184031-744807502-3984899651-1001\...\Run: [f.lux] => C:\Users\carlos\AppData\Local\FluxSoftware\Flux\flux.exe [1528952 2024-02-21] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-694184031-744807502-3984899651-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-10] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-694184031-744807502-3984899651-1001\...\Run: [MicrosoftEdgeAutoLaunch_3CA75B03AE4DE868CF97C700AF7218C3] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4113464 2025-07-31] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\us015PC: C:\Windows\System32\spool\prtprocs\x64\us015pc.dll [52088 2019-08-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\us015 Langmon: C:\WINDOWS\system32\us015lm.dll [31096 2019-08-26] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\138.0.7204.185\Installer\chrmstp.exe [2025-08-08] (Google LLC -> Google LLC)
GroupPolicy: Restricción ? <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) =================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {E633A845-6578-49DB-9B9B-391631C64431} - \Microsoft\Windows\UNP\RunCampaignManager -> Ningún archivo <==== ATENCIÓN
Task: {7E8D95D6-699D-4F57-B9A9-1581517109D8} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3543408 2017-01-13] (Easeware Technology Limited -> Easeware) -> C:\Program Files\Easeware\DriverEasy\--scan
Task: {FAD695D0-5EBF-449E-85FC-53FDE594BAAB} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [134608 2016-09-05] (Glarysoft LTD -> Glarysoft Ltd)
Task: {30118388-989D-4A80-9675-CF3DF839929D} - System32\Tasks\GMHSkipUAC => C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe [2246608 2016-09-05] (Glarysoft LTD -> Glarysoft Ltd)
Task: {783B9E5E-1E63-4087-832B-B42698674FAD} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem140.0.7273.0{53B83AA9-8F6B-4AE6-81E7-0D24A5339E2C} => C:\Program Files (x86)\Google\GoogleUpdater\140.0.7273.0\updater.exe [6836832 2025-07-02] (Google LLC -> Google LLC)
Task: {C367DE30-6D96-410E-92D3-8A2E43BD6F68} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [898000 2016-09-05] (Glarysoft LTD -> Glarysoft Ltd)
Task: {99B20B53-D304-419C-898C-FC49AE2FD32E} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1741576 2016-03-17] (Intel(R) Software -> Intel Corporation)
Task: {7CC5AFF8-D249-4FA5-A90B-A7295FBB33AF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25070.5-0\MpCmdRun.exe [1778240 2025-08-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4BA68E76-0A68-46FD-A92D-CF342EDAD3F9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25070.5-0\MpCmdRun.exe [1778240 2025-08-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BBAD90B8-C6F6-4204-92B3-93BC23369A9E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25070.5-0\MpCmdRun.exe [1778240 2025-08-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E47FAF18-2EE0-4DC3-8115-4F3EBC028A70} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25070.5-0\MpCmdRun.exe [1778240 2025-08-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B517CAEF-C28A-4CD4-BF9D-95773E0247B0} - System32\Tasks\OneDrive Startup Task-S-1-5-21-694184031-744807502-3984899651-1001 => C:\Users\carlos\AppData\Local\Microsoft\OneDrive\25.137.0715.0001\OneDriveLauncher.exe [685456 2025-08-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {6B99556D-7515-4AA6-AA9A-AD8C69440D84} - System32\Tasks\Opera scheduled Autoupdate 1754641062 => C:\Users\carlos\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [6239704 2025-08-06] (Opera Norway AS -> Opera Software)
Task: {E99BDD3E-1C13-4E11-9A73-324AF51E1CAF} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1112576 2016-11-23] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.) -> C:\Program Files (x86)\Samsung\Samsung Magician\\/AUTOHIDE
Task: {827375DB-894F-4440-938B-6F427B99F51D} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\WINDOWS\System32\Wscript.exe [181760 2025-07-21] (Microsoft Windows -> Microsoft Corporation) -> C:\Program Files\Intel\SUR\QUEENCREEK\//B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs"

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{103272b0-a3fa-4b41-b590-38a60f8446ba}: [DhcpNameServer] 212.231.6.7 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{c57a9623-d4d3-42b2-9a62-7dff8da2cf5b}: [DhcpNameServer] 212.166.132.116 212.166.132.104
Tcpip\..\Interfaces\{df4256c1-028e-4ab1-8c62-f787ec1f77a8}: [DhcpNameServer] 192.168.0.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\carlos\AppData\Local\Microsoft\Edge\User Data\Default [2025-08-08]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\carlos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2025-08-07]
Edge Extension: (Documentos de Google sin conexión) - C:\Users\carlos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-07-21]
Edge Extension: (Edge relevant text changes) - C:\Users\carlos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-07-21]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)

Chrome: 
=======
CHR Profile: C:\Users\carlos\AppData\Local\Google\Chrome\User Data\Default [2025-08-07]
CHR Extension: (Presentaciones) - C:\Users\carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-23]
CHR Extension: (Documentos) - C:\Users\carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-23]
CHR Extension: (Google Drive) - C:\Users\carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2025-08-06]
CHR Extension: (Hojas de cálculo) - C:\Users\carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-23]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-08-06]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2025-08-06]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-08-06]
CHR Extension: (Gmail) - C:\Users\carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2025-08-06]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Opera: 
=======
OPR DefaultProfile: Default

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Archivo no firmado]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Archivo no firmado]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9591104 2025-07-21] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-07-21] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25070.5-0\MpDefenderCoreService.exe [2050952 2025-08-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SamsungUPDUtilSvc; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [143664 2021-10-24] (Samsung Electronics CO., LTD. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [918432 2025-07-23] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25070.5-0\NisSrv.exe [4517784 2025-08-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25070.5-0\MsMpEng.exe [282464 2025-08-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Archivo no firmado]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Archivo no firmado]
S3 cpuz150; C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [44832 2021-10-21] (CPUID S.A.R.L.U. -> CPUID) <==== ATENCIÓN
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2016-09-16] (Glarysoft Ltd -> Glarysoft Ltd)
R1 GUSBootStartup; C:\Windows\System32\drivers\GUSBootStartup.sys [20160 2016-09-16] (Glarysoft Ltd -> Glarysoft Ltd)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [332184 2025-08-07] (Microsoft Windows -> Microsoft Corporation)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234072 2025-08-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-07-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [242752 2025-07-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 mi2c; C:\WINDOWS\system32\drivers\mi2c.sys [20784 2019-04-04] (AOC International (Europe) GmbH -> Nicomsoft Ltd.)
S3 UHSfiltv; C:\WINDOWS\system32\drivers\UHSfiltv.sys [32264 2016-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
R3 vjoy; C:\WINDOWS\System32\drivers\vjoy.sys [56440 2016-09-21] (Shaul Eizikovich -> Shaul Eizikovich)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20888 2025-08-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [627120 2025-08-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [101792 2025-08-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2025-08-08 10:37 - 2025-08-08 10:37 - 000018601 _____ C:\Users\carlos\Downloads\FRST.txt
2025-08-08 10:37 - 2025-08-08 10:37 - 000000000 ____D C:\FRST
2025-08-08 10:36 - 2025-08-08 10:36 - 002409472 _____ (Farbar) C:\Users\carlos\Downloads\FRST64 (1).exe
2025-08-08 10:19 - 2025-08-08 10:19 - 003158264 _____ (Furtivex) C:\Users\carlos\Desktop\does-not-belong_8.8.0.exe
2025-08-08 10:17 - 2025-08-08 10:17 - 000004282 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1754641062
2025-08-08 10:17 - 2025-08-08 10:17 - 000001393 _____ C:\Users\carlos\Desktop\Navegador Opera.lnk
2025-08-08 10:17 - 2025-08-08 10:17 - 000001383 _____ C:\Users\carlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2025-08-08 10:17 - 2025-08-08 10:17 - 000000000 ____D C:\Users\carlos\AppData\Roaming\Opera Software
2025-08-08 10:17 - 2025-08-08 10:17 - 000000000 ____D C:\Users\carlos\AppData\Local\Opera Software
2025-08-08 10:16 - 2025-08-08 10:17 - 002653064 _____ () C:\Users\carlos\Downloads\OperaSetup.exe
2025-08-07 12:00 - 2025-08-07 12:00 - 002409472 _____ (Farbar) C:\Users\carlos\Downloads\Sin confirmar 822156.crdownload
2025-08-06 16:49 - 2025-08-06 16:50 - 002409472 _____ (Farbar) C:\Users\carlos\Downloads\FRST64.exe
2025-07-24 17:25 - 2025-07-24 17:25 - 000000000 ____D C:\Users\carlos\Downloads\_falta mirar
2025-07-24 16:52 - 2025-07-24 17:28 - 000000000 ____D C:\Users\carlos\Desktop\_guardar quizas
2025-07-23 10:37 - 2025-07-23 10:37 - 000023734 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-07-23 10:37 - 2025-07-23 10:37 - 000023734 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-07-22 08:30 - 2025-07-22 08:38 - 000000000 ____D C:\ESD
2025-07-22 08:28 - 2025-07-22 08:28 - 000000000 ___HD C:\$Windows.~WS
2025-07-22 08:28 - 2025-07-22 08:28 - 000000000 ____D C:\$WINDOWS.~BT
2025-07-21 17:03 - 2025-08-08 10:26 - 000000000 ____D C:\Users\carlos\AppData\Local\Malwarebytes
2025-07-21 17:03 - 2025-07-21 17:03 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-07-21 17:03 - 2025-07-21 17:03 - 000002081 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2025-07-21 17:02 - 2025-07-21 17:02 - 002827496 _____ (Malwarebytes) C:\Users\carlos\Downloads\MBSetup.exe
2025-07-21 17:02 - 2025-07-21 17:02 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-07-21 17:02 - 2025-07-21 17:02 - 000000000 ____D C:\Program Files\Malwarebytes
2025-07-21 16:39 - 2025-08-06 16:41 - 000003566 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-694184031-744807502-3984899651-1001
2025-07-21 16:33 - 2025-07-24 17:30 - 000000000 ____D C:\WINDOWS\system32\compatrel
2025-07-21 16:33 - 2025-07-21 16:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\mde
2025-07-21 16:33 - 2025-07-21 16:33 - 000000000 ____D C:\WINDOWS\InboxApps
2025-07-21 16:33 - 2025-07-21 16:33 - 000000000 ____D C:\inetpub
2025-07-21 16:17 - 2025-07-21 16:19 - 000000000 ___HD C:\$WinREAgent
2025-07-21 16:14 - 2025-07-21 16:14 - 000000000 ____D C:\Program Files\PCHealthCheck
2025-07-21 16:10 - 2025-07-21 16:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2025-07-21 15:09 - 2025-07-21 17:00 - 000000000 ____D C:\KRD2024_Data

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2025-08-08 10:36 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-08-08 10:36 - 2018-02-25 20:39 - 000000000 ____D C:\Users\carlos\AppData\Local\Packages
2025-08-08 10:20 - 2021-10-16 20:09 - 001774682 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-08-08 10:20 - 2019-12-07 16:55 - 000788386 _____ C:\WINDOWS\system32\perfh00A.dat
2025-08-08 10:20 - 2019-12-07 16:55 - 000155774 _____ C:\WINDOWS\system32\perfc00A.dat
2025-08-08 10:20 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2025-08-08 10:19 - 2016-09-14 13:31 - 000000000 ____D C:\Users\carlos\AppData\Roaming\Skype
2025-08-08 10:17 - 2022-01-06 11:34 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-08-08 10:17 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-08-08 10:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-08-08 10:16 - 2016-09-16 15:50 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5
2025-08-08 10:16 - 2016-09-16 12:44 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-08-08 10:16 - 2016-09-16 12:44 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-08-08 10:16 - 2016-09-13 18:32 - 000000000 __SHD C:\Users\carlos\IntelGraphicsProfiles
2025-08-07 12:14 - 2021-10-16 20:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-08-07 12:14 - 2021-10-16 19:48 - 000008192 ___SH C:\DumpStack.log.tmp
2025-08-07 12:14 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-08-07 11:59 - 2021-10-16 19:49 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-08-07 11:59 - 2021-10-16 19:49 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-08-07 11:58 - 2021-10-21 13:03 - 000003708 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-08-07 11:58 - 2021-10-21 13:03 - 000003612 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7c2b8522d1e66
2025-08-07 11:58 - 2018-02-27 21:36 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-08-06 16:41 - 2021-12-11 14:52 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-694184031-744807502-3984899651-1001
2025-08-06 16:41 - 2021-10-16 20:06 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-694184031-744807502-3984899651-1001
2025-08-06 16:41 - 2021-10-16 17:53 - 000002416 _____ C:\Users\carlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-08-06 16:40 - 2021-10-16 19:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-08-06 16:26 - 2016-09-26 19:31 - 000000000 ____D C:\Program Files (x86)\StarsHelper
2025-08-05 11:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2025-07-24 17:30 - 2021-10-16 19:48 - 000314464 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-07-24 17:30 - 2019-12-07 16:58 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-07-24 17:30 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-07-24 17:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2025-07-24 17:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-07-24 17:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-07-24 17:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-07-24 17:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-07-24 17:30 - 2016-09-26 23:21 - 000000000 ____D C:\Program Files (x86)\winrar
2025-07-24 17:25 - 2016-09-23 11:50 - 000000000 ____D C:\recuperado
2025-07-24 16:54 - 2022-05-25 09:54 - 000000000 ____D C:\Users\carlos\Desktop\usb negro 2022
2025-07-24 16:40 - 2017-01-01 14:57 - 000000000 ____D C:\spins
2025-07-24 16:33 - 2016-09-14 13:42 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2025-07-23 10:39 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-07-23 10:36 - 2021-10-16 20:02 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-07-23 10:15 - 2021-10-16 20:06 - 000000000 ____D C:\ProgramData\Packages
2025-07-22 08:38 - 2021-10-16 16:58 - 000000000 ___DC C:\WINDOWS\Panther
2025-07-21 17:03 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-07-21 16:39 - 2021-10-23 17:51 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2025-07-21 16:39 - 2021-10-16 16:27 - 000000000 ____D C:\Program Files\ruxim
2025-07-21 16:39 - 2017-10-02 19:22 - 000000000 ____D C:\Program Files\rempl
2025-07-21 16:38 - 2017-03-29 21:20 - 000002161 _____ C:\Users\carlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
2025-07-21 16:34 - 2019-12-07 16:56 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-07-21 16:34 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\SysWOW64\es
2025-07-21 16:34 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\system32\es
2025-07-21 16:34 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2025-07-21 16:34 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2025-07-21 16:34 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2025-07-21 16:34 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-07-21 16:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-07-21 16:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-07-21 16:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2025-07-21 16:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-07-21 16:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2025-07-21 16:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2025-07-21 16:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2025-07-21 16:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2025-07-21 16:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2025-07-21 16:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-07-21 16:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2025-07-21 16:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2025-07-21 16:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-07-21 16:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-07-21 16:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2025-07-21 16:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2025-07-21 16:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-07-21 16:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2025-07-21 16:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-07-21 16:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-07-21 16:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2025-07-21 16:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2025-07-21 16:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2025-07-21 16:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2025-07-21 16:33 - 2019-12-07 16:58 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2025-07-21 16:33 - 2019-12-07 16:58 - 000000000 ___SD C:\WINDOWS\system32\AppV
2025-07-21 16:33 - 2019-12-07 16:58 - 000000000 ____D C:\Program Files\Windows Portable Devices
2025-07-21 16:33 - 2019-12-07 16:58 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2025-07-21 16:33 - 2019-12-07 16:58 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2025-07-21 16:33 - 2019-12-07 16:58 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2025-07-21 16:33 - 2019-12-07 16:58 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2025-07-21 16:33 - 2019-12-07 16:58 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2025-07-21 16:33 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2025-07-21 16:33 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2025-07-21 16:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemApps
2025-07-21 16:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-07-21 16:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2025-07-21 16:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Com
2025-07-21 16:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2025-07-21 16:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-07-21 16:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-07-21 16:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2025-07-21 16:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-07-21 16:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\IME
2025-07-21 16:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2025-07-21 16:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2025-07-21 16:33 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate
2025-07-21 16:33 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender
2025-07-21 16:33 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2025-07-21 16:33 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2025-07-21 16:33 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2025-07-21 16:30 - 2019-12-07 16:58 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2025-07-21 16:30 - 2019-12-07 16:58 - 000020827 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2025-07-21 16:30 - 2019-12-07 11:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2025-07-21 16:30 - 2019-12-07 11:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2025-07-21 16:14 - 2021-11-04 00:47 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2025-07-21 16:11 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2025-07-21 16:11 - 2016-09-13 18:13 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-07-21 16:10 - 2016-09-16 12:41 - 000000000 ____D C:\Program Files (x86)\Google
2025-07-21 16:08 - 2016-09-13 18:14 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2025-07-21 16:08 - 2016-09-13 18:13 - 216824056 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-07-21 15:58 - 2021-10-21 12:47 - 000000000 ____D C:\Users\carlos\AppData\Roaming\MetaQuotes

==================== Archivos en la raíz de algunos directorios ========

2016-09-26 09:47 - 2016-09-26 09:47 - 000000000 _____ () C:\Program Files (x86)\Common Files\AMD
2022-05-25 13:19 - 2022-05-25 13:19 - 000000028 _____ () C:\Users\carlos\AppData\Roaming\iso2usb.ini
2017-01-01 01:53 - 2017-01-01 01:53 - 000007655 _____ () C:\Users\carlos\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

el Downloads - DoesNotBelong - Download Now - ToolsLib lo consegui descargar con opera pero al abrirlo no hace nada despues de aceptar los disclamer se abre una ventana ventana azul que pone descargando archivos .y se cierra. Lo ejecute como administrador . Estoy haciendo algo mal?

Este es el ordenador secundario donde e conectado los discos duros de datos que tenia en el principal, aunque me falta el disco ssd M2 que no puedo conectarlo ya que me tiene que llegar una caja adaptador.

saludos gracias

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 31-07-2025
Ejecutado por carlos (08-08-2025 10:38:56)
Ejecutado desde C:\Users\carlos\Downloads
Microsoft Windows 10 Pro Versión 22H2 19045.6159 (X64) (2021-10-16 18:06:13)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

(Si una entrada es incluida en el fixlist, será eliminada.)

Administrador (S-1-5-21-694184031-744807502-3984899651-500 - Administrator - Disabled)
carlos (S-1-5-21-694184031-744807502-3984899651-1001 - Administrator - Enabled) => C:\Users\carlos
DefaultAccount (S-1-5-21-694184031-744807502-3984899651-503 - Limited - Disabled)
Invitado (S-1-5-21-694184031-744807502-3984899651-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-694184031-744807502-3984899651-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

. . . (HKLM\...\{FDF43F53-B12C-41F4-B248-F67CE924E7D7}) (Version: 2.1.28.3 - Intel) Hidden
. . . (HKLM-x32\...\{4A7F2465-EAE2-4A22-9842-2A0F537F243E}) (Version: 2.6.2.4 - Intel) Hidden
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Catalyst Control Center - Branding (HKLM-x32\...\{11087D24-567D-7D88-69C6-D7A08B5F4C47}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Comprobación de estado de PC Windows (HKLM\...\{8B474A92-CE3A-4F46-B6F1-6DFA1390F826}) (Version: 3.6.2204.08001 - Microsoft Corporation)
CPUID HWMonitor 1.44 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.44 - CPUID, Inc.)
Driver Easy 5.1.6 (HKLM\...\DriverEasy_is1) (Version: 5.1.6 - Easeware)
DriversCloud.com (64 bits) (HKLM\...\{A9EC2C51-B13A-4C0E-8F32-C54A19AD2B3F}) (Version: 10.0.2.0 - Cybelsoft)
f.lux (HKU\S-1-5-21-694184031-744807502-3984899651-1001\...\Flux) (Version: 4.134 - f.lux Software LLC)
Glary Utilities 5.59 (HKLM-x32\...\Glary Utilities 5) (Version: 5.59.0.80 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 138.0.7204.185 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HP USB Disk Storage Format Tool (HKLM-x32\...\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}) (Version:  - )
Intel(R) Chipset Device Software (HKLM\...\{FEBB7B48-CC1C-4A50-A497-FA21413F6BE9}) (Version: 10.1.1.14 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{5D1BFBB8-4923-4388-9559-C86F5D9E2740}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{9ECA1744-4800-4AE2-AC52-9109E24854AA}) (Version: 11.0.6.1194 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{335F9123-9306-4DB0-AF07-9C636317EE9D}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{27DEA29A-222C-45F8-B70D-0A7B303FC71B}) (Version: 12.9.0.1001 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{66e8e99a-eb6f-4403-9fc2-0ddd4d6f353e}) (Version: 2.6.2.4 - Intel)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{7D84E343-A23D-451C-B123-0195B2D903A6}) (Version: 1.42.17.0 - Intel Corporation) Hidden
Malware Hunter 1.19.0.33 (HKLM-x32\...\Malware Hunter) (Version: 1.19.0.33 - Glarysoft Ltd)
Malwarebytes version 5.3.4.202 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.3.4.202 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 138.0.3351.121 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-694184031-744807502-3984899651-1001\...\OneDriveSetup.exe) (Version: 25.137.0715.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 (HKLM-x32\...\{69BCE4AC-9572-3271-A2FB-9423BDA36A43}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 (HKLM-x32\...\{BBF2AC74-720C-3CB3-8291-5E34039232FA}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
OpenOffice 4.1.3 (HKLM-x32\...\{EEA30AEB-8BA7-465B-85D4-098BB99733E7}) (Version: 4.13.9783 - Apache Software Foundation)
Opera Stable 120.0.5543.161 (HKU\S-1-5-21-694184031-744807502-3984899651-1001\...\Opera 120.0.5543.161) (Version: 120.0.5543.161 - Opera Software)
PokerKing (HKLM-x32\...\496A04E7-2038-427a-AA40-B32DDB67EC74) (Version: 16.6 - IGSoft)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.0.0.790 - Samsung Electronics)
Samsung OCR Software (HKLM-x32\...\Samsung OCR Software) (Version: 1.01.23 (22/01/2021) - HP Inc.)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.104 - Skype Technologies S.A.)
SmartControl-4.3.12 (HKLM-x32\...\{3A167B0A-2DED-4C10-BD88-DE2FCE197AA9}) (Version: 4.3.12 - PHL)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{619e726e-d2b4-4e28-9568-c964fd81ee6c}) (Version: 10.1.1.14 - Intel(R) Corporation) Hidden
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.8 - Samsung Electronics CO., LTD.)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{B8D93870-98D1-4980-AFCA-E26563CDFB79}) (Version: 8.94.0.0 - Microsoft Corporation)
vJoy Device Driver 2.1.7.7 (HKLM\...\{8E31F76F-74C3-47F1-9550-E041EEDC5FBB}_is1) (Version: 2.1.7.7 - Shaul Eizikovich)
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 138.0.3351.121 - Microsoft Corporation) Hidden
WildBit Viewer (64bit) (HKLM\...\WildBit Viewer_is1) (Version: 6.3 - WildBit Software)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-10-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-10-16] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.2180.0_x64__8wekyb3d8bbwe [2022-02-27] (Microsoft Studios) [MS Ad]

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-694184031-744807502-3984899651-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2016-06-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [Glarysoft MalwareHunter] -> {EA847F47-97F1-4D78-AB99-C63CA1C327F0} => C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\MHContextHandlerx64.dll [2016-06-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2016-06-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers2: [Glarysoft MalwareHunter] -> {EA847F47-97F1-4D78-AB99-C63CA1C327F0} => C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\MHContextHandlerx64.dll [2016-06-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-07-21] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2016-06-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [Glarysoft MalwareHunter] -> {EA847F47-97F1-4D78-AB99-C63CA1C327F0} => C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\MHContextHandlerx64.dll [2016-06-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-07-21] (Malwarebytes Inc -> Malwarebytes)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2017-09-26 22:22 - 2017-09-26 22:22 - 001984000 ____R () [Archivo no firmado] C:\Program Files (x86)\Skype\Phone\skypert.dll
2017-10-05 23:05 - 2017-10-05 23:05 - 002969600 ____R (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Skype\Phone\RtmCodecs.dll
2017-10-05 23:08 - 2017-10-05 23:08 - 000941056 ____R (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Skype\Phone\RtmMediaManager.dll
2017-10-05 23:03 - 2017-10-05 23:03 - 000654848 ____R (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Skype\Phone\RtmPal.dll
2017-10-05 23:07 - 2017-10-05 23:07 - 010914816 ____R (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Skype\Phone\RtmPltfm.dll
2017-10-05 23:04 - 2017-10-05 23:04 - 000089088 ____R (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2017-10-05 23:16 - 2017-10-05 23:16 - 027716608 ____R (Skype Technologies S.A.) [Archivo no firmado] C:\Program Files (x86)\Skype\Phone\SkypeSkylib.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\Users\carlos\Downloads\mediacreationtool.exe:MBAM.Zone.Identifier [154]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) =============


==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2015-07-10 13:04 - 2015-07-10 13:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Network ===========================

(Actualmente no existe una corrección automática para esta sección.)

DNS Servers: 192.168.0.1
Firewall de Windows está habilitado.

Network Binding:
=============
Ethernet: Realtek PCIe GBE Family Controller -> rt640x64.sys

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-694184031-744807502-3984899651-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\carlos\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\17378616820134865325\133991147407364702.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 0)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 4) (TamperProtectionSource: 2)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)
HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths|C:\Program Files\PostgreSQL
HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths|C:\Program Files (x86)\PokerStars.EU
HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths|C:\Program Files (x86)\PokerTracker 4
HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths|C:\Program Files (x86)\StarsHelper


==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{B107C6A8-27C6-453D-87C1-850708283519}] => (Allow) %ProgramFiles% (x86)\Ladbrokes Poker\casino.exe => Ningún archivo
FirewallRules: [{5B00E5E5-6F80-45C9-B9AC-08CAF9E1ED41}] => (Allow) %ProgramFiles% (x86)\Ladbrokes Poker\casino.exe => Ningún archivo
FirewallRules: [UDP Query User{E8E0B944-E2AC-45E6-A5AC-2E3065EA2338}C:\poker\ipoker tools\ipt.exe] => (Allow) C:\poker\ipoker tools\ipt.exe => Ningún archivo
FirewallRules: [TCP Query User{B6915870-696E-4FC8-9CAC-01D8DA352B8D}C:\poker\ipoker tools\ipt.exe] => (Allow) C:\poker\ipoker tools\ipt.exe => Ningún archivo
FirewallRules: [{E075E760-E731-4CDA-87D1-91B60F734982}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)
FirewallRules: [{E997E55E-D7C6-4315-8FA0-F3C0C0F3DC54}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft)
FirewallRules: [{5FBD0D32-FD93-43B2-80E2-56C0D9DE56BF}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft)
FirewallRules: [{006CE4A5-7D97-4F5B-BFC9-5514FF0B90F2}] => (Allow) %ProgramFiles%\PostgreSQL\9.3\bin\postgres.exe => Ningún archivo
FirewallRules: [{2195B6E6-C756-4D1A-BD74-5D252BC9AC6C}] => (Allow) %ProgramFiles%\PostgreSQL\9.3\bin\psql.exe => Ningún archivo
FirewallRules: [{B94946B3-57AB-4ED0-9084-93E4C2C8D9AC}] => (Allow) %ProgramFiles%\PostgreSQL\9.3\bin\pg_ctl.exe => Ningún archivo
FirewallRules: [{E6001EE3-AF33-4B2E-AEB7-2C4E58F0231B}] => (Allow) %ProgramFiles% (x86)\PokerTracker 4\PokerTrackerWeb4.exe => Ningún archivo
FirewallRules: [{A40A3097-3432-48C3-8E3C-56ABB69CD3FB}] => (Allow) %ProgramFiles% (x86)\PokerTracker 4\PokerTrackerHud4.exe => Ningún archivo
FirewallRules: [{CD7EB861-90F4-4898-8F13-69387B32A1CC}] => (Allow) %ProgramFiles% (x86)\PokerTracker 4\PokerTracker4.exe => Ningún archivo
FirewallRules: [{1702951C-CF63-4F9E-966E-C7155F2C1599}] => (Allow) %ProgramFiles% (x86)\PokerStars.EU\PokerStars.exe => Ningún archivo
FirewallRules: [{9341D3D4-8E95-433B-BC3C-F657C69B9DDC}] => (Allow) %ProgramFiles% (x86)\PokerStars.EU\PokerStars.exe => Ningún archivo
FirewallRules: [{A5B8A68F-2432-456E-8F3C-D63EC9CD71AB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0DFD10A8-F9B4-4960-BAA1-8B2CC3996F7B}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{D4616971-6328-471D-BE9D-BEF7336BB471}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{CC45AC4D-30DA-4F2B-9FA3-7EB24A2DA5EC}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{E077F19A-5D96-4B33-8375-9742DC0D6763}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{FC1F12E2-EFE1-47A5-BD41-8B5B9E3574EB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E5C0EED9-636B-4D6E-B2F9-ECD06FCE788F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{122D0D26-BB70-4844-A28B-659C5F23A795}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E4E1993E-50F2-4173-BC79-6EC395F988F6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5E952390-5304-44A6-A99B-8738242BCEBB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Puntos de Restauración =========================

23-07-2025 10:30:54 Instalador de Módulos de Windows
24-07-2025 16:33:08 Removed PokerStrategy.com Equilab.

==================== Dispositivos defectuosos en el Administrador de dispositivos ============
Name: Dispositivo USB desconocido (Error de solicitud de descriptor de dispositivo)
Description: Dispositivo USB desconocido (Error de solicitud de descriptor de dispositivo)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Controladora de host USB estándar)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (08/08/2025 10:17:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: IAStorDataMgrSvc.exe, versión: 12.9.0.1001, marca de tiempo: 0x526ed2ab
Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.19041.6157, marca de tiempo: 0x418c977e
Código de excepción: 0xe0434352
Desplazamiento de errores: 0x0013b6e2
Identificador del proceso con errores: 0x376c
Hora de inicio de la aplicación con errores: 0x01dc083cd080a39c
Ruta de acceso de la aplicación con errores: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\KERNELBASE.dll
Identificador del informe: 90970920-ab21-4276-9ebd-7adbc83c9290
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (08/08/2025 10:17:02 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: IAStorDataMgrSvc.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.FormatException
   en System.Text.StringBuilder.AppendFormatHelper(System.IFormatProvider, System.String, System.ParamsArray)
   en System.String.FormatHelper(System.IFormatProvider, System.String, System.ParamsArray)
   en System.String.Format(System.IFormatProvider, System.String, System.Object[])
   en IAStorDataMgr.EventRelay.formatStrings(System.String, System.Object[])
   en IAStorDataMgr.EventRelay.translateEventType(IAStorUtil.Events.DiskEventArgs, IAStorUtil.LogLevel)
   en IAStorDataMgr.EventRelay.SDM_ComprehensiveHandler(System.Object, IAStorUtil.Events.ComprehensiveEventArgs)
   en IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   en IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   en IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   en System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   en System.Threading.ThreadPoolWorkQueue.Dispatch()
   en System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (08/08/2025 10:17:02 AM) (Source: IAStorDataMgrSvc) (EventID: 7001) (User: )
Description: Internal program error:  missing resource string DM_1_0_7

Error: (08/08/2025 10:16:36 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x80004005
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (08/08/2025 10:16:02 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x80004005
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

Error: (08/07/2025 12:15:19 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x80004005
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (08/07/2025 12:14:55 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x80004005
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (08/07/2025 11:58:20 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x80004005
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable


Errores del sistema:
=============
Error: (08/08/2025 10:17:30 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error (0x80073d02 = No se pudo instalar el paquete porque los recursos que modifica están actualmente en uso.): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (08/08/2025 10:17:03 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) Rapid Storage Technology se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (08/08/2025 10:17:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Servicio de Google Update (gupdate) no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (08/08/2025 10:17:00 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Servicio de Google Update (gupdate).

Error: (08/07/2025 12:14:41 PM) (Source: vjoy) (EventID: 524) (User: )
Description: Failed to get Report Descriptor from Registry. Function WdfRegistryOpenKey failed with status 0xc0000034.

Error: (08/07/2025 12:14:41 PM) (Source: vjoy) (EventID: 524) (User: )
Description: Failed to get Report Descriptor from Registry. Function WdfRegistryOpenKey failed with status 0xc0000034.

Error: (08/07/2025 12:14:41 PM) (Source: vjoy) (EventID: 524) (User: )
Description: Failed to get Report Descriptor from Registry. Function WdfRegistryOpenKey failed with status 0xc0000034.

Error: (08/07/2025 12:14:41 PM) (Source: vjoy) (EventID: 524) (User: )
Description: Failed to get Report Descriptor from Registry. Function WdfRegistryOpenKey failed with status 0xc0000034.


Windows Defender:
================
Date: 2025-07-21 16:52:15
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUABundler:Win32/PiriformBundler&threatid=311950&enterprise=0
Nombre: PUABundler:Win32/PiriformBundler
Id.: 311950
Gravedad: Baja
Categoría: Software potencialmente no deseado
Ruta de acceso: file:_C:\recuperado\descargas\dfsetup221.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-ED7Q277\carlos
Nombre de proceso: C:\Windows\explorer.exe
Versión de inteligencia de seguridad: AV: 1.431.788.0, AS: 1.431.788.0, NIS: 1.431.788.0
Versión de motor: AM: 1.1.25050.6, NIS: 1.1.25050.6

Date: 2025-07-21 16:52:12
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/Playtech&threatid=248106&enterprise=0
Nombre: PUA:Win32/Playtech
Id.: 248106
Gravedad: Baja
Categoría: Software potencialmente no deseado
Ruta de acceso: file:_C:\Program Files (x86)\Ladbrokes Poker\internalPokerSetup (1)Uninstall1499328865222_na_en.exe; regkey:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Ladbrokes Poker; uninstall:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Ladbrokes Poker
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Usuario
Usuario: DESKTOP-ED7Q277\carlos
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.431.788.0, AS: 1.431.788.0, NIS: 1.431.788.0
Versión de motor: AM: 1.1.25050.6, NIS: 1.1.25050.6

Date: 2025-07-21 16:49:06
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUABundler:Win32/PiriformBundler&threatid=311950&enterprise=0
Nombre: PUABundler:Win32/PiriformBundler
Id.: 311950
Gravedad: Baja
Categoría: Software potencialmente no deseado
Ruta de acceso: file:_C:\recuperado\descargas\dfsetup221.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-ED7Q277\carlos
Nombre de proceso: C:\Windows\explorer.exe
Versión de inteligencia de seguridad: AV: 1.431.788.0, AS: 1.431.788.0, NIS: 1.431.788.0
Versión de motor: AM: 1.1.25050.6, NIS: 1.1.25050.6

Date: 2025-07-21 18:18:43
Description: 
Antivirus de Microsoft Defender ѕčåй ĥąş ъėэи šťőрφёð ьєƒόŗε ċõмρľęτïőи.%й %ŧŠĉäʼn ĨÐ:%ъ{517967D6-7688-4BFF-B04D-19FDF3F439D4}%й %ţŠ¢ăń Ţўрě:%вAntimalware%ņ %тŞсąŋ Рªядmёťĕяś:%вExamen rápido%п  %тŮşèř:%вNT AUTHORITY\SYSTEM%ή %τŚţθφ Ґ℮άŝøй:%ъŚсћêδцľэð ѕçàʼn ωāś şκïφрēđ ъêсåüѕĕ ţнэ ŀāѕт ŝųĉçĕśşƒųļ şćàи ẁªѕ щїťђìй ŧĥĕ ℓąѕţ 7 ðάỳŝ

Date: 2025-07-21 18:18:33
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUABundler:Win32/PiriformBundler&threatid=311950&enterprise=0
Nombre: PUABundler:Win32/PiriformBundler
Id.: 311950
Gravedad: Baja
Categoría: Software potencialmente no deseado
Ruta de acceso: file:_C:\recuperado\descargas\dfsetup221.exe; file:_C:\Users\carlos\Downloads\ccsetup527.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Usuario
Usuario: DESKTOP-ED7Q277\carlos
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.431.788.0, AS: 1.431.788.0, NIS: 1.431.788.0
Versión de motor: AM: 1.1.25050.6, NIS: 1.1.25050.6
Event[0]:

Date: 2025-08-05 12:05:54
Description: 
Antivirus de Microsoft Defender encontró un error al intentar actualizar la inteligencia de seguridad e intentará revertir a una versión anterior.
Inteligencia de seguridad intentada: Actual
Código de error: 0x80501102
Descripción del error: Problema inesperado. Instale todas las actualizaciones disponibles e intente iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulte Ayuda y soporte técnico. 
Versión de inteligencia de seguridad: 1.431.788.0;1.431.788.0
Versión del motor: 1.1.25050.6

Date: 2025-07-24 17:33:19
Description: 
Antivirus de Microsoft Defender encontró un error al intentar actualizar la inteligencia de seguridad e intentará revertir a una versión anterior.
Inteligencia de seguridad intentada: Actual
Código de error: 0x80501102
Descripción del error: Problema inesperado. Instale todas las actualizaciones disponibles e intente iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulte Ayuda y soporte técnico. 
Versión de inteligencia de seguridad: 1.431.788.0;1.431.788.0
Versión del motor: 1.1.25050.6

Date: 2025-07-24 17:30:29
Description: 
Antivirus de Microsoft Defender encontró un error al intentar actualizar la inteligencia de seguridad e intentará revertir a una versión anterior.
Inteligencia de seguridad intentada: Actual
Código de error: 0x80501102
Descripción del error: Problema inesperado. Instale todas las actualizaciones disponibles e intente iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulte Ayuda y soporte técnico. 
Versión de inteligencia de seguridad: 1.431.788.0;1.431.788.0
Versión del motor: 1.1.25050.6

Date: 2025-07-21 15:54:44
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.367.447.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.19200.6
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2025-07-21 15:54:44
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.367.447.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.19200.6
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

CodeIntegrity:
===============
Date: 2025-08-06 16:26:09
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Microsoft signing level requirements.

Date: 2025-08-06 16:26:09
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Microsoft signing level requirements.

Date: 2025-08-06 16:26:07
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.

Date: 2025-08-05 12:05:23
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.


==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. P1.50 07/13/2012
Placa base: ASRock Z77 Pro3
Procesador: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Porcentaje de memoria en uso: 31%
RAM física total: 24279 MB
RAM física disponible: 16622.92 MB
Virtual total: 27863 MB
Virtual disponible: 19785.26 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:464.43 GB) (Free:399.87 GB) (Model: Samsung SSD 850 EVO 500GB) NTFS
Drive d: (3tb) (Fixed) (Total:2794.39 GB) (Free:775.06 GB) (Model: ST3000DM001-1CH166) NTFS
Drive e: (F) (Fixed) (Total:5589.01 GB) (Free:541.9 GB) (Model: WDC WD60EFPX-68C5ZN0) NTFS
Drive f: (D) (Fixed) (Total:2048 GB) (Free:134.8 GB) (Model: ST4000DM004-2CV104) NTFS
Drive g: (E) (Fixed) (Total:1678.02 GB) (Free:386.37 GB) (Model: ST4000DM004-2CV104) NTFS

\\?\Volume{0dd7e78f-0000-0000-0000-100000000000}\ (Reservado para el sistema) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{0dd7e78f-0000-0000-0000-a03a74000000}\ () (Fixed) (Total:0.84 GB) (Free:0.29 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 2794.5 GB) (Disk ID: 06460645)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0DD7E78F)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=864 MB) - (Type=27)

==========================================================
Disk: 2 (Protective MBR) (Size: 5589 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 3 (Size: 3726 GB) (Disk ID: 8E16CA68)

Partition: GPT.

==================== Final de Addition.txt =======================

pongo este otro reporte separado ya que me limitaba los caracteres

saludos

Farbar Recovery Scan Tool: FIX

Nota: tras ejecutar el script (posiblemente), se cerrarán todas las pestañas abiertas del navegador, se cerrará la sesión de sus cuentas y se borrarán los archivos temporales, la papelera de reciclaje, el historial del navegador, las cookies y la caché.

Desactive su antivirus antes de reiniciar. Seleccione el siguiente código:

Start::
SystemRestore: On
CreateRestorePoint:
CloseProcesses:

GroupPolicy: Restricción ? <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN
Task: {E633A845-6578-49DB-9B9B-391631C64431} - \Microsoft\Windows\UNP\RunCampaignManager -> Ningún archivo <==== ATENCIÓN
S3 cpuz150; C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [44832 2021-10-21] (CPUID S.A.R.L.U. -> CPUID) <==== ATENCIÓN

Folder: C:\Program Files (x86)\Intel\Intel(R) Security Assist

Task: {7E8D95D6-699D-4F57-B9A9-1581517109D8} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3543408 2017-01-13] (Easeware Technology Limited -> Easeware) -> C:\Program Files\Easeware\DriverEasy\--scan
Task: {FAD695D0-5EBF-449E-85FC-53FDE594BAAB} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [134608 2016-09-05] (Glarysoft LTD -> Glarysoft Ltd)
Task: {30118388-989D-4A80-9675-CF3DF839929D} - System32\Tasks\GMHSkipUAC => C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe [2246608 2016-09-05] (Glarysoft LTD -> Glarysoft Ltd)
Task: {783B9E5E-1E63-4087-832B-B42698674FAD} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem140.0.7273.0{53B83AA9-8F6B-4AE6-81E7-0D24A5339E2C} => C:\Program Files (x86)\Google\GoogleUpdater\140.0.7273.0\updater.exe [6836832 2025-07-02] (Google LLC -> Google LLC)
Task: {C367DE30-6D96-410E-92D3-8A2E43BD6F68} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [898000 2016-09-05] (Glarysoft LTD -> Glarysoft Ltd)
Task: {99B20B53-D304-419C-898C-FC49AE2FD32E} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1741576 2016-03-17] (Intel(R) Software -> Intel Corporation)
Task: {B517CAEF-C28A-4CD4-BF9D-95773E0247B0} - System32\Tasks\OneDrive Startup Task-S-1-5-21-694184031-744807502-3984899651-1001 => C:\Users\carlos\AppData\Local\Microsoft\OneDrive\25.137.0715.0001\OneDriveLauncher.exe [685456 2025-08-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {6B99556D-7515-4AA6-AA9A-AD8C69440D84} - System32\Tasks\Opera scheduled Autoupdate 1754641062 => C:\Users\carlos\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [6239704 2025-08-06] (Opera Norway AS -> Opera Software)
Task: {E99BDD3E-1C13-4E11-9A73-324AF51E1CAF} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1112576 2016-11-23] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.) -> C:\Program Files (x86)\Samsung\Samsung Magician\\/AUTOHIDE
Task: {827375DB-894F-4440-938B-6F427B99F51D} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\WINDOWS\System32\Wscript.exe [181760 2025-07-21] (Microsoft Windows -> Microsoft Corporation) -> C:\Program Files\Intel\SUR\QUEENCREEK\//B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs"
. . . (HKLM\...\{FDF43F53-B12C-41F4-B248-F67CE924E7D7}) (Version: 2.1.28.3 - Intel) Hidden
. . . (HKLM-x32\...\{4A7F2465-EAE2-4A22-9842-2A0F537F243E}) (Version: 2.6.2.4 - Intel) Hidden
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo

Removeproxy:
Hosts:

CMD: netsh winsock reset catalog
CMD: netsh int ip reset resetlog.txt
CMD: reg export HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Defaults\FirewallPolicy\FirewallRules C:\FirewallBackup.reg
C:\FirewallBackup.reg
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: bitsadmin /reset /allusers
CMD: ipconfig /flushdns

EmptyEventLogs:

Emptytemp:
End::

Copie el texto seleccionado (clic derecho - Copiar). Ejecute FRST (FRST64) como administrador. Haga clic en “Reparar” una vez (!) y espere. El programa creará un archivo de registro (Fixlog.txt). Adjúntelo a su próximo mensaje.

El ordenador se reiniciará automáticamente.

Salu2

> # Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 31-07-2025
>
> Ejecutado por carlos (09-08-2025 09:49:10) Run:1
> Ejecutado desde C:\\Users\\carlos\\Downloads
> Perfiles cargados: carlos
> Modo de Inicio: Normal
>
> fixlist contenido:
>
> ---
>
> Start::
> SystemRestore: On
> CreateRestorePoint:
> CloseProcesses:
>
> GroupPolicy: Restricción ? <==== ATENCIÓN
> Policies: C:\\ProgramData\\NTUSER.pol: Restricción <==== ATENCIÓN
> Task: {E633A845-6578-49DB-9B9B-391631C64431} - \\Microsoft\\Windows\\UNP\\RunCampaignManager → Ningún archivo <==== ATENCIÓN
> S3 cpuz150; C:\\WINDOWS\\temp\\cpuz150\\cpuz150_x64.sys \[44832 2021-10-21\] (CPUID S.A.R.L.U. → CPUID) <==== ATENCIÓN
>
> Folder: C:\\Program Files (x86)\\Intel\\Intel(R) Security Assist
>
> Task: {7E8D95D6-699D-4F57-B9A9-1581517109D8} - System32\\Tasks\\Driver Easy Scheduled Scan => C:\\Program Files\\Easeware\\DriverEasy\\DriverEasy.exe \[3543408 2017-01-13\] (Easeware Technology Limited → Easeware) → C:\\Program Files\\Easeware\\DriverEasy–scan
> Task: {FAD695D0-5EBF-449E-85FC-53FDE594BAAB} - System32\\Tasks\\GlaryInitialize 5 => C:\\Program Files (x86)\\Glary Utilities 5\\Initialize.exe \[134608 2016-09-05\] (Glarysoft LTD → Glarysoft Ltd)
> Task: {30118388-989D-4A80-9675-CF3DF839929D} - System32\\Tasks\\GMHSkipUAC => C:\\Program Files (x86)\\Glarysoft\\Malware Hunter\\MalwareHunter.exe \[2246608 2016-09-05\] (Glarysoft LTD → Glarysoft Ltd)
> Task: {783B9E5E-1E63-4087-832B-B42698674FAD} - System32\\Tasks\\GoogleSystem\\GoogleUpdater\\GoogleUpdaterTaskSystem140.0.7273.0{53B83AA9-8F6B-4AE6-81E7-0D24A5339E2C} => C:\\Program Files (x86)\\Google\\GoogleUpdater\\140.0.7273.0\\updater.exe \[6836832 2025-07-02\] (Google LLC → Google LLC)
> Task: {C367DE30-6D96-410E-92D3-8A2E43BD6F68} - System32\\Tasks\\GU5SkipUAC => C:\\Program Files (x86)\\Glary Utilities 5\\Integrator.exe \[898000 2016-09-05\] (Glarysoft LTD → Glarysoft Ltd)
> Task: {99B20B53-D304-419C-898C-FC49AE2FD32E} - System32\\Tasks\\Intel\\Intel Telemetry 2 => C:\\Program Files\\Intel\\Telemetry 2.0\\lrio.exe \[1741576 2016-03-17\] (Intel(R) Software → Intel Corporation)
> Task: {B517CAEF-C28A-4CD4-BF9D-95773E0247B0} - System32\\Tasks\\OneDrive Startup Task-S-1-5-21-694184031-744807502-3984899651-1001 => C:\\Users\\carlos\\AppData\\Local\\Microsoft\\OneDrive\\25.137.0715.0001\\OneDriveLauncher.exe \[685456 2025-08-06\] (Microsoft Corporation → Microsoft Corporation)
> Task: {6B99556D-7515-4AA6-AA9A-AD8C69440D84} - System32\\Tasks\\Opera scheduled Autoupdate 1754641062 => C:\\Users\\carlos\\AppData\\Local\\Programs\\Opera\\autoupdate\\opera_autoupdate.exe \[6239704 2025-08-06\] (Opera Norway AS → Opera Software)
> Task: {E99BDD3E-1C13-4E11-9A73-324AF51E1CAF} - System32\\Tasks\\SamsungMagician => C:\\Program Files (x86)\\Samsung\\Samsung Magician\\SamsungMagician.exe \[1112576 2016-11-23\] (Samsung Electronics Co., Ltd. → Samsung Electronics Co. Ltd.) → C:\\Program Files (x86)\\Samsung\\Samsung Magician\\/AUTOHIDE
> Task: {827375DB-894F-4440-938B-6F427B99F51D} - System32\\Tasks\\USER_ESRV_SVC_QUEENCREEK => C:\\WINDOWS\\System32\\Wscript.exe \[181760 2025-07-21\] (Microsoft Windows → Microsoft Corporation) → C:\\Program Files\\Intel\\SUR\\QUEENCREEK//B //NoLogo “C:\\Program Files\\Intel\\SUR\\QUEENCREEK\\task.vbs”
> . . . (HKLM…{FDF43F53-B12C-41F4-B248-F67CE924E7D7}) (Version: 2.1.28.3 - Intel) Hidden
> . . . (HKLM-x32…{4A7F2465-EAE2-4A22-9842-2A0F537F243E}) (Version: 2.6.2.4 - Intel) Hidden
> ContextMenuHandlers5: \[igfxcui\] → {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  → Ningún archivo
>
> Removeproxy:
> Hosts:
>
> CMD: netsh winsock reset catalog
> CMD: netsh int ip reset resetlog.txt
> CMD: reg export HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Services\\SharedAccess\\Defaults\\FirewallPolicy\\FirewallRules C:\\FirewallBackup.reg
> C:\\FirewallBackup.reg
> CMD: netsh advfirewall reset
> CMD: netsh advfirewall set allprofiles state ON
> CMD: bitsadmin /reset /allusers
> CMD: ipconfig /flushdns
>
> EmptyEventLogs:
>
> Emptytemp:
> End::
>
> ---
>
> SystemRestore: On => completado
> El punto de restauración fue creado correctamente.
> Procesos cerrados correctamente.
>
> “C:\\WINDOWS\\system32\\GroupPolicy\\Machine” Carpeta mover:
>
> C:\\WINDOWS\\system32\\GroupPolicy\\Machine => movido correctamente
> C:\\WINDOWS\\system32\\GroupPolicy\\GPT.ini => movido correctamente
> C:\\WINDOWS\\SysWOW64\\GroupPolicy\\GPT.ini => movido correctamente
> C:\\ProgramData\\NTUSER.pol => movido correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Plain{E633A845-6578-49DB-9B9B-391631C64431}” => eliminado correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tasks{E633A845-6578-49DB-9B9B-391631C64431}” => eliminado correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\Microsoft\\Windows\\UNP\\RunCampaignManager” => no encontrado
> HKLM\\System\\CurrentControlSet\\Services\\cpuz150 => eliminado correctamente
> cpuz150 => servicio eliminado correctamente
>
> ========================= Folder: C:\\Program Files (x86)\\Intel\\Intel(R) Security Assist ========================
>
> 2015-05-19 10:11 - 2015-05-19 10:11 - 000335872 \____A \[8213094EA736A9C575AB0E22AD09B0BA\] (Intel Corporation) \[Archivo no firmado\] C:\\Program Files (x86)\\Intel\\Intel(R) Security Assist\\isa.exe
> 2015-05-19 10:11 - 2015-05-19 10:11 - 000007680 \____A \[1DFC3CCA51785254C5604238BB1A5467\] () \[Archivo no firmado\] C:\\Program Files (x86)\\Intel\\Intel(R) Security Assist\\isaHelperService.exe
> 2015-05-19 10:10 - 2015-05-19 10:10 - 000838144 \____A \[9B03207B52C719FC91BC79A8E447EC77\] (Intel Corporation) \[Archivo no firmado\] C:\\Program Files (x86)\\Intel\\Intel(R) Security Assist\\IsaUi.exe
> 2015-05-19 10:09 - 2015-05-19 10:09 - 000022016 \____A \[6FEF38F605EC74A0C16BFDD75B544546\] (Intel Corporation) \[Archivo no firmado\] C:\\Program Files (x86)\\Intel\\Intel(R) Security Assist\\JhiSharp.dll
> 2015-05-19 10:10 - 2015-05-19 10:10 - 000008704 \____A \[1EA6285A66D6E5773551BA3033A0C46D\] () \[Archivo no firmado\] C:\\Program Files (x86)\\Intel\\Intel(R) Security Assist\\PlatformChecker.dll
> 2015-05-19 10:10 - 2015-05-19 10:10 - 000063488 \____A \[62F77C1770B101CC1CF59F79D092159F\] () \[Archivo no firmado\] C:\\Program Files (x86)\\Intel\\Intel(R) Security Assist\\SigmaLibrary.dll
> 2015-05-19 10:09 - 2015-05-19 10:09 - 000037264 \____A \[8EBECBAECE5D9DDB91701E13A3AA50B4\] () C:\\Program Files (x86)\\Intel\\Intel(R) Security Assist\\SpeApplet.dalp
>
> ====== Final de Folder: ======
>
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Plain{7E8D95D6-699D-4F57-B9A9-1581517109D8}” => eliminado correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tasks{7E8D95D6-699D-4F57-B9A9-1581517109D8}” => eliminado correctamente
> C:\\WINDOWS\\System32\\Tasks\\Driver Easy Scheduled Scan => movido correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\Driver Easy Scheduled Scan” => eliminado correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Logon{FAD695D0-5EBF-449E-85FC-53FDE594BAAB}” => eliminado correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tasks{FAD695D0-5EBF-449E-85FC-53FDE594BAAB}” => eliminado correctamente
> C:\\WINDOWS\\System32\\Tasks\\GlaryInitialize 5 => movido correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\GlaryInitialize 5” => eliminado correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Plain{30118388-989D-4A80-9675-CF3DF839929D}” => eliminado correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tasks{30118388-989D-4A80-9675-CF3DF839929D}” => eliminado correctamente
> C:\\WINDOWS\\System32\\Tasks\\GMHSkipUAC => movido correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\GMHSkipUAC” => eliminado correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Logon{783B9E5E-1E63-4087-832B-B42698674FAD}” => eliminado correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tasks{783B9E5E-1E63-4087-832B-B42698674FAD}” => eliminado correctamente
> C:\\WINDOWS\\System32\\Tasks\\GoogleSystem\\GoogleUpdater\\GoogleUpdaterTaskSystem140.0.7273.0{53B83AA9-8F6B-4AE6-81E7-0D24A5339E2C} => movido correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\GoogleSystem\\GoogleUpdater\\GoogleUpdaterTaskSystem140.0.7273.0{53B83AA9-8F6B-4AE6-81E7-0D24A5339E2C}” => eliminado correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Plain{C367DE30-6D96-410E-92D3-8A2E43BD6F68}” => eliminado correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tasks{C367DE30-6D96-410E-92D3-8A2E43BD6F68}” => eliminado correctamente
> C:\\WINDOWS\\System32\\Tasks\\GU5SkipUAC => movido correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\GU5SkipUAC” => eliminado correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Plain{99B20B53-D304-419C-898C-FC49AE2FD32E}” => eliminado correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tasks{99B20B53-D304-419C-898C-FC49AE2FD32E}” => eliminado correctamente
> C:\\WINDOWS\\System32\\Tasks\\Intel\\Intel Telemetry 2 => movido correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\Intel\\Intel Telemetry 2” => eliminado correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Logon{B517CAEF-C28A-4CD4-BF9D-95773E0247B0}” => eliminado correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tasks{B517CAEF-C28A-4CD4-BF9D-95773E0247B0}” => eliminado correctamente
> C:\\WINDOWS\\System32\\Tasks\\OneDrive Startup Task-S-1-5-21-694184031-744807502-3984899651-1001 => movido correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\OneDrive Startup Task-S-1-5-21-694184031-744807502-3984899651-1001” => eliminado correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Logon{6B99556D-7515-4AA6-AA9A-AD8C69440D84}” => eliminado correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tasks{6B99556D-7515-4AA6-AA9A-AD8C69440D84}” => eliminado correctamente
> C:\\WINDOWS\\System32\\Tasks\\Opera scheduled Autoupdate 1754641062 => movido correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\Opera scheduled Autoupdate 1754641062” => eliminado correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Logon{E99BDD3E-1C13-4E11-9A73-324AF51E1CAF}” => eliminado correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tasks{E99BDD3E-1C13-4E11-9A73-324AF51E1CAF}” => eliminado correctamente
> C:\\WINDOWS\\System32\\Tasks\\SamsungMagician => movido correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\SamsungMagician” => eliminado correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Logon{827375DB-894F-4440-938B-6F427B99F51D}” => eliminado correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tasks{827375DB-894F-4440-938B-6F427B99F51D}” => eliminado correctamente
> C:\\WINDOWS\\System32\\Tasks\\USER_ESRV_SVC_QUEENCREEK => movido correctamente
> “HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\USER_ESRV_SVC_QUEENCREEK” => eliminado correctamente
> “HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall{FDF43F53-B12C-41F4-B248-F67CE924E7D7}\\SystemComponent” => eliminado correctamente
> “HKLM\\SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Uninstall{4A7F2465-EAE2-4A22-9842-2A0F537F243E}\\SystemComponent” => eliminado correctamente
> HKLM\\Software\\Classes\\Directory\\Background\\ShellEx\\ContextMenuHandlers\\igfxcui => eliminado correctamente
>
> ========= RemoveProxy: =========
>
> “HKU.DEFAULT\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Connections\\DefaultConnectionSettings” => eliminado correctamente
> “HKU.DEFAULT\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Connections\\SavedLegacySettings” => eliminado correctamente
> “HKU\\S-1-5-21-694184031-744807502-3984899651-1001\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Connections\\DefaultConnectionSettings” => eliminado correctamente
> “HKU\\S-1-5-21-694184031-744807502-3984899651-1001\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Connections\\SavedLegacySettings” => eliminado correctamente
>
> ========= Final de RemoveProxy: =========
>
> C:\\Windows\\System32\\Drivers\\etc\\hosts => movido correctamente
> Hosts restaurado correctamente.
>
> ========= netsh winsock reset catalog =========
>
> El cat logo Winsock se restableci¢ correctamente.
> Debe reiniciar el equipo para completar el restablecimiento.
>
> ========= Final de CMD: =========
>
> ========= netsh int ip reset resetlog.txt =========
>
> Reenv¡o de compartimiento se restableci¢ correctamente.
> Compartimiento se restableci¢ correctamente.
> Protocolo de control se restableci¢ correctamente.
> Solicitud de secuencia eco se restableci¢ correctamente.
> Global se restableci¢ correctamente.
> Interfaz se restableci¢ correctamente.
> Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
> Direcciones de multidifusi¢n se restableci¢ correctamente.
> Direcci¢n de unidifusi¢n se restableci¢ correctamente.
> Vecino se restableci¢ correctamente.
> Ruta de acceso se restableci¢ correctamente.
> Posible se restableci¢ correctamente.
> Directiva de prefijo se restableci¢ correctamente.
> Vecino de proxy se restableci¢ correctamente.
> Ruta se restableci¢ correctamente.
> Prefijo de sitio se restableci¢ correctamente.
> Subinterfaz se restableci¢ correctamente.
> Patr¢n de reactivaci¢n se restableci¢ correctamente.
> Resolver vecino se restableci¢ correctamente.
> se restableci¢ correctamente.
> se restableci¢ correctamente.
> se restableci¢ correctamente.
> se restableci¢ correctamente.
> Error al restablecer .
> Acceso denegado.
>
> se restableci¢ correctamente.
> se restableci¢ correctamente.
> se restableci¢ correctamente.
> se restableci¢ correctamente.
> se restableci¢ correctamente.
> se restableci¢ correctamente.
> se restableci¢ correctamente.
> se restableci¢ correctamente.
> Reinicie el equipo para completar esta acci¢n.
>
> ========= Final de CMD: =========
>
> ========= reg export HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Services\\SharedAccess\\Defaults\\FirewallPolicy\\FirewallRules C:\\FirewallBackup.reg =========
>
> La operaci¢n se complet¢ correctamente.
>
> ========= Final de CMD: =========
>
> C:\\FirewallBackup.reg => movido correctamente
>
> ========= netsh advfirewall reset =========
>
> Aceptar
>
> ========= Final de CMD: =========
>
> ========= netsh advfirewall set allprofiles state ON =========
>
> Aceptar
>
> ========= Final de CMD: =========
>
> ========= bitsadmin /reset /allusers =========
>
> BITSADMIN version 3.0
> BITS administration utility.
> (C) Copyright Microsoft Corp.
>
> {ECBD089E-74AF-4C71-ACB6-29519061063F} canceled.
> 1 out of 1 jobs canceled.
>
> ========= Final de CMD: =========
>
> ========= ipconfig /flushdns =========
>
> Configuraci¢n IP de Windows
>
> Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
>
> ========= Final de CMD: =========
>
> =========== EmptyEventLogs: ==========
>
> 1240 Event logs cleared.
>
> ================================
>
> =========== EmptyTemp: ==========
>
> FlushDNS => completado
> BITS transfer queue => 0 B
> DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 66319633 B
> Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp \*.cache => 0 B
> Windows/system/drivers => 66580055 B
> Edge => 0 B
> Chrome => 73485966 B
> Firefox => 0 B
> Opera => 1191699 B
>
> Temp, IE cache, history, cookies, recent:
> Default => 6656 B
> ProgramData => 6656 B
> Public => 6656 B
> systemprofile => 682905129 B
> systemprofile32 => 682905129 B
> LocalService => 682934581 B
> NetworkService => 683396575 B
> carlos => 823219633 B
>
> RecycleBin => 0 B
> EmptyTemp: => 3.5 GB datos temporales eliminados.
>
> ================================
>
> El sistema necesita reiniciarse.
>
> ==== Final de Fixlog 09:50:21 ====

No estoy seguro de haberlo ejecutado como administrador al leer el log que pone modo normal

saludos gracias

Ese registro se ve bien. ¿Puede explicar qué problemas tiene actualmente?

¿Pudo ejecutar la herramienta DoesNotBelong desde el modo seguro con funciones de red, donde el antivirus probablemente no interferiría con ella?

Saludos

No me deja ejecutar tampoco desde el modo seguro, se inicializada intenta hacer la descarga del paso 1 y se cierra

El ordenador aparentemene va bien rapido no parece que haya ningun problema

saludos

Muy interesante. Gracias por compartir

Está bien, normalmente me siento mejor sabiendo que el registro también está limpio, especialmente porque mencionaste que los archivos que eran mucho más antiguos pueden haber sido un problema.

En cualquier caso, si todo va rápido y bien para ti, me alegra escucharlo.

Cambie el nombre de FRST64.exe a Uninstall.exe y luego ejecútelo. Se requerirá un reinicio para completar su eliminación.

Manténgase seguro

he desinstalado FRST64 tengo que hacer algun paso mas?

Los virus que encontró el antivirus podrían haber infectado algún archivo como otros pds fotos videos etc?

saludos gracias

Hola,

No se necesitan pasos adicionales

Sus registros estaban limpios desde el principio, solo se hicieron cambios menores.

Si bien otras infecciones pueden afectar documentos, fotos y videos al cifrarlos, este no fue el caso según sus registros.

Saludos

este era el ordenador secundario que no estaba infectado por el virus, aunque si tenia los discos duros de datos.

Voy a montar de nuevo el disco duro infectado y volvere a pasar sus indicaciones

saludos gracias

en esta windows infectado tampoco consigo que does not belog funcione, no se que hago mal

copio los logs

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 31-07-2025
Ejecutado por lucius2 (administrador) sobre DESKTOP-8R99D6K (Micro-Star International Co., Ltd. MS-7C84) (11-08-2025 12:13:37)
Ejecutado desde C:\Users\lucius2\Downloads\FRST64.exe
Perfiles cargados: lucius2
Plataforma: Microsoft Windows 10 Enterprise Versión 22H2 19045.6093 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Edge
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(A225F3B5-240D-4EE9-BCF4-697A07F5E93E -> Micro-Star INT'L CO., LTD.) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) D:\Archivos de programa\driver instaladdo 580\CNext\CNext\RadeonSoftware.exe
(Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8531D027-8A10-44C4-B43A-AE40193F50CE}\MicrosoftEdge_X64_139.0.3405.86_138.0.3351.83.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8531D027-8A10-44C4-B43A-AE40193F50CE}\EDGEMITMP_BAE40.tmp\setup.exe <2>
(C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8531D027-8A10-44C4-B43A-AE40193F50CE}\MicrosoftEdge_X64_139.0.3405.86_138.0.3351.83.exe
(C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\One Dragon Center\CC_Engine_x64.exe
(C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Avast Software\Browser\Application\AvastBrowser.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE.exe ->) (Corsair Memory, Inc. -> Corsair) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUEDevicePluginHost.exe <7>
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(cmd.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) D:\Archivos de programa\driver instaladdo 580\CNext\CNext\AMDRSServ.exe
(cmd.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastNM.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE.exe
(Creative Technology Ltd) [Archivo no firmado] C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe
(D:\Archivos de programa\driver instaladdo 580\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) D:\Archivos de programa\driver instaladdo 580\CNext\CNext\amdow.exe
(D:\Archivos de programa\driver instaladdo 580\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) D:\Archivos de programa\driver instaladdo 580\CNext\CNext\AMDRSSrcExt.exe
(D:\Archivos de programa\driver instaladdo 580\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) D:\Archivos de programa\driver instaladdo 580\CNext\CNext\cncmd.exe
(DriverStore\FileRepository\u0385558.inf_amd64_a02c8b890e9f278a\B385477\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0385558.inf_amd64_a02c8b890e9f278a\B385477\atieclxx.exe
(E:\epic games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) E:\epic games\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(explorer.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Browser\Application\AvastBrowser.exe <75>
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) E:\epic games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <6>
(explorer.exe ->) (Opera Norway AS -> Opera Software) C:\Users\lucius2\AppData\Local\Programs\Opera\assistant\browser_assistant.exe <2>
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <4>
(Microsoft Corporation -> Microsoft Corporation) C:\Users\lucius2\AppData\Local\Microsoft\OneDrive\25.140.0720.0001\Microsoft.SharePoint.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0385558.inf_amd64_a02c8b890e9f278a\B385477\atiesrxx.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (cFos Software GmbH -> cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairMsiPluginService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe
(services.exe ->) (Creative Technology Ltd) [Archivo no firmado] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MsMpEng.exe
(services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\FoundationService\MSIAPService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe
(services.exe ->) (SDRplay Limited -> ) C:\Program Files\SDRplay\sdrplay_apiService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (The Firebird Project) [Archivo no firmado] C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbguard.exe
(services.exe ->) (The Firebird Project) [Archivo no firmado] C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbserver.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2502.2.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) () [Archivo no firmado] D:\optimizar amd no borrar\[Guru3D.com]-CTRv21RC5\CTR 2.1 RC5\CTR 2.1.exe
(svchost.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
(svchost.exe ->) (Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe <3>
(svchost.exe ->) (Creative Technology Ltd.) [Archivo no firmado] C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\True Color\MSI.True Color.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
HKLM\...\Run: [CORSAIR iCUE 4 Software] => C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE Launcher.exe [321240 2021-08-17] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [798456 2025-07-15] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Sound Blaster Tactic3D Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe [2091008 2014-07-03] (Creative Technology Ltd) [Archivo no firmado]
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2023-10-31] (Adobe Inc. -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [123172896 2024-07-24] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\Run: [Battle.net] => D:\juegos\diablo\Battle.net\Battle.net.exe [981648 2025-06-27] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\Run: [EpicGamesLauncher] => E:\epic games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36981208 2024-12-04] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\Run: [MicrosoftEdgeAutoLaunch_2E378602720D44159276CE8645339F8D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4113472 2025-07-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\Run: [AMDNoiseSuppression] => "C:\Windows\system32\AMD\ANR\AMDNoiseSuppression.exe" (Ningún archivo)
HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\Run: [Opera Browser Assistant] => C:\Users\lucius2\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3996064 2024-03-04] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\Run: [AvastBrowserAutoLaunch_A4176226833796E7A57D48BFC0505010] => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [3497312 2025-07-02] (Avast Software s.r.o. -> Gen Digital Inc.)
HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\RunOnce: [Application Restart #3] => C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe [3168848 2025-07-16] (Brave Software, Inc. -> Brave Software, Inc.)
HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\lucius2\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [92313984 2025-08-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\lucius2\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" [91703144 2025-08-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\RunOnce: [Uninstall 25.122.0624.0004] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\lucius2\AppData\Local\Microsoft\OneDrive\25.122.0624.0004" [0 2025-08-11] () <==== ATENCIÓN [cero bytes Archivo/Carpeta]
HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\MountPoints2: {6666f022-23c0-11ee-8ca0-2cf05d9f1ea2} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\MountPoints2: {b6688ed6-a9e1-11ee-8cb8-2cf05d9f1ea2} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\MountPoints2: {b6688eed-a9e1-11ee-8cb8-2cf05d9f1ea2} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\MountPoints2: {eb6daf4c-e86d-11ef-8cd7-c8e265fed147} - "G:\HiSuiteDownLoader.exe" 
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2024-02-22] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Nitro PDF Port 14 Monitor: C:\Windows\system32\NxPrinterMonitor14.dll [341448 2023-09-23] (Nitro Software, Inc. -> Nitro Software, Inc.)
HKLM\...\Print\Monitors\UDC: udcpm.dll (Ningún archivo)
HKLM\...\Print\Monitors\Wondershare PDFelement Monitor: C:\Windows\system32\PEPrinterMonitor.dll [292592 2023-06-16] (Wondershare Technology Group Co.,Ltd -> Wondershare Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\138.0.7204.184\Installer\chrmstp.exe [2025-08-11] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files\AVAST Software\Browser\Application\138.0.31254.169\Installer\chrmstp.exe [2025-08-11] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\138.1.80.122\Installer\chrmstp.exe [2025-07-17] (Brave Software, Inc. -> Brave Software, Inc.)
BootExecute: autocheck autochk * icarus_rvrt.exe
GroupPolicy: Restricción ? <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) =================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {C34A753E-87A7-4AC1-9909-0E772F80B2AA} - \MiniToolPartitionWizard -> Ningún archivo <==== ATENCIÓN
Task: {2FEB1A41-3559-4F1C-ABE8-D4D5308F6B51} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2025-03-21] (Adobe Inc. -> Adobe Inc.)
Task: {6C15004E-6065-471B-9DB0-E71FB506D695} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [677624 2019-11-21] (Advanced Micro Devices INC. -> )
Task: {7B84BAC1-E3EA-4981-9FD0-DC5733ADB31C} - System32\Tasks\AMDInstallLauncher => D:\Archivos de programa\driver instaladdo 580\CIM\Bin64\InstallManagerApp.exe [954808 2022-10-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {15A1E41E-5647-4083-B2F4-25689B2DF31F} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [3497312 2025-07-02] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {74A6EB18-ABBF-4AFA-B3AD-E76385B5BEBF} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [3497312 2025-07-02] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {F8AF7417-B353-4933-949F-31E70364EA20} - System32\Tasks\Avast Software\Avast Antivirus Patcher => C:\Program Files\Common Files\Avast Software\Icarus\avast-av\icarus.exe [8943920 2025-07-18] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {F1AF7F59-3E87-4C3E-AEBC-49C7BBCBA674} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5490936 2025-08-11] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {7F624C3D-D7D9-4F01-A4EE-1073F1E43819} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2564904 2025-07-15] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {0AF96AFB-5BAF-4B7B-8CCD-5253A5043EF8} - System32\Tasks\AvastBrowserProtectS-1-5-21-2733056459-4073295486-4068123865-1001 => C:\Program Files\AVAST Software\Browser\Application\AvastBrowserProtect.exe [1690008 2025-07-02] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {CC03AD05-29CA-4D21-AFFB-BB4FC297F20D} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193056 2025-07-15] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {84029085-CFA2-41D8-BA66-CDF9375E862B} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193056 2025-07-15] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {EE63D0D9-5CF8-4CCD-BB2C-79DDD03946B1} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{B6D7DB53-AD49-48C6-A7D7-83CF8288AD6E} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167440 2025-05-26] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {8DB5695F-50A0-4956-9E7D-98B7557F0E94} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{303E06D9-9CCC-4276-877E-FF154BE55C7C} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167440 2025-05-26] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {2E0D93A4-5AA5-4E51-BC62-52CC23D0ED8F} - System32\Tasks\CTR 2.1 RC5 => D:\optimizar amd no borrar\[Guru3D.com]-CTRv21RC5\CTR 2.1 RC5\CTR 2.1.exe [970240 2021-05-12] () [Archivo no firmado]
Task: {29D8D7C0-AD2A-480D-82DD-A7CA2D0F5A85} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem140.0.7272.0{D8109C0C-D2B1-4EC3-94C8-16EF51278087} => C:\Program Files (x86)\Google\GoogleUpdater\140.0.7272.0\updater.exe [6836832 2025-07-01] (Google LLC -> Google LLC)
Task: {5EBE4F5E-56EF-4CF0-B29E-1B92E654BB84} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem141.0.7340.0{F3D61B39-82DF-48A6-B036-561942902C72} => C:\Program Files (x86)\Google\GoogleUpdater\141.0.7340.0\updater.exe [6813336 2025-08-06] (Google LLC -> Google LLC)
Task: {6C9B3977-BC5D-4302-A01C-69D0A9CC0DBB} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_lucius2 => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [6197080 2023-02-02] (Janos Mathe -> H.D.S. Hungary)
Task: {3D4880BF-52B3-4E84-BC7F-18850467ECDB} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2733056459-4073295486-4068123865-1001 => C:\Users\lucius2\AppData\Local\MEGAsync\MEGAupdater.exe [2530736 2023-11-07] (Mega Limited -> )
Task: {80DE3D15-3599-44F2-A598-640B672A066D} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16889200 2025-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {E3369969-AB7E-4D76-BDF8-665EFB7B6675} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28813720 2025-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {61B4B604-12DE-4E82-BF1A-E104CE9BC980} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [69984 2025-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {8D929565-A53F-47CD-97A5-5486D8947824} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28813720 2025-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {9E1E4C87-E98A-4CB5-8F09-8CB0731882D0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311096 2025-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {A6C02008-28FD-4DC5-A6B7-32186E53CD54} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311096 2025-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {3B0A51EF-7403-4D6D-84F0-D339906BC1E3} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [1355064 2025-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {13A9E3F1-5B53-4ED9-B926-BA3706D8EDE9} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [254944 2023-12-19] (Microsoft Corporation -> Microsoft)
Task: {16E7DAFB-B4C7-46A0-8ADA-80514CA7C222} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpCmdRun.exe [1757568 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5062C4C0-0249-4CFF-A48F-33FFB13D1A84} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpCmdRun.exe [1757568 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {917B2F01-8B1C-4F0F-911D-FFAA65C96337} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpCmdRun.exe [1757568 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {477E0658-8D9A-47DC-A2A9-F7DAC393C66B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpCmdRun.exe [1757568 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8D19B736-C60F-4580-AE2D-A3F5F507579D} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [694848 2025-07-09] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (la entrada de datos tiene 6 más caracteres).
Task: {C6750838-31D4-4567-ADF3-16F4E948BDF4} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-2733056459-4073295486-4068123865-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [694848 2025-07-09] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (la entrada de datos tiene 6 más caracteres).
Task: {30C13658-9F9C-4BBD-90D2-FEC432BA5688} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-07-09] (Mozilla Corporation -> Mozilla Foundation)
Task: {40E58674-F80B-484D-94F8-2A903CB1736D} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [78648 2021-04-01] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {E7011468-1905-47B4-A1B2-E9E667A71AB3} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [78648 2021-04-01] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {3DFA462D-1276-4ECE-B3BD-60D5CF7A08EB} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe [1712976 2021-07-16] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {B9DA5182-7903-42CB-8980-CDCE85D60599} - System32\Tasks\MSI Task Host - MSI.True Color => C:\Program Files (x86)\MSI\One Dragon Center\True Color\MSI.True Color.exe [47416 2021-03-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {06369ACA-C9AD-484A-804A-4360CC24A470} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2733056459-4073295486-4068123865-1001 => C:\Users\lucius2\AppData\Local\Microsoft\OneDrive\25.140.0720.0001\OneDriveLauncher.exe [723816 2025-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {2CD48B65-DE96-464F-89AB-EA1A02422B70} - System32\Tasks\Opera scheduled assistant Autoupdate 1612569093 => C:\Users\lucius2\AppData\Local\Programs\Opera\launcher.exe  -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\lucius2\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {3385F95B-B541-4DB7-B39A-87A191873555} - System32\Tasks\Opera scheduled Autoupdate 1612569088 => C:\Users\lucius2\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [6239192 2025-07-17] (Opera Norway AS -> Opera Software)
Task: {6A288B62-AA76-44AD-8177-4DCCEF5F0836} - System32\Tasks\StartCN => D:\Archivos de programa\driver instaladdo 580\CNext\CNext\cncmd.exe [56760 2022-10-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {947C6692-235B-4517-A1B8-271E40F95248} - System32\Tasks\StartDVR => D:\Archivos de programa\driver instaladdo 580\CNext\CNext\RSServCmd.exe [291768 2022-10-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4961ca70-20ea-427c-8f67-c8a8f6cd0c74}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4961ca70-20ea-427c-8f67-c8a8f6cd0c74}\67F6461666F6E65664646383: [DhcpNameServer] 212.166.132.116 212.166.132.104
Tcpip\..\Interfaces\{4961ca70-20ea-427c-8f67-c8a8f6cd0c74}\67F6461666F6E65664646383D25374: [DhcpNameServer] 212.166.132.116 212.166.132.104

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\lucius2\AppData\Local\Microsoft\Edge\User Data\Default [2025-08-11]
Edge DownloadDir: Default -> D:\descargas mozilla
Edge DefaultSearchURL: Default -> {bing:baseURL}search?q={searchTerms}&{bing:cvid}{bing:msb}{google:assistedQueryStats}
Edge Extension: (Backpack) - C:\Users\lucius2\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aflkmfhebedbjioipglgcbcmnbpgliof [2025-07-02]
Edge Extension: (ChatGPT) - C:\Users\lucius2\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ejcfepkfckglbgocfkanmcdngdijcgld [2024-12-25]
Edge Extension: (Documentos de Google sin conexión) - C:\Users\lucius2\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-06-16]
Edge Extension: (Zoom Edge Extension) - C:\Users\lucius2\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jklagmeecneibgbmbffefehjhijamhhj [2025-05-28]
Edge Extension: (Edge relevant text changes) - C:\Users\lucius2\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (Print Friendly & PDF) - C:\Users\lucius2\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nhiebejbpolmpkikgbijamagibifhjib [2024-06-07]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

FireFox:
========
FF DefaultProfile: keaq5v95.default
FF ProfilePath: C:\Users\lucius2\AppData\Roaming\Mozilla\Firefox\Profiles\keaq5v95.default [2020-12-03]
FF ProfilePath: C:\Users\lucius2\AppData\Roaming\Mozilla\Firefox\Profiles\a6msn898.default-release [2025-07-22]
FF DownloadDir: D:\descargas mozilla
FF Extension: (AdBlocker Ultimate) - C:\Users\lucius2\AppData\Roaming\Mozilla\Firefox\Profiles\a6msn898.default-release\Extensions\[email protected] [2025-07-05]
FF Extension: (Keepa - Amazon Price Tracker) - C:\Users\lucius2\AppData\Roaming\Mozilla\Firefox\Profiles\a6msn898.default-release\Extensions\[email protected] [2024-04-04]
FF Extension: (Browsec VPN - Free VPN Extension) - C:\Users\lucius2\AppData\Roaming\Mozilla\Firefox\Profiles\a6msn898.default-release\Extensions\[email protected] [2025-07-10]
FF Extension: (El Camelizer) - C:\Users\lucius2\AppData\Roaming\Mozilla\Firefox\Profiles\a6msn898.default-release\Extensions\[email protected] [2021-11-26]
FF Extension: (Tab Session Manager) - C:\Users\lucius2\AppData\Roaming\Mozilla\Firefox\Profiles\a6msn898.default-release\Extensions\[email protected] [2025-04-09]
FF Extension: (Chollometro: Compra con superpoderes) - C:\Users\lucius2\AppData\Roaming\Mozilla\Firefox\Profiles\a6msn898.default-release\Extensions\[email protected] [2023-10-26]
FF Extension: (Google Translator for Firefox) - C:\Users\lucius2\AppData\Roaming\Mozilla\Firefox\Profiles\a6msn898.default-release\Extensions\[email protected] [2024-04-26]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\lucius2\AppData\Roaming\Mozilla\Firefox\Profiles\a6msn898.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2025-07-17]
FF Extension: (AliHelper - asistente de compras) - C:\Users\lucius2\AppData\Roaming\Mozilla\Firefox\Profiles\a6msn898.default-release\Extensions\{333f4540-f467-419b-8410-233078ae8813}.xpi [2025-06-22]
FF Extension: (New Tab Suspender) - C:\Users\lucius2\AppData\Roaming\Mozilla\Firefox\Profiles\a6msn898.default-release\Extensions\{6a65273e-2b26-40f5-b66e-8eed317307da}.xpi [2021-11-20]
FF Extension: (Modo oscuro - Ojo nocturno) - C:\Users\lucius2\AppData\Roaming\Mozilla\Firefox\Profiles\a6msn898.default-release\Extensions\{7c6d56ed-2616-48f2-bfde-d1830f1cf2ed}.xpi [2025-07-10]
FF Extension: (Video DownloadHelper) - C:\Users\lucius2\AppData\Roaming\Mozilla\Firefox\Profiles\a6msn898.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2025-06-05]
FF ProfilePath: C:\Users\lucius2\AppData\Roaming\copia mozilla 11-9-21\Mozilla\Firefox\Profiles\keaq5v95.default [2021-09-11]
FF ProfilePath: C:\Users\lucius2\AppData\Roaming\copia mozilla 11-9-21\Mozilla\Firefox\Profiles\a6msn898.default-release [2021-09-11]
FF Extension: (AdBlocker Ultimate) - C:\Users\lucius2\AppData\Roaming\copia mozilla 11-9-21\Mozilla\Firefox\Profiles\a6msn898.default-release\Extensions\[email protected] [2021-07-28]
FF Extension: (Google Translator for Firefox) - C:\Users\lucius2\AppData\Roaming\copia mozilla 11-9-21\Mozilla\Firefox\Profiles\a6msn898.default-release\Extensions\[email protected] [2021-03-22]
FF Extension: (Night Eye - Modo oscuro) - C:\Users\lucius2\AppData\Roaming\copia mozilla 11-9-21\Mozilla\Firefox\Profiles\a6msn898.default-release\Extensions\{7c6d56ed-2616-48f2-bfde-d1830f1cf2ed}.xpi [2021-09-01]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-10-04]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-08-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Ningún archivo]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-08-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1993.6\npAvastBrowserUpdate3.dll [2025-07-15] (Avast Software s.r.o. -> Gen Digital Inc.)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1993.6\npAvastBrowserUpdate3.dll [2025-07-15] (Avast Software s.r.o. -> Gen Digital Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-02-22] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2025-07-15] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\lucius2\AppData\Local\Google\Chrome\User Data\Default [2025-07-22]
CHR Extension: (Presentaciones) - C:\Users\lucius2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-12-26]
CHR Extension: (Documentos) - C:\Users\lucius2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-12-26]
CHR Extension: (Google Drive) - C:\Users\lucius2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-26]
CHR Extension: (YouTube) - C:\Users\lucius2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-26]
CHR Extension: (Merlin - Ask AI to Research, Write & Review) - C:\Users\lucius2\AppData\Local\Google\Chrome\User Data\Default\Extensions\camppjleccjaphfdbohjdohecfnoikec [2024-06-26]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\lucius2\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-06-26]
CHR Extension: (Hojas de cálculo) - C:\Users\lucius2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-12-26]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\lucius2\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-06-18]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\lucius2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-27]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\lucius2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-21]
CHR Extension: (Gmail) - C:\Users\lucius2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-26]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Opera: 
=======
OPR DefaultProfile: Default

Brave: 
=======
BRA Profile: C:\Users\lucius2\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2025-07-18]
BRA Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\lucius2\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-07-18]
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\lucius2\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2025-07-18]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\lucius2\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2025-07-18]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\lucius2\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2025-07-18]
BRA Extension: (Brave NTP sponsored images) - C:\Users\lucius2\AppData\Local\BraveSoftware\Brave-Browser\User Data\alkblaadjjijngaehljijdimckobegga [2025-07-18]
BRA Extension: (Brave NTP background images) - C:\Users\lucius2\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2025-05-26]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\lucius2\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2025-07-18]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\lucius2\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2025-07-18]
BRA Extension: (Brave Ad Block Updater (EasyList Spanish (plaintext))) - C:\Users\lucius2\AppData\Local\BraveSoftware\Brave-Browser\User Data\fejmaeodjeekfldnbegjagemjgnmhfof [2025-07-18]
BRA Extension: (Brave Ads Resources) - C:\Users\lucius2\AppData\Local\BraveSoftware\Brave-Browser\User Data\ganmbmiebelpdlnohnabgkkocholelbp [2025-05-26]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\lucius2\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2025-05-26]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\lucius2\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2025-07-18]
BRA Extension: (Brave Ad Block Updater (Adguard Spanish/Portuguese (plaintext))) - C:\Users\lucius2\AppData\Local\BraveSoftware\Brave-Browser\User Data\meimhmgfbckapkbbbdaoefgnbppmkodp [2025-07-18]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\lucius2\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2025-07-08]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2025-03-21] (Adobe Inc. -> Adobe Inc.)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7412984 2025-07-15] (Avast Software s.r.o. -> Gen Digital Inc.)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193056 2025-07-15] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [1032440 2025-07-15] (Avast Software s.r.o. -> Gen Digital Inc.)
R3 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2582264 2025-07-15] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1084664 2025-07-15] (Avast Software s.r.o. -> Gen Digital Inc.)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193056 2025-07-15] (Avast Software s.r.o. -> Gen Digital Inc.)
S3 AvastSecureBrowserElevationService; C:\Program Files\AVAST Software\Browser\Application\138.0.31254.169\elevation_service.exe [2426576 2025-07-25] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2025-07-15] (Avast Software s.r.o. -> AVAST Software)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3383952 2025-06-17] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
R2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167440 2025-05-26] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveElevationService; C:\Program Files\BraveSoftware\Brave-Browser\Application\138.1.80.122\elevation_service.exe [3198544 2025-07-16] (Brave Software, Inc. -> Brave Software, Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167440 2025-05-26] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [611592 2021-06-07] (cFos Software GmbH -> cFos Software GmbH)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13283712 2025-08-11] (Microsoft Corporation -> Microsoft Corporation)
R2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [616360 2021-07-20] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe [456408 2021-08-17] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairMsiPluginService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairMsiPluginService.exe [451808 2021-08-17] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe [80600 2021-08-17] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [Archivo no firmado]
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-02-10] (Epic Games Inc. -> Epic Games, Inc.)
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbguard.exe [65536 2004-02-23] (The Firebird Project) [Archivo no firmado]
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbserver.exe [1515599 2004-02-23] (The Firebird Project) [Archivo no firmado]
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2363000 2021-09-24] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S3 IBG_instance2; C:\Program Files (x86)\Embarcadero\InterBase\bin\ibguard.exe [633712 2022-10-27] (Idera, Inc. -> Embarcadero Technologies, Inc.)
S3 IBS_instance2; C:\Program Files (x86)\Embarcadero\InterBase\bin\ibserver.exe [4746608 2022-10-27] (Idera, Inc. -> Embarcadero Technologies, Inc.)
R2 LightKeeperService; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9591104 2025-07-17] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-07-17] (Malwarebytes Inc. -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [946384 2025-08-11] (McAfee, LLC -> McAfee, LLC)
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\FoundationService\MSIAPService.exe [75216 2020-09-23] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe [147088 2020-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Companion_Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe [143160 2021-03-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe [36152 2021-06-07] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe [39760 2021-05-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 SDRplayAPIService; C:\Program Files\SDRplay\sdrplay_apiService.exe [489968 2021-10-26] (SDRplay Limited -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [917440 2025-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16518456 2022-12-12] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [805224 2022-11-16] (Oracle Corporation -> Oracle and/or its affiliates)
S3 VSInstallerElevationService; C:\Program Files (x86)\Microsoft Visual Studio\Installer\VSInstallerElevationService.exe [41416 2023-12-19] (Microsoft Corporation -> Microsoft)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [142304 2022-06-01] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\NisSrv.exe [4513624 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MsMpEng.exe [278328 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [54792 2023-04-06] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_1a1a381a2c0e293c\amdsafd.sys [113056 2022-08-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0385558.inf_amd64_a02c8b890e9f278a\B385477\amdkmdag.sys [94633328 2022-11-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [21072 2025-08-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [245344 2025-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [391264 2025-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [299616 2025-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [85568 2025-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [29144 2025-08-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R3 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [29768 2025-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [281168 2025-08-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [571984 2025-08-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [92216 2025-08-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72272 2025-08-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [884288 2025-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [1278032 2025-08-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 aswStm; C:\Windows\System32\drivers\aswStm.sys [202336 2025-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [392288 2025-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 cFosSpeed; C:\Windows\system32\DRIVERS\cfosspeed6.sys [1767224 2021-06-07] (cFos Software GmbH -> cFos Software GmbH)
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [60328 2021-07-20] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccessC2D033F14715AA7325305EA42FBFC65BF867CC1D; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairLLAccess64.sys [21752 2021-07-20] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [45984 2021-07-20] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21920 2021-07-20] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R1 CTIIO; C:\Windows\system32\drivers\CtiIo64.sys [17944 2021-09-25] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
S3 CYUSB3; C:\Windows\System32\Drivers\CYUSB3.sys [74624 2020-09-03] (Cypress Semiconductor Corporation -> Cypress Semiconductor)
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-11] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 KslD; C:\Windows\System32\drivers\wd\KslD.sys [330112 2025-06-13] (Microsoft Windows -> Microsoft Corporation)
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [234072 2025-07-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [22120 2025-07-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [242752 2025-07-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 msi2500; C:\Windows\system32\DRIVERS\msi2500.sys [146328 2019-07-21] (SDRplay Limited -> Mirics)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\One Dragon Center\Lib\SYS\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
R3 UHSfiltv; C:\Windows\system32\drivers\UHSfiltv.sys [32264 2015-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [254632 2022-11-16] (Oracle Corporation -> Oracle and/or its affiliates)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [265504 2022-11-16] (Oracle Corporation -> Oracle and/or its affiliates)
R1 VBoxSup; C:\Windows\system32\DRIVERS\VBoxSup.sys [1060880 2022-11-16] (Oracle Corporation -> Oracle and/or its affiliates)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [189144 2022-11-16] (Oracle Corporation -> Oracle and/or its affiliates)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [20032 2025-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [612768 2025-06-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [100744 2025-06-13] (Microsoft Windows -> Microsoft Corporation)
R3 WinRing0_1_2_2; C:\Windows\system32\drivers\WinRing0_1_2_2.sys [31152 2025-08-11] (PAIPTAC  Driver -> )
S3 cpuz150; \??\C:\Windows\temp\cpuz150\cpuz150_x64.sys [X] <==== ATENCIÓN

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2025-08-11 12:13 - 2025-08-11 12:14 - 000057556 _____ C:\Users\lucius2\Downloads\FRST.txt
2025-08-11 12:13 - 2025-08-11 12:14 - 000000000 ____D C:\FRST
2025-08-11 12:10 - 2025-08-11 12:10 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-08-11 12:08 - 2025-08-11 12:08 - 002409472 _____ (Farbar) C:\Users\lucius2\Downloads\FRST64.exe
2025-08-11 12:06 - 2025-08-11 12:06 - 003158272 _____ (Furtivex) C:\Users\lucius2\Downloads\does-not-belong_8.8.3.exe
2025-08-11 12:02 - 2025-08-11 12:02 - 000321272 _____ (Gen Digital Inc.) C:\Windows\system32\aswb7b7ad2284e2e202.tmp
2025-07-18 11:13 - 2025-07-18 11:17 - 000000000 ____D C:\Users\lucius2\AppData\LocalLow\IGDump
2025-07-17 20:39 - 2025-08-11 12:15 - 000000000 ____D C:\Users\lucius2\AppData\Local\Malwarebytes
2025-07-17 20:39 - 2025-07-17 20:39 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-07-17 20:39 - 2025-07-17 20:39 - 000002081 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2025-07-17 20:38 - 2025-07-17 20:38 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-07-17 20:38 - 2025-07-17 20:38 - 000000000 ____D C:\Program Files\Malwarebytes
2025-07-17 20:05 - 2025-07-17 20:07 - 688078848 _____ C:\Users\lucius2\Downloads\krd (1).iso
2025-07-16 20:20 - 2025-07-16 20:20 - 000000000 ____D C:\KRD2024_Data
2025-07-16 17:47 - 2025-07-16 17:47 - 000001136 _____ C:\Users\Public\Desktop\Win32DiskImager.lnk
2025-07-16 17:47 - 2025-07-16 17:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Writer
2025-07-16 17:47 - 2025-07-16 17:47 - 000000000 ____D C:\Program Files (x86)\ImageWriter
2025-07-16 17:46 - 2025-07-16 17:46 - 012567188 _____ (ImageWriter Developers ) C:\Users\lucius2\Downloads\win32diskimager-1.0.0-install.exe
2025-07-16 17:43 - 2025-07-16 17:45 - 688103424 _____ C:\Users\lucius2\Downloads\krd.iso
2025-07-16 17:38 - 2025-07-16 17:38 - 000001498 __RSH C:\ProgramData\ntuser.pol
2025-07-16 17:34 - 2025-07-16 17:38 - 000000000 ____D C:\Users\lucius2\AppData\Local\Rufus
2025-07-16 17:33 - 2025-07-16 17:33 - 002102632 _____ (Akeo Consulting) C:\Users\lucius2\Downloads\rufus-4.9.exe
2025-07-15 20:47 - 2025-07-15 20:47 - 000000000 ___HD C:\$AV_ASW
2025-07-15 19:04 - 2025-07-15 19:04 - 000000023 _____ C:\Windows\system32\start
2025-07-15 17:07 - 2025-08-11 12:08 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2025-07-15 17:07 - 2025-08-11 12:08 - 000002407 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2025-07-15 17:07 - 2025-07-17 20:35 - 000000000 ____D C:\Users\lucius2\AppData\Local\AVAST Software
2025-07-15 17:07 - 2025-07-15 17:07 - 000003844 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2025-07-15 17:07 - 2025-07-15 17:07 - 000003820 _____ C:\Windows\system32\Tasks\AvastBrowserProtectS-1-5-21-2733056459-4073295486-4068123865-1001
2025-07-15 17:07 - 2025-07-15 17:07 - 000003658 _____ C:\Windows\system32\Tasks\AvastUpdateTaskMachineUA
2025-07-15 17:07 - 2025-07-15 17:07 - 000003534 _____ C:\Windows\system32\Tasks\AvastUpdateTaskMachineCore
2025-07-15 17:07 - 2025-07-15 17:07 - 000003260 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2025-07-15 17:07 - 2025-07-15 17:07 - 000000000 ____D C:\Users\lucius2\AppData\Roaming\Avast Software
2025-07-15 17:07 - 2025-07-15 17:07 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2025-07-15 17:06 - 2025-08-11 12:02 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2025-07-15 17:06 - 2025-07-15 17:07 - 000000000 ____D C:\Program Files\Avast Software
2025-07-15 17:06 - 2025-07-15 17:06 - 000320248 _____ (Gen Digital Inc.) C:\Windows\system32\aswBoot.exe
2025-07-15 17:06 - 2025-07-15 17:06 - 000002206 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2025-07-15 17:06 - 2025-07-15 17:06 - 000002194 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2025-07-15 17:06 - 2025-07-15 17:06 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2025-07-15 17:06 - 2025-07-15 17:05 - 000055064 _____ (Gen Digital Inc.) C:\Windows\system32\icarus_rvrt.exe
2025-07-15 17:05 - 2025-07-17 20:04 - 000000000 ____D C:\ProgramData\Avast Software

no me entra todo en un mensaje lo pondre en dos

lo que falta

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2025-08-11 12:13 - 2020-09-27 09:58 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-08-11 12:13 - 2020-09-27 09:58 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-08-11 12:13 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-08-11 12:13 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2025-08-11 12:12 - 2021-12-22 11:55 - 000000000 ____D C:\Windows\SystemTemp
2025-08-11 12:10 - 2020-12-03 23:39 - 000000000 ____D C:\Users\lucius2\AppData\Local\Packages
2025-08-11 12:10 - 2020-09-27 10:00 - 000000000 ____D C:\ProgramData\Packages
2025-08-11 12:09 - 2023-05-13 14:55 - 000000000 ____D C:\Program Files\Microsoft Office
2025-08-11 12:08 - 2025-01-31 20:39 - 000003580 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-2733056459-4073295486-4068123865-1001
2025-08-11 12:08 - 2024-02-25 20:32 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2025-08-11 12:08 - 2023-03-02 09:10 - 000002423 _____ C:\Users\lucius2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-08-11 12:08 - 2021-12-11 20:50 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2733056459-4073295486-4068123865-1001
2025-08-11 12:08 - 2020-12-03 23:41 - 000003384 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2733056459-4073295486-4068123865-1001
2025-08-11 12:07 - 2025-06-15 22:58 - 000000108 _____ C:\logUploaderSettings_temp.ini
2025-08-11 12:07 - 2025-06-15 22:58 - 000000108 _____ C:\logUploaderSettings.ini
2025-08-11 12:07 - 2020-12-26 17:06 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-08-11 12:07 - 2020-12-26 17:06 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-08-11 12:07 - 2020-09-27 09:58 - 000003708 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-08-11 12:07 - 2020-09-27 09:58 - 000003582 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-08-11 12:06 - 2020-12-03 23:41 - 001683680 _____ C:\Windows\system32\PerfStringBackup.INI
2025-08-11 12:06 - 2019-12-07 16:55 - 000752316 _____ C:\Windows\system32\perfh00A.dat
2025-08-11 12:06 - 2019-12-07 16:55 - 000147994 _____ C:\Windows\system32\perfc00A.dat
2025-08-11 12:06 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2025-08-11 12:05 - 2021-02-06 01:51 - 000004290 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1612569088
2025-08-11 12:05 - 2021-02-06 01:51 - 000001396 _____ C:\Users\lucius2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2025-08-11 12:02 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2025-08-11 12:00 - 2025-07-06 20:28 - 000031152 _____ C:\Windows\system32\Drivers\WinRing0_1_2_2.sys
2025-08-11 12:00 - 2022-06-04 16:22 - 000000000 ____D C:\Users\lucius2\AppData\Local\Battle.net
2025-08-11 12:00 - 2021-01-08 17:07 - 000000000 ____D C:\Users\lucius2\AppData\Roaming\Microsoft\Skype for Desktop
2025-08-11 12:00 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-08-11 11:59 - 2021-10-01 17:06 - 000000000 ____D C:\Program Files\TeamViewer
2025-08-11 11:59 - 2020-09-27 09:56 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2025-08-11 11:59 - 2020-09-27 07:55 - 000008192 ___SH C:\DumpStack.log.tmp
2025-08-11 11:59 - 2020-09-27 07:55 - 000000000 ____D C:\Windows\system32\SleepStudy
2025-07-22 09:20 - 2022-02-09 17:34 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-07-22 09:18 - 2023-12-02 12:23 - 000000000 ____D C:\Program Files (x86)\Hard Disk Sentinel
2025-07-22 09:12 - 2020-12-04 12:18 - 000000000 ____D C:\Users\lucius2\AppData\Local\D3DSCache
2025-07-17 20:35 - 2023-10-28 12:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2025-07-17 20:35 - 2023-09-27 14:03 - 000000000 ____D C:\Users\lucius2\AppData\Local\Wondershare
2025-07-17 20:10 - 2025-05-26 17:12 - 000002362 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2025-07-17 20:10 - 2025-05-26 17:12 - 000002321 _____ C:\Users\Public\Desktop\Brave.lnk
2025-07-16 18:17 - 2023-10-17 20:24 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2025-07-16 18:17 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2025-07-16 16:30 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports
2025-07-16 15:39 - 2022-01-10 19:29 - 1339844455 _____ C:\Users\lucius2\Downloads\Megapack de esquematicos-20220110T172231Z-001.zip
2025-07-16 15:35 - 2021-01-27 21:12 - 000000146 _____ C:\Users\lucius2\Downloads\DOWNLOAD.1080p.Dvix-DL.H364.fdi.zip
2025-07-15 15:39 - 2023-05-13 15:13 - 000000000 ____D C:\Users\lucius2\AppData\Roaming\Microsoft\Excel
2025-07-13 17:36 - 2020-12-03 23:41 - 000000000 ____D C:\Users\lucius2\AppData\Local\PlaceholderTileLogoFolder
2025-07-13 17:35 - 2020-09-27 07:55 - 000396928 _____ C:\Windows\system32\FNTCACHE.DAT
2025-07-13 17:34 - 2025-06-26 13:24 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-07-13 17:34 - 2020-12-03 23:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-07-13 17:32 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
2025-07-13 17:32 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2025-07-13 17:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2025-07-13 17:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2025-07-13 17:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2025-07-13 17:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2025-07-13 17:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2025-07-13 17:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2025-07-13 17:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2025-07-13 17:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2025-07-13 17:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz
2025-07-13 17:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2025-07-13 17:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2025-07-13 17:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents
2025-07-13 17:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2025-07-13 17:32 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing

==================== Archivos en la raíz de algunos directorios ========

2024-02-24 17:08 - 2024-02-24 17:08 - 000000471 _____ () C:\Users\lucius2\AppData\Roaming\.gr_fftw_wisdom
2024-02-24 17:08 - 2024-02-24 17:08 - 000000000 _____ () C:\Users\lucius2\AppData\Roaming\.gr_fftw_wisdom.lock
2024-06-18 10:10 - 2024-06-27 10:03 - 000535040 _____ (Dirección General de la Policía) C:\Users\lucius2\AppData\Local\DNIeService.exe
2021-10-12 12:56 - 2023-12-03 16:38 - 000007607 _____ () C:\Users\lucius2\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

la segunda parte que no me entraba en un mensaje

==================== Network ===========================

(Actualmente no existe una corrección automática para esta sección.)

DNS Servers: 192.168.0.1
Firewall de Windows está habilitado.

Network Binding:
=============
Ethernet 3: Realtek PCIe 2.5GbE Family Controller #2 -> rt640x64.sys
Wi-Fi: Intel(R) Wi-Fi 6 AX200 160MHz -> Netwtw10.sys
Ethernet 2: VirtualBox Host-Only Ethernet Adapter -> VBoxNetAdp6.sys
Conexión de red Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys

oracle_VBoxNetLwf: VirtualBox NDIS6 Bridged Networking Driver
cfosspeed: cFosSpeed for faster Internet connections (NDIS 6)

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\Control Panel\Desktop\\Wallpaper -> 
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 0)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 4) (TamperProtectionSource: 2)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)
HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths|C:\Users\lucius2\Downloads\Flamman-160164272000064\Office Pro Plus 2021 16.0.16427.20000 - x64\Office Uninstall 1.8.3.exe
HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths|C:\Users\lucius2\Downloads\Flamman-160164272000064\Office Pro Plus 2021 16.0.16427.20000 - x64\Office 2021 - x64\OInstall_x64.exe
HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths|C:\Users\lucius2\Downloads\Flamman-160164272000064\Office Pro Plus 2021 16.0.16427.20000 - x64\Office 2021 - x64\files


==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{56240373-773B-4B30-B4E3-C5C2505EC363}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1B0421D0-C2BA-49FC-85B1-7B2B3E7E3FC9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{B0152008-C8AF-4C93-8183-188095AF529C}C:\program files (x86)\sdrplay\sdruno\sdruno.exe] => (Allow) C:\program files (x86)\sdrplay\sdruno\sdruno.exe (SDRplay Limited -> SDRplay Limited)
FirewallRules: [UDP Query User{B6EDA456-75A8-496E-BE6F-0FC58BB33409}C:\program files (x86)\sdrplay\sdruno\sdruno.exe] => (Allow) C:\program files (x86)\sdrplay\sdruno\sdruno.exe (SDRplay Limited -> SDRplay Limited)
FirewallRules: [TCP Query User{EFB0FDF2-6BEC-42D6-8941-4DB079FC87FF}C:\users\lucius2\downloads\anydesk.exe] => (Allow) C:\users\lucius2\downloads\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [UDP Query User{FF9386A9-7F23-426E-8833-503D3203DE05}C:\users\lucius2\downloads\anydesk.exe] => (Allow) C:\users\lucius2\downloads\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{D056D669-4051-4823-9B99-1F5514B39ACA}] => (Allow) D:\Archivos de programa\darwindemomt5\metatester64.exe (MetaQuotes Ltd. -> MetaQuotes Ltd.)
FirewallRules: [TCP Query User{1B3AB4FA-C518-42C6-A19C-62368C86031D}C:\users\lucius2\appdata\local\programs\opera\74.0.3911.75\opera.exe] => (Allow) C:\users\lucius2\appdata\local\programs\opera\74.0.3911.75\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{9D335331-2D29-4475-B0DB-0E28FF5C5E3F}C:\users\lucius2\appdata\local\programs\opera\74.0.3911.75\opera.exe] => (Allow) C:\users\lucius2\appdata\local\programs\opera\74.0.3911.75\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{43AF6F19-9B21-419C-83D7-2C6F47336886}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{27BA4365-CF1C-4B98-8C6C-820AB4B829BB}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{6E1D25A1-199C-4F5B-B112-F906AAC509EE}C:\users\lucius2\appdata\local\programs\opera\74.0.3911.218\opera.exe] => (Block) C:\users\lucius2\appdata\local\programs\opera\74.0.3911.218\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{5BA7431A-9686-4F95-A5FD-E4E0946506F9}C:\users\lucius2\appdata\local\programs\opera\74.0.3911.218\opera.exe] => (Block) C:\users\lucius2\appdata\local\programs\opera\74.0.3911.218\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{F8DCAF89-33FD-44F5-B827-D92C9D3C0550}C:\users\lucius2\appdata\local\programs\opera\75.0.3969.149\opera.exe] => (Allow) C:\users\lucius2\appdata\local\programs\opera\75.0.3969.149\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{3A69B155-F9CB-4750-8E31-698DEABA565B}C:\users\lucius2\appdata\local\programs\opera\75.0.3969.149\opera.exe] => (Allow) C:\users\lucius2\appdata\local\programs\opera\75.0.3969.149\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{8F2537B4-9E00-4AE1-AE95-B5943433BDCE}C:\users\lucius2\appdata\local\programs\opera\75.0.3969.243\opera.exe] => (Allow) C:\users\lucius2\appdata\local\programs\opera\75.0.3969.243\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{B0D52493-A398-4549-B5B3-A91DF5DDFA19}C:\users\lucius2\appdata\local\programs\opera\75.0.3969.243\opera.exe] => (Allow) C:\users\lucius2\appdata\local\programs\opera\75.0.3969.243\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{E35660DC-C305-40A5-9462-C2E338BC5788}C:\users\lucius2\appdata\local\programs\opera\76.0.4017.107\opera.exe] => (Allow) C:\users\lucius2\appdata\local\programs\opera\76.0.4017.107\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{015BCFBE-C17B-4DB4-883C-9E2D2E2F5B5C}C:\users\lucius2\appdata\local\programs\opera\76.0.4017.107\opera.exe] => (Allow) C:\users\lucius2\appdata\local\programs\opera\76.0.4017.107\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{BA314910-AEDA-4CE2-B929-1C9249EBA7E8}C:\users\lucius2\appdata\local\programs\opera\76.0.4017.123\opera.exe] => (Allow) C:\users\lucius2\appdata\local\programs\opera\76.0.4017.123\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{DF7C5BA5-F824-49DB-B9EA-239B6DE19D4D}C:\users\lucius2\appdata\local\programs\opera\76.0.4017.123\opera.exe] => (Allow) C:\users\lucius2\appdata\local\programs\opera\76.0.4017.123\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{F5C6AE69-29AF-4275-8F53-4DF8AB9BDA8D}C:\users\lucius2\appdata\local\programs\opera\76.0.4017.177\opera.exe] => (Block) C:\users\lucius2\appdata\local\programs\opera\76.0.4017.177\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{AAE184EF-2E9B-42BE-B185-4130CDBE5E62}C:\users\lucius2\appdata\local\programs\opera\76.0.4017.177\opera.exe] => (Block) C:\users\lucius2\appdata\local\programs\opera\76.0.4017.177\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{E682DF54-BF46-4927-B80C-C3A85FCED206}C:\sdrsharp\bin\sdrsharp.exe] => (Allow) C:\sdrsharp\bin\sdrsharp.exe (Airspy) [Archivo no firmado]
FirewallRules: [UDP Query User{E3D5B03D-E322-4707-8C75-DD1166BF2058}C:\sdrsharp\bin\sdrsharp.exe] => (Allow) C:\sdrsharp\bin\sdrsharp.exe (Airspy) [Archivo no firmado]
FirewallRules: [TCP Query User{D1FFF498-F0FA-4971-8334-FE61801430B0}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [UDP Query User{5D529EFF-A99A-4614-B233-9596C951868D}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [TCP Query User{FDA7FDA9-F59F-4455-8A91-42A371A70710}C:\users\lucius2\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\lucius2\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{2C343F87-AF3F-43FA-BB02-3C587B4FA2CC}C:\users\lucius2\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\lucius2\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{0D678A55-2B83-4456-94F8-1E54E8660E7A}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{A0B025DE-D6B9-40D5-9014-4E45D7B15337}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{DBB8B93F-7723-4445-953F-F6784C22974D}C:\users\lucius2\downloads\quantower\tradingplatform\v1.118.17\starter.exe] => (Allow) C:\users\lucius2\downloads\quantower\tradingplatform\v1.118.17\starter.exe => Ningún archivo
FirewallRules: [UDP Query User{ABD0545A-666D-4D5B-A931-C92B07071725}C:\users\lucius2\downloads\quantower\tradingplatform\v1.118.17\starter.exe] => (Allow) C:\users\lucius2\downloads\quantower\tradingplatform\v1.118.17\starter.exe => Ningún archivo
FirewallRules: [TCP Query User{54164F6A-5B4D-4856-81E9-51D97E8F822F}C:\users\lucius2\downloads\quantower\tradingplatform\v1.119.11\starter.exe] => (Allow) C:\users\lucius2\downloads\quantower\tradingplatform\v1.119.11\starter.exe => Ningún archivo
FirewallRules: [UDP Query User{4197EDAF-3CCB-4C60-AE13-05233768526D}C:\users\lucius2\downloads\quantower\tradingplatform\v1.119.11\starter.exe] => (Allow) C:\users\lucius2\downloads\quantower\tradingplatform\v1.119.11\starter.exe => Ningún archivo
FirewallRules: [TCP Query User{1B892EB6-3D8F-434C-B232-DB95C6911DCA}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.118.5\starter.exe] => (Allow) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.118.5\starter.exe => Ningún archivo
FirewallRules: [UDP Query User{7E9EAEB2-1627-47A7-81D5-A88532EA87AB}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.118.5\starter.exe] => (Allow) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.118.5\starter.exe => Ningún archivo
FirewallRules: [TCP Query User{0E538540-35BA-462C-BD46-18A28FA2941B}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.119.2\starter.exe] => (Allow) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.119.2\starter.exe => Ningún archivo
FirewallRules: [UDP Query User{FF50EEDD-4800-4173-8CBE-B6C32909C8A3}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.119.2\starter.exe] => (Allow) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.119.2\starter.exe => Ningún archivo
FirewallRules: [TCP Query User{1DB67D8D-3423-4881-B633-E3AE38603FF7}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.124.4\starter.exe] => (Allow) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.124.4\starter.exe => Ningún archivo
FirewallRules: [UDP Query User{2B7F6757-EBE3-4996-918D-9684F08BA758}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.124.4\starter.exe] => (Allow) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.124.4\starter.exe => Ningún archivo
FirewallRules: [{FE4BE024-D75C-4658-B6AB-E59F07EE8FDE}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9BEB3787-7C4B-4D33-9CDB-C917518D2237}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0EEC43E5-88BE-471A-906D-CC5C47E14743}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{40C36D33-E419-4396-BC24-5BB0092CAB37}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{BCC307C7-7095-4D75-8618-DB92C6C8009A}E:\transmision torrent\transmission-qt.exe] => (Allow) E:\transmision torrent\transmission-qt.exe => Ningún archivo
FirewallRules: [UDP Query User{7C05F14B-26A8-4D6B-B3FD-E6002993F85A}E:\transmision torrent\transmission-qt.exe] => (Allow) E:\transmision torrent\transmission-qt.exe => Ningún archivo
FirewallRules: [TCP Query User{87ACEF6D-5F64-450E-B8CE-0AFF35FAC5DE}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.126.5\starter.exe] => (Block) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.126.5\starter.exe => Ningún archivo
FirewallRules: [UDP Query User{105A5418-01F3-44EA-B60B-63816AB95DA4}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.126.5\starter.exe] => (Block) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.126.5\starter.exe => Ningún archivo
FirewallRules: [TCP Query User{61E2BA4C-30BB-489F-8725-697309CD2A58}E:\epic games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) E:\epic games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{B284FBF4-6C9B-4DD1-AC6C-A47B50EBD2E4}E:\epic games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) E:\epic games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{EB268959-012B-4F7B-9967-4EA20201C5B4}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.130.5\starter.exe] => (Allow) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.130.5\starter.exe => Ningún archivo
FirewallRules: [UDP Query User{6D779CDB-AC4E-418C-8D9D-D82E2301E7A0}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.130.5\starter.exe] => (Allow) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.130.5\starter.exe => Ningún archivo
FirewallRules: [TCP Query User{EA2C94C2-F6F1-4FD8-981B-B721C273C151}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.130.6\starter.exe] => (Allow) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.130.6\starter.exe => Ningún archivo
FirewallRules: [UDP Query User{50704055-4D38-4FCE-948B-B6F74A0D3432}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.130.6\starter.exe] => (Allow) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.130.6\starter.exe => Ningún archivo
FirewallRules: [{6AADE12A-91D3-4AE9-B02C-4C9D19BAF7A0}] => (Allow) C:\Users\lucius2\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => Ningún archivo
FirewallRules: [{42E69844-95B8-473A-8C1B-CCACE137ACF8}] => (Allow) C:\Users\lucius2\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => Ningún archivo
FirewallRules: [{83F260C0-A2F0-4E46-BA3A-3AEDEDA41679}] => (Allow) C:\Users\lucius2\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => Ningún archivo
FirewallRules: [TCP Query User{9490D3B1-ECBB-455B-B7A8-7B9F71212631}C:\users\lucius2\downloads\quantower\tradingplatform\v1.135.4\starter.exe] => (Allow) C:\users\lucius2\downloads\quantower\tradingplatform\v1.135.4\starter.exe => Ningún archivo
FirewallRules: [UDP Query User{27E1CF8C-A763-4826-815D-9BE0F564EC77}C:\users\lucius2\downloads\quantower\tradingplatform\v1.135.4\starter.exe] => (Allow) C:\users\lucius2\downloads\quantower\tradingplatform\v1.135.4\starter.exe => Ningún archivo
FirewallRules: [{8EB7279B-71DA-46D8-B234-5F7C85181D5A}] => (Allow) C:\Users\lucius2\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => Ningún archivo
FirewallRules: [{B88E995D-0FF1-44AD-BDB7-722FF8A314D0}] => (Allow) C:\Users\lucius2\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => Ningún archivo
FirewallRules: [TCP Query User{382F1971-55DB-410C-B7FB-9D50FE804A0F}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.135.6\starter.exe] => (Allow) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.135.6\starter.exe => Ningún archivo
FirewallRules: [UDP Query User{85F723AC-D5A3-48F6-9678-B2FFD7CCCB73}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.135.6\starter.exe] => (Allow) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.135.6\starter.exe => Ningún archivo
FirewallRules: [TCP Query User{449F4F9C-25BB-4729-972C-CC6C3891F0FF}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.136.8\starter.exe] => (Allow) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.136.8\starter.exe => Ningún archivo
FirewallRules: [UDP Query User{8CB2A84A-BED7-43FC-A24A-08E5F48043B9}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.136.8\starter.exe] => (Allow) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.136.8\starter.exe => Ningún archivo
FirewallRules: [{DAD8C92C-9EFC-470C-9834-7274FAADD920}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe => Ningún archivo
FirewallRules: [{4D8BEABF-8213-4AEA-9B6B-D0B310097B33}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe => Ningún archivo
FirewallRules: [{5E47A448-7934-4A7D-815C-AE949EB2BF1A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe => Ningún archivo
FirewallRules: [{64E0745A-1583-4EBC-B180-4659628D239A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe => Ningún archivo
FirewallRules: [{22E13418-88F0-48DB-9663-DDC17A8061EA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe => Ningún archivo
FirewallRules: [{35F0E01F-56E8-4034-B533-4E27128AA2E5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe => Ningún archivo
FirewallRules: [{36B59D9F-F181-4A96-8B80-E4CA9AC1A67B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe => Ningún archivo
FirewallRules: [{8C10C013-B93A-4B97-9EB6-2DEDC315CE64}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe => Ningún archivo
FirewallRules: [{20A5704F-555F-4A17-B32E-3D5D26FDC9AC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe => Ningún archivo
FirewallRules: [{E123E084-95D2-4CD1-8460-0E70C1618928}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe => Ningún archivo
FirewallRules: [{31FE96B3-C1EF-4382-B0A5-C3093BE3F491}] => (Allow) C:\Users\lucius2\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{8C656797-F5EB-4FA3-8DCE-06D0A9F228D4}] => (Allow) C:\Users\lucius2\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{1544C08A-9427-4078-AE2C-4E22D0953A87}] => (Allow) C:\Users\lucius2\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{E16C7850-8482-45D8-AF2D-649B26385707}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{7F187C98-52D7-40E2-BA2A-AC2261A46D54}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{B29DBF9D-68D9-4881-8C1B-28160496D819}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C7059CEB-D6A3-4CB2-AC44-77F37AD5A774}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{17DE8283-6040-4E26-8949-5DDAAC001A0E}C:\program files\configuradorfnmt\configuradorfnmt\jre\bin\javaw.exe] => (Allow) C:\program files\configuradorfnmt\configuradorfnmt\jre\bin\javaw.exe
FirewallRules: [UDP Query User{0FD7F5AB-0DFA-4F44-A716-AF9E03AEE688}C:\program files\configuradorfnmt\configuradorfnmt\jre\bin\javaw.exe] => (Allow) C:\program files\configuradorfnmt\configuradorfnmt\jre\bin\javaw.exe
FirewallRules: [{FE46039E-9F7A-4B7C-A94C-7703AE07DEEA}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{164F78BC-E167-45D9-904D-7BBC3B056055}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{D4A3C04E-94DE-478A-8B47-0839267BE3C5}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{CC096A9F-53CD-4892-80BC-C0F9799DE58F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.268.528.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{267C21D7-320E-4991-B26E-F17F365C912D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.268.528.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7465DA30-71B1-4A38-A3D7-01E9EA3F52A0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.268.528.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DAC7E515-3179-4183-A730-43447909F854}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.268.528.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6472235E-CEEB-46DA-B131-C1757818247C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.268.528.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{21F7F824-741B-476C-9B1A-CE260946795A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.268.528.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F1EF5EDA-5F6B-4F4F-8C80-51815FDFDBC2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.268.528.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FF6AC7F7-10C4-461A-AF66-59991483EE6B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.268.528.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E9CBFCA8-41D3-4B14-B64D-942174F5062B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.268.528.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1D15B34D-B820-4F55-BF77-F8B01AA2863E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.268.528.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B4B546FD-EA71-4BF9-8C84-A53BBF2ADBF0}] => (Allow) LPort=32682
FirewallRules: [{4CA5F248-2240-4929-819D-8A7995AFB48D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{99ABD223-93C7-4ACE-8A8E-B24548FA1F8A}] => (Allow) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> Gen Digital Inc.)

==================== Puntos de Restauración =========================

18-07-2025 01:24:11 Punto de control programado

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (08/11/2025 11:59:33 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Error en la inicialización de la inscripción de certificados de SCEP para WORKGROUP\DESKTOP-8R99D6K$ a través de https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps

Método: GET(62ms)
Fase: GetCACaps
No se pudo resolver el nombre de servidor o su dirección 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (07/17/2025 08:04:23 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Error en la inicialización de la inscripción de certificados de SCEP para WORKGROUP\DESKTOP-8R99D6K$ a través de https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Thu, 17 Jul 2025 18:04:25 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 7c032a85-2cdf-4adc-a897-b43683864a09

Método: GET(953ms)
Fase: GetCACaps
No encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (07/16/2025 05:41:30 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Error en la inicialización de la inscripción de certificados de SCEP para WORKGROUP\DESKTOP-8R99D6K$ a través de https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 16 Jul 2025 15:41:31 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: aa67a265-67b4-45b9-b0a8-34833deee616

Método: GET(407ms)
Fase: GetCACaps
No encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (07/16/2025 05:39:17 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1000) (User: NT AUTHORITY)
Description: Se denegó el acceso a los datos de rendimiento al usuario "SYSTEM" (valor de GetUserName() para el subproceso en ejecución) porque se intentó acceder desde el módulo "C:\Program Files (x86)\MSI\One Dragon Center\CC_Engine_x64.exe" (valor de GetModuleFileName() para el elemento binario que emitió la consulta).

Error: (07/15/2025 05:04:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: SecHealthUI.exe, versión: 10.0.19041.6033, marca de tiempo: 0xc0942000
Nombre del módulo con errores: SecHealthUIDataModel.dll, versión: 10.0.19041.6033, marca de tiempo: 0x45b208d1
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00000000000b5fcd
Identificador del proceso con errores: 0x51dc
Hora de inicio de la aplicación con errores: 0x01dbf48a503aece9
Ruta de acceso de la aplicación con errores: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
Ruta de acceso del módulo con errores: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIDataModel.dll
Identificador del informe: 69030b36-e03c-4823-9430-7315e00ec41b
Nombre completo del paquete con errores: Microsoft.Windows.SecHealthUI_10.0.19041.4239_neutral__cw5n1h2txyewy
Identificador de aplicación relativa del paquete con errores: SecHealthUI

Error: (07/15/2025 02:15:43 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: El optimizador de almacenamiento no pudo completar volver a optimizar en F (F:) debido a: El hardware del volumen no admite la operación solicitada. (0x8900002A)

Error: (07/15/2025 02:15:18 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: El optimizador de almacenamiento no pudo completar volver a optimizar en E (E:) debido a: El hardware del volumen no admite la operación solicitada. (0x8900002A)

Error: (07/15/2025 02:15:12 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: El optimizador de almacenamiento no pudo completar volver a optimizar en D (D:) debido a: El hardware del volumen no admite la operación solicitada. (0x8900002A)


Errores del sistema:
=============
Error: (08/11/2025 12:09:45 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error (0x80073d02 = No se pudo instalar el paquete porque los recursos que modifica están actualmente en uso.): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (08/11/2025 12:08:38 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1053" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (08/11/2025 12:08:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Windows Search no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (08/11/2025 12:08:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Windows Search.

Error: (08/11/2025 12:08:23 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error (0x80073d02 = No se pudo instalar el paquete porque los recursos que modifica están actualmente en uso.): 9NZKPSTSNW4P-Microsoft.XboxGamingOverlay.

Error: (08/11/2025 12:01:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Servicio de Google Update (gupdate) no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (08/11/2025 12:01:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Servicio de Google Update (gupdate).

Error: (08/11/2025 11:59:09 AM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: El controlador de dispositivo para el Módulo de plataforma segura (TPM) encontró en el hardware de TPM un error irrecuperable que impide que se usen los servicios de TPM (como el cifrado de datos). Para obtener más ayuda, póngase en contacto con el fabricante del equipo.


Windows Defender:
================
Date: 2025-07-22 09:12:36
Description: 
Antivirus de Microsoft Defender śčăŋ нάş вёēή ѕťσрφеď ъëƒóŗё ςσmρĺєτĩòň.%ⁿ %ťŞçăŋ ΊÐ:%ъ{3479C333-0079-47EF-BE18-A4EC11121BD0}%л %ţЅςãñ Ţўρë:%ьAntimalware%ñ %ţŞсаŋ Рáŗдmêŧěяѕ:%ъExamen rápido%η  %τЏşєŗ:%вNT AUTHORITY\SYSTEM%ņ %ťЅтōφ Ŕëàѕоⁿ:%ъŚсћêδцľэð ѕçàʼn ωāś şκïφрēđ ъêсåüѕĕ ţнэ ŀāѕт ŝųĉçĕśşƒųļ şćàи ẁªѕ щїťђìй ŧĥĕ ℓąѕţ 7 ðάỳŝ

Date: 2025-07-17 20:54:35
Description: 
Antivirus de Microsoft Defender śčăŋ нάş вёēή ѕťσрφеď ъëƒóŗё ςσmρĺєτĩòň.%ⁿ %ťŞçăŋ ΊÐ:%ъ{E66ED253-F350-4EC1-9582-8F2C7426938F}%л %ţЅςãñ Ţўρë:%ьAntimalware%ñ %ţŞсаŋ Рáŗдmêŧěяѕ:%ъExamen rápido%η  %τЏşєŗ:%вNT AUTHORITY\SYSTEM%ņ %ťЅтōφ Ŕëàѕоⁿ:%ъЯРĊ ĉøņпėçтϊòň řûήðõẃⁿ

Date: 2025-07-17 20:19:24
Description: 
Antivirus de Microsoft Defender śčăŋ нάş вёēή ѕťσрφеď ъëƒóŗё ςσmρĺєτĩòň.%ⁿ %ťŞçăŋ ΊÐ:%ъ{891E082A-9CA5-414C-91AE-8D7BD75D7041}%л %ţЅςãñ Ţўρë:%ьAntimalware%ñ %ţŞсаŋ Рáŗдmêŧěяѕ:%ъExamen rápido%η  %τЏşєŗ:%вNT AUTHORITY\SYSTEM%ņ %ťЅтōφ Ŕëàѕоⁿ:%ъЯРĊ ĉøņпėçтϊòň řûήðõẃⁿ

Date: 2025-07-17 20:05:49
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/ProductKey.G!MSR&threatid=2147765679&enterprise=0
Nombre: HackTool:Win64/ProductKey.G!MSR
Id.: 2147765679
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: containerfile:_C:\Users\lucius2\Downloads\HBCD_PE_x64.iso; file:_C:\Users\lucius2\Downloads\HBCD_PE_x64.iso->\sources\boot.wim->\Program Files\ProduKey\ProduKey.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.431.666.0, AS: 1.431.666.0, NIS: 1.431.666.0
Versión de motor: AM: 1.1.25050.6, NIS: 1.1.25050.6

Date: 2025-07-17 20:05:49
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Masson.A!rfn&threatid=2147746476&enterprise=0
Nombre: Trojan:Win32/Masson.A!rfn
Id.: 2147746476
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: containerfile:_C:\Users\lucius2\Downloads\Flamman-Adapdc210072099.part2.rar; file:_C:\Users\lucius2\Downloads\Flamman-Adapdc210072099.part2.rar->Flamman-Adapdc210072099\Full Adobe Cleaner.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.431.666.0, AS: 1.431.666.0, NIS: 1.431.666.0
Versión de motor: AM: 1.1.25050.6, NIS: 1.1.25050.6
Event[0]:

Date: 2025-07-15 17:09:02
Description: 
Antivirus de Microsoft Defender servicio parecía estar bloqueado durante el apagado.
Timout (segundos):  120
Componente:  ServiceMiscTasksClose
Terminado automáticamente:  0

Date: 2025-02-13 11:33:38
Description: 
Antivirus de Microsoft Defender encontró un error crítico al realizar una acción en malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Bearded&threatid=2147563761&enterprise=0
Nombre: Trojan:Win32/Bearded
Id.: 2147563761
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_G:\fotos\Aplicaciones\X\barba.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Windows\explorer.exe
Acción: Cuarentena
Estado de acción:  No additional actions required
Código de error: 0x80070015
Descripción del error: El dispositivo no está listo. 
Versión de inteligencia de seguridad: AV: 1.421.1866.0, AS: 1.421.1866.0, NIS: 1.421.1866.0
Versión del motor: AM: 1.1.24090.11, NIS: 1.1.24090.11

Date: 2024-10-14 14:02:57
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.419.436.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.24080.9
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2024-10-14 14:02:57
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.419.436.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.24080.9
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2024-10-14 14:02:57
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.419.436.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.24080.9
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

CodeIntegrity:
===============
Date: 2025-08-11 12:02:41
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.


==================== Información de la memoria =========================== 

BIOS: American Megatrends International, LLC. 1.H0 07/16/2024
Placa base: Micro-Star International Co., Ltd. MAG X570 TOMAHAWK WIFI (MS-7C84)
Procesador: AMD Ryzen 9 3900X 12-Core Processor 
Porcentaje de memoria en uso: 19%
RAM física total: 65460.93 MB
RAM física disponible: 52384.73 MB
Virtual total: 81460.93 MB
Virtual disponible: 65493.66 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:931.51 GB) (Free:208.58 GB) (Model: Sabrent Rocket Q) NTFS ==>[sistema con componentes de arranque (obtenido de unidad)]
Drive d: (D) (Fixed) (Total:2048 GB) (Free:134.8 GB) (Model: ST4000DM004-2CV104) NTFS
Drive e: (E) (Fixed) (Total:1678.02 GB) (Free:386.37 GB) (Model: ST4000DM004-2CV104) NTFS
Drive f: (F) (Fixed) (Total:5589.01 GB) (Free:541.9 GB) (Model: WDC WD60EFPX-68C5ZN0) NTFS


==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 5589 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 3726 GB) (Disk ID: 8E16CA68)

Partition: GPT.

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 8E16CA77)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Final de Addition.txt =======================

un saludo gracias

esta segunda parte de Resultados del Análisis Adicional de Farbar Recovery Scan Tool

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 31-07-2025
Ejecutado por lucius2 (11-08-2025 12:15:35)
Ejecutado desde C:\Users\lucius2\Downloads
Microsoft Windows 10 Enterprise Versión 22H2 19045.6093 (X64) (2020-12-03 21:35:56)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

(Si una entrada es incluida en el fixlist, será eliminada.)

Administrador (S-1-5-21-2733056459-4073295486-4068123865-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2733056459-4073295486-4068123865-503 - Limited - Disabled)
Invitado (S-1-5-21-2733056459-4073295486-4068123865-501 - Limited - Disabled)
lucius2 (S-1-5-21-2733056459-4073295486-4068123865-1001 - Administrator - Enabled) => C:\Users\lucius2
WDAGUtilityAccount (S-1-5-21-2733056459-4073295486-4068123865-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Malwarebytes (Disabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Disabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

AbleWord v3.0 (HKLM-x32\...\AbleWord_is1) (Version:  - )
Admiral Markets MT4 (HKLM-x32\...\Admiral Markets MT4) (Version: 4.00 - MetaQuotes Software Corp.)
Adobe Acrobat (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 23.008.20555 - Adobe Systems Incorporated)
Adobe Acrobat Reader - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 25.001.20577 - Adobe Systems Incorporated)
Adobe Premiere Pro 2024 (HKLM-x32\...\PPRO_24_0) (Version: 24.0 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601110}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AllDup (HKLM-x32\...\AllDup_is1) (Version: 4.5.58 - MTSD)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 3.10.22.706 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.83 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.17.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 7.0.4.4 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master (HKLM\...\{02247819-03CD-414E-AC8D-FD518BFBA445}) (Version: 2.6.0.1702 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.6.0.1702 - Advanced Micro Devices, Inc.)
AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.7.0.1725 - Advanced Micro Devices, Inc.)
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 22.Q4 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{cf77cf6b-71ff-4a71-802d-43adb9b271b7}) (Version: 3.10.22.706 - Advanced Micro Devices, Inc.) Hidden
Anti-Twin (Installation 06/01/2024) (HKLM-x32\...\Anti-Twin 2024-01-06 20.05.19) (Version:  - Joerg Rosenthal, Germany)
ApowerREC V1.6.9.6 (HKLM-x32\...\{6F2998B2-21F7-4CEF-94B2-C3919D939CF9}_is1) (Version: 1.6.9.6 - Apowersoft LIMITED)
Audacity 3.3.3 (HKLM\...\Audacity_is1) (Version: 3.3.3 - Audacity Team)
AutoFirma (HKLM\...\AutoFirma) (Version: 1.8.3 - Gobierno de España)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 25.6.10221.2878 - Gen Digital Inc.)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 138.0.31254.169 - Los creadores de Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1993.6 - AVAST Software) Hidden
Balabolka (HKLM-x32\...\Balabolka) (Version: 2.15.0.857 - Ilya Morozov)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BB FlashBack Pro 5 (HKLM-x32\...\BB FlashBack Pro 5) (Version: 5.12.0.3858 - Blueberry)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 138.1.80.122 - Los creadores de Brave)
calibre (HKLM-x32\...\{2E4F4E6C-9196-4A8B-AA7B-5462E2DC4E40}) (Version: 5.29.0 - Kovid Goyal)
cFosSpeed 11.11 (HKLM\...\cFosSpeed) (Version: 11.11 - cFos Software GmbH, Bonn)
Chromium (HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\Chromium) (Version: 98.0.4715.0 - Los creadores de Chromium)
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{22E13608-4DB0-4977-A267-3AAFA09CD54A}) (Version: 4.8.09037 - Microsoft Corporation) Hidden
Configurador FNMT (HKLM\...\ConfiguradorFnmt) (Version: 5.0.1 - FNMT-RCM)
CORSAIR iCUE 4 Software (HKLM\...\{167F6EA4-1262-4247-B392-52C7D1E99504}) (Version: 4.15.153 - Corsair)
CrystalDiskInfo 9.2.1 (HKLM\...\CrystalDiskInfo_is1) (Version: 9.2.1 - Crystal Dew World)
Darwinex MetaTrader 5 (HKLM\...\Darwinex MetaTrader 5) (Version: 5.00 - MetaQuotes Ltd.)
Darwinex MT4 (HKLM-x32\...\Darwinex MT4) (Version: 4.00 - MetaQuotes Software Corp.)
DataNumen Database Recovery(Demo Version) (HKLM-x32\...\{868CDE1A-BF51-4F0B-BB24-51A8BF91F3D9}) (Version: 2.70.0000 - Nombre de su organización)
DBF Repair Toolbox 3.2 (HKLM-x32\...\DBF Repair Toolbox_is1) (Version:  - Repair Toolbox, Inc.)
Dia (sólo eliminar) (HKLM-x32\...\Dia) (Version:  - )
Diablo Immortal (HKLM-x32\...\Diablo Immortal) (Version:  - Blizzard Entertainment)
DiagnosticsHub_CollectionService (HKLM\...\{FECAFEB5-8D0E-4AE4-8FA0-745BAA835C35}) (Version: 17.3.32601 - Microsoft Corporation) Hidden
Documentation Manager (HKLM\...\{E80BFF97-B9A6-41B6-8686-7A7CC235AB91}) (Version: 22.100.1.1 - Intel Corporation) Hidden
DownloadHelper CoApp (HKLM-x32\...\DownloadHelper CoApp) (Version: 2.0.19.0 - ACLAP)
Dukascopy MetaTrader 4 (HKLM-x32\...\Dukascopy MetaTrader 4) (Version: 4.00 - MetaQuotes Ltd.)
Elsie (HKLM\...\Elsie) (Version: 2.85 - Tonne Software)
Embarcadero InterBase 2020 [instance = instance2] (HKLM-x32\...\Embarcadero InterBase 2020 [instance = instance2]) (Version: 14.4.0.804 - Embarcadero Technologies Inc.)
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.2.33 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{5d801c90-9d81-4c67-be5b-07e5855dc22e}) (Version: 1.0.2.33 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.8.13 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{54d3d2b5-db16-446d-b6dd-f4964b166b3b}) (Version: 1.0.8.13 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
Entity Framework 6.2.0 Tools  for Visual Studio 2022 (HKLM-x32\...\{3EDA2628-CE9D-4024-B0FC-669A477C3728}) (Version: 6.2.0.0 - Microsoft Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{1B2C15AF-153C-4DA3-B1D0-1E3F5CA0D673}) (Version: 1.3.67.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{4757C19B-4CE3-418C-91D2-E15E938091FB}) (Version: 2.0.39.0 - Epic Games, Inc.)
FFmpeg 5.0.0 for Audacity - x86_64 (HKLM\...\FFmpeg for Audacity_is1) (Version:  - )
Filter Design 4.5 (HKLM-x32\...\Filter Design 4.5_is1) (Version: 4.5 - Almost All Digital Electronics)
Firebird 1.5.0.4306 (HKLM-x32\...\FBDBServer_1_5_is1) (Version:  - Firebird Project)
FlashBack Pro 5 (Spanish) (HKLM-x32\...\FlashBack Pro 5 (Spanish)) (Version: 5.55.0.4704 - Blueberry Software (UK) Ltd.)
Folder Size 5.3.0.2 (HKLM-x32\...\{2DFA85ED-588F-4CE3-A175-29E52C3804A8}_is1) (Version: 5.3.0.2 - MindGems, Inc.)
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 11.1.0.52543 - Foxit Software Inc.)
FXCC - MetaTrader 4 (HKLM-x32\...\FXCC - MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
FXCM MetaTrader4 (HKLM-x32\...\FXCM MetaTrader4) (Version: 4.00 - MetaQuotes Software Corp.)
Git (HKLM\...\Git_is1) (Version: 2.39.1 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 138.0.7204.184 - Google LLC)
Hard Disk Sentinel PRO (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: 6.10 - Janos Mathe)
HDSDR 2.81 (HKLM-x32\...\{DB200CBD-9E3E-4C72-B711-B46D6817BC51}_is1) (Version:  - DG0JBJ)
HK-Software IBExpert Personal Edition (HKLM-x32\...\HK-Software IBExpert Personal Edition_is1) (Version:  - )
IBSurgeon FirstAID 7.5.3 (HKLM-x32\...\IBSurgeon FirstAID (for Firebird and InterBase)_is1) (Version: 7.5 - IBSurgeon)
icecap_collection_neutral (HKLM-x32\...\{9DB8E966-047B-4FF5-B982-6FF32AD9EF02}) (Version: 17.8.34205 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{CFD78991-1C3B-4C91-9119-67A3C55D1F78}) (Version: 17.8.34205 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{62D8E076-72EB-44EB-99A6-6D7C22E6AAB8}) (Version: 17.8.34205 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{8B3560C0-7D73-4069-9715-9407C68F292F}) (Version: 17.8.34205 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{6CE350F6-4B97-45A1-9B32-3B7925F2F25B}) (Version: 17.8.34205 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{F7AF88CA-3413-4676-947F-33D52886FA27}) (Version: 17.8.34205 - Microsoft Corporation) Hidden
Información del sistema de Creative (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00004090-0220-1034-84C8-B8D95FA3C8C3}) (Version: 22.90.4.1 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{021cf0ff-212e-4f4c-ae1a-c292b13604fb}) (Version: 22.100.1.1 - Intel Corporation) Hidden
IntelliTraceProfilerProxy (HKLM\...\{F8B9E8C8-61E8-4E9E-879D-F3F498AD0230}) (Version: 15.0.21225.01 - Microsoft Corporation) Hidden
IntelliTraceProfilerProxy (HKLM-x32\...\{C8891AD2-C223-45CD-A9BE-617A68923B61}) (Version: 15.0.21225.01 - Microsoft Corporation) Hidden
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0.1 - AppWork GmbH)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 5.3.4.202 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.3.4.202 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET 6.0 Templates 8.0.100 (x64) (HKLM\...\{2AF87D07-066E-4ED1-B928-15D8486204FA}) (Version: 24.6.61899 - Microsoft Corporation) Hidden
Microsoft .NET 7.0 Templates 7.0.202 (x64) (HKLM\...\{54AF9BEA-0F12-47D7-B623-B109FDDAC232}) (Version: 28.7.19588 - Microsoft Corporation) Hidden
Microsoft .NET 7.0 Templates 8.0.100 (x64) (HKLM\...\{2D44F1F8-1C8E-4E5E-9821-5E13E5F86C3E}) (Version: 28.7.61899 - Microsoft Corporation) Hidden
Microsoft .NET 8.0 Templates 8.0.100 (x64) (HKLM\...\{85FD2179-BDDA-494D-B1C4-77EF44DE9AD2}) (Version: 32.6.61899 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.25 (x64) (HKLM\...\{237EF8FE-A8DE-4F20-9D6E-967C94012052}) (Version: 48.100.4028 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.25 (x64_arm) (HKLM\...\{BBF626C8-40C6-488C-A906-DF40EFD55297}) (Version: 48.100.4028 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.25 (x64_arm64) (HKLM\...\{1CB3249C-2491-4A75-8F5E-3803E15C2557}) (Version: 48.100.4028 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.25 (x64_x86) (HKLM\...\{FA0C2F2C-71C2-4074-926C-C13719239A48}) (Version: 48.100.4028 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.14 (x64) (HKLM\...\{2196A3E8-C62E-4072-9DA7-D0AA4C8A84E6}) (Version: 56.56.4026 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.14 (x64_arm) (HKLM\...\{B842DD5A-374F-41D0-8DC4-9D57936B9835}) (Version: 56.56.4026 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.14 (x64_arm64) (HKLM\...\{7ABF3BD0-04A7-4BBD-89E2-EA9E15127CED}) (Version: 56.56.4026 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.14 (x64_x86) (HKLM\...\{9A46A228-BA1F-4EA7-BF84-B2F2A4038DEB}) (Version: 56.56.4026 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.4 (x64) (HKLM\...\{C20B9CD3-4127-4CB4-8370-96DE531A01BB}) (Version: 56.19.56696 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.4 (x64_arm) (HKLM\...\{62793DBE-841F-4716-8912-3602D8678F17}) (Version: 56.19.56696 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.4 (x64_arm64) (HKLM\...\{C3DA3C56-82EE-475D-B11D-8C7C54820EBB}) (Version: 56.19.56696 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.4 (x64_x86) (HKLM\...\{59AABE81-B133-4E98-99A5-5FF02CD9010A}) (Version: 56.19.56696 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 8.0.0 (x64) (HKLM\...\{36EE7571-1E8A-4F74-9333-3C95F810D93D}) (Version: 64.0.4211 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 8.0.0 (x64_arm64) (HKLM\...\{34375ABA-16A8-4315-A661-AF352F333BC3}) (Version: 64.0.4211 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 8.0.0 (x64_x86) (HKLM\...\{D794AB86-D56B-4436-BA5F-1934B3BB5ECC}) (Version: 64.0.4211 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 Targeting Pack (ENU) (HKLM-x32\...\{B517DBD3-B542-4FC8-9957-FFB2C3E65D1D}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 Targeting Pack (HKLM-x32\...\{1784A8CD-F7FE-47E2-A87D-1F31E7242D0D}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 SDK (español) (HKLM-x32\...\{59F4AEDD-1897-4E4C-BB25-61DC440429B9}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 SDK (HKLM-x32\...\{949C0535-171C-480F-9CF4-D25C9E60FE88}) (Version: 4.8.03928 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 Targeting Pack (ENU) (HKLM-x32\...\{A4EA9EE5-7CFF-4C5F-B159-B9B4E5D2BDE2}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 Targeting Pack (HKLM-x32\...\{BAAF5851-0759-422D-A1E9-90061B597188}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework Cumulative Intellisense Pack for Visual Studio (ENU) (HKLM-x32\...\{1A9C3A1A-566B-4CFA-8B27-71FC623963BE}) (Version: 4.8.09037 - Microsoft Corporation) Hidden
Microsoft .NET Host - 5.0.9 (x64) (HKLM\...\{8313C056-53A4-4845-B03E-5C27165DC2F1}) (Version: 40.36.30309 - Microsoft Corporation) Hidden
Microsoft .NET Host - 5.0.9 (x86) (HKLM-x32\...\{5C742CE3-6DA4-4B12-A7D0-77D38311297C}) (Version: 40.36.30309 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.5 (x64) (HKLM\...\{CE8DF750-A582-4D59-A610-478A752481B1}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.0 (x64) (HKLM\...\{D44822A8-FC28-42FC-8B1D-21A78579FC79}) (Version: 64.0.4211 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.0 (x86) (HKLM-x32\...\{B3A56FDD-F6BC-482B-9DF5-2F8FA7759BE8}) (Version: 64.0.4211 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.9 (x64) (HKLM\...\{AB193EEE-76AF-43D3-BFC1-823EE43D7738}) (Version: 40.36.30309 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.9 (x86) (HKLM-x32\...\{4CF1A983-085C-4CB4-A844-FD633C0EE956}) (Version: 40.36.30309 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.4 (x64) (HKLM\...\{6E34B759-680E-4C25-B289-47199AD8B49A}) (Version: 56.19.56696 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.0 (x64) (HKLM\...\{3A706840-2882-423C-90EB-B31545E2BC7A}) (Version: 64.0.4211 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.0 (x86) (HKLM-x32\...\{DA83EE57-3D79-4C50-A810-691E4CE72184}) (Version: 64.0.4211 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.9 (x64) (HKLM\...\{D55E73D8-86EB-4FC3-A957-54616AA3D961}) (Version: 40.36.30309 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.9 (x64) (HKLM-x32\...\{41ad49ce-8825-4f16-9f0b-9bab4a24f5b6}) (Version: 5.0.9.30309 - Microsoft Corporation)
Microsoft .NET Runtime - 5.0.9 (x86) (HKLM-x32\...\{6C2A2599-3BC4-4C51-8F56-5BA64582E625}) (Version: 40.36.30309 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.25 (x64) (HKLM\...\{3544B2EE-E62F-4D11-B79C-3DDEACE94DA5}) (Version: 48.100.4028 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.25 (x86) (HKLM-x32\...\{6D7737C0-9538-48ED-ACB7-688A891417C4}) (Version: 48.100.4028 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.14 (x64) (HKLM\...\{9C583D0D-D10B-4E33-A3A8-CD07B6DB9E2D}) (Version: 56.56.4026 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.14 (x86) (HKLM-x32\...\{2D709657-8E73-4DC2-BDB1-C12701D8A425}) (Version: 56.56.4026 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.4 (x64) (HKLM\...\{7AF0827F-6735-4FB1-B209-5E984F899D1B}) (Version: 56.19.56696 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.0 (x64) (HKLM\...\{76DEEAB3-122F-4231-83C7-0C35363D02F9}) (Version: 64.0.4211 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.0 (x86) (HKLM-x32\...\{BA833631-63DD-417E-9818-300E20051F1A}) (Version: 64.0.4211 - Microsoft Corporation) Hidden
Microsoft .NET SDK 7.0.202 (x64) (HKLM-x32\...\{9500348a-4128-4a68-abce-be0b6d647798}) (Version: 7.2.223.12804 - Microsoft Corporation)
Microsoft .NET SDK 8.0.100 (x64) from Visual Studio (HKLM\...\{603FF09B-ADA6-4EBF-B5CA-D21069C73E8B}) (Version: 8.1.23.55115 - Microsoft Corporation)
Microsoft .NET Standard Targeting Pack - 2.1.0 (x64) (HKLM\...\{A7036CFB-B403-4598-85FF-D397ABB88173}) (Version: 24.0.28113 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 6.0.25 (x64) (HKLM\...\{8DCD208D-33CF-4BE1-A1AF-F2533E2FCB7F}) (Version: 48.100.4028 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 6.0.25 (x86) (HKLM-x32\...\{B0DD8247-B15D-4796-8759-A5972FBAE4A2}) (Version: 48.100.4028 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 7.0.14 (x64) (HKLM\...\{F1D83A9D-398C-4D2E-A64C-65801191FED3}) (Version: 56.56.4026 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 7.0.14 (x86) (HKLM-x32\...\{A397AA72-5C70-45EF-A94C-4B0B0F0E0966}) (Version: 56.56.4026 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 7.0.4 (x64) (HKLM\...\{2A2ECD19-98C3-4638-B9F4-E37493F21F91}) (Version: 56.19.56696 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 8.0.0 (x64) (HKLM\...\{94F8FDDD-75C8-4F48-A3AC-72BFA6F2E48C}) (Version: 64.0.4211 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 8.0.0 (x86) (HKLM-x32\...\{07C92A8D-B50E-4894-902F-15C5B713A30A}) (Version: 64.0.4211 - Microsoft Corporation) Hidden
Microsoft .NET Toolset 7.0.202 (x64) (HKLM\...\{4753E5B7-1EB4-4DF5-9CC4-4F719E41326C}) (Version: 28.6.52356 - Microsoft Corporation) Hidden
Microsoft .NET Toolset 8.0.100 (x64) (HKLM\...\{7084FEB6-5D19-4D78-A21C-8AF38BA51AA5}) (Version: 32.6.61899 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.25 Shared Framework (x64) (HKLM\...\{EDC7E317-B223-349D-A4E5-D1809F2651AD}) (Version: 6.0.25.23523 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.25 Shared Framework (x86) (HKLM-x32\...\{D64D9894-C4A7-3FA2-BD19-E36F6369803C}) (Version: 6.0.25.23523 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.25 Targeting Pack (x64) (HKLM\...\{0D9C89B9-DAAA-375B-930F-C53836239F57}) (Version: 6.0.25.23523 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.25 Targeting Pack (x86) (HKLM-x32\...\{EABBA1F7-6542-32B1-A92B-4762BB70ABCA}) (Version: 6.0.25.23523 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.14 Shared Framework (x64) (HKLM\...\{52160B12-6B84-3391-89D6-68257259D27A}) (Version: 7.0.14.23523 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.14 Shared Framework (x86) (HKLM-x32\...\{3B074DA5-B49D-3AC0-B705-92E34ECF95E1}) (Version: 7.0.14.23523 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.14 Targeting Pack (x64) (HKLM\...\{779D2309-352F-34DC-9470-32D65F3ADFFD}) (Version: 7.0.14.23523 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.14 Targeting Pack (x86) (HKLM-x32\...\{2F3B709F-186C-365D-B0EC-3824426B7D32}) (Version: 7.0.14.23523 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.4 Shared Framework (x64) (HKLM\...\{BEE2F97C-AED6-3137-B497-B4A62FA2ADE9}) (Version: 7.0.4.23119 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.4 Targeting Pack (x64) (HKLM\...\{37F87496-8A58-3286-9C3E-B87318E355E7}) (Version: 7.0.4.23119 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 8.0.0 Shared Framework (x64) (HKLM\...\{9011089D-B4EF-3A8A-9460-384610F5BD5A}) (Version: 8.0.0.23531 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 8.0.0 Shared Framework (x86) (HKLM-x32\...\{99578940-90BE-3430-8698-5068D87059BA}) (Version: 8.0.0.23531 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 8.0.0 Targeting Pack (x64) (HKLM\...\{9CE4EBE1-15A9-3826-8A52-FED034B90D4E}) (Version: 8.0.0.23531 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 8.0.0 Targeting Pack (x86) (HKLM-x32\...\{7805243C-70A4-3832-8AE8-08E6E4530261}) (Version: 8.0.0.23531 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 139.0.3405.86 - Microsoft Corporation)
Microsoft Office Profesional Plus 2021 - es-es (HKLM\...\ProPlus2021Retail - es-es) (Version: 16.0.19029.20156 - Microsoft Corporation)
Microsoft Office Professional Plus 2021 - en-us (HKLM\...\ProPlus2021Retail - en-us) (Version: 16.0.19029.20156 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\OneDriveSetup.exe) (Version: 25.140.0720.0001 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2019 (HKLM\...\{5BC7E9EB-13E8-45DB-8A60-F2481FEB4595}) (Version: 15.0.2000.5 - Microsoft Corporation)
Microsoft TestPlatform SDK Local Feed (HKLM-x32\...\{839C2D45-DDF6-432C-A6A2-C6AF2EF281BF}) (Version: 17.0.0.5175695 - Microsoft) Hidden
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33130 (HKLM-x32\...\{1de5e707-82da-4db6-b810-5d140cc4cbb3}) (Version: 14.38.33130.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33130 (HKLM-x32\...\{2cfeba4a-21f8-4ea7-9927-c5a5c6f13cc9}) (Version: 14.38.33130.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33130 (HKLM\...\{C31777DB-51C1-4B19-9F80-38EF5C1D7C89}) (Version: 14.38.33130 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33130 (HKLM\...\{1CA7421F-A225-4A9C-B320-A36981A2B789}) (Version: 14.38.33130 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33130 (HKLM-x32\...\{5CA9AE7B-2EFC-4F02-81CD-32ABE173C755}) (Version: 14.38.33130 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33130 (HKLM-x32\...\{DF1B52DF-C88E-4DDF-956B-6E7A03327F46}) (Version: 14.38.33130 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.86.0 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 3.8.2112.61926 - Microsoft Corporation)
Microsoft Visual Studio Setup Configuration (HKLM-x32\...\{C777E5A3-D26A-4F0D-84AC-79ECE7560EA5}) (Version: 3.8.2091.34612 - Microsoft Corporation) Hidden
Microsoft Visual Studio Setup WMI Provider (HKLM-x32\...\{9E0059DE-74E7-49A5-8F2A-C17B5BE58B4C}) (Version: 3.8.2091.34612 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.9 (x64) (HKLM\...\{D9A03C1C-D245-4579-B4DC-0BB2BC87E6E7}) (Version: 40.36.30315 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.9 (x64) (HKLM-x32\...\{70502eec-6d06-46ce-8acb-84c9d5248a12}) (Version: 5.0.9.30315 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.9 (x86) (HKLM-x32\...\{363fd9f5-f4b0-4e50-b683-f36aa672d048}) (Version: 5.0.9.30315 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.9 (x86) (HKLM-x32\...\{B9FE9CD0-8E60-4C5C-B9B5-4D91818C2503}) (Version: 40.36.30315 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.25 (x64) (HKLM\...\{E016F2B9-01FE-4FAA-882E-ECC43FA49751}) (Version: 48.100.4037 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.25 (x86) (HKLM-x32\...\{AF1BA644-A730-46A9-BFE1-C1B79EBBE36D}) (Version: 48.100.4037 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.14 (x64) (HKLM\...\{33ED69D3-7E88-4885-9875-6C0711368017}) (Version: 56.56.4039 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.14 (x86) (HKLM-x32\...\{2C1104B0-76A8-44BE-B5EE-513B3E453916}) (Version: 56.56.4039 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.4 (x64) (HKLM\...\{5EEC39AC-9491-4339-BA44-14AC375AA779}) (Version: 56.19.56739 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.0 (x64) (HKLM\...\{113C0ADC-B9BD-4F95-9653-4F5BC540ED03}) (Version: 64.0.5329 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.0 (x86) (HKLM-x32\...\{51CB5CFD-606C-4C2E-A21B-23F99C7790A7}) (Version: 64.0.5329 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 6.0.25 (x64) (HKLM\...\{A087F5C8-BF9A-4BF6-933B-53147C01915A}) (Version: 48.100.4037 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 6.0.25 (x86) (HKLM-x32\...\{3B261F11-A9D8-47D7-9CFB-1BD87ED5DC25}) (Version: 48.100.4037 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 7.0.14 (x64) (HKLM\...\{937297A1-C1ED-4B15-B2AF-597E3E0777BC}) (Version: 56.56.4039 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 7.0.14 (x86) (HKLM-x32\...\{75B90806-BBF4-4856-BA95-BACE0E90687B}) (Version: 56.56.4039 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 7.0.4 (x64) (HKLM\...\{E9D80E1C-EEE0-495E-95BF-2243FC506BF5}) (Version: 56.19.56739 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 8.0.0 (x64) (HKLM\...\{3DD94413-31EA-4175-BA45-08A6CED4D68D}) (Version: 64.0.5329 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 8.0.0 (x86) (HKLM-x32\...\{925F21C9-7E7B-4D2D-AAF6-57785FC79B76}) (Version: 64.0.5329 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Android.Manifest-7.0.100 (x64) (HKLM\...\{565FC58A-8818-4E03-83EF-B2899FC3A8D2}) (Version: 33.0.46 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Android.Manifest-8.0.100 (x64) (HKLM\...\{B5A57BF9-FC7A-4FA6-BAEB-46E173986DF3}) (Version: 34.0.43 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.iOS.Manifest-7.0.100 (x64) (HKLM\...\{257AA480-CF0E-4408-AA00-EEE77696735B}) (Version: 16.2.127 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.iOS.Manifest-8.0.100 (x64) (HKLM\...\{6BF59E75-BE05-4C69-9C48-3532B6DE0EC5}) (Version: 17.0.8478 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.MacCatalyst.Manifest-7.0.100 (x64) (HKLM\...\{00629E08-BAFF-42CB-8548-827B5A43A3D5}) (Version: 16.2.127 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.MacCatalyst.Manifest-8.0.100 (x64) (HKLM\...\{8B5384CA-D189-4CFE-8DF0-2D05B4EA8499}) (Version: 17.0.8478 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.macOS.Manifest-7.0.100 (x64) (HKLM\...\{393DFB32-223A-4619-9398-7BFAF424D6FD}) (Version: 13.1.127 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.macOS.Manifest-8.0.100 (x64) (HKLM\...\{98927287-8779-447A-919E-73028D53F719}) (Version: 14.0.8478 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Maui.Manifest-7.0.100 (x64) (HKLM\...\{E76DDA0C-B66E-4054-9A1B-B1445A1500EE}) (Version: 7.0.81 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Maui.Manifest-8.0.100 (x64) (HKLM\...\{116EF6D0-AE8E-4E6D-B0D8-EFF145CD45DA}) (Version: 8.0.3 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.tvOS.Manifest-7.0.100 (x64) (HKLM\...\{6646FB1E-134F-4D9D-A007-27226E1C1E8B}) (Version: 16.1.127 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.tvOS.Manifest-8.0.100 (x64) (HKLM\...\{568F99E8-9F2D-48D7-A05D-D64C512B3AFD}) (Version: 17.0.8478 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.Current.Manifest (x64) (HKLM\...\{6DE5C05C-6F76-4996-ADF7-890907425FD9}) (Version: 64.0.4194 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.net6.Manifest (x64) (HKLM\...\{2A063023-C53B-4FC0-9E47-59FBEE4C8441}) (Version: 56.35.58417 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.net6.Manifest (x64) (HKLM\...\{2D62FC42-AA39-47C2-A75F-0BC87BD0965F}) (Version: 64.0.4194 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.net7.Manifest (x64) (HKLM\...\{6C211254-1E07-422D-8786-72F8A2642B9A}) (Version: 64.0.4194 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.net7.Manifest (x64) (HKLM\...\{BCBE79F7-20E7-45C7-91D4-BEB9214F8D35}) (Version: 56.35.58417 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.Current.Manifest (x64) (HKLM\...\{0B0701B8-EC7A-4311-A718-A0636F4EF6DE}) (Version: 64.0.4211 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.net6.Manifest (x64) (HKLM\...\{17A80AE2-77FC-4391-B1DD-25407A371306}) (Version: 56.3.58437 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.net6.Manifest (x64) (HKLM\...\{9C4F31F1-8819-4E71-BE7A-39785F88EBC8}) (Version: 64.0.4211 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.net7.Manifest (x64) (HKLM\...\{0C25CA92-E301-47E8-AD53-D9315C431D97}) (Version: 56.3.58437 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.net7.Manifest (x64) (HKLM\...\{C2F3E829-9288-4084-8C79-07138BBBA7AA}) (Version: 64.0.4211 - Microsoft Corporation) Hidden
MiniTool Partition Wizard Free 12 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Software Limited)
MMANA-GAL_Basic version 3 (HKLM-x32\...\{93BC44A2-0A38-4144-A7EE-DC4AAF2B4099}_is1) (Version: 3 - GAL-ANA)
Mozilla Firefox (x64 es-ES) (HKLM\...\Mozilla Firefox 140.0.4 (x64 es-ES)) (Version: 140.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 83.0 - Mozilla)
MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 2.2021.0716.01 - MSI)
Nitro PDF Pro (HKLM\...\{4996FD40-0576-43D8-B2D7-71B5A08767D4}) (Version: 14.15.0.5 - Nitro)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.1.7 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.19029.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.19029.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.19029.20156 - Microsoft Corporation) Hidden
OpenOffice 4.1.8 (HKLM-x32\...\{2BA4CB96-8017-4E6D-9FB9-5EBEAE57FB26}) (Version: 4.18.9803 - Apache Software Foundation)
Opera Stable 120.0.5543.93 (HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\Opera 120.0.5543.93) (Version: 120.0.5543.93 - Opera Software)
Oracle VM VirtualBox 7.0.4 (HKLM\...\{AC025744-F936-446B-A128-AC42F974FCC8}) (Version: 7.0.4 - Oracle and/or its affiliates)
Paquete acumulativo de Intellisense de Microsoft .NET Framework para Visual Studio (español) (HKLM-x32\...\{88679CF6-5CF6-431A-AFDB-EC152BAEF3E5}) (Version: 4.8.09037 - Microsoft Corporation) Hidden
Paquete de compatibilidad de Microsoft .NET Framework 4.7.2 (español) (HKLM-x32\...\{DE9EAC0A-7859-4294-B05F-4A056D83024C}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Paquete de compatibilidad de Microsoft .NET Framework 4.8 (español) (HKLM-x32\...\{41F38056-60AB-4210-99EF-EF3F1FEF95C9}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
SDRplay API 3.09 (HKLM-x32\...\{73225DE9-17F1-43FB-AA12-630FDE22C30E}_is1) (Version: 3.09 - SDRplay Ltd)
SDRplay SDRuno 1.41.1 (HKLM-x32\...\{2F5028E0-9FDF-45C8-93F0-C2EE8929D82C}_is1) (Version: 1.41.1 - SDRplay Ltd)
SDRplay SDRuno Community Plugins 2.3 (HKLM-x32\...\{257A69C2-164A-42D1-AC7E-A9DCE69A1FE8}_is1) (Version: 2.3 - SDRplay Ltd)
SDRplay SDRuno Plugins 1.5 (HKLM-x32\...\{D5A54477-4C88-4CDD-903F-7E136EA22FB5}_is1) (Version: 1.5 - SDRplay Ltd)
SDR-Radio.com (SDR Console) (HKLM-x32\...\SDR-Radio.com (V3)) (Version: 3.4 - SDR-Radio.com Ltd.)
SDRSharp (HKLM-x32\...\SDRSharp) (Version: 1.0.0.1822 - SDR Chile)
SeaTools (HKLM-x32\...\SeaTools 5.1.182) (Version: 5.1.182 - Seagate)
Skype versión 8.125 (HKLM-x32\...\Skype_is1) (Version: 8.125 - Skype Technologies S.A.)
Sound Blaster Tactic(3D) (HKLM-x32\...\{92000C16-939B-44CA-802F-0D552019D7C8}) (Version: 1.0 - Creative Technology Limited)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.37.3 - TeamViewer)
Telegram Desktop (HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 5.16.2 - Telegram FZ-LLC)
Tickmill MT4 Client Terminal (HKLM-x32\...\Tickmill MT4 Client Terminal) (Version: 4.00 - MetaQuotes Ltd.)
Transmission 4.0.0 (280ace12f8) (x64) (HKLM\...\{2303A442-D83E-4884-8A07-B632235FF9C1}) (Version: 4.0.0 - Transmission Project)
Uninstall SDRplay drivers and DLLs (HKLM\...\Mirics FlexiTV Drivers) (Version:  - )
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
vcpp_crt.redist.clickonce (HKLM-x32\...\{4BD69DE8-B66B-4BD4-A502-4E50AB081145}) (Version: 14.38.33130 - Microsoft Corporation) Hidden
vcpp_crt.redist.clickonce (HKLM-x32\...\{803D773F-B52E-49D5-9513-F0272D92A8B4}) (Version: 14.38.33130 - Microsoft Corporation) Hidden
VdhCoApp 1.6.3 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version:  - DownloadHelper)
Visual Studio Community 2022 (HKLM-x32\...\4d34874e) (Version: 17.8.3 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
VS Immersive Activate Helper (HKLM-x32\...\{FFFF1EAF-0FE4-4E67-82C2-CA5DB41BB093}) (Version: 17.0.125.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{C17B72FB-7790-44C0-B897-9BEE0BAD5BA0}) (Version: 17.0.125.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{D56DC014-C4C1-4330-B32B-D9785DAE7BCB}) (Version: 17.0.125.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{F52924D9-B226-488E-96AB-FA5A56722091}) (Version: 17.8.34129 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{4961B6E1-A98B-43A9-BFC0-F2E741B6F998}) (Version: 17.8.34205 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{8B0218E5-A9A0-4C9D-A0F4-442117192AE5}) (Version: 17.8.34129 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{72BD9E2C-6B91-40B9-8FCF-FEDAFDD67C18}) (Version: 17.8.34129 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{3B1E620A-2D84-442A-9E91-3D5B6D4ECAAD}) (Version: 17.8.34205 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{8DBA8C48-FB85-4228-B5F4-5EC67E4DABE1}) (Version: 17.8.34205 - Microsoft Corporation) Hidden
vs_communitysharedmsi (HKLM-x32\...\{95F790F1-F8CC-445E-BBCB-C5446EF10C0C}) (Version: 17.8.34205 - Microsoft Corporation) Hidden
vs_communityx64msi (HKLM\...\{9DAFCFF7-0036-4739-A685-5DDF62466E05}) (Version: 17.8.34205 - Microsoft Corporation) Hidden
vs_CoreEditorFonts (HKLM-x32\...\{21BF582C-F2F1-4321-98E1-54C8C2809D7E}) (Version: 17.5.33306 - Microsoft Corporation)
vs_devenvsharedmsi (HKLM-x32\...\{CBF6EE7C-AF9F-4B46-9097-60065588AC55}) (Version: 17.8.34129 - Microsoft Corporation) Hidden
vs_devenx64vmsi (HKLM\...\{3E31A14F-E205-4F3F-9E20-3BAEB97957D1}) (Version: 17.8.34129 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{F3214775-93E6-4462-AAAD-5ACFB687CED2}) (Version: 17.8.34205 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{A749897F-8AD4-4006-B622-7A8CA09FEB2C}) (Version: 17.8.34205 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{87A00560-EABF-4423-A876-F564B14F2499}) (Version: 17.8.34205 - Microsoft Corporation) Hidden
vs_githubprotocolhandlermsi (HKLM-x32\...\{4BD007CE-3471-40DA-9479-506CB09B8FBD}) (Version: 17.8.34129 - Microsoft Corporation) Hidden
vs_minshellinteropsharedmsi (HKLM-x32\...\{E5AF49C9-6FC6-404A-8562-16BDD6CFA531}) (Version: 17.8.34205 - Microsoft Corporation) Hidden
vs_minshellinteropx64msi (HKLM\...\{5F7E78E9-97B3-4CC2-AF61-4E13FFD183B9}) (Version: 17.8.34129 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{3A6E1E89-2ED2-4F08-896B-F6F8999AD0F5}) (Version: 17.8.34205 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{41F9E762-365C-4EF9-92E1-4149D440992C}) (Version: 17.8.34205 - Microsoft Corporation) Hidden
vs_minshellsharedmsi (HKLM-x32\...\{E3FA95C9-9130-4173-AA94-60A8312A3CFC}) (Version: 17.8.34205 - Microsoft Corporation) Hidden
vs_minshellx64msi (HKLM\...\{C8E7596B-BE87-4C7B-B9A0-EA9BF41090D0}) (Version: 17.8.34205 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{ED1CA098-DB2C-42FF-A9A5-BE564482AC95}) (Version: 17.8.34129 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{424D8C15-669A-49BC-9DD4-99322263E41C}) (Version: 17.8.34129 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsi (HKLM-x32\...\{AFF58319-E812-40D5-8C65-5A311B541716}) (Version: 17.8.34129 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsires (HKLM-x32\...\{612DC88E-7EBA-47AD-8CC3-C1F7C557FFE7}) (Version: 17.8.34129 - Microsoft Corporation) Hidden
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WebAdvisor de McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.1058 - McAfee, LLC)
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 138.0.3351.121 - Microsoft Corporation) Hidden
Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Wondershare UniConverter 15(Build 15.0.3.14) (HKLM\...\UniConverter 15_is1) (Version: 15.0.3.14 - Wondershare Software)
xStation5 (HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\xStation5) (Version: 2.45.0-Build5 - XTB)
Zoom Workplace (HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\ZoomUMX) (Version: 6.0.11 (39959) - Zoom Video Communications, Inc.)

Chrome apps:
============
Documentos (HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\21766a546f46e316340274bcc9d4a70c) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\070c586e2808bcdb2cfcb49792f88d1a) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\3862b36527b5d22a3bed2127cca97477) (Version: 1.0 - Google\Chrome)
Hojas de cálculo (HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\534012eb5b5491529c5eba63568ba52d) (Version: 1.0 - Google\Chrome)
Presentaciones (HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\0993d87ed600f809af0e7c0db79bf90d) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\9e6774b0e43ad09e7131823096de150a) (Version: 1.0 - Google\Chrome)

Packages:
=========
DragonCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p [2021-12-12] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
Local Artificial Intelligence Manager -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\AI [2025-08-11] ()
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-12-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-12-12] (Microsoft Corporation) [MS Ad]
Microsoft.Office.ActionsServer -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\ActionsServer [2025-08-11] ()
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16 [2025-08-11] ()
Spotify: música y pódcasts -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.268.528.0_x64__zpdnekdrzrea0 [2025-07-17] (Spotify AB) [Startup Task]

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-2733056459-4073295486-4068123865-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> "C:\Users\lucius2\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe" -ToastActivated => Ningún archivo
CustomCLSID: HKU\S-1-5-21-2733056459-4073295486-4068123865-1001_Classes\CLSID\{635EFA6F-08D6-4EC9-BD14-8A0FDE975159}\localserver32 -> C:\Users\lucius2\AppData\Local\Chromium\Application\98.0.4715.0\notification_helper.exe (The Chromium Authors) [Archivo no firmado] <==== ATENCIÓN
CustomCLSID: HKU\S-1-5-21-2733056459-4073295486-4068123865-1001_Classes\CLSID\{72F6A03F-7B17-4E65-AE37-666FC9024FA2}\InprocServer32 -> C:\ProgramData\AllDup\KuShellExtension64.dll (Michael Thummerer -> )
ShellIconOverlayIdentifiers: [
 MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\lucius2\AppData\Local\MEGAsync\ShellExtX64.dll [2023-11-07] (Mega Limited -> )
ShellIconOverlayIdentifiers: [
 MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\lucius2\AppData\Local\MEGAsync\ShellExtX64.dll [2023-11-07] (Mega Limited -> )
ShellIconOverlayIdentifiers: [
 MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\lucius2\AppData\Local\MEGAsync\ShellExtX64.dll [2023-11-07] (Mega Limited -> )
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-10-31] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-10-31] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-10-31] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-07-15] (Avast Software s.r.o. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-07-15] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-10-31] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-02-22] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2021-10-14] (Notepad++ -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-07-15] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [Balabolka] -> {6CB83A5A-AA68-4895-9F54-175E789AE149} => C:\Program Files (x86)\Balabolka\BFileExt.dll [2020-04-04] (Ilya Morozov) [Archivo no firmado]
ContextMenuHandlers1: [BB FlashBack 2] -> {A8065B9E-193F-4797-B62D-8F6321E7FCCB} =>  -> Ningún archivo
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\lucius2\AppData\Local\MEGAsync\ShellExtX64.dll [2023-11-07] (Mega Limited -> )
ContextMenuHandlers1: [Nitro.Pro.ShellExtension.Shim] -> {211B6F25-950C-49CD-AB86-A448EF85686A} => C:\Program Files\Common Files\Nitro\Nitro.Pro.ShellExtension.Shim.dll [2023-09-23] (Nitro Software, Inc. -> Nitro Software, Inc.)
ContextMenuHandlers1: [QuickShare] -> {A8065B9E-193F-4797-B62D-8F6321E7FCCB} =>  -> Ningún archivo
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\lucius2\AppData\Local\MEGAsync\ShellExtX64.dll [2023-11-07] (Mega Limited -> )
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-07-15] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-07-17] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\lucius2\AppData\Local\MEGAsync\ShellExtX64.dll [2023-11-07] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\lucius2\AppData\Local\MEGAsync\ShellExtX64.dll [2023-11-07] (Mega Limited -> )
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => D:\Archivos de programa\driver instaladdo 580\CNext\CNext\atiacm64.dll [2022-10-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-10-31] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-02-22] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-07-15] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers6: [Fast Explorer] -> {693BE9C0-BEC3-11D2-B4C1-C33BBD3AD64B} => C:\ProgramData\AllDup\FEShlExt.dll [2008-08-20] (Alex Yakovlev) [Archivo no firmado]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-07-17] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2733056459-4073295486-4068123865-1001: [!!KuShellExtension-{72F6A03F-7B17-4E65-AE37-666FC9024FA2}] -> {72F6A03F-7B17-4E65-AE37-666FC9024FA2} => C:\ProgramData\AllDup\KuShellExtension64.dll [2023-03-04] (Michael Thummerer -> )
ContextMenuHandlers2_S-1-5-21-2733056459-4073295486-4068123865-1001: [!!KuShellExtension-{72F6A03F-7B17-4E65-AE37-666FC9024FA2}] -> {72F6A03F-7B17-4E65-AE37-666FC9024FA2} => C:\ProgramData\AllDup\KuShellExtension64.dll [2023-03-04] (Michael Thummerer -> )
ContextMenuHandlers4_S-1-5-21-2733056459-4073295486-4068123865-1001: [!!KuShellExtension-{72F6A03F-7B17-4E65-AE37-666FC9024FA2}] -> {72F6A03F-7B17-4E65-AE37-666FC9024FA2} => C:\ProgramData\AllDup\KuShellExtension64.dll [2023-03-04] (Michael Thummerer -> )
ContextMenuHandlers5_S-1-5-21-2733056459-4073295486-4068123865-1001: [!!KuShellExtension-{72F6A03F-7B17-4E65-AE37-666FC9024FA2}] -> {72F6A03F-7B17-4E65-AE37-666FC9024FA2} => C:\ProgramData\AllDup\KuShellExtension64.dll [2023-03-04] (Michael Thummerer -> )

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\lucius2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Documentos.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\lucius2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\lucius2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Google Drive.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\lucius2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Hojas de cálculo.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\lucius2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Presentaciones.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\lucius2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\lucius2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7b56a4ce78062041\Chromium.lnk -> C:\Users\lucius2\Downloads\chrome-win\chrome-win\chrome.exe (The Chromium Authors) -> --profile-directory=Default

==================== Módulos cargados (Lista blanca) =============

2024-02-22 23:50 - 2024-02-22 23:50 - 000010240 _____ () [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\es_es\AcroTray.esp
2021-10-05 10:44 - 2021-10-05 10:44 - 000021504 _____ (Adobe Systems Inc.) [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\es_es\Acrobat Elements\ContextMenuShim64.esp
2023-03-22 15:26 - 2009-10-21 18:36 - 000163840 ____N (Creative Technology Ltd) [Archivo no firmado] C:\Program Files (x86)\Creative\ShareDLL\CADI\ctcadi.dll
2023-03-22 15:26 - 2009-03-18 17:00 - 000151552 ____N (Creative Technology Ltd) [Archivo no firmado] C:\Program Files (x86)\Creative\ShareDLL\CADI\CTCadiEP.dll
2023-03-22 15:26 - 2013-05-06 15:47 - 000573440 ____N (Creative Technology Ltd) [Archivo no firmado] C:\Program Files (x86)\Creative\ShareDLL\CADI\CTRice.dll
2023-03-22 15:26 - 2011-08-10 16:00 - 000249856 ____N (Creative Technology Ltd) [Archivo no firmado] C:\Program Files (x86)\Creative\ShareDLL\CADI\DBACSU.dll
2023-03-22 15:26 - 2007-02-01 12:13 - 000061440 ____N (Creative Technology Ltd) [Archivo no firmado] C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.dll
2023-03-22 15:26 - 2011-09-14 16:27 - 000506880 ____N (Creative Technology Ltd) [Archivo no firmado] C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\CTAudEp.dll
2023-03-22 15:26 - 2013-01-30 18:38 - 000098304 ____N (Creative Technology Ltd) [Archivo no firmado] C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\CTIntrfu.dll
2023-03-22 15:26 - 2010-09-01 10:53 - 000237568 ____N (Creative Technology Ltd) [Archivo no firmado] C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\CTLoadRs.dll
2023-03-22 15:26 - 2013-02-01 23:38 - 000095744 ____N (Creative Technology Ltd) [Archivo no firmado] C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\CTMFSess.dll
2023-03-22 15:26 - 2014-06-05 14:48 - 000407552 ____N (Creative Technology Ltd) [Archivo no firmado] C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\CTProfile.dll
2023-03-22 15:26 - 2014-06-05 14:48 - 000227328 ____N (Creative Technology Ltd) [Archivo no firmado] C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\CTSetHID.dll
2023-03-22 15:26 - 2013-09-06 16:23 - 000837120 ____N (Creative Technology Ltd) [Archivo no firmado] C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\HookWndU.DLL
2023-03-22 15:26 - 2012-10-16 14:47 - 000417792 ____N (Creative Technology Ltd.) [Archivo no firmado] C:\Program Files (x86)\Creative\ShareDLL\CADI\CTPresetW.dll
2020-12-04 11:56 - 2018-11-15 14:08 - 002200784 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [Archivo no firmado] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\IcMSIDll.dll
2020-04-04 22:04 - 2020-04-04 22:04 - 000370176 _____ (Ilya Morozov) [Archivo no firmado] C:\Program Files (x86)\Balabolka\BFileExt.dll
2000-08-29 03:19 - 2000-08-29 03:19 - 000401462 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Firebird\Firebird_1_5\bin\MSVCP60.dll
2020-12-04 11:56 - 2018-08-31 07:26 - 000053760 _____ (MS) [Archivo no firmado] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\MsIo32_Galax.dll
2021-07-20 10:55 - 2021-07-20 10:55 - 000090112 _____ (Silicon Laboratories, Inc.) [Archivo no firmado] C:\Program Files\Corsair\CORSAIR iCUE 4 Software\SiUSBXp.dll
2004-02-23 02:05 - 2004-02-23 02:05 - 000356431 _____ (The Firebird Project) [Archivo no firmado] C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbclient.dll
2021-09-25 19:55 - 2016-10-04 04:43 - 000399872 _____ (TODO: <公司名稱>) [Archivo no firmado] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\SDKDLL.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) =============

BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-02-22] (Adobe Inc. -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-02-22] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2025-08-11] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-02-22] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-02-22] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-02-22] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-02-22] (Adobe Inc. -> Adobe Systems Incorporated)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-08-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-08-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-08-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-08-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-08-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-08-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-08-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-08-11] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2021-10-24 12:43 - 2023-10-28 12:59 - 000009761 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 activation.cloud.techsmith.com
127.0.0.1 oscount.techsmith.com
127.0.0.1 65.52.240.48
127.0.0.1 69.167.144.18
127.0.0.1 acdid.acdsystems.com
127.0.0.1 www.driver-soft.com
127.0.0.1 asc55.iobit.com
127.0.0.1 is360.iobit.com
127.0.0.1 pf.iobit.com
127.0.0.1 idb.iobit.com
127.0.0.1 iunins.iobit.com
127.0.0.1 sd.iobit.com
127.0.0.1 bind.gridinsoft.com
127.0.0.1 www.newsoftwares.net
127.0.0.1 newsoftwares.net
127.0.0.1 www.password-protect-folders.net
127.0.0.1 23.74.204.49
127.0.0.1 2.20.235.247
127.0.0.1 216.58.214.40
127.0.0.1 151.101.12.143
127.0.0.1 66.117.29.4
127.0.0.1 63.140.41.167
127.0.0.1 13.80.12.54
127.0.0.1 239.255.255.250

Hay 264 más lineas.

hoy nada mas enchufarlo me salto el antivirus

voice control engine.exe infectado con idg. generic

Hola @pilu

Perdón por el retraso.

Pruebe la siguiente solución con FRST

Farbar Recovery Scan Tool: FIX

Nota: tras ejecutar el script (posiblemente), se cerrarán todas las pestañas abiertas del navegador, se cerrará la sesión de sus cuentas y se borrarán los archivos temporales, la papelera de reciclaje, el historial del navegador, las cookies y la caché.

Desactive su antivirus antes de reiniciar. Seleccione el siguiente código:

Start::
SystemRestore: On
CreateRestorePoint:
CloseProcesses:

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\RunOnce: [Uninstall 25.122.0624.0004] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\lucius2\AppData\Local\Microsoft\OneDrive\25.122.0624.0004" [0 2025-08-11] () <==== ATENCIÓN [cero bytes Archivo/Carpeta]
GroupPolicy: Restricción ? <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
Task: {C34A753E-87A7-4AC1-9909-0E772F80B2AA} - \MiniToolPartitionWizard -> Ningún archivo <==== ATENCIÓN
S3 cpuz150; \??\C:\Windows\temp\cpuz150\cpuz150_x64.sys [X] <==== ATENCIÓN
CustomCLSID: HKU\S-1-5-21-2733056459-4073295486-4068123865-1001_Classes\CLSID\{635EFA6F-08D6-4EC9-BD14-8A0FDE975159}\localserver32 -> C:\Users\lucius2\AppData\Local\Chromium\Application\98.0.4715.0\notification_helper.exe (The Chromium Authors) [Archivo no firmado] <==== ATENCIÓN
HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\Run: [AMDNoiseSuppression] => "C:\Windows\system32\AMD\ANR\AMDNoiseSuppression.exe" (Ningún archivo)
HKLM\...\Print\Monitors\UDC: udcpm.dll (Ningún archivo)
Task: {C34A753E-87A7-4AC1-9909-0E772F80B2AA} - \MiniToolPartitionWizard -> Ningún archivo <==== ATENCIÓN
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Ningún archivo]
FirewallRules: [TCP Query User{1B3AB4FA-C518-42C6-A19C-62368C86031D}C:\users\lucius2\appdata\local\programs\opera\74.0.3911.75\opera.exe] => (Allow) C:\users\lucius2\appdata\local\programs\opera\74.0.3911.75\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{9D335331-2D29-4475-B0DB-0E28FF5C5E3F}C:\users\lucius2\appdata\local\programs\opera\74.0.3911.75\opera.exe] => (Allow) C:\users\lucius2\appdata\local\programs\opera\74.0.3911.75\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{6E1D25A1-199C-4F5B-B112-F906AAC509EE}C:\users\lucius2\appdata\local\programs\opera\74.0.3911.218\opera.exe] => (Block) C:\users\lucius2\appdata\local\programs\opera\74.0.3911.218\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{5BA7431A-9686-4F95-A5FD-E4E0946506F9}C:\users\lucius2\appdata\local\programs\opera\74.0.3911.218\opera.exe] => (Block) C:\users\lucius2\appdata\local\programs\opera\74.0.3911.218\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{F8DCAF89-33FD-44F5-B827-D92C9D3C0550}C:\users\lucius2\appdata\local\programs\opera\75.0.3969.149\opera.exe] => (Allow) C:\users\lucius2\appdata\local\programs\opera\75.0.3969.149\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{3A69B155-F9CB-4750-8E31-698DEABA565B}C:\users\lucius2\appdata\local\programs\opera\75.0.3969.149\opera.exe] => (Allow) C:\users\lucius2\appdata\local\programs\opera\75.0.3969.149\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{8F2537B4-9E00-4AE1-AE95-B5943433BDCE}C:\users\lucius2\appdata\local\programs\opera\75.0.3969.243\opera.exe] => (Allow) C:\users\lucius2\appdata\local\programs\opera\75.0.3969.243\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{B0D52493-A398-4549-B5B3-A91DF5DDFA19}C:\users\lucius2\appdata\local\programs\opera\75.0.3969.243\opera.exe] => (Allow) C:\users\lucius2\appdata\local\programs\opera\75.0.3969.243\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{E35660DC-C305-40A5-9462-C2E338BC5788}C:\users\lucius2\appdata\local\programs\opera\76.0.4017.107\opera.exe] => (Allow) C:\users\lucius2\appdata\local\programs\opera\76.0.4017.107\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{015BCFBE-C17B-4DB4-883C-9E2D2E2F5B5C}C:\users\lucius2\appdata\local\programs\opera\76.0.4017.107\opera.exe] => (Allow) C:\users\lucius2\appdata\local\programs\opera\76.0.4017.107\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{BA314910-AEDA-4CE2-B929-1C9249EBA7E8}C:\users\lucius2\appdata\local\programs\opera\76.0.4017.123\opera.exe] => (Allow) C:\users\lucius2\appdata\local\programs\opera\76.0.4017.123\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{DF7C5BA5-F824-49DB-B9EA-239B6DE19D4D}C:\users\lucius2\appdata\local\programs\opera\76.0.4017.123\opera.exe] => (Allow) C:\users\lucius2\appdata\local\programs\opera\76.0.4017.123\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{F5C6AE69-29AF-4275-8F53-4DF8AB9BDA8D}C:\users\lucius2\appdata\local\programs\opera\76.0.4017.177\opera.exe] => (Block) C:\users\lucius2\appdata\local\programs\opera\76.0.4017.177\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{AAE184EF-2E9B-42BE-B185-4130CDBE5E62}C:\users\lucius2\appdata\local\programs\opera\76.0.4017.177\opera.exe] => (Block) C:\users\lucius2\appdata\local\programs\opera\76.0.4017.177\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{DBB8B93F-7723-4445-953F-F6784C22974D}C:\users\lucius2\downloads\quantower\tradingplatform\v1.118.17\starter.exe] => (Allow) C:\users\lucius2\downloads\quantower\tradingplatform\v1.118.17\starter.exe => Ningún archivo
FirewallRules: [UDP Query User{ABD0545A-666D-4D5B-A931-C92B07071725}C:\users\lucius2\downloads\quantower\tradingplatform\v1.118.17\starter.exe] => (Allow) C:\users\lucius2\downloads\quantower\tradingplatform\v1.118.17\starter.exe => Ningún archivo
FirewallRules: [TCP Query User{54164F6A-5B4D-4856-81E9-51D97E8F822F}C:\users\lucius2\downloads\quantower\tradingplatform\v1.119.11\starter.exe] => (Allow) C:\users\lucius2\downloads\quantower\tradingplatform\v1.119.11\starter.exe => Ningún archivo
FirewallRules: [UDP Query User{4197EDAF-3CCB-4C60-AE13-05233768526D}C:\users\lucius2\downloads\quantower\tradingplatform\v1.119.11\starter.exe] => (Allow) C:\users\lucius2\downloads\quantower\tradingplatform\v1.119.11\starter.exe => Ningún archivo
FirewallRules: [TCP Query User{1B892EB6-3D8F-434C-B232-DB95C6911DCA}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.118.5\starter.exe] => (Allow) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.118.5\starter.exe => Ningún archivo
FirewallRules: [UDP Query User{7E9EAEB2-1627-47A7-81D5-A88532EA87AB}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.118.5\starter.exe] => (Allow) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.118.5\starter.exe => Ningún archivo
FirewallRules: [TCP Query User{0E538540-35BA-462C-BD46-18A28FA2941B}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.119.2\starter.exe] => (Allow) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.119.2\starter.exe => Ningún archivo
FirewallRules: [UDP Query User{FF50EEDD-4800-4173-8CBE-B6C32909C8A3}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.119.2\starter.exe] => (Allow) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.119.2\starter.exe => Ningún archivo
FirewallRules: [TCP Query User{1DB67D8D-3423-4881-B633-E3AE38603FF7}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.124.4\starter.exe] => (Allow) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.124.4\starter.exe => Ningún archivo
FirewallRules: [UDP Query User{2B7F6757-EBE3-4996-918D-9684F08BA758}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.124.4\starter.exe] => (Allow) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.124.4\starter.exe => Ningún archivo
FirewallRules: [TCP Query User{BCC307C7-7095-4D75-8618-DB92C6C8009A}E:\transmision torrent\transmission-qt.exe] => (Allow) E:\transmision torrent\transmission-qt.exe => Ningún archivo
FirewallRules: [UDP Query User{7C05F14B-26A8-4D6B-B3FD-E6002993F85A}E:\transmision torrent\transmission-qt.exe] => (Allow) E:\transmision torrent\transmission-qt.exe => Ningún archivo
FirewallRules: [TCP Query User{87ACEF6D-5F64-450E-B8CE-0AFF35FAC5DE}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.126.5\starter.exe] => (Block) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.126.5\starter.exe => Ningún archivo
FirewallRules: [UDP Query User{105A5418-01F3-44EA-B60B-63816AB95DA4}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.126.5\starter.exe] => (Block) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.126.5\starter.exe => Ningún archivo
FirewallRules: [TCP Query User{EB268959-012B-4F7B-9967-4EA20201C5B4}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.130.5\starter.exe] => (Allow) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.130.5\starter.exe => Ningún archivo
FirewallRules: [UDP Query User{6D779CDB-AC4E-418C-8D9D-D82E2301E7A0}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.130.5\starter.exe] => (Allow) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.130.5\starter.exe => Ningún archivo
FirewallRules: [TCP Query User{EA2C94C2-F6F1-4FD8-981B-B721C273C151}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.130.6\starter.exe] => (Allow) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.130.6\starter.exe => Ningún archivo
FirewallRules: [UDP Query User{50704055-4D38-4FCE-948B-B6F74A0D3432}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.130.6\starter.exe] => (Allow) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.130.6\starter.exe => Ningún archivo
FirewallRules: [{6AADE12A-91D3-4AE9-B02C-4C9D19BAF7A0}] => (Allow) C:\Users\lucius2\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => Ningún archivo
FirewallRules: [{42E69844-95B8-473A-8C1B-CCACE137ACF8}] => (Allow) C:\Users\lucius2\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => Ningún archivo
FirewallRules: [{83F260C0-A2F0-4E46-BA3A-3AEDEDA41679}] => (Allow) C:\Users\lucius2\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => Ningún archivo
FirewallRules: [TCP Query User{9490D3B1-ECBB-455B-B7A8-7B9F71212631}C:\users\lucius2\downloads\quantower\tradingplatform\v1.135.4\starter.exe] => (Allow) C:\users\lucius2\downloads\quantower\tradingplatform\v1.135.4\starter.exe => Ningún archivo
FirewallRules: [UDP Query User{27E1CF8C-A763-4826-815D-9BE0F564EC77}C:\users\lucius2\downloads\quantower\tradingplatform\v1.135.4\starter.exe] => (Allow) C:\users\lucius2\downloads\quantower\tradingplatform\v1.135.4\starter.exe => Ningún archivo
FirewallRules: [{8EB7279B-71DA-46D8-B234-5F7C85181D5A}] => (Allow) C:\Users\lucius2\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => Ningún archivo
FirewallRules: [{B88E995D-0FF1-44AD-BDB7-722FF8A314D0}] => (Allow) C:\Users\lucius2\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => Ningún archivo
FirewallRules: [TCP Query User{382F1971-55DB-410C-B7FB-9D50FE804A0F}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.135.6\starter.exe] => (Allow) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.135.6\starter.exe => Ningún archivo
FirewallRules: [UDP Query User{85F723AC-D5A3-48F6-9678-B2FFD7CCCB73}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.135.6\starter.exe] => (Allow) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.135.6\starter.exe => Ningún archivo
FirewallRules: [TCP Query User{449F4F9C-25BB-4729-972C-CC6C3891F0FF}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.136.8\starter.exe] => (Allow) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.136.8\starter.exe => Ningún archivo
FirewallRules: [UDP Query User{8CB2A84A-BED7-43FC-A24A-08E5F48043B9}C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.136.8\starter.exe] => (Allow) C:\users\lucius2\downloads\amp quantower\tradingplatform\v1.136.8\starter.exe => Ningún archivo
FirewallRules: [{DAD8C92C-9EFC-470C-9834-7274FAADD920}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe => Ningún archivo
FirewallRules: [{4D8BEABF-8213-4AEA-9B6B-D0B310097B33}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe => Ningún archivo
FirewallRules: [{5E47A448-7934-4A7D-815C-AE949EB2BF1A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe => Ningún archivo
FirewallRules: [{64E0745A-1583-4EBC-B180-4659628D239A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe => Ningún archivo
FirewallRules: [{22E13418-88F0-48DB-9663-DDC17A8061EA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe => Ningún archivo
FirewallRules: [{35F0E01F-56E8-4034-B533-4E27128AA2E5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe => Ningún archivo
FirewallRules: [{36B59D9F-F181-4A96-8B80-E4CA9AC1A67B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe => Ningún archivo
FirewallRules: [{8C10C013-B93A-4B97-9EB6-2DEDC315CE64}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe => Ningún archivo
FirewallRules: [{20A5704F-555F-4A17-B32E-3D5D26FDC9AC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe => Ningún archivo
FirewallRules: [{E123E084-95D2-4CD1-8460-0E70C1618928}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe => Ningún archivo
CustomCLSID: HKU\S-1-5-21-2733056459-4073295486-4068123865-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> "C:\Users\lucius2\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe" -ToastActivated => Ningún archivo
ContextMenuHandlers1: [BB FlashBack 2] -> {A8065B9E-193F-4797-B62D-8F6321E7FCCB} =>  -> Ningún archivo
ContextMenuHandlers1: [QuickShare] -> {A8065B9E-193F-4797-B62D-8F6321E7FCCB} =>  -> Ningún archivo

2024-02-24 17:08 - 2024-02-24 17:08 - 000000471 _____ () C:\Users\lucius2\AppData\Roaming\.gr_fftw_wisdom
2024-02-24 17:08 - 2024-02-24 17:08 - 000000000 _____ () C:\Users\lucius2\AppData\Roaming\.gr_fftw_wisdom.lock
2024-06-18 10:10 - 2024-06-27 10:03 - 000535040 _____ (Dirección General de la Policía) C:\Users\lucius2\AppData\Local\DNIeService.exe
2021-10-12 12:56 - 2023-12-03 16:38 - 000007607 _____ () C:\Users\lucius2\AppData\Local\Resmon.ResmonCfg


HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Sound Blaster Tactic3D Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe [2091008 2014-07-03] (Creative Technology Ltd) [Archivo no firmado]
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2023-10-31] (Adobe Inc. -> )

HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [123172896 2024-07-24] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\Run: [EpicGamesLauncher] => E:\epic games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36981208 2024-12-04] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\Run: [MicrosoftEdgeAutoLaunch_2E378602720D44159276CE8645339F8D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4113472 2025-07-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\Run: [AMDNoiseSuppression] => "C:\Windows\system32\AMD\ANR\AMDNoiseSuppression.exe" (Ningún archivo)
HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\Run: [Opera Browser Assistant] => C:\Users\lucius2\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3996064 2024-03-04] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\Run: [AvastBrowserAutoLaunch_A4176226833796E7A57D48BFC0505010] => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [3497312 2025-07-02] (Avast Software s.r.o. -> Gen Digital Inc.)
HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\RunOnce: [Application Restart #3] => C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe [3168848 2025-07-16] (Brave Software, Inc. -> Brave Software, Inc.)
HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\lucius2\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [92313984 2025-08-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\lucius2\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" [91703144 2025-08-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\RunOnce: [Uninstall 25.122.0624.0004] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\lucius2\AppData\Local\Microsoft\OneDrive\25.122.0624.0004" [0 2025-08-11] () <==== ATENCIÓN [cero bytes Archivo/Carpeta]
HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\MountPoints2: {6666f022-23c0-11ee-8ca0-2cf05d9f1ea2} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\MountPoints2: {b6688ed6-a9e1-11ee-8cb8-2cf05d9f1ea2} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\MountPoints2: {b6688eed-a9e1-11ee-8cb8-2cf05d9f1ea2} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2733056459-4073295486-4068123865-1001\...\MountPoints2: {eb6daf4c-e86d-11ef-8cd7-c8e265fed147} - "G:\HiSuiteDownLoader.exe"

EmptyEventLogs:

Removeproxy:
Hosts:

CMD: DISM /Online /Cleanup-image /Restorehealth
CMD: sfc /scannow
CMD: winmgmt /salvagerepository
CMD: winmgmt /verifyrepository
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: reg query "HKLM\System\CurrentControlSet\Control\Session Manager\Environment" /S
CMD: reg query "HKCU\Environment" /S
CMD: reg query "HKCU\Software"

Emptytemp:
End:

Copie el texto seleccionado (clic derecho - Copiar). Ejecute FRST (FRST64) como administrador. Haga clic en “Reparar” una vez (!) y espere. El programa creará un archivo de registro (Fixlog.txt). Adjúntelo a su próximo mensaje.

El ordenador se reiniciará automáticamente.

Salu2

voice control engine.exe infected with idg. generic

¿Tiene más detalles sobre la ruta de archivo afectada? ¿O el registro de Avast?