Behavior:Win32/NotepadInject.SA

Hola! Después de varios días leyendo por el foro e intentando aplicar las recetas que se indican en los temas, no consigo quitar el troyano que detecta windows defender con el nombre Behavior:Win32/NotepadInject.SA

He probado los pasos de la guía de detección de malwares en modo a prueba de fallos y no detecta nada. Malwarebytes no para de bloquear estos 2 archivos:

-Detalles del sitio web bloqueado- Sitio web malicioso: 1 , C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe, Bloqueado, -1, -1, 0.0.0, , -Datos de sitio web- Categoría: Troyano Dominio: 44-32-66-234.loserve.org Dirección IP: 83.171.237.131 Puerto: 2360 Tipo: Saliente Archivo: C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe

-Detalles del sitio web bloqueado- Sitio web malicioso: 1 , C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2205.11.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe, Bloqueado, -1, -1, 0.0.0, , -Datos de sitio web- Categoría: Troyano Dominio: 44-32-66-234.loserve.org Dirección IP: 83.171.237.131 Puerto: 3340 Tipo: Saliente Archivo: C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2205.11.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe

Muchas gracias y disculpen la torpeza.

Hola, buenas @Soyban

Al ser nuevo te recomiendo que te leas las políticas de este. No porque hayas hecho nada mal, sino para saber más acerca del funcionamiento de este.

Sé que ha pasado mucho tiempo y que no recibiste ayuda.

¿Sigues necesitando ayuda?

Nos comentas.

Salu2.

Buenas @Marr0n He probado varias cosas, pero el problema sigue ahí, sigue detectando la misma alerta constantemente. Muchas gracias por la respuesta.

Hola, buenas @Soyban

Primero de todo disculpa que haya tardado en responder. Pues he estado otra temporada inactivo en el foro.

Sé que ha pasado algún tiempo. Seguimos, vamos a ver

Desactivas tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.

LO DESCARGAS EN TU ESCRITORIO MUY IMPORTANTE (y no en otro sitio).

Descargas Farbar Recovery Scan Tool MUY IMPORTANTE >> seleccionas la versión adecuada para la arquitectura correspondiente de tu Ordenador (32 o 64bits). ¿Cómo saber si mi Windows es de 32 o 64 bits.?

Una vez descargado FRST, desconectas tu equipo de completamente de Internet (apagas el router) >> Super Importante. Acto seguido, cierras también cualquier otro programa que tengas abierto.

Farbar Recovery Scan Tool

1. Ejecutas el FRST.exe (Si utilizas Windows Vista/7/8 o 10, presionas click derecho y seleccionas Ejecutar como Administrador).

2. Aparecerá una ventana con un mensaje de Disclaimer/Responsabilidad, presionas sobre Si o Yes.

3. En la ventana principal del programa presionas sobre Analizar/Scan y esperas a que finalice el análisis.

4. Aparecerán dos logs/reportes que serán: Frst.txt y Addition.txt, estos quedarán guardados en el escritorio.

Activas de nuevo tu antivirus y cualquier programa de seguridad que tengas activado. También conectas nuevamente tu equipo a Internet.

PRÓXIMA RESPUESTA

Pegas los reportes de FRST.txt y Addition.txt. Debes de poner ambos reportes todos enteros con absolutamente todo su contenido. Deberás de realizar varios mensajes si recibes un mensaje de error/advertencia indicando que es muy largo dicho reporte que formará el mensaje (más de 50.000 carácteres aprox.).

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

• No realices pasos/acciones que NOSOTROS no te hayamos indicado.
• No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
• No instales NADA (programas/software/complementos/extensiones del navegador…).
• No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
• No realices por tu cuenta otros procedimientos.
• Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

report703×272 3.73 KB

Salu2.

Hola @Marr0n A ver si lo hago todo bien. Primero va el FRST:

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 15-08-2022
Ejecutado por IVAN (administrador) sobre LAPTOP-FIHAUTJ7 (LENOVO 81SX) (21-08-2022 19:02:39)
Ejecutado desde C:\Users\34653\Desktop
Perfiles cargados: IVAN
Plataforma: Microsoft Windows 11 Home Versión 21H2 22000.856 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_22183.300.1431.9295_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\104.0.1293.47\msedgewebview2.exe <6>
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.565.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\104.0.1293.54\msedgewebview2.exe <6>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe
(C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe <4>
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <3>
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <3>
(dolbyaposvc\DAX3API.exe ->) (Dolby Laboratories, Inc. -> ) C:\Program Files\Common Files\Dolby\DAX3\RADARHOST\DSRHost.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <15>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\104.0.1293.54\Installer\setup.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Eidgenössische Technische Hochschule Zürich -> ETH Zürich) C:\Program Files\SafeExamBrowser\Service\SafeExamBrowser.Service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_9196e89091d8bdbb\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_f9cd2639d2c9e4c9\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(sihost.exe ->) (LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.54.0_x64__5grkq8ppsgwt4\LaunchUtility\utility.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SecHealthUI_1000.22000.251.0_neutral__8wekyb3d8bbwe\SecHealthUI.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\SecurityHealth\1.0.2109.27002-0\SecurityHealthHost.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.565.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1076728 2020-03-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5929680 2022-08-02] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11186408 2022-08-13] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711328 2022-06-16] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\62.0.1.0\GoogleDriveFS.exe [51140424 2022-07-28] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\62.0.1.0\GoogleDriveFS.exe [51140424 2022-07-28] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2628076097-899198543-139089765-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\62.0.1.0\GoogleDriveFS.exe [51140424 2022-07-28] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2628076097-899198543-139089765-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5491920 2022-08-02] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2628076097-899198543-139089765-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\34653\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (Ningún archivo)
HKU\S-1-5-21-2628076097-899198543-139089765-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\34653\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Ningún archivo)
HKU\S-1-5-21-2628076097-899198543-139089765-1001\...\RunOnce: [Uninstall 22.141.0703.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\34653\AppData\Local\Microsoft\OneDrive\22.141.0703.0002" (Ningún archivo)
HKU\S-1-5-21-2628076097-899198543-139089765-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-2628076097-899198543-139089765-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-2628076097-899198543-139089765-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5491920 2022-08-02] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2628076097-899198543-139089765-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91016568 2020-12-02] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2628076097-899198543-139089765-1002\...\Run: [GoogleDriveFS] => "C:\Program Files\Google\Drive File Stream\60.0.2.0\GoogleDriveFS.exe" --startup_mode (Ningún archivo)
HKU\S-1-5-21-2628076097-899198543-139089765-1002\...\Policies\Explorer: [] 
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\62.0.1.0\GoogleDriveFS.exe [51140424 2022-07-28] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\KOAYTJ_P: C:\Windows\System32\spool\prtprocs\x64\KOAYTJ_P.dll [77312 2010-10-07] (KONICA MINOLTA, INC. -> Monotype Imaging Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2021-12-24] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\C364SeriesPCL Language Monitor: C:\Windows\system32\KOAYTJ_L.DLL [16896 2013-04-22] (KONICA MINOLTA, INC. -> KONICA MINOLTA, INC.)
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [116736 2020-05-12] (pdfforge GmbH) [Archivo no firmado]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\104.0.5112.82\Installer\chrmstp.exe [2022-08-21] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 
Startup: C:\Users\34653\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\4f34d6c6.lnk [2022-04-07]
ShortcutTarget: 4f34d6c6.lnk -> C:\testintel3\autoit.exe (AutoIt Consulting Ltd -> AutoIt Team)
Startup: C:\Users\34660\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GenuineService.lnk [2019-12-04]
ShortcutTarget: GenuineService.lnk -> C:\Users\34653\Autodesk\Genuine Service\GenuineService.exe (Ningún archivo)
BootExecute: autocheck autochk * 씂⼧刀耀郜甀ᡈ甁

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {017A056E-292F-4AE9-89F7-54A586DD7F13} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\34653\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-08-03] (ESET, spol. s r.o. -> ESET)
Task: {01CCB55D-2DEC-4E02-95A1-F4385F09EAC6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145304 2022-08-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {126D42A9-4E45-40B7-9C5B-DBB9D00C0BF8} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790568 2019-02-18] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {16CBE672-4424-4D8B-B04E-06B4D0A57DEC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-12-01] (Google Inc -> Google LLC)
Task: {1951863A-664F-4C73-8309-E0CC70B51C41} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {28305D21-CD2A-4E1A-B9A0-C6868C05ABA0} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [147864 2022-05-12] (Lenovo -> Lenovo Group Ltd.)
Task: {30FA0794-2C9F-41DA-ABDE-21DA8577482E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {31BD157D-085B-4292-BCCC-97CAE7B444F3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3C4DC7E5-CD3A-4176-B97C-2BF0EDD29F17} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8406496 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {3E52677D-2DC1-40DF-A8A3-E7F059EE7EAF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3F2F01E6-D8C1-49B1-84FB-B6034FE99365} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c0528c85-4e61-4d33-88bc-a2c3680b371a => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {431B896D-B4A2-4BC9-88DC-D891B3AC66E0} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {463F1664-EED5-4031-877F-9CBEE265E9A6} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {475C75BC-1395-41C4-848B-C432555A85BC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {4C662206-25BA-4EAA-9625-5EF9412ECF44} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [840744 2019-02-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {50878258-2F39-45BF-B261-92726CAEBC11} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2ea7dd67-adf7-4d04-adbe-0f69657b19a8 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {5178918E-0FFE-42B4-8A0D-25A86ADE7DF9} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {557848B6-30D4-4302-AC67-68390EA04A58} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [572456 2019-02-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {653A64D9-8B57-46DD-8AF2-EBCC94EFDB8C} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [61856 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {671EA8F8-9D49-489B-94DD-A5D754760494} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\03280056-aa1c-4e47-b454-2a991f992953 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {695D1DB6-9E4C-4347-A0C4-5A68D55E25A7} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\34653\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-08-03] (ESET, spol. s r.o. -> ESET)
Task: {72B0BA69-396C-4D92-8F22-61767C3EBEAD} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ac362f90-ba02-4cca-8133-05ab4ffdabdf => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {77E412CA-4A73-4F79-AC02-BAA76CDB508E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [702504 2019-02-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {79768634-0A9B-42A5-89B1-AA922722A168} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\76036c6c-49fe-43d7-9183-9434f42975c6 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {804AD461-B92F-4059-9ECD-F3D586BDDEF9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {83F1EA2B-4BB7-40FE-B4A4-7CB3D031EF9B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3724328 2019-02-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {853960F4-A13E-48B0-A42D-E9009E21A2AE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790568 2019-02-18] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {87C2793E-D205-4BFC-A038-2110624A8F8A} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [217088 2022-07-28] (Microsoft Windows -> Microsoft Corporation)
Task: {88DDFE8E-550E-4108-9641-5A7640DADBA9} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {8E3EC4CB-F3AE-4EAE-890F-ABE3DCB466F4} - System32\Tasks\Lenovo\FBNetFilter PNP Task => C:\Windows\System32\drivers\FBNetFilterInstall.exe [1149352 2019-03-04] (LENOVO (UNITED STATES) INC. -> Lenovo Group Ltd.)
Task: {9D8BA94D-1DE0-484A-9F6B-10EED64CE9DC} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {A23E1F68-3BA2-4193-9E4E-78FF4FE3F9AA} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {A95EDE2B-440D-4AC1-99AC-5003162D9D05} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8406496 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {B18E0E53-3DCC-425F-8DA5-1B55CD2B087E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9F7AE7C-E705-4D96-AB1C-4D924E05F690} - System32\Tasks\G2MUpdateTask-S-1-5-21-2628076097-899198543-139089765-1002 => C:\Users\34660\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-07-19] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {BF274449-C8E8-4850-9E11-D0372861305B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [840744 2019-02-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CB474E94-989B-4019-8906-6B009E16F88A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145304 2022-08-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (Ningún archivo)
Task: {D37A5A80-1022-4271-B3E3-F8614836CFBE} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-02-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E4C888B4-93B9-4C5C-9A34-492D355DD1EC} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-02-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E5A27F0E-308C-4EB0-AC69-6EABD6AF3262} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-12-01] (Google Inc -> Google LLC)
Task: {EA96BFB0-705D-468A-825C-FE1EF81264A7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE48BFE4-6373-45EF-896C-1D59C7A755D1} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-02-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F5551EEA-3A02-4E3C-9985-AFD9E4DD5449} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {F94C2B9E-608D-48DE-A595-DECAAFEF1B4B} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-02-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FC3B4BE1-DF02-4754-94FA-45A5BA7545A3} - System32\Tasks\G2MUploadTask-S-1-5-21-2628076097-899198543-139089765-1002 => C:\Users\34660\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-07-19] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {FCA18D6F-FE84-4AB5-B8C0-F77FAF9D6FF4} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {FE6003A7-487F-4058-B65B-8EB13916C1E2} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [217088 2022-07-28] (Microsoft Windows -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2628076097-899198543-139089765-1002.job => C:\Users\34660\AppData\Local\GoToMeeting\19950\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2628076097-899198543-139089765-1002.job => C:\Users\34660\AppData\Local\GoToMeeting\19950\g2mupload.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7dc32cfc-95f2-47bc-9287-eaa91263a960}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{dd922229-d5a7-44cf-be86-830f952a825f}: [DhcpNameServer] 192.168.1.1

Edge: 
=======
DownloadDir: C:\Users\34653\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-2628076097-899198543-139089765-1001 -> hxxp://www.google.es/
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
Edge DefaultProfile: Default
Edge Profile: C:\Users\34653\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-03]
Edge HomePage: Default -> hxxp:\/\/lenovo17win10.msn.com\/?pc=LCTE
Edge StartupUrls: Default -> "hxxps:\/\/google.es\/"
Edge Extension: (SaferVPN Proxy - Free & Fast Privacy App) - C:\Users\34653\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cocfojppfigjeefejbpfmedgjbpchcng [2020-08-16]

FireFox:
========
FF DefaultProfile: tpjy0q1z.default
FF ProfilePath: C:\Users\34653\AppData\Roaming\Mozilla\Firefox\Profiles\tpjy0q1z.default [2022-03-25]
FF ProfilePath: C:\Users\34653\AppData\Roaming\Mozilla\Firefox\Profiles\2fgawqut.default-release [2022-08-03]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-12-02]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKU\S-1-5-21-2628076097-899198543-139089765-1001\...\Firefox\Extensions: [[email protected]] - C:\Users\34653\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => no encontrado
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.341.2 -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\dtplugin\npDeployJava1.dll [2022-07-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.341.2 -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\plugin2\npjp2.dll [2022-07-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-08-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-2628076097-899198543-139089765-1001: @acestream.net/acestreamplugin,version=3.1.32 -> C:\Users\34653\AppData\Roaming\ACEStream\player\npace_plugin.dll [Ningún archivo]
FF Plugin HKU\S-1-5-21-2628076097-899198543-139089765-1002: @zoom.us/ZoomVideoPlugin -> C:\Users\34660\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-03-17] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome: 
=======
CHR Profile: C:\Users\34653\AppData\Local\Google\Chrome\User Data\Default [2022-08-21]
CHR Notifications: Default -> hxxps://web.telegram.org; hxxps://www.cam4.es; hxxps://www.reddit.com
CHR Extension: (DownAlbum) - C:\Users\34653\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgjnhhjpfcdhbhlcmmjppicjmgfkppok [2021-04-05]
CHR Extension: (Adobe Acrobat: herramientas para convertir, editar y firmar PDFs) - C:\Users\34653\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-07-27]
CHR Extension: (Fotocasa) - C:\Users\34653\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggjoifnbhpidaebcgpibnefdfieanjka [2020-09-14]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\34653\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-21]
CHR Extension: (TUK Player) - C:\Users\34653\AppData\Local\Google\Chrome\User Data\Default\Extensions\maagmnodfdojabjbjhkbnbheenakpheo [2021-04-28]
CHR Extension: (Ace Script) - C:\Users\34653\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2022-08-03]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\34653\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR HKU\S-1-5-21-2628076097-899198543-139089765-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
CHR HKU\S-1-5-21-2628076097-899198543-139089765-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3815712 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3580200 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8402648 2019-12-29] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12102608 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46832 2022-08-13] (Dropbox, Inc -> Dropbox, Inc.)
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [1926600 2019-09-02] (Dolby Laboratories, Inc. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [810928 2021-05-11] (EasyAntiCheat Oy -> Epic Games, Inc)
S4 FBNetFilterInstall; C:\WINDOWS\System32\drivers\FBNetFilterInstall.exe [1149352 2019-03-04] (LENOVO (UNITED STATES) INC. -> Lenovo Group Ltd.)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [359808 2019-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2559704 2021-12-02] (Electronic Arts, Inc. -> Electronic Arts)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 SafeExamBrowser; C:\Program Files\SafeExamBrowser\Service\SafeExamBrowser.Service.exe [402464 2020-12-17] (Eidgenössische Technische Hochschule Zürich -> ETH Zürich)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_f9cd2639d2c9e4c9\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_f9cd2639d2c9e4c9\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [367096 2021-10-09] (Bitdefender SRL -> Bitdefender)
S3 FBNetFilter; C:\WINDOWS\System32\drivers\FBNetFlt.sys [64832 2021-08-26] (LENOVO (UNITED STATES) INC. -> Lenovo Group Ltd.)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 MpKsl94c80fed; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2DDDF656-DC74-4EE6-8C80-7FAE2B21DCC9}\MpKslDrv.sys [141576 2022-08-21] (Microsoft Windows -> Microsoft Corporation)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-06-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-06-24] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-24] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2022-08-21 19:02 - 2022-08-21 19:03 - 000037141 _____ C:\Users\34653\Desktop\FRST.txt
2022-08-21 19:02 - 2022-08-21 19:02 - 000000000 ____D C:\FRST
2022-08-21 18:57 - 2022-08-21 18:57 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2628076097-899198543-139089765-1001
2022-08-21 18:57 - 2022-08-21 18:57 - 000002470 _____ C:\Users\34653\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-08-21 18:52 - 2022-08-21 18:52 - 002371072 _____ (Farbar) C:\Users\34653\Desktop\FRST64.exe
2022-08-21 18:52 - 2022-08-21 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-08-21 18:50 - 2022-08-21 18:50 - 000003856 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2022-08-21 18:50 - 2022-08-21 18:50 - 000003414 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2022-08-13 20:27 - 2022-08-13 20:27 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2022-08-13 20:27 - 2022-08-13 20:27 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2022-08-13 20:27 - 2022-08-13 20:27 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2022-08-13 20:27 - 2022-08-13 20:27 - 000046832 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-08-12 08:41 - 2022-08-12 08:41 - 000002125 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2022-08-12 08:41 - 2022-08-12 08:41 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-08-10 11:19 - 2022-08-21 18:50 - 127139840 _____ C:\WINDOWS\system32\config\SOFTWARE
2022-08-10 11:16 - 2022-08-10 11:19 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2022-08-10 10:26 - 2022-08-10 10:26 - 000015026 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-08-10 10:25 - 2022-08-10 10:25 - 000000000 ___HD C:\$WinREAgent
2022-08-10 10:01 - 2022-08-10 10:01 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-08-10 09:53 - 2022-08-10 09:54 - 000000000 ___HD C:\$SysReset
2022-08-10 09:44 - 2022-08-10 09:44 - 000001202 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Legion Arena.lnk
2022-08-10 08:47 - 2022-08-10 08:47 - 001812483 _____ C:\Users\34653\Desktop\Contrato cv vivenda IVAN MELERO SORIANO v1.pdf
2022-08-09 17:57 - 2022-08-09 17:57 - 003994107 _____ C:\Users\34653\Downloads\MFL35347749_English manual_Konsul.pdf
2022-08-05 02:47 - 2022-08-10 08:57 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-08-05 02:44 - 2022-08-05 02:44 - 000000000 ____D C:\Users\34660\AppData\LocalLow\IGDump
2022-08-04 17:53 - 2022-08-10 08:46 - 000000000 ____D C:\Users\34660\AppData\Roaming\DropboxElectron
2022-08-04 10:21 - 2022-08-04 10:21 - 000002564 _____ C:\Users\34653\Desktop\Hearthstone Deck Tracker.lnk
2022-08-04 10:02 - 2022-08-04 10:02 - 000000000 ____D C:\Users\34653\Desktop\Trojjj
2022-08-04 09:30 - 2022-08-04 09:30 - 000000000 ____D C:\Users\34653\Downloads\Telegram Desktop
2022-08-03 18:39 - 2022-08-21 18:50 - 000012288 ___SH C:\DumpStack.log.tmp
2022-08-03 18:39 - 2022-08-03 18:39 - 001000012 _____ C:\WINDOWS\Minidump\080322-19343-01.dmp
2022-08-03 17:36 - 2022-08-03 17:36 - 002556344 _____ (Malwarebytes) C:\Users\34653\Downloads\MBSetup.exe
2022-08-03 17:36 - 2022-08-03 17:36 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\34653\Downloads\rkill.exe
2022-08-03 17:27 - 2022-08-21 18:57 - 000001345 _____ C:\Users\34653\Desktop\ESET Online Scanner.lnk
2022-08-03 17:27 - 2022-08-03 18:39 - 2421062790 _____ C:\WINDOWS\MEMORY.DMP
2022-08-03 17:27 - 2022-08-03 18:39 - 000000000 ____D C:\WINDOWS\Minidump
2022-08-03 17:27 - 2022-08-03 17:27 - 000981572 _____ C:\WINDOWS\Minidump\080322-13437-01.dmp
2022-08-03 17:25 - 2022-08-10 10:09 - 001084494 _____ C:\WINDOWS\ntbtlog.txt
2022-08-03 16:41 - 2022-08-03 16:41 - 000000248 _____ C:\DelFix.txt
2022-08-03 14:50 - 2022-08-03 14:50 - 000662894 _____ C:\Users\34653\Documents\cc_20220803_145031.reg
2022-08-03 14:43 - 2022-08-03 16:42 - 000000252 _____ C:\WINDOWS\SysWOW64\PARTIZAN.TXT
2022-08-03 12:49 - 2022-08-03 12:49 - 000000000 ____D C:\@RestoreQuarantine
2022-08-03 09:19 - 2022-08-03 16:46 - 000000000 ____D C:\Program Files (x86)\UnHackMe
2022-08-03 09:19 - 2022-08-03 14:55 - 000000000 ____D C:\Users\Public\Documents\RegRunInfo
2022-08-03 09:19 - 2022-08-03 14:55 - 000000000 ____D C:\Users\34653\AppData\Local\UnHackMe
2022-08-03 08:52 - 2022-08-21 18:58 - 000001451 _____ C:\Users\34653\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-08-03 08:52 - 2022-08-03 08:52 - 000000000 ____D C:\Users\34653\AppData\Local\ESET
2022-08-03 08:19 - 2022-08-05 03:53 - 000000000 ____D C:\Users\34653\AppData\Roaming\Telegram Desktop
2022-08-03 08:19 - 2022-08-03 08:19 - 000001097 _____ C:\Users\34653\Desktop\Telegram.lnk
2022-08-03 08:19 - 2022-08-03 08:19 - 000000000 ____D C:\Users\34653\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2022-08-02 11:57 - 2021-02-24 09:35 - 007457240 _____ (Sunplus Innovation Technology Inc.) C:\WINDOWS\system32\SPITDevMft64.dll
2022-08-02 11:03 - 2022-08-02 11:03 - 000000000 ____D C:\Program Files (x86)\Lenovo
2022-07-28 19:51 - 2022-07-28 19:51 - 000327680 _____ C:\WINDOWS\system32\pnpdiag.dll
2022-07-28 19:51 - 2022-07-28 19:51 - 000069632 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-07-28 19:51 - 2022-07-28 19:51 - 000041472 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-07-28 19:50 - 2022-07-28 19:50 - 000335872 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-07-28 19:43 - 2022-08-02 11:57 - 000000000 ____D C:\Dist
2022-07-28 19:43 - 2017-04-04 15:13 - 000088984 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2022-07-28 19:36 - 2022-08-03 08:49 - 000000000 ____D C:\Program Files (x86)\Advanced System Repair Pro 1.9.8.3.0
2022-07-25 16:42 - 2022-08-21 18:58 - 000000000 ____D C:\Users\34653\AppData\Local\CrashDumps
2022-07-25 16:27 - 2022-08-10 09:40 - 000000000 ____D C:\Users\34653\AppData\LocalLow\IGDump
2022-07-25 16:27 - 2022-07-25 16:27 - 000000000 ____D C:\Users\34653\AppData\Local\mbam

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2022-08-21 18:58 - 2021-11-04 16:37 - 001803768 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-08-21 18:58 - 2021-06-05 19:41 - 000807166 _____ C:\WINDOWS\system32\perfh00A.dat
2022-08-21 18:58 - 2021-06-05 19:41 - 000162986 _____ C:\WINDOWS\system32\perfc00A.dat
2022-08-21 18:58 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-08-21 18:58 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-08-21 18:58 - 2021-06-05 14:09 - 000000000 ____D C:\WINDOWS\INF
2022-08-21 18:58 - 2021-02-04 21:13 - 000002072 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-08-21 18:58 - 2020-04-17 17:22 - 000001874 _____ C:\Users\34660\Desktop\Google Drive.lnk
2022-08-21 18:58 - 2019-12-01 12:17 - 000002310 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-08-21 18:58 - 2019-12-01 12:16 - 000000000 ____D C:\Program Files (x86)\Google
2022-08-21 18:57 - 2021-12-16 19:21 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2628076097-899198543-139089765-1001
2022-08-21 18:57 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-08-21 18:56 - 2021-06-05 14:10 - 000000000 ___HD C:\Program Files\WindowsApps
2022-08-21 18:56 - 2020-07-08 08:27 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-08-21 18:56 - 2020-01-30 18:11 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-08-21 18:56 - 2019-12-01 12:52 - 000000000 ____D C:\Program Files\Microsoft Office
2022-08-21 18:52 - 2020-12-21 18:33 - 000000000 ____D C:\Program Files (x86)\Dropbox
2022-08-21 18:52 - 2019-09-02 06:29 - 000000000 ____D C:\ProgramData\NVIDIA
2022-08-21 18:51 - 2020-12-23 08:57 - 000000000 ____D C:\Users\34653\AppData\Local\Dropbox
2022-08-21 18:50 - 2021-11-04 16:39 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-08-21 18:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ServiceState
2022-08-21 18:50 - 2020-12-21 18:33 - 000001022 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2022-08-21 18:50 - 2020-12-21 18:33 - 000001018 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2022-08-21 18:50 - 2019-09-02 06:30 - 000000134 _____ C:\WINDOWS\system32\regtest.txt
2022-08-12 09:21 - 2021-06-05 14:01 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2022-08-12 08:28 - 2021-11-04 16:39 - 000004082 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2022-08-12 08:28 - 2021-11-04 16:39 - 000003850 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2022-08-11 13:09 - 2020-11-09 17:52 - 000000000 ____D C:\Users\34653\AppData\Roaming\HearthstoneDeckTracker
2022-08-11 13:09 - 2020-02-07 20:25 - 000000000 ____D C:\Users\34653\AppData\Local\Battle.net
2022-08-10 14:05 - 2021-11-04 16:31 - 000587688 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-08-10 14:04 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemResources
2022-08-10 14:04 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-08-10 14:04 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-08-10 12:54 - 2019-12-29 17:19 - 000000000 ____D C:\Users\34653\AppData\Local\D3DSCache
2022-08-10 10:31 - 2019-12-04 13:10 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-08-10 10:27 - 2021-06-05 14:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-08-10 10:27 - 2019-12-04 13:10 - 144534560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-08-10 10:26 - 2021-11-04 16:32 - 003103744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-08-10 10:24 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-08-10 10:10 - 2021-11-04 16:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-08-10 09:51 - 2019-12-29 17:20 - 000000000 ____D C:\Program Files\Epic Games
2022-08-10 09:50 - 2021-06-05 14:10 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-08-10 09:48 - 2020-06-18 12:12 - 000000000 ____D C:\Program Files (x86)\Auropro4
2022-08-10 09:48 - 2019-12-04 10:20 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2022-08-10 09:48 - 2019-12-04 10:20 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2022-08-10 09:44 - 2021-06-03 10:06 - 000000000 ____D C:\WINDOWS\TempInst
2022-08-10 08:57 - 2022-02-22 13:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-08-10 08:51 - 2022-02-22 13:13 - 000000000 ____D C:\Users\34660\AppData\LocalLow\Mozilla
2022-08-10 08:46 - 2020-12-21 18:33 - 000000000 ____D C:\Users\34660\AppData\Local\Dropbox
2022-08-09 17:15 - 2021-08-26 16:16 - 000000988 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2022-08-09 17:15 - 2020-11-09 17:55 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2022-08-09 17:13 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-08-08 09:53 - 2022-02-22 13:13 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-08-08 09:53 - 2022-02-22 13:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-08-08 00:40 - 2019-12-29 19:25 - 000000000 ____D C:\Users\34660\AppData\Local\CrashDumps
2022-08-05 03:56 - 2020-11-26 11:18 - 000000000 ____D C:\Users\34653\AppData\Local\cache
2022-08-05 02:43 - 2019-12-01 12:41 - 000000000 ____D C:\Users\34660\AppData\Local\D3DSCache
2022-08-04 10:21 - 2020-11-09 17:52 - 000000000 ____D C:\Users\34653\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthSim
2022-08-04 10:21 - 2020-11-09 17:52 - 000000000 ____D C:\Users\34653\AppData\Local\SquirrelTemp
2022-08-04 10:21 - 2020-11-09 17:52 - 000000000 ____D C:\Users\34653\AppData\Local\HearthstoneDeckTracker
2022-08-04 10:00 - 2019-12-01 11:00 - 000000000 ____D C:\Users\34653\AppData\Local\PlaceholderTileLogoFolder
2022-08-04 09:55 - 2019-12-01 10:58 - 000000000 ____D C:\Users\34653\AppData\Local\Packages
2022-08-03 08:15 - 2020-09-14 10:51 - 000000000 ____D C:\Users\34653\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
2022-07-29 18:49 - 2019-12-01 13:11 - 000000000 ____D C:\Program Files\Google
2022-07-28 20:30 - 2021-06-05 14:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-07-28 20:30 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-07-28 20:30 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-07-28 20:30 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-07-28 20:30 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2022-07-28 20:30 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-07-28 20:30 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-07-28 20:30 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-07-28 20:30 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-07-28 20:30 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\Provisioning
2022-07-28 19:33 - 2019-12-01 12:14 - 000000000 ____D C:\Program Files\WinRAR
2022-07-28 09:47 - 2022-07-19 18:23 - 000002470 _____ C:\Users\34660\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-07-28 09:47 - 2021-12-20 10:26 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2628076097-899198543-139089765-1002
2022-07-28 09:47 - 2021-11-04 16:39 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2628076097-899198543-139089765-1002
2022-07-27 17:21 - 2019-12-01 12:28 - 000000000 ____D C:\ProgramData\FLEXnet
2022-07-27 17:20 - 2021-11-04 15:05 - 000000000 ____D C:\Users\34660
2022-07-27 11:50 - 2021-11-04 16:39 - 000003708 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-07-27 11:50 - 2021-11-04 15:05 - 000000000 ____D C:\Users\34653
2022-07-26 19:54 - 2021-11-04 15:05 - 000000000 ____D C:\Users\ESCANER
2022-07-26 19:54 - 2020-12-21 18:35 - 000000000 ___RD C:\Users\34660\Dropbox
2022-07-26 19:54 - 2020-02-07 20:25 - 000000000 ____D C:\Users\34653\AppData\Roaming\Battle.net
2022-07-26 19:19 - 2022-03-25 13:12 - 000000000 ____D C:\Users\34653\AppData\Local\Mozilla
2022-07-26 19:19 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\registration
2022-07-26 12:44 - 2021-11-04 13:29 - 000000000 ___DC C:\WINDOWS\Panther
2022-07-26 12:39 - 2021-04-06 09:45 - 000000000 ____D C:\Users\34653\Desktop\casita
2022-07-25 10:19 - 2021-03-07 18:46 - 000000000 ____D C:\Users\34653\AppData\Roaming\Lavasoft
2022-07-25 10:19 - 2021-03-07 18:46 - 000000000 ____D C:\Users\34653\AppData\Local\Lavasoft
2022-07-25 10:19 - 2021-03-07 18:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2022-07-25 10:19 - 2021-03-07 18:45 - 000000000 ____D C:\ProgramData\Lavasoft
2022-07-25 10:19 - 2021-03-07 18:45 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2022-07-25 08:30 - 2020-12-16 20:18 - 000168144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2022-07-25 08:30 - 2020-12-16 20:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-07-25 08:30 - 2020-12-16 20:17 - 000000000 ____D C:\Program Files (x86)\Java

==================== Archivos en la raíz de algunos directorios ========

2020-02-12 10:07 - 2020-02-12 10:07 - 000000000 _____ () C:\Users\34653\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

y ahora el Addition:

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 15-08-2022
Ejecutado por IVAN (21-08-2022 19:03:46)
Ejecutado desde C:\Users\34653\Desktop
Microsoft Windows 11 Home Versión 21H2 22000.856 (X64) (2021-11-04 14:40:10)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================


(Si una entrada es incluida en el fixlist, será eliminada.)

Administrador (S-1-5-21-2628076097-899198543-139089765-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2628076097-899198543-139089765-503 - Limited - Disabled)
ESCANER (S-1-5-21-2628076097-899198543-139089765-1003 - Limited - Enabled) => C:\Users\ESCANER
Invitado (S-1-5-21-2628076097-899198543-139089765-501 - Limited - Disabled)
IVAN (S-1-5-21-2628076097-899198543-139089765-1001 - Administrator - Enabled) => C:\Users\34653
PATRI (S-1-5-21-2628076097-899198543-139089765-1002 - Administrator - Enabled) => C:\Users\34660
WDAGUtilityAccount (S-1-5-21-2628076097-899198543-139089765-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 22.002.20191 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.7.0.35 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AutoCAD 2018 - Español (Spanish) (HKLM\...\{28B89EEF-1001-040A-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Autodesk AutoCAD 2018 - Español (Spanish) (HKLM\...\AutoCAD 2018 - Español (Spanish)) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD 2018.1.1 (HKLM-x32\...\{b501e2dd-1001-0000-0102-2d66c6a91544}) (Version: 22.0.154.0 - Autodesk)
Autodesk Genuine Service (HKLM-x32\...\{317D67F2-9027-4E85-9ED1-ADF4D765AE02}) (Version: 3.0.11 - Autodesk)
AutoFirma (HKLM\...\AutoFirma) (Version: 1.7.2 - Gobierno de España)
Backup and Sync from Google (HKLM\...\{696895F7-52C7-4C9E-998B-C7E0CC907092}) (Version: 3.57.4256.0809 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
CE3X v2.3 (HKLM-x32\...\{7139BD7B-FC0B-435F-8E79-63D7CCDA2BA8}_is1) (Version:  - Certificacion Energetica SL)
Comprobación de estado de PC Windows (HKLM\...\{75741B4B-FC87-494A-A380-0EBA06DB89F9}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Dropbox (HKLM-x32\...\Dropbox) (Version: 155.4.5493 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.639.1 - Dropbox, Inc.) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FirmaDipualba (HKLM-x32\...\FirmaDipualba ) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 104.0.5112.82 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 62.0.1.0 - Google LLC)
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
GoToMeeting 10.19.0.19950 (HKU\S-1-5-21-2628076097-899198543-139089765-1002\...\GoToMeeting) (Version: 10.19.0.19950 - LogMeIn, Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hearthstone Deck Tracker (HKU\S-1-5-21-2628076097-899198543-139089765-1001\...\HearthstoneDeckTracker) (Version: 1.18.12 - HearthSim)
Intel(R) Chipset Device Software (HKLM\...\{19D17223-0F9C-4155-8057-AA6F49A26E69}) (Version: 10.1.17861.8101 - Intel Corporation) Hidden
Java 8 Update 341 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180341F0}) (Version: 8.0.3410.10 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Legion Arena (HKLM-x32\...\Legion Arena_is1) (Version: 1.3.1.1 - Lenovo Group Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 104.0.1293.63 - Microsoft Corporation)
Microsoft Office Profesional Plus 2016 - es-es (HKLM\...\ProPlusRetail - es-es) (Version: 16.0.15427.20210 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.12130.20410 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2628076097-899198543-139089765-1001\...\OneDriveSetup.exe) (Version: 22.151.0717.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2628076097-899198543-139089765-1002\...\OneDriveSetup.exe) (Version: 22.141.0703.0002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2628076097-899198543-139089765-1003\...\OneDriveSetup.exe) (Version: 18.143.0717.0002 - Microsoft Corporation)
Microsoft Project - es-es (HKLM\...\ProjectProRetail - es-es) (Version: 16.0.15427.20210 - Microsoft Corporation)
Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.12130.20410 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{52EBC484-44A1-4DC5-824A-0A503735ABD8}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2628076097-899198543-139089765-1002\...\Teams) (Version: 1.4.00.32771 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation)
Microsoft Visio - es-es (HKLM\...\VisioProRetail - es-es) (Version: 16.0.15427.20210 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.12130.20410 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.26.28720 (HKLM-x32\...\{7d607fb4-7e28-4c7a-a92f-3fcdaf555faf}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 x86 Additional Runtime - 14.13.26020 (HKLM-x32\...\{895D5198-C5DB-375E-86AB-133F4DAA9FE2}) (Version: 14.13.26020 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.13.26020 (HKLM-x32\...\{8F271F6C-6E7B-3D0A-951B-6E7B694D78BD}) (Version: 14.13.26020 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.26.28720 (HKLM\...\{CB4A0FDE-1126-4AE2-97C6-A243692C3D95}) (Version: 14.26.28720 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.26.28720 (HKLM\...\{DD1EC0FD-3F0A-4740-A05E-1DCD14A6B0D1}) (Version: 14.26.28720 - Microsoft Corporation) Hidden
Minimal ADB and Fastboot version 1.4.3 (HKLM-x32\...\{B561660D-8B3C-491D-9E3E-293F14FCAADA}_is1) (Version: 1.4.3 - Samuel Rodberg)
Mozilla Firefox (x64 es-ES) (HKLM\...\Mozilla Firefox 103.0.1 (x64 es-ES)) (Version: 103.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 97.0.1 - Mozilla)
NVIDIA Controlador de audio HD 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 466.47 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 466.47 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.17.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.17.0.126 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15427.20178 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15427.20148 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.15427.20178 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.107.49426 - Electronic Arts, Inc.)
PDFCreator (HKLM\...\{4EDD2692-1836-4670-A332-C6B76627D5E5}) (Version: 4.3.0 - pdfforge GmbH)
Presto 2020.01 (HKLM-x32\...\{60BBA2FB-C2BA-46A0-A22F-53D9F7D73CF8}) (Version: 20.01 - RIB Spain)
Presto 8.8 (HKLM-x32\...\{099EA4F2-0BE8-443B-B6EE-2B8FDF035DC0}) (Version:  - )
Safe Exam Browser (HKLM-x32\...\{f563926a-aa7d-401d-bf79-916977e43175}) (Version: 3.1.1.250 - ETH Zürich)
Safe Exam Browser (x64) (HKLM\...\{073C0197-FAED-4FA7-9D70-980024CE7438}) (Version: 3.1.1.250 - ETH Zürich) Hidden
Skype versión 8.67 (HKLM-x32\...\Skype_is1) (Version: 8.67 - Skype Technologies S.A.)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{fcfc894b-0d54-4d39-826f-dcb39ce5dde7}) (Version: 10.1.17861.8101 - Intel(R) Corporation)
Telegram Desktop (HKU\S-1-5-21-2628076097-899198543-139089765-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.0.2 - Telegram FZ-LLC)
Telegram Web (HKU\S-1-5-21-2628076097-899198543-139089765-1001\...\b6476f1d0a6820c61aca5fb84bdbad84) (Version: 1.0 - Google\Chrome)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - Blizzard Entertainment)
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 104.0.1293.54 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-2628076097-899198543-139089765-1002\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)

Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2022-07-26] (Adobe Systems Incorporated)
Adobe Acrobat DC -> C:\Program Files (x86)\Adobe\Acrobat DC [2022-08-12] (0)
Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-08-04] (Microsoft Corporation)
Dolby Atmos for Gaming -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAtmosforGaming_3.20500.501.0_x64__rz1tebttyb220 [2022-07-26] (Dolby Laboratories)
Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2022-08-21] (0)
Extensión de vídeo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-07-26] (Microsoft Corporation)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2022-07-26] (INTEL CORP)
KONICA MINOLTA Print Experience -> C:\Program Files\WindowsApps\KONICAMINOLTAINC.KONICAMINOLTAPrintExperience_2.0.0.3_neutral__s63fsn2sety0r [2022-07-26] (KONICA MINOLTA INC)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.54.0_x64__5grkq8ppsgwt4 [2022-07-28] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2207.2.0_x64__k1h2ywk1493x8 [2022-08-04] (LENOVO INC.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2022-07-26] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-07-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-07-26] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7180.0_x64__8wekyb3d8bbwe [2022-08-01] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-07-26] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.10.216.0_x64__dt26b99r8h8gj [2022-07-26] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0 [2022-08-08] (Spotify AB) [Startup Task]

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-2628076097-899198543-139089765-1001_Classes\CLSID\{2B663ECE-5770-491c-A474-F98603C40681}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-2628076097-899198543-139089765-1001_Classes\CLSID\{2B93DB32-8D98-4438-93B5-5C2CC3441999}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-2628076097-899198543-139089765-1001_Classes\CLSID\{74562BED-63D6-4234-A386-937DB6FA38AE}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-2628076097-899198543-139089765-1001_Classes\CLSID\{7C90F737-950A-49eb-B6C1-EE1744C75E97}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-2628076097-899198543-139089765-1001_Classes\CLSID\{868D9612-74A1-405b-9758-369138103193}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-2628076097-899198543-139089765-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2628076097-899198543-139089765-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2628076097-899198543-139089765-1001_Classes\CLSID\{BB9F1D04-94AB-40b7-ABAE-33D2637F6340}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-2628076097-899198543-139089765-1001_Classes\CLSID\{CC3BE603-926A-40ae-9570-4258474F0364}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-2628076097-899198543-139089765-1001_Classes\CLSID\{DD0B2199-F2FD-41eb-B744-B06B100B9A43}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-2628076097-899198543-139089765-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2018\es-ES\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2628076097-899198543-139089765-1001_Classes\CLSID\{F5756047-E218-465a-AC4C-FD04238C4896}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-2628076097-899198543-139089765-1001_Classes\CLSID\{F9748CB6-1CCB-4557-905E-8D42C83AAEB6}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-2628076097-899198543-139089765-1001_Classes\CLSID\{FC072C1A-25CB-49e7-8F79-F2A8B8C3289D}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\62.0.1.0\drivefsext.dll [2022-07-28] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\62.0.1.0\drivefsext.dll [2022-07-28] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\62.0.1.0\drivefsext.dll [2022-07-28] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\62.0.1.0\drivefsext.dll [2022-07-28] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2022-08-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\62.0.1.0\drivefsext.dll [2022-07-28] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2020-11-12] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\62.0.1.0\drivefsext.dll [2022-07-28] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\62.0.1.0\drivefsext.dll [2022-07-28] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_f9cd2639d2c9e4c9\nvshext.dll [2021-05-13] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2022-08-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\34653\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Fotocasa.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=ggjoifnbhpidaebcgpibnefdfieanjka
ShortcutWithArgument: C:\Users\34653\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Telegram Web.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=aeejceomnhmjmeacdckmmopfaigimnkl

==================== Módulos cargados (Lista blanca) =============

2021-09-09 07:16 - 2021-09-09 07:16 - 000021504 _____ (Adobe Systems Inc.) [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\es_es\Acrobat Elements\ContextMenuShim64.esp
2017-03-02 15:19 - 2017-03-02 15:19 - 000310272 ____N (easyhook.codeplex.com) [Archivo no firmado] C:\Program Files\Common Files\Dolby\DAX3\RADARHOST\EasyHook64.dll
2020-05-12 19:55 - 2020-05-12 19:55 - 000116736 _____ (pdfforge GmbH) [Archivo no firmado] C:\WINDOWS\System32\pdfcmon.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [466]

==================== Modo Seguro (Lista blanca) ==================

==================== Asociación (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado.)

HKU\S-1-5-21-2628076097-899198543-139089765-1001\Software\Classes\.scr: AutoCADScriptFile => 

==================== Internet Explorer (Lista blanca) ==========

HKU\S-1-5-21-2628076097-899198543-139089765-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-2628076097-899198543-139089765-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-2628076097-899198543-139089765-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
HKU\S-1-5-21-2628076097-899198543-139089765-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-2628076097-899198543-139089765-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-2628076097-899198543-139089765-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
HKU\S-1-5-21-2628076097-899198543-139089765-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-2628076097-899198543-139089765-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-2628076097-899198543-139089765-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-12-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-12-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\ssv.dll [2022-07-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-12-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\jp2ssv.dll [2022-07-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-12-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-12-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-12-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2628076097-899198543-139089765-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2628076097-899198543-139089765-1002\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2628076097-899198543-139089765-1002\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2018-09-15 09:31 - 2018-09-15 09:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Common Files\Autodesk Shared\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\AutoFirma\AutoFirma
HKU\S-1-5-21-2628076097-899198543-139089765-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
HKU\S-1-5-21-2628076097-899198543-139089765-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
HKU\S-1-5-21-2628076097-899198543-139089765-1003\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Firewall de Windows está deshabilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [UDP Query User{90CB83B4-ACF9-4193-BA63-96969DA5AB3F}C:\program files\presto 2020.01\x64\presto.exe] => (Allow) C:\program files\presto 2020.01\x64\presto.exe (RIB Spain S.A. -> )
FirewallRules: [TCP Query User{A298D4E3-281A-41BF-9A95-EA48268B9ED4}C:\program files\presto 2020.01\x64\presto.exe] => (Allow) C:\program files\presto 2020.01\x64\presto.exe (RIB Spain S.A. -> )
FirewallRules: [{DAD56BCA-9787-490B-83DA-8DBA5F210FDB}] => (Allow) C:\Users\34660\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{FCA062A7-CC13-4CC6-9016-A7F1BAA058FC}C:\users\34660\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\34660\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{AFE3CEB8-C6BD-4561-AE87-F4F12B76926F}C:\users\34660\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\34660\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FFA94859-414F-4C0C-9D93-7780A1BE8FF8}] => (Allow) C:\Users\34660\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe => Ningún archivo
FirewallRules: [{F2E2912E-E92E-4843-9703-2CB805EA3B1C}] => (Allow) C:\Users\34660\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe => Ningún archivo
FirewallRules: [TCP Query User{9252A358-DDD3-4601-AC04-A01002C0367B}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Block) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [UDP Query User{BE2D2846-DE1C-46BE-8FC6-F6CD805DBE19}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Block) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [TCP Query User{2232AB31-C0B9-4D8D-987F-FE9C304C266C}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{49F1C181-441C-4E83-924C-53F3E00CDACA}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [{CF806E1D-D1C2-40A0-A2E4-8A492986EFF5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7F7547B7-D900-44D3-9EBB-3FADF9C05B6E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C626369E-A6D4-4C87-B610-07CCC914972E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E027B894-283B-4817-AD4C-0823CB9918FD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5B7D54AB-3E6E-4355-83BF-9B7750BBD2DF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0806FB6C-BA36-41E2-9A43-F80EBA34251B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F3AC8ADE-7587-4C49-B7A5-BAE4B7755EDB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{33A6E874-A575-42B7-816B-D29AE143032E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9DCBC444-639D-491C-9A55-0E7D453CFD6F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2EB6F116-9D03-40B7-98D6-2317D62AEC1F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BFA0AA5F-8493-4D34-A0A9-96815CE46BB5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C0BB144C-C4DA-41CE-B19A-6E45B03148DD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B1E18039-E32E-4D1E-8111-02C3630F18E6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F9A34F23-5D28-42D7-BC9B-1A53FEAA4363}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22183.300.1431.9295_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{90FEF7D8-7149-4BF4-A68F-0A15EFE7E1E1}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22183.300.1431.9295_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1CA9F8CC-427F-4793-A3F8-63029731ACDE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7088A32E-61F0-4960-8EDE-152F93230278}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{11BBFCCC-8809-4E12-8C0F-D5FB6E09B483}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{13DA27B5-3A4E-49D7-A75A-ECDF60C6475F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D2D330E5-DE06-401E-9392-E18BBA54EDA3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5607C802-9C54-40DD-ABD8-676918E3F4E4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AB9C215F-2A97-46AB-AEBB-941E05F8861F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FEE171CB-7CC0-4EC7-80A5-F8002FD5C100}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FE6823E2-4E10-4252-B88A-2B28DA8ED67F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\104.0.1293.47\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6ED236BE-629A-48DC-9A4C-1F4B561D6948}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{A4731C95-7111-4305-8AF5-F0C372766518}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\104.0.1293.54\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2112BA37-DC88-4ECE-AD1F-A92893DC76C3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Puntos de Restauración =========================

10-08-2022 10:24:33 Instalador de Módulos de Windows
10-08-2022 10:25:23 Instalador de Módulos de Windows

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (08/21/2022 06:58:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: ESETOnlineScanner.exe, versión: 10.23.31.0, marca de tiempo: 0x61e82da2
Nombre del módulo con errores: WININET.dll, versión: 11.0.22000.282, marca de tiempo: 0x309ee390
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x002f1867
Identificador del proceso con errores: 0x3f68
Hora de inicio de la aplicación con errores: 0x01d8b57f34264f03
Ruta de acceso de la aplicación con errores: C:\Users\34653\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\WININET.dll
Identificador del informe: a0b784eb-fb29-4e7e-ade5-0b0161091306
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (08/21/2022 06:52:04 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) No puede encontrar el objeto o propiedad

Error: (08/21/2022 06:52:04 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) No puede encontrar el objeto o propiedad

Error: (08/11/2022 01:09:06 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (08/11/2022 01:09:06 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (08/11/2022 01:09:06 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (08/11/2022 01:09:06 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (08/10/2022 02:04:57 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]


Errores del sistema:
=============
Error: (08/21/2022 06:51:10 PM) (Source: DCOM) (EventID: 10000) (User: LAPTOP-FIHAUTJ7)
Description: No se puede iniciar un servidor DCOM: {23A5B06E-20BB-4E7E-A0AC-6982ED6A6041}. Error 
"2147942593"
al iniciar este comando:
C:\Users\34653\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk -Embedding

Error: (08/21/2022 06:50:58 PM) (Source: DCOM) (EventID: 10000) (User: LAPTOP-FIHAUTJ7)
Description: No se puede iniciar un servidor DCOM: {23A5B06E-20BB-4E7E-A0AC-6982ED6A6041}. Error 
"2147942593"
al iniciar este comando:
C:\Users\34653\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk -Embedding

Error: (08/10/2022 10:09:51 AM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-FIHAUTJ7)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (08/10/2022 10:09:48 AM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-FIHAUTJ7)
Description: Error de DCOM "1084" al intentar iniciar el servicio UdkUserSvc_2f3ad con argumentos "No disponible" para ejecutar el servidor:
WindowsUdk.UI.Shell.ViewCoordinator

Error: (08/10/2022 10:09:48 AM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-FIHAUTJ7)
Description: Error de DCOM "1084" al intentar iniciar el servicio camsvc con argumentos "No disponible" para ejecutar el servidor:
Windows.Internal.CapabilityAccess.CapabilityAccess

Error: (08/10/2022 10:09:48 AM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-FIHAUTJ7)
Description: Error de DCOM "1084" al intentar iniciar el servicio TokenBroker con argumentos "No disponible" para ejecutar el servidor:
Windows.Internal.Security.Authentication.Web.TokenBrokerInternal

Error: (08/10/2022 10:09:48 AM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-FIHAUTJ7)
Description: Error de DCOM "1084" al intentar iniciar el servicio TokenBroker con argumentos "No disponible" para ejecutar el servidor:
Windows.Internal.Security.Authentication.Web.WamProviderRegistration

Error: (08/10/2022 10:09:48 AM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-FIHAUTJ7)
Description: Error de DCOM "1084" al intentar iniciar el servicio camsvc con argumentos "No disponible" para ejecutar el servidor:
Windows.Internal.CapabilityAccess.CapabilityAccess


Windows Defender:
================
Date: 2022-08-21 19:01:22
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Behavior:Win32/NotepadInject.SA&threatid=2147815654&enterprise=0
Nombre: Behavior:Win32/NotepadInject.SA
Id.: 2147815654
Gravedad: Grave
Categoría: Comportamiento sospechoso
Ruta de acceso: behavior:_pid:17456:528538009967648; process:_pid:17456,ProcessStart:133055748826225925
Origen de detección: Desconocido
Tipo de detección: Concreto
Origen de detección: Desconocido
Usuario: 
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.373.740.0, AS: 1.373.740.0, NIS: 1.373.740.0
Versión de motor: AM: 1.1.19500.2, NIS: 1.1.19500.2

Date: 2022-08-12 09:08:21
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {1163DC13-985A-4FA3-A409-06476D000983}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2022-08-12 09:04:51
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Behavior:Win32/NotepadInject.SA&threatid=2147815654&enterprise=0
Nombre: Behavior:Win32/NotepadInject.SA
Id.: 2147815654
Gravedad: Grave
Categoría: Comportamiento sospechoso
Ruta de acceso: behavior:_pid:14408:528538009967648; process:_pid:14408,ProcessStart:133047614906333222
Origen de detección: Desconocido
Tipo de detección: Concreto
Origen de detección: Desconocido
Usuario: 
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.373.188.0, AS: 1.373.188.0, NIS: 1.373.188.0
Versión de motor: AM: 1.1.19500.2, NIS: 1.1.19500.2

Date: 2022-08-12 08:55:00
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Behavior:Win32/NotepadInject.SA&threatid=2147815654&enterprise=0
Nombre: Behavior:Win32/NotepadInject.SA
Id.: 2147815654
Gravedad: Grave
Categoría: Comportamiento sospechoso
Ruta de acceso: behavior:_pid:1160:528538009967648; process:_pid:1160,ProcessStart:133047608997894231
Origen de detección: Desconocido
Tipo de detección: Concreto
Origen de detección: Desconocido
Usuario: 
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.373.188.0, AS: 1.373.188.0, NIS: 1.373.188.0
Versión de motor: AM: 1.1.19500.2, NIS: 1.1.19500.2

Date: 2022-08-12 08:54:07
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Behavior:Win32/NotepadInject.SA&threatid=2147815654&enterprise=0
Nombre: Behavior:Win32/NotepadInject.SA
Id.: 2147815654
Gravedad: Grave
Categoría: Comportamiento sospechoso
Ruta de acceso: behavior:_pid:17164:528538009967648; process:_pid:17164,ProcessStart:133047608465834832
Origen de detección: Desconocido
Tipo de detección: Concreto
Origen de detección: Desconocido
Usuario: 
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.373.188.0, AS: 1.373.188.0, NIS: 1.373.188.0
Versión de motor: AM: 1.1.19500.2, NIS: 1.1.19500.2
Event[0]

Date: 2022-08-21 18:50:36
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.373.188.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.19500.2
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2022-08-21 18:50:36
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.373.188.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.19500.2
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2022-08-21 18:50:36
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.373.188.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.19500.2
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2022-08-21 18:50:36
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.373.188.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.19500.2
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2022-08-21 18:50:36
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.373.188.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.19500.2
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

CodeIntegrity:
===============
Date: 2022-08-21 18:50:37
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-08-05 07:43:10
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Información de la memoria =========================== 

BIOS: LENOVO BHCN42WW 05/21/2021
Placa base: LENOVO LNVNB161216
Procesador: Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz
Porcentaje de memoria en uso: 33%
RAM física total: 16303.24 MB
RAM física disponible: 10885.38 MB
Virtual total: 18735.24 MB
Virtual disponible: 10624.24 MB

==================== Unidades ================================

Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:271.43 GB) (Model: Micron MTFDHBA512TCK) NTFS

\\?\Volume{4f7bb271-2cf0-4a50-9606-0a32bee72d1c}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.49 GB) NTFS
\\?\Volume{b91515b7-1785-4378-9393-841b2f8e4277}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 8EFAA34C)

Partition: GPT.

==================== Final de Addition.txt =======================

Lo único raro que me ha pasado es que al ejecutar FRST64 me ha salido un mensaje de fallo de actualización del mismo programa. Muchas gracias.

Hola buenas @Soyban

Sí. Todo correcto.

OK.

Por cierto, veo que tienes varios tipos de malwares en tu máquina. Así que la advertencia que te sale, te confirmo que la máquina sí que está infectada. Algunos de estos malwares estan vivos y otros quedan rastros o en partes del sistema.

PREGUNTAS

Reconoces haber instalado estos programas en tu sistema. Dime línea a línea (programa por programa):

Minimal ADB and Fastboot version 1.4.3 (HKLM-x32\...\{B561660D-8B3C-491D-9E3E-293F14FCAADA}_is1) (Version: 1.4.3 - Samuel Rodberg)
Presto 2020.01 (HKLM-x32\...\{60BBA2FB-C2BA-46A0-A22F-53D9F7D73CF8}) (Version: 20.01 - RIB Spain)
Presto 8.8 (HKLM-x32\...\{099EA4F2-0BE8-443B-B6EE-2B8FDF035DC0}) (Version:  - )
Safe Exam Browser (HKLM-x32\...\{f563926a-aa7d-401d-bf79-916977e43175}) (Version: 3.1.1.250 - ETH Zürich)
Safe Exam Browser (x64) (HKLM\...\{073C0197-FAED-4FA7-9D70-980024CE7438}) (Version: 3.1.1.250 - ETH Zürich) Hidden
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
Dolby Atmos for Gaming -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAtmosforGaming_3.20500.501.0_x64__rz1tebttyb220 [2022-07-26] (Dolby Laboratories)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)

Reconoces haber instalado esta extensión en CHROME:

CHR Extension: (TUK Player) - C:\Users\34653\AppData\Local\Google\Chrome\User Data\Default\Extensions\maagmnodfdojabjbjhkbnbheenakpheo [2021-04-28]

Dime si has utilizado o instalado estos programas de “seguridad/exterminio”:

ESET Online Scanner
Bitdefender
Rkill
UnHackMe

DESINSTALACIÓN

Para los programas en que te diga: los quitas. Hazlo así:

Desinstalalos con Revo Uninstaller en su Modo Avanzado. Para ello sigues su manual la parte de desinstalación de programas.

Quitas el programa que encuentre Revo con el nombre: UnHackMe o algo parecido (Greatis Software LLC o Greais Software) o parecidos. En caso de no encontrarlo con el Revo, pues sigues con los siguientes pasos.

También eliminarás los siguientes programas con sus herramientas específicas de desinstalación. Estos son:

Bitdefender

Para ello utilizas la siguiente guía: Herramientas de desinstalación de Antivirus, AntiSpyware y Firewall más cocnretamente el siguiente apartado: Herramientas de desinstalación de Antivirus, AntiSpyware y Firewall (Pasos a seguir para una correcta desinstalación y/o limpieza de rastros).

Descargas la herramienta específica que es: https://www.bitdefender.com/files/KnowledgeBase/file/BitDefender_Uninstall_Tool_x64.exe (Descarga de BitDefender Uninstall Tool 64 bits).

Ahora debes de hacer una COPIA DE SEGURIDAD DEL REGISTRO, para ello:

• Reinicias el ordenador en Modo Normal.

• Descargas DelFix en tu escritorio.

• Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)

• Marcas solamente la casilla de Create registry backup, el resto te aseguras de que no estén seleccionadas.

• Presionas en Run.

Se abrirá el informe (DelFix.txt), puedes cerrarlo. Pero lo guardas por si en el futuro te lo pido/hace falta.

Seguidamente, CIERRAS TODOS LOS PROGRAMAS, vas a Inicio >> Ejecutar y escribes Notepad.exe

• Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Folder: C:\Users\34653\Desktop\Trojjj
Folder: C:\testintel3
Folder: C:\@RestoreQuarantine
Folder: C:\Dist
Folder: C:\Users\34660
Folder: C:\Users\34653
Folder: C:\Program Files (x86)\Auropro4
Folder: C:\Program Files (x86)\Advanced System Repair Pro 1.9.8.3.0
File: C:\WINDOWS\system32\SPITDevMft64.dll;C:\WINDOWS\system32\pnpdiag.dll;C:\testintel3\autoit.exe;C:\Windows\System32\dolbyaposvc\DAX3API.exe;C:\Program Files\Common Files\Dolby\DAX3\RADARHOST\DSRHost.exe;C:\Program Files\SafeExamBrowser\Service\SafeExamBrowser.Service.exe
VirusTotal: C:\WINDOWS\system32\SPITDevMft64.dll;C:\WINDOWS\system32\pnpdiag.dll;C:\testintel3\autoit.exe;C:\Windows\System32\dolbyaposvc\DAX3API.exe;C:\Program Files\Common Files\Dolby\DAX3\RADARHOST\DSRHost.exe;C:\Program Files\SafeExamBrowser\Service\SafeExamBrowser.Service.exe

HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2628076097-899198543-139089765-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\34653\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (Ningún archivo)
HKU\S-1-5-21-2628076097-899198543-139089765-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\34653\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Ningún archivo)
HKU\S-1-5-21-2628076097-899198543-139089765-1001\...\RunOnce: [Uninstall 22.141.0703.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\34653\AppData\Local\Microsoft\OneDrive\22.141.0703.0002" (Ningún archivo)
HKU\S-1-5-21-2628076097-899198543-139089765-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-2628076097-899198543-139089765-1002\...\Run: [GoogleDriveFS] => "C:\Program Files\Google\Drive File Stream\60.0.2.0\GoogleDriveFS.exe" --startup_mode (Ningún archivo)
HKU\S-1-5-21-2628076097-899198543-139089765-1002\...\Policies\Explorer: [] 
Startup: C:\Users\34653\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\4f34d6c6.lnk [2022-04-07]
ShortcutTarget: 4f34d6c6.lnk -> C:\testintel3\autoit.exe (AutoIt Consulting Ltd -> AutoIt Team)
Startup: C:\Users\34660\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GenuineService.lnk [2019-12-04]
ShortcutTarget: GenuineService.lnk -> C:\Users\34653\Autodesk\Genuine Service\GenuineService.exe (Ningún archivo)
BootExecute: autocheck autochk * 씂⼧刀耀郜甀ᡈ甁
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (Ningún archivo)
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
FF HKU\S-1-5-21-2628076097-899198543-139089765-1001\...\Firefox\Extensions: [[email protected]] - C:\Users\34653\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => no encontrado
FF Plugin HKU\S-1-5-21-2628076097-899198543-139089765-1001: @acestream.net/acestreamplugin,version=3.1.32 -> C:\Users\34653\AppData\Roaming\ACEStream\player\npace_plugin.dll [Ningún archivo]
CHR Notifications: Default -> hxxps://web.telegram.org; hxxps://www.cam4.es; hxxps://www.reddit.com
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [367096 2021-10-09] (Bitdefender SRL -> Bitdefender)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
2022-08-10 10:25 - 2022-08-10 10:25 - 000000000 ___HD C:\$WinREAgent
2022-08-03 18:39 - 2022-08-21 18:50 - 000012288 ___SH C:\DumpStack.log.tmp
2022-08-03 18:39 - 2022-08-03 18:39 - 001000012 _____ C:\WINDOWS\Minidump\080322-19343-01.dmp
2022-08-03 17:27 - 2022-08-03 18:39 - 2421062790 _____ C:\WINDOWS\MEMORY.DMP
2022-08-03 17:27 - 2022-08-03 17:27 - 000981572 _____ C:\WINDOWS\Minidump\080322-13437-01.dmp
2022-08-03 09:19 - 2022-08-03 16:46 - 000000000 ____D C:\Program Files (x86)\UnHackMe
2022-08-03 09:19 - 2022-08-03 14:55 - 000000000 ____D C:\Users\Public\Documents\RegRunInfo
2022-08-03 09:19 - 2022-08-03 14:55 - 000000000 ____D C:\Users\34653\AppData\Local\UnHackMe
2022-07-28 19:36 - 2022-08-03 08:49 - 000000000 ____D C:\Program Files (x86)\Advanced System Repair Pro 1.9.8.3.0
2022-07-25 10:19 - 2021-03-07 18:46 - 000000000 ____D C:\Users\34653\AppData\Roaming\Lavasoft
2022-07-25 10:19 - 2021-03-07 18:46 - 000000000 ____D C:\Users\34653\AppData\Local\Lavasoft
2022-07-25 10:19 - 2021-03-07 18:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2022-07-25 10:19 - 2021-03-07 18:45 - 000000000 ____D C:\ProgramData\Lavasoft
2022-07-25 10:19 - 2021-03-07 18:45 - 000000000 ____D C:\Program Files (x86)\Lavasoft
C:\testintel3
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} =>  -> Ningún archivo
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [466]
IE trusted site: HKU\S-1-5-21-2628076097-899198543-139089765-1002\...\webcompanion.com -> hxxp://webcompanion.com
FirewallRules: [{FFA94859-414F-4C0C-9D93-7780A1BE8FF8}] => (Allow) C:\Users\34660\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe => Ningún archivo
FirewallRules: [{F2E2912E-E92E-4843-9703-2CB805EA3B1C}] => (Allow) C:\Users\34660\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe => Ningún archivo
CHR Extension: (TUK Player) - C:\Users\34653\AppData\Local\Google\Chrome\User Data\Default\Extensions\maagmnodfdojabjbjhkbnbheenakpheo [2021-04-28]

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END

Lo guardas con el nombre de FIXLIST.TXT en tu escritorio (MUY IMPORTANTE). Pues en caso contrario no funcionará el SCRIPT, ambos ficheros (FRST.exe y FIXLIST.TXT ) y deben de estar en la ubicación del ESCRITORIO.

El anterior Script de reparación es personalizado para la máquina en concreto para la cual se fabricó y está hecho específicamente por un miembro del Staff. Si se tiene un problema parecido, por favor abra su propio tema para recibir ayuda personalizada y específica. Utilizar Scripts de otros Sistemas puede causar daños graves en su ordenador.

Finalmente (OJO, en MODO NORMAL):

1. Ejecutas nuevamente FRST.exe (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador).

2. Presionas sobre Fix/Corregir y esperas a que finalice el proceso. No hagas nada con el PC mientras este realizando dichas reparaciones, incluso si parece ser que se ha quedado colgado. No lo toques y esperas.

3. Cunado finalice, en el ESCRITORIO se creará el fichero FIXLOG.TXT lo traes en tu próxima respuesta.

4. Reinicias el ordenador en Modo Normal compruebas durante un rato el funcionamiento de este y comentas como sigue el problema inicialmente planteado.

Muy Importante Coloca el reporte que te he pedido como se muestra en la siguiente imagen:

report703×272 3.73 KB

Salu2.

Hola @Marr0n Reconozco haber instalado estos:

Presto 2020.01 
Presto 8.8 (este es el único que sigo utilizando)
Safe Exam Browser (HKLM-x32
Safe Exam Browser (x64)

No reconozco haber instalado:

Minimal ADB and Fastboot version 1.4.3
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
Dolby Atmos for Gaming

Tampoco reconozco haber instalado la extensión de chrome: CHR Extension: (TUK Player)

De los programas de “seguridad/exterminio” he utilizado:

ESET Online Scanner
Rkill
UnHackMe

Pero Bitdefender no recuerdo haberlo instalado nunca.

Espero tu respuesta para continuar. Muchas gracias una vez más.

Hola buenas @Soyban

OK.

OK. Pues quitas estos 3 con el RevoUninstaller de la forma que te expliqué:

Es decir, quitarás con Revo Uninstaller en su Modo Avanzado estos programas: UnHackMe + Minimal ADB and Fastboot + WinPcap + Dolby Atmos for Gaming.

OK, pues esta extensión la eliminas desde el apartado de Quitar Extensiones del Chrome.

OK. Pues como ya te he dicho quitas el UnHackMe con el Revo.

OK. Haz esto como ya te dije:

Bueno, pues ya la tienes, haces todo esto y ya sigues con:

De nada.

Salu2.

Hola @Marr0n Buenas noticias, se ha solucionado todo, ya no salen advertencias y va todo mas fluido. He intentado pegar el logfix como me dijiste, pero creo q es tan largo que me sale error 413. No se si te lo puedo adjuntar de otra forma. Borro ya todos los programas utilizados para eliminar los malware? Muchisimas gracias!

Hola buenas @Soyban

Jejejej ya me lo imaginaba, pues con el Script que te hice. Volé todo lo que tenía que volar, incluso varios malwares que tenías en la máquina

Sí, si que se puede. Puedes ir segmentando el fichero de texto en varias partes de cada una como máximo de 50.000 caracteres aprox. por mensaje, lo vas desglosando y cada mensaje que tenga 50000 como máximo y así vas haciendo hasta poner el informe troceado en varios mensajes. Tantos como sea necesario.

Si no puedes adjuntarlo como un fichero de texto: ¿Como Pegar Reportes en el Foro? - nº 4 por SanMar pruebas el cuarto método. Si no hay más métodos allí de como subir el informe. Lo traes ya que necesito verlo sí o sí.

De nada. No, no te adelantes. Vayamos por partes, aún tenemos que hacer algunas pequeñas cosas más. No vayas tan rápido.

Salu2.

P.D.: Aparte de lo que te he pedido, traes un par de logs nuevos/frescos de FARBAR (FRST.txt y Addition.txt).

ok @Marr0n , ya me había emocionado con que estuviera todo resuelto.

Te mando primero FRST y Addition, que el Fixlog pesa 21mb y tardaré un rato en cortarlo.

FRST:

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 15-08-2022
Ejecutado por IVAN (administrador) sobre LAPTOP-FIHAUTJ7 (LENOVO 81SX) (25-08-2022 13:25:54)
Ejecutado desde C:\Users\34653\Desktop
Perfiles cargados: IVAN
Plataforma: Microsoft Windows 11 Home Versión 21H2 22000.856 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_22183.300.1431.9295_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\104.0.1293.63\msedgewebview2.exe <12>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe
(C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(dolbyaposvc\DAX3API.exe ->) (Dolby Laboratories, Inc. -> ) C:\Program Files\Common Files\Dolby\DAX3\RADARHOST\DSRHost.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_9196e89091d8bdbb\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_f9cd2639d2c9e4c9\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(sihost.exe ->) (LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.54.0_x64__5grkq8ppsgwt4\LaunchUtility\utility.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.625.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1076728 2020-03-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5929680 2022-08-02] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11186408 2022-08-13] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711328 2022-06-16] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\62.0.1.0\GoogleDriveFS.exe [51140424 2022-07-28] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\62.0.1.0\GoogleDriveFS.exe [51140424 2022-07-28] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2628076097-899198543-139089765-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\62.0.1.0\GoogleDriveFS.exe [51140424 2022-07-28] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2628076097-899198543-139089765-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5491920 2022-08-02] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2628076097-899198543-139089765-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38274576 2022-08-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2628076097-899198543-139089765-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-2628076097-899198543-139089765-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5491920 2022-08-02] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2628076097-899198543-139089765-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91016568 2020-12-02] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\62.0.1.0\GoogleDriveFS.exe [51140424 2022-07-28] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\KOAYTJ_P: C:\Windows\System32\spool\prtprocs\x64\KOAYTJ_P.dll [77312 2010-10-07] (KONICA MINOLTA, INC. -> Monotype Imaging Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2021-12-24] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\C364SeriesPCL Language Monitor: C:\Windows\system32\KOAYTJ_L.DLL [16896 2013-04-22] (KONICA MINOLTA, INC. -> KONICA MINOLTA, INC.)
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [116736 2020-05-12] (pdfforge GmbH) [Archivo no firmado]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\104.0.5112.102\Installer\chrmstp.exe [2022-08-23] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {017A056E-292F-4AE9-89F7-54A586DD7F13} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\34653\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-08-03] (ESET, spol. s r.o. -> ESET)
Task: {01CCB55D-2DEC-4E02-95A1-F4385F09EAC6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145304 2022-08-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {126D42A9-4E45-40B7-9C5B-DBB9D00C0BF8} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790568 2019-02-18] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {16CBE672-4424-4D8B-B04E-06B4D0A57DEC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-12-01] (Google Inc -> Google LLC)
Task: {1951863A-664F-4C73-8309-E0CC70B51C41} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {28305D21-CD2A-4E1A-B9A0-C6868C05ABA0} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [147864 2022-05-12] (Lenovo -> Lenovo Group Ltd.)
Task: {299E2AAA-FD47-4BCD-9FEE-4D2E2C77D64B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {30FA0794-2C9F-41DA-ABDE-21DA8577482E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {31BD157D-085B-4292-BCCC-97CAE7B444F3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {37B91A9E-1FD5-4B7E-A1C0-B496795473ED} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\fab8b915-c085-4b25-8ebd-3950cf9e3b2b => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {3C4DC7E5-CD3A-4176-B97C-2BF0EDD29F17} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8406496 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {3E52677D-2DC1-40DF-A8A3-E7F059EE7EAF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {431B896D-B4A2-4BC9-88DC-D891B3AC66E0} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {475C75BC-1395-41C4-848B-C432555A85BC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {4C662206-25BA-4EAA-9625-5EF9412ECF44} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [840744 2019-02-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5178918E-0FFE-42B4-8A0D-25A86ADE7DF9} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {557848B6-30D4-4302-AC67-68390EA04A58} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [572456 2019-02-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5591A364-A4A1-48AA-9CB2-81906788EDD4} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ae047023-a214-4941-bdd4-8996f3aa19c8 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {5B7E9A34-626C-4CB2-86D7-86F06DF9B37D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\fb30fee4-716e-4fe7-b712-d74c09bbc3ed => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {653A64D9-8B57-46DD-8AF2-EBCC94EFDB8C} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [61856 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {695D1DB6-9E4C-4347-A0C4-5A68D55E25A7} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\34653\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-08-03] (ESET, spol. s r.o. -> ESET)
Task: {77E412CA-4A73-4F79-AC02-BAA76CDB508E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [702504 2019-02-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7CC6A40C-7063-4713-B839-83A73AB596FF} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\6dd3b42a-f61a-403c-870b-3e26b8c53c05 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {804AD461-B92F-4059-9ECD-F3D586BDDEF9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {83F1EA2B-4BB7-40FE-B4A4-7CB3D031EF9B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3724328 2019-02-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {853960F4-A13E-48B0-A42D-E9009E21A2AE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790568 2019-02-18] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {87C2793E-D205-4BFC-A038-2110624A8F8A} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [217088 2022-07-28] (Microsoft Windows -> Microsoft Corporation)
Task: {8E3EC4CB-F3AE-4EAE-890F-ABE3DCB466F4} - System32\Tasks\Lenovo\FBNetFilter PNP Task => C:\Windows\System32\drivers\FBNetFilterInstall.exe [1149352 2019-03-04] (LENOVO (UNITED STATES) INC. -> Lenovo Group Ltd.)
Task: {9D3BF9E6-4030-44CE-9D03-A7B18408968D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-08-12] (Piriform Software Ltd -> Piriform)
Task: {9D8BA94D-1DE0-484A-9F6B-10EED64CE9DC} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {A23E1F68-3BA2-4193-9E4E-78FF4FE3F9AA} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {A95EDE2B-440D-4AC1-99AC-5003162D9D05} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8406496 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {B18E0E53-3DCC-425F-8DA5-1B55CD2B087E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9F7AE7C-E705-4D96-AB1C-4D924E05F690} - System32\Tasks\G2MUpdateTask-S-1-5-21-2628076097-899198543-139089765-1002 => C:\Users\34660\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-07-19] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {BF274449-C8E8-4850-9E11-D0372861305B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [840744 2019-02-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C166D1A5-BD2B-48DA-A733-FB4182E2ECE1} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {C2DBE4AA-6B00-4315-8FDF-ED1DA7169BB7} - System32\Tasks\CCleanerSkipUAC - IVAN => C:\Program Files\CCleaner\CCleaner.exe [31990800 2022-08-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CB474E94-989B-4019-8906-6B009E16F88A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145304 2022-08-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {D37A5A80-1022-4271-B3E3-F8614836CFBE} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-02-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E3DBAF6A-C40B-4A99-9D99-0D08D0783945} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\19023f31-6c68-42d7-ab10-f638a2efc262 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {E4C888B4-93B9-4C5C-9A34-492D355DD1EC} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-02-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E5A27F0E-308C-4EB0-AC69-6EABD6AF3262} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-12-01] (Google Inc -> Google LLC)
Task: {EA96BFB0-705D-468A-825C-FE1EF81264A7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE48BFE4-6373-45EF-896C-1D59C7A755D1} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-02-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F5551EEA-3A02-4E3C-9985-AFD9E4DD5449} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {F94C2B9E-608D-48DE-A595-DECAAFEF1B4B} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-02-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FC3B4BE1-DF02-4754-94FA-45A5BA7545A3} - System32\Tasks\G2MUploadTask-S-1-5-21-2628076097-899198543-139089765-1002 => C:\Users\34660\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-07-19] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {FCA18D6F-FE84-4AB5-B8C0-F77FAF9D6FF4} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {FE6003A7-487F-4058-B65B-8EB13916C1E2} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [217088 2022-07-28] (Microsoft Windows -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2628076097-899198543-139089765-1002.job => C:\Users\34660\AppData\Local\GoToMeeting\19950\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2628076097-899198543-139089765-1002.job => C:\Users\34660\AppData\Local\GoToMeeting\19950\g2mupload.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7dc32cfc-95f2-47bc-9287-eaa91263a960}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{dd922229-d5a7-44cf-be86-830f952a825f}: [DhcpNameServer] 192.168.1.1

Edge: 
=======
DownloadDir: C:\Users\34653\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-2628076097-899198543-139089765-1001 -> hxxp://www.google.es/
Edge DefaultProfile: Default
Edge Profile: C:\Users\34653\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-24]
Edge HomePage: Default -> hxxp://lenovo17win10.msn.com/?pc=LCTE
Edge StartupUrls: Default -> "hxxps://google.es/"
Edge Extension: (SaferVPN Proxy - Free & Fast Privacy App) - C:\Users\34653\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cocfojppfigjeefejbpfmedgjbpchcng [2020-08-16]

FireFox:
========
FF DefaultProfile: tpjy0q1z.default
FF ProfilePath: C:\Users\34653\AppData\Roaming\Mozilla\Firefox\Profiles\tpjy0q1z.default [2022-08-24]
FF ProfilePath: C:\Users\34653\AppData\Roaming\Mozilla\Firefox\Profiles\2fgawqut.default-release [2022-08-24]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-12-02]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.341.2 -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\dtplugin\npDeployJava1.dll [2022-07-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.341.2 -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\plugin2\npjp2.dll [2022-07-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-08-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-2628076097-899198543-139089765-1002: @zoom.us/ZoomVideoPlugin -> C:\Users\34660\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-03-17] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome: 
=======
CHR Profile: C:\Users\34653\AppData\Local\Google\Chrome\User Data\Default [2022-08-25]
CHR Extension: (Adobe Acrobat: herramientas para convertir, editar y firmar PDFs) - C:\Users\34653\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-08-25]
CHR Extension: (Fotocasa) - C:\Users\34653\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggjoifnbhpidaebcgpibnefdfieanjka [2020-09-14]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\34653\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-24]
CHR Extension: (Ace Script) - C:\Users\34653\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2022-08-03]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\34653\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR HKU\S-1-5-21-2628076097-899198543-139089765-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
CHR HKU\S-1-5-21-2628076097-899198543-139089765-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3863256 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3701464 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8402648 2019-12-29] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12102608 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46832 2022-08-13] (Dropbox, Inc -> Dropbox, Inc.)
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [1926600 2019-09-02] (Dolby Laboratories, Inc. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [810928 2021-05-11] (EasyAntiCheat Oy -> Epic Games, Inc)
S4 FBNetFilterInstall; C:\WINDOWS\System32\drivers\FBNetFilterInstall.exe [1149352 2019-03-04] (LENOVO (UNITED STATES) INC. -> Lenovo Group Ltd.)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [359808 2019-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2559704 2021-12-02] (Electronic Arts, Inc. -> Electronic Arts)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_f9cd2639d2c9e4c9\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_f9cd2639d2c9e4c9\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 FBNetFilter; C:\WINDOWS\System32\drivers\FBNetFlt.sys [64832 2021-08-26] (LENOVO (UNITED STATES) INC. -> Lenovo Group Ltd.)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 MpKsl37eaeb7d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{73FBECB0-9D84-4BA0-A8B5-0967BC656388}\MpKslDrv.sys [141576 2022-08-25] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-06-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-06-24] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-24] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2022-08-25 13:25 - 2022-08-25 13:26 - 000032832 _____ C:\Users\34653\Desktop\FRST.txt
2022-08-25 12:09 - 2022-08-25 12:09 - 000002564 _____ C:\Users\34653\Desktop\Hearthstone Deck Tracker.lnk
2022-08-24 18:43 - 2022-08-24 21:00 - 022095727 _____ C:\Users\34653\Desktop\Fixlog.txt
2022-08-24 18:40 - 2022-08-24 18:40 - 000000246 _____ C:\Users\34653\Desktop\DelFix.txt
2022-08-24 18:40 - 2022-08-24 18:40 - 000000246 _____ C:\DelFix.txt
2022-08-24 18:40 - 2022-08-24 18:40 - 000000000 ____D C:\WINDOWS\ERUNT
2022-08-24 18:39 - 2022-08-24 18:39 - 000797760 _____ C:\Users\34653\Desktop\delfix_1.013.exe
2022-08-24 18:38 - 2022-08-24 18:38 - 000123966 _____ C:\Users\34653\Documents\cc_20220824_183806.reg
2022-08-24 18:35 - 2022-08-24 18:35 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-08-24 18:33 - 2022-08-25 13:24 - 000000000 ____D C:\Program Files\CCleaner
2022-08-24 18:33 - 2022-08-24 18:33 - 000002900 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - IVAN
2022-08-24 18:33 - 2022-08-24 18:33 - 000000876 _____ C:\Users\Public\Desktop\CCleaner.lnk
2022-08-24 18:33 - 2022-08-24 18:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2022-08-24 18:32 - 2022-08-24 18:32 - 049909560 _____ (Piriform Software Ltd) C:\Users\34653\Downloads\ccsetup602.exe
2022-08-24 18:29 - 2022-08-24 18:29 - 001526784 _____ (Microsoft Corporation) C:\Users\34653\Downloads\BitDefender_Uninstall_Tool_x64.exe
2022-08-24 18:07 - 2022-08-24 18:07 - 000001102 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2022-08-24 18:07 - 2022-08-24 18:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2022-08-24 18:07 - 2022-08-24 18:07 - 000000000 ____D C:\Program Files\VS Revo Group
2022-08-24 18:06 - 2022-08-24 18:06 - 007521232 _____ (VS Revo Group ) C:\Users\34653\Downloads\revosetup.exe
2022-08-23 19:42 - 2022-08-23 19:43 - 000000000 ____D C:\Users\34660\Desktop\FELICIDAD
2022-08-23 18:56 - 2022-08-23 18:56 - 000024460 _____ C:\Users\34660\Downloads\inodoro-planta-03-1213.zip
2022-08-23 18:53 - 2022-08-23 18:53 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2022-08-23 18:44 - 2022-08-23 18:44 - 000000211 ____H C:\Users\34660\Documents\Dibujo1.dwl2
2022-08-23 18:44 - 2022-08-23 18:44 - 000000061 ____H C:\Users\34660\Documents\Dibujo1.dwl
2022-08-23 18:41 - 2022-08-23 18:41 - 000010043 _____ C:\Users\34660\Downloads\CocinaVitroceramica_03.zip
2022-08-23 18:40 - 2022-08-23 18:40 - 000023680 _____ C:\Users\34660\Downloads\fregadero_1seno_05.zip
2022-08-23 18:35 - 2022-08-24 18:34 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-08-23 18:35 - 2022-08-23 18:35 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2628076097-899198543-139089765-1002
2022-08-23 18:35 - 2022-08-23 18:35 - 000002470 _____ C:\Users\34660\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-08-23 08:25 - 2022-08-23 08:25 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2628076097-899198543-139089765-1001
2022-08-23 08:25 - 2022-08-23 08:25 - 000002470 _____ C:\Users\34653\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-08-21 19:02 - 2022-08-25 13:26 - 000000000 ____D C:\FRST
2022-08-21 18:52 - 2022-08-21 18:52 - 002371072 _____ (Farbar) C:\Users\34653\Desktop\FRST64.exe
2022-08-21 18:52 - 2022-08-21 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-08-21 18:50 - 2022-08-21 18:50 - 000003856 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2022-08-21 18:50 - 2022-08-21 18:50 - 000003414 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2022-08-13 20:27 - 2022-08-13 20:27 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2022-08-13 20:27 - 2022-08-13 20:27 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2022-08-13 20:27 - 2022-08-13 20:27 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2022-08-13 20:27 - 2022-08-13 20:27 - 000046832 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-08-12 08:41 - 2022-08-12 08:41 - 000002125 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2022-08-12 08:41 - 2022-08-12 08:41 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-08-10 11:19 - 2022-08-25 11:12 - 127139840 _____ C:\WINDOWS\system32\config\SOFTWARE
2022-08-10 11:16 - 2022-08-10 11:19 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2022-08-10 10:26 - 2022-08-10 10:26 - 000015026 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-08-10 10:01 - 2022-08-10 10:01 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-08-10 09:53 - 2022-08-10 09:54 - 000000000 ___HD C:\$SysReset
2022-08-10 09:44 - 2022-08-10 09:44 - 000001202 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Legion Arena.lnk
2022-08-10 08:47 - 2022-08-10 08:47 - 001812483 _____ C:\Users\34653\Desktop\Contrato cv vivenda IVAN MELERO SORIANO v1.pdf
2022-08-09 17:57 - 2022-08-09 17:57 - 003994107 _____ C:\Users\34653\Downloads\MFL35347749_English manual_Konsul.pdf
2022-08-05 02:44 - 2022-08-05 02:44 - 000000000 ____D C:\Users\34660\AppData\LocalLow\IGDump
2022-08-04 17:53 - 2022-08-24 18:04 - 000000000 ____D C:\Users\34660\AppData\Roaming\DropboxElectron
2022-08-04 10:02 - 2022-08-25 13:25 - 000000000 ____D C:\Users\34653\Desktop\Trojjj
2022-08-04 09:30 - 2022-08-04 09:30 - 000000000 ____D C:\Users\34653\Downloads\Telegram Desktop
2022-08-03 18:39 - 2022-08-25 13:22 - 000012288 ___SH C:\DumpStack.log.tmp
2022-08-03 17:36 - 2022-08-03 17:36 - 002556344 _____ (Malwarebytes) C:\Users\34653\Downloads\MBSetup.exe
2022-08-03 17:36 - 2022-08-03 17:36 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\34653\Downloads\rkill.exe
2022-08-03 17:27 - 2022-08-24 19:02 - 000000000 ____D C:\WINDOWS\Minidump
2022-08-03 17:27 - 2022-08-21 18:57 - 000001345 _____ C:\Users\34653\Desktop\ESET Online Scanner.lnk
2022-08-03 17:25 - 2022-08-10 10:09 - 001084494 _____ C:\WINDOWS\ntbtlog.txt
2022-08-03 14:50 - 2022-08-03 14:50 - 000662894 _____ C:\Users\34653\Documents\cc_20220803_145031.reg
2022-08-03 14:43 - 2022-08-03 16:42 - 000000252 _____ C:\WINDOWS\SysWOW64\PARTIZAN.TXT
2022-08-03 12:49 - 2022-08-03 12:49 - 000000000 ____D C:\@RestoreQuarantine
2022-08-03 08:52 - 2022-08-21 18:58 - 000001451 _____ C:\Users\34653\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-08-03 08:52 - 2022-08-03 08:52 - 000000000 ____D C:\Users\34653\AppData\Local\ESET
2022-08-03 08:19 - 2022-08-05 03:53 - 000000000 ____D C:\Users\34653\AppData\Roaming\Telegram Desktop
2022-08-03 08:19 - 2022-08-03 08:19 - 000001097 _____ C:\Users\34653\Desktop\Telegram.lnk
2022-08-03 08:19 - 2022-08-03 08:19 - 000000000 ____D C:\Users\34653\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2022-08-02 11:57 - 2021-02-24 09:35 - 007457240 _____ (Sunplus Innovation Technology Inc.) C:\WINDOWS\system32\SPITDevMft64.dll
2022-08-02 11:03 - 2022-08-02 11:03 - 000000000 ____D C:\Program Files (x86)\Lenovo
2022-07-28 19:51 - 2022-07-28 19:51 - 000327680 _____ C:\WINDOWS\system32\pnpdiag.dll
2022-07-28 19:51 - 2022-07-28 19:51 - 000069632 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-07-28 19:51 - 2022-07-28 19:51 - 000041472 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-07-28 19:50 - 2022-07-28 19:50 - 000335872 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-07-28 19:43 - 2022-08-02 11:57 - 000000000 ____D C:\Dist
2022-07-28 19:43 - 2017-04-04 15:13 - 000088984 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2022-08-25 13:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-08-25 13:25 - 2019-09-02 06:29 - 000000000 ____D C:\ProgramData\NVIDIA
2022-08-25 13:24 - 2019-12-01 12:16 - 000000000 ____D C:\Program Files (x86)\Google
2022-08-25 13:23 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-08-25 13:23 - 2020-12-23 08:57 - 000000000 ____D C:\Users\34653\AppData\Local\Dropbox
2022-08-25 13:22 - 2021-11-04 16:39 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-08-25 13:22 - 2021-11-04 16:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-08-25 13:22 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ServiceState
2022-08-25 13:22 - 2019-09-02 06:30 - 000000134 _____ C:\WINDOWS\system32\regtest.txt
2022-08-25 13:21 - 2020-11-09 17:52 - 000000000 ____D C:\Users\34653\AppData\Roaming\HearthstoneDeckTracker
2022-08-25 13:21 - 2020-02-07 20:25 - 000000000 ____D C:\Users\34653\AppData\Local\Battle.net
2022-08-25 12:09 - 2020-11-09 17:52 - 000000000 ____D C:\Users\34653\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthSim
2022-08-25 12:09 - 2020-11-09 17:52 - 000000000 ____D C:\Users\34653\AppData\Local\SquirrelTemp
2022-08-25 12:09 - 2020-11-09 17:52 - 000000000 ____D C:\Users\34653\AppData\Local\HearthstoneDeckTracker
2022-08-25 11:34 - 2020-11-09 17:55 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2022-08-25 11:20 - 2021-11-04 16:37 - 001803768 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-08-25 11:20 - 2021-06-05 19:41 - 000807166 _____ C:\WINDOWS\system32\perfh00A.dat
2022-08-25 11:20 - 2021-06-05 19:41 - 000162986 _____ C:\WINDOWS\system32\perfc00A.dat
2022-08-25 11:20 - 2021-06-05 14:09 - 000000000 ____D C:\WINDOWS\INF
2022-08-25 11:12 - 2021-06-05 14:01 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2022-08-25 11:09 - 2019-12-29 17:19 - 000000000 ____D C:\Users\34653\AppData\Local\D3DSCache
2022-08-24 19:03 - 2019-12-26 11:08 - 000000000 ____D C:\Users\34660\AppData\LocalLow\Temp
2022-08-24 19:02 - 2022-05-09 12:18 - 000000000 ____D C:\Users\34653\AppData\LocalLow\Temp
2022-08-24 18:56 - 2021-06-05 14:10 - 000000000 ___HD C:\Program Files\WindowsApps
2022-08-24 18:56 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-08-24 18:34 - 2022-02-22 13:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-08-24 18:26 - 2019-12-01 10:58 - 000000000 ____D C:\Users\34653\AppData\Local\Packages
2022-08-24 18:23 - 2019-12-10 22:10 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-08-24 18:20 - 2019-09-02 06:17 - 000000000 ____D C:\ProgramData\Package Cache
2022-08-24 18:14 - 2020-01-30 18:11 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-08-24 18:08 - 2022-02-22 13:13 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-08-24 18:08 - 2022-02-22 13:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-08-24 18:08 - 2022-02-22 13:13 - 000000000 ____D C:\Users\34660\AppData\LocalLow\Mozilla
2022-08-24 18:04 - 2020-12-21 18:33 - 000000000 ____D C:\Users\34660\AppData\Local\Dropbox
2022-08-23 18:35 - 2021-12-20 10:26 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2628076097-899198543-139089765-1002
2022-08-23 18:34 - 2019-12-01 12:17 - 000002310 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-08-23 18:32 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-08-23 17:50 - 2021-11-04 16:39 - 000003708 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-08-23 17:50 - 2021-11-04 16:39 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-08-23 08:25 - 2021-12-16 19:21 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2628076097-899198543-139089765-1001
2022-08-21 18:58 - 2022-07-25 16:42 - 000000000 ____D C:\Users\34653\AppData\Local\CrashDumps
2022-08-21 18:58 - 2021-02-04 21:13 - 000002072 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-08-21 18:58 - 2020-04-17 17:22 - 000001874 _____ C:\Users\34660\Desktop\Google Drive.lnk
2022-08-21 18:56 - 2020-07-08 08:27 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-08-21 18:56 - 2019-12-01 12:52 - 000000000 ____D C:\Program Files\Microsoft Office
2022-08-21 18:52 - 2020-12-21 18:33 - 000000000 ____D C:\Program Files (x86)\Dropbox
2022-08-21 18:50 - 2020-12-21 18:33 - 000001022 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2022-08-21 18:50 - 2020-12-21 18:33 - 000001018 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2022-08-12 08:28 - 2021-11-04 16:39 - 000004082 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2022-08-12 08:28 - 2021-11-04 16:39 - 000003850 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2022-08-10 14:05 - 2021-11-04 16:31 - 000587688 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-08-10 14:04 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemResources
2022-08-10 14:04 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-08-10 14:04 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-08-10 10:31 - 2019-12-04 13:10 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-08-10 10:27 - 2021-06-05 14:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-08-10 10:27 - 2019-12-04 13:10 - 144534560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-08-10 10:26 - 2021-11-04 16:32 - 003103744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-08-10 10:24 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-08-10 09:51 - 2019-12-29 17:20 - 000000000 ____D C:\Program Files\Epic Games
2022-08-10 09:50 - 2021-06-05 14:10 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-08-10 09:48 - 2020-06-18 12:12 - 000000000 ____D C:\Program Files (x86)\Auropro4
2022-08-10 09:48 - 2019-12-04 10:20 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2022-08-10 09:48 - 2019-12-04 10:20 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2022-08-10 09:44 - 2021-06-03 10:06 - 000000000 ____D C:\WINDOWS\TempInst
2022-08-10 09:40 - 2022-07-25 16:27 - 000000000 ____D C:\Users\34653\AppData\LocalLow\IGDump
2022-08-09 17:15 - 2021-08-26 16:16 - 000000988 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2022-08-08 00:40 - 2019-12-29 19:25 - 000000000 ____D C:\Users\34660\AppData\Local\CrashDumps
2022-08-05 03:56 - 2020-11-26 11:18 - 000000000 ____D C:\Users\34653\AppData\Local\cache
2022-08-05 02:43 - 2019-12-01 12:41 - 000000000 ____D C:\Users\34660\AppData\Local\D3DSCache
2022-08-04 10:00 - 2019-12-01 11:00 - 000000000 ____D C:\Users\34653\AppData\Local\PlaceholderTileLogoFolder
2022-08-03 08:15 - 2020-09-14 10:51 - 000000000 ____D C:\Users\34653\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
2022-07-29 18:49 - 2019-12-01 13:11 - 000000000 ____D C:\Program Files\Google
2022-07-28 20:30 - 2021-06-05 14:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-07-28 20:30 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-07-28 20:30 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-07-28 20:30 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-07-28 20:30 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2022-07-28 20:30 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-07-28 20:30 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-07-28 20:30 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-07-28 20:30 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-07-28 20:30 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\Provisioning
2022-07-28 19:33 - 2019-12-01 12:14 - 000000000 ____D C:\Program Files\WinRAR
2022-07-27 17:21 - 2019-12-01 12:28 - 000000000 ____D C:\ProgramData\FLEXnet
2022-07-27 17:20 - 2021-11-04 15:05 - 000000000 ____D C:\Users\34660
2022-07-27 11:50 - 2021-11-04 15:05 - 000000000 ____D C:\Users\34653
2022-07-26 19:54 - 2021-11-04 15:05 - 000000000 ____D C:\Users\ESCANER
2022-07-26 19:54 - 2020-12-21 18:35 - 000000000 ___RD C:\Users\34660\Dropbox
2022-07-26 19:54 - 2020-02-07 20:25 - 000000000 ____D C:\Users\34653\AppData\Roaming\Battle.net
2022-07-26 19:19 - 2022-03-25 13:12 - 000000000 ____D C:\Users\34653\AppData\Local\Mozilla
2022-07-26 19:19 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\registration
2022-07-26 12:44 - 2021-11-04 13:29 - 000000000 ___DC C:\WINDOWS\Panther
2022-07-26 12:39 - 2021-04-06 09:45 - 000000000 ____D C:\Users\34653\Desktop\casita

==================== Archivos en la raíz de algunos directorios ========

2020-02-12 10:07 - 2020-02-12 10:07 - 000000000 _____ () C:\Users\34653\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Addition:

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 15-08-2022
Ejecutado por IVAN (25-08-2022 13:26:57)
Ejecutado desde C:\Users\34653\Desktop
Microsoft Windows 11 Home Versión 21H2 22000.856 (X64) (2021-11-04 14:40:10)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================


(Si una entrada es incluida en el fixlist, será eliminada.)

Administrador (S-1-5-21-2628076097-899198543-139089765-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2628076097-899198543-139089765-503 - Limited - Disabled)
ESCANER (S-1-5-21-2628076097-899198543-139089765-1003 - Limited - Enabled) => C:\Users\ESCANER
Invitado (S-1-5-21-2628076097-899198543-139089765-501 - Limited - Disabled)
IVAN (S-1-5-21-2628076097-899198543-139089765-1001 - Administrator - Enabled) => C:\Users\34653
PATRI (S-1-5-21-2628076097-899198543-139089765-1002 - Administrator - Enabled) => C:\Users\34660
WDAGUtilityAccount (S-1-5-21-2628076097-899198543-139089765-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 22.002.20191 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.0.0.11 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AutoCAD 2018 - Español (Spanish) (HKLM\...\{28B89EEF-1001-040A-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Autodesk AutoCAD 2018 - Español (Spanish) (HKLM\...\AutoCAD 2018 - Español (Spanish)) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD 2018.1.1 (HKLM-x32\...\{b501e2dd-1001-0000-0102-2d66c6a91544}) (Version: 22.0.154.0 - Autodesk)
Autodesk Genuine Service (HKLM-x32\...\{317D67F2-9027-4E85-9ED1-ADF4D765AE02}) (Version: 3.0.11 - Autodesk)
AutoFirma (HKLM\...\AutoFirma) (Version: 1.7.2 - Gobierno de España)
Backup and Sync from Google (HKLM\...\{696895F7-52C7-4C9E-998B-C7E0CC907092}) (Version: 3.57.4256.0809 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 6.03 - Piriform)
CE3X v2.3 (HKLM-x32\...\{7139BD7B-FC0B-435F-8E79-63D7CCDA2BA8}_is1) (Version:  - Certificacion Energetica SL)
Comprobación de estado de PC Windows (HKLM\...\{75741B4B-FC87-494A-A380-0EBA06DB89F9}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Dropbox (HKLM-x32\...\Dropbox) (Version: 155.4.5493 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.639.1 - Dropbox, Inc.) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FirmaDipualba (HKLM-x32\...\FirmaDipualba ) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 104.0.5112.102 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 62.0.1.0 - Google LLC)
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
GoToMeeting 10.19.0.19950 (HKU\S-1-5-21-2628076097-899198543-139089765-1002\...\GoToMeeting) (Version: 10.19.0.19950 - LogMeIn, Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hearthstone Deck Tracker (HKU\S-1-5-21-2628076097-899198543-139089765-1001\...\HearthstoneDeckTracker) (Version: 1.18.13 - HearthSim)
Intel(R) Chipset Device Software (HKLM\...\{19D17223-0F9C-4155-8057-AA6F49A26E69}) (Version: 10.1.17861.8101 - Intel Corporation) Hidden
Java 8 Update 341 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180341F0}) (Version: 8.0.3410.10 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Legion Arena (HKLM-x32\...\Legion Arena_is1) (Version: 1.3.1.1 - Lenovo Group Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 104.0.1293.63 - Microsoft Corporation)
Microsoft Office Profesional Plus 2016 - es-es (HKLM\...\ProPlusRetail - es-es) (Version: 16.0.15427.20210 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.12130.20410 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2628076097-899198543-139089765-1001\...\OneDriveSetup.exe) (Version: 22.156.0724.0002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2628076097-899198543-139089765-1002\...\OneDriveSetup.exe) (Version: 22.156.0724.0002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2628076097-899198543-139089765-1003\...\OneDriveSetup.exe) (Version: 18.143.0717.0002 - Microsoft Corporation)
Microsoft Project - es-es (HKLM\...\ProjectProRetail - es-es) (Version: 16.0.15427.20210 - Microsoft Corporation)
Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.12130.20410 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{52EBC484-44A1-4DC5-824A-0A503735ABD8}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2628076097-899198543-139089765-1002\...\Teams) (Version: 1.4.00.32771 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation)
Microsoft Visio - es-es (HKLM\...\VisioProRetail - es-es) (Version: 16.0.15427.20210 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.12130.20410 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.26.28720 (HKLM-x32\...\{7d607fb4-7e28-4c7a-a92f-3fcdaf555faf}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 x86 Additional Runtime - 14.13.26020 (HKLM-x32\...\{895D5198-C5DB-375E-86AB-133F4DAA9FE2}) (Version: 14.13.26020 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.13.26020 (HKLM-x32\...\{8F271F6C-6E7B-3D0A-951B-6E7B694D78BD}) (Version: 14.13.26020 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.26.28720 (HKLM\...\{CB4A0FDE-1126-4AE2-97C6-A243692C3D95}) (Version: 14.26.28720 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.26.28720 (HKLM\...\{DD1EC0FD-3F0A-4740-A05E-1DCD14A6B0D1}) (Version: 14.26.28720 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 es-ES) (HKLM\...\Mozilla Firefox 103.0.2 (x64 es-ES)) (Version: 103.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 97.0.1 - Mozilla)
NVIDIA Controlador de audio HD 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 466.47 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 466.47 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.17.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.17.0.126 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15427.20178 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15427.20148 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.15427.20178 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.107.49426 - Electronic Arts, Inc.)
PDFCreator (HKLM\...\{4EDD2692-1836-4670-A332-C6B76627D5E5}) (Version: 4.3.0 - pdfforge GmbH)
Presto 8.8 (HKLM-x32\...\{099EA4F2-0BE8-443B-B6EE-2B8FDF035DC0}) (Version:  - )
Revo Uninstaller 2.3.9 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.9 - VS Revo Group, Ltd.)
Skype versión 8.67 (HKLM-x32\...\Skype_is1) (Version: 8.67 - Skype Technologies S.A.)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{fcfc894b-0d54-4d39-826f-dcb39ce5dde7}) (Version: 10.1.17861.8101 - Intel(R) Corporation)
Telegram Desktop (HKU\S-1-5-21-2628076097-899198543-139089765-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.0.2 - Telegram FZ-LLC)
Telegram Web (HKU\S-1-5-21-2628076097-899198543-139089765-1001\...\b6476f1d0a6820c61aca5fb84bdbad84) (Version: 1.0 - Google\Chrome)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - Blizzard Entertainment)
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 104.0.1293.63 - Microsoft Corporation)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-2628076097-899198543-139089765-1002\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)

Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2022-07-26] (Adobe Systems Incorporated)
Adobe Acrobat DC -> C:\Program Files (x86)\Adobe\Acrobat DC [2022-08-12] (0)
Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-08-04] (Microsoft Corporation)
Dolby Atmos for Gaming -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAtmosforGaming_3.20500.501.0_x64__rz1tebttyb220 [2022-07-26] (Dolby Laboratories)
Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2022-08-23] (0)
Extensión de vídeo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-07-26] (Microsoft Corporation)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2022-07-26] (INTEL CORP)
KONICA MINOLTA Print Experience -> C:\Program Files\WindowsApps\KONICAMINOLTAINC.KONICAMINOLTAPrintExperience_2.0.0.3_neutral__s63fsn2sety0r [2022-07-26] (KONICA MINOLTA INC)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.54.0_x64__5grkq8ppsgwt4 [2022-07-28] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2208.7.0_x64__k1h2ywk1493x8 [2022-08-24] (LENOVO INC.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2022-07-26] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-07-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-07-26] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7180.0_x64__8wekyb3d8bbwe [2022-08-01] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-07-26] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.10.216.0_x64__dt26b99r8h8gj [2022-07-26] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0 [2022-08-08] (Spotify AB) [Startup Task]

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-2628076097-899198543-139089765-1001_Classes\CLSID\{2B663ECE-5770-491c-A474-F98603C40681}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-2628076097-899198543-139089765-1001_Classes\CLSID\{2B93DB32-8D98-4438-93B5-5C2CC3441999}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-2628076097-899198543-139089765-1001_Classes\CLSID\{74562BED-63D6-4234-A386-937DB6FA38AE}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-2628076097-899198543-139089765-1001_Classes\CLSID\{7C90F737-950A-49eb-B6C1-EE1744C75E97}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-2628076097-899198543-139089765-1001_Classes\CLSID\{868D9612-74A1-405b-9758-369138103193}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-2628076097-899198543-139089765-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2628076097-899198543-139089765-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2628076097-899198543-139089765-1001_Classes\CLSID\{BB9F1D04-94AB-40b7-ABAE-33D2637F6340}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-2628076097-899198543-139089765-1001_Classes\CLSID\{CC3BE603-926A-40ae-9570-4258474F0364}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-2628076097-899198543-139089765-1001_Classes\CLSID\{DD0B2199-F2FD-41eb-B744-B06B100B9A43}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-2628076097-899198543-139089765-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2018\es-ES\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2628076097-899198543-139089765-1001_Classes\CLSID\{F5756047-E218-465a-AC4C-FD04238C4896}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-2628076097-899198543-139089765-1001_Classes\CLSID\{F9748CB6-1CCB-4557-905E-8D42C83AAEB6}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-2628076097-899198543-139089765-1001_Classes\CLSID\{FC072C1A-25CB-49e7-8F79-F2A8B8C3289D}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\62.0.1.0\drivefsext.dll [2022-07-28] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\62.0.1.0\drivefsext.dll [2022-07-28] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\62.0.1.0\drivefsext.dll [2022-07-28] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\62.0.1.0\drivefsext.dll [2022-07-28] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2022-08-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\62.0.1.0\drivefsext.dll [2022-07-28] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2020-11-12] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\62.0.1.0\drivefsext.dll [2022-07-28] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\62.0.1.0\drivefsext.dll [2022-07-28] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_f9cd2639d2c9e4c9\nvshext.dll [2021-05-13] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2022-08-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\34653\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Fotocasa.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=ggjoifnbhpidaebcgpibnefdfieanjka
ShortcutWithArgument: C:\Users\34653\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Telegram Web.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=aeejceomnhmjmeacdckmmopfaigimnkl

==================== Módulos cargados (Lista blanca) =============

2019-12-03 00:29 - 2019-12-03 00:29 - 000010240 _____ () [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\es_es\acrotray.esp
2021-09-09 07:16 - 2021-09-09 07:16 - 000021504 _____ (Adobe Systems Inc.) [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\es_es\Acrobat Elements\ContextMenuShim64.esp
2017-03-02 15:19 - 2017-03-02 15:19 - 000310272 ____N (easyhook.codeplex.com) [Archivo no firmado] C:\Program Files\Common Files\Dolby\DAX3\RADARHOST\EasyHook64.dll
2020-05-12 19:55 - 2020-05-12 19:55 - 000116736 _____ (pdfforge GmbH) [Archivo no firmado] C:\WINDOWS\System32\pdfcmon.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

==================== Asociación (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado.)

HKU\S-1-5-21-2628076097-899198543-139089765-1001\Software\Classes\.scr: AutoCADScriptFile => 

==================== Internet Explorer (Lista blanca) ==========

HKU\S-1-5-21-2628076097-899198543-139089765-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-2628076097-899198543-139089765-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-2628076097-899198543-139089765-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
HKU\S-1-5-21-2628076097-899198543-139089765-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-2628076097-899198543-139089765-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-2628076097-899198543-139089765-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
HKU\S-1-5-21-2628076097-899198543-139089765-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-2628076097-899198543-139089765-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-2628076097-899198543-139089765-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-12-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-12-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\ssv.dll [2022-07-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-12-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\jp2ssv.dll [2022-07-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-12-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-12-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-12-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2628076097-899198543-139089765-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2628076097-899198543-139089765-1002\...\localhost -> localhost

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2022-08-24 19:02 - 2022-08-24 19:02 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Common Files\Autodesk Shared\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\AutoFirma\AutoFirma
HKU\S-1-5-21-2628076097-899198543-139089765-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
HKU\S-1-5-21-2628076097-899198543-139089765-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
HKU\S-1-5-21-2628076097-899198543-139089765-1003\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [TCP Query User{8F1F7783-F2CC-4604-99AF-E2FE2FBDE43C}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{BE00F56D-EB86-4ECD-8FD0-006A7418848F}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )

==================== Puntos de Restauración =========================

24-08-2022 18:43:09 Restore Point Created by FRST

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (08/24/2022 09:00:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (08/24/2022 09:00:21 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (08/24/2022 06:43:09 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.


Operación:
   Recopilando datos del escritor

Contexto:
   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
   Nombre del escritor: System Writer
   Id. de instancia del escritor: {323939b3-153e-4730-bffd-e1ae02329bb4}

Error: (08/24/2022 06:30:14 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "C:\Users\34653\AppData\Local\Temp\IXP000.TMP\MFC80U.DLL".
No se encontró el ensamblado dependiente Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (08/24/2022 06:30:14 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "C:\Users\34653\AppData\Local\Temp\IXP000.TMP\MFC80U.DLL".
No se encontró el ensamblado dependiente Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (08/24/2022 06:30:14 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "C:\Users\34653\AppData\Local\Temp\IXP000.TMP\MFC80U.DLL".
No se encontró el ensamblado dependiente Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (08/24/2022 06:14:48 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.


Operación:
   Recopilando datos del escritor

Contexto:
   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
   Nombre del escritor: System Writer
   Id. de instancia del escritor: {1144f973-f365-4038-a6cf-17cae426e8cd}

Error: (08/23/2022 05:50:48 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]


Errores del sistema:
=============
Error: (08/25/2022 01:25:48 PM) (Source: DCOM) (EventID: 10001) (User: LAPTOP-FIHAUTJ7)
Description: No se puede iniciar un servidor DCOM: {B165B4C7-D18D-4C23-B46C-380E219BA5B9} como No disponible/No disponible. Error 
"2147958016"
al iniciar este comando:
"C:\WINDOWS\SysWOW64\DllHost.exe" /Processid:{67233DFC-D70F-4D8E-A068-6877D86826BC}

Error: (08/25/2022 01:25:48 PM) (Source: DCOM) (EventID: 10001) (User: LAPTOP-FIHAUTJ7)
Description: No se puede iniciar un servidor DCOM: {8BAA20BD-6EE8-40B6-A512-8B2C8A1B2935} como No disponible/No disponible. Error 
"2147958016"
al iniciar este comando:
"C:\WINDOWS\SysWOW64\DllHost.exe" /Processid:{67233DFC-D70F-4D8E-A068-6877D86826BC}

Error: (08/25/2022 01:25:48 PM) (Source: DCOM) (EventID: 10001) (User: LAPTOP-FIHAUTJ7)
Description: No se puede iniciar un servidor DCOM: {646E22C5-CD0B-44CE-9570-82165CCDA505} como No disponible/No disponible. Error 
"2147958016"
al iniciar este comando:
"C:\WINDOWS\SysWOW64\DllHost.exe" /Processid:{67233DFC-D70F-4D8E-A068-6877D86826BC}

Error: (08/25/2022 01:25:48 PM) (Source: DCOM) (EventID: 10001) (User: LAPTOP-FIHAUTJ7)
Description: No se puede iniciar un servidor DCOM: {95C5E6AC-93FA-4234-8301-1B3D5424AA6B} como No disponible/No disponible. Error 
"2147958016"
al iniciar este comando:
"C:\WINDOWS\SysWOW64\DllHost.exe" /Processid:{67233DFC-D70F-4D8E-A068-6877D86826BC}

Error: (08/25/2022 01:25:48 PM) (Source: DCOM) (EventID: 10001) (User: LAPTOP-FIHAUTJ7)
Description: No se puede iniciar un servidor DCOM: {95C5E6AC-93FA-4234-8301-1B3D5424AA6B} como No disponible/No disponible. Error 
"2147958016"
al iniciar este comando:
"C:\WINDOWS\SysWOW64\DllHost.exe" /Processid:{67233DFC-D70F-4D8E-A068-6877D86826BC}

Error: (08/25/2022 01:25:41 PM) (Source: DCOM) (EventID: 10001) (User: LAPTOP-FIHAUTJ7)
Description: No se puede iniciar un servidor DCOM: {95C5E6AC-93FA-4234-8301-1B3D5424AA6B} como No disponible/No disponible. Error 
"2147958016"
al iniciar este comando:
"C:\WINDOWS\SysWOW64\DllHost.exe" /Processid:{67233DFC-D70F-4D8E-A068-6877D86826BC}

Error: (08/25/2022 01:24:51 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-FIHAUTJ7)
Description: El servidor {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (08/25/2022 01:22:52 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: El cierre anterior del sistema a las 13:12:22 del ‎25/‎08/‎2022 resultó inesperado.


Windows Defender:
================
Date: 2022-08-23 18:33:22
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Behavior:Win32/NotepadInject.SA&threatid=2147815654&enterprise=0
Nombre: Behavior:Win32/NotepadInject.SA
Id.: 2147815654
Gravedad: Grave
Categoría: Comportamiento sospechoso
Ruta de acceso: behavior:_pid:13172:528538009967648; process:_pid:13172,ProcessStart:133057460020807827
Origen de detección: Desconocido
Tipo de detección: Concreto
Origen de detección: Desconocido
Usuario: 
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.373.834.0, AS: 1.373.834.0, NIS: 1.373.834.0
Versión de motor: AM: 1.1.19500.2, NIS: 1.1.19500.2

Date: 2022-08-23 17:50:01
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Behavior:Win32/NotepadInject.SA&threatid=2147815654&enterprise=0
Nombre: Behavior:Win32/NotepadInject.SA
Id.: 2147815654
Gravedad: Grave
Categoría: Comportamiento sospechoso
Ruta de acceso: behavior:_pid:8796:528538009967648; process:_pid:8796,ProcessStart:133057434009700858
Origen de detección: Desconocido
Tipo de detección: Concreto
Origen de detección: Desconocido
Usuario: 
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.373.834.0, AS: 1.373.834.0, NIS: 1.373.834.0
Versión de motor: AM: 1.1.19500.2, NIS: 1.1.19500.2

Date: 2022-08-23 17:47:10
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Behavior:Win32/NotepadInject.SA&threatid=2147815654&enterprise=0
Nombre: Behavior:Win32/NotepadInject.SA
Id.: 2147815654
Gravedad: Grave
Categoría: Comportamiento sospechoso
Ruta de acceso: behavior:_pid:5332:528538009967648; process:_pid:5332,ProcessStart:133057432290705219
Origen de detección: Desconocido
Tipo de detección: Concreto
Origen de detección: Desconocido
Usuario: 
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.373.834.0, AS: 1.373.834.0, NIS: 1.373.834.0
Versión de motor: AM: 1.1.19500.2, NIS: 1.1.19500.2

Date: 2022-08-23 17:46:18
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Behavior:Win32/NotepadInject.SA&threatid=2147815654&enterprise=0
Nombre: Behavior:Win32/NotepadInject.SA
Id.: 2147815654
Gravedad: Grave
Categoría: Comportamiento sospechoso
Ruta de acceso: behavior:_pid:12716:528538009967648; process:_pid:12716,ProcessStart:133057431771437881
Origen de detección: Desconocido
Tipo de detección: Concreto
Origen de detección: Desconocido
Usuario: 
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.373.834.0, AS: 1.373.834.0, NIS: 1.373.834.0
Versión de motor: AM: 1.1.19500.2, NIS: 1.1.19500.2

Date: 2022-08-23 08:30:23
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Behavior:Win32/NotepadInject.SA&threatid=2147815654&enterprise=0
Nombre: Behavior:Win32/NotepadInject.SA
Id.: 2147815654
Gravedad: Grave
Categoría: Comportamiento sospechoso
Ruta de acceso: behavior:_pid:11320:528538009967648; process:_pid:11320,ProcessStart:133057098229541456
Origen de detección: Desconocido
Tipo de detección: Concreto
Origen de detección: Desconocido
Usuario: 
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.373.834.0, AS: 1.373.834.0, NIS: 1.373.834.0
Versión de motor: AM: 1.1.19500.2, NIS: 1.1.19500.2
Event[0]

Date: 2022-08-21 18:50:36
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.373.188.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.19500.2
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2022-08-21 18:50:36
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.373.188.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.19500.2
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2022-08-21 18:50:36
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.373.188.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.19500.2
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2022-08-21 18:50:36
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.373.188.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.19500.2
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2022-08-21 18:50:36
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.373.188.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.19500.2
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

CodeIntegrity:
===============
Date: 2022-08-25 11:39:43
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-08-05 07:43:10
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Información de la memoria =========================== 

BIOS: LENOVO BHCN42WW 05/21/2021
Placa base: LENOVO LNVNB161216
Procesador: Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz
Porcentaje de memoria en uso: 28%
RAM física total: 16303.24 MB
RAM física disponible: 11576.63 MB
Virtual total: 18735.24 MB
Virtual disponible: 11373.55 MB

==================== Unidades ================================

Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:276.77 GB) (Model: Micron MTFDHBA512TCK) NTFS

\\?\Volume{4f7bb271-2cf0-4a50-9606-0a32bee72d1c}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.49 GB) NTFS
\\?\Volume{b91515b7-1785-4378-9393-841b2f8e4277}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 8EFAA34C)

Partition: GPT.

==================== Final de Addition.txt =======================

Ufff @Soyban, pues si pesa tanto, mejor adjúntalo como fichero.

Si no te deja, pues pones solo la parte de la corrección de las entradas y omites la parte de solo listado de:

Folder: C:\Users\34653\Desktop\Trojjj
Folder: C:\testintel3
Folder: C:\@RestoreQuarantine
Folder: C:\Dist
Folder: C:\Users\34660
Folder: C:\Users\34653
Folder: C:\Program Files (x86)\Auropro4
Folder: C:\Program Files (x86)\Advanced System Repair Pro 1.9.8.3.0
File: C:\WINDOWS\system32\SPITDevMft64.dll;C:\WINDOWS\system32\pnpdiag.dll;C:\testintel3\autoit.exe;C:\Windows\System32\dolbyaposvc\DAX3API.exe;C:\Program Files\Common Files\Dolby\DAX3\RADARHOST\DSRHost.exe;C:\Program Files\SafeExamBrowser\Service\SafeExamBrowser.Service.exe
VirusTotal: C:\WINDOWS\system32\SPITDevMft64.dll;C:\WINDOWS\system32\pnpdiag.dll;C:\testintel3\autoit.exe;C:\Windows\System32\dolbyaposvc\DAX3API.exe;C:\Program Files\Common Files\Dolby\DAX3\RADARHOST\DSRHost.exe;C:\Program Files\SafeExamBrowser\Service\SafeExamBrowser.Service.exe

Salu2.

Fixlog fixlog partes - copia (4).txt (1,1 MB) fixlog partes - copia (5).txt (971,8 KB) fixlog partes - copia (1).txt (864,9 KB) fixlog partes - copia (2).txt (913,1 KB) fixlog partes - copia (3).txt (886,1 KB)

Fixlog2 fixlog partes - copia (9).txt (871,7 KB) fixlog partes - copia (10).txt (1,0 MB) fixlog partes - copia (6).txt (739,9 KB) fixlog partes - copia (7).txt (833,2 KB) fixlog partes - copia (8).txt (825,2 KB)

Fixlog3 fixlog partes - copia (13).txt (814,7 KB) fixlog partes - copia (14).txt (798,9 KB) fixlog partes - copia (15).txt (721,3 KB) fixlog partes - copia (11).txt (790,6 KB) fixlog partes - copia (12).txt (668,5 KB)

Fixlog4 fixlog partes - copia (17).txt (656,8 KB) fixlog partes - copia (18).txt (684,4 KB) fixlog partes - copia (19).txt (732,5 KB) fixlog partes - copia (20).txt (797,8 KB) fixlog partes - copia (16).txt (712,2 KB)

Fixlog5 fixlog partes - copia (22).txt (783,0 KB) fixlog partes - copia (23).txt (806,0 KB) fixlog partes - copia (24).txt (871,4 KB) fixlog partes - copia (25).txt (891,5 KB) fixlog partes - copia (21).txt (816,2 KB)

Fixlog6 fixlog partes - copia (26).txt (689,5 KB) fixlog partes - copia (27).txt (276,7 KB)