Fui infectado con esto Trojan:Script/Oneeva.A!ml Trojan:Win32/AgentTesla!ml

hoy prendi mi pc y windows defender me detector un malware(Trojan:Win32/AgentTesla!ml) el cual intente quitar y no pude y aparecia cada vez que hacia un examen, luego windows defender lo pudo quitar, pero mientras hacia otro examen aparecio este(Trojan:Script/Oneeva.A!ml) tambien le puse quitar y desaparecio, despues busque en el historial de proteccion y me poni correccion incompleta, aunque ahora windows defender me dice que no hay problema, mi duda es si se habra eliminado el malware o aun lo tengo en el sistema. espero su respuesta y gracias de antemano. saludos

Hola @Miguel_Briceno y bienvenido al foro

Te dejo algunos temas de interés y utilidad:

Bueno vamos a revisar un poco entonces:

:white_check_mark: Descarga y ejecuta Malwarebytes siguiendo el siguiente manual y has un análisis Personalizado. En el manual hay un apartado que indica como se configura:

  • Ten en cuenta que como indica el manual tendrías que presionar sobre Analizador y no sobre Analizar.
  • Revisa el manual con atención para evitar que hagas un análisis de amenazas

Te dejo algunos temas adicionales para que sepas como traernos el reporte:

Nos traerías este reporte, así como cualquier comentario.

Saludos

hice tambien un analisis con windows defender y no me aparecia nada. gracias por la ayuda

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 25/2/22
Hora del análisis: 20:49
Archivo de registro: 84d2ee68-9695-11ec-81cf-fc34970012fa.json

-Información del software-
Versión: 4.5.4.168
Versión de los componentes: 1.0.1599
Versión del paquete de actualización: 1.0.51649
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 19044.1526)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-QUCNTF5\magno

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 591851
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 28 min, 54 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Hola nuevamente,

Me parece que esta bien. Pero si gustas una confirmación más puedes realizar un escaneo Personalizadocon Eset. Nos traerías su reporte, te dejo su manual:

Si este no encuentra nada podríamos considerar que está limpio el equipo, muy a menos que notes algún problema con el equipo. Ya si encuentra algo sería cuestión que vieramos que encuentra.

Saludos

antes ya había hecho un análisis de amenazas con malwerbytes y tampoco tenia nada pero luego de unas horas me volvió a saltar el Windows defender con una amenaza entonces nose si quede algo todavía

Hola nuevamente,

Bueno como te volvió a saltar has el escaneo con Eset. Dependiendo de si encuentra algo veríamos como proseguir.

Saludos

23:46:54 CmlLineScanner cannot load dll:C:\Users\magno\AppData\Local\ESET\ESETOnlineScanner\esets_apiW No se puede encontrar el módulo especificado.

23:46:56 # product=EOS
# version=8
# ESETOnlineScanner.exe=3.6.6.0
# EOSSerial=
# end=init
# country="Chile"
# lang=13322
23:47:25 Updating
23:47:25 Update Init
23:47:27 Update Download
23:53:42 esets_scanner_reload returned 0
23:53:42 g_uiModuleBuild: 52628
23:53:42 Update Finalize
23:53:42 Call m_esets_charon_send
23:53:42 Call m_esets_charon_destroy
23:53:43 Updated modules version: 52628
23:53:52 Call m_esets_charon_setup_create
23:53:52 Call m_esets_charon_create
23:53:52 m_esets_charon_create OK
23:53:52 Call m_esets_charon_start_send_thread
23:53:52 Call m_esets_charon_setup_set
23:53:52 m_esets_charon_setup_set OK
23:53:52 Scanner engine: 52628
00:37:27 Call m_esets_charon_send
00:37:27 Call m_esets_charon_destroy
22:41:14 # product=EOS
# version=8
# ESETOnlineScanner.exe=3.6.6.0
# EOSSerial=e2cefcfc49c69942a1ea9626d9c1beb8
# end=init
# country="Chile"
# lang=13322
22:43:06 Updating
22:43:06 Update Init
22:43:16 Update Download
22:43:40 esets_scanner_reload returned 0
22:43:40 g_uiModuleBuild: 52640
22:43:40 Update Finalize
22:43:40 Call m_esets_charon_send
22:43:40 Call m_esets_charon_destroy
22:43:41 Updated modules version: 52640
22:43:50 Call m_esets_charon_setup_create
22:43:50 Call m_esets_charon_create
22:43:50 m_esets_charon_create OK
22:43:50 Call m_esets_charon_start_send_thread
22:43:50 Call m_esets_charon_setup_set
22:43:50 m_esets_charon_setup_set OK
22:43:50 Scanner engine: 52640
23:51:17 Call m_esets_charon_send
23:51:17 Call m_esets_charon_destroy
23:52:14 # product=EOS
# version=8
# ESETOnlineScanner.exe=3.6.6.0
# EOSSerial=e2cefcfc49c69942a1ea9626d9c1beb8
# end=init
# country="Chile"
# lang=13322

me salto denuevo la alerta del windows defender mientras hacia el examen del eset

Hola nuevamente,

Podría ser un falso positivo o algo más. Si te parece vamos a revisar a fondo para estar seguros:

:one: Descarga y ejecuta Argente registry cleaner: de cualquiera de los siguientes links:

Argente Registry Cleaner - Versión completa

Argente Registry Cleaner - Versión portable

Si al ejecutar te pregunta sobre activar el mantenimiento automático dile que NO. Después has que busque y repare todos los errores que encuentre.

:two: Revisa el siguiente manual a detalle y ejecuta FRST:

  • No olvides ejecutarlo desde el escritorio.
  • Presta especial atención a las instrucciones de como pegar el reporte.

Nos traerías los reportes de FRST: Frst.txt y Adition.txt.

Saludos

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 24-02-2022
Ejecutado por magno (administrador) sobre DESKTOP-QUCNTF5 (ASUSTeK COMPUTER INC. ASUS TUF Gaming A15 FA506QM) (26-02-2022 14:54:58)
Ejecutado desde C:\Users\magno\Desktop
Perfiles cargados: magno
Plataforma: Microsoft Windows 10 Home Single Language Versión 21H2 19044.1526 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSOptimization\AsusOSD.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\DenoiseAIPlugin\ArmouryCrate.DenoiseAI.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCopyAccelerator.exe
(DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(DriverStore\FileRepository\u0363046.inf_amd64_d6f0080b527c99b5\B362912\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0363046.inf_amd64_d6f0080b527c99b5\B362912\atieclxx.exe
(explorer.exe ->) (Charles Milette) C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2021.5.0.0_x64__v826wp6bftszj\TranslucentTB.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <10>
(explorer.exe ->) (Skutta, Kristjan -> ) C:\Users\magno\Downloads\wallpaper_engine\wallpaper32.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0363046.inf_amd64_d6f0080b527c99b5\B362912\atiesrxx.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSLinkRemote\AsusLinkRemote.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSLinkNear\AsusLinkNear.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(services.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Famatech Corp. -> Famatech Corp.) C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.62.18001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.62.18001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_2845149b505e4dbf\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <2>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC.) C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.0.11.0_x64__qmba6cd70vzyy\ArmouryCrate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
Error al acceder al proceso -> SgrmBroker.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3183328 2021-11-29] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [ASUS Smart Display Control] => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [147632 2021-11-17] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [RadminVPN] => C:\Program Files (x86)\Radmin VPN\RvRvpnGui.exe [2109824 2021-12-20] (Famatech Corp. -> Famatech Corp.)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [122427152 2021-07-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2612600 2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33650656 2022-02-16] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1087376 2022-01-16] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\Run: [WallpaperEngine] => C:\Users\magno\Downloads\wallpaper_engine\wallpaper32.exe [2703520 2021-12-13] (Skutta, Kristjan -> )
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4268456 2022-01-16] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\Run: [Discord] => C:\Users\magno\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3146936 2022-01-25] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\magno\AppData\Local\Microsoft\Teams\Update.exe [2454240 2022-02-02] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3523704 2022-01-17] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3523704 2022-01-17] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\98.0.4758.102\Installer\chrmstp.exe [2022-02-16] (Google LLC -> Google LLC)

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {08D88DA5-393C-4DA9-A05F-8D0AAC8F2E85} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {0A734096-1865-4392-9338-6ED0933CE7A3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0D1F43B7-DB0A-4BAD-ABDE-DA7D568EFCEF} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-702135205-795972572-1049269027-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4078456 2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {15DCCE86-D1E2-4AAB-995B-F84CD0F57D33} - System32\Tasks\ASUSSmartDisplayControl => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [147632 2021-11-17] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {16836401-9527-4003-92D3-418C0A7A2018} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {2318AD67-B560-4730-AB5D-109FB68A58D7} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341312 2021-12-09] (Nvidia Corporation -> NVIDIA Corporation)
Task: {257F0619-1C88-4F6C-B27E-D203B6683D61} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21864408 2022-01-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {274D6345-10C9-4673-9378-06667E426ADD} - System32\Tasks\ASUS Update Checker 2.0 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSoftwareManager\AsusUpdateChecker.exe [759952 2022-01-08] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {3DD5E138-E399-46BB-BFF1-FEF779AAE834} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {46342E25-4082-4EF2-A5F2-1F335BF40EDF} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-11-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {4B3247D5-D982-474A-BDA8-8E85EDE5B2B0} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4BB5DEE4-1B42-488B-AC6E-944429F2602E} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4078456 2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {4DB98FF5-CBDF-4D90-8BF3-4A839FE1BDBE} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {5E17B6C8-6296-42F0-BE6C-1EC7F9FE2D24} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [2245560 2021-11-26] (ASUSTeK Computer Inc. -> ASUS)
Task: {6A55FC8C-2769-4622-97A7-9F99727F8ACE} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [114952 2021-11-26] (ASUSTeK Computer Inc. -> ASUS)
Task: {6C4BCB32-C023-42CE-8E25-0E3DC24B768F} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\RtkAudUService64.exe [1138976 2020-08-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {6EBB6320-6F0A-4A03-B88C-177A2A369406} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6FBC7744-B5D1-4571-B403-4863827781B6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {70C9A5C4-B6AB-42F2-9FC6-31E45D07986E} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [158224 2022-01-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {7499EE91-1DF8-4D89-A37C-75E943579CF0} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (Ningún archivo)
Task: {7ACA2A9F-A7BB-4FAF-ABA1-4E52082A571E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7053720 2022-01-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {80FB4728-AC65-41D8-B228-0070F827DA92} - System32\Tasks\MicrosoftEdgeShadowStackRollbackTask => C:\Program Files (x86)\Microsoft\Edge\Application\98.0.1108.62\Installer\setup.exe [3195784 2022-02-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {9BFD1613-1437-40F6-8B4F-CE95C89C0AAA} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSOptimization\AsusHotkey.exe [238736 2022-01-08] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {A07D0C39-B6D8-4471-AC2A-DA9F9DEF39E5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141184 2022-02-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {A66E1BC8-A7F0-48D5-95AA-0E0332897475} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B3850900-32DC-4BB1-8660-7A149448F6DF} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [44733352 2021-11-01] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {B3A8E009-7C71-4321-896B-B548D1C31077} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSystemAnalysis\AsusSystemAnalysis.exe [3042448 2022-01-08] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {B415EC3D-49EB-4C06-8CF2-490A9B09D28E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-01-16] (Google LLC -> Google LLC)
Task: {B681E1B9-70D6-467C-8D03-3AB780A82AFD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7053720 2022-01-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {C00B165B-6654-448A-8185-72F5D8A07355} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21864408 2022-01-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {C8DC05BA-A4A4-4486-94CD-A7DF3A4314D8} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141184 2022-02-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE2A638E-2CF2-45D8-A951-AFF01E57D84A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649216 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {EEBECF91-07B4-4903-B9DC-A97447785ECF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F46D79FE-D51A-4A4D-987E-2AB0159A5380} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d80b245211e7b8 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [158224 2022-01-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {F763CE9C-DA9C-423B-BFBE-44FA0E475E7F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-01-16] (Google LLC -> Google LLC)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{5c036c22-6870-4fe7-8f90-c4153fd86744}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{e00072de-dcbc-4250-a903-df5d4c44611e}: [DhcpNameServer] 192.168.1.1

Edge: 
=======
Edge Profile: C:\Users\magno\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-16]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-01-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-01-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-01-30] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR Profile: C:\Users\magno\AppData\Local\Google\Chrome\User Data\Default [2022-02-26]
CHR Notifications: Default -> hxxps://forospyware.com
CHR Extension: (Presentaciones) - C:\Users\magno\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-01-16]
CHR Extension: (Documentos) - C:\Users\magno\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2022-01-16]
CHR Extension: (Google Drive) - C:\Users\magno\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-01-16]
CHR Extension: (YouTube) - C:\Users\magno\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-01-16]
CHR Extension: (Hojas de cálculo) - C:\Users\magno\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-01-16]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\magno\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-17]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\magno\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-16]
CHR Extension: (Gmail) - C:\Users\magno\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-01-16]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S2 ArmouryCrateControlInterface; C:\WINDOWS\System32\ASUSACCI\ArmouryCrateControlInterface.exe [1176720 2021-11-23] (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe [349408 2021-12-01] (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [158224 2022-01-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusAppService; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\AsusAppService\AsusAppService.exe [870584 2022-01-08] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [179488 2021-09-16] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
R2 ASUSLinkNear; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSLinkNear\AsusLinkNear.exe [1330360 2022-01-08] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSLinkRemote\AsusLinkRemote.exe [762032 2022-01-08] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [158224 2022-01-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSOptimization\AsusOptimization.exe [346256 2022-01-08] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [591176 2022-01-16] (ASUSTeK Computer Inc. -> )
R2 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSoftwareManager\AsusSoftwareManager.exe [1038992 2022-01-08] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSwitch\AsusSwitch.exe [601216 2022-01-08] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSystemAnalysis\AsusSystemAnalysis.exe [3042448 2022-01-08] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [655768 2022-01-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8903520 2022-01-18] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9193944 2022-01-06] (Microsoft Corporation -> Microsoft Corporation)
R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [201376 2020-10-18] (DTS, Inc. -> DTS Inc.)
S2 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [10554008 2022-02-24] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812520 2022-02-08] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-10-01] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncHelper.exe [3373432 2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [3683496 2021-11-24] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7997112 2022-02-25] (Malwarebytes Inc -> Malwarebytes)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.012.0117.0003\OneDriveUpdaterService.exe [3842456 2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2562776 2022-01-25] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3481312 2022-01-25] (Electronic Arts, Inc. -> Electronic Arts)
S2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2022-02-22] (Even Balance, Inc. -> )
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-11-16] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [296568 2022-01-17] (Razer USA Ltd. -> Razer Inc.)
R2 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [6101680 2021-12-17] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R2 RvControlSvc; C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe [1058688 2021-12-20] (Famatech Corp. -> Famatech Corp.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533824 2021-10-21] (Razer USA Ltd. -> Razer Inc.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10429808 2021-11-29] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe [2909208 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe [128376 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_2845149b505e4dbf\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_2845149b505e4dbf\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [41376 2021-07-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [43192 2021-09-16] (ASUSTeK Computer Inc. -> )
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [112848 2020-09-27] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSystemAnalysis\AsusSAIO.sys [35984 2022-01-08] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSOptimization\AsusWmiAcpi.sys [45264 2022-01-08] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S3 atvi-brynhildr; C:\ProgramData\Battle.net_components\brynhildr_odin\brynhildr.sys [2355952 2022-02-15] (Activision Publishing Inc -> Activision Blizzard, Inc.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-18] (ASUSTek Computer Inc. -> ASUS)
R3 IGO_VSD; C:\WINDOWS\system32\drivers\igovsd.sys [42344 2021-07-05] (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-02-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-02-25] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsl7e77f2bd; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4542ADFB-4C24-43EB-B5B0-39EA5219CB48}\MpKslDrv.sys [135440 2022-02-25] (Microsoft Windows -> Microsoft Corporation)
R3 MTKBTFilterx64; C:\WINDOWS\system32\DRIVERS\mtkbtfilterx.sys [276224 2021-07-05] (MEDIATEK INC. -> MediaTek Inc.)
R3 mtkwlex; C:\WINDOWS\System32\drivers\mtkwl6ex.sys [1381288 2021-10-13] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
S3 nvpcf; C:\WINDOWS\System32\drivers\nvpcf.sys [230832 2022-01-10] (Nvidia Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R3 R0RazerSynapseService; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.sys [14544 2022-02-24] (Noriyuki MIYAZAKI -> OpenLibSys.org)
R3 RvNetMP60; C:\WINDOWS\System32\drivers\RvNetMP60.sys [69048 2021-12-20] (Famatech Corp. -> Famatech Corp.)
S3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [54632 2021-03-30] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_008a; C:\WINDOWS\System32\drivers\RzDev_008a.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8480608 2021-11-29] (Riot Games, Inc. -> Riot Games, Inc.)
R1 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [165744 2020-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2022-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [438520 2022-02-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-02-10] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2022-02-26 14:54 - 2022-02-26 14:55 - 000034403 _____ C:\Users\magno\Desktop\FRST.txt
2022-02-26 14:54 - 2022-02-26 14:55 - 000000000 ____D C:\FRST
2022-02-26 14:52 - 2022-02-26 14:52 - 002312192 _____ (Farbar) C:\Users\magno\Desktop\FRST64.exe
2022-02-26 14:36 - 2022-02-26 14:38 - 000000000 ____D C:\Program Files\Argente - Registry Cleaner
2022-02-26 14:36 - 2022-02-26 14:36 - 000000986 _____ C:\Users\Public\Desktop\Argente - Registry Cleaner.lnk
2022-02-26 14:36 - 2022-02-26 14:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Argente - Registry Cleaner
2022-02-26 14:34 - 2022-02-26 14:35 - 005404387 _____ (Raúl Argente ) C:\Users\magno\Downloads\ARegClean-old.exe
2022-02-26 14:30 - 2022-02-26 14:55 - 000000000 ____D C:\WINDOWS\SysWOW64\lock.lock
2022-02-25 20:45 - 2022-02-25 20:45 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-02-25 20:45 - 2022-02-25 20:45 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-02-25 20:45 - 2022-02-25 20:45 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-02-25 20:44 - 2022-02-25 20:44 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-02-25 20:44 - 2022-02-25 20:44 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-02-25 20:43 - 2022-02-25 20:43 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-02-24 23:47 - 2022-02-25 23:52 - 000001274 _____ C:\Users\magno\Desktop\ESET Online Scanner.lnk
2022-02-24 23:46 - 2022-02-25 23:52 - 000001380 _____ C:\Users\magno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-02-24 23:46 - 2022-02-24 23:46 - 015274968 _____ (ESET) C:\Users\magno\Downloads\esetonlinescanner.exe
2022-02-24 23:46 - 2022-02-24 23:46 - 000000000 ____D C:\Users\magno\AppData\Local\ESET
2022-02-24 23:18 - 2022-02-24 23:18 - 000000000 ____D C:\Users\magno\AppData\Local\mbam
2022-02-24 23:15 - 2022-02-25 20:43 - 000000000 ____D C:\Program Files\Malwarebytes
2022-02-24 23:15 - 2022-02-24 23:15 - 002419896 _____ (Malwarebytes) C:\Users\magno\Downloads\MBSetup.exe
2022-02-24 20:09 - 2022-02-24 20:16 - 000000000 ____D C:\WINDOWS\pss
2022-02-24 18:46 - 2022-02-24 18:46 - 000000000 ___HD C:\$WinREAgent
2022-02-24 18:44 - 2022-02-24 18:44 - 003629536 _____ (AVG Technologies CZ) C:\Users\magno\Downloads\avg_remover_neshta.exe
2022-02-24 14:32 - 2022-02-24 14:32 - 000000000 ____D C:\Program Files\UNP
2022-02-24 14:10 - 2022-02-24 20:16 - 101974016 _____ C:\WINDOWS\system32\config\SOFTWARE
2022-02-24 14:09 - 2022-02-24 14:10 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2022-02-22 21:18 - 2022-02-24 17:14 - 000281688 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2022-02-22 21:18 - 2022-02-22 21:18 - 000000000 ____D C:\Users\magno\AppData\Local\PunkBuster
2022-02-22 21:17 - 2022-02-24 17:14 - 000281688 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2022-02-22 21:17 - 2022-02-23 23:14 - 000281688 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2022-02-22 21:17 - 2022-02-22 21:17 - 000076888 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2022-02-16 00:28 - 2022-02-16 00:28 - 000001074 _____ C:\Users\Public\Desktop\Call of Duty Modern Warfare.lnk
2022-02-16 00:28 - 2022-02-16 00:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Modern Warfare
2022-02-15 16:57 - 2022-02-15 16:57 - 000000000 ____D C:\Users\magno\AppData\Local\Haze1
2022-02-15 16:52 - 2022-02-15 16:52 - 000001510 _____ C:\Users\Public\Desktop\A Way Out.lnk
2022-02-15 16:48 - 2022-02-15 16:48 - 000000000 ____D C:\Users\magno\AppData\LocalLow\Curve Digital
2022-02-15 16:10 - 2022-02-15 16:10 - 000001722 _____ C:\Users\magno\Desktop\DS4Windows - Acceso directo.lnk
2022-02-13 19:04 - 2022-02-13 19:04 - 004936633 _____ C:\Users\magno\Downloads\12 Reglas para Vivir - Un antídoto al caos ( PDFDrive ).pdf
2022-02-13 19:02 - 2022-02-24 18:07 - 000000000 ____D C:\Users\magno\AppData\Local\Amazon
2022-02-13 19:02 - 2022-02-22 20:16 - 000000000 ____D C:\Users\magno\Documents\My Kindle Content
2022-02-13 19:01 - 2022-02-13 19:01 - 061115536 _____ (Amazon.com) C:\Users\magno\Downloads\KindleForPC-installer-1.34.63103.exe
2022-02-12 18:48 - 2022-02-12 18:48 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-02-08 02:13 - 2022-02-08 02:13 - 000000000 ____D C:\Users\magno\AppData\Local\RogueCompany
2022-02-06 00:11 - 2022-02-06 00:11 - 000000000 ____D C:\Users\magno\AppData\Roaming\Synapse3
2022-02-06 00:11 - 2022-02-06 00:11 - 000000000 ____D C:\Users\magno\AppData\Local\Razer
2022-02-06 00:11 - 2022-02-06 00:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2022-02-02 21:26 - 2022-02-24 17:32 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-02-02 09:00 - 2022-02-02 09:00 - 000002366 _____ C:\Users\magno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2022-02-02 09:00 - 2022-02-02 09:00 - 000000000 ____D C:\Users\magno\AppData\Roaming\Teams
2022-01-30 18:55 - 2022-02-17 00:40 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-01-30 18:55 - 2022-02-17 00:40 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-30 18:55 - 2022-01-30 18:55 - 000000000 ___SD C:\Users\magno\Documents\Mis formas
2022-01-30 18:55 - 2022-01-30 18:55 - 000000000 ___RD C:\Users\Default\OneDrive
2022-01-30 18:55 - 2022-01-30 18:55 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2022-01-30 18:55 - 2022-01-30 18:55 - 000000000 ____D C:\Program Files (x86)\Teams Installer
2022-01-30 18:54 - 2022-02-10 16:53 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2022-01-30 18:54 - 2022-02-10 16:53 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2022-01-30 18:54 - 2022-02-06 00:11 - 000002472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2022-01-30 18:54 - 2022-02-06 00:11 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2022-01-30 18:54 - 2022-02-06 00:11 - 000002403 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2022-01-30 18:54 - 2022-01-30 18:54 - 000002540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Empresarial.lnk
2022-01-30 18:54 - 2022-01-30 18:54 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project.lnk
2022-01-30 18:54 - 2022-01-30 18:54 - 000002491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2022-01-30 18:54 - 2022-01-30 18:54 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio.lnk
2022-01-30 18:54 - 2022-01-30 18:54 - 000002399 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2022-01-30 18:54 - 2022-01-30 18:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office
2022-01-30 18:53 - 2022-02-14 20:42 - 000000000 ____D C:\Program Files\Microsoft Office
2022-01-30 18:53 - 2022-01-30 18:53 - 000000000 ____D C:\Program Files\Microsoft Office 15
2022-01-30 18:45 - 2022-01-30 18:45 - 014230214 _____ C:\Users\magno\Documents\Plan de nivelación 2022.pptx
2022-01-27 20:39 - 2022-01-27 20:39 - 000000000 ____D C:\Users\magno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-01-27 20:38 - 2022-01-27 20:39 - 000000000 ____D C:\Users\magno\AppData\Roaming\Zoom
2022-01-27 14:52 - 2022-01-27 14:52 - 000000000 ____D C:\Users\magno\AppData\Local\DBG
2022-01-27 14:52 - 2022-01-27 14:52 - 000000000 ____D C:\Users\magno\AppData\Local\CrashReportClient
2022-01-27 14:44 - 2022-01-27 14:44 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-01-27 14:43 - 2022-01-27 14:43 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-01-27 14:43 - 2022-01-27 14:43 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2022-01-27 14:43 - 2022-01-27 14:43 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2022-02-26 14:54 - 2019-12-07 06:13 - 000000000 ____D C:\WINDOWS\INF
2022-02-26 14:39 - 2022-01-16 18:23 - 000000000 ____D C:\Program Files (x86)\Google
2022-02-26 14:39 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-26 14:37 - 2022-01-23 05:57 - 000003752 _____ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2022-02-26 14:33 - 2022-01-16 14:01 - 000000000 ____D C:\ProgramData\NVIDIA
2022-02-26 12:13 - 2022-01-16 14:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-25 22:04 - 2022-01-16 18:35 - 000000000 ____D C:\Users\magno\AppData\Local\Ubisoft Game Launcher
2022-02-25 21:36 - 2022-01-16 18:19 - 000000000 ____D C:\Users\magno\AppData\Local\D3DSCache
2022-02-25 21:07 - 2022-01-16 18:16 - 000004782 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeShadowStackRollbackTask
2022-02-25 21:07 - 2022-01-16 14:01 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-02-25 21:07 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-25 21:07 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-25 20:44 - 2019-12-07 06:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-02-25 01:20 - 2022-01-18 01:38 - 000000000 ____D C:\Users\magno\Downloads\DS4Windows
2022-02-25 01:20 - 2022-01-16 18:17 - 000000000 ____D C:\Users\magno
2022-02-25 00:29 - 2022-01-16 18:44 - 002236864 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-02-25 00:29 - 2022-01-16 18:44 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-02-25 00:28 - 2022-01-16 18:44 - 000337360 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-02-25 00:28 - 2022-01-16 18:44 - 000218576 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-02-25 00:28 - 2022-01-16 18:44 - 000198120 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-02-25 00:28 - 2022-01-16 18:44 - 000119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-02-25 00:28 - 2022-01-16 18:44 - 000062928 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-02-24 23:19 - 2022-01-17 19:22 - 000000000 ____D C:\Users\magno\AppData\Local\CrashDumps
2022-02-24 23:03 - 2022-01-16 23:38 - 000000000 ____D C:\Users\magno\AppData\Roaming\discord
2022-02-24 23:03 - 2022-01-16 18:59 - 000000000 ____D C:\Program Files (x86)\Call of Duty Modern Warfare
2022-02-24 23:03 - 2022-01-16 18:53 - 000000000 ____D C:\Users\magno\AppData\Local\Battle.net
2022-02-24 22:56 - 2022-01-16 23:38 - 000002229 _____ C:\Users\magno\Desktop\Discord.lnk
2022-02-24 22:56 - 2022-01-16 23:38 - 000000000 ____D C:\Users\magno\AppData\Local\Discord
2022-02-24 22:10 - 2022-01-16 18:10 - 001767126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-24 22:10 - 2019-12-07 11:55 - 000786280 _____ C:\WINDOWS\system32\perfh00A.dat
2022-02-24 22:10 - 2019-12-07 11:55 - 000153268 _____ C:\WINDOWS\system32\perfc00A.dat
2022-02-24 20:19 - 2022-01-16 19:11 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2022-02-24 20:17 - 2022-01-16 17:49 - 000000000 ____D C:\WINDOWS\system32\ASUSACCI
2022-02-24 20:16 - 2022-01-16 14:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-24 20:16 - 2022-01-05 22:08 - 000008192 ___SH C:\DumpStack.log.tmp
2022-02-24 20:16 - 2019-12-07 06:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-02-24 19:23 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-02-24 18:50 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-02-24 17:59 - 2022-01-18 01:40 - 000000000 ____D C:\Users\magno\AppData\Roaming\DS4Windows
2022-02-24 17:33 - 2022-01-16 19:19 - 000000000 ____D C:\Program Files (x86)\Steam
2022-02-24 17:32 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-02-24 17:27 - 2022-01-22 20:23 - 000000000 ____D C:\Users\magno\AppData\Local\ElevatedDiagnostics
2022-02-22 21:17 - 2022-01-16 23:29 - 000000000 ____D C:\Users\magno\Documents\My Games
2022-02-20 22:01 - 2022-01-16 18:19 - 000000000 ____D C:\Users\magno\AppData\Local\Packages
2022-02-20 20:49 - 2022-01-19 10:25 - 000000000 ____D C:\Program Files\EA Games
2022-02-20 11:46 - 2022-01-16 19:11 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-02-17 01:27 - 2022-01-19 10:41 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2022-02-16 23:40 - 2022-01-16 18:24 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-02-16 23:40 - 2022-01-16 18:24 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-02-15 23:19 - 2022-01-16 19:00 - 000000000 ____D C:\ProgramData\Battle.net_components
2022-02-15 16:57 - 2022-01-16 18:35 - 000000000 ____D C:\Users\magno\AppData\Local\UnrealEngine
2022-02-15 16:52 - 2022-01-16 18:36 - 000000000 ____D C:\ProgramData\Package Cache
2022-02-15 16:48 - 2022-01-16 18:19 - 000000000 ____D C:\ProgramData\Packages
2022-02-15 16:47 - 2022-01-18 01:09 - 000000000 ____D C:\Users\magno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-02-13 04:20 - 2022-01-16 19:11 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2022-02-13 04:20 - 2022-01-16 14:00 - 000438888 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-02-13 04:18 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-02-13 04:18 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-02-13 04:18 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\servicing
2022-02-11 16:53 - 2022-01-16 19:10 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-02-11 16:52 - 2022-01-16 19:10 - 149611728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-02-10 16:53 - 2022-01-16 18:34 - 000001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2022-02-10 16:53 - 2022-01-16 18:34 - 000000000 ____D C:\ProgramData\Riot Games
2022-02-10 16:52 - 2022-01-16 14:01 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-02-08 02:13 - 2022-01-25 17:08 - 000000000 ____D C:\Users\magno\AppData\Roaming\EasyAntiCheat
2022-02-06 13:27 - 2022-01-16 17:49 - 000000000 ____D C:\Program Files (x86)\Razer
2022-02-06 00:11 - 2022-01-16 14:01 - 000000000 ____D C:\ProgramData\Razer
2022-02-02 21:26 - 2022-01-16 18:20 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-702135205-795972572-1049269027-1001
2022-02-02 09:00 - 2022-01-16 23:38 - 000000000 ____D C:\Users\magno\AppData\Local\SquirrelTemp
2022-01-30 18:55 - 2022-01-16 18:20 - 000000000 ___RD C:\Users\magno\OneDrive
2022-01-30 18:55 - 2019-12-07 06:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-01-30 18:46 - 2022-01-16 18:21 - 000000000 ____D C:\Users\magno\AppData\Local\PlaceholderTileLogoFolder
2022-01-27 14:48 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-27 14:48 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-01-27 14:48 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-01-27 14:48 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-27 14:48 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-01-27 14:48 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-01-27 14:48 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-01-27 14:43 - 2022-01-16 18:06 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-01-27 14:38 - 2022-01-25 16:58 - 000000000 ____D C:\Users\magno\AppData\Roaming\Origin
2022-01-27 14:38 - 2022-01-19 10:27 - 000000000 ____D C:\ProgramData\Origin
2022-01-27 14:37 - 2022-01-19 10:25 - 000000000 ____D C:\Users\magno\AppData\Local\Origin

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 24-02-2022
Ejecutado por magno (26-02-2022 14:55:44)
Ejecutado desde C:\Users\magno\Desktop
Microsoft Windows 10 Home Single Language Versión 21H2 19044.1526 (X64) (2022-01-16 21:06:35)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================


(Si una entrada es incluida en el fixlist, será eliminada.)

Administrador (S-1-5-21-702135205-795972572-1049269027-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-702135205-795972572-1049269027-503 - Limited - Disabled)
Invitado (S-1-5-21-702135205-795972572-1049269027-501 - Limited - Disabled)
magno (S-1-5-21-702135205-795972572-1049269027-1001 - Administrator - Enabled) => C:\Users\magno
WDAGUtilityAccount (S-1-5-21-702135205-795972572-1049269027-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

A Way Out (HKLM-x32\...\{E8D752CF-2FCC-470D-B0C5-4BFC6F42ACCE}) (Version: 1.0.62.0 - Electronic Arts, Inc.)
AI Noise Cancelation Audio Software (HKLM-x32\...\{ab5f014e-883d-470d-bc2d-127ef91e5611}) (Version: 2.0.0 - ASUSTek Computer Inc.)
AI Noise Cancelation Audio Software SDK (HKLM\...\{1D93BFB8-E73B-453E-829C-147666048421}) (Version: 1.0.5 - ASUSTeK COMPUTER INC.)
Argente - Registry Cleaner 3.1.2.0 (HKLM\...\Argente - Registry Cleaner_is1) (Version: 3.1.2.0 - Raúl Argente)
ARMOURY CRATE Service (HKLM\...\{01378DC3-088F-4F55-AAFA-DC6A9CCA292A}) (Version: 5.0.8 - ASUS)
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.11 - ASUSTek COMPUTER INC.) Hidden
ASUS Framework Service (HKLM-x32\...\{e0ea7709-d842-438e-a773-12f05eeb1939}) (Version: 2.1.2.2 - ASUSTek COMPUTER INC.)
ASUS Framework Service (HKLM-x32\...\{EA6A87BE-8AD3-40D2-944C-9DF5FBFF4332}) (Version: 2.1.2.2 - ASUSTek COMPUTER INC.) Hidden
ASUS Smart Display Control (HKLM-x32\...\{8714A8D1-0F08-4681-9DF6-A8C4607A58B4}) (Version: 1.7.0 - ASUSTek COMPUTER INC.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.67 - ASUSTeK Computer Inc.) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.21 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.21 - ASUS)
AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.05.29 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{abff099e-96f5-4bf4-9c6e-6f435f9f6c55}) (Version: 3.05.29 - ASUSTeK Computer Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.0.185.5109 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{6ae4ab1b-c2da-47c4-9e89-ab7dbf7778cb}) (Version: 12.0.185.5109 - Electronic Arts)
Epic Games Launcher (HKLM-x32\...\{F4793223-C6D6-4B99-ACF2-75C066D278BC}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Far Cry 3 (HKLM-x32\...\Uplay Install 46) (Version:  - Ubisoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 98.0.4758.102 - Google LLC)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.5.4.168 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.4.168 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 98.0.1108.62 - Microsoft Corporation)
Microsoft Office LTSC Professional Plus 2021 - es-es (HKLM\...\ProPlus2021Volume - es-es) (Version: 16.0.14332.20238 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.012.0117.0003 - Microsoft Corporation)
Microsoft Project Profesional 2021 - es-es (HKLM\...\ProjectPro2021Volume - es-es) (Version: 16.0.14332.20238 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\Teams) (Version: 1.4.00.19572 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{16E50919-B07A-4B4E-994A-476D4773F5BF}) (Version: 3.65.0.0 - Microsoft Corporation)
Microsoft Visio LTSC Professional 2021 - es-es (HKLM\...\VisioPro2021Volume - es-es) (Version: 16.0.14332.20238 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29914 (HKLM-x32\...\{1b5476d9-ab8e-4b0d-b004-059a1bd5568b}) (Version: 14.28.29914.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.5 (x64) (HKLM-x32\...\{97a0c33d-cb7d-4cff-8239-c7704b60e698}) (Version: 5.0.5.29917 - Microsoft Corporation)
Need for Speed™ Heat (HKLM-x32\...\{8DA46384-7F54-4265-B90F-69BBC08DC3A1}) (Version: 1.0.60.7040 - Electronic Arts)
Nefarius Virtual Gamepad Emulation Bus Driver (HKLM\...\{93D91F60-7C94-4A79-863F-EA713D2EB3F3}) (Version: 1.17.333.0 - Nefarius Software Solutions e.U.)
NVIDIA FrameView SDK 1.2.4999.30397803 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.4999.30397803 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.24.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.126 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20238 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20238 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.14332.20110 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.110.50000 - Electronic Arts, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Radmin VPN 1.2.1 (HKLM-x32\...\{4F6D003D-E674-4019-A4B5-CD632584CFE8}) (Version: 1.2.4457 - Famatech)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.7.0131.011810 - Razer Inc.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
ROG Live Service (HKLM-x32\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.3.10.0 - ASUSTek COMPUTER INC.)
STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.8.16162 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.19572 - Microsoft Corporation)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 128.0.10632 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{D7B591D8-1091-4A00-A0B3-5301C45E5D51}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
VALORANT (HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 98.0.1108.56 - Microsoft Corporation)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\ZoomUMX) (Version: 5.9.3 (3169) - Zoom Video Communications, Inc.)

Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m [2022-01-16] (Advanced Micro Devices Inc.) [Startup Task]
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.0.11.0_x64__qmba6cd70vzyy [2022-01-16] (ASUSTeK COMPUTER INC.)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.23.4.0_x64__6rarf9sa4v8jt [2022-02-01] (Disney)
DTS:X Ultra -> C:\Program Files\WindowsApps\DTSInc.DTSXUltra_1.11.3.0_x64__t5j2fzbtdg37r [2022-01-25] (DTS, Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_134.1.221.0_x64__v10z8vjag6ke6 [2022-01-31] (HP Inc.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.2180.0_x64__8wekyb3d8bbwe [2022-02-25] (Microsoft Studios) [MS Ad]
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.0.0_x64__qmba6cd70vzyy [2022-02-09] (ASUSTeK COMPUTER INC.)
Neat Office -> C:\Program Files\WindowsApps\15191PeakPlayer.NeatOffice_3.3.2.0_x86__y5c4dfz5b21fm [2022-01-30] (Any DVD &amp; Office App)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-01-20] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.15.227.0_x64__dt26b99r8h8gj [2022-01-16] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0 [2022-02-22] (Spotify AB) [Startup Task]
TranslucentTB -> C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2021.5.0.0_x64__v826wp6bftszj [2022-01-25] (Charles Milette) [Startup Task]
World War Z -> C:\Program Files\WindowsApps\MadDogGamesLLC.WWZBaseGamePC_1.0.70.0_x64__6wkgvezv94m76 [2022-02-13] (Saber Interactive Inc.)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-702135205-795972572-1049269027-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\magno\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21105.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-02-25] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-01-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_2845149b505e4dbf\nvshext.dll [2022-01-11] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-02-25] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2021-08-18 14:27 - 2021-08-18 14:27 - 000477696 _____ () [Archivo no firmado] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi-napi\prebuilds\win32-ia32\node.napi.node
2021-08-18 14:27 - 2021-08-18 14:27 - 000471040 _____ () [Archivo no firmado] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref-napi\prebuilds\win32-ia32\node.napi.node
2021-08-18 14:27 - 2021-08-18 14:27 - 000454656 _____ () [Archivo no firmado] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\registry-js\prebuilds\win32-ia32\node.napi.node
2022-01-16 19:00 - 2019-12-23 18:51 - 000093184 _____ () [Archivo no firmado] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\zlibwapi.dll
2021-08-18 14:27 - 2021-08-18 14:27 - 000081920 _____ () [Archivo no firmado] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll
2022-01-16 19:01 - 2022-01-16 19:01 - 079408640 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.0.11.0_x64__qmba6cd70vzyy\ArmouryCrate.dll
2020-05-26 17:08 - 2020-05-26 17:08 - 002831360 _____ (Apache Software Foundation) [Archivo no firmado] C:\Program Files (x86)\LightingService\log4cxx.dll
2022-01-16 19:00 - 2019-06-26 16:07 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libcrypto-1_1-x64.dll
2022-01-16 19:00 - 2019-06-26 16:07 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libssl-1_1-x64.dll
2022-01-25 17:01 - 2022-01-25 17:01 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\Origin\LIBEAY32.dll
2022-01-25 17:01 - 2022-01-25 17:01 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\Origin\ssleay32.dll
2022-01-25 17:01 - 2022-01-25 17:01 - 001611264 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-01-25 17:01 - 2022-01-25 17:01 - 005487104 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-01-25 17:01 - 2022-01-25 17:01 - 005841920 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-01-25 17:01 - 2022-01-25 17:01 - 001179136 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-01-25 17:01 - 2022-01-25 17:01 - 000146432 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-01-25 17:01 - 2022-01-25 17:01 - 005089792 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-01-25 17:01 - 2022-01-25 17:01 - 000184832 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk:5465085A2F [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [3018]
AlternateDataStreams: C:\Users\magno\AppData\Local\Temp:$DATA​ [16]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-01-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-01-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-30] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2019-12-07 06:14 - 2019-12-07 06:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKU\S-1-5-21-702135205-795972572-1049269027-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\magno\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\asus.jpg
DNS Servers: 192.168.43.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run32: => "ASUS Smart Display Control"
HKLM\...\StartupApproved\Run32: => "RadminVPN"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_FC96F1C2327B6F350DD3F6EEAB27A78F"
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\StartupApproved\Run: => "Battle.net"
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\StartupApproved\Run: => "Synapse3"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{FACDC178-E335-4A55-8604-DE1B38984AAB}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.0.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [Archivo no firmado]
FirewallRules: [{9F19F33C-F4C4-4D6D-BD46-1558E62E39D2}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.0.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [Archivo no firmado]
FirewallRules: [{DC3B9B71-AB9A-4A35-98CD-41F9FD660155}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.0.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [Archivo no firmado]
FirewallRules: [{C4B21F7D-0DC0-45FA-859A-92FBE989B805}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.0.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [Archivo no firmado]
FirewallRules: [{EF854D5C-8251-485A-831F-35510B2D87EE}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{6FE0BBBB-DD7D-47BC-BAA8-CA5FFA8E4F97}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{4A7038A3-15E2-4EA6-8194-1DEF07C859F8}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
FirewallRules: [{5B923703-9858-426A-AFA9-25176D1190BD}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{E06E6871-FE5F-4F53-8D7F-14B7CB6F6918}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{B7D566A0-415A-4BA0-A775-FB8AA7FEA710}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTEK COMPUTER INCORPORATION -> )
FirewallRules: [{122606D9-5E6D-498C-A0F7-5F523D02C9D3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3CD1B4C2-37C6-4CA4-87CA-F922BDF6397E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{570B69D4-C3D6-43DB-B21E-0592BAF00E83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C4AA051F-5593-433B-BDF8-2708C97A3C88}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{761D3FD5-5093-4725-9733-2E2A4855741D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{C9AC56DB-6C00-46C5-A88E-636B62595DD5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{90E6CE5A-2BBD-46B3-A25C-837749E3E57C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{477751E9-05E4-485C-9C51-C98774285F97}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7107B77B-B777-427A-B990-655977BAD9A2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8223E7B7-936C-4F47-8BBB-E183294D18E5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{E8F84E73-D881-4CE7-8F97-B5027047DD47}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{8DF7DE46-0F99-48C5-9BCB-A6537CD54A0B}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{61238A5D-2FDC-4D8A-A4B6-A2C188CDFF67}] => (Allow) C:\Program Files\EA Games\Need For Speed Heat\NeedForSpeedHeatTrial.exe (Electronic Arts) [Archivo no firmado]
FirewallRules: [{1E18931A-201B-4B8D-AFFF-5B9E529D12AC}] => (Allow) C:\Program Files\EA Games\Need For Speed Heat\NeedForSpeedHeatTrial.exe (Electronic Arts) [Archivo no firmado]
FirewallRules: [{CC8AADD9-E411-41DB-9D95-253C81D3A2A2}] => (Allow) C:\Program Files\EA Games\Need For Speed Heat\NeedForSpeedHeat.exe (Electronic Arts) [Archivo no firmado]
FirewallRules: [{09636149-AD94-428B-8EAC-CE0954C0CB36}] => (Allow) C:\Program Files\EA Games\Need For Speed Heat\NeedForSpeedHeat.exe (Electronic Arts) [Archivo no firmado]
FirewallRules: [{D07E86C4-60AF-4C84-B864-05AE935F96A4}] => (Allow) C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe (Famatech Corp. -> Famatech Corp.)
FirewallRules: [TCP Query User{02BAFC22-9214-4E28-83B5-C34292759E0F}C:\users\magno\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe] => (Allow) C:\users\magno\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe (Plutonium Project -> Plutonium Project) [Archivo no firmado]
FirewallRules: [UDP Query User{4C9492F9-A025-429F-A600-38AABA5E169D}C:\users\magno\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe] => (Allow) C:\users\magno\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe (Plutonium Project -> Plutonium Project) [Archivo no firmado]
FirewallRules: [TCP Query User{853F05DF-4F41-48C3-BEB3-F7F1A1449AEF}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{B0ED1387-B737-42F7-9BE8-2A228F987A39}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{8152C51A-8153-498C-BBF7-A485F1AE75DE}] => (Block) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{82804267-BC6B-4131-86CE-EB96A6954E86}] => (Block) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{3E225A61-D2DE-41CA-8A23-C87CF5635E5F}] => (Allow) C:\Users\magno\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{D4D1B311-2A2E-404D-9B7B-598099716456}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{02AED05B-80C3-47F9-84C5-7F6584978211}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6DCE2FBE-CF66-426D-A545-CB0ECD8BF627}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{44F312CD-AE95-4CF6-8B7D-29DD82DFA25D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2A3F800F-ED50-4252-BB30-66C742B07FBC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CB9E1BDC-A20E-49C6-820F-B2FECB78D4CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rogue Company\RogueCompany.exe (Epic Games, Inc.) [Archivo no firmado]
FirewallRules: [{95D7AEA2-3010-4C5E-A23F-A8ED87ECB4F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rogue Company\RogueCompany.exe (Epic Games, Inc.) [Archivo no firmado]
FirewallRules: [TCP Query User{DD3154EA-5578-4819-8F07-EEBAABB650B3}C:\program files (x86)\steam\steamapps\common\rogue company\roguecompany\binaries\win64\roguecompany.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rogue company\roguecompany\binaries\win64\roguecompany.exe (Hi-Rez Studios, Inc.) [Archivo no firmado]
FirewallRules: [UDP Query User{FA52A111-E8A7-42DE-BBDA-839C8A6FE919}C:\program files (x86)\steam\steamapps\common\rogue company\roguecompany\binaries\win64\roguecompany.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rogue company\roguecompany\binaries\win64\roguecompany.exe (Hi-Rez Studios, Inc.) [Archivo no firmado]
FirewallRules: [{DAB9B801-4C8C-4A39-B93A-707D9995A23D}] => (Allow) C:\Program Files\EA Games\AWayOut\Haze1\Binaries\Win64\AWayOut.exe (Hazelight Studios AB -> Hazelight Studios AB)
FirewallRules: [{DC25E265-A3BB-4E93-84FE-0CAC437A47DA}] => (Allow) C:\Program Files\EA Games\AWayOut\Haze1\Binaries\Win64\AWayOut.exe (Hazelight Studios AB -> Hazelight Studios AB)
FirewallRules: [{39C83347-D748-4BB9-952E-CF37B63BFEB0}] => (Allow) C:\Program Files\EA Games\AWayOut\Haze1\Binaries\Win64\AWayOut_friend.exe (Hazelight Studios AB -> Hazelight Studios AB)
FirewallRules: [{9AEC5CA4-F35A-40AE-8F80-C08FD8F4D9C2}] => (Allow) C:\Program Files\EA Games\AWayOut\Haze1\Binaries\Win64\AWayOut_friend.exe (Hazelight Studios AB -> Hazelight Studios AB)
FirewallRules: [TCP Query User{3292E6E9-DDF7-43C4-B10D-6E0F79C99A7B}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{77735F3C-9A6A-4D2A-8CC5-E7E59344F00C}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{4FBC57CF-FDF2-4BF6-B6E1-14DC77DBE79A}] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{BCD1FAED-F10A-4304-B9F6-EE1C547B8FE2}] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{1B9E111A-D2B5-42A5-ABE1-049F96FE7DF3}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F3715080-85F8-4136-871F-E4B297210C21}] => (Allow) C:\Program Files\EA Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{89F9556B-6EE8-4C1E-BABD-DBCA6FDB861F}] => (Allow) C:\Program Files\EA Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{D960D1C4-9A41-46A0-9819-59960986B838}] => (Allow) C:\Program Files\EA Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts Inc.) [Archivo no firmado]
FirewallRules: [{0E54BB33-966D-46D9-BD42-9752425700D7}] => (Allow) C:\Program Files\EA Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts Inc.) [Archivo no firmado]
FirewallRules: [{9895B27B-C5C1-4D66-AB2A-8013D9367CCA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8AA3DBD3-7CB6-49BB-B1B0-6837EE53BC1C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3939A1F8-9584-42F3-B4DD-125C57242D74}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{59BF69E5-56B2-4DB1-9618-8E3C568080A0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{F4790B62-3210-4856-875F-CBCF2F206DB0}C:\program files\ea games\need for speed heat\needforspeedheat.exe] => (Allow) C:\program files\ea games\need for speed heat\needforspeedheat.exe (Electronic Arts) [Archivo no firmado]
FirewallRules: [UDP Query User{270194CA-98BA-473E-AE59-93A0DBA7219C}C:\program files\ea games\need for speed heat\needforspeedheat.exe] => (Allow) C:\program files\ea games\need for speed heat\needforspeedheat.exe (Electronic Arts) [Archivo no firmado]
FirewallRules: [{6C2F3819-C491-4F65-84C1-6C841D5C0A91}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\98.0.1108.56\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{36A5EF8A-08C1-4AEE-B7C7-6D930AA845BB}C:5\wwzretail.exe] => (Allow) C:5\wwzretail.exe => Ningún archivo
FirewallRules: [UDP Query User{DA932284-ED07-44CF-A45F-70FB462E873C}C:5\wwzretail.exe] => (Allow) C:5\wwzretail.exe => Ningún archivo
FirewallRules: [{65F5C3E0-85E5-48AA-869A-F2B5E8D24FF7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9643724E-924E-43F5-9B75-D7B68575B867}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4E637402-9FDC-42A3-ABD0-573370515C08}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2791077F-1A11-4FC0-A243-555E29A6B862}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{49216C65-1E34-4380-9181-E647DD480F15}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C10859A6-DB28-401D-BDFA-F52263E59836}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DEC5A86E-BE7C-4AF5-875B-94C513A37C24}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EE706A17-7F85-4DB2-84B5-9D7CA5E43D20}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DC4A4FA6-32EE-4E91-99C6-C4545A9BEC2C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{CB003414-A4A2-48D5-816F-B7B591E9C8F8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{308CEDDB-E8B3-47D4-872A-BFBD29D4CB47}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{A928A003-1041-44AD-93FF-91EF154B4E88}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{B7C7BC7F-402E-4FDE-B17D-976861F02E15}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{3DE7A680-AFFE-4603-B504-FD3B7F6CE05E}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{A2DFB7C0-7C81-4BAE-AB85-F869D8D9CABB}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{4B1985E7-A099-4633-9845-F0233DBF43F8}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{92DE344D-6D60-4EC9-AA0F-78E8D0F87337}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSwitch\AsusSwitchNet.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{0795FDB7-8E81-486C-BBAF-EE3E402B3E44}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSLinkNear\AsusLinkNear.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{BF892B4A-245B-4BF4-BCE3-426A4A69DB62}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSwitch\AsusSwitchNetMDNS.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{52588AE8-D412-4064-946D-2B60CC76A591}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
FirewallRules: [{D3366722-141A-4733-91CD-71EDBD1A7610}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
FirewallRules: [{C36E2211-669F-438B-8B76-B976049402F5}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTEK COMPUTER INCORPORATION -> )
FirewallRules: [{2E5B16B2-0821-44E4-A332-ED0AF3698041}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTEK COMPUTER INCORPORATION -> )

==================== Puntos de Restauración =========================

ATENCIÓN: Restaurar Sistema está deshabilitado (Total:456.29 GB) (Free:25.71 GB) (6%)

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: NVIDIA Platform Controllers and Framework
Description: NVIDIA Platform Controllers and Framework
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: NVIDIA
Service: nvpcf
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (02/26/2022 12:00:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AsusSystemAnalysis.exe, versión: 2.1.16.10, marca de tiempo: 0x61d98280
Nombre del módulo con errores: ntdll.dll, versión: 10.0.19041.1466, marca de tiempo: 0xe2f8ca76
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x00000000000a2070
Identificador del proceso con errores: 0x14a4
Hora de inicio de la aplicación con errores: 0x01d829d49a335fca
Ruta de acceso de la aplicación con errores: C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSystemAnalysis\AsusSystemAnalysis.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: 271e866e-0549-4cf4-bc1b-62d9545bb477
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (02/25/2022 10:17:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa ShellExperienceHost.exe (versión 10.0.19041.1320) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.

Id. de proceso: 3318

Hora de Inicio: 01d82a9dbc01c375

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

Id. de informe: 23afa3e8-3661-4417-9c80-b470e77c642f

Nombre completo del paquete con errores: Microsoft.Windows.ShellExperienceHost_10.0.19041.1320_neutral_neutral_cw5n1h2txyewy

Id. de la aplicación relativa al paquete con errores: App

Tipo de bloqueo: Quiesce

Error: (02/25/2022 09:18:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: SgrmBroker.exe, versión: 10.0.19041.546, marca de tiempo: 0xe6161df9
Nombre del módulo con errores: KERNEL32.DLL, versión: 10.0.19041.1503, marca de tiempo: 0x61b5977b
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000001560a
Identificador del proceso con errores: 0x36b4
Hora de inicio de la aplicación con errores: 0x01d829d4e629bbcc
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\SgrmBroker.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\KERNEL32.DLL
Identificador del informe: dc8031c0-8f18-47ec-af7c-2e0d7b96e145
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (02/25/2022 09:05:19 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: ArmouryCrate.UserSessionHelper.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: código de la excepción c0000005, dirección de la excepción 0000000000000000

Error: (02/25/2022 12:32:33 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Error en la inicialización de la inscripción de certificados de SCEP para WORKGROUP\DESKTOP-QUCNTF5$ a través de https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 25 Feb 2022 03:32:34 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 87bf6517-6b1a-4342-be9c-682d83b2c24d

Método: GET(734ms)
Fase: GetCACaps
No encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/24/2022 11:35:56 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center no pudo validar al autor de la llamada con el error %1.

Error: (02/24/2022 11:19:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbamtray.exe, versión: 4.0.0.1250, marca de tiempo: 0x62023b8a
Nombre del módulo con errores: Qt5Core.dll, versión: 5.14.1.0, marca de tiempo: 0x603971ce
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000219dc5
Identificador del proceso con errores: 0x27c4
Hora de inicio de la aplicación con errores: 0x01d829eded1997f4
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Identificador del informe: 39182d40-68c4-4a83-8820-cc6f37c38f0e
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (02/24/2022 08:16:58 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Error en la inicialización de la inscripción de certificados de SCEP para WORKGROUP\DESKTOP-QUCNTF5$ a través de https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Thu, 24 Feb 2022 23:16:59 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 78cd1684-ca6b-4225-b4cd-ee06d2516b50

Método: GET(672ms)
Fase: GetCACaps
No encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)


Errores del sistema:
=============
Error: (02/26/2022 12:01:00 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio ASUS System Analysis terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.

Error: (02/25/2022 10:43:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (02/25/2022 10:43:42 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\magno\AppData\Local\Temp\ehdrv.sys

Error: (02/25/2022 10:43:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (02/25/2022 10:43:42 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\magno\AppData\Local\Temp\ehdrv.sys

Error: (02/25/2022 10:43:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (02/25/2022 10:43:42 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\magno\AppData\Local\Temp\ehdrv.sys

Error: (02/25/2022 10:43:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador


Windows Defender:
================
Date: 2022-02-25 23:12:58
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {C0770E7C-2951-4F51-B3A9-5459F090413B}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2022-02-25 23:04:25
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/AgentTesla!ml&threatid=2147760503&enterprise=0
Nombre: Trojan:Win32/AgentTesla!ml
Id.: 2147760503
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Program Files (x86)\ASUS\Update\Download\{AB5F014E-883D-470D-BC2D-127EF91E5611}\5.0.0.9\10839-OQ1F9U-fff39f77595442733cc8f12e70c5348e.zip
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-QUCNTF5\magno
Nombre de proceso: C:\Users\magno\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Versión de inteligencia de seguridad: AV: 1.359.862.0, AS: 1.359.862.0, NIS: 1.359.862.0
Versión de motor: AM: 1.1.18900.3, NIS: 1.1.18900.3

Date: 2022-02-25 01:04:28
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/AgentTesla!ml&threatid=2147760503&enterprise=0
Nombre: Trojan:Win32/AgentTesla!ml
Id.: 2147760503
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\magno\AppData\Local\Temp\{7EB19E47-8A86-4242-8D8C-920285FCF8CA}-10839-OQ1F9U-fff39f77595442733cc8f12e70c5348e.zip
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe
Versión de inteligencia de seguridad: AV: 1.359.862.0, AS: 1.359.862.0, NIS: 1.359.862.0
Versión de motor: AM: 1.1.18900.3, NIS: 1.1.18900.3

Date: 2022-02-25 00:04:40
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/AgentTesla!ml&threatid=2147760503&enterprise=0
Nombre: Trojan:Win32/AgentTesla!ml
Id.: 2147760503
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\magno\AppData\Local\Temp\{EB702047-EBDF-4351-8B74-F7A281926C3B}-10839-OQ1F9U-fff39f77595442733cc8f12e70c5348e.zip
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-QUCNTF5\magno
Nombre de proceso: C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe
Versión de inteligencia de seguridad: AV: 1.359.862.0, AS: 1.359.862.0, NIS: 1.359.862.0
Versión de motor: AM: 1.1.18900.3, NIS: 1.1.18900.3

Date: 2022-02-25 00:04:34
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/AgentTesla!ml&threatid=2147760503&enterprise=0
Nombre: Trojan:Win32/AgentTesla!ml
Id.: 2147760503
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\magno\AppData\Local\Temp\{EB702047-EBDF-4351-8B74-F7A281926C3B}-10839-OQ1F9U-fff39f77595442733cc8f12e70c5348e.zip
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe
Versión de inteligencia de seguridad: AV: 1.359.862.0, AS: 1.359.862.0, NIS: 1.359.862.0
Versión de motor: AM: 1.1.18900.3, NIS: 1.1.18900.3
Event[0]:

Date: 2022-02-24 20:13:18
Description: 
La característica Protección en tiempo real de Antivirus de Microsoft Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 
Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2022-02-24 20:11:09
Description: 
La característica Protección en tiempo real de Antivirus de Microsoft Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 
Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2022-02-24 20:09:49
Description: 
La característica Protección en tiempo real de Antivirus de Microsoft Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 
Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2022-02-24 17:43:24
Description: 
Antivirus de Microsoft Defender encontró un error crítico al realizar una acción en malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/AgentTesla!ml&threatid=2147760503&enterprise=0
Nombre: Trojan:Win32/AgentTesla!ml
Id.: 2147760503
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\magno\AppData\Local\Temp\{5A4BDC7C-CF5D-43E9-9BD8-8E7FDABCD82C}-10839-OQ1F9U-fff39f77595442733cc8f12e70c5348e.zip
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-QUCNTF5\magno
Nombre de proceso: C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe
Acción: Desconocido
Estado de acción:  No additional actions required
Código de error: 0x80508033
Descripción del error: Problema inesperado. Instale todas las actualizaciones disponibles e intente iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulte Ayuda y soporte técnico. 
Versión de inteligencia de seguridad: AV: 1.359.852.0, AS: 1.359.852.0, NIS: 1.359.852.0
Versión del motor: AM: 1.1.18900.3, NIS: 1.1.18900.3

Date: 2022-02-20 10:51:09
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.359.442.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.18900.3
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

CodeIntegrity:
===============
Date: 2022-02-25 22:43:42
Description: 
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume3\Users\magno\AppData\Local\Temp\ehdrv.sys that is not compatible with hypervisor enforcement. Failure bitmap 0x1. Status 0xC00000BB.


==================== Información de la memoria =========================== 

BIOS: American Megatrends International, LLC. FA506QM.307 06/02/2021
Placa base: ASUSTeK COMPUTER INC. FA506QM
Procesador: AMD Ryzen 7 5800H with Radeon Graphics 
Porcentaje de memoria en uso: 45%
RAM física total: 15774.67 MB
RAM física disponible: 8670.92 MB
Virtual total: 19614.67 MB
Virtual disponible: 10560.12 MB

==================== Unidades ================================

Drive c: (OS) (Fixed) (Total:456.29 GB) (Free:25.71 GB) (Protected) NTFS

\\?\Volume{55576f03-d50f-4957-897b-60ac4c54ebd0}\ (RECOVERY) (Fixed) (Total:0.68 GB) (Free:0.19 GB) NTFS
\\?\Volume{333d4a87-c00c-4df8-a52d-46187a0b3490}\ (RESTORE) (Fixed) (Total:19.5 GB) (Free:3.63 GB) NTFS
\\?\Volume{b239a7c7-0c3b-4baa-8d0a-95b277db0305}\ (MYASUS) (Fixed) (Total:0.19 GB) (Free:0.13 GB) FAT32
\\?\Volume{6629e820-ee38-fffa-6071-1a64003c87a0}\ () (Fixed) (Total:49.73 GB) (Free:0 GB) NTFS
\\?\Volume{71035992-4fed-4d99-8591-fc299d5041da}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: DED333C9)

Partition: GPT.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 1.

==================== Final de Addition.txt =======================

en el Argente registry cleaner me salieron alrededor de 1000 errores ya los corregí. muchas gracias por la ayuda

Hola nuevamente,

Realiza lo siguiente:

:one: Crea una copia de seguridad del registro con Registry Backup, no importa si es la versión portable o instalable:

Tweaking Registry Backup

  • Después de instalar o descomprimir ejecuta el programa (de ser portable es el ejecutable TweakingRegistryBackup.exe).
  • Asegurate que en la pestaña Registry Backup este todo marcado.
  • En Backup Name puedes dejarlo por defecto o asignar algún nombre
  • Presiona el botón BackUp now

:two: Deshabilita nuevamente tu antivirus: ¿Cómo deshabilitar temporalmente su Antivirus?

:three: En el equipo, con los demás programas cerrados abra el notepad; puede abrirlo en la barra de búsqueda de windows y escribiendo notepad.exe

Posteriormente, copie y pegue este script de reparación dentro del Notepad comenzando en Start y terminando en End:

Start
SystemRestore: On
CreateRestorePoint:
CloseProcesses:

AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk:5465085A2F [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [3018]
AlternateDataStreams: C:\Users\magno\AppData\Local\Temp:$DATA​ [16]
FirewallRules: [TCP Query User{36A5EF8A-08C1-4AEE-B7C7-6D930AA845BB}C:5\wwzretail.exe] => (Allow) C:5\wwzretail.exe => Ningún archivo
FirewallRules: [UDP Query User{DA932284-ED07-44CF-A45F-70FB462E873C}C:5\wwzretail.exe] => (Allow) C:5\wwzretail.exe => Ningún archivo
unlock: C:\Users\magno\AppData\Local\Temp\ehdrv.sys
unlock: C:\WINDOWS\system32\SgrmBroker.exe
File:C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe; C:\WINDOWS\system32\SgrmBroker.exe; C:\Users\magno\AppData\Local\Temp\ehdrv.sys

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers 
EmptyTemp:
End
  • Vaya a Archivo y selecciona Guardar Como.
  • En la parte de Codificación elija Unicode o UTF8 según le de la opción.
  • Guárdelo bajo el nombre de fixlist.txt en el escritorio al igual que FRST. Esto es muy importante.

¡:warning:ATENCIÓN! El anterior Script de reparación fue hecho específicamente por un miembro del Staff para este usuario, si tiene un problema similar por favor abra su propio tema para recibir ayuda personalizada. Usar Scripts de otros usuarios puede causar daños a su equipo

  • Ejecute Frst.exe. y presione el botón Fix / Corregir
  • Espere pacientemente a que termine y no use el equipo. Al terminar el equipo podría reiniciarse
  • La Herramienta guardará el reporte en su escritorio (Fixlog.txt).

:four: Revisa el siguiente enlace y ejecuta AdwCleaner:

Procura seguir el manual los siguientes apartados:

  1. Descarga y ejecución
  2. Analizar y limpiar
  3. Informes

Nos traerías:

  1. El reporte de FRST (Fixlog.txt)
  2. El reporte de Adwcleaner
  3. Cualquier comentario de como siga el problema y el equipo.

Saludos

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 27-02-2022
Ejecutado por magno (28-02-2022 18:40:55) Run:1
Ejecutado desde C:\Users\magno\Desktop
Perfiles cargados: magno
Modo de Inicio: Normal
==============================================

fixlist contenido:
*****************
Start
SystemRestore: On
CreateRestorePoint:
CloseProcesses:

AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk:5465085A2F [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [3018]
AlternateDataStreams: C:\Users\magno\AppData\Local\Temp:$DATA​ [16]
FirewallRules: [TCP Query User{36A5EF8A-08C1-4AEE-B7C7-6D930AA845BB}C:5\wwzretail.exe] => (Allow) C:5\wwzretail.exe => Ningún archivo
FirewallRules: [UDP Query User{DA932284-ED07-44CF-A45F-70FB462E873C}C:5\wwzretail.exe] => (Allow) C:5\wwzretail.exe => Ningún archivo
unlock: C:\Users\magno\AppData\Local\Temp\ehdrv.sys
unlock: C:\WINDOWS\system32\SgrmBroker.exe
File:C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe; C:\WINDOWS\system32\SgrmBroker.exe; C:\Users\magno\AppData\Local\Temp\ehdrv.sys

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers 
EmptyTemp:
End
*****************

SystemRestore: On => Error -> 6%
Error: (0) Error al crear un punto de restauración.
Procesos cerrados correctamente.
C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini => ":B1DA6C571C" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk => ":A1B76439FE" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini => ":41964AA945" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk => ":BE32D07BC5" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk => ":B96E9B8455" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk => ":60EC9648C0" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk => ":5465085A2F" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk => ":1DC1525F34" ADS eliminado correctamente
C:\Users\magno\AppData\Local\Temp => ":$DATA​" ADS eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{36A5EF8A-08C1-4AEE-B7C7-6D930AA845BB}C:5\wwzretail.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DA932284-ED07-44CF-A45F-70FB462E873C}C:5\wwzretail.exe" => eliminado correctamente
"C:\Users\magno\AppData\Local\Temp\ehdrv.sys" => no encontrado
"C:\WINDOWS\system32\SgrmBroker.exe" => fue desbloqueado

========================= File:C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe; C:\WINDOWS\system32\SgrmBroker.exe; C:\Users\magno\AppData\Local\Temp\ehdrv.sys ========================

C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe
El archivo está firmado digitalmente
MD5: E4604F84E3813F9E2FBF2B0BC43B8A9B
Fecha de creación y modificación: 2022-01-16 18:59 - 2022-01-16 18:59
Tamaño: 000158224
Atributos: ---AT
Nombre de la compañía: ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.
Interno Nombre: ASUS Update
Original Nombre: AsusUpdate.exe
Producto: ASUS Update
Descripción: ASUS Update
Archivo Versión: 1.3.107.67
Producto Versión: 1.3.107.67
Copyright: Copyright 2019 ASUSTeK Computer Inc.
VirusTotal: https://www.virustotal.com/gui/file/17d5f3ce677529b71d9e96f963f26b3979d8152a3cbb371d66538fdf202f85f3/detection/f-17d5f3ce677529b71d9e96f963f26b3979d8152a3cbb371d66538fdf202f85f3-1645533125

C:\WINDOWS\system32\SgrmBroker.exe
Catalog: C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00~31bf3856ad364e35~amd64~~10.0.19041.1503.cat
El archivo está firmado digitalmente
MD5: 3BA1A18A0DC30A0545E7765CB97D8E63
Fecha de creación y modificación: 2021-10-06 10:42 - 2021-10-06 10:42
Tamaño: 000329504
Atributos: ----A
Nombre de la compañía: Microsoft Windows Publisher -> Microsoft Corporation
Interno Nombre: SgrmBroker
Original Nombre: SgrmBroker.exe
Producto: Microsoft® Windows® Operating System
Descripción: System Guard Runtime Monitor Broker Service
Archivo Versión: 10.0.19041.546 (WinBuild.160101.0800)
Producto Versión: 10.0.19041.546
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/gui/file/f9cbf1ff87d6f11920c4b7367ea2178bf13aa276c65d918950683983f268bc1f/detection/f-f9cbf1ff87d6f11920c4b7367ea2178bf13aa276c65d918950683983f268bc1f-1646008235

"C:\Users\magno\AppData\Local\Temp\ehdrv.sys" => no encontrado
====== Final de File: ======


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 1 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 2 mientras los medios
est‚n desconectados.

Adaptador de Ethernet Radmin VPN:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Direcci¢n IPv6 . . . . . . . . . . : fdfd::1a9f:6d6d
   V¡nculo: direcci¢n IPv6 local. . . : fe80::c4b8:1307:5810:4215%4
   Direcci¢n IPv4. . . . . . . . . . . . . . : 26.159.109.109
   M scara de subred . . . . . . . . . . . . : 255.0.0.0
   Puerta de enlace predeterminada . . . . . : 26.0.0.1

Adaptador de Ethernet Ethernet:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 1:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 2:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Wi-Fi:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::fd91:3663:550c:7925%9
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.43.89
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.43.1

Adaptador de t£nel Teredo Tunneling Pseudo-Interface:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Direcci¢n IPv6 . . . . . . . . . . : 2001:0:2877:7aa:408:2478:3f57:d4a6
   V¡nculo: direcci¢n IPv6 local. . . : fe80::408:2478:3f57:d4a6%12
   Puerta de enlace predeterminada . . . . . : 

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

{A878CB11-CE9B-4DD0-B2F5-E67AF6F01DC1} canceled.
1 out of 1 jobs canceled.

========= Final de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17926717 B
Java, Flash, Steam htmlcache => 225932988 B
Windows/system/drivers => 59780628 B
Edge => 0 B
Chrome => 379717513 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 50627135 B
systemprofile32 => 50627135 B
LocalService => 50652007 B
NetworkService => 50760413 B
magno => 55143952 B

RecycleBin => 0 B
EmptyTemp: => 897.6 MB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 18:41:09 ====
# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build:    11-18-2021
# Database: 2022-02-03.4 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    02-28-2022
# Duration: 00:00:02
# OS:       Windows 10 Home Single Language
# Cleaned:  0
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1422 octets] - [28/02/2022 18:56:59]
AdwCleaner[S01].txt - [1483 octets] - [28/02/2022 18:57:35]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Hola nuevamente,

Realiza lo siguiente:

:one: Revisa el siguiente manual y ejecuta TDSSKiller:

Manual de TDSSKiller

Sigue las instrucciones y realiza un escaneo con la herramienta. Procura marcar de manera adicional las casillas:

  • Detect TDLFS files system.

Procura seguir las instrucciones del manual para obtener el reporte.

:two: Revisa en windows update si hay alguna actualización disponible: Actualizar Windows

:three: En la barra de búsqueda escribe cmd y en la primera opción que aparezca da clic derecho y elige Ejecutar como administrador. Se abrirá una ventana negra. Copia y pega los siguientes comandos linea por linea:

dism /online /cleanup-image /restorehealth

dism /online /cleanup-image /startcomponentcleanup

sfc /scannow

Si alguno te pide reiniciar procedes. Revisa si el ultimo comando te informa si encontro alguna infracción y si la pudo reparar. Si encontró y copia y pega este otro comando:


findstr /c:"[SR]" %windir%\Logs\CBS\CBS.log >"%userprofile%\Desktop\sfcdetails.txt"

Esto generará un reporte en tu escritorio llamado sfcdetails. Por favor trae su contenido o adjúntalo en un mensaje.

Nos traerías:

  • El reporte de TDSKiller (puedes adjuntarlo de ser muy largo)
  • Comentarios si el comando Sfc /scannow encontro problemas y si pudo repararlos.
    • Si encontro problemas nos traerías el reporte sfcdetails.txt, caso contrario no hace falta.
  • Cualquier comentario de como sigue el sistema.

Saludos

Una publicación ha sido separada a un nuevo tema: Fui infectado con esto Trojan:Script/Oneeva.A!ml Trojan:Win32/AgentTesla!ml

19:43:56.0374 0x07f0  TDSS rootkit removing tool 3.1.0.28 Apr  9 2019 21:11:46
19:43:56.0374 0x07f0  UEFI system
19:44:01.0452 0x07f0  ============================================================
19:44:01.0452 0x07f0  Current date / time: 2022/03/03 19:44:01.0452
19:44:01.0453 0x07f0  SystemInfo:
19:44:01.0453 0x07f0  
19:44:01.0453 0x07f0  OS Version: 10.0.19044 ServicePack: 0.0
19:44:01.0453 0x07f0  Product type: Workstation
19:44:01.0453 0x07f0  ComputerName: DESKTOP-QUCNTF5
19:44:01.0453 0x07f0  UserName: magno
19:44:01.0453 0x07f0  Windows directory: C:\WINDOWS
19:44:01.0453 0x07f0  System windows directory: C:\WINDOWS
19:44:01.0453 0x07f0  Running under WOW64
19:44:01.0453 0x07f0  Processor architecture: Intel x64
19:44:01.0453 0x07f0  Number of processors: 16
19:44:01.0453 0x07f0  Page size: 0x1000
19:44:01.0453 0x07f0  Boot type: Normal boot
19:44:01.0453 0x07f0  CodeIntegrityOptions = 0x0000F401
19:44:01.0453 0x07f0  ============================================================
19:44:01.0516 0x07f0  KLMD registered as C:\WINDOWS\system32\drivers\67787521.sys
19:44:01.0517 0x07f0  KLMD ARK init status: drvProperties = 0xF0F02, osBuild = 19044.0, osProperties = 0x3F
19:44:01.0615 0x07f0  System UUID: {D94BFD12-1D6A-7B12-5B80-49CB20064584}
19:44:01.0820 0x07f0  !crdlk
19:44:01.0822 0x07f0  Drive \Device\Harddisk0\DR0 - Size: 0x773C256000 ( 476.94 Gb ), SectorSize: 0x200, Cylinders: 0xF334, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:44:01.0826 0x07f0  Drive \Device\Harddisk1\DR4 - Size: 0xC6EE60000 ( 49.73 Gb ), SectorSize: 0x1000, Cylinders: 0x32B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:44:01.0828 0x07f0  ============================================================
19:44:01.0828 0x07f0  \Device\Harddisk0\DR0:
19:44:01.0828 0x07f0  GPT partitions:
19:44:01.0828 0x07f0  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {71035992-4FED-4D99-8591-FC299D5041DA}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x82000
19:44:01.0828 0x07f0  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {E02525C2-0F9E-47F5-B64B-CDFC14D44F54}, Name: Microsoft reserved partition, StartLBA 0x82800, BlocksNum 0x8000
19:44:01.0828 0x07f0  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {F960A93C-EDCE-4F5C-9474-703D13610F71}, Name: Basic data partition, StartLBA 0x8A800, BlocksNum 0x3909428F
19:44:01.0828 0x07f0  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {55576F03-D50F-4957-897B-60AC4C54EBD0}, Name: Basic data partition, StartLBA 0x3911F000, BlocksNum 0x15E000
19:44:01.0828 0x07f0  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {333D4A87-C00C-4DF8-A52D-46187A0B3490}, Name: Basic data partition, StartLBA 0x3927D000, BlocksNum 0x2700000
19:44:01.0828 0x07f0  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {B239A7C7-0C3B-4BAA-8D0A-95B277DB0305}, Name: Basic data partition, StartLBA 0x3B97D000, BlocksNum 0x64000
19:44:01.0828 0x07f0  MBR partitions:
19:44:01.0828 0x07f0  \Device\Harddisk1\DR4:
19:44:01.0828 0x07f0  GPT partitions:
19:44:01.0829 0x07f0  \Device\Harddisk1\DR4\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6629E820-EE38-FFFA-6071-1A64003C87A0}, Name: , StartLBA 0x4, BlocksNum 0xC6EE58
19:44:01.0829 0x07f0  MBR partitions:
19:44:01.0829 0x07f0  ============================================================
19:44:01.0829 0x07f0  Initialize success
19:44:01.0829 0x07f0  ============================================================
19:44:29.0816 0x11cc  ============================================================
19:44:29.0816 0x11cc  Scan started
19:44:29.0816 0x11cc  Mode: Manual; TDLFS; 
19:44:29.0816 0x11cc  ============================================================
19:44:29.0816 0x11cc  KSN ping started
19:44:29.0982 0x11cc  KSN ping finished: true
19:44:30.0024 0x11cc  ================ Scan BIOS =================================
19:44:30.0024 0x11cc  BIOS info: vendor = American Megatrends International, LLC., version = FA506QM.307, releaseDate = 06/02/2021
19:44:30.0024 0x11cc  Base board info: manufacturer = ASUSTeK COMPUTER INC., product = FA506QM, version = 1.0
19:44:34.0730 0x11cc  [ A5FA85DA0B604A16F213038B64C7E670, 870B896291C1AA26CA1E7CC1D0EE3265929C98541759109A84791FBF78ED4B36 ] BIOS
19:44:34.0730 0x11cc  BIOS - ok
19:44:34.0731 0x11cc  ================ Scan system memory ========================
19:44:34.0732 0x11cc  System memory - ok
19:44:34.0733 0x11cc  ================ Scan services =============================
19:44:34.0740 0x11cc  1394ohci - ok
19:44:34.0742 0x11cc  3ware - ok
19:44:34.0744 0x11cc  AarSvc - ok
19:44:34.0747 0x11cc  ACPI - ok
19:44:34.0749 0x11cc  AcpiDev - ok
19:44:34.0751 0x11cc  acpiex - ok
19:44:34.0753 0x11cc  acpipagr - ok
19:44:34.0755 0x11cc  AcpiPmi - ok
19:44:34.0757 0x11cc  acpitime - ok
19:44:34.0759 0x11cc  Acx01000 - ok
19:44:34.0762 0x11cc  ADP80XX - ok
19:44:34.0765 0x11cc  AFD - ok
19:44:34.0767 0x11cc  afunix - ok
19:44:34.0769 0x11cc  ahcache - ok
19:44:34.0771 0x11cc  AJRouter - ok
19:44:34.0773 0x11cc  ALG - ok
19:44:34.0775 0x11cc  AMD Crash Defender Service - ok
19:44:34.0777 0x11cc  AMD External Events Utility - ok
19:44:34.0779 0x11cc  amdacpbus - ok
19:44:34.0781 0x11cc  amdfendr - ok
19:44:34.0783 0x11cc  amdfendrmgr - ok
19:44:34.0786 0x11cc  amdgpio2 - ok
19:44:34.0787 0x11cc  amdi2c - ok
19:44:34.0789 0x11cc  AmdK8 - ok
19:44:34.0791 0x11cc  amdkmdag - ok
19:44:34.0794 0x11cc  AmdMicroPEP - ok
19:44:34.0796 0x11cc  AmdPPM - ok
19:44:34.0798 0x11cc  amdpsp - ok
19:44:34.0800 0x11cc  AMDRyzenMasterDriverV19 - ok
19:44:34.0802 0x11cc  amdsata - ok
19:44:34.0804 0x11cc  amdsbs - ok
19:44:34.0805 0x11cc  amdxata - ok
19:44:34.0807 0x11cc  AMDXE - ok
19:44:34.0809 0x11cc  AppID - ok
19:44:34.0811 0x11cc  AppIDSvc - ok
19:44:34.0813 0x11cc  Appinfo - ok
19:44:34.0815 0x11cc  applockerfltr - ok
19:44:34.0817 0x11cc  AppReadiness - ok
19:44:34.0818 0x11cc  AppXSvc - ok
19:44:34.0821 0x11cc  arcsas - ok
19:44:34.0823 0x11cc  ArmouryCrateControlInterface - ok
19:44:34.0824 0x11cc  ArmouryCrateService - ok
19:44:34.0826 0x11cc  asus - ok
19:44:34.0828 0x11cc  AsusAppService - ok
19:44:34.0830 0x11cc  AsusCertService - ok
19:44:34.0832 0x11cc  Asusgio3 - ok
19:44:34.0834 0x11cc  ASUSLinkNear - ok
19:44:34.0836 0x11cc  ASUSLinkRemote - ok
19:44:34.0838 0x11cc  asusm - ok
19:44:34.0840 0x11cc  ASUSOptimization - ok
19:44:34.0842 0x11cc  AsusPTPDrv - ok
19:44:34.0845 0x11cc  AsusROGLSLService - ok
19:44:34.0847 0x11cc  AsusSAIO - ok
19:44:34.0850 0x11cc  ASUSSoftwareManager - ok
19:44:34.0852 0x11cc  ASUSSwitch - ok
19:44:34.0854 0x11cc  ASUSSystemAnalysis - ok
19:44:34.0856 0x11cc  ASUSSystemDiagnosis - ok
19:44:34.0858 0x11cc  AsyncMac - ok
19:44:34.0860 0x11cc  atapi - ok
19:44:34.0863 0x11cc  AtiHDAudioService - ok
19:44:34.0865 0x11cc  ATKWMIACPIIO - ok
19:44:34.0867 0x11cc  atvi-brynhildr - ok
19:44:34.0869 0x11cc  AudioEndpointBuilder - ok
19:44:34.0871 0x11cc  Audiosrv - ok
19:44:34.0873 0x11cc  autotimesvc - ok
19:44:34.0875 0x11cc  AxInstSV - ok
19:44:34.0877 0x11cc  b06bdrv - ok
19:44:34.0878 0x11cc  bam - ok
19:44:34.0880 0x11cc  BasicDisplay - ok
19:44:34.0882 0x11cc  BasicRender - ok
19:44:34.0885 0x11cc  BcastDVRUserService - ok
19:44:34.0889 0x11cc  bcmfn2 - ok
19:44:34.0891 0x11cc  BDESVC - ok
19:44:34.0893 0x11cc  Beep - ok
19:44:34.0895 0x11cc  BEService - ok
19:44:34.0897 0x11cc  BFE - ok
19:44:34.0898 0x11cc  bindflt - ok
19:44:34.0900 0x11cc  BITS - ok
19:44:34.0902 0x11cc  BluetoothUserService - ok
19:44:34.0905 0x11cc  bowser - ok
19:44:34.0907 0x11cc  BrokerInfrastructure - ok
19:44:34.0909 0x11cc  Browser - ok
19:44:34.0911 0x11cc  BTAGService - ok
19:44:34.0912 0x11cc  BthA2dp - ok
19:44:34.0914 0x11cc  BthAvctpSvc - ok
19:44:34.0916 0x11cc  BthEnum - ok
19:44:34.0918 0x11cc  BthHFAud - ok
19:44:34.0920 0x11cc  BthHFEnum - ok
19:44:34.0922 0x11cc  BthLEEnum - ok
19:44:34.0924 0x11cc  BthMini - ok
19:44:34.0926 0x11cc  BTHMODEM - ok
19:44:34.0928 0x11cc  BthPan - ok
19:44:34.0930 0x11cc  BTHPORT - ok
19:44:34.0932 0x11cc  bthserv - ok
19:44:34.0934 0x11cc  BTHUSB - ok
19:44:34.0935 0x11cc  bttflt - ok
19:44:34.0937 0x11cc  buttonconverter - ok
19:44:34.0939 0x11cc  CAD - ok
19:44:34.0941 0x11cc  camsvc - ok
19:44:34.0943 0x11cc  CaptureService - ok
19:44:34.0946 0x11cc  cbdhsvc - ok
19:44:34.0949 0x11cc  cdfs - ok
19:44:34.0951 0x11cc  CDPSvc - ok
19:44:34.0953 0x11cc  CDPUserSvc - ok
19:44:34.0955 0x11cc  cdrom - ok
19:44:34.0957 0x11cc  CertPropSvc - ok
19:44:34.0960 0x11cc  cht4iscsi - ok
19:44:34.0961 0x11cc  cht4vbd - ok
19:44:34.0964 0x11cc  CimFS - ok
19:44:34.0965 0x11cc  circlass - ok
19:44:34.0967 0x11cc  CldFlt - ok
19:44:34.0970 0x11cc  CLFS - ok
19:44:34.0972 0x11cc  ClickToRunSvc - ok
19:44:34.0974 0x11cc  ClipSVC - ok
19:44:34.0979 0x11cc  CmBatt - ok
19:44:34.0981 0x11cc  CNG - ok
19:44:34.0983 0x11cc  cnghwassist - ok
19:44:34.0985 0x11cc  CompositeBus - ok
19:44:34.0987 0x11cc  COMSysApp - ok
19:44:34.0990 0x11cc  condrv - ok
19:44:34.0993 0x11cc  ConsentUxUserSvc - ok
19:44:34.0995 0x11cc  CoreMessagingRegistrar - ok
19:44:34.0998 0x11cc  CredentialEnrollmentManagerUserSvc - ok
19:44:35.0000 0x11cc  CredentialEnrollmentManagerUserSvc_4878eb6 - ok
19:44:35.0003 0x11cc  CryptSvc - ok
19:44:35.0005 0x11cc  dam - ok
19:44:35.0007 0x11cc  DcomLaunch - ok
19:44:35.0009 0x11cc  defragsvc - ok
19:44:35.0011 0x11cc  DeviceAssociationBrokerSvc - ok
19:44:35.0014 0x11cc  DeviceAssociationService - ok
19:44:35.0016 0x11cc  DeviceInstall - ok
19:44:35.0018 0x11cc  DevicePickerUserSvc - ok
19:44:35.0021 0x11cc  DevicesFlowUserSvc - ok
19:44:35.0023 0x11cc  DevQueryBroker - ok
19:44:35.0025 0x11cc  Dfsc - ok
19:44:35.0027 0x11cc  Dhcp - ok
19:44:35.0029 0x11cc  diagnosticshub.standardcollector.service - ok
19:44:35.0031 0x11cc  diagsvc - ok
19:44:35.0033 0x11cc  DiagTrack - ok
19:44:35.0035 0x11cc  disk - ok
19:44:35.0037 0x11cc  DispBrokerDesktopSvc - ok
19:44:35.0039 0x11cc  DisplayEnhancementService - ok
19:44:35.0041 0x11cc  DmEnrollmentSvc - ok
19:44:35.0043 0x11cc  dmvsc - ok
19:44:35.0045 0x11cc  dmwappushservice - ok
19:44:35.0047 0x11cc  Dnscache - ok
19:44:35.0050 0x11cc  dot3svc - ok
19:44:35.0053 0x11cc  DPS - ok
19:44:35.0055 0x11cc  drmkaud - ok
19:44:35.0057 0x11cc  DsmSvc - ok
19:44:35.0059 0x11cc  DsSvc - ok
19:44:35.0061 0x11cc  DtsApo4Service - ok
19:44:35.0063 0x11cc  DusmSvc - ok
19:44:35.0065 0x11cc  DXGKrnl - ok
19:44:35.0067 0x11cc  EABackgroundService - ok
19:44:35.0069 0x11cc  Eaphost - ok
19:44:35.0071 0x11cc  EasyAntiCheat - ok
19:44:35.0073 0x11cc  ebdrv - ok
19:44:35.0075 0x11cc  edgeupdate - ok
19:44:35.0077 0x11cc  edgeupdatem - ok
19:44:35.0079 0x11cc  EFS - ok
19:44:35.0081 0x11cc  EhStorClass - ok
19:44:35.0083 0x11cc  EhStorTcgDrv - ok
19:44:35.0085 0x11cc  embeddedmode - ok
19:44:35.0086 0x11cc  EntAppSvc - ok
19:44:35.0088 0x11cc  EpicOnlineServices - ok
19:44:35.0090 0x11cc  ErrDev - ok
19:44:35.0093 0x11cc  EventLog - ok
19:44:35.0095 0x11cc  EventSystem - ok
19:44:35.0097 0x11cc  exfat - ok
19:44:35.0099 0x11cc  fastfat - ok
19:44:35.0100 0x11cc  Fax - ok
19:44:35.0102 0x11cc  fdc - ok
19:44:35.0104 0x11cc  fdPHost - ok
19:44:35.0106 0x11cc  FDResPub - ok
19:44:35.0108 0x11cc  fhsvc - ok
19:44:35.0110 0x11cc  FileCrypt - ok
19:44:35.0112 0x11cc  FileInfo - ok
19:44:35.0114 0x11cc  FileSyncHelper - ok
19:44:35.0116 0x11cc  Filetrace - ok
19:44:35.0118 0x11cc  flpydisk - ok
19:44:35.0120 0x11cc  FltMgr - ok
19:44:35.0121 0x11cc  FontCache - ok
19:44:35.0123 0x11cc  FontCache3.0.0.0 - ok
19:44:35.0126 0x11cc  FrameServer - ok
19:44:35.0128 0x11cc  FsDepends - ok
19:44:35.0130 0x11cc  Fs_Rec - ok
19:44:35.0132 0x11cc  fvevol - ok
19:44:35.0134 0x11cc  FvSvc - ok
19:44:35.0136 0x11cc  gameflt - ok
19:44:35.0138 0x11cc  GamingServices - ok
19:44:35.0140 0x11cc  GamingServicesNet - ok
19:44:35.0142 0x11cc  gencounter - ok
19:44:35.0144 0x11cc  genericusbfn - ok
19:44:35.0146 0x11cc  GoogleChromeElevationService - ok
19:44:35.0148 0x11cc  GPIOClx0101 - ok
19:44:35.0150 0x11cc  gpsvc - ok
19:44:35.0152 0x11cc  GpuEnergyDrv - ok
19:44:35.0154 0x11cc  GraphicsPerfSvc - ok
19:44:35.0156 0x11cc  gupdate - ok
19:44:35.0158 0x11cc  gupdatem - ok
19:44:35.0160 0x11cc  HdAudAddService - ok
19:44:35.0162 0x11cc  HDAudBus - ok
19:44:35.0164 0x11cc  HidBatt - ok
19:44:35.0166 0x11cc  HidBth - ok
19:44:35.0168 0x11cc  hidi2c - ok
19:44:35.0170 0x11cc  hidinterrupt - ok
19:44:35.0172 0x11cc  HidIr - ok
19:44:35.0174 0x11cc  hidserv - ok
19:44:35.0175 0x11cc  hidspi - ok
19:44:35.0177 0x11cc  HIDSwitch - ok
19:44:35.0179 0x11cc  HidUsb - ok
19:44:35.0183 0x11cc  HpSAMD - ok
19:44:35.0185 0x11cc  HTTP - ok
19:44:35.0187 0x11cc  hvcrash - ok
19:44:35.0189 0x11cc  HvHost - ok
19:44:35.0191 0x11cc  hvservice - ok
19:44:35.0193 0x11cc  HwNClx0101 - ok
19:44:35.0195 0x11cc  hwpolicy - ok
19:44:35.0197 0x11cc  hyperkbd - ok
19:44:35.0199 0x11cc  HyperVideo - ok
19:44:35.0201 0x11cc  i8042prt - ok
19:44:35.0202 0x11cc  iagpio - ok
19:44:35.0204 0x11cc  iai2c - ok
19:44:35.0206 0x11cc  iaLPSS2i_GPIO2 - ok
19:44:35.0208 0x11cc  iaLPSS2i_GPIO2_BXT_P - ok
19:44:35.0210 0x11cc  iaLPSS2i_GPIO2_CNL - ok
19:44:35.0212 0x11cc  iaLPSS2i_GPIO2_GLK - ok
19:44:35.0214 0x11cc  iaLPSS2i_I2C - ok
19:44:35.0216 0x11cc  iaLPSS2i_I2C_BXT_P - ok
19:44:35.0218 0x11cc  iaLPSS2i_I2C_CNL - ok
19:44:35.0220 0x11cc  iaLPSS2i_I2C_GLK - ok
19:44:35.0222 0x11cc  iaLPSSi_GPIO - ok
19:44:35.0224 0x11cc  iaLPSSi_I2C - ok
19:44:35.0226 0x11cc  iaStorAVC - ok
19:44:35.0228 0x11cc  iaStorV - ok
19:44:35.0230 0x11cc  ibbus - ok
19:44:35.0232 0x11cc  icssvc - ok
19:44:35.0234 0x11cc  IGO_VSD - ok
19:44:35.0236 0x11cc  IKEEXT - ok
19:44:35.0238 0x11cc  IndirectKmd - ok
19:44:35.0241 0x11cc  InstallService - ok
19:44:35.0243 0x11cc  IntcAzAudAddService - ok
19:44:35.0245 0x11cc  intelide - ok
19:44:35.0247 0x11cc  intelpep - ok
19:44:35.0248 0x11cc  intelpmax - ok
19:44:35.0250 0x11cc  intelppm - ok
19:44:35.0252 0x11cc  iorate - ok
19:44:35.0254 0x11cc  IpFilterDriver - ok
19:44:35.0256 0x11cc  iphlpsvc - ok
19:44:35.0258 0x11cc  IPMIDRV - ok
19:44:35.0260 0x11cc  IPNAT - ok
19:44:35.0262 0x11cc  IPT - ok
19:44:35.0264 0x11cc  IpxlatCfgSvc - ok
19:44:35.0265 0x11cc  isapnp - ok
19:44:35.0267 0x11cc  iScsiPrt - ok
19:44:35.0269 0x11cc  ItSas35i - ok
19:44:35.0271 0x11cc  kbdclass - ok
19:44:35.0273 0x11cc  kbdhid - ok
19:44:35.0275 0x11cc  kdnic - ok
19:44:35.0277 0x11cc  KeyIso - ok
19:44:35.0279 0x11cc  KSecDD - ok
19:44:35.0281 0x11cc  KSecPkg - ok
19:44:35.0283 0x11cc  ksthunk - ok
19:44:35.0285 0x11cc  KtmRm - ok
19:44:35.0287 0x11cc  LanmanServer - ok
19:44:35.0289 0x11cc  LanmanWorkstation - ok
19:44:35.0292 0x11cc  lfsvc - ok
19:44:35.0294 0x11cc  LicenseManager - ok
19:44:35.0296 0x11cc  LightingService - ok
19:44:35.0299 0x11cc  lltdio - ok
19:44:35.0301 0x11cc  lltdsvc - ok
19:44:35.0303 0x11cc  lmhosts - ok
19:44:35.0306 0x11cc  LSI_SAS - ok
19:44:35.0307 0x11cc  LSI_SAS2i - ok
19:44:35.0309 0x11cc  LSI_SAS3i - ok
19:44:35.0311 0x11cc  LSI_SSS - ok
19:44:35.0313 0x11cc  LSM - ok
19:44:35.0315 0x11cc  luafv - ok
19:44:35.0317 0x11cc  LxpSvc - ok
19:44:35.0319 0x11cc  MapsBroker - ok
19:44:35.0321 0x11cc  mausbhost - ok
19:44:35.0323 0x11cc  mausbip - ok
19:44:35.0325 0x11cc  MbbCx - ok
19:44:35.0327 0x11cc  megasas - ok
19:44:35.0329 0x11cc  megasas2i - ok
19:44:35.0331 0x11cc  megasas35i - ok
19:44:35.0333 0x11cc  megasr - ok
19:44:35.0335 0x11cc  MessagingService - ok
19:44:35.0338 0x11cc  MicrosoftEdgeElevationService - ok
19:44:35.0340 0x11cc  Microsoft_Bluetooth_AvrcpTransport - ok
19:44:35.0342 0x11cc  MixedRealityOpenXRSvc - ok
19:44:35.0344 0x11cc  mlx4_bus - ok
19:44:35.0346 0x11cc  MMCSS - ok
19:44:35.0348 0x11cc  Modem - ok
19:44:35.0350 0x11cc  monitor - ok
19:44:35.0352 0x11cc  mouclass - ok
19:44:35.0354 0x11cc  mouhid - ok
19:44:35.0356 0x11cc  mountmgr - ok
19:44:35.0358 0x11cc  mpsdrv - ok
19:44:35.0360 0x11cc  mpssvc - ok
19:44:35.0362 0x11cc  MRxDAV - ok
19:44:35.0364 0x11cc  mrxsmb - ok
19:44:35.0366 0x11cc  mrxsmb10 - ok
19:44:35.0368 0x11cc  mrxsmb20 - ok
19:44:35.0370 0x11cc  MsBridge - ok
19:44:35.0372 0x11cc  MSDTC - ok
19:44:35.0376 0x11cc  Msfs - ok
19:44:35.0377 0x11cc  msgpiowin32 - ok
19:44:35.0379 0x11cc  mshidkmdf - ok
19:44:35.0381 0x11cc  mshidumdf - ok
19:44:35.0384 0x11cc  msisadrv - ok
19:44:35.0386 0x11cc  MSiSCSI - ok
19:44:35.0388 0x11cc  msiserver - ok
19:44:35.0390 0x11cc  MSKSSRV - ok
19:44:35.0392 0x11cc  MsLldp - ok
19:44:35.0394 0x11cc  MSPCLOCK - ok
19:44:35.0396 0x11cc  MSPQM - ok
19:44:35.0398 0x11cc  MsQuic - ok
19:44:35.0400 0x11cc  MsRPC - ok
19:44:35.0403 0x11cc  mssmbios - ok
19:44:35.0405 0x11cc  MSTEE - ok
19:44:35.0408 0x11cc  MTConfig - ok
19:44:35.0410 0x11cc  MTKBTFilterx64 - ok
19:44:35.0412 0x11cc  mtkwlex - ok
19:44:35.0414 0x11cc  Mup - ok
19:44:35.0415 0x11cc  mvumis - ok
19:44:35.0418 0x11cc  NativeWifiP - ok
19:44:35.0420 0x11cc  NaturalAuthentication - ok
19:44:35.0422 0x11cc  NcaSvc - ok
19:44:35.0425 0x11cc  NcbService - ok
19:44:35.0427 0x11cc  NcdAutoSetup - ok
19:44:35.0430 0x11cc  ndfltr - ok
19:44:35.0432 0x11cc  NDIS - ok
19:44:35.0434 0x11cc  NdisCap - ok
19:44:35.0436 0x11cc  NdisImPlatform - ok
19:44:35.0438 0x11cc  NdisTapi - ok
19:44:35.0440 0x11cc  Ndisuio - ok
19:44:35.0442 0x11cc  NdisVirtualBus - ok
19:44:35.0444 0x11cc  NdisWan - ok
19:44:35.0446 0x11cc  ndiswanlegacy - ok
19:44:35.0448 0x11cc  NDKPing - ok
19:44:35.0450 0x11cc  ndproxy - ok
19:44:35.0452 0x11cc  Ndu - ok
19:44:35.0454 0x11cc  NetAdapterCx - ok
19:44:35.0456 0x11cc  NetBIOS - ok
19:44:35.0459 0x11cc  NetBT - ok
19:44:35.0461 0x11cc  Netlogon - ok
19:44:35.0463 0x11cc  Netman - ok
19:44:35.0466 0x11cc  netprofm - ok
19:44:35.0468 0x11cc  NetSetupSvc - ok
19:44:35.0470 0x11cc  NetTcpPortSharing - ok
19:44:35.0472 0x11cc  netvsc - ok
19:44:35.0474 0x11cc  NgcCtnrSvc - ok
19:44:35.0476 0x11cc  NgcSvc - ok
19:44:35.0478 0x11cc  NlaSvc - ok
19:44:35.0481 0x11cc  Npfs - ok
19:44:35.0482 0x11cc  npsvctrig - ok
19:44:35.0485 0x11cc  nsi - ok
19:44:35.0486 0x11cc  nsiproxy - ok
19:44:35.0489 0x11cc  Ntfs - ok
19:44:35.0491 0x11cc  Null - ok
19:44:35.0494 0x11cc  nvdimm - ok
19:44:35.0497 0x11cc  NVHDA - ok
19:44:35.0499 0x11cc  nvlddmkm - ok
19:44:35.0501 0x11cc  NvModuleTracker - ok
19:44:35.0503 0x11cc  nvpcf - ok
19:44:35.0505 0x11cc  nvraid - ok
19:44:35.0507 0x11cc  nvstor - ok
19:44:35.0509 0x11cc  nvvad_WaveExtensible - ok
19:44:35.0511 0x11cc  nvvhci - ok
19:44:35.0513 0x11cc  OneDrive Updater Service - ok
19:44:35.0515 0x11cc  OneSyncSvc - ok
19:44:35.0519 0x11cc  Origin Client Service - ok
19:44:35.0521 0x11cc  Origin Web Helper Service - ok
19:44:35.0523 0x11cc  p2pimsvc - ok
19:44:35.0525 0x11cc  p2psvc - ok
19:44:35.0527 0x11cc  Parport - ok
19:44:35.0530 0x11cc  partmgr - ok
19:44:35.0532 0x11cc  PcaSvc - ok
19:44:35.0534 0x11cc  pci - ok
19:44:35.0536 0x11cc  pciide - ok
19:44:35.0538 0x11cc  pcmcia - ok
19:44:35.0540 0x11cc  pcw - ok
19:44:35.0542 0x11cc  pdc - ok
19:44:35.0544 0x11cc  PEAUTH - ok
19:44:35.0546 0x11cc  perceptionsimulation - ok
19:44:35.0549 0x11cc  percsas2i - ok
19:44:35.0551 0x11cc  percsas3i - ok
19:44:35.0554 0x11cc  PerfHost - ok
19:44:35.0559 0x11cc  PhoneSvc - ok
19:44:35.0561 0x11cc  PimIndexMaintenanceSvc - ok
19:44:35.0565 0x11cc  PktMon - ok
19:44:35.0567 0x11cc  pla - ok
19:44:35.0569 0x11cc  PlugPlay - ok
19:44:35.0571 0x11cc  pmem - ok
19:44:35.0573 0x11cc  PnkBstrA - ok
19:44:35.0576 0x11cc  PnkBstrB - ok
19:44:35.0578 0x11cc  PNPMEM - ok
19:44:35.0580 0x11cc  PNRPAutoReg - ok
19:44:35.0582 0x11cc  PNRPsvc - ok
19:44:35.0585 0x11cc  PolicyAgent - ok
19:44:35.0587 0x11cc  portcfg - ok
19:44:35.0590 0x11cc  Power - ok
19:44:35.0592 0x11cc  PptpMiniport - ok
19:44:35.0594 0x11cc  PrintNotify - ok
19:44:35.0597 0x11cc  PrintWorkflowUserSvc - ok
19:44:35.0600 0x11cc  Processor - ok
19:44:35.0602 0x11cc  ProfSvc - ok
19:44:35.0604 0x11cc  Psched - ok
19:44:35.0607 0x11cc  PushToInstall - ok
19:44:35.0609 0x11cc  QWAVE - ok
19:44:35.0611 0x11cc  QWAVEdrv - ok
19:44:35.0613 0x11cc  R0RazerSynapseService - ok
19:44:35.0615 0x11cc  Ramdisk - ok
19:44:35.0618 0x11cc  RasAcd - ok
19:44:35.0620 0x11cc  RasAgileVpn - ok
19:44:35.0622 0x11cc  RasAuto - ok
19:44:35.0625 0x11cc  Rasl2tp - ok
19:44:35.0628 0x11cc  RasMan - ok
19:44:35.0630 0x11cc  RasPppoe - ok
19:44:35.0632 0x11cc  RasSstp - ok
19:44:35.0635 0x11cc  Razer Game Manager Service - ok
19:44:35.0637 0x11cc  Razer Synapse Service - ok
19:44:35.0639 0x11cc  rdbss - ok
19:44:35.0642 0x11cc  rdpbus - ok
19:44:35.0644 0x11cc  RDPDR - ok
19:44:35.0648 0x11cc  RdpVideoMiniport - ok
19:44:35.0651 0x11cc  rdyboost - ok
19:44:35.0654 0x11cc  ReFS - ok
19:44:35.0656 0x11cc  ReFSv1 - ok
19:44:35.0658 0x11cc  RemoteAccess - ok
19:44:35.0661 0x11cc  RemoteRegistry - ok
19:44:35.0664 0x11cc  RetailDemo - ok
19:44:35.0666 0x11cc  RFCOMM - ok
19:44:35.0668 0x11cc  rhproxy - ok
19:44:35.0671 0x11cc  RmSvc - ok
19:44:35.0673 0x11cc  ROG Live Service - ok
19:44:35.0675 0x11cc  RpcEptMapper - ok
19:44:35.0677 0x11cc  RpcLocator - ok
19:44:35.0680 0x11cc  RpcSs - ok
19:44:35.0682 0x11cc  rspndr - ok
19:44:35.0685 0x11cc  rt640x64 - ok
19:44:35.0687 0x11cc  RtkAudioUniversalService - ok
19:44:35.0689 0x11cc  RvControlSvc - ok
19:44:35.0692 0x11cc  RvNetMP60 - ok
19:44:35.0694 0x11cc  RzActionSvc - ok
19:44:35.0697 0x11cc  RzCommon - ok
19:44:35.0699 0x11cc  RzDev_008a - ok
19:44:35.0701 0x11cc  s3cap - ok
19:44:35.0703 0x11cc  SamSs - ok
19:44:35.0706 0x11cc  sbp2port - ok
19:44:35.0708 0x11cc  SCardSvr - ok
19:44:35.0710 0x11cc  ScDeviceEnum - ok
19:44:35.0713 0x11cc  scfilter - ok
19:44:35.0715 0x11cc  Schedule - ok
19:44:35.0717 0x11cc  scmbus - ok
19:44:35.0719 0x11cc  SCPolicySvc - ok
19:44:35.0721 0x11cc  sdbus - ok
19:44:35.0724 0x11cc  SDFRd - ok
19:44:35.0726 0x11cc  SDRSVC - ok
19:44:35.0728 0x11cc  sdstor - ok
19:44:35.0731 0x11cc  seclogon - ok
19:44:35.0733 0x11cc  SecurityHealthService - ok
19:44:35.0736 0x11cc  SEMgrSvc - ok
19:44:35.0739 0x11cc  SENS - ok
19:44:35.0741 0x11cc  SensorDataService - ok
19:44:35.0743 0x11cc  SensorService - ok
19:44:35.0746 0x11cc  SensrSvc - ok
19:44:35.0748 0x11cc  SerCx - ok
19:44:35.0750 0x11cc  SerCx2 - ok
19:44:35.0752 0x11cc  Serenum - ok
19:44:35.0754 0x11cc  Serial - ok
19:44:35.0757 0x11cc  sermouse - ok
19:44:35.0762 0x11cc  SessionEnv - ok
19:44:35.0764 0x11cc  sfloppy - ok
19:44:35.0766 0x11cc  SgrmAgent - ok
19:44:35.0769 0x11cc  SgrmBroker - ok
19:44:35.0771 0x11cc  SharedAccess - ok
19:44:35.0773 0x11cc  SharedRealitySvc - ok
19:44:35.0776 0x11cc  ShellHWDetection - ok
19:44:35.0778 0x11cc  shpamsvc - ok
19:44:35.0780 0x11cc  SiSRaid2 - ok
19:44:35.0783 0x11cc  SiSRaid4 - ok
19:44:35.0785 0x11cc  SmartSAMD - ok
19:44:35.0787 0x11cc  smphost - ok
19:44:35.0790 0x11cc  SmsRouter - ok
19:44:35.0794 0x11cc  SNMPTRAP - ok
19:44:35.0797 0x11cc  spaceparser - ok
19:44:35.0799 0x11cc  spaceport - ok
19:44:35.0801 0x11cc  SpatialGraphFilter - ok
19:44:35.0803 0x11cc  SpbCx - ok
19:44:35.0806 0x11cc  spectrum - ok
19:44:35.0808 0x11cc  Spooler - ok
19:44:35.0810 0x11cc  sppsvc - ok
19:44:35.0812 0x11cc  srv2 - ok
19:44:35.0815 0x11cc  srvnet - ok
19:44:35.0817 0x11cc  SSDPSRV - ok
19:44:35.0819 0x11cc  ssh-agent - ok
19:44:35.0821 0x11cc  SstpSvc - ok
19:44:35.0824 0x11cc  StateRepository - ok
19:44:35.0826 0x11cc  Steam Client Service - ok
19:44:35.0829 0x11cc  stexstor - ok
19:44:35.0831 0x11cc  stisvc - ok
19:44:35.0834 0x11cc  storahci - ok
19:44:35.0836 0x11cc  storflt - ok
19:44:35.0839 0x11cc  stornvme - ok
19:44:35.0841 0x11cc  storqosflt - ok
19:44:35.0843 0x11cc  StorSvc - ok
19:44:35.0845 0x11cc  storufs - ok
19:44:35.0848 0x11cc  storvsc - ok
19:44:35.0850 0x11cc  svsvc - ok
19:44:35.0852 0x11cc  swenum - ok
19:44:35.0855 0x11cc  swprv - ok
19:44:35.0857 0x11cc  Synth3dVsc - ok
19:44:35.0860 0x11cc  SysMain - ok
19:44:35.0863 0x11cc  SystemEventsBroker - ok
19:44:35.0865 0x11cc  TabletInputService - ok
19:44:35.0867 0x11cc  TapiSrv - ok
19:44:35.0870 0x11cc  Tcpip - ok
19:44:35.0872 0x11cc  Tcpip6 - ok
19:44:35.0876 0x11cc  tcpipreg - ok
19:44:35.0879 0x11cc  tdx - ok
19:44:35.0882 0x11cc  Telemetry - ok
19:44:35.0884 0x11cc  terminpt - ok
19:44:35.0886 0x11cc  TermService - ok
19:44:35.0889 0x11cc  Themes - ok
19:44:35.0891 0x11cc  TieringEngineService - ok
19:44:35.0893 0x11cc  TimeBrokerSvc - ok
19:44:35.0896 0x11cc  TokenBroker - ok
19:44:35.0898 0x11cc  TPM - ok
19:44:35.0900 0x11cc  TrkWks - ok
19:44:35.0903 0x11cc  TroubleshootingSvc - ok
19:44:35.0905 0x11cc  TrustedInstaller - ok
19:44:35.0909 0x11cc  TsUsbFlt - ok
19:44:35.0911 0x11cc  TsUsbGD - ok
19:44:35.0913 0x11cc  tunnel - ok
19:44:35.0916 0x11cc  tzautoupdate - ok
19:44:35.0918 0x11cc  UASPStor - ok
19:44:35.0921 0x11cc  UcmCx0101 - ok
19:44:35.0923 0x11cc  UcmTcpciCx0101 - ok
19:44:35.0926 0x11cc  UcmUcsiAcpiClient - ok
19:44:35.0928 0x11cc  UcmUcsiCx0101 - ok
19:44:35.0930 0x11cc  Ucx01000 - ok
19:44:35.0933 0x11cc  UdeCx - ok
19:44:35.0935 0x11cc  udfs - ok
19:44:35.0937 0x11cc  UdkUserSvc - ok
19:44:35.0941 0x11cc  UEFI - ok
19:44:35.0944 0x11cc  Ufx01000 - ok
19:44:35.0946 0x11cc  UfxChipidea - ok
19:44:35.0949 0x11cc  ufxsynopsys - ok
19:44:35.0954 0x11cc  uhssvc - ok
19:44:35.0956 0x11cc  umbus - ok
19:44:35.0959 0x11cc  UmPass - ok
19:44:35.0961 0x11cc  UmRdpService - ok
19:44:35.0963 0x11cc  UnistoreSvc - ok
19:44:35.0967 0x11cc  upnphost - ok
19:44:35.0970 0x11cc  UrsChipidea - ok
19:44:35.0973 0x11cc  UrsCx01000 - ok
19:44:35.0975 0x11cc  UrsSynopsys - ok
19:44:35.0978 0x11cc  usbaudio - ok
19:44:35.0980 0x11cc  usbaudio2 - ok
19:44:35.0982 0x11cc  usbccgp - ok
19:44:35.0985 0x11cc  usbcir - ok
19:44:35.0987 0x11cc  usbehci - ok
19:44:35.0989 0x11cc  usbhub - ok
19:44:35.0992 0x11cc  USBHUB3 - ok
19:44:35.0994 0x11cc  usbohci - ok
19:44:35.0996 0x11cc  usbprint - ok
19:44:35.0999 0x11cc  usbser - ok
19:44:36.0001 0x11cc  USBSTOR - ok
19:44:36.0003 0x11cc  usbuhci - ok
19:44:36.0006 0x11cc  usbvideo - ok
19:44:36.0008 0x11cc  USBXHCI - ok
19:44:36.0010 0x11cc  UserDataSvc - ok
19:44:36.0014 0x11cc  UserManager - ok
19:44:36.0017 0x11cc  UsoSvc - ok
19:44:36.0019 0x11cc  VacSvc - ok
19:44:36.0022 0x11cc  VaultSvc - ok
19:44:36.0024 0x11cc  vdrvroot - ok
19:44:36.0026 0x11cc  vds - ok
19:44:36.0029 0x11cc  VerifierExt - ok
19:44:36.0031 0x11cc  vgc - ok
19:44:36.0033 0x11cc  vgk - ok
19:44:36.0037 0x11cc  vhdmp - ok
19:44:36.0039 0x11cc  vhf - ok
19:44:36.0041 0x11cc  Vid - ok
19:44:36.0044 0x11cc  ViGEmBus - ok
19:44:36.0046 0x11cc  VirtualRender - ok
19:44:36.0048 0x11cc  vmbus - ok
19:44:36.0051 0x11cc  VMBusHID - ok
19:44:36.0054 0x11cc  vmgid - ok
19:44:36.0056 0x11cc  vmicguestinterface - ok
19:44:36.0059 0x11cc  vmicheartbeat - ok
19:44:36.0061 0x11cc  vmickvpexchange - ok
19:44:36.0063 0x11cc  vmicrdv - ok
19:44:36.0066 0x11cc  vmicshutdown - ok
19:44:36.0068 0x11cc  vmictimesync - ok
19:44:36.0071 0x11cc  vmicvmsession - ok
19:44:36.0074 0x11cc  vmicvss - ok
19:44:36.0076 0x11cc  volmgr - ok
19:44:36.0079 0x11cc  volmgrx - ok
19:44:36.0082 0x11cc  volsnap - ok
19:44:36.0085 0x11cc  volume - ok
19:44:36.0087 0x11cc  vpci - ok
19:44:36.0090 0x11cc  vsmraid - ok
19:44:36.0092 0x11cc  VSS - ok
19:44:36.0095 0x11cc  VSTXRAID - ok
19:44:36.0097 0x11cc  vwifibus - ok
19:44:36.0100 0x11cc  vwififlt - ok
19:44:36.0102 0x11cc  vwifimp - ok
19:44:36.0105 0x11cc  W32Time - ok
19:44:36.0108 0x11cc  WaaSMedicSvc - ok
19:44:36.0110 0x11cc  WacomPen - ok
19:44:36.0113 0x11cc  WalletService - ok
19:44:36.0116 0x11cc  wanarp - ok
19:44:36.0118 0x11cc  wanarpv6 - ok
19:44:36.0121 0x11cc  WarpJITSvc - ok
19:44:36.0123 0x11cc  wbengine - ok
19:44:36.0125 0x11cc  WbioSrvc - ok
19:44:36.0128 0x11cc  wcifs - ok
19:44:36.0130 0x11cc  Wcmsvc - ok
19:44:36.0133 0x11cc  wcncsvc - ok
19:44:36.0135 0x11cc  wcnfs - ok
19:44:36.0138 0x11cc  WdBoot - ok
19:44:36.0140 0x11cc  Wdf01000 - ok
19:44:36.0143 0x11cc  WdFilter - ok
19:44:36.0146 0x11cc  WdiServiceHost - ok
19:44:36.0148 0x11cc  WdiSystemHost - ok
19:44:36.0150 0x11cc  wdiwifi - ok
19:44:36.0153 0x11cc  WdmCompanionFilter - ok
19:44:36.0155 0x11cc  WdNisDrv - ok
19:44:36.0158 0x11cc  WdNisSvc - ok
19:44:36.0161 0x11cc  WebClient - ok
19:44:36.0163 0x11cc  Wecsvc - ok
19:44:36.0166 0x11cc  WEPHOSTSVC - ok
19:44:36.0169 0x11cc  wercplsupport - ok
19:44:36.0171 0x11cc  WerSvc - ok
19:44:36.0173 0x11cc  WFDSConMgrSvc - ok
19:44:36.0176 0x11cc  WFPLWFS - ok
19:44:36.0179 0x11cc  WiaRpc - ok
19:44:36.0181 0x11cc  WIMMount - ok
19:44:36.0184 0x11cc  WinDefend - ok
19:44:36.0189 0x11cc  WindowsTrustedRT - ok
19:44:36.0191 0x11cc  WindowsTrustedRTProxy - ok
19:44:36.0194 0x11cc  WinHttpAutoProxySvc - ok
19:44:36.0197 0x11cc  WinMad - ok
19:44:36.0199 0x11cc  Winmgmt - ok
19:44:36.0202 0x11cc  WinNat - ok
19:44:36.0204 0x11cc  WinRM - ok
19:44:36.0210 0x11cc  WINUSB - ok
19:44:36.0212 0x11cc  WinVerbs - ok
19:44:36.0215 0x11cc  wisvc - ok
19:44:36.0217 0x11cc  WlanSvc - ok
19:44:36.0220 0x11cc  wlidsvc - ok
19:44:36.0223 0x11cc  wlpasvc - ok
19:44:36.0226 0x11cc  WManSvc - ok
19:44:36.0228 0x11cc  WmiAcpi - ok
19:44:36.0233 0x11cc  wmiApSrv - ok
19:44:36.0235 0x11cc  WMPNetworkSvc - ok
19:44:36.0238 0x11cc  Wof - ok
19:44:36.0242 0x11cc  workfolderssvc - ok
19:44:36.0245 0x11cc  WpcMonSvc - ok
19:44:36.0247 0x11cc  WPDBusEnum - ok
19:44:36.0250 0x11cc  WpdUpFltr - ok
19:44:36.0252 0x11cc  WpnService - ok
19:44:36.0255 0x11cc  WpnUserService - ok
19:44:36.0260 0x11cc  ws2ifsl - ok
19:44:36.0262 0x11cc  wscsvc - ok
19:44:36.0265 0x11cc  WSearch - ok
19:44:36.0269 0x11cc  wuauserv - ok
19:44:36.0271 0x11cc  WudfPf - ok
19:44:36.0274 0x11cc  WUDFRd - ok
19:44:36.0276 0x11cc  WwanSvc - ok
19:44:36.0279 0x11cc  XblAuthManager - ok
19:44:36.0281 0x11cc  XblGameSave - ok
19:44:36.0284 0x11cc  xboxgip - ok
19:44:36.0287 0x11cc  XboxGipSvc - ok
19:44:36.0289 0x11cc  XboxNetApiSvc - ok
19:44:36.0292 0x11cc  xinputhid - ok
19:44:36.0296 0x11cc  xusb22 - ok
19:44:36.0298 0x11cc  Xvdd - ok
19:44:36.0299 0x11cc  ================ Scan global ===============================
19:44:36.0300 0x11cc  [ Global ] - ok
19:44:36.0300 0x11cc  ================ Scan MBR ==================================
19:44:36.0302 0x11cc  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
19:44:36.0323 0x11cc  \Device\Harddisk0\DR0 - ok
19:44:36.0325 0x11cc  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR4
19:44:36.0354 0x11cc  \Device\Harddisk1\DR4 - ok
19:44:36.0354 0x11cc  ================ Scan VBR ==================================
19:44:36.0356 0x11cc  [ E7E61170E46E5E8CBCB7B73152DC5E72 ] \Device\Harddisk0\DR0\Partition1
19:44:36.0356 0x11cc  \Device\Harddisk0\DR0\Partition1 - ok
19:44:36.0358 0x11cc  [ DAF2A93058A84B52FBF72A1C2E9FB3A3 ] \Device\Harddisk0\DR0\Partition2
19:44:36.0358 0x11cc  \Device\Harddisk0\DR0\Partition2 - ok
19:44:36.0360 0x11cc  [ 2A40C50B9791D32FA19FF8F94CB00FAC ] \Device\Harddisk0\DR0\Partition3
19:44:36.0360 0x11cc  \Device\Harddisk0\DR0\Partition3 - ok
19:44:36.0362 0x11cc  [ 0F9CD7E76572B147EC2E701211105919 ] \Device\Harddisk0\DR0\Partition4
19:44:36.0362 0x11cc  \Device\Harddisk0\DR0\Partition4 - ok
19:44:36.0364 0x11cc  [ 0BF97297D271D69F6B6E71605528E2F3 ] \Device\Harddisk0\DR0\Partition5
19:44:36.0365 0x11cc  \Device\Harddisk0\DR0\Partition5 - ok
19:44:36.0366 0x11cc  [ 86736CD11635ED07355707F737F560BB ] \Device\Harddisk0\DR0\Partition6
19:44:36.0367 0x11cc  \Device\Harddisk0\DR0\Partition6 - ok
19:44:36.0368 0x11cc  [ 46101BCE6E795058518B3B38419EA531 ] \Device\Harddisk1\DR4\Partition1
19:44:36.0368 0x11cc  \Device\Harddisk1\DR4\Partition1 - ok
19:44:36.0369 0x11cc  ================ Scan generic autorun ======================
19:44:36.0369 0x11cc  SecurityHealth - ok
19:44:36.0370 0x11cc  Riot Vanguard - ok
19:44:36.0371 0x11cc  ASUS Smart Display Control - ok
19:44:36.0372 0x11cc  RadminVPN - ok
19:44:36.0372 0x11cc  TeamsMachineInstaller - ok
19:44:36.0373 0x11cc  OneDriveSetup - ok
19:44:36.0374 0x11cc  OneDriveSetup - ok
19:44:36.0375 0x11cc  OneDrive - ok
19:44:36.0376 0x11cc  EpicGamesLauncher - ok
19:44:36.0377 0x11cc  Battle.net - ok
19:44:36.0378 0x11cc  WallpaperEngine - ok
19:44:36.0379 0x11cc  Steam - ok
19:44:36.0379 0x11cc  Discord - ok
19:44:36.0380 0x11cc  EADM - ok
19:44:36.0381 0x11cc  com.squirrel.Teams.Teams - ok
19:44:36.0382 0x11cc  Synapse3 - ok
19:44:36.0472 0x11cc  AV detected via SS2: Windows Defender, windowsdefender:// (  ), 0x61100 ( enabled : updated )
19:44:36.0477 0x11cc  Win FW state via NFP2: enabled ( trusted )
19:44:36.0753 0x11cc  ============================================================
19:44:36.0753 0x11cc  Scan finished
19:44:36.0753 0x11cc  ============================================================
19:44:36.0759 0x0358  Detected object count: 0
19:44:36.0759 0x0358  Actual detected object count: 0

hola, TDSSKiller no encontró ningún problema, ingrese los comandos que me dijiste y no paso nada y estos días hice varios examenes completos con Windows defender y ya no encuentra nada y el pc funciona con normalidad. gracias por la ayuda

Hola nuevamente,

Como paso final descarga la siguiente herramienta:

KrPm

  • Ejecútala, acepta el declaimer.
  • Asegurate de que solo este marcada las opciones:
    • Delete Tools/ Eliminar herramientas
    • Delete now/Eliminar ahora (área de eliminar cuarentenas).
  • Presiona en Run / Ejecutar.

Coméntanos si hay dudas y/o problemas o si no para ir dando el tema por solucionado. Para poder dar el tema por solucionado habría que marcar una respuesta como tal. Te dejo información:

Saludos

Este tema se cerró automáticamente 2 días después de la última publicación. No se permiten nuevas respuestas.