hoy prendi mi pc y windows defender me detector un malware(Trojan:Win32/AgentTesla!ml) el cual intente quitar y no pude y aparecia cada vez que hacia un examen, luego windows defender lo pudo quitar, pero mientras hacia otro examen aparecio este(Trojan:Script/Oneeva.A!ml) tambien le puse quitar y desaparecio, despues busque en el historial de proteccion y me poni correccion incompleta, aunque ahora windows defender me dice que no hay problema, mi duda es si se habra eliminado el malware o aun lo tengo en el sistema. espero su respuesta y gracias de antemano. saludos
Hola @Miguel_Briceno y bienvenido al foro
Te dejo algunos temas de interés y utilidad:
- ¡Bienvenidos! Primeros pasos en el Foro de InfoSpyware
- Preguntas frecuentes de cómo utilizar el foro
- Reglas del Foro
Bueno vamos a revisar un poco entonces:
Descarga y ejecuta Malwarebytes siguiendo el siguiente manual y has un análisis Personalizado. En el manual hay un apartado que indica como se configura:
- Ten en cuenta que como indica el manual tendrías que presionar sobre Analizador y no sobre Analizar.
- Revisa el manual con atención para evitar que hagas un análisis de amenazas
Te dejo algunos temas adicionales para que sepas como traernos el reporte:
Nos traerías este reporte, así como cualquier comentario.
Saludos
hice tambien un analisis con windows defender y no me aparecia nada. gracias por la ayuda
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 25/2/22
Hora del análisis: 20:49
Archivo de registro: 84d2ee68-9695-11ec-81cf-fc34970012fa.json
-Información del software-
Versión: 4.5.4.168
Versión de los componentes: 1.0.1599
Versión del paquete de actualización: 1.0.51649
Licencia: Prueba
-Información del sistema-
SO: Windows 10 (Build 19044.1526)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-QUCNTF5\magno
-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 591851
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 28 min, 54 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 0
(No hay elementos maliciosos detectados)
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 0
(No hay elementos maliciosos detectados)
Archivo: 0
(No hay elementos maliciosos detectados)
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)Hola nuevamente,
Me parece que esta bien. Pero si gustas una confirmación más puedes realizar un escaneo Personalizadocon Eset. Nos traerías su reporte, te dejo su manual:
Si este no encuentra nada podríamos considerar que está limpio el equipo, muy a menos que notes algún problema con el equipo. Ya si encuentra algo sería cuestión que vieramos que encuentra.
Saludos
antes ya había hecho un análisis de amenazas con malwerbytes y tampoco tenia nada pero luego de unas horas me volvió a saltar el Windows defender con una amenaza entonces nose si quede algo todavía
Hola nuevamente,
Bueno como te volvió a saltar has el escaneo con Eset. Dependiendo de si encuentra algo veríamos como proseguir.
Saludos
23:46:54 CmlLineScanner cannot load dll:C:\Users\magno\AppData\Local\ESET\ESETOnlineScanner\esets_apiW No se puede encontrar el módulo especificado.
23:46:56 # product=EOS
# version=8
# ESETOnlineScanner.exe=3.6.6.0
# EOSSerial=
# end=init
# country="Chile"
# lang=13322
23:47:25 Updating
23:47:25 Update Init
23:47:27 Update Download
23:53:42 esets_scanner_reload returned 0
23:53:42 g_uiModuleBuild: 52628
23:53:42 Update Finalize
23:53:42 Call m_esets_charon_send
23:53:42 Call m_esets_charon_destroy
23:53:43 Updated modules version: 52628
23:53:52 Call m_esets_charon_setup_create
23:53:52 Call m_esets_charon_create
23:53:52 m_esets_charon_create OK
23:53:52 Call m_esets_charon_start_send_thread
23:53:52 Call m_esets_charon_setup_set
23:53:52 m_esets_charon_setup_set OK
23:53:52 Scanner engine: 52628
00:37:27 Call m_esets_charon_send
00:37:27 Call m_esets_charon_destroy
22:41:14 # product=EOS
# version=8
# ESETOnlineScanner.exe=3.6.6.0
# EOSSerial=e2cefcfc49c69942a1ea9626d9c1beb8
# end=init
# country="Chile"
# lang=13322
22:43:06 Updating
22:43:06 Update Init
22:43:16 Update Download
22:43:40 esets_scanner_reload returned 0
22:43:40 g_uiModuleBuild: 52640
22:43:40 Update Finalize
22:43:40 Call m_esets_charon_send
22:43:40 Call m_esets_charon_destroy
22:43:41 Updated modules version: 52640
22:43:50 Call m_esets_charon_setup_create
22:43:50 Call m_esets_charon_create
22:43:50 m_esets_charon_create OK
22:43:50 Call m_esets_charon_start_send_thread
22:43:50 Call m_esets_charon_setup_set
22:43:50 m_esets_charon_setup_set OK
22:43:50 Scanner engine: 52640
23:51:17 Call m_esets_charon_send
23:51:17 Call m_esets_charon_destroy
23:52:14 # product=EOS
# version=8
# ESETOnlineScanner.exe=3.6.6.0
# EOSSerial=e2cefcfc49c69942a1ea9626d9c1beb8
# end=init
# country="Chile"
# lang=13322
Hola nuevamente,
Podría ser un falso positivo o algo más. Si te parece vamos a revisar a fondo para estar seguros:
Descarga y ejecuta Argente registry cleaner: de cualquiera de los siguientes links:
Si al ejecutar te pregunta sobre activar el mantenimiento automático dile que NO. Después has que busque y repare todos los errores que encuentre.
Revisa el siguiente manual a detalle y ejecuta FRST:
- No olvides ejecutarlo desde el escritorio.
- Presta especial atención a las instrucciones de como pegar el reporte.
Nos traerías los reportes de FRST: Frst.txt y Adition.txt.
Saludos
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 24-02-2022
Ejecutado por magno (administrador) sobre DESKTOP-QUCNTF5 (ASUSTeK COMPUTER INC. ASUS TUF Gaming A15 FA506QM) (26-02-2022 14:54:58)
Ejecutado desde C:\Users\magno\Desktop
Perfiles cargados: magno
Plataforma: Microsoft Windows 10 Home Single Language Versión 21H2 19044.1526 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSOptimization\AsusOSD.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\DenoiseAIPlugin\ArmouryCrate.DenoiseAI.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCopyAccelerator.exe
(DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(DriverStore\FileRepository\u0363046.inf_amd64_d6f0080b527c99b5\B362912\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0363046.inf_amd64_d6f0080b527c99b5\B362912\atieclxx.exe
(explorer.exe ->) (Charles Milette) C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2021.5.0.0_x64__v826wp6bftszj\TranslucentTB.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <10>
(explorer.exe ->) (Skutta, Kristjan -> ) C:\Users\magno\Downloads\wallpaper_engine\wallpaper32.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0363046.inf_amd64_d6f0080b527c99b5\B362912\atiesrxx.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSLinkRemote\AsusLinkRemote.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSLinkNear\AsusLinkNear.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(services.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Famatech Corp. -> Famatech Corp.) C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.62.18001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.62.18001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_2845149b505e4dbf\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <2>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC.) C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.0.11.0_x64__qmba6cd70vzyy\ArmouryCrate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
Error al acceder al proceso -> SgrmBroker.exe
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3183328 2021-11-29] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [ASUS Smart Display Control] => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [147632 2021-11-17] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [RadminVPN] => C:\Program Files (x86)\Radmin VPN\RvRvpnGui.exe [2109824 2021-12-20] (Famatech Corp. -> Famatech Corp.)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [122427152 2021-07-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2612600 2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33650656 2022-02-16] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1087376 2022-01-16] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\Run: [WallpaperEngine] => C:\Users\magno\Downloads\wallpaper_engine\wallpaper32.exe [2703520 2021-12-13] (Skutta, Kristjan -> )
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4268456 2022-01-16] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\Run: [Discord] => C:\Users\magno\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3146936 2022-01-25] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\magno\AppData\Local\Microsoft\Teams\Update.exe [2454240 2022-02-02] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3523704 2022-01-17] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3523704 2022-01-17] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\98.0.4758.102\Installer\chrmstp.exe [2022-02-16] (Google LLC -> Google LLC)
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {08D88DA5-393C-4DA9-A05F-8D0AAC8F2E85} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {0A734096-1865-4392-9338-6ED0933CE7A3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0D1F43B7-DB0A-4BAD-ABDE-DA7D568EFCEF} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-702135205-795972572-1049269027-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4078456 2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {15DCCE86-D1E2-4AAB-995B-F84CD0F57D33} - System32\Tasks\ASUSSmartDisplayControl => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [147632 2021-11-17] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {16836401-9527-4003-92D3-418C0A7A2018} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {2318AD67-B560-4730-AB5D-109FB68A58D7} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341312 2021-12-09] (Nvidia Corporation -> NVIDIA Corporation)
Task: {257F0619-1C88-4F6C-B27E-D203B6683D61} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21864408 2022-01-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {274D6345-10C9-4673-9378-06667E426ADD} - System32\Tasks\ASUS Update Checker 2.0 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSoftwareManager\AsusUpdateChecker.exe [759952 2022-01-08] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {3DD5E138-E399-46BB-BFF1-FEF779AAE834} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {46342E25-4082-4EF2-A5F2-1F335BF40EDF} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-11-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {4B3247D5-D982-474A-BDA8-8E85EDE5B2B0} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4BB5DEE4-1B42-488B-AC6E-944429F2602E} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4078456 2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {4DB98FF5-CBDF-4D90-8BF3-4A839FE1BDBE} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {5E17B6C8-6296-42F0-BE6C-1EC7F9FE2D24} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [2245560 2021-11-26] (ASUSTeK Computer Inc. -> ASUS)
Task: {6A55FC8C-2769-4622-97A7-9F99727F8ACE} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [114952 2021-11-26] (ASUSTeK Computer Inc. -> ASUS)
Task: {6C4BCB32-C023-42CE-8E25-0E3DC24B768F} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\RtkAudUService64.exe [1138976 2020-08-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {6EBB6320-6F0A-4A03-B88C-177A2A369406} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6FBC7744-B5D1-4571-B403-4863827781B6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {70C9A5C4-B6AB-42F2-9FC6-31E45D07986E} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [158224 2022-01-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {7499EE91-1DF8-4D89-A37C-75E943579CF0} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (Ningún archivo)
Task: {7ACA2A9F-A7BB-4FAF-ABA1-4E52082A571E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7053720 2022-01-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {80FB4728-AC65-41D8-B228-0070F827DA92} - System32\Tasks\MicrosoftEdgeShadowStackRollbackTask => C:\Program Files (x86)\Microsoft\Edge\Application\98.0.1108.62\Installer\setup.exe [3195784 2022-02-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {9BFD1613-1437-40F6-8B4F-CE95C89C0AAA} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSOptimization\AsusHotkey.exe [238736 2022-01-08] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {A07D0C39-B6D8-4471-AC2A-DA9F9DEF39E5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141184 2022-02-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {A66E1BC8-A7F0-48D5-95AA-0E0332897475} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B3850900-32DC-4BB1-8660-7A149448F6DF} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [44733352 2021-11-01] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {B3A8E009-7C71-4321-896B-B548D1C31077} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSystemAnalysis\AsusSystemAnalysis.exe [3042448 2022-01-08] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {B415EC3D-49EB-4C06-8CF2-490A9B09D28E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-01-16] (Google LLC -> Google LLC)
Task: {B681E1B9-70D6-467C-8D03-3AB780A82AFD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7053720 2022-01-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {C00B165B-6654-448A-8185-72F5D8A07355} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21864408 2022-01-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {C8DC05BA-A4A4-4486-94CD-A7DF3A4314D8} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141184 2022-02-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE2A638E-2CF2-45D8-A951-AFF01E57D84A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649216 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {EEBECF91-07B4-4903-B9DC-A97447785ECF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F46D79FE-D51A-4A4D-987E-2AB0159A5380} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d80b245211e7b8 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [158224 2022-01-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {F763CE9C-DA9C-423B-BFBE-44FA0E475E7F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-01-16] (Google LLC -> Google LLC)
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{5c036c22-6870-4fe7-8f90-c4153fd86744}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{e00072de-dcbc-4250-a903-df5d4c44611e}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Profile: C:\Users\magno\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-16]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-01-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-01-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-01-30] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\magno\AppData\Local\Google\Chrome\User Data\Default [2022-02-26]
CHR Notifications: Default -> hxxps://forospyware.com
CHR Extension: (Presentaciones) - C:\Users\magno\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-01-16]
CHR Extension: (Documentos) - C:\Users\magno\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2022-01-16]
CHR Extension: (Google Drive) - C:\Users\magno\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-01-16]
CHR Extension: (YouTube) - C:\Users\magno\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-01-16]
CHR Extension: (Hojas de cálculo) - C:\Users\magno\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-01-16]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\magno\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-17]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\magno\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-16]
CHR Extension: (Gmail) - C:\Users\magno\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-01-16]
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S2 ArmouryCrateControlInterface; C:\WINDOWS\System32\ASUSACCI\ArmouryCrateControlInterface.exe [1176720 2021-11-23] (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe [349408 2021-12-01] (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [158224 2022-01-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusAppService; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\AsusAppService\AsusAppService.exe [870584 2022-01-08] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [179488 2021-09-16] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
R2 ASUSLinkNear; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSLinkNear\AsusLinkNear.exe [1330360 2022-01-08] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSLinkRemote\AsusLinkRemote.exe [762032 2022-01-08] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [158224 2022-01-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSOptimization\AsusOptimization.exe [346256 2022-01-08] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [591176 2022-01-16] (ASUSTeK Computer Inc. -> )
R2 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSoftwareManager\AsusSoftwareManager.exe [1038992 2022-01-08] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSwitch\AsusSwitch.exe [601216 2022-01-08] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSystemAnalysis\AsusSystemAnalysis.exe [3042448 2022-01-08] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [655768 2022-01-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8903520 2022-01-18] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9193944 2022-01-06] (Microsoft Corporation -> Microsoft Corporation)
R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [201376 2020-10-18] (DTS, Inc. -> DTS Inc.)
S2 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [10554008 2022-02-24] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812520 2022-02-08] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-10-01] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncHelper.exe [3373432 2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [3683496 2021-11-24] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7997112 2022-02-25] (Malwarebytes Inc -> Malwarebytes)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.012.0117.0003\OneDriveUpdaterService.exe [3842456 2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2562776 2022-01-25] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3481312 2022-01-25] (Electronic Arts, Inc. -> Electronic Arts)
S2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2022-02-22] (Even Balance, Inc. -> )
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-11-16] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [296568 2022-01-17] (Razer USA Ltd. -> Razer Inc.)
R2 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [6101680 2021-12-17] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R2 RvControlSvc; C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe [1058688 2021-12-20] (Famatech Corp. -> Famatech Corp.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533824 2021-10-21] (Razer USA Ltd. -> Razer Inc.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10429808 2021-11-29] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe [2909208 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe [128376 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_2845149b505e4dbf\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_2845149b505e4dbf\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [41376 2021-07-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [43192 2021-09-16] (ASUSTeK Computer Inc. -> )
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [112848 2020-09-27] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSystemAnalysis\AsusSAIO.sys [35984 2022-01-08] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSOptimization\AsusWmiAcpi.sys [45264 2022-01-08] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S3 atvi-brynhildr; C:\ProgramData\Battle.net_components\brynhildr_odin\brynhildr.sys [2355952 2022-02-15] (Activision Publishing Inc -> Activision Blizzard, Inc.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-18] (ASUSTek Computer Inc. -> ASUS)
R3 IGO_VSD; C:\WINDOWS\system32\drivers\igovsd.sys [42344 2021-07-05] (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-02-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-02-25] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsl7e77f2bd; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4542ADFB-4C24-43EB-B5B0-39EA5219CB48}\MpKslDrv.sys [135440 2022-02-25] (Microsoft Windows -> Microsoft Corporation)
R3 MTKBTFilterx64; C:\WINDOWS\system32\DRIVERS\mtkbtfilterx.sys [276224 2021-07-05] (MEDIATEK INC. -> MediaTek Inc.)
R3 mtkwlex; C:\WINDOWS\System32\drivers\mtkwl6ex.sys [1381288 2021-10-13] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
S3 nvpcf; C:\WINDOWS\System32\drivers\nvpcf.sys [230832 2022-01-10] (Nvidia Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R3 R0RazerSynapseService; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.sys [14544 2022-02-24] (Noriyuki MIYAZAKI -> OpenLibSys.org)
R3 RvNetMP60; C:\WINDOWS\System32\drivers\RvNetMP60.sys [69048 2021-12-20] (Famatech Corp. -> Famatech Corp.)
S3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [54632 2021-03-30] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_008a; C:\WINDOWS\System32\drivers\RzDev_008a.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8480608 2021-11-29] (Riot Games, Inc. -> Riot Games, Inc.)
R1 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [165744 2020-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2022-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [438520 2022-02-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-02-10] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) (Lista blanca) =========
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2022-02-26 14:54 - 2022-02-26 14:55 - 000034403 _____ C:\Users\magno\Desktop\FRST.txt
2022-02-26 14:54 - 2022-02-26 14:55 - 000000000 ____D C:\FRST
2022-02-26 14:52 - 2022-02-26 14:52 - 002312192 _____ (Farbar) C:\Users\magno\Desktop\FRST64.exe
2022-02-26 14:36 - 2022-02-26 14:38 - 000000000 ____D C:\Program Files\Argente - Registry Cleaner
2022-02-26 14:36 - 2022-02-26 14:36 - 000000986 _____ C:\Users\Public\Desktop\Argente - Registry Cleaner.lnk
2022-02-26 14:36 - 2022-02-26 14:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Argente - Registry Cleaner
2022-02-26 14:34 - 2022-02-26 14:35 - 005404387 _____ (Raúl Argente ) C:\Users\magno\Downloads\ARegClean-old.exe
2022-02-26 14:30 - 2022-02-26 14:55 - 000000000 ____D C:\WINDOWS\SysWOW64\lock.lock
2022-02-25 20:45 - 2022-02-25 20:45 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-02-25 20:45 - 2022-02-25 20:45 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-02-25 20:45 - 2022-02-25 20:45 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-02-25 20:44 - 2022-02-25 20:44 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-02-25 20:44 - 2022-02-25 20:44 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-02-25 20:43 - 2022-02-25 20:43 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-02-24 23:47 - 2022-02-25 23:52 - 000001274 _____ C:\Users\magno\Desktop\ESET Online Scanner.lnk
2022-02-24 23:46 - 2022-02-25 23:52 - 000001380 _____ C:\Users\magno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-02-24 23:46 - 2022-02-24 23:46 - 015274968 _____ (ESET) C:\Users\magno\Downloads\esetonlinescanner.exe
2022-02-24 23:46 - 2022-02-24 23:46 - 000000000 ____D C:\Users\magno\AppData\Local\ESET
2022-02-24 23:18 - 2022-02-24 23:18 - 000000000 ____D C:\Users\magno\AppData\Local\mbam
2022-02-24 23:15 - 2022-02-25 20:43 - 000000000 ____D C:\Program Files\Malwarebytes
2022-02-24 23:15 - 2022-02-24 23:15 - 002419896 _____ (Malwarebytes) C:\Users\magno\Downloads\MBSetup.exe
2022-02-24 20:09 - 2022-02-24 20:16 - 000000000 ____D C:\WINDOWS\pss
2022-02-24 18:46 - 2022-02-24 18:46 - 000000000 ___HD C:\$WinREAgent
2022-02-24 18:44 - 2022-02-24 18:44 - 003629536 _____ (AVG Technologies CZ) C:\Users\magno\Downloads\avg_remover_neshta.exe
2022-02-24 14:32 - 2022-02-24 14:32 - 000000000 ____D C:\Program Files\UNP
2022-02-24 14:10 - 2022-02-24 20:16 - 101974016 _____ C:\WINDOWS\system32\config\SOFTWARE
2022-02-24 14:09 - 2022-02-24 14:10 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2022-02-22 21:18 - 2022-02-24 17:14 - 000281688 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2022-02-22 21:18 - 2022-02-22 21:18 - 000000000 ____D C:\Users\magno\AppData\Local\PunkBuster
2022-02-22 21:17 - 2022-02-24 17:14 - 000281688 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2022-02-22 21:17 - 2022-02-23 23:14 - 000281688 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2022-02-22 21:17 - 2022-02-22 21:17 - 000076888 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2022-02-16 00:28 - 2022-02-16 00:28 - 000001074 _____ C:\Users\Public\Desktop\Call of Duty Modern Warfare.lnk
2022-02-16 00:28 - 2022-02-16 00:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Modern Warfare
2022-02-15 16:57 - 2022-02-15 16:57 - 000000000 ____D C:\Users\magno\AppData\Local\Haze1
2022-02-15 16:52 - 2022-02-15 16:52 - 000001510 _____ C:\Users\Public\Desktop\A Way Out.lnk
2022-02-15 16:48 - 2022-02-15 16:48 - 000000000 ____D C:\Users\magno\AppData\LocalLow\Curve Digital
2022-02-15 16:10 - 2022-02-15 16:10 - 000001722 _____ C:\Users\magno\Desktop\DS4Windows - Acceso directo.lnk
2022-02-13 19:04 - 2022-02-13 19:04 - 004936633 _____ C:\Users\magno\Downloads\12 Reglas para Vivir - Un antídoto al caos ( PDFDrive ).pdf
2022-02-13 19:02 - 2022-02-24 18:07 - 000000000 ____D C:\Users\magno\AppData\Local\Amazon
2022-02-13 19:02 - 2022-02-22 20:16 - 000000000 ____D C:\Users\magno\Documents\My Kindle Content
2022-02-13 19:01 - 2022-02-13 19:01 - 061115536 _____ (Amazon.com) C:\Users\magno\Downloads\KindleForPC-installer-1.34.63103.exe
2022-02-12 18:48 - 2022-02-12 18:48 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-02-08 02:13 - 2022-02-08 02:13 - 000000000 ____D C:\Users\magno\AppData\Local\RogueCompany
2022-02-06 00:11 - 2022-02-06 00:11 - 000000000 ____D C:\Users\magno\AppData\Roaming\Synapse3
2022-02-06 00:11 - 2022-02-06 00:11 - 000000000 ____D C:\Users\magno\AppData\Local\Razer
2022-02-06 00:11 - 2022-02-06 00:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2022-02-02 21:26 - 2022-02-24 17:32 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-02-02 09:00 - 2022-02-02 09:00 - 000002366 _____ C:\Users\magno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2022-02-02 09:00 - 2022-02-02 09:00 - 000000000 ____D C:\Users\magno\AppData\Roaming\Teams
2022-01-30 18:55 - 2022-02-17 00:40 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-01-30 18:55 - 2022-02-17 00:40 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-30 18:55 - 2022-01-30 18:55 - 000000000 ___SD C:\Users\magno\Documents\Mis formas
2022-01-30 18:55 - 2022-01-30 18:55 - 000000000 ___RD C:\Users\Default\OneDrive
2022-01-30 18:55 - 2022-01-30 18:55 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2022-01-30 18:55 - 2022-01-30 18:55 - 000000000 ____D C:\Program Files (x86)\Teams Installer
2022-01-30 18:54 - 2022-02-10 16:53 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2022-01-30 18:54 - 2022-02-10 16:53 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2022-01-30 18:54 - 2022-02-06 00:11 - 000002472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2022-01-30 18:54 - 2022-02-06 00:11 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2022-01-30 18:54 - 2022-02-06 00:11 - 000002403 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2022-01-30 18:54 - 2022-01-30 18:54 - 000002540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Empresarial.lnk
2022-01-30 18:54 - 2022-01-30 18:54 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project.lnk
2022-01-30 18:54 - 2022-01-30 18:54 - 000002491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2022-01-30 18:54 - 2022-01-30 18:54 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio.lnk
2022-01-30 18:54 - 2022-01-30 18:54 - 000002399 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2022-01-30 18:54 - 2022-01-30 18:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office
2022-01-30 18:53 - 2022-02-14 20:42 - 000000000 ____D C:\Program Files\Microsoft Office
2022-01-30 18:53 - 2022-01-30 18:53 - 000000000 ____D C:\Program Files\Microsoft Office 15
2022-01-30 18:45 - 2022-01-30 18:45 - 014230214 _____ C:\Users\magno\Documents\Plan de nivelación 2022.pptx
2022-01-27 20:39 - 2022-01-27 20:39 - 000000000 ____D C:\Users\magno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-01-27 20:38 - 2022-01-27 20:39 - 000000000 ____D C:\Users\magno\AppData\Roaming\Zoom
2022-01-27 14:52 - 2022-01-27 14:52 - 000000000 ____D C:\Users\magno\AppData\Local\DBG
2022-01-27 14:52 - 2022-01-27 14:52 - 000000000 ____D C:\Users\magno\AppData\Local\CrashReportClient
2022-01-27 14:44 - 2022-01-27 14:44 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-01-27 14:43 - 2022-01-27 14:43 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-01-27 14:43 - 2022-01-27 14:43 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2022-01-27 14:43 - 2022-01-27 14:43 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2022-02-26 14:54 - 2019-12-07 06:13 - 000000000 ____D C:\WINDOWS\INF
2022-02-26 14:39 - 2022-01-16 18:23 - 000000000 ____D C:\Program Files (x86)\Google
2022-02-26 14:39 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-26 14:37 - 2022-01-23 05:57 - 000003752 _____ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2022-02-26 14:33 - 2022-01-16 14:01 - 000000000 ____D C:\ProgramData\NVIDIA
2022-02-26 12:13 - 2022-01-16 14:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-25 22:04 - 2022-01-16 18:35 - 000000000 ____D C:\Users\magno\AppData\Local\Ubisoft Game Launcher
2022-02-25 21:36 - 2022-01-16 18:19 - 000000000 ____D C:\Users\magno\AppData\Local\D3DSCache
2022-02-25 21:07 - 2022-01-16 18:16 - 000004782 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeShadowStackRollbackTask
2022-02-25 21:07 - 2022-01-16 14:01 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-02-25 21:07 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-25 21:07 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-25 20:44 - 2019-12-07 06:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-02-25 01:20 - 2022-01-18 01:38 - 000000000 ____D C:\Users\magno\Downloads\DS4Windows
2022-02-25 01:20 - 2022-01-16 18:17 - 000000000 ____D C:\Users\magno
2022-02-25 00:29 - 2022-01-16 18:44 - 002236864 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-02-25 00:29 - 2022-01-16 18:44 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-02-25 00:28 - 2022-01-16 18:44 - 000337360 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-02-25 00:28 - 2022-01-16 18:44 - 000218576 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-02-25 00:28 - 2022-01-16 18:44 - 000198120 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-02-25 00:28 - 2022-01-16 18:44 - 000119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-02-25 00:28 - 2022-01-16 18:44 - 000062928 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-02-24 23:19 - 2022-01-17 19:22 - 000000000 ____D C:\Users\magno\AppData\Local\CrashDumps
2022-02-24 23:03 - 2022-01-16 23:38 - 000000000 ____D C:\Users\magno\AppData\Roaming\discord
2022-02-24 23:03 - 2022-01-16 18:59 - 000000000 ____D C:\Program Files (x86)\Call of Duty Modern Warfare
2022-02-24 23:03 - 2022-01-16 18:53 - 000000000 ____D C:\Users\magno\AppData\Local\Battle.net
2022-02-24 22:56 - 2022-01-16 23:38 - 000002229 _____ C:\Users\magno\Desktop\Discord.lnk
2022-02-24 22:56 - 2022-01-16 23:38 - 000000000 ____D C:\Users\magno\AppData\Local\Discord
2022-02-24 22:10 - 2022-01-16 18:10 - 001767126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-24 22:10 - 2019-12-07 11:55 - 000786280 _____ C:\WINDOWS\system32\perfh00A.dat
2022-02-24 22:10 - 2019-12-07 11:55 - 000153268 _____ C:\WINDOWS\system32\perfc00A.dat
2022-02-24 20:19 - 2022-01-16 19:11 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2022-02-24 20:17 - 2022-01-16 17:49 - 000000000 ____D C:\WINDOWS\system32\ASUSACCI
2022-02-24 20:16 - 2022-01-16 14:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-24 20:16 - 2022-01-05 22:08 - 000008192 ___SH C:\DumpStack.log.tmp
2022-02-24 20:16 - 2019-12-07 06:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-02-24 19:23 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-02-24 18:50 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-02-24 17:59 - 2022-01-18 01:40 - 000000000 ____D C:\Users\magno\AppData\Roaming\DS4Windows
2022-02-24 17:33 - 2022-01-16 19:19 - 000000000 ____D C:\Program Files (x86)\Steam
2022-02-24 17:32 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-02-24 17:27 - 2022-01-22 20:23 - 000000000 ____D C:\Users\magno\AppData\Local\ElevatedDiagnostics
2022-02-22 21:17 - 2022-01-16 23:29 - 000000000 ____D C:\Users\magno\Documents\My Games
2022-02-20 22:01 - 2022-01-16 18:19 - 000000000 ____D C:\Users\magno\AppData\Local\Packages
2022-02-20 20:49 - 2022-01-19 10:25 - 000000000 ____D C:\Program Files\EA Games
2022-02-20 11:46 - 2022-01-16 19:11 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-02-17 01:27 - 2022-01-19 10:41 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2022-02-16 23:40 - 2022-01-16 18:24 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-02-16 23:40 - 2022-01-16 18:24 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-02-15 23:19 - 2022-01-16 19:00 - 000000000 ____D C:\ProgramData\Battle.net_components
2022-02-15 16:57 - 2022-01-16 18:35 - 000000000 ____D C:\Users\magno\AppData\Local\UnrealEngine
2022-02-15 16:52 - 2022-01-16 18:36 - 000000000 ____D C:\ProgramData\Package Cache
2022-02-15 16:48 - 2022-01-16 18:19 - 000000000 ____D C:\ProgramData\Packages
2022-02-15 16:47 - 2022-01-18 01:09 - 000000000 ____D C:\Users\magno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-02-13 04:20 - 2022-01-16 19:11 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2022-02-13 04:20 - 2022-01-16 14:00 - 000438888 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-02-13 04:18 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-02-13 04:18 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-02-13 04:18 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\servicing
2022-02-11 16:53 - 2022-01-16 19:10 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-02-11 16:52 - 2022-01-16 19:10 - 149611728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-02-10 16:53 - 2022-01-16 18:34 - 000001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2022-02-10 16:53 - 2022-01-16 18:34 - 000000000 ____D C:\ProgramData\Riot Games
2022-02-10 16:52 - 2022-01-16 14:01 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-02-08 02:13 - 2022-01-25 17:08 - 000000000 ____D C:\Users\magno\AppData\Roaming\EasyAntiCheat
2022-02-06 13:27 - 2022-01-16 17:49 - 000000000 ____D C:\Program Files (x86)\Razer
2022-02-06 00:11 - 2022-01-16 14:01 - 000000000 ____D C:\ProgramData\Razer
2022-02-02 21:26 - 2022-01-16 18:20 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-702135205-795972572-1049269027-1001
2022-02-02 09:00 - 2022-01-16 23:38 - 000000000 ____D C:\Users\magno\AppData\Local\SquirrelTemp
2022-01-30 18:55 - 2022-01-16 18:20 - 000000000 ___RD C:\Users\magno\OneDrive
2022-01-30 18:55 - 2019-12-07 06:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-01-30 18:46 - 2022-01-16 18:21 - 000000000 ____D C:\Users\magno\AppData\Local\PlaceholderTileLogoFolder
2022-01-27 14:48 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-27 14:48 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-01-27 14:48 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-01-27 14:48 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-27 14:48 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-01-27 14:48 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-01-27 14:48 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-01-27 14:43 - 2022-01-16 18:06 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-01-27 14:38 - 2022-01-25 16:58 - 000000000 ____D C:\Users\magno\AppData\Roaming\Origin
2022-01-27 14:38 - 2022-01-19 10:27 - 000000000 ____D C:\ProgramData\Origin
2022-01-27 14:37 - 2022-01-19 10:25 - 000000000 ____D C:\Users\magno\AppData\Local\Origin
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
==================== Final de FRST.txt ========================Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 24-02-2022
Ejecutado por magno (26-02-2022 14:55:44)
Ejecutado desde C:\Users\magno\Desktop
Microsoft Windows 10 Home Single Language Versión 21H2 19044.1526 (X64) (2022-01-16 21:06:35)
Modo de Inicio: Normal
==========================================================
==================== Cuentas: =============================
(Si una entrada es incluida en el fixlist, será eliminada.)
Administrador (S-1-5-21-702135205-795972572-1049269027-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-702135205-795972572-1049269027-503 - Limited - Disabled)
Invitado (S-1-5-21-702135205-795972572-1049269027-501 - Limited - Disabled)
magno (S-1-5-21-702135205-795972572-1049269027-1001 - Administrator - Enabled) => C:\Users\magno
WDAGUtilityAccount (S-1-5-21-702135205-795972572-1049269027-504 - Limited - Disabled)
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
A Way Out (HKLM-x32\...\{E8D752CF-2FCC-470D-B0C5-4BFC6F42ACCE}) (Version: 1.0.62.0 - Electronic Arts, Inc.)
AI Noise Cancelation Audio Software (HKLM-x32\...\{ab5f014e-883d-470d-bc2d-127ef91e5611}) (Version: 2.0.0 - ASUSTek Computer Inc.)
AI Noise Cancelation Audio Software SDK (HKLM\...\{1D93BFB8-E73B-453E-829C-147666048421}) (Version: 1.0.5 - ASUSTeK COMPUTER INC.)
Argente - Registry Cleaner 3.1.2.0 (HKLM\...\Argente - Registry Cleaner_is1) (Version: 3.1.2.0 - Raúl Argente)
ARMOURY CRATE Service (HKLM\...\{01378DC3-088F-4F55-AAFA-DC6A9CCA292A}) (Version: 5.0.8 - ASUS)
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.11 - ASUSTek COMPUTER INC.) Hidden
ASUS Framework Service (HKLM-x32\...\{e0ea7709-d842-438e-a773-12f05eeb1939}) (Version: 2.1.2.2 - ASUSTek COMPUTER INC.)
ASUS Framework Service (HKLM-x32\...\{EA6A87BE-8AD3-40D2-944C-9DF5FBFF4332}) (Version: 2.1.2.2 - ASUSTek COMPUTER INC.) Hidden
ASUS Smart Display Control (HKLM-x32\...\{8714A8D1-0F08-4681-9DF6-A8C4607A58B4}) (Version: 1.7.0 - ASUSTek COMPUTER INC.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.67 - ASUSTeK Computer Inc.) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.21 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.21 - ASUS)
AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.05.29 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{abff099e-96f5-4bf4-9c6e-6f435f9f6c55}) (Version: 3.05.29 - ASUSTeK Computer Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.0.185.5109 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{6ae4ab1b-c2da-47c4-9e89-ab7dbf7778cb}) (Version: 12.0.185.5109 - Electronic Arts)
Epic Games Launcher (HKLM-x32\...\{F4793223-C6D6-4B99-ACF2-75C066D278BC}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Far Cry 3 (HKLM-x32\...\Uplay Install 46) (Version: - Ubisoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 98.0.4758.102 - Google LLC)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.5.4.168 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.4.168 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 98.0.1108.62 - Microsoft Corporation)
Microsoft Office LTSC Professional Plus 2021 - es-es (HKLM\...\ProPlus2021Volume - es-es) (Version: 16.0.14332.20238 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.012.0117.0003 - Microsoft Corporation)
Microsoft Project Profesional 2021 - es-es (HKLM\...\ProjectPro2021Volume - es-es) (Version: 16.0.14332.20238 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\Teams) (Version: 1.4.00.19572 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{16E50919-B07A-4B4E-994A-476D4773F5BF}) (Version: 3.65.0.0 - Microsoft Corporation)
Microsoft Visio LTSC Professional 2021 - es-es (HKLM\...\VisioPro2021Volume - es-es) (Version: 16.0.14332.20238 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29914 (HKLM-x32\...\{1b5476d9-ab8e-4b0d-b004-059a1bd5568b}) (Version: 14.28.29914.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.5 (x64) (HKLM-x32\...\{97a0c33d-cb7d-4cff-8239-c7704b60e698}) (Version: 5.0.5.29917 - Microsoft Corporation)
Need for Speed™ Heat (HKLM-x32\...\{8DA46384-7F54-4265-B90F-69BBC08DC3A1}) (Version: 1.0.60.7040 - Electronic Arts)
Nefarius Virtual Gamepad Emulation Bus Driver (HKLM\...\{93D91F60-7C94-4A79-863F-EA713D2EB3F3}) (Version: 1.17.333.0 - Nefarius Software Solutions e.U.)
NVIDIA FrameView SDK 1.2.4999.30397803 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.4999.30397803 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.24.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.126 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20238 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20238 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.14332.20110 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.110.50000 - Electronic Arts, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Radmin VPN 1.2.1 (HKLM-x32\...\{4F6D003D-E674-4019-A4B5-CD632584CFE8}) (Version: 1.2.4457 - Famatech)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.7.0131.011810 - Razer Inc.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
ROG Live Service (HKLM-x32\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.3.10.0 - ASUSTek COMPUTER INC.)
STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.8.16162 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.19572 - Microsoft Corporation)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 128.0.10632 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{D7B591D8-1091-4A00-A0B3-5301C45E5D51}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
VALORANT (HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 98.0.1108.56 - Microsoft Corporation)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\ZoomUMX) (Version: 5.9.3 (3169) - Zoom Video Communications, Inc.)
Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m [2022-01-16] (Advanced Micro Devices Inc.) [Startup Task]
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.0.11.0_x64__qmba6cd70vzyy [2022-01-16] (ASUSTeK COMPUTER INC.)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.23.4.0_x64__6rarf9sa4v8jt [2022-02-01] (Disney)
DTS:X Ultra -> C:\Program Files\WindowsApps\DTSInc.DTSXUltra_1.11.3.0_x64__t5j2fzbtdg37r [2022-01-25] (DTS, Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_134.1.221.0_x64__v10z8vjag6ke6 [2022-01-31] (HP Inc.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.2180.0_x64__8wekyb3d8bbwe [2022-02-25] (Microsoft Studios) [MS Ad]
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.0.0_x64__qmba6cd70vzyy [2022-02-09] (ASUSTeK COMPUTER INC.)
Neat Office -> C:\Program Files\WindowsApps\15191PeakPlayer.NeatOffice_3.3.2.0_x86__y5c4dfz5b21fm [2022-01-30] (Any DVD & Office App)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-01-20] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.15.227.0_x64__dt26b99r8h8gj [2022-01-16] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0 [2022-02-22] (Spotify AB) [Startup Task]
TranslucentTB -> C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2021.5.0.0_x64__v826wp6bftszj [2022-01-25] (Charles Milette) [Startup Task]
World War Z -> C:\Program Files\WindowsApps\MadDogGamesLLC.WWZBaseGamePC_1.0.70.0_x64__6wkgvezv94m76 [2022-02-13] (Saber Interactive Inc.)
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
CustomCLSID: HKU\S-1-5-21-702135205-795972572-1049269027-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\magno\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21105.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-02-25] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.012.0117.0003\FileSyncShell64.dll [2022-02-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-01-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_2845149b505e4dbf\nvshext.dll [2022-01-11] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-02-25] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Lista blanca) ====================
==================== Accesos directos & WMI ========================
==================== Módulos cargados (Lista blanca) =============
2021-08-18 14:27 - 2021-08-18 14:27 - 000477696 _____ () [Archivo no firmado] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi-napi\prebuilds\win32-ia32\node.napi.node
2021-08-18 14:27 - 2021-08-18 14:27 - 000471040 _____ () [Archivo no firmado] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref-napi\prebuilds\win32-ia32\node.napi.node
2021-08-18 14:27 - 2021-08-18 14:27 - 000454656 _____ () [Archivo no firmado] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\registry-js\prebuilds\win32-ia32\node.napi.node
2022-01-16 19:00 - 2019-12-23 18:51 - 000093184 _____ () [Archivo no firmado] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\zlibwapi.dll
2021-08-18 14:27 - 2021-08-18 14:27 - 000081920 _____ () [Archivo no firmado] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll
2022-01-16 19:01 - 2022-01-16 19:01 - 079408640 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.0.11.0_x64__qmba6cd70vzyy\ArmouryCrate.dll
2020-05-26 17:08 - 2020-05-26 17:08 - 002831360 _____ (Apache Software Foundation) [Archivo no firmado] C:\Program Files (x86)\LightingService\log4cxx.dll
2022-01-16 19:00 - 2019-06-26 16:07 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libcrypto-1_1-x64.dll
2022-01-16 19:00 - 2019-06-26 16:07 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libssl-1_1-x64.dll
2022-01-25 17:01 - 2022-01-25 17:01 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\Origin\LIBEAY32.dll
2022-01-25 17:01 - 2022-01-25 17:01 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\Origin\ssleay32.dll
2022-01-25 17:01 - 2022-01-25 17:01 - 001611264 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-01-25 17:01 - 2022-01-25 17:01 - 005487104 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-01-25 17:01 - 2022-01-25 17:01 - 005841920 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-01-25 17:01 - 2022-01-25 17:01 - 001179136 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-01-25 17:01 - 2022-01-25 17:01 - 000146432 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-01-25 17:01 - 2022-01-25 17:01 - 005089792 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-01-25 17:01 - 2022-01-25 17:01 - 000184832 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5Xml.dll
==================== Alternate Data Streams (Lista blanca) ========
(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk:5465085A2F [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [3018]
AlternateDataStreams: C:\Users\magno\AppData\Local\Temp:$DATA [16]
==================== Modo Seguro (Lista blanca) ==================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Asociación (Lista blanca) =================
==================== Internet Explorer (Lista blanca) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-01-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-01-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-30] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2019-12-07 06:14 - 2019-12-07 06:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKU\S-1-5-21-702135205-795972572-1049269027-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\magno\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\asus.jpg
DNS Servers: 192.168.43.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Firewall de Windows está habilitado.
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
(Si una entrada es incluida en el fixlist, será eliminada.)
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run32: => "ASUS Smart Display Control"
HKLM\...\StartupApproved\Run32: => "RadminVPN"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_FC96F1C2327B6F350DD3F6EEAB27A78F"
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\StartupApproved\Run: => "Battle.net"
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-702135205-795972572-1049269027-1001\...\StartupApproved\Run: => "Synapse3"
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
FirewallRules: [{FACDC178-E335-4A55-8604-DE1B38984AAB}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.0.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [Archivo no firmado]
FirewallRules: [{9F19F33C-F4C4-4D6D-BD46-1558E62E39D2}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.0.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [Archivo no firmado]
FirewallRules: [{DC3B9B71-AB9A-4A35-98CD-41F9FD660155}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.0.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [Archivo no firmado]
FirewallRules: [{C4B21F7D-0DC0-45FA-859A-92FBE989B805}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.0.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [Archivo no firmado]
FirewallRules: [{EF854D5C-8251-485A-831F-35510B2D87EE}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{6FE0BBBB-DD7D-47BC-BAA8-CA5FFA8E4F97}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{4A7038A3-15E2-4EA6-8194-1DEF07C859F8}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
FirewallRules: [{5B923703-9858-426A-AFA9-25176D1190BD}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{E06E6871-FE5F-4F53-8D7F-14B7CB6F6918}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{B7D566A0-415A-4BA0-A775-FB8AA7FEA710}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTEK COMPUTER INCORPORATION -> )
FirewallRules: [{122606D9-5E6D-498C-A0F7-5F523D02C9D3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3CD1B4C2-37C6-4CA4-87CA-F922BDF6397E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{570B69D4-C3D6-43DB-B21E-0592BAF00E83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C4AA051F-5593-433B-BDF8-2708C97A3C88}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{761D3FD5-5093-4725-9733-2E2A4855741D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{C9AC56DB-6C00-46C5-A88E-636B62595DD5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{90E6CE5A-2BBD-46B3-A25C-837749E3E57C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{477751E9-05E4-485C-9C51-C98774285F97}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7107B77B-B777-427A-B990-655977BAD9A2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8223E7B7-936C-4F47-8BBB-E183294D18E5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{E8F84E73-D881-4CE7-8F97-B5027047DD47}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{8DF7DE46-0F99-48C5-9BCB-A6537CD54A0B}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{61238A5D-2FDC-4D8A-A4B6-A2C188CDFF67}] => (Allow) C:\Program Files\EA Games\Need For Speed Heat\NeedForSpeedHeatTrial.exe (Electronic Arts) [Archivo no firmado]
FirewallRules: [{1E18931A-201B-4B8D-AFFF-5B9E529D12AC}] => (Allow) C:\Program Files\EA Games\Need For Speed Heat\NeedForSpeedHeatTrial.exe (Electronic Arts) [Archivo no firmado]
FirewallRules: [{CC8AADD9-E411-41DB-9D95-253C81D3A2A2}] => (Allow) C:\Program Files\EA Games\Need For Speed Heat\NeedForSpeedHeat.exe (Electronic Arts) [Archivo no firmado]
FirewallRules: [{09636149-AD94-428B-8EAC-CE0954C0CB36}] => (Allow) C:\Program Files\EA Games\Need For Speed Heat\NeedForSpeedHeat.exe (Electronic Arts) [Archivo no firmado]
FirewallRules: [{D07E86C4-60AF-4C84-B864-05AE935F96A4}] => (Allow) C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe (Famatech Corp. -> Famatech Corp.)
FirewallRules: [TCP Query User{02BAFC22-9214-4E28-83B5-C34292759E0F}C:\users\magno\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe] => (Allow) C:\users\magno\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe (Plutonium Project -> Plutonium Project) [Archivo no firmado]
FirewallRules: [UDP Query User{4C9492F9-A025-429F-A600-38AABA5E169D}C:\users\magno\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe] => (Allow) C:\users\magno\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe (Plutonium Project -> Plutonium Project) [Archivo no firmado]
FirewallRules: [TCP Query User{853F05DF-4F41-48C3-BEB3-F7F1A1449AEF}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{B0ED1387-B737-42F7-9BE8-2A228F987A39}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{8152C51A-8153-498C-BBF7-A485F1AE75DE}] => (Block) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{82804267-BC6B-4131-86CE-EB96A6954E86}] => (Block) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{3E225A61-D2DE-41CA-8A23-C87CF5635E5F}] => (Allow) C:\Users\magno\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{D4D1B311-2A2E-404D-9B7B-598099716456}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{02AED05B-80C3-47F9-84C5-7F6584978211}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6DCE2FBE-CF66-426D-A545-CB0ECD8BF627}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{44F312CD-AE95-4CF6-8B7D-29DD82DFA25D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2A3F800F-ED50-4252-BB30-66C742B07FBC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CB9E1BDC-A20E-49C6-820F-B2FECB78D4CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rogue Company\RogueCompany.exe (Epic Games, Inc.) [Archivo no firmado]
FirewallRules: [{95D7AEA2-3010-4C5E-A23F-A8ED87ECB4F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rogue Company\RogueCompany.exe (Epic Games, Inc.) [Archivo no firmado]
FirewallRules: [TCP Query User{DD3154EA-5578-4819-8F07-EEBAABB650B3}C:\program files (x86)\steam\steamapps\common\rogue company\roguecompany\binaries\win64\roguecompany.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rogue company\roguecompany\binaries\win64\roguecompany.exe (Hi-Rez Studios, Inc.) [Archivo no firmado]
FirewallRules: [UDP Query User{FA52A111-E8A7-42DE-BBDA-839C8A6FE919}C:\program files (x86)\steam\steamapps\common\rogue company\roguecompany\binaries\win64\roguecompany.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rogue company\roguecompany\binaries\win64\roguecompany.exe (Hi-Rez Studios, Inc.) [Archivo no firmado]
FirewallRules: [{DAB9B801-4C8C-4A39-B93A-707D9995A23D}] => (Allow) C:\Program Files\EA Games\AWayOut\Haze1\Binaries\Win64\AWayOut.exe (Hazelight Studios AB -> Hazelight Studios AB)
FirewallRules: [{DC25E265-A3BB-4E93-84FE-0CAC437A47DA}] => (Allow) C:\Program Files\EA Games\AWayOut\Haze1\Binaries\Win64\AWayOut.exe (Hazelight Studios AB -> Hazelight Studios AB)
FirewallRules: [{39C83347-D748-4BB9-952E-CF37B63BFEB0}] => (Allow) C:\Program Files\EA Games\AWayOut\Haze1\Binaries\Win64\AWayOut_friend.exe (Hazelight Studios AB -> Hazelight Studios AB)
FirewallRules: [{9AEC5CA4-F35A-40AE-8F80-C08FD8F4D9C2}] => (Allow) C:\Program Files\EA Games\AWayOut\Haze1\Binaries\Win64\AWayOut_friend.exe (Hazelight Studios AB -> Hazelight Studios AB)
FirewallRules: [TCP Query User{3292E6E9-DDF7-43C4-B10D-6E0F79C99A7B}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{77735F3C-9A6A-4D2A-8CC5-E7E59344F00C}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{4FBC57CF-FDF2-4BF6-B6E1-14DC77DBE79A}] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{BCD1FAED-F10A-4304-B9F6-EE1C547B8FE2}] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{1B9E111A-D2B5-42A5-ABE1-049F96FE7DF3}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F3715080-85F8-4136-871F-E4B297210C21}] => (Allow) C:\Program Files\EA Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{89F9556B-6EE8-4C1E-BABD-DBCA6FDB861F}] => (Allow) C:\Program Files\EA Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{D960D1C4-9A41-46A0-9819-59960986B838}] => (Allow) C:\Program Files\EA Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts Inc.) [Archivo no firmado]
FirewallRules: [{0E54BB33-966D-46D9-BD42-9752425700D7}] => (Allow) C:\Program Files\EA Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts Inc.) [Archivo no firmado]
FirewallRules: [{9895B27B-C5C1-4D66-AB2A-8013D9367CCA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8AA3DBD3-7CB6-49BB-B1B0-6837EE53BC1C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3939A1F8-9584-42F3-B4DD-125C57242D74}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{59BF69E5-56B2-4DB1-9618-8E3C568080A0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{F4790B62-3210-4856-875F-CBCF2F206DB0}C:\program files\ea games\need for speed heat\needforspeedheat.exe] => (Allow) C:\program files\ea games\need for speed heat\needforspeedheat.exe (Electronic Arts) [Archivo no firmado]
FirewallRules: [UDP Query User{270194CA-98BA-473E-AE59-93A0DBA7219C}C:\program files\ea games\need for speed heat\needforspeedheat.exe] => (Allow) C:\program files\ea games\need for speed heat\needforspeedheat.exe (Electronic Arts) [Archivo no firmado]
FirewallRules: [{6C2F3819-C491-4F65-84C1-6C841D5C0A91}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\98.0.1108.56\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{36A5EF8A-08C1-4AEE-B7C7-6D930AA845BB}C:5\wwzretail.exe] => (Allow) C:5\wwzretail.exe => Ningún archivo
FirewallRules: [UDP Query User{DA932284-ED07-44CF-A45F-70FB462E873C}C:5\wwzretail.exe] => (Allow) C:5\wwzretail.exe => Ningún archivo
FirewallRules: [{65F5C3E0-85E5-48AA-869A-F2B5E8D24FF7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9643724E-924E-43F5-9B75-D7B68575B867}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4E637402-9FDC-42A3-ABD0-573370515C08}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2791077F-1A11-4FC0-A243-555E29A6B862}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{49216C65-1E34-4380-9181-E647DD480F15}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C10859A6-DB28-401D-BDFA-F52263E59836}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DEC5A86E-BE7C-4AF5-875B-94C513A37C24}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EE706A17-7F85-4DB2-84B5-9D7CA5E43D20}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DC4A4FA6-32EE-4E91-99C6-C4545A9BEC2C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{CB003414-A4A2-48D5-816F-B7B591E9C8F8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{308CEDDB-E8B3-47D4-872A-BFBD29D4CB47}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{A928A003-1041-44AD-93FF-91EF154B4E88}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{B7C7BC7F-402E-4FDE-B17D-976861F02E15}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{3DE7A680-AFFE-4603-B504-FD3B7F6CE05E}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{A2DFB7C0-7C81-4BAE-AB85-F869D8D9CABB}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{4B1985E7-A099-4633-9845-F0233DBF43F8}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{92DE344D-6D60-4EC9-AA0F-78E8D0F87337}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSwitch\AsusSwitchNet.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{0795FDB7-8E81-486C-BBAF-EE3E402B3E44}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSLinkNear\AsusLinkNear.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{BF892B4A-245B-4BF4-BCE3-426A4A69DB62}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSwitch\AsusSwitchNetMDNS.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{52588AE8-D412-4064-946D-2B60CC76A591}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{D3366722-141A-4733-91CD-71EDBD1A7610}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{C36E2211-669F-438B-8B76-B976049402F5}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTEK COMPUTER INCORPORATION -> )
FirewallRules: [{2E5B16B2-0821-44E4-A332-ED0AF3698041}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTEK COMPUTER INCORPORATION -> )
==================== Puntos de Restauración =========================
ATENCIÓN: Restaurar Sistema está deshabilitado (Total:456.29 GB) (Free:25.71 GB) (6%)
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
Name: NVIDIA Platform Controllers and Framework
Description: NVIDIA Platform Controllers and Framework
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: NVIDIA
Service: nvpcf
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Errores del registro de eventos: ========================
Errores de aplicación:
==================
Error: (02/26/2022 12:00:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AsusSystemAnalysis.exe, versión: 2.1.16.10, marca de tiempo: 0x61d98280
Nombre del módulo con errores: ntdll.dll, versión: 10.0.19041.1466, marca de tiempo: 0xe2f8ca76
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x00000000000a2070
Identificador del proceso con errores: 0x14a4
Hora de inicio de la aplicación con errores: 0x01d829d49a335fca
Ruta de acceso de la aplicación con errores: C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSystemAnalysis\AsusSystemAnalysis.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: 271e866e-0549-4cf4-bc1b-62d9545bb477
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (02/25/2022 10:17:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa ShellExperienceHost.exe (versión 10.0.19041.1320) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.
Id. de proceso: 3318
Hora de Inicio: 01d82a9dbc01c375
Hora de finalización: 4294967295
Ruta de la aplicación: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Id. de informe: 23afa3e8-3661-4417-9c80-b470e77c642f
Nombre completo del paquete con errores: Microsoft.Windows.ShellExperienceHost_10.0.19041.1320_neutral_neutral_cw5n1h2txyewy
Id. de la aplicación relativa al paquete con errores: App
Tipo de bloqueo: Quiesce
Error: (02/25/2022 09:18:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: SgrmBroker.exe, versión: 10.0.19041.546, marca de tiempo: 0xe6161df9
Nombre del módulo con errores: KERNEL32.DLL, versión: 10.0.19041.1503, marca de tiempo: 0x61b5977b
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000001560a
Identificador del proceso con errores: 0x36b4
Hora de inicio de la aplicación con errores: 0x01d829d4e629bbcc
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\SgrmBroker.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\KERNEL32.DLL
Identificador del informe: dc8031c0-8f18-47ec-af7c-2e0d7b96e145
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (02/25/2022 09:05:19 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: ArmouryCrate.UserSessionHelper.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: código de la excepción c0000005, dirección de la excepción 0000000000000000
Error: (02/25/2022 12:32:33 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Error en la inicialización de la inscripción de certificados de SCEP para WORKGROUP\DESKTOP-QUCNTF5$ a través de https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 25 Feb 2022 03:32:34 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 87bf6517-6b1a-4342-be9c-682d83b2c24d
Método: GET(734ms)
Fase: GetCACaps
No encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (02/24/2022 11:35:56 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center no pudo validar al autor de la llamada con el error %1.
Error: (02/24/2022 11:19:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbamtray.exe, versión: 4.0.0.1250, marca de tiempo: 0x62023b8a
Nombre del módulo con errores: Qt5Core.dll, versión: 5.14.1.0, marca de tiempo: 0x603971ce
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000219dc5
Identificador del proceso con errores: 0x27c4
Hora de inicio de la aplicación con errores: 0x01d829eded1997f4
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Identificador del informe: 39182d40-68c4-4a83-8820-cc6f37c38f0e
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (02/24/2022 08:16:58 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Error en la inicialización de la inscripción de certificados de SCEP para WORKGROUP\DESKTOP-QUCNTF5$ a través de https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Thu, 24 Feb 2022 23:16:59 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 78cd1684-ca6b-4225-b4cd-ee06d2516b50
Método: GET(672ms)
Fase: GetCACaps
No encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Errores del sistema:
=============
Error: (02/26/2022 12:01:00 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio ASUS System Analysis terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.
Error: (02/25/2022 10:43:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error:
Se ha bloqueado la descarga de este controlador
Error: (02/25/2022 10:43:42 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\magno\AppData\Local\Temp\ehdrv.sys
Error: (02/25/2022 10:43:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error:
Se ha bloqueado la descarga de este controlador
Error: (02/25/2022 10:43:42 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\magno\AppData\Local\Temp\ehdrv.sys
Error: (02/25/2022 10:43:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error:
Se ha bloqueado la descarga de este controlador
Error: (02/25/2022 10:43:42 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\magno\AppData\Local\Temp\ehdrv.sys
Error: (02/25/2022 10:43:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error:
Se ha bloqueado la descarga de este controlador
Windows Defender:
================
Date: 2022-02-25 23:12:58
Description:
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {C0770E7C-2951-4F51-B3A9-5459F090413B}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2022-02-25 23:04:25
Description:
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/AgentTesla!ml&threatid=2147760503&enterprise=0
Nombre: Trojan:Win32/AgentTesla!ml
Id.: 2147760503
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Program Files (x86)\ASUS\Update\Download\{AB5F014E-883D-470D-BC2D-127EF91E5611}\5.0.0.9\10839-OQ1F9U-fff39f77595442733cc8f12e70c5348e.zip
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-QUCNTF5\magno
Nombre de proceso: C:\Users\magno\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Versión de inteligencia de seguridad: AV: 1.359.862.0, AS: 1.359.862.0, NIS: 1.359.862.0
Versión de motor: AM: 1.1.18900.3, NIS: 1.1.18900.3
Date: 2022-02-25 01:04:28
Description:
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/AgentTesla!ml&threatid=2147760503&enterprise=0
Nombre: Trojan:Win32/AgentTesla!ml
Id.: 2147760503
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\magno\AppData\Local\Temp\{7EB19E47-8A86-4242-8D8C-920285FCF8CA}-10839-OQ1F9U-fff39f77595442733cc8f12e70c5348e.zip
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe
Versión de inteligencia de seguridad: AV: 1.359.862.0, AS: 1.359.862.0, NIS: 1.359.862.0
Versión de motor: AM: 1.1.18900.3, NIS: 1.1.18900.3
Date: 2022-02-25 00:04:40
Description:
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/AgentTesla!ml&threatid=2147760503&enterprise=0
Nombre: Trojan:Win32/AgentTesla!ml
Id.: 2147760503
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\magno\AppData\Local\Temp\{EB702047-EBDF-4351-8B74-F7A281926C3B}-10839-OQ1F9U-fff39f77595442733cc8f12e70c5348e.zip
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-QUCNTF5\magno
Nombre de proceso: C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe
Versión de inteligencia de seguridad: AV: 1.359.862.0, AS: 1.359.862.0, NIS: 1.359.862.0
Versión de motor: AM: 1.1.18900.3, NIS: 1.1.18900.3
Date: 2022-02-25 00:04:34
Description:
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/AgentTesla!ml&threatid=2147760503&enterprise=0
Nombre: Trojan:Win32/AgentTesla!ml
Id.: 2147760503
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\magno\AppData\Local\Temp\{EB702047-EBDF-4351-8B74-F7A281926C3B}-10839-OQ1F9U-fff39f77595442733cc8f12e70c5348e.zip
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe
Versión de inteligencia de seguridad: AV: 1.359.862.0, AS: 1.359.862.0, NIS: 1.359.862.0
Versión de motor: AM: 1.1.18900.3, NIS: 1.1.18900.3
Event[0]:
Date: 2022-02-24 20:13:18
Description:
La característica Protección en tiempo real de Antivirus de Microsoft Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores
Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.
Date: 2022-02-24 20:11:09
Description:
La característica Protección en tiempo real de Antivirus de Microsoft Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores
Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.
Date: 2022-02-24 20:09:49
Description:
La característica Protección en tiempo real de Antivirus de Microsoft Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores
Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.
Date: 2022-02-24 17:43:24
Description:
Antivirus de Microsoft Defender encontró un error crítico al realizar una acción en malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/AgentTesla!ml&threatid=2147760503&enterprise=0
Nombre: Trojan:Win32/AgentTesla!ml
Id.: 2147760503
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\magno\AppData\Local\Temp\{5A4BDC7C-CF5D-43E9-9BD8-8E7FDABCD82C}-10839-OQ1F9U-fff39f77595442733cc8f12e70c5348e.zip
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-QUCNTF5\magno
Nombre de proceso: C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe
Acción: Desconocido
Estado de acción: No additional actions required
Código de error: 0x80508033
Descripción del error: Problema inesperado. Instale todas las actualizaciones disponibles e intente iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulte Ayuda y soporte técnico.
Versión de inteligencia de seguridad: AV: 1.359.852.0, AS: 1.359.852.0, NIS: 1.359.852.0
Versión del motor: AM: 1.1.18900.3, NIS: 1.1.18900.3
Date: 2022-02-20 10:51:09
Description:
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.359.442.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor:
Versión anterior del motor: 1.1.18900.3
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección
CodeIntegrity:
===============
Date: 2022-02-25 22:43:42
Description:
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume3\Users\magno\AppData\Local\Temp\ehdrv.sys that is not compatible with hypervisor enforcement. Failure bitmap 0x1. Status 0xC00000BB.
==================== Información de la memoria ===========================
BIOS: American Megatrends International, LLC. FA506QM.307 06/02/2021
Placa base: ASUSTeK COMPUTER INC. FA506QM
Procesador: AMD Ryzen 7 5800H with Radeon Graphics
Porcentaje de memoria en uso: 45%
RAM física total: 15774.67 MB
RAM física disponible: 8670.92 MB
Virtual total: 19614.67 MB
Virtual disponible: 10560.12 MB
==================== Unidades ================================
Drive c: (OS) (Fixed) (Total:456.29 GB) (Free:25.71 GB) (Protected) NTFS
\\?\Volume{55576f03-d50f-4957-897b-60ac4c54ebd0}\ (RECOVERY) (Fixed) (Total:0.68 GB) (Free:0.19 GB) NTFS
\\?\Volume{333d4a87-c00c-4df8-a52d-46187a0b3490}\ (RESTORE) (Fixed) (Total:19.5 GB) (Free:3.63 GB) NTFS
\\?\Volume{b239a7c7-0c3b-4baa-8d0a-95b277db0305}\ (MYASUS) (Fixed) (Total:0.19 GB) (Free:0.13 GB) FAT32
\\?\Volume{6629e820-ee38-fffa-6071-1a64003c87a0}\ () (Fixed) (Total:49.73 GB) (Free:0 GB) NTFS
\\?\Volume{71035992-4fed-4d99-8591-fc299d5041da}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Tabla de particiones ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: DED333C9)
Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 1.
==================== Final de Addition.txt =======================en el Argente registry cleaner me salieron alrededor de 1000 errores ya los corregí. muchas gracias por la ayuda
Hola nuevamente,
Realiza lo siguiente:
Crea una copia de seguridad del registro con Registry Backup, no importa si es la versión portable o instalable:
- Después de instalar o descomprimir ejecuta el programa (de ser portable es el ejecutable TweakingRegistryBackup.exe).
- Asegurate que en la pestaña Registry Backup este todo marcado.
- En Backup Name puedes dejarlo por defecto o asignar algún nombre
- Presiona el botón BackUp now
Deshabilita nuevamente tu antivirus: ¿Cómo deshabilitar temporalmente su Antivirus?
En el equipo, con los demás programas cerrados abra el notepad; puede abrirlo en la barra de búsqueda de windows y escribiendo notepad.exe
Posteriormente, copie y pegue este script de reparación dentro del Notepad comenzando en Start y terminando en End:
Start
SystemRestore: On
CreateRestorePoint:
CloseProcesses:
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk:5465085A2F [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [3018]
AlternateDataStreams: C:\Users\magno\AppData\Local\Temp:$DATA [16]
FirewallRules: [TCP Query User{36A5EF8A-08C1-4AEE-B7C7-6D930AA845BB}C:5\wwzretail.exe] => (Allow) C:5\wwzretail.exe => Ningún archivo
FirewallRules: [UDP Query User{DA932284-ED07-44CF-A45F-70FB462E873C}C:5\wwzretail.exe] => (Allow) C:5\wwzretail.exe => Ningún archivo
unlock: C:\Users\magno\AppData\Local\Temp\ehdrv.sys
unlock: C:\WINDOWS\system32\SgrmBroker.exe
File:C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe; C:\WINDOWS\system32\SgrmBroker.exe; C:\Users\magno\AppData\Local\Temp\ehdrv.sys
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
EmptyTemp:
End- Vaya a Archivo y selecciona Guardar Como.
- En la parte de Codificación elija Unicode o UTF8 según le de la opción.
- Guárdelo bajo el nombre de fixlist.txt en el escritorio al igual que FRST. Esto es muy importante.
¡
ATENCIÓN! El anterior Script de reparación fue hecho específicamente por un miembro del Staff para este usuario, si tiene un problema similar por favor abra su propio tema para recibir ayuda personalizada. Usar Scripts de otros usuarios puede causar daños a su equipo
- Ejecute Frst.exe. y presione el botón Fix / Corregir
- Espere pacientemente a que termine y no use el equipo. Al terminar el equipo podría reiniciarse
- La Herramienta guardará el reporte en su escritorio (Fixlog.txt).
Revisa el siguiente enlace y ejecuta AdwCleaner:
Procura seguir el manual los siguientes apartados:
- Descarga y ejecución
- Analizar y limpiar
- Informes
Nos traerías:
- El reporte de FRST (Fixlog.txt)
- El reporte de Adwcleaner
- Cualquier comentario de como siga el problema y el equipo.
Saludos
Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 27-02-2022
Ejecutado por magno (28-02-2022 18:40:55) Run:1
Ejecutado desde C:\Users\magno\Desktop
Perfiles cargados: magno
Modo de Inicio: Normal
==============================================
fixlist contenido:
*****************
Start
SystemRestore: On
CreateRestorePoint:
CloseProcesses:
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk:5465085A2F [3018]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [3018]
AlternateDataStreams: C:\Users\magno\AppData\Local\Temp:$DATA [16]
FirewallRules: [TCP Query User{36A5EF8A-08C1-4AEE-B7C7-6D930AA845BB}C:5\wwzretail.exe] => (Allow) C:5\wwzretail.exe => Ningún archivo
FirewallRules: [UDP Query User{DA932284-ED07-44CF-A45F-70FB462E873C}C:5\wwzretail.exe] => (Allow) C:5\wwzretail.exe => Ningún archivo
unlock: C:\Users\magno\AppData\Local\Temp\ehdrv.sys
unlock: C:\WINDOWS\system32\SgrmBroker.exe
File:C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe; C:\WINDOWS\system32\SgrmBroker.exe; C:\Users\magno\AppData\Local\Temp\ehdrv.sys
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
EmptyTemp:
End
*****************
SystemRestore: On => Error -> 6%
Error: (0) Error al crear un punto de restauración.
Procesos cerrados correctamente.
C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini => ":B1DA6C571C" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk => ":A1B76439FE" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini => ":41964AA945" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk => ":BE32D07BC5" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk => ":B96E9B8455" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk => ":60EC9648C0" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk => ":5465085A2F" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk => ":1DC1525F34" ADS eliminado correctamente
C:\Users\magno\AppData\Local\Temp => ":$DATA" ADS eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{36A5EF8A-08C1-4AEE-B7C7-6D930AA845BB}C:5\wwzretail.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DA932284-ED07-44CF-A45F-70FB462E873C}C:5\wwzretail.exe" => eliminado correctamente
"C:\Users\magno\AppData\Local\Temp\ehdrv.sys" => no encontrado
"C:\WINDOWS\system32\SgrmBroker.exe" => fue desbloqueado
========================= File:C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe; C:\WINDOWS\system32\SgrmBroker.exe; C:\Users\magno\AppData\Local\Temp\ehdrv.sys ========================
C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe
El archivo está firmado digitalmente
MD5: E4604F84E3813F9E2FBF2B0BC43B8A9B
Fecha de creación y modificación: 2022-01-16 18:59 - 2022-01-16 18:59
Tamaño: 000158224
Atributos: ---AT
Nombre de la compañía: ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.
Interno Nombre: ASUS Update
Original Nombre: AsusUpdate.exe
Producto: ASUS Update
Descripción: ASUS Update
Archivo Versión: 1.3.107.67
Producto Versión: 1.3.107.67
Copyright: Copyright 2019 ASUSTeK Computer Inc.
VirusTotal: https://www.virustotal.com/gui/file/17d5f3ce677529b71d9e96f963f26b3979d8152a3cbb371d66538fdf202f85f3/detection/f-17d5f3ce677529b71d9e96f963f26b3979d8152a3cbb371d66538fdf202f85f3-1645533125
C:\WINDOWS\system32\SgrmBroker.exe
Catalog: C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00~31bf3856ad364e35~amd64~~10.0.19041.1503.cat
El archivo está firmado digitalmente
MD5: 3BA1A18A0DC30A0545E7765CB97D8E63
Fecha de creación y modificación: 2021-10-06 10:42 - 2021-10-06 10:42
Tamaño: 000329504
Atributos: ----A
Nombre de la compañía: Microsoft Windows Publisher -> Microsoft Corporation
Interno Nombre: SgrmBroker
Original Nombre: SgrmBroker.exe
Producto: Microsoft® Windows® Operating System
Descripción: System Guard Runtime Monitor Broker Service
Archivo Versión: 10.0.19041.546 (WinBuild.160101.0800)
Producto Versión: 10.0.19041.546
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/gui/file/f9cbf1ff87d6f11920c4b7367ea2178bf13aa276c65d918950683983f268bc1f/detection/f-f9cbf1ff87d6f11920c4b7367ea2178bf13aa276c65d918950683983f268bc1f-1646008235
"C:\Users\magno\AppData\Local\Temp\ehdrv.sys" => no encontrado
====== Final de File: ======
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= Final de CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de rea local* 1 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de rea local* 2 mientras los medios
est‚n desconectados.
Adaptador de Ethernet Radmin VPN:
Sufijo DNS espec¡fico para la conexi¢n. . :
Direcci¢n IPv6 . . . . . . . . . . : fdfd::1a9f:6d6d
V¡nculo: direcci¢n IPv6 local. . . : fe80::c4b8:1307:5810:4215%4
Direcci¢n IPv4. . . . . . . . . . . . . . : 26.159.109.109
M scara de subred . . . . . . . . . . . . : 255.0.0.0
Puerta de enlace predeterminada . . . . . : 26.0.0.1
Adaptador de Ethernet Ethernet:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de LAN inal mbrica Conexi¢n de rea local* 1:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de LAN inal mbrica Conexi¢n de rea local* 2:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de LAN inal mbrica Wi-Fi:
Sufijo DNS espec¡fico para la conexi¢n. . :
V¡nculo: direcci¢n IPv6 local. . . : fe80::fd91:3663:550c:7925%9
Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.43.89
M scara de subred . . . . . . . . . . . . : 255.255.255.0
Puerta de enlace predeterminada . . . . . : 192.168.43.1
Adaptador de t£nel Teredo Tunneling Pseudo-Interface:
Sufijo DNS espec¡fico para la conexi¢n. . :
Direcci¢n IPv6 . . . . . . . . . . : 2001:0:2877:7aa:408:2478:3f57:d4a6
V¡nculo: direcci¢n IPv6 local. . . : fe80::408:2478:3f57:d4a6%12
Puerta de enlace predeterminada . . . . . :
========= Final de CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.
{A878CB11-CE9B-4DD0-B2F5-E67AF6F01DC1} canceled.
1 out of 1 jobs canceled.
========= Final de CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17926717 B
Java, Flash, Steam htmlcache => 225932988 B
Windows/system/drivers => 59780628 B
Edge => 0 B
Chrome => 379717513 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 50627135 B
systemprofile32 => 50627135 B
LocalService => 50652007 B
NetworkService => 50760413 B
magno => 55143952 B
RecycleBin => 0 B
EmptyTemp: => 897.6 MB datos temporales eliminados.
================================
El sistema necesita reiniciarse.
==== Final de Fixlog 18:41:09 ====# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2022-02-03.4 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-28-2022
# Duration: 00:00:02
# OS: Windows 10 Home Single Language
# Cleaned: 0
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1422 octets] - [28/02/2022 18:56:59]
AdwCleaner[S01].txt - [1483 octets] - [28/02/2022 18:57:35]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
Hola nuevamente,
Realiza lo siguiente:
Revisa el siguiente manual y ejecuta TDSSKiller:
Sigue las instrucciones y realiza un escaneo con la herramienta. Procura marcar de manera adicional las casillas:
- Detect TDLFS files system.
Procura seguir las instrucciones del manual para obtener el reporte.
Revisa en windows update si hay alguna actualización disponible: Actualizar Windows
En la barra de búsqueda escribe cmd y en la primera opción que aparezca da clic derecho y elige Ejecutar como administrador. Se abrirá una ventana negra. Copia y pega los siguientes comandos linea por linea:
dism /online /cleanup-image /restorehealth
dism /online /cleanup-image /startcomponentcleanup
sfc /scannow
Si alguno te pide reiniciar procedes. Revisa si el ultimo comando te informa si encontro alguna infracción y si la pudo reparar. Si encontró y copia y pega este otro comando:
findstr /c:"[SR]" %windir%\Logs\CBS\CBS.log >"%userprofile%\Desktop\sfcdetails.txt"
Esto generará un reporte en tu escritorio llamado sfcdetails. Por favor trae su contenido o adjúntalo en un mensaje.
Nos traerías:
- El reporte de TDSKiller (puedes adjuntarlo de ser muy largo)
- Comentarios si el comando Sfc /scannow encontro problemas y si pudo repararlos.
- Si encontro problemas nos traerías el reporte sfcdetails.txt, caso contrario no hace falta.
- Cualquier comentario de como sigue el sistema.
Saludos
Una publicación ha sido separada a un nuevo tema: Fui infectado con esto Trojan:Script/Oneeva.A!ml Trojan:Win32/AgentTesla!ml
19:43:56.0374 0x07f0 TDSS rootkit removing tool 3.1.0.28 Apr 9 2019 21:11:46
19:43:56.0374 0x07f0 UEFI system
19:44:01.0452 0x07f0 ============================================================
19:44:01.0452 0x07f0 Current date / time: 2022/03/03 19:44:01.0452
19:44:01.0453 0x07f0 SystemInfo:
19:44:01.0453 0x07f0
19:44:01.0453 0x07f0 OS Version: 10.0.19044 ServicePack: 0.0
19:44:01.0453 0x07f0 Product type: Workstation
19:44:01.0453 0x07f0 ComputerName: DESKTOP-QUCNTF5
19:44:01.0453 0x07f0 UserName: magno
19:44:01.0453 0x07f0 Windows directory: C:\WINDOWS
19:44:01.0453 0x07f0 System windows directory: C:\WINDOWS
19:44:01.0453 0x07f0 Running under WOW64
19:44:01.0453 0x07f0 Processor architecture: Intel x64
19:44:01.0453 0x07f0 Number of processors: 16
19:44:01.0453 0x07f0 Page size: 0x1000
19:44:01.0453 0x07f0 Boot type: Normal boot
19:44:01.0453 0x07f0 CodeIntegrityOptions = 0x0000F401
19:44:01.0453 0x07f0 ============================================================
19:44:01.0516 0x07f0 KLMD registered as C:\WINDOWS\system32\drivers\67787521.sys
19:44:01.0517 0x07f0 KLMD ARK init status: drvProperties = 0xF0F02, osBuild = 19044.0, osProperties = 0x3F
19:44:01.0615 0x07f0 System UUID: {D94BFD12-1D6A-7B12-5B80-49CB20064584}
19:44:01.0820 0x07f0 !crdlk
19:44:01.0822 0x07f0 Drive \Device\Harddisk0\DR0 - Size: 0x773C256000 ( 476.94 Gb ), SectorSize: 0x200, Cylinders: 0xF334, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:44:01.0826 0x07f0 Drive \Device\Harddisk1\DR4 - Size: 0xC6EE60000 ( 49.73 Gb ), SectorSize: 0x1000, Cylinders: 0x32B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:44:01.0828 0x07f0 ============================================================
19:44:01.0828 0x07f0 \Device\Harddisk0\DR0:
19:44:01.0828 0x07f0 GPT partitions:
19:44:01.0828 0x07f0 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {71035992-4FED-4D99-8591-FC299D5041DA}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x82000
19:44:01.0828 0x07f0 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {E02525C2-0F9E-47F5-B64B-CDFC14D44F54}, Name: Microsoft reserved partition, StartLBA 0x82800, BlocksNum 0x8000
19:44:01.0828 0x07f0 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {F960A93C-EDCE-4F5C-9474-703D13610F71}, Name: Basic data partition, StartLBA 0x8A800, BlocksNum 0x3909428F
19:44:01.0828 0x07f0 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {55576F03-D50F-4957-897B-60AC4C54EBD0}, Name: Basic data partition, StartLBA 0x3911F000, BlocksNum 0x15E000
19:44:01.0828 0x07f0 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {333D4A87-C00C-4DF8-A52D-46187A0B3490}, Name: Basic data partition, StartLBA 0x3927D000, BlocksNum 0x2700000
19:44:01.0828 0x07f0 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {B239A7C7-0C3B-4BAA-8D0A-95B277DB0305}, Name: Basic data partition, StartLBA 0x3B97D000, BlocksNum 0x64000
19:44:01.0828 0x07f0 MBR partitions:
19:44:01.0828 0x07f0 \Device\Harddisk1\DR4:
19:44:01.0828 0x07f0 GPT partitions:
19:44:01.0829 0x07f0 \Device\Harddisk1\DR4\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6629E820-EE38-FFFA-6071-1A64003C87A0}, Name: , StartLBA 0x4, BlocksNum 0xC6EE58
19:44:01.0829 0x07f0 MBR partitions:
19:44:01.0829 0x07f0 ============================================================
19:44:01.0829 0x07f0 Initialize success
19:44:01.0829 0x07f0 ============================================================
19:44:29.0816 0x11cc ============================================================
19:44:29.0816 0x11cc Scan started
19:44:29.0816 0x11cc Mode: Manual; TDLFS;
19:44:29.0816 0x11cc ============================================================
19:44:29.0816 0x11cc KSN ping started
19:44:29.0982 0x11cc KSN ping finished: true
19:44:30.0024 0x11cc ================ Scan BIOS =================================
19:44:30.0024 0x11cc BIOS info: vendor = American Megatrends International, LLC., version = FA506QM.307, releaseDate = 06/02/2021
19:44:30.0024 0x11cc Base board info: manufacturer = ASUSTeK COMPUTER INC., product = FA506QM, version = 1.0
19:44:34.0730 0x11cc [ A5FA85DA0B604A16F213038B64C7E670, 870B896291C1AA26CA1E7CC1D0EE3265929C98541759109A84791FBF78ED4B36 ] BIOS
19:44:34.0730 0x11cc BIOS - ok
19:44:34.0731 0x11cc ================ Scan system memory ========================
19:44:34.0732 0x11cc System memory - ok
19:44:34.0733 0x11cc ================ Scan services =============================
19:44:34.0740 0x11cc 1394ohci - ok
19:44:34.0742 0x11cc 3ware - ok
19:44:34.0744 0x11cc AarSvc - ok
19:44:34.0747 0x11cc ACPI - ok
19:44:34.0749 0x11cc AcpiDev - ok
19:44:34.0751 0x11cc acpiex - ok
19:44:34.0753 0x11cc acpipagr - ok
19:44:34.0755 0x11cc AcpiPmi - ok
19:44:34.0757 0x11cc acpitime - ok
19:44:34.0759 0x11cc Acx01000 - ok
19:44:34.0762 0x11cc ADP80XX - ok
19:44:34.0765 0x11cc AFD - ok
19:44:34.0767 0x11cc afunix - ok
19:44:34.0769 0x11cc ahcache - ok
19:44:34.0771 0x11cc AJRouter - ok
19:44:34.0773 0x11cc ALG - ok
19:44:34.0775 0x11cc AMD Crash Defender Service - ok
19:44:34.0777 0x11cc AMD External Events Utility - ok
19:44:34.0779 0x11cc amdacpbus - ok
19:44:34.0781 0x11cc amdfendr - ok
19:44:34.0783 0x11cc amdfendrmgr - ok
19:44:34.0786 0x11cc amdgpio2 - ok
19:44:34.0787 0x11cc amdi2c - ok
19:44:34.0789 0x11cc AmdK8 - ok
19:44:34.0791 0x11cc amdkmdag - ok
19:44:34.0794 0x11cc AmdMicroPEP - ok
19:44:34.0796 0x11cc AmdPPM - ok
19:44:34.0798 0x11cc amdpsp - ok
19:44:34.0800 0x11cc AMDRyzenMasterDriverV19 - ok
19:44:34.0802 0x11cc amdsata - ok
19:44:34.0804 0x11cc amdsbs - ok
19:44:34.0805 0x11cc amdxata - ok
19:44:34.0807 0x11cc AMDXE - ok
19:44:34.0809 0x11cc AppID - ok
19:44:34.0811 0x11cc AppIDSvc - ok
19:44:34.0813 0x11cc Appinfo - ok
19:44:34.0815 0x11cc applockerfltr - ok
19:44:34.0817 0x11cc AppReadiness - ok
19:44:34.0818 0x11cc AppXSvc - ok
19:44:34.0821 0x11cc arcsas - ok
19:44:34.0823 0x11cc ArmouryCrateControlInterface - ok
19:44:34.0824 0x11cc ArmouryCrateService - ok
19:44:34.0826 0x11cc asus - ok
19:44:34.0828 0x11cc AsusAppService - ok
19:44:34.0830 0x11cc AsusCertService - ok
19:44:34.0832 0x11cc Asusgio3 - ok
19:44:34.0834 0x11cc ASUSLinkNear - ok
19:44:34.0836 0x11cc ASUSLinkRemote - ok
19:44:34.0838 0x11cc asusm - ok
19:44:34.0840 0x11cc ASUSOptimization - ok
19:44:34.0842 0x11cc AsusPTPDrv - ok
19:44:34.0845 0x11cc AsusROGLSLService - ok
19:44:34.0847 0x11cc AsusSAIO - ok
19:44:34.0850 0x11cc ASUSSoftwareManager - ok
19:44:34.0852 0x11cc ASUSSwitch - ok
19:44:34.0854 0x11cc ASUSSystemAnalysis - ok
19:44:34.0856 0x11cc ASUSSystemDiagnosis - ok
19:44:34.0858 0x11cc AsyncMac - ok
19:44:34.0860 0x11cc atapi - ok
19:44:34.0863 0x11cc AtiHDAudioService - ok
19:44:34.0865 0x11cc ATKWMIACPIIO - ok
19:44:34.0867 0x11cc atvi-brynhildr - ok
19:44:34.0869 0x11cc AudioEndpointBuilder - ok
19:44:34.0871 0x11cc Audiosrv - ok
19:44:34.0873 0x11cc autotimesvc - ok
19:44:34.0875 0x11cc AxInstSV - ok
19:44:34.0877 0x11cc b06bdrv - ok
19:44:34.0878 0x11cc bam - ok
19:44:34.0880 0x11cc BasicDisplay - ok
19:44:34.0882 0x11cc BasicRender - ok
19:44:34.0885 0x11cc BcastDVRUserService - ok
19:44:34.0889 0x11cc bcmfn2 - ok
19:44:34.0891 0x11cc BDESVC - ok
19:44:34.0893 0x11cc Beep - ok
19:44:34.0895 0x11cc BEService - ok
19:44:34.0897 0x11cc BFE - ok
19:44:34.0898 0x11cc bindflt - ok
19:44:34.0900 0x11cc BITS - ok
19:44:34.0902 0x11cc BluetoothUserService - ok
19:44:34.0905 0x11cc bowser - ok
19:44:34.0907 0x11cc BrokerInfrastructure - ok
19:44:34.0909 0x11cc Browser - ok
19:44:34.0911 0x11cc BTAGService - ok
19:44:34.0912 0x11cc BthA2dp - ok
19:44:34.0914 0x11cc BthAvctpSvc - ok
19:44:34.0916 0x11cc BthEnum - ok
19:44:34.0918 0x11cc BthHFAud - ok
19:44:34.0920 0x11cc BthHFEnum - ok
19:44:34.0922 0x11cc BthLEEnum - ok
19:44:34.0924 0x11cc BthMini - ok
19:44:34.0926 0x11cc BTHMODEM - ok
19:44:34.0928 0x11cc BthPan - ok
19:44:34.0930 0x11cc BTHPORT - ok
19:44:34.0932 0x11cc bthserv - ok
19:44:34.0934 0x11cc BTHUSB - ok
19:44:34.0935 0x11cc bttflt - ok
19:44:34.0937 0x11cc buttonconverter - ok
19:44:34.0939 0x11cc CAD - ok
19:44:34.0941 0x11cc camsvc - ok
19:44:34.0943 0x11cc CaptureService - ok
19:44:34.0946 0x11cc cbdhsvc - ok
19:44:34.0949 0x11cc cdfs - ok
19:44:34.0951 0x11cc CDPSvc - ok
19:44:34.0953 0x11cc CDPUserSvc - ok
19:44:34.0955 0x11cc cdrom - ok
19:44:34.0957 0x11cc CertPropSvc - ok
19:44:34.0960 0x11cc cht4iscsi - ok
19:44:34.0961 0x11cc cht4vbd - ok
19:44:34.0964 0x11cc CimFS - ok
19:44:34.0965 0x11cc circlass - ok
19:44:34.0967 0x11cc CldFlt - ok
19:44:34.0970 0x11cc CLFS - ok
19:44:34.0972 0x11cc ClickToRunSvc - ok
19:44:34.0974 0x11cc ClipSVC - ok
19:44:34.0979 0x11cc CmBatt - ok
19:44:34.0981 0x11cc CNG - ok
19:44:34.0983 0x11cc cnghwassist - ok
19:44:34.0985 0x11cc CompositeBus - ok
19:44:34.0987 0x11cc COMSysApp - ok
19:44:34.0990 0x11cc condrv - ok
19:44:34.0993 0x11cc ConsentUxUserSvc - ok
19:44:34.0995 0x11cc CoreMessagingRegistrar - ok
19:44:34.0998 0x11cc CredentialEnrollmentManagerUserSvc - ok
19:44:35.0000 0x11cc CredentialEnrollmentManagerUserSvc_4878eb6 - ok
19:44:35.0003 0x11cc CryptSvc - ok
19:44:35.0005 0x11cc dam - ok
19:44:35.0007 0x11cc DcomLaunch - ok
19:44:35.0009 0x11cc defragsvc - ok
19:44:35.0011 0x11cc DeviceAssociationBrokerSvc - ok
19:44:35.0014 0x11cc DeviceAssociationService - ok
19:44:35.0016 0x11cc DeviceInstall - ok
19:44:35.0018 0x11cc DevicePickerUserSvc - ok
19:44:35.0021 0x11cc DevicesFlowUserSvc - ok
19:44:35.0023 0x11cc DevQueryBroker - ok
19:44:35.0025 0x11cc Dfsc - ok
19:44:35.0027 0x11cc Dhcp - ok
19:44:35.0029 0x11cc diagnosticshub.standardcollector.service - ok
19:44:35.0031 0x11cc diagsvc - ok
19:44:35.0033 0x11cc DiagTrack - ok
19:44:35.0035 0x11cc disk - ok
19:44:35.0037 0x11cc DispBrokerDesktopSvc - ok
19:44:35.0039 0x11cc DisplayEnhancementService - ok
19:44:35.0041 0x11cc DmEnrollmentSvc - ok
19:44:35.0043 0x11cc dmvsc - ok
19:44:35.0045 0x11cc dmwappushservice - ok
19:44:35.0047 0x11cc Dnscache - ok
19:44:35.0050 0x11cc dot3svc - ok
19:44:35.0053 0x11cc DPS - ok
19:44:35.0055 0x11cc drmkaud - ok
19:44:35.0057 0x11cc DsmSvc - ok
19:44:35.0059 0x11cc DsSvc - ok
19:44:35.0061 0x11cc DtsApo4Service - ok
19:44:35.0063 0x11cc DusmSvc - ok
19:44:35.0065 0x11cc DXGKrnl - ok
19:44:35.0067 0x11cc EABackgroundService - ok
19:44:35.0069 0x11cc Eaphost - ok
19:44:35.0071 0x11cc EasyAntiCheat - ok
19:44:35.0073 0x11cc ebdrv - ok
19:44:35.0075 0x11cc edgeupdate - ok
19:44:35.0077 0x11cc edgeupdatem - ok
19:44:35.0079 0x11cc EFS - ok
19:44:35.0081 0x11cc EhStorClass - ok
19:44:35.0083 0x11cc EhStorTcgDrv - ok
19:44:35.0085 0x11cc embeddedmode - ok
19:44:35.0086 0x11cc EntAppSvc - ok
19:44:35.0088 0x11cc EpicOnlineServices - ok
19:44:35.0090 0x11cc ErrDev - ok
19:44:35.0093 0x11cc EventLog - ok
19:44:35.0095 0x11cc EventSystem - ok
19:44:35.0097 0x11cc exfat - ok
19:44:35.0099 0x11cc fastfat - ok
19:44:35.0100 0x11cc Fax - ok
19:44:35.0102 0x11cc fdc - ok
19:44:35.0104 0x11cc fdPHost - ok
19:44:35.0106 0x11cc FDResPub - ok
19:44:35.0108 0x11cc fhsvc - ok
19:44:35.0110 0x11cc FileCrypt - ok
19:44:35.0112 0x11cc FileInfo - ok
19:44:35.0114 0x11cc FileSyncHelper - ok
19:44:35.0116 0x11cc Filetrace - ok
19:44:35.0118 0x11cc flpydisk - ok
19:44:35.0120 0x11cc FltMgr - ok
19:44:35.0121 0x11cc FontCache - ok
19:44:35.0123 0x11cc FontCache3.0.0.0 - ok
19:44:35.0126 0x11cc FrameServer - ok
19:44:35.0128 0x11cc FsDepends - ok
19:44:35.0130 0x11cc Fs_Rec - ok
19:44:35.0132 0x11cc fvevol - ok
19:44:35.0134 0x11cc FvSvc - ok
19:44:35.0136 0x11cc gameflt - ok
19:44:35.0138 0x11cc GamingServices - ok
19:44:35.0140 0x11cc GamingServicesNet - ok
19:44:35.0142 0x11cc gencounter - ok
19:44:35.0144 0x11cc genericusbfn - ok
19:44:35.0146 0x11cc GoogleChromeElevationService - ok
19:44:35.0148 0x11cc GPIOClx0101 - ok
19:44:35.0150 0x11cc gpsvc - ok
19:44:35.0152 0x11cc GpuEnergyDrv - ok
19:44:35.0154 0x11cc GraphicsPerfSvc - ok
19:44:35.0156 0x11cc gupdate - ok
19:44:35.0158 0x11cc gupdatem - ok
19:44:35.0160 0x11cc HdAudAddService - ok
19:44:35.0162 0x11cc HDAudBus - ok
19:44:35.0164 0x11cc HidBatt - ok
19:44:35.0166 0x11cc HidBth - ok
19:44:35.0168 0x11cc hidi2c - ok
19:44:35.0170 0x11cc hidinterrupt - ok
19:44:35.0172 0x11cc HidIr - ok
19:44:35.0174 0x11cc hidserv - ok
19:44:35.0175 0x11cc hidspi - ok
19:44:35.0177 0x11cc HIDSwitch - ok
19:44:35.0179 0x11cc HidUsb - ok
19:44:35.0183 0x11cc HpSAMD - ok
19:44:35.0185 0x11cc HTTP - ok
19:44:35.0187 0x11cc hvcrash - ok
19:44:35.0189 0x11cc HvHost - ok
19:44:35.0191 0x11cc hvservice - ok
19:44:35.0193 0x11cc HwNClx0101 - ok
19:44:35.0195 0x11cc hwpolicy - ok
19:44:35.0197 0x11cc hyperkbd - ok
19:44:35.0199 0x11cc HyperVideo - ok
19:44:35.0201 0x11cc i8042prt - ok
19:44:35.0202 0x11cc iagpio - ok
19:44:35.0204 0x11cc iai2c - ok
19:44:35.0206 0x11cc iaLPSS2i_GPIO2 - ok
19:44:35.0208 0x11cc iaLPSS2i_GPIO2_BXT_P - ok
19:44:35.0210 0x11cc iaLPSS2i_GPIO2_CNL - ok
19:44:35.0212 0x11cc iaLPSS2i_GPIO2_GLK - ok
19:44:35.0214 0x11cc iaLPSS2i_I2C - ok
19:44:35.0216 0x11cc iaLPSS2i_I2C_BXT_P - ok
19:44:35.0218 0x11cc iaLPSS2i_I2C_CNL - ok
19:44:35.0220 0x11cc iaLPSS2i_I2C_GLK - ok
19:44:35.0222 0x11cc iaLPSSi_GPIO - ok
19:44:35.0224 0x11cc iaLPSSi_I2C - ok
19:44:35.0226 0x11cc iaStorAVC - ok
19:44:35.0228 0x11cc iaStorV - ok
19:44:35.0230 0x11cc ibbus - ok
19:44:35.0232 0x11cc icssvc - ok
19:44:35.0234 0x11cc IGO_VSD - ok
19:44:35.0236 0x11cc IKEEXT - ok
19:44:35.0238 0x11cc IndirectKmd - ok
19:44:35.0241 0x11cc InstallService - ok
19:44:35.0243 0x11cc IntcAzAudAddService - ok
19:44:35.0245 0x11cc intelide - ok
19:44:35.0247 0x11cc intelpep - ok
19:44:35.0248 0x11cc intelpmax - ok
19:44:35.0250 0x11cc intelppm - ok
19:44:35.0252 0x11cc iorate - ok
19:44:35.0254 0x11cc IpFilterDriver - ok
19:44:35.0256 0x11cc iphlpsvc - ok
19:44:35.0258 0x11cc IPMIDRV - ok
19:44:35.0260 0x11cc IPNAT - ok
19:44:35.0262 0x11cc IPT - ok
19:44:35.0264 0x11cc IpxlatCfgSvc - ok
19:44:35.0265 0x11cc isapnp - ok
19:44:35.0267 0x11cc iScsiPrt - ok
19:44:35.0269 0x11cc ItSas35i - ok
19:44:35.0271 0x11cc kbdclass - ok
19:44:35.0273 0x11cc kbdhid - ok
19:44:35.0275 0x11cc kdnic - ok
19:44:35.0277 0x11cc KeyIso - ok
19:44:35.0279 0x11cc KSecDD - ok
19:44:35.0281 0x11cc KSecPkg - ok
19:44:35.0283 0x11cc ksthunk - ok
19:44:35.0285 0x11cc KtmRm - ok
19:44:35.0287 0x11cc LanmanServer - ok
19:44:35.0289 0x11cc LanmanWorkstation - ok
19:44:35.0292 0x11cc lfsvc - ok
19:44:35.0294 0x11cc LicenseManager - ok
19:44:35.0296 0x11cc LightingService - ok
19:44:35.0299 0x11cc lltdio - ok
19:44:35.0301 0x11cc lltdsvc - ok
19:44:35.0303 0x11cc lmhosts - ok
19:44:35.0306 0x11cc LSI_SAS - ok
19:44:35.0307 0x11cc LSI_SAS2i - ok
19:44:35.0309 0x11cc LSI_SAS3i - ok
19:44:35.0311 0x11cc LSI_SSS - ok
19:44:35.0313 0x11cc LSM - ok
19:44:35.0315 0x11cc luafv - ok
19:44:35.0317 0x11cc LxpSvc - ok
19:44:35.0319 0x11cc MapsBroker - ok
19:44:35.0321 0x11cc mausbhost - ok
19:44:35.0323 0x11cc mausbip - ok
19:44:35.0325 0x11cc MbbCx - ok
19:44:35.0327 0x11cc megasas - ok
19:44:35.0329 0x11cc megasas2i - ok
19:44:35.0331 0x11cc megasas35i - ok
19:44:35.0333 0x11cc megasr - ok
19:44:35.0335 0x11cc MessagingService - ok
19:44:35.0338 0x11cc MicrosoftEdgeElevationService - ok
19:44:35.0340 0x11cc Microsoft_Bluetooth_AvrcpTransport - ok
19:44:35.0342 0x11cc MixedRealityOpenXRSvc - ok
19:44:35.0344 0x11cc mlx4_bus - ok
19:44:35.0346 0x11cc MMCSS - ok
19:44:35.0348 0x11cc Modem - ok
19:44:35.0350 0x11cc monitor - ok
19:44:35.0352 0x11cc mouclass - ok
19:44:35.0354 0x11cc mouhid - ok
19:44:35.0356 0x11cc mountmgr - ok
19:44:35.0358 0x11cc mpsdrv - ok
19:44:35.0360 0x11cc mpssvc - ok
19:44:35.0362 0x11cc MRxDAV - ok
19:44:35.0364 0x11cc mrxsmb - ok
19:44:35.0366 0x11cc mrxsmb10 - ok
19:44:35.0368 0x11cc mrxsmb20 - ok
19:44:35.0370 0x11cc MsBridge - ok
19:44:35.0372 0x11cc MSDTC - ok
19:44:35.0376 0x11cc Msfs - ok
19:44:35.0377 0x11cc msgpiowin32 - ok
19:44:35.0379 0x11cc mshidkmdf - ok
19:44:35.0381 0x11cc mshidumdf - ok
19:44:35.0384 0x11cc msisadrv - ok
19:44:35.0386 0x11cc MSiSCSI - ok
19:44:35.0388 0x11cc msiserver - ok
19:44:35.0390 0x11cc MSKSSRV - ok
19:44:35.0392 0x11cc MsLldp - ok
19:44:35.0394 0x11cc MSPCLOCK - ok
19:44:35.0396 0x11cc MSPQM - ok
19:44:35.0398 0x11cc MsQuic - ok
19:44:35.0400 0x11cc MsRPC - ok
19:44:35.0403 0x11cc mssmbios - ok
19:44:35.0405 0x11cc MSTEE - ok
19:44:35.0408 0x11cc MTConfig - ok
19:44:35.0410 0x11cc MTKBTFilterx64 - ok
19:44:35.0412 0x11cc mtkwlex - ok
19:44:35.0414 0x11cc Mup - ok
19:44:35.0415 0x11cc mvumis - ok
19:44:35.0418 0x11cc NativeWifiP - ok
19:44:35.0420 0x11cc NaturalAuthentication - ok
19:44:35.0422 0x11cc NcaSvc - ok
19:44:35.0425 0x11cc NcbService - ok
19:44:35.0427 0x11cc NcdAutoSetup - ok
19:44:35.0430 0x11cc ndfltr - ok
19:44:35.0432 0x11cc NDIS - ok
19:44:35.0434 0x11cc NdisCap - ok
19:44:35.0436 0x11cc NdisImPlatform - ok
19:44:35.0438 0x11cc NdisTapi - ok
19:44:35.0440 0x11cc Ndisuio - ok
19:44:35.0442 0x11cc NdisVirtualBus - ok
19:44:35.0444 0x11cc NdisWan - ok
19:44:35.0446 0x11cc ndiswanlegacy - ok
19:44:35.0448 0x11cc NDKPing - ok
19:44:35.0450 0x11cc ndproxy - ok
19:44:35.0452 0x11cc Ndu - ok
19:44:35.0454 0x11cc NetAdapterCx - ok
19:44:35.0456 0x11cc NetBIOS - ok
19:44:35.0459 0x11cc NetBT - ok
19:44:35.0461 0x11cc Netlogon - ok
19:44:35.0463 0x11cc Netman - ok
19:44:35.0466 0x11cc netprofm - ok
19:44:35.0468 0x11cc NetSetupSvc - ok
19:44:35.0470 0x11cc NetTcpPortSharing - ok
19:44:35.0472 0x11cc netvsc - ok
19:44:35.0474 0x11cc NgcCtnrSvc - ok
19:44:35.0476 0x11cc NgcSvc - ok
19:44:35.0478 0x11cc NlaSvc - ok
19:44:35.0481 0x11cc Npfs - ok
19:44:35.0482 0x11cc npsvctrig - ok
19:44:35.0485 0x11cc nsi - ok
19:44:35.0486 0x11cc nsiproxy - ok
19:44:35.0489 0x11cc Ntfs - ok
19:44:35.0491 0x11cc Null - ok
19:44:35.0494 0x11cc nvdimm - ok
19:44:35.0497 0x11cc NVHDA - ok
19:44:35.0499 0x11cc nvlddmkm - ok
19:44:35.0501 0x11cc NvModuleTracker - ok
19:44:35.0503 0x11cc nvpcf - ok
19:44:35.0505 0x11cc nvraid - ok
19:44:35.0507 0x11cc nvstor - ok
19:44:35.0509 0x11cc nvvad_WaveExtensible - ok
19:44:35.0511 0x11cc nvvhci - ok
19:44:35.0513 0x11cc OneDrive Updater Service - ok
19:44:35.0515 0x11cc OneSyncSvc - ok
19:44:35.0519 0x11cc Origin Client Service - ok
19:44:35.0521 0x11cc Origin Web Helper Service - ok
19:44:35.0523 0x11cc p2pimsvc - ok
19:44:35.0525 0x11cc p2psvc - ok
19:44:35.0527 0x11cc Parport - ok
19:44:35.0530 0x11cc partmgr - ok
19:44:35.0532 0x11cc PcaSvc - ok
19:44:35.0534 0x11cc pci - ok
19:44:35.0536 0x11cc pciide - ok
19:44:35.0538 0x11cc pcmcia - ok
19:44:35.0540 0x11cc pcw - ok
19:44:35.0542 0x11cc pdc - ok
19:44:35.0544 0x11cc PEAUTH - ok
19:44:35.0546 0x11cc perceptionsimulation - ok
19:44:35.0549 0x11cc percsas2i - ok
19:44:35.0551 0x11cc percsas3i - ok
19:44:35.0554 0x11cc PerfHost - ok
19:44:35.0559 0x11cc PhoneSvc - ok
19:44:35.0561 0x11cc PimIndexMaintenanceSvc - ok
19:44:35.0565 0x11cc PktMon - ok
19:44:35.0567 0x11cc pla - ok
19:44:35.0569 0x11cc PlugPlay - ok
19:44:35.0571 0x11cc pmem - ok
19:44:35.0573 0x11cc PnkBstrA - ok
19:44:35.0576 0x11cc PnkBstrB - ok
19:44:35.0578 0x11cc PNPMEM - ok
19:44:35.0580 0x11cc PNRPAutoReg - ok
19:44:35.0582 0x11cc PNRPsvc - ok
19:44:35.0585 0x11cc PolicyAgent - ok
19:44:35.0587 0x11cc portcfg - ok
19:44:35.0590 0x11cc Power - ok
19:44:35.0592 0x11cc PptpMiniport - ok
19:44:35.0594 0x11cc PrintNotify - ok
19:44:35.0597 0x11cc PrintWorkflowUserSvc - ok
19:44:35.0600 0x11cc Processor - ok
19:44:35.0602 0x11cc ProfSvc - ok
19:44:35.0604 0x11cc Psched - ok
19:44:35.0607 0x11cc PushToInstall - ok
19:44:35.0609 0x11cc QWAVE - ok
19:44:35.0611 0x11cc QWAVEdrv - ok
19:44:35.0613 0x11cc R0RazerSynapseService - ok
19:44:35.0615 0x11cc Ramdisk - ok
19:44:35.0618 0x11cc RasAcd - ok
19:44:35.0620 0x11cc RasAgileVpn - ok
19:44:35.0622 0x11cc RasAuto - ok
19:44:35.0625 0x11cc Rasl2tp - ok
19:44:35.0628 0x11cc RasMan - ok
19:44:35.0630 0x11cc RasPppoe - ok
19:44:35.0632 0x11cc RasSstp - ok
19:44:35.0635 0x11cc Razer Game Manager Service - ok
19:44:35.0637 0x11cc Razer Synapse Service - ok
19:44:35.0639 0x11cc rdbss - ok
19:44:35.0642 0x11cc rdpbus - ok
19:44:35.0644 0x11cc RDPDR - ok
19:44:35.0648 0x11cc RdpVideoMiniport - ok
19:44:35.0651 0x11cc rdyboost - ok
19:44:35.0654 0x11cc ReFS - ok
19:44:35.0656 0x11cc ReFSv1 - ok
19:44:35.0658 0x11cc RemoteAccess - ok
19:44:35.0661 0x11cc RemoteRegistry - ok
19:44:35.0664 0x11cc RetailDemo - ok
19:44:35.0666 0x11cc RFCOMM - ok
19:44:35.0668 0x11cc rhproxy - ok
19:44:35.0671 0x11cc RmSvc - ok
19:44:35.0673 0x11cc ROG Live Service - ok
19:44:35.0675 0x11cc RpcEptMapper - ok
19:44:35.0677 0x11cc RpcLocator - ok
19:44:35.0680 0x11cc RpcSs - ok
19:44:35.0682 0x11cc rspndr - ok
19:44:35.0685 0x11cc rt640x64 - ok
19:44:35.0687 0x11cc RtkAudioUniversalService - ok
19:44:35.0689 0x11cc RvControlSvc - ok
19:44:35.0692 0x11cc RvNetMP60 - ok
19:44:35.0694 0x11cc RzActionSvc - ok
19:44:35.0697 0x11cc RzCommon - ok
19:44:35.0699 0x11cc RzDev_008a - ok
19:44:35.0701 0x11cc s3cap - ok
19:44:35.0703 0x11cc SamSs - ok
19:44:35.0706 0x11cc sbp2port - ok
19:44:35.0708 0x11cc SCardSvr - ok
19:44:35.0710 0x11cc ScDeviceEnum - ok
19:44:35.0713 0x11cc scfilter - ok
19:44:35.0715 0x11cc Schedule - ok
19:44:35.0717 0x11cc scmbus - ok
19:44:35.0719 0x11cc SCPolicySvc - ok
19:44:35.0721 0x11cc sdbus - ok
19:44:35.0724 0x11cc SDFRd - ok
19:44:35.0726 0x11cc SDRSVC - ok
19:44:35.0728 0x11cc sdstor - ok
19:44:35.0731 0x11cc seclogon - ok
19:44:35.0733 0x11cc SecurityHealthService - ok
19:44:35.0736 0x11cc SEMgrSvc - ok
19:44:35.0739 0x11cc SENS - ok
19:44:35.0741 0x11cc SensorDataService - ok
19:44:35.0743 0x11cc SensorService - ok
19:44:35.0746 0x11cc SensrSvc - ok
19:44:35.0748 0x11cc SerCx - ok
19:44:35.0750 0x11cc SerCx2 - ok
19:44:35.0752 0x11cc Serenum - ok
19:44:35.0754 0x11cc Serial - ok
19:44:35.0757 0x11cc sermouse - ok
19:44:35.0762 0x11cc SessionEnv - ok
19:44:35.0764 0x11cc sfloppy - ok
19:44:35.0766 0x11cc SgrmAgent - ok
19:44:35.0769 0x11cc SgrmBroker - ok
19:44:35.0771 0x11cc SharedAccess - ok
19:44:35.0773 0x11cc SharedRealitySvc - ok
19:44:35.0776 0x11cc ShellHWDetection - ok
19:44:35.0778 0x11cc shpamsvc - ok
19:44:35.0780 0x11cc SiSRaid2 - ok
19:44:35.0783 0x11cc SiSRaid4 - ok
19:44:35.0785 0x11cc SmartSAMD - ok
19:44:35.0787 0x11cc smphost - ok
19:44:35.0790 0x11cc SmsRouter - ok
19:44:35.0794 0x11cc SNMPTRAP - ok
19:44:35.0797 0x11cc spaceparser - ok
19:44:35.0799 0x11cc spaceport - ok
19:44:35.0801 0x11cc SpatialGraphFilter - ok
19:44:35.0803 0x11cc SpbCx - ok
19:44:35.0806 0x11cc spectrum - ok
19:44:35.0808 0x11cc Spooler - ok
19:44:35.0810 0x11cc sppsvc - ok
19:44:35.0812 0x11cc srv2 - ok
19:44:35.0815 0x11cc srvnet - ok
19:44:35.0817 0x11cc SSDPSRV - ok
19:44:35.0819 0x11cc ssh-agent - ok
19:44:35.0821 0x11cc SstpSvc - ok
19:44:35.0824 0x11cc StateRepository - ok
19:44:35.0826 0x11cc Steam Client Service - ok
19:44:35.0829 0x11cc stexstor - ok
19:44:35.0831 0x11cc stisvc - ok
19:44:35.0834 0x11cc storahci - ok
19:44:35.0836 0x11cc storflt - ok
19:44:35.0839 0x11cc stornvme - ok
19:44:35.0841 0x11cc storqosflt - ok
19:44:35.0843 0x11cc StorSvc - ok
19:44:35.0845 0x11cc storufs - ok
19:44:35.0848 0x11cc storvsc - ok
19:44:35.0850 0x11cc svsvc - ok
19:44:35.0852 0x11cc swenum - ok
19:44:35.0855 0x11cc swprv - ok
19:44:35.0857 0x11cc Synth3dVsc - ok
19:44:35.0860 0x11cc SysMain - ok
19:44:35.0863 0x11cc SystemEventsBroker - ok
19:44:35.0865 0x11cc TabletInputService - ok
19:44:35.0867 0x11cc TapiSrv - ok
19:44:35.0870 0x11cc Tcpip - ok
19:44:35.0872 0x11cc Tcpip6 - ok
19:44:35.0876 0x11cc tcpipreg - ok
19:44:35.0879 0x11cc tdx - ok
19:44:35.0882 0x11cc Telemetry - ok
19:44:35.0884 0x11cc terminpt - ok
19:44:35.0886 0x11cc TermService - ok
19:44:35.0889 0x11cc Themes - ok
19:44:35.0891 0x11cc TieringEngineService - ok
19:44:35.0893 0x11cc TimeBrokerSvc - ok
19:44:35.0896 0x11cc TokenBroker - ok
19:44:35.0898 0x11cc TPM - ok
19:44:35.0900 0x11cc TrkWks - ok
19:44:35.0903 0x11cc TroubleshootingSvc - ok
19:44:35.0905 0x11cc TrustedInstaller - ok
19:44:35.0909 0x11cc TsUsbFlt - ok
19:44:35.0911 0x11cc TsUsbGD - ok
19:44:35.0913 0x11cc tunnel - ok
19:44:35.0916 0x11cc tzautoupdate - ok
19:44:35.0918 0x11cc UASPStor - ok
19:44:35.0921 0x11cc UcmCx0101 - ok
19:44:35.0923 0x11cc UcmTcpciCx0101 - ok
19:44:35.0926 0x11cc UcmUcsiAcpiClient - ok
19:44:35.0928 0x11cc UcmUcsiCx0101 - ok
19:44:35.0930 0x11cc Ucx01000 - ok
19:44:35.0933 0x11cc UdeCx - ok
19:44:35.0935 0x11cc udfs - ok
19:44:35.0937 0x11cc UdkUserSvc - ok
19:44:35.0941 0x11cc UEFI - ok
19:44:35.0944 0x11cc Ufx01000 - ok
19:44:35.0946 0x11cc UfxChipidea - ok
19:44:35.0949 0x11cc ufxsynopsys - ok
19:44:35.0954 0x11cc uhssvc - ok
19:44:35.0956 0x11cc umbus - ok
19:44:35.0959 0x11cc UmPass - ok
19:44:35.0961 0x11cc UmRdpService - ok
19:44:35.0963 0x11cc UnistoreSvc - ok
19:44:35.0967 0x11cc upnphost - ok
19:44:35.0970 0x11cc UrsChipidea - ok
19:44:35.0973 0x11cc UrsCx01000 - ok
19:44:35.0975 0x11cc UrsSynopsys - ok
19:44:35.0978 0x11cc usbaudio - ok
19:44:35.0980 0x11cc usbaudio2 - ok
19:44:35.0982 0x11cc usbccgp - ok
19:44:35.0985 0x11cc usbcir - ok
19:44:35.0987 0x11cc usbehci - ok
19:44:35.0989 0x11cc usbhub - ok
19:44:35.0992 0x11cc USBHUB3 - ok
19:44:35.0994 0x11cc usbohci - ok
19:44:35.0996 0x11cc usbprint - ok
19:44:35.0999 0x11cc usbser - ok
19:44:36.0001 0x11cc USBSTOR - ok
19:44:36.0003 0x11cc usbuhci - ok
19:44:36.0006 0x11cc usbvideo - ok
19:44:36.0008 0x11cc USBXHCI - ok
19:44:36.0010 0x11cc UserDataSvc - ok
19:44:36.0014 0x11cc UserManager - ok
19:44:36.0017 0x11cc UsoSvc - ok
19:44:36.0019 0x11cc VacSvc - ok
19:44:36.0022 0x11cc VaultSvc - ok
19:44:36.0024 0x11cc vdrvroot - ok
19:44:36.0026 0x11cc vds - ok
19:44:36.0029 0x11cc VerifierExt - ok
19:44:36.0031 0x11cc vgc - ok
19:44:36.0033 0x11cc vgk - ok
19:44:36.0037 0x11cc vhdmp - ok
19:44:36.0039 0x11cc vhf - ok
19:44:36.0041 0x11cc Vid - ok
19:44:36.0044 0x11cc ViGEmBus - ok
19:44:36.0046 0x11cc VirtualRender - ok
19:44:36.0048 0x11cc vmbus - ok
19:44:36.0051 0x11cc VMBusHID - ok
19:44:36.0054 0x11cc vmgid - ok
19:44:36.0056 0x11cc vmicguestinterface - ok
19:44:36.0059 0x11cc vmicheartbeat - ok
19:44:36.0061 0x11cc vmickvpexchange - ok
19:44:36.0063 0x11cc vmicrdv - ok
19:44:36.0066 0x11cc vmicshutdown - ok
19:44:36.0068 0x11cc vmictimesync - ok
19:44:36.0071 0x11cc vmicvmsession - ok
19:44:36.0074 0x11cc vmicvss - ok
19:44:36.0076 0x11cc volmgr - ok
19:44:36.0079 0x11cc volmgrx - ok
19:44:36.0082 0x11cc volsnap - ok
19:44:36.0085 0x11cc volume - ok
19:44:36.0087 0x11cc vpci - ok
19:44:36.0090 0x11cc vsmraid - ok
19:44:36.0092 0x11cc VSS - ok
19:44:36.0095 0x11cc VSTXRAID - ok
19:44:36.0097 0x11cc vwifibus - ok
19:44:36.0100 0x11cc vwififlt - ok
19:44:36.0102 0x11cc vwifimp - ok
19:44:36.0105 0x11cc W32Time - ok
19:44:36.0108 0x11cc WaaSMedicSvc - ok
19:44:36.0110 0x11cc WacomPen - ok
19:44:36.0113 0x11cc WalletService - ok
19:44:36.0116 0x11cc wanarp - ok
19:44:36.0118 0x11cc wanarpv6 - ok
19:44:36.0121 0x11cc WarpJITSvc - ok
19:44:36.0123 0x11cc wbengine - ok
19:44:36.0125 0x11cc WbioSrvc - ok
19:44:36.0128 0x11cc wcifs - ok
19:44:36.0130 0x11cc Wcmsvc - ok
19:44:36.0133 0x11cc wcncsvc - ok
19:44:36.0135 0x11cc wcnfs - ok
19:44:36.0138 0x11cc WdBoot - ok
19:44:36.0140 0x11cc Wdf01000 - ok
19:44:36.0143 0x11cc WdFilter - ok
19:44:36.0146 0x11cc WdiServiceHost - ok
19:44:36.0148 0x11cc WdiSystemHost - ok
19:44:36.0150 0x11cc wdiwifi - ok
19:44:36.0153 0x11cc WdmCompanionFilter - ok
19:44:36.0155 0x11cc WdNisDrv - ok
19:44:36.0158 0x11cc WdNisSvc - ok
19:44:36.0161 0x11cc WebClient - ok
19:44:36.0163 0x11cc Wecsvc - ok
19:44:36.0166 0x11cc WEPHOSTSVC - ok
19:44:36.0169 0x11cc wercplsupport - ok
19:44:36.0171 0x11cc WerSvc - ok
19:44:36.0173 0x11cc WFDSConMgrSvc - ok
19:44:36.0176 0x11cc WFPLWFS - ok
19:44:36.0179 0x11cc WiaRpc - ok
19:44:36.0181 0x11cc WIMMount - ok
19:44:36.0184 0x11cc WinDefend - ok
19:44:36.0189 0x11cc WindowsTrustedRT - ok
19:44:36.0191 0x11cc WindowsTrustedRTProxy - ok
19:44:36.0194 0x11cc WinHttpAutoProxySvc - ok
19:44:36.0197 0x11cc WinMad - ok
19:44:36.0199 0x11cc Winmgmt - ok
19:44:36.0202 0x11cc WinNat - ok
19:44:36.0204 0x11cc WinRM - ok
19:44:36.0210 0x11cc WINUSB - ok
19:44:36.0212 0x11cc WinVerbs - ok
19:44:36.0215 0x11cc wisvc - ok
19:44:36.0217 0x11cc WlanSvc - ok
19:44:36.0220 0x11cc wlidsvc - ok
19:44:36.0223 0x11cc wlpasvc - ok
19:44:36.0226 0x11cc WManSvc - ok
19:44:36.0228 0x11cc WmiAcpi - ok
19:44:36.0233 0x11cc wmiApSrv - ok
19:44:36.0235 0x11cc WMPNetworkSvc - ok
19:44:36.0238 0x11cc Wof - ok
19:44:36.0242 0x11cc workfolderssvc - ok
19:44:36.0245 0x11cc WpcMonSvc - ok
19:44:36.0247 0x11cc WPDBusEnum - ok
19:44:36.0250 0x11cc WpdUpFltr - ok
19:44:36.0252 0x11cc WpnService - ok
19:44:36.0255 0x11cc WpnUserService - ok
19:44:36.0260 0x11cc ws2ifsl - ok
19:44:36.0262 0x11cc wscsvc - ok
19:44:36.0265 0x11cc WSearch - ok
19:44:36.0269 0x11cc wuauserv - ok
19:44:36.0271 0x11cc WudfPf - ok
19:44:36.0274 0x11cc WUDFRd - ok
19:44:36.0276 0x11cc WwanSvc - ok
19:44:36.0279 0x11cc XblAuthManager - ok
19:44:36.0281 0x11cc XblGameSave - ok
19:44:36.0284 0x11cc xboxgip - ok
19:44:36.0287 0x11cc XboxGipSvc - ok
19:44:36.0289 0x11cc XboxNetApiSvc - ok
19:44:36.0292 0x11cc xinputhid - ok
19:44:36.0296 0x11cc xusb22 - ok
19:44:36.0298 0x11cc Xvdd - ok
19:44:36.0299 0x11cc ================ Scan global ===============================
19:44:36.0300 0x11cc [ Global ] - ok
19:44:36.0300 0x11cc ================ Scan MBR ==================================
19:44:36.0302 0x11cc [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
19:44:36.0323 0x11cc \Device\Harddisk0\DR0 - ok
19:44:36.0325 0x11cc [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR4
19:44:36.0354 0x11cc \Device\Harddisk1\DR4 - ok
19:44:36.0354 0x11cc ================ Scan VBR ==================================
19:44:36.0356 0x11cc [ E7E61170E46E5E8CBCB7B73152DC5E72 ] \Device\Harddisk0\DR0\Partition1
19:44:36.0356 0x11cc \Device\Harddisk0\DR0\Partition1 - ok
19:44:36.0358 0x11cc [ DAF2A93058A84B52FBF72A1C2E9FB3A3 ] \Device\Harddisk0\DR0\Partition2
19:44:36.0358 0x11cc \Device\Harddisk0\DR0\Partition2 - ok
19:44:36.0360 0x11cc [ 2A40C50B9791D32FA19FF8F94CB00FAC ] \Device\Harddisk0\DR0\Partition3
19:44:36.0360 0x11cc \Device\Harddisk0\DR0\Partition3 - ok
19:44:36.0362 0x11cc [ 0F9CD7E76572B147EC2E701211105919 ] \Device\Harddisk0\DR0\Partition4
19:44:36.0362 0x11cc \Device\Harddisk0\DR0\Partition4 - ok
19:44:36.0364 0x11cc [ 0BF97297D271D69F6B6E71605528E2F3 ] \Device\Harddisk0\DR0\Partition5
19:44:36.0365 0x11cc \Device\Harddisk0\DR0\Partition5 - ok
19:44:36.0366 0x11cc [ 86736CD11635ED07355707F737F560BB ] \Device\Harddisk0\DR0\Partition6
19:44:36.0367 0x11cc \Device\Harddisk0\DR0\Partition6 - ok
19:44:36.0368 0x11cc [ 46101BCE6E795058518B3B38419EA531 ] \Device\Harddisk1\DR4\Partition1
19:44:36.0368 0x11cc \Device\Harddisk1\DR4\Partition1 - ok
19:44:36.0369 0x11cc ================ Scan generic autorun ======================
19:44:36.0369 0x11cc SecurityHealth - ok
19:44:36.0370 0x11cc Riot Vanguard - ok
19:44:36.0371 0x11cc ASUS Smart Display Control - ok
19:44:36.0372 0x11cc RadminVPN - ok
19:44:36.0372 0x11cc TeamsMachineInstaller - ok
19:44:36.0373 0x11cc OneDriveSetup - ok
19:44:36.0374 0x11cc OneDriveSetup - ok
19:44:36.0375 0x11cc OneDrive - ok
19:44:36.0376 0x11cc EpicGamesLauncher - ok
19:44:36.0377 0x11cc Battle.net - ok
19:44:36.0378 0x11cc WallpaperEngine - ok
19:44:36.0379 0x11cc Steam - ok
19:44:36.0379 0x11cc Discord - ok
19:44:36.0380 0x11cc EADM - ok
19:44:36.0381 0x11cc com.squirrel.Teams.Teams - ok
19:44:36.0382 0x11cc Synapse3 - ok
19:44:36.0472 0x11cc AV detected via SS2: Windows Defender, windowsdefender:// ( ), 0x61100 ( enabled : updated )
19:44:36.0477 0x11cc Win FW state via NFP2: enabled ( trusted )
19:44:36.0753 0x11cc ============================================================
19:44:36.0753 0x11cc Scan finished
19:44:36.0753 0x11cc ============================================================
19:44:36.0759 0x0358 Detected object count: 0
19:44:36.0759 0x0358 Actual detected object count: 0hola, TDSSKiller no encontró ningún problema, ingrese los comandos que me dijiste y no paso nada y estos días hice varios examenes completos con Windows defender y ya no encuentra nada y el pc funciona con normalidad. gracias por la ayuda
Hola nuevamente,
Como paso final descarga la siguiente herramienta:
- Ejecútala, acepta el declaimer.
- Asegurate de que solo este marcada las opciones:
- Delete Tools/ Eliminar herramientas
- Delete now/Eliminar ahora (área de eliminar cuarentenas).
- Presiona en Run / Ejecutar.
Coméntanos si hay dudas y/o problemas o si no para ir dando el tema por solucionado. Para poder dar el tema por solucionado habría que marcar una respuesta como tal. Te dejo información:
Saludos
Este tema se cerró automáticamente 2 días después de la última publicación. No se permiten nuevas respuestas.