Icono "muerto" en Panel de Control

elturco · 15 Abril, 2025 23:02

Estimados todos, tengan muy buenas tardes desde Chile, el último rincón del mundo. Hace varios días, tengo un problema muy curioso, que podría ser un virus con particularidades.

Lo primero que me ocurre es que cuando aprieto la tecla acento, en cualquier programa de Office, me aparece la tilde doble (tengo Office 2024). Esto no me ocurre en ningún otro programa (por mi trabajo como profesor investigador tengo más de una suite parecida a Office, ya que cuando este se cae, puedo recuperar la información y terminar el trabajo con otro programa.
En el Panel de Control, me aparece un ícono en blanco, que no dirige a ninguna parte ni puedo eliminar. Sin embargo, no representa ningún inconveniente al momento de trabajar (salvo que debo usar Alt+tilde para colocar el acento correctamente).

Le pedí a un administrador de redes de mi universidad que revisara el equipo en forma remota. No encontró indicio de virus ni nada por el estilo. También pregunté en la comunidad de Microsoft y no he obtenido solución alguna.

Mi computador es un Lenovo Thinkpad L470 con 32 GB de RAM y uso Windows 10 Enterprise, versión 22H2.

Agradezco toda la ayuda que pudieran brindarme (yo creo incluso que puede ser una posesión desde el más allá).

DanielG · 16 Abril, 2025 13:43

Hola @elturco

Realiza lo siguiente

Descarga Ccleaner . Aquí te dejo su manual: Manual de CCleaner , para que sepas como usarlo y configurarlo correctamente.

Lo instalas y lo ejecutas. En la pestaña Limpieza personalizada dejas la configuración predeterminada. Haces clic en Analizar y esperas a que termine. Seguidamente haz clic en Ejecutar Limpiador. Clic en la pestaña Registro > clic en Buscar Problemas esperas que termine. Finalmente clic en Reparar Seleccionadas y realizas una Copia de Seguridad del registro de Windows.

Descarga Adwcleaner en el escritorio.

Desactiva tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.
Ejecuta Adwcleaner.exe (Si usas Windows Vista/7/8 u 10 presiona clic derecho y selecciona “Ejecutar como Administrador.”)
Pulsar en el botón Analizar Ahora, y espera a que se termine el análisis. Inmediatamente pulsa sobre el botón Iniciar Reparación.
Espera a que termine y sigue las instrucciones que te aparezcan. Si te pidiera Reiniciar, pues reinicias el ordenador pulsando en Aceptar.
Si no encuentra nada, pulsa en Omitir Reparación.
El log lo encontrarás en la pestaña Informes, volviendo a abrir el programa, si es necesario o en la siguiente ubicación: C:\AdwCleaner\Logs\AdwCleaner[C0].txt.
Para más información aquí te dejo su manual: Manual de Adwcleaner .
Activa de nuevo tu antivirus y cualquier programa de seguridad que tengas activado.

Descarga FMRS a tu escritorio

Desactiva tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.
Ejecuta FMRS.exe (Presiona clic derecho y selecciona “Ejecutar como Administrador.”)
Aceptas los disclaimers que aparezcan.
Esperas que termine.
Al finalizar generara un reporte que deberás pegar en tu próxima respuesta.
Activa nuevamente tu antivirus

Descarga SecurityCheck a tu escritorio

Extrae el archivo dentro del .zip en tu escritorio (click derecho → extraer aqui)
Ejecuta SecurityCheck.exe (Presiona clic derecho y selecciona “Ejecutar como Administrador.”)
Aceptas los disclaimers que aparezcan y si windows te bloquea el archivo, le das ejecutar de todas formas.
Esperas que termine y al finalizar se generara un reporte, copias el contenido del archivo en tu proxima respuesta.

Vuelve a usar ccleaner como en el paso

Me traes los reportes y comentas

elturco · 16 Abril, 2025 22:37

Gracias. Envío primer reporte de FRMS

# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ #
# Furtivex Malware Removal Script v6.9.7
# https://furtivex.net
# OS: ï»¿Microsoft Windows 10 Enterprise x64 22H2 EspaÃ±ol (Spanish) - 0c0a - 1252 - 850
# Nombre de usuario: Diego Canales (S-1-5-21-1296002004-1646576553-2792702146-1001)
# Fecha: 2025_04_16__16_17_05
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ #



# Procesos:

# Controladores:

# Servicios:

HKLM\SYSTEM\CurrentControlSet\services\CCleanerPerformanceOptimizerService

# Archivos:

C:\Program Files (x86)\Common Files\atimpenc.dll
C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
C:\ProgramData\mntemp
C:\ProgramData\ewgztlyh.mfw
C:\ProgramData\fxatyavk.yrt
C:\ProgramData\guahydjd.ane
C:\ProgramData\hwskcrgw.bra
C:\ProgramData\imlmdpgi.ywe
C:\ProgramData\itjalhsf.rge
C:\ProgramData\tgzdyomb.fwu
C:\ProgramData\tyvfcquz.wxt
C:\ProgramData\ymmihyxm.jpf
C:\Users\Diego Canales\AppData\Local\CDXLExtendedShim.log
C:\Users\Diego Canales\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data (26)
C:\Users\Diego Canales\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js (88)
C:\Users\Diego Canales\AppData\Local\Microsoft\TokenBroker\Cache (54)
C:\Users\Diego Canales\AppData\Local\Mozilla\Firefox\Profiles\<Profile>\cache2\entries (0)
C:\Users\Diego Canales\AppData\Roaming\2457fe3357cbf1220231e8917326f70f
C:\Users\Diego Canales\AppData\Roaming\399DB2B2ABD64927ACE967121AC800AA.dat
C:\Users\Diego Canales\AppData\Roaming\57194d7fac3eeb8711f0ca1082e7e000
C:\Users\Diego Canales\AppData\Roaming\inst.exe
C:\Users\Diego Canales\AppData\Roaming\Mozilla\Firefox\Profiles\<Profile>\shader-cache (17)
C:\Users\Diego Canales\AppData\Roaming\pcouffin.cat
C:\Users\Diego Canales\AppData\Roaming\pcouffin.inf
C:\Users\Diego Canales\AppData\Roaming\pcouffin.sys
C:\Users\Diego Canales\AppData\Roaming\sversion.ini
C:\Users\Diego Canales\MSITeX.cmd
C:\Users\Public\Documents\Autodesk\Inventor 2025\SDK\developertools.msi
C:\Users\Public\Documents\Autodesk\Inventor 2025\SDK\usertools.msi
C:\Users\Public\Documents\BCL Technologies\easyConverter SDK 5\Excel Samples\Java-native\build.bat
C:\Users\Public\Documents\BCL Technologies\easyConverter SDK 5\Excel Samples\Java-native\TestConverterExcel.bat
C:\Users\Public\Documents\BCL Technologies\easyConverter SDK 5\Excel Samples\Visual C# Native\BCL.easyConverter.Excel.dll
C:\Users\Public\Documents\BCL Technologies\easyConverter SDK 5\Excel Samples\Visual C# Native\sample2.exe
C:\Users\Public\Documents\BCL Technologies\easyConverter SDK 5\Explore\ActionCenter.exe
C:\Users\Public\Documents\BCL Technologies\easyConverter SDK 5\Explore\BCL.easyConverter.Excel.dll
C:\Users\Public\Documents\BCL Technologies\easyConverter SDK 5\Explore\BCL.easyConverter.Word.dll
C:\Users\Public\Documents\BCL Technologies\easyConverter SDK 5\Explore\Ionic.Zip.dll
C:\Users\Public\Documents\BCL Technologies\easyConverter SDK 5\Explore\PDF2ExcelExplorer.exe
C:\Users\Public\Documents\BCL Technologies\easyConverter SDK 5\Explore\PDF2WordExplorer.exe
C:\Users\Public\Documents\BCL Technologies\easyConverter SDK 5\Word Samples\Java-jacob\build.bat
C:\Users\Public\Documents\BCL Technologies\easyConverter SDK 5\Word Samples\Java-jacob\setenv.bat
C:\Users\Public\Documents\BCL Technologies\easyConverter SDK 5\Word Samples\Java-native\build.bat
C:\Users\Public\Documents\BCL Technologies\easyConverter SDK 5\Word Samples\Java-native\TestConverter.bat
C:\Users\Public\Documents\BCL Technologies\easyConverter SDK 5\Word Samples\Java-native\TestConverterMem.bat
C:\Users\Public\Documents\BCL Technologies\easyConverter SDK 5\Word Samples\Visual Basic .NET\sample3.exe
C:\Users\Public\Documents\BCL Technologies\easyConverter SDK 5\Word Samples\Visual Basic\sample4.exe
C:\Users\Public\Documents\BCL Technologies\easyConverter SDK 5\Word Samples\Visual C# Native\BCL.easyConverter.Word.dll
C:\Users\Public\Documents\BCL Technologies\easyConverter SDK 5\Word Samples\Visual C# Native\sample2.exe
C:\Users\Public\Documents\BCL Technologies\easyConverter SDK 5\Word Samples\Visual C#\sample2.exe
C:\Users\Public\Documents\BCL Technologies\easyConverter SDK 5\Word Samples\Visual C++\sample.exe
C:\Users\Public\Documents\BCL Technologies\easyConverter SDK 5\Word Samples\Visual C++\sample1.exe
C:\Users\Public\Documents\MAGIX\Common\Photocontent\Photostory deluxe\Default\fcdummy.exe
C:\Users\Public\Documents\MAGIX\Common\Videocontent\Video deluxe Plus Content\Default\fcdummy.exe
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Backgrounds\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Alphabet\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Animals\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Arrows\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Awards\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Badges\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Business\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Christmas\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Curve Ornaments (Detailed)\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Curve Shapes\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Decoration 1\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Decoration 2\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\DVD Signs\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Easter\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Ecology\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Education\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Emoticons\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Flowers\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Food\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Geometric Shapes\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Halloween\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Hardware\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\House\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Leafs\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Line Ornaments (Detailed)\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Love\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Medicine\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Music\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Ornaments\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Party\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\People (Detailed)\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\People\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Ribbons\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Saint Patrick Day\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Sale\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Signs\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Social Media\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Speech Bubbles\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Sport\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Strokes\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Text Emoticons\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Thanksgiving Day\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Transport\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Travel\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Valentines Day\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Weather\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Clipart\Zodiac Signs\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Gradients\Index.dat
C:\Users\Public\Documents\RonyaSoft\CD DVD Label Maker\Templates\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Backgrounds\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Alphabet\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Animals\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Arrows\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Awards\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Badges\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Business\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Christmas\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Curve Ornaments (Detailed)\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Curve Shapes\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Decoration 1\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Decoration 2\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\DVD Signs\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Easter\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Ecology\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Education\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Emoticons\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Flowers\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Food\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Geometric Shapes\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Halloween\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Hardware\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\House\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Leafs\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Line Ornaments (Detailed)\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Love\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Medicine\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Music\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Ornaments\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Party\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\People (Detailed)\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\People\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Ribbons\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Saint Patrick Day\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Sale\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Signs\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Social Media\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Speech Bubbles\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Sport\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Strokes\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Text Emoticons\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Thanksgiving Day\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Transport\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Travel\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Valentines Day\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Weather\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Clipart\Zodiac Signs\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Gradients\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Templates\Adult Birthday\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Templates\Backgrounds\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Templates\Banners\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Templates\Business Signs\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Templates\Business\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Templates\Caution Signs\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Templates\Certificates\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Templates\Collages\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Templates\Coloring Books\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Templates\Event\Index.Dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Templates\Funny Signs\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Templates\Funny\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Templates\Holiday\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Templates\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Templates\Infographic\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Templates\Informational Signs\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Templates\Kids Birthday\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Templates\Kids\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Templates\Miscellaneous\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Templates\Motivational\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Templates\Music\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Templates\Party\Index.Dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Templates\Personal Event\Index.Dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Templates\Prohibition Signs\Index.dat
C:\Users\Public\Documents\RonyaSoft\Poster Designer\Templates\Sale\Index.dat
C:\Users\Public\PDF Pro\ocr\clgsapi32w.dll
C:\Users\Public\PDF Pro\ocr\d3dcompiler_47.dll
C:\Users\Public\PDF Pro\ocr\idrs_sentinel_software_protection15.dll
C:\Users\Public\PDF Pro\ocr\idrsasian216.dll
C:\Users\Public\PDF Pro\ocr\idrsbarcode16.dll
C:\Users\Public\PDF Pro\ocr\idrsbarcodeevoi16.dll
C:\Users\Public\PDF Pro\ocr\idrsbarcodeext16.dll
C:\Users\Public\PDF Pro\ocr\idrsc16.dll
C:\Users\Public\PDF Pro\ocr\idrsdmtx16.dll
C:\Users\Public\PDF Pro\ocr\idrsdmtxbarcodewrapper16.dll
C:\Users\Public\PDF Pro\ocr\idrsdocout16.dll
C:\Users\Public\PDF Pro\ocr\idrsevoibarcodewrapper16.dll
C:\Users\Public\PDF Pro\ocr\idrsimp16.dll
C:\Users\Public\PDF Pro\ocr\idrsirisbarcodeextwrapper16.dll
C:\Users\Public\PDF Pro\ocr\idrsirisbarcodewrapper16.dll
C:\Users\Public\PDF Pro\ocr\idrsjbig216.dll
C:\Users\Public\PDF Pro\ocr\idrsjpeg16.dll
C:\Users\Public\PDF Pro\ocr\idrsjpeg2k16.dll
C:\Users\Public\PDF Pro\ocr\idrskrn16.dll
C:\Users\Public\PDF Pro\ocr\idrsnet16.dll
C:\Users\Public\PDF Pro\ocr\idrsnetframework16.dll
C:\Users\Public\PDF Pro\ocr\idrsocr16.dll
C:\Users\Public\PDF Pro\ocr\idrspdf16.dll
C:\Users\Public\PDF Pro\ocr\idrspng16.dll
C:\Users\Public\PDF Pro\ocr\idrsprepro16.dll
C:\Users\Public\PDF Pro\ocr\idrstiff16.dll
C:\Users\Public\PDF Pro\ocr\idrszlib16.dll
C:\Users\Public\PDF Pro\ocr\libEGL.dll
C:\Users\Public\PDF Pro\ocr\libGLESv2.dll
C:\Users\Public\PDF Pro\ocr\pdfpro_ocr.exe
C:\Users\Public\PDF Pro\ocr\PDFProOCR.exe
C:\Users\Public\PDF Pro\ocr\platforms\qwindows.dll
C:\Users\Public\PDF Pro\ocr\Qt5Core.dll
C:\Users\Public\PDF Pro\ocr\Qt5Gui.dll
C:\Users\Public\PDF Pro\ocr\Qt5Svg.dll
C:\Users\Public\PDF Pro\ocr\Qt5Widgets.dll
C:\Users\Public\PDF Pro\ocr\res\alphabet_orientation_engine.bin
C:\Users\Public\PDF Pro\ocr\res\arabic_engine.bin
C:\Users\Public\PDF Pro\ocr\res\chinese.bin
C:\Users\Public\PDF Pro\ocr\res\chinese_bigrams.bin
C:\Users\Public\PDF Pro\ocr\res\chinese_features.bin
C:\Users\Public\PDF Pro\ocr\res\chinese_features_fast.bin
C:\Users\Public\PDF Pro\ocr\res\chinese_features_one_candidate.bin
C:\Users\Public\PDF Pro\ocr\res\chinese_font_features.bin
C:\Users\Public\PDF Pro\ocr\res\chinese_fontmetrics.bin
C:\Users\Public\PDF Pro\ocr\res\chinese_generic.bin
C:\Users\Public\PDF Pro\ocr\res\chinese_same_proba.bin
C:\Users\Public\PDF Pro\ocr\res\chinese_similar_characters_differentiation.bin
C:\Users\Public\PDF Pro\ocr\res\chinese_traditional.bin
C:\Users\Public\PDF Pro\ocr\res\chinese_traditional_bigrams.bin
C:\Users\Public\PDF Pro\ocr\res\chinese_traditional_features.bin
C:\Users\Public\PDF Pro\ocr\res\chinese_traditional_features_fast.bin
C:\Users\Public\PDF Pro\ocr\res\chinese_traditional_features_one_candidate.bin
C:\Users\Public\PDF Pro\ocr\res\chinese_traditional_font_features.bin
C:\Users\Public\PDF Pro\ocr\res\chinese_traditional_fontmetrics.bin
C:\Users\Public\PDF Pro\ocr\res\chinese_traditional_same_proba.bin
C:\Users\Public\PDF Pro\ocr\res\chinese_traditional_similar_characters_differentiation.bin
C:\Users\Public\PDF Pro\ocr\res\cyrillic_engine.bin
C:\Users\Public\PDF Pro\ocr\res\fast_invert_x_power_y.bin
C:\Users\Public\PDF Pro\ocr\res\fontmetrics.bin
C:\Users\Public\PDF Pro\ocr\res\fontmetrics_ec.bin
C:\Users\Public\PDF Pro\ocr\res\fontmetrics_mso.bin
C:\Users\Public\PDF Pro\ocr\res\greek_engine.bin
C:\Users\Public\PDF Pro\ocr\res\japanese.bin
C:\Users\Public\PDF Pro\ocr\res\japanese_bigrams.bin
C:\Users\Public\PDF Pro\ocr\res\japanese_duo.bin
C:\Users\Public\PDF Pro\ocr\res\japanese_features.bin
C:\Users\Public\PDF Pro\ocr\res\japanese_features_fast.bin
C:\Users\Public\PDF Pro\ocr\res\japanese_features_one_candidate.bin
C:\Users\Public\PDF Pro\ocr\res\japanese_font_features.bin
C:\Users\Public\PDF Pro\ocr\res\japanese_fontmetrics.bin
C:\Users\Public\PDF Pro\ocr\res\japanese_rnn_engine.bin
C:\Users\Public\PDF Pro\ocr\res\japanese_rosetta_same_proba.bin
C:\Users\Public\PDF Pro\ocr\res\japanese_same_proba.bin
C:\Users\Public\PDF Pro\ocr\res\japanese_similar_characters_differentiation.bin
C:\Users\Public\PDF Pro\ocr\res\korean.bin
C:\Users\Public\PDF Pro\ocr\res\korean_bigrams.bin
C:\Users\Public\PDF Pro\ocr\res\korean_features.bin
C:\Users\Public\PDF Pro\ocr\res\korean_features_fast.bin
C:\Users\Public\PDF Pro\ocr\res\korean_features_one_candidate.bin
C:\Users\Public\PDF Pro\ocr\res\korean_font_features.bin
C:\Users\Public\PDF Pro\ocr\res\korean_fontmetrics.bin
C:\Users\Public\PDF Pro\ocr\res\korean_rnn_engine.bin
C:\Users\Public\PDF Pro\ocr\res\korean_same_proba.bin
C:\Users\Public\PDF Pro\ocr\res\korean_similar_characters_differentiation.bin
C:\Users\Public\PDF Pro\ocr\res\korean_words.bin
C:\Users\Public\PDF Pro\ocr\res\latin_1_engine.bin
C:\Users\Public\PDF Pro\ocr\res\net_alphabet_orientation_detection.bin
C:\Users\Public\PDF Pro\ocr\res\net_arabic.bin
C:\Users\Public\PDF Pro\ocr\res\net_cyrillic.bin
C:\Users\Public\PDF Pro\ocr\res\net_greek.bin
C:\Users\Public\PDF Pro\ocr\res\net_japanese_rnn_hori.bin
C:\Users\Public\PDF Pro\ocr\res\net_japanese_rnn_vert.bin
C:\Users\Public\PDF Pro\ocr\res\net_korean_rnn.bin
C:\Users\Public\PDF Pro\ocr\res\net_latin_1.bin
C:\Users\Public\PDF Pro\ocr\res\net_persian.bin
C:\Users\Public\PDF Pro\ocr\res\net_thai.bin
C:\Users\Public\PDF Pro\ocr\res\net_vietnamese.bin
C:\Users\Public\PDF Pro\ocr\res\persian_engine.bin
C:\Users\Public\PDF Pro\ocr\res\thai_engine.bin
C:\Users\Public\PDF Pro\ocr\res\vietnamese_engine.bin
C:\Users\Public\PDF Pro\ocr\styles\qwindowsvistastyle.dll
C:\WINDOWS\System32\config\systemprofile\AppData\Local\CM2311B.tmp
C:\WINDOWS\System32\config\systemprofile\AppData\Local\CM2D30C.tmp
C:\WINDOWS\System32\config\systemprofile\AppData\Local\CM2EAEF.tmp
C:\WINDOWS\System32\perfc009.dat
C:\WINDOWS\System32\perfc00A.dat
C:\WINDOWS\System32\perfh009.dat
C:\WINDOWS\System32\perfh00A.dat
C:\WINDOWS\Tasks\CCleanerCrashReporting.job
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
Navegador: Google Chrome - Notificaciones push encontradas y eliminadas (Default)

# Carpetas:

C:\Program Files (x86)\chrome_url_fetcher_5696_1305527125
C:\Users\Diego Canales\AppData\Local\BitTorrentHelper
C:\Users\Diego Canales\AppData\Local\D3DSCache (1)
C:\Users\Diego Canales\AppData\Local\Microsoft\Windows\INetCache\IE (4)
C:\WINDOWS\System32\config\systemprofile\AppData\Local (399)
C:\WINDOWS\System32\config\systemprofile\AppData\Local\D3DSCache (5)

# Tareas:

# Registro:

HKCU\Software\Classes\.bat
HKCU\Software\Classes\.cmd
HKCU\Software\Classes\.reg
HKCU\Software\Classes\regfile
HKCU\Software\Policies\Microsoft\Internet Explorer
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore
HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate
HKLM\Software\Policies\Mozilla\Firefox
HKLM\Software\Microsoft\Tracing\ProgDvbNet_RASAPI32
HKLM\Software\Microsoft\Tracing\ProgDvbNet_RASMANCS
HKLM\Software\Microsoft\Tracing\WiseCare365_RASAPI32
HKLM\Software\Microsoft\Tracing\WiseTray_RASAPI32
HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager\\SubscribedContent-338388Enabled
HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager\\SubscribedContent-338389Enabled
HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager\\SystemPaneSuggestionsEnabled [1] => [0]
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\2a2c81702d7d866ba36cf033ec0cfe68
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\3cca1bb530f30c1edd994819dca34c2c
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\606ba22cbf04c325e033981c7c38631c
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\CanvaAutoLaunchAvailabilityCheckAgent
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Smart Cleaning
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\com.evernote.Evernote
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\com.squirrel.slack.slack
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\ecad650074ed35d08ab9d84a81d9601d
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\f3d982516fff56ad03059f303c64ef1c
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\f85771104712afc64996f8cb39d9b747
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_1517AF06D1A8047CAB91D06F0216BB3E
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Microsoft.Lists
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\MicrosoftEdgeAutoLaunch_470E91CE4317DE782D92CB7656680E45
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Opera Browser Assistant
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Opera Stable
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\WinZip UN
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0E6B314D-4EA4-4476-B7F2-5B36DB0C9BC1}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0F3436D5-934E-4DEC-8287-41360E71EDEC}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{16673331-D9E4-4DF6-98DA-3755A97DC0A7}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{172F514A-12D7-4D44-8173-4B1B04F65254}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{19FBD49F-12B4-4D86-AD74-7256691E6FD5}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1DEF0C29-96EF-4A26-867D-193952B371E6}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{20AD92FE-41EC-47E7-86CB-B260D642428D}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{21BDA1AC-1943-4525-AA10-7BE116E43516}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{282E2F90-3B8B-4110-A21A-EEBF5AC24FBC}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{32ED43EE-CAE3-4156-A236-4470F0FA5232}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{352946FA-8DEB-47EC-A514-B1D8217F71C9}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{35EB6E2E-8255-4ADC-AA19-EFBA3716C176}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{37B5C6E6-724B-4D5E-A8FC-9558B148C934}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{40C04CF6-0081-4701-AE75-3E01F90389C8}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{43165FE8-17AB-4393-AC7D-1F87DAE2248D}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{45A76C79-2DA7-4AD2-A084-FF1E0E22795D}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{492E2CE8-FB05-4A3F-B692-DFB33CF987FE}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4AA703AB-D28C-454C-BDC4-A5210A60578B}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{58FE3D51-D703-4A7C-988D-C4DA37E5EAF5}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6138E3DA-1F67-4427-819F-949AB3D6E7DE}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{661AA948-0540-436F-8415-1D98ADE2A0E6}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6779768C-972C-4494-A2BC-15B7D4C7C628}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{682E5424-E70E-4B18-BEE3-94334785CCF0}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6D6FE9B5-7765-4471-9FFF-D39BD8DD35BD}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7607727F-C13E-47D6-9555-1EBC12270CD4}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{76466E5B-9A67-4B41-B224-7FA820085B33}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7F363AD8-EB01-4088-AA44-AE771AA21A30}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{800BE89A-C7F9-4CC6-A6F4-12B294915F3F}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{86AAD66D-FE24-4072-802F-EC6EB8A5BF28}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{88689197-D3BA-4A81-90C2-8822375023F9}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8A2961AE-B82E-4120-B67F-C06D25A4A4D7}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8A351172-9762-43EE-A4ED-2F3CEF91E290}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8C6DC8CF-BA1A-493A-98D9-024E236AC5FC}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{90F4BE33-6B43-4C35-8DB8-2BB81D409C4D}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{940E9D88-7F36-47F6-97FD-0A11B2C2974A}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{973D4D43-D93E-4A4C-A1A2-407406EAD527}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9E15E4DF-4075-45BE-84D7-E8B65E964ACB}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A27E5099-050F-4AD4-89F3-597AD42FF846}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A30B7BA7-AC5C-4B93-823B-1556F38CA7FA}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AC17261E-ED37-419D-83AB-181F3F372F3B}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AF1C5A85-4F02-4713-A216-D9B683EE25B3}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AF1F170A-79CC-4619-894B-BBCCF5660A57}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AFCF6A4B-3D74-4172-A172-4B0867AB5094}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B5CB7F7B-A0F4-4BB1-82B4-A531A61BB156}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BBBC35A5-1E50-4D2F-A48F-C5A3F3FDD7E1}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BC02F29F-BA43-4A37-ABAC-507746C28D49}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BD83A165-DB55-4737-A85A-0A0351A4AB45}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C65E6B18-FF51-458B-8538-B2817A2A8A98}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CC6466B9-1435-4D6E-B5CB-52554597F664}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CE268363-61D5-47D3-8E47-C025B0F618EA}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D46A7481-3E60-426F-A68B-ED684EDC5AEA}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D4EDD1AF-FAF9-407F-814B-90C293DA2067}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D8466068-D6D2-4DE3-AF3E-D0202FE777B4}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DE1A5117-71CE-4C94-BF51-780CABDE84D7}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DF01028E-82AA-471A-977D-488892521CE3}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E645893E-DE2E-48E8-A6F7-DAA1D4510DC8}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E85A293F-B9BB-493B-8B7D-A067549A5099}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E91937E0-9A0D-43CA-9379-17586DCDBD56}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F50E1140-291C-4562-8EF6-A79290C8B534}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F7CBC829-2C04-4BEE-9539-6BE401D0CF0D}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FAD9ECDF-1572-42D5-88AA-715893A37E4E}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FB80C5A5-7D75-4BA8-AC6A-A5ED83E04DD8}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FE436858-B4A6-4E04-A8D5-ECDE7D503C66}

# MiscelÃ¡neo:

AntiVirus Software: Comodo
AntiVirus Software: Windows Defender
Punto de restauraciÃ³n: Furtivex Malware Removal Script - Creado

HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity
    Enabled    REG_DWORD    0x0


HKLM\Software\Microsoft\Windows Defender\Exclusions\Extensions

HKLM\Software\Microsoft\Windows Defender\Exclusions\IpAddresses

HKLM\Software\Microsoft\Windows Defender\Exclusions\Paths
    C:\WINDOWS\AutoKMS\AutoKMS.exe    REG_DWORD    0x0

HKLM\Software\Microsoft\Windows Defender\Exclusions\Processes

HKLM\Software\Microsoft\Windows Defender\Exclusions\TemporaryPaths
    \\?\C:\Program Files (x86)\LiveMath\PrintMath.exe    REG_DWORD    0x30
    \\?\C:\Program Files (x86)\RarmaRadio\Activator.exe    REG_DWORD    0x31

Event[0]:
  Log Name: Microsoft-Windows-Windows Defender/Operational
  Source: Microsoft-Windows-Windows Defender
  Date: 2025-03-04T13:58:24.1440000Z
  Event ID: 3002
  Task: N/A
  Level: Error
  Opcode: Información
  Keyword: N/A
  User: S-1-5-18
  User Name: NT AUTHORITY\SYSTEM
  Computer: DESKTOP-8PNNOV5
  Description: 
Antivirus de Microsoft Defender Real-Time Protection feature has encountered an error and failed.
 	Feature: Durante el acceso
 	Error Code: 0x80004005
 	Error description: Error no especificado 
 	Reason: El controlador de filtro no examinó los elementos y está en el modo indirecto. Esto puede deberse a recursos insuficientes.

C:\Users\Diego Canales\AppData\Local\CrashDumps\Malwarebytes\Malwarebytes.exe.7088548.dmp		<439952056>		<2025-04-05 23:04:19>


# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ #

elturco · 16 Abril, 2025 23:58

Copio reporte de AdwCleaner.

# -------------------------------
# Malwarebytes AdwCleaner 8.5.1.601
# -------------------------------
# Build:    03-26-2025
# Database: 2025-04-04.3 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    04-16-2025
# Duration: 00:00:01
# OS:       Windows 10 (Build 19045.5737)
# Cleaned:  5
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Shell
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG Tuneup

***** [ Chromium (and derivatives) ] *****

Deleted       obkfjhifkbhimlocpddgamonjihinpak

***** [ Chromium URLs ] *****

Deleted       http://start.facemoods.com/?a=ddr

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4770 octets] - [16/04/2025 19:07:27]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

DanielG · 17 Abril, 2025 20:35

Hola @elturco

Faltaria el reporte de SecurityCheck

Saludos

elturco · 17 Abril, 2025 22:33

Copio reporte de SecurityCheck.

SecurityCheck by glax24 & Severnyj v.1.4.0.58 [15.08.24]
WebSite: www.safezone.cc
DateLog: 17.04.2025 17:33:38
Path starting: C:\Users\Diego Canales\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: Diego Canales
VersionXML: 13.64is-16.04.2025
___________________________________________________________________________

Windows 10 Enterprise (x64) Release: 22H2 (10.0.19045.5737) Lang: Spanish(0C0A)
Installation date OS: 05.02.2025 00:28:45
LicenseStatus: Office 24, Office24ProjectPro2024VL_MAK_AE1 edition Windows is in Notification mode
LicenseStatus: Office 24, Office24VisioPro2024VL_MAK_AE edition Windows is in Notification mode
LicenseStatus: Windows(R), Enterprise edition The machine is permanently activated.
LicenseStatus: Office 24, Office24ProPlus2024VL_MAK_AE1 edition Windows is in Notification mode
Boot Mode: Normal
Default Browser: C:\Users\Diego Canales\AppData\Local\Programs\Opera\opera.exe
SystemDrive: C: FS: [NTFS] Capacity: [475.8 Gb] Used: [447.8 Gb] Free: [28 Gb]
------------------------------- [ Windows ] -------------------------------
User Account Control [b]enabled[/b] (Level 3)
Centro de seguridad (wscsvc) - The service is running
Registro remoto (RemoteRegistry) - The service has stopped
Detección SSDP (SSDPSRV) - The service is running
Servicios de Escritorio remoto (TermService) - The service has stopped
Administración remota de Windows (WS-Management) (WinRM) - The service has stopped
Servicio de transferencia inteligente en segundo plano (BITS) (BITS) - The service is running
Optimización de distribución (DoSvc) - The service has stopped
Servicio Seguridad de Windows (SecurityHealthService) - The service is running
Servicio orquestador de actualizaciones (UsoSvc) - The service is running
Servicio de Windows Update Medic (WaaSMedicSvc) - The service is running
Windows Update (wuauserv) - The service is running
---------------------------- [ Antivirus_WMI ] ----------------------------
Windows Defender (disabled and up to date)
COMODO Antivirus (disabled and up to date)
AVG Antivirus (enabled and up to date)
---------------------------- [ Firewall_WMI ] -----------------------------
AVG Antivirus (enabled)
COMODO Firewall (disabled)
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (enabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
AVG Internet Security v.25.3.9983.2652
Malwarebytes version 5.2.10.182 v.5.2.10.182
-------------------------- [ SecurityUtilities ] --------------------------
Ashampoo Webcam Guard v.1.00.31
--------------------------- [ OtherUtilities ] ----------------------------
Evernote 10.134.4 (Todos los usuarios) v.10.134.4 [color=red][b]Warning! [url=https://win.desktop.evernote.com/builds/Evernote-latest.exe]Download Update[/url][/b][/color]
ONLYOFFICE Desktop Editors 8.2.2 (x64) v.8.2.2.22 [color=red][b]Warning! [url=https://www.onlyoffice.com/en/download-desktop.aspx]Download Update[/url][/b][/color]
Ghostscript GPL 10.01.2 (Msi Setup) v.10.01.2 [color=red][b]Warning! [url=https://ghostscript.com/releases/gsdnld.html]Download Update[/url][/b][/color]
[color=blue][b]Uninstall old version and install new one.[/b][/color]
LibreOffice 25.2.2.2 v.25.2.2.2
PowerShell 7-x64 v.7.5.0.0
Evernote 10.132.5 v.10.132.5 [color=red][b]Warning! [url=https://win.desktop.evernote.com/builds/Evernote-latest.exe]Download Update[/url][/b][/color]
Python 3.9.10 (32-bit) v.3.9.10150.0 [color=red][b]Warning! [url=https://www.python.org/downloads/windows/]Download Update[/url][/b][/color]
Python 3.9.10 (64-bit) v.3.9.10150.0 [color=red][b]Warning! [url=https://www.python.org/downloads/windows/]Download Update[/url][/b][/color]
AnyDesk v.ad 9.0.5 [color=red][b]Warning! [url=https://download.anydesk.com/AnyDesk.exe]Download Update[/url][/b][/color]
Foxit PDF Reader v.2024.4.0.27683
GPL Ghostscript v.9.16 [color=red][b]Warning! [url=https://ghostscript.com/releases/gsdnld.html]Download Update[/url][/b][/color]
[color=blue][b]Uninstall old version and install new one.[/b][/color]
WebView2 Runtime de Microsoft Edge v.135.0.3179.73
Microsoft Works v.9.7.0621 [b][color=red]Warning! This software is no longer supported.[/color][/b]
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34438 v.14.42.34438.0
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34438 v.14.42.34438.0
------------------------------- [ Backup ] --------------------------------
Microsoft OneDrive v.25.051.0317.0003 [color=red][b]Warning! [url=https://oneclient.sfx.ms/Win/Installers/25.059.0327.0001/amd64/OneDriveSetup.exe]Download Update[/url][/b][/color]
------------------------------ [ ArchAndFM ] ------------------------------
7-Zip 24.09 (x64) v.24.09
Bandizip v.7.37
WinRAR 7.10 beta 3 (64-bit) v.7.10.3 [color=red][b]Warning! [url=https://www.rarlab.com/download.htm]Download Update[/url][/b][/color]
PeaZip 10.2.0 (WIN64) v.10.2.0 [color=red][b]Warning! [url=https://github.com/peazip/PeaZip/releases/latest]Download Update[/url][/b][/color]
7-Zip 24.09 v.24.09
WinAce Archiver v.2.69 [b][color=red]Warning! This software is no longer supported.[/color][/b]
------------------------------- [ Imaging ] -------------------------------
GIMP 2.10.38-1 v.2.10.38 [color=red][b]Warning! [url=https://www.gimp.org/downloads/]Download Update[/url][/b][/color]
IrfanView 4.70 (64-bit) v.4.70
Krita (x64) 5.2.9 (git ac6cae8) v.5.2.9.100 [b][+][/b]
GIMP 3.0.2-1 v.3.0.2.1
Inkscape 0.91 v.0.91 [color=red][b]Warning! [url=https://inkscape.org/release/1.4/windows/]Download Update[/url][/b][/color]
-------------------------- [ IMAndCollaborate ] ---------------------------
Slack v.4.43.43 [color=red][b]Warning! [url=https://slack.com/downloads/windows]Download Update[/url][/b][/color]
Zoom Workplace v.6.4.3 (63669) [color=red][b]Warning! [url=https://zoom.us/client/latest/ZoomInstaller.exe]Download Update[/url][/b][/color]
Telegram Desktop v.5.13.1
--------------------------------- [ P2P ] ---------------------------------
uTorrent Web v.1.4.0 [b][color=red]Warning! Ad-supported P2P-client[/color][/b].
qBittorrent v.5.0.3 [color=red][b]Warning! [url=https://sourceforge.net/projects/qbittorrent/files/latest/download]Download Update[/url][/b][/color]
-------------------------------- [ Java ] ---------------------------------
Java(TM) 6 Update 7 v.1.6.0.70 [b][color=red]Warning! This software is no longer supported.[/color][/b] Please uninstall it and use [b][url=https://java.com/download/manual.jsp]Java SE 8[/url] (jre-8u451-windows-i586.exe)[/b].
Java 8 Update 441 v.8.0.4410.7 [color=red][b]Warning! [url=https://www.java.com/en/download/manual.jsp]Download Update[/url][/b][/color]
[color=blue][b]Uninstall old version and install new one (jre-8u451-windows-i586.exe).[/b][/color]
-------------------------------- [ Media ] --------------------------------
AIMP v.5.40.2655 [color=red][b]Warning! [url=https://www.aimp.ru/?do=download]Download Update[/url][/b][/color]
[color=blue][b]^[b][color=red]Warning! Bundle-installer.[/color][/b]^[/b][/color]
PotPlayer-64 bit v.24.12.16.0 [color=red][b]Warning! [url=https://potplayer.daum.net/]Download Update[/url][/b][/color]
VLC media player v.3.0.21
iTunes v.12.13.7.1
GOM Player v.2.3.105.5375 [color=red][b]Warning! [url=https://cdn.gomlab.com/gretech/player/GOMPLAYERGLOBALSETUP_CHROME.EXE]Download Update[/url][/b][/color]
[color=blue][b]^[b][color=red]Warning! Bundle-installer.[/color][/b]^[/b][/color]
K-Lite Mega Codec Pack 18.8.5 v.18.8.5
Winamp v.5.92.0
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Acrobat (64-bit) v.25.001.20435 [color=red][b]Warning! [url=https://www.adobe.com/devnet-docs/acrobatetk/tools/ReleaseNotesDC/index.html]Download Update[/url][/b][/color]
[color=blue][b]^Please run Acrobat Reader DC and go Help - Check for updates...^[/b][/color]
------------------------------- [ Browser ] -------------------------------
Mozilla Firefox (x64 es-CL) v.137.0.1 [color=red][b]Warning! [url=https://www.mozilla.org/en-US/firefox/all/]Download Update[/url][/b][/color]
Google Chrome v.135.0.7049.86 [color=red][b]Warning! [url=https://www.google.com/chrome/update/]Download Update[/url][/b][/color]
Opera Stable 117.0.5408.197 v.117.0.5408.197 [color=red][b]Warning! [url=https://net.geo.opera.com/opera/stable/windows]Download Update[/url][/b][/color]
Microsoft Edge v.135.0.3179.73
----------------------------- [ EmailClient ] -----------------------------
Mozilla Thunderbird (x64 es-ES) v.128.9.1 [color=red][b]Warning! [url=https://www.thunderbird.net/en-US/thunderbird/all/]Download Update[/url][/b][/color]
eM Client v.10.1.4588.0 [color=red][b]Warning! [url=https://www.emclient.com/dist/latest/setup.msi]Download Update[/url][/b][/color]
------------------ [ AntivirusFirewallProcessServices ] -------------------
C:\Program Files\AVG\Antivirus\aswidsagent.exe v.25.3.9983.0
C:\Program Files\AVG\Antivirus\aswEngSrv.exe v.25.3.9983.0
C:\Program Files\AVG\Antivirus\afwServ.exe v.25.3.9983.0
C:\Program Files\AVG\Antivirus\wsc_proxy.exe v.21.4.6162.0
AVG Antivirus (AVG Antivirus) - The service is running
C:\Program Files\AVG\Antivirus\AVGSvc.exe v.25.3.9983.0
C:\Program Files\AVG\Antivirus\AVGUI.exe v.25.3.9983.970
Malwarebytes Service (MBAMService) - The service is running
C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe v.3.2.0.1390
C:\Program Files\AVG\Antivirus\aswidsagent.exe v.25.3.9983.0
C:\Program Files\AVG\Antivirus\afwServ.exe v.25.3.9983.0
C:\Program Files\AVG\Antivirus\wsc_proxy.exe v.21.4.6162.0
C:\Program Files\AVG\Antivirus\aswEngSrv.exe v.25.3.9983.0
Microsoft Defender Core Service (MDCoreSvc) - The service has stopped
Servicio Antivirus de Microsoft Defender (WinDefend) - The service has stopped
Servicio de inspección de red de Antivirus de Microsoft Defender (WdNisSvc) - The service has stopped
---------------------------- [ UnwantedApps ] -----------------------------
CCleaner v.6.35 [b]Warning![/b] Suspected demo version of anti-spyware, driver updater or [url=https://support.microsoft.com/en-us/help/2563254/microsoft-support-policy-for-the-use-of-registry-cleaning-utilities]optimizer[/url]. If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using [url=https://www.malwarebytes.com/mwb-download/thankyou]Malwarebytes Anti-Malware[/url]. Possible you became a victim of fraud or social engineering. Computer experts no longer recommend this program.
Ashampoo Video Optimizer Pro 2 v.2.0.1 [b]Warning![/b] Suspected demo version of anti-spyware, driver updater or [url=https://support.microsoft.com/en-us/help/2563254/microsoft-support-policy-for-the-use-of-registry-cleaning-utilities]optimizer[/url]. If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using [url=https://www.malwarebytes.com/mwb-download/thankyou]Malwarebytes Anti-Malware[/url]. Possible you became a victim of fraud or social engineering. Computer experts no longer recommend this program.
Bonjour v.3.1.0.1 [b]Warning![/b] Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
Windows 10 Manager v.3.9.4 [color=blue][b]<< Hidden[/b][/color] [b]Warning![/b] Suspected demo version of anti-spyware, driver updater or [url=https://support.microsoft.com/en-us/help/2563254/microsoft-support-policy-for-the-use-of-registry-cleaning-utilities]optimizer[/url]. If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using [url=https://www.malwarebytes.com/mwb-download/thankyou]Malwarebytes Anti-Malware[/url]. Possible you became a victim of fraud or social engineering. Computer experts no longer recommend this program.
Pluto TV: Ve Gratis Películas, Programas y TV En Vivo En Línea v.1.0 [b][color=red]Warning! Suspected Adware![/color][/b] If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using [url=https://www.malwarebytes.com/mwb-download/thankyou]Malwarebytes Anti-Malware[/url] and [url=https://www.malwarebytes.com/adwcleaner]Malwarebytes AdwCleaner[/url]. Before uninstallation and scanning it is necessary to consult in the forum where cure is provided for you!!!
JDownloader 2 v.2.0.240220 [b][color=red]Warning! Suspected Adware![/color][/b] If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using [url=https://www.malwarebytes.com/mwb-download/thankyou]Malwarebytes Anti-Malware[/url] and [url=https://www.malwarebytes.com/adwcleaner]Malwarebytes AdwCleaner[/url]. Before uninstallation and scanning it is necessary to consult in the forum where cure is provided for you!!!
EaseUS CleanGenius 3.0.3 [b]Warning![/b] Suspected demo version of anti-spyware, driver updater or [url=https://support.microsoft.com/en-us/help/2563254/microsoft-support-policy-for-the-use-of-registry-cleaning-utilities]optimizer[/url]. If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using [url=https://www.malwarebytes.com/mwb-download/thankyou]Malwarebytes Anti-Malware[/url]. Possible you became a victim of fraud or social engineering. Computer experts no longer recommend this program.
Glary Utilities 6.24 v.6.24.0.28 [b]Warning![/b] Suspected demo version of anti-spyware, driver updater or [url=https://support.microsoft.com/en-us/help/2563254/microsoft-support-policy-for-the-use-of-registry-cleaning-utilities]optimizer[/url]. If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using [url=https://www.malwarebytes.com/mwb-download/thankyou]Malwarebytes Anti-Malware[/url]. Possible you became a victim of fraud or social engineering. Computer experts no longer recommend this program.
TotalMailConverterPro [b][color=red]Warning! Suspected Adware![/color][/b] If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using [url=https://www.malwarebytes.com/mwb-download/thankyou]Malwarebytes Anti-Malware[/url] and [url=https://www.malwarebytes.com/adwcleaner]Malwarebytes AdwCleaner[/url]. Before uninstallation and scanning it is necessary to consult in the forum where cure is provided for you!!!
GiliSoft Privacy Protector v.11.4.0 [b]Warning![/b] Suspected demo version of anti-spyware, driver updater or [url=https://support.microsoft.com/en-us/help/2563254/microsoft-support-policy-for-the-use-of-registry-cleaning-utilities]optimizer[/url]. If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using [url=https://www.malwarebytes.com/mwb-download/thankyou]Malwarebytes Anti-Malware[/url]. Possible you became a victim of fraud or social engineering. Computer experts no longer recommend this program.
Ashampoo WinOptimizer 27 v.27.00.05 [b]Warning![/b] Suspected demo version of anti-spyware, driver updater or [url=https://support.microsoft.com/en-us/help/2563254/microsoft-support-policy-for-the-use-of-registry-cleaning-utilities]optimizer[/url]. If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using [url=https://www.malwarebytes.com/mwb-download/thankyou]Malwarebytes Anti-Malware[/url]. Possible you became a victim of fraud or social engineering. Computer experts no longer recommend this program.
WinUtilities Professional Edition 15.89 v.15.89 [b]Warning![/b] Suspected demo version of anti-spyware, driver updater or [url=https://support.microsoft.com/en-us/help/2563254/microsoft-support-policy-for-the-use-of-registry-cleaning-utilities]optimizer[/url]. If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using [url=https://www.malwarebytes.com/mwb-download/thankyou]Malwarebytes Anti-Malware[/url]. Possible you became a victim of fraud or social engineering. Computer experts no longer recommend this program.
----------------------------- [ End of Log ] ------------------------------

DanielG · 17 Abril, 2025 22:56

Hola @elturco

Coméntame como esta el problema que planteaste al principio? Notaste alguna mejoría?

Saludos

elturco · 18 Abril, 2025 01:27

Daniel, gracias por preguntar.

El problema persiste, aunque al iniciar Windows me mostró un mensaje de “clase no registrada”.

DanielG · 18 Abril, 2025 02:46

Hola @elturco

Realizas lo siguiente

Desactive temporalmente su antivirus. ¿Cómo deshabilitar temporalmente su Antivirus?

Por favor, descargue Farbar Recovery Scan Tool de acuerdo a su tipo de sistema y guárdelo en el Escritorio del sistema.

¿Cómo saber si mi Windows es de 32 o 64 bits?

Haga clic con el botón derecho sobre él y seleccionar “Ejecutar como Administrador”, para ejecutar la herramienta con permisos de administrador.
Cuando la herramienta se abra, haga clic en Sí para aceptar el Disclaimer/ Descargo de responsabilidad.
Haga clic en el botón Scan (Analizar) y espere a que termine.
La herramienta creará dos informes FRST.txt y Addition.txt ubicados en el mismo directorio desde el que se ejecuta la herramienta.
Por favor, traiga el contenido de estos reportes en su próxima respuesta.

¿Como Pegar Reportes en el Foro?

Saludos

elturco · 18 Abril, 2025 03:26

Copio primera parte de reporte FRST. (Debo hacerlo así por las restricciones del foro).

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 01-04-2025
Ejecutado por Diego Canales (administrador) sobre DESKTOP-8PNNOV5 (LENOVO 20JVA05KCL) (17-04-2025 23:11:15)
Ejecutado desde C:\Users\Diego Canales\Downloads\FRST64.exe
Perfiles cargados: Diego Canales
Plataforma: Microsoft Windows 10 Enterprise Versión 22H2 19045.5737 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: "C:\Users\Diego Canales\AppData\Local\Programs\Opera\opera.exe" -noautoupdate -- "%1"
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\AVGUI.exe <4>
(C:\Program Files (x86)\EaseUS\ENS\ensserver.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\ENS\AliyunWrapExe.exe
(C:\Program Files\AVG\Antivirus\AVGSvc.exe ->) (AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Users\Diego Canales\AppData\Local\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Diego Canales\AppData\Local\PowerToys\PowerToys.AlwaysOnTop.exe
(C:\Users\Diego Canales\AppData\Local\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Diego Canales\AppData\Local\PowerToys\PowerToys.Awake.exe
(C:\Users\Diego Canales\AppData\Local\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Diego Canales\AppData\Local\PowerToys\PowerToys.ColorPickerUI.exe
(C:\Users\Diego Canales\AppData\Local\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Diego Canales\AppData\Local\PowerToys\PowerToys.CropAndLock.exe
(C:\Users\Diego Canales\AppData\Local\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Diego Canales\AppData\Local\PowerToys\PowerToys.FancyZones.exe
(C:\Users\Diego Canales\AppData\Local\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Diego Canales\AppData\Local\PowerToys\PowerToys.MouseWithoutBorders.exe
(C:\Users\Diego Canales\AppData\Local\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Diego Canales\AppData\Local\PowerToys\PowerToys.PowerAccent.exe
(C:\Users\Diego Canales\AppData\Local\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Diego Canales\AppData\Local\PowerToys\PowerToys.PowerLauncher.exe
(C:\Users\Diego Canales\AppData\Local\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Diego Canales\AppData\Local\PowerToys\PowerToys.PowerOCR.exe
(C:\Users\Diego Canales\AppData\Local\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Diego Canales\AppData\Local\PowerToys\WinUI3Apps\PowerToys.Peek.UI.exe
(C:\Users\Diego Canales\AppData\Local\PowerToys\PowerToys.MouseWithoutBorders.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Diego Canales\AppData\Local\PowerToys\PowerToys.MouseWithoutBordersHelper.exe
(C:\Users\Diego Canales\AppData\Roaming\uTorrent Web\utweb.exe ->) (BitTorrent Inc -> BitTorrent Inc.) C:\Users\Diego Canales\AppData\Roaming\uTorrent Web\helper\helper.exe
(cmd.exe ->) (Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\Diego Canales\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(explorer.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessService.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Limited) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (BitTorrent Inc -> BitTorrent Limited) C:\Users\Diego Canales\AppData\Roaming\uTorrent Web\utweb.exe
(explorer.exe ->) (FxSound, LLC -> FxSound LLC) C:\Program Files\FxSound LLC\FxSound\FxSound.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <39>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.051.0317.0003\Microsoft.SharePoint.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.CommandPalette_0.1.1.0_x64__8wekyb3d8bbwe\Microsoft.CmdPal.UI.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(services.exe ->) (AnyDesk Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(services.exe ->) (Autodesk, Inc. -> ) C:\Program Files\Autodesk\Autodesk CER\service\cer_service.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\14.4.0.11537\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Limited) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\TuneUp\TuneupSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\afwServ.exe
(services.exe ->) (AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
(services.exe ->) (Broadcom Inc -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(services.exe ->) (Broadcom Inc -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(services.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\ENS\ensserver.exe
(services.exe ->) (Firebird Project) [Archivo no firmado] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
(services.exe ->) (Firebird Project) [Archivo no firmado] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
(services.exe ->) (Glarysoft Ltd -> Glarysoft Ltd) C:\Program Files (x86)\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4a8c83f7e646bfcf\IntelCpHeciSvc.exe
(services.exe ->) (Lespeed Technology Co., Ltd -> WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(svchost.exe ->) () [Archivo no firmado] C:\Program Files (x86)\EaseUS\EaseUS CleanGenius\bin\CleanGenius.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2514.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Lespeed Technology Co., Ltd -> WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.25.340.0_x64__8wekyb3d8bbwe\WindowsPackageManagerServer.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Diego Canales\AppData\Local\PowerToys\PowerToys.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\Diego Canales\AppData\Local\Kingsoft\WPS Office\12.2.0.20795\office6\wpscenter.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [PrintDisp] => C:\WINDOWS\system32\PrintDisp.exe [610080 2024-10-28] (ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM\...\Run: [VCVS07EN] => C:\Program Files\ACD Systems\LUXEA Pro\7.0\acdIDInTouch2.exe [3501616 2023-08-07] (ACD Systems International Inc. -> ACD Systems International Inc.)
HKLM\...\Run: [MMReminderService] => C:\Program Files\MindManager 23\MMReminderService.exe [464912 2023-10-11] (Corel Corporation -> MindManager)
HKLM\...\Run: [TechSmithSnagit] => C:\Program Files\TechSmith\Snagit 2024\SnagitCapture.exe [9368416 2025-02-04] (TechSmith Corporation -> TechSmith Corporation)
HKLM\...\Run: [CDSBupd.exe] => C:\Program Files\ConceptDraw Office\ConceptDraw STORE\CDSBupd.exe [6201816 2023-10-23] (CS ODESSA DISTI CORP -> CS Odessa Corp.)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\AVG\TuneUp\TuneupUI.exe [6945608 2025-04-01] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Autodesk Access Service] => C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessService.exe [13673248 2025-01-08] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [492872 2025-04-09] (AVG Technologies USA, LLC -> Gen Digital Inc.)
HKLM-x32\...\Run: [SO5 Integrator Pass Two] => C:\WINDOWS\SOINTGR.EXE [20480 2000-05-08] () [Archivo no firmado]
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-12-15] (CyberLink -> CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2010-02-02] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2011-05-25] (CyberLink -> cyberlink)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\fwupdate.exe [548864 2008-09-19] (BL) [Archivo no firmado]
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Roxio Creator NXT Pro 9\Common\RoxWatchTray15.exe [303672 2022-09-28] (Corel Corporation -> Corel Corporation)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [133128 2025-02-05] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [QuickFinder Scheduler] => c:\Program Files (x86)\Corel\WordPerfect Office 2021\Programs\QFSCHD210.EXE [247032 2022-06-23] (Corel Corporation -> Corel Corporation)
HKLM-x32\...\Run: [Ultralingua 7 Hotkey] => C:\Program Files (x86)\Ultralingua\Ultralingua 7\ULHotkey.exe [1483264 2009-11-04] () [Archivo no firmado]
HKLM-x32\...\Run: [Lingvo Launcher] => C:\Program Files (x86)\ABBYY Lingvo x6\LvAgent.exe [772088 2019-12-19] (ABBYY Production LLC -> ABBYY)
HKLM-x32\...\Run: [OmniPage Preload] => C:\Program Files (x86)\Nuance\OmniPage19\OmniPage19.exe [3021528 2014-11-25] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PowerPDF Registry Controller] => C:\Program Files (x86)\Nuance\Nuance Power PDF\RegistryController.exe [274216 2017-05-16] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PowerPDFInboxMonitor] => C:\Program Files (x86)\Nuance\Nuance Power PDF\InboxMonitor.exe [255544 2017-05-16] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort14\pptd40nt.exe [35624 2016-08-16] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort14\IndexSearch.exe [17576 2016-08-16] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [YouCam Service10] => C:\Program Files (x86)\CyberLink\YouCam365\YouCamService10.exe [418312 2024-11-06] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [YouCam10] => C:\Program Files (x86)\CyberLink\YouCam365\YouCam10.exe [587272 2024-11-06] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [FileFort] => C:\Program Files (x86)\NCH Software\FileFort\filefort.exe [1102880 2018-10-18] (NCH Software Pty Ltd -> NCH Software)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2138272 2016-10-08] (Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft)
HKLM-x32\...\Run: [ReminderApp_EEAC3053-7055-4143-B8A0-306758055099] => C:\Program Files (x86)\Nova Development\Office Printing Essentials 3\ReminderApp.exe [139776 2015-12-18] () [Archivo no firmado]
HKLM-x32\...\Run: [DoroServer] => C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe [217088 2025-01-06] (the sz development) [Archivo no firmado]
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [114040 2024-11-28] (Broadcom Inc -> VMware, Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restricción <==== ATENCIÓN
HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5012288 2025-04-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [483888 2025-01-31] (AVB Disc Soft, SIA -> Disc Soft Limited)
HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft -> Alcohol Soft Development Team)
HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\...\Run: [QMxNetworkSync] => C:\Program Files\Common Files\MAGIX Services\Update Notifier\QMxNetworkSync.exe [1027088 2024-04-23] (MAGIX Software GmbH -> MAGIX)
HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\...\Run: [movavi_suite_22.4.1_screenrecorder] => C:\Users\Diego Canales\AppData\Roaming\Movavi Video Suite 22\ScreenRecorder.exe [10885248 2025-02-07] (Movavi Software Limited -> Movavi)
HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\...\Run: [movavi_suite_agent] => C:\Users\Diego Canales\AppData\Roaming\Movavi Video Suite 22\AgentInformer.exe [1118848 2025-02-07] (Movavi Software Limited -> Movavi)
HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\...\Run: [EdrawMaxTray] => C:\Program Files (x86)\EdrawSoft\EdrawMax\EdrawMaxTray.exe [218168 2025-01-10] (SHENZHEN EDRAW SOFTWARE CO.,LTD -> )
HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\...\Run: [VideoDownloadCapture] => C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe [9051200 2024-09-28] (Apowersoft Ltd -> Apowersoft) [Archivo no firmado]
HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\...\Run: [ApowersoftScreenCapture] => C:\Program Files (x86)\Apowersoft\Apowersoft Screen Capture Pro\Apowersoft Screen Capture Pro.exe [11944464 2024-10-18] (Apowersoft Ltd -> Apowersoft)
HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\...\Run: [ApowerManager] => C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe [56449584 2020-09-29] (Apowersoft Ltd -> Apowersoft Ltd.)
HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 2022\AudialsNotifier.exe [2204352 2022-10-05] (Audials AG -> )
HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\...\Run: [DVDFab VDrive] => C:\Program Files\DVDFab\ExplorerFab\vdrive.exe [15596360 2023-06-05] (DVDFab Software Inc. -> DVDFab Software Inc.)
HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\...\Run: [iMusicService] => C:\Program Files (x86)\iMusic\iMusic\iMusicService.exe [16384 2019-08-22] (Aimersoft) [Archivo no firmado]
HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\...\Run: [Automatic PDF Processor] => C:\Program Files\Automatic PDF Processor\AutomaticPDFProcessor.exe [4819728 2025-02-11] (René Gillmeister -> Gillmeister Software)
HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\...\Run: [Windows File Locker Helper] => C:\Program Files (x86)\GiliSoft\Privacy Protector\WinFLockerHelp.exe [33040 2019-02-15] (SiChuan HengYiDa XinXiJiShu YouXianGongSi -> GiliSoft International LLC)
HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\...\Run: [iMindQ Notifier] => C:\Program Files (x86)\iMindQ\iMindQReminder.exe [217600 2021-11-17] (Synami DOOEL) [Archivo no firmado]
HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\...\Run: [ALLUpdate] => C:\Program Files\ALLPlayer\ALLUpdate.exe [4230016 2023-11-17] (ALLPlayer Group sp. z o.o. -> ALLPlayer.org)
HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\...\Run: [Messenger Plus] => C:\Program Files\Messenger Plus\MessengerPlus.exe [120400 2025-02-04] (Sara AI sp. z o.o. -> )
HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\...\Run: [ScreenHunter 7 Pro] => C:\Program Files (x86)\ScreenHunter 7 Pro\ScreenHunter7Pro64.exe [20535296 2024-04-10] (Wisdom Software Inc.) [Archivo no firmado]
HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\...\Run: [HyperCam 6 Business Edition Recovery] => C:\Program Files (x86)\HyperCam 6 Business Edition\SMM_HyperCam_Recovery.exe [2030800 2022-09-13] (Solveig Multimedia Germany GmbH -> Solveig Multimedia)
HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\...\Run: [utweb] => C:\Users\Diego Canales\AppData\Roaming\uTorrent Web\utweb.exe [6426632 2024-11-25] (BitTorrent Inc -> BitTorrent Limited)
HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\...\Run: [GoogleChromeAutoLaunch_1517AF06D1A8047CAB91D06F0216BB3E] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [3533920 2025-04-08] (Google LLC -> Google LLC)
HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\...\Run: [MicrosoftEdgeAutoLaunch_470E91CE4317DE782D92CB7656680E45] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4418112 2025-04-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\...\Run: [Opera Stable] => C:\Users\Diego Canales\AppData\Local\Programs\Opera\opera.exe [1606552 2025-04-02] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45882672 2025-04-09] (Gen Digital Inc. -> Gen Digital Inc.)
HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\...\Run: [Microsoft.Lists] => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\Microsoft.SharePoint.exe [1030440 2025-04-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\...\Policies\system: [shell] explorer.exe <==== ATENCIÓN
HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\...\Policies\Explorer: [DisallowCPL] 1
HKU\S-1-5-18\...\Run: [OpAgent] => "OpAgent.exe" /agent (Ningún archivo)
HKLM\...\Windows x64\Print Processors\ActMaskR: C:\Windows\System32\spool\prtprocs\x64\ActPrint.dll [51848 2018-09-15] (ActMask Group Co., Ltd -> ActMask Co.,Ltd)
HKLM\...\Windows x64\Print Processors\ActMaskR1: C:\Windows\System32\spool\prtprocs\x64\ActPrint1.dll [55584 2024-10-27] (ActMask Group Co., Ltd -> ActMask Co.,Ltd hxxp://ALL2PDF.COM)
HKLM\...\Windows x64\Print Processors\Perfect PDF 11 Premium Print Processor: C:\Windows\System32\spool\prtprocs\x64\sx_p11_p.dll [263088 2025-02-17] (soft Xpansion GmbH & Co.KG -> soft Xpansion)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2024-10-01] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Doro PDF Writer Port: C:\Program Files (x86)\DoroPDFWriter\Doro.dll [677888 2020-11-28] () [Archivo no firmado]
HKLM\...\Print\Monitors\FPP9:: C:\WINDOWS\system32\fppmon9-x64.dll [150264 2024-11-16] (FinePrint Software, LLC -> FinePrint Software)
HKLM\...\Print\Monitors\MPE3 Port: C:\WINDOWS\system32\mpelocalmon.dll [27136 2023-11-16] (Copyright (c) Code Industry Ltd) [Archivo no firmado]
HKLM\...\Print\Monitors\PDF Architect 9 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\architect_pdfpmon_v.6.23.0.2.dll [974120 2025-02-07] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\...\Print\Monitors\PDF Suite 2021 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\suite_pdfpmon_v.4.12.26.3.dll [932984 2025-03-09] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\WINDOWS\system32\pxcpmL.dll [912208 2025-02-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
HKLM\...\Print\Monitors\PDF-XChange4: C:\WINDOWS\system32\pxc40pm.dll [57408 2014-02-17] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
HKLM\...\Print\Monitors\PDFTron PDFNet Port Monitor: C:\WINDOWS\system32\pdfnetmon.dll [33792 2025-02-14] (Windows (R) Win 7 DDK provider) [Archivo no firmado]
HKLM\...\Print\Monitors\Soda PDF Desktop 14 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\soda_pdfpmon_v.6.23.0.2.dll [974120 2025-02-07] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\...\Print\Monitors\Solid PDF Port Monitor: C:\WINDOWS\system32\solidlocalmon.dll [30608 2020-04-28] (Solid Documents Ltd -> Solid Documents Limited)
HKLM\...\Print\Monitors\Wondershare PDF Converter Monitor: C:\WINDOWS\system32\WSPDFConverterMonitor.dll [271360 2020-06-28] (Wondershare Software) [Archivo no firmado]
HKLM\...\Print\Monitors\Wondershare PDFelement Monitor: C:\WINDOWS\system32\PEPrinterMonitor.dll [408304 2025-01-14] (Wondershare Technology Group Co.,Ltd -> Wondershare Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{28B89EEF-8107-0000-8103-CF3F3A09B77D}] -> msiexec /fus {28B89EEF-8107-0000-8103-CF3F3A09B77D}
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\135.0.7049.86\Installer\chrmstp.exe [2025-04-15] (Google LLC -> Google LLC)
Startup: C:\Users\Diego Canales\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar a OneNote.lnk [2025-03-29]
ShortcutTarget: Enviar a OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2025-03-26]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Clock.lnk [2025-02-05]
ShortcutTarget: Desktop Clock.lnk -> C:\Program Files (x86)\SSuiteExcaliburOffice\SideClock.exe (Van Loo Software (TM}) [Archivo no firmado]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Efofex MultiDocs.lnk [2025-02-06]
ShortcutTarget: Efofex MultiDocs.lnk -> C:\Program Files (x86)\Efofex\bin\FXMultiDocs.exe (Efofex Pty Ltd -> Efofex Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FxSound.lnk [2025-03-22]
ShortcutTarget: FxSound.lnk -> C:\Program Files\FxSound LLC\FxSound\FxSound.exe (FxSound, LLC -> FxSound LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PC Mac Dock.lnk [2025-02-05]
ShortcutTarget: PC Mac Dock.lnk -> C:\Program Files (x86)\SSuiteExcaliburOffice\Desktop.exe (Van Loo Software(TM)) [Archivo no firmado]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\System Monitor.lnk [2025-02-05]
ShortcutTarget: System Monitor.lnk -> C:\Program Files (x86)\SSuiteExcaliburOffice\SysMon.exe (Van Loo Software (TM)) [Archivo no firmado]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\The Journal 8.lnk [2025-02-10]
ShortcutTarget: The Journal 8.lnk -> C:\Program Files (x86)\DavidRM Software\The Journal 8\Journal8.exe (DavidRM Software) [Archivo no firmado]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2025-02-06]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (COREL CORPORATION -> WinZip Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wondershare PEScreenshot.lnk [2025-02-07]
ShortcutTarget: Wondershare PEScreenshot.lnk -> C:\Program Files\Wondershare\PDFelement11\PENotify.exe (Wondershare) [Archivo no firmado]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wondershare PEToolbox.lnk [2025-02-07]
ShortcutTarget: Wondershare PEToolbox.lnk -> C:\Program Files\Wondershare\PDFelement11\PENotify.exe (Wondershare) [Archivo no firmado]
BootExecute: autocheck autochk *  
GroupPolicy\User: Restricción ? <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) =================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {2E818D1C-84DE-4310-BB35-0CC8DFE5D06E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2025-03-21] (Adobe Inc. -> Adobe Inc.)
Task: {C89C5A1E-2393-4EFA-A5CF-A8493E635AC4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {882AC98C-0AFB-45F1-9930-67606625F9AC} - System32\Tasks\Avanquest pdfforge GmbH\PDF Architect 9\App Notification => C:\Program Files\PDF Architect 9\architect-launcher.exe [2350528 2024-11-29] (pdfforge GmbH -> Avanquest pdfforge GmbH)
Task: {D3C41613-2FD7-44E5-B6F5-6AA935DA94F4} - System32\Tasks\Avanquest pdfforge GmbH\PDF Architect 9\App Notification Logon => C:\Program Files\PDF Architect 9\architect-launcher.exe [2350528 2024-11-29] (pdfforge GmbH -> Avanquest pdfforge GmbH)
Task: {6F1173A4-9D57-40B7-8675-2D61F5C1655E} - System32\Tasks\Avanquest pdfforge GmbH\PDF Architect 9\Update => C:\Program Files\PDF Architect 9\architect.exe [3640768 2024-11-29] (pdfforge GmbH -> Avanquest pdfforge GmbH)
Task: {5D21B1C1-0981-402A-A296-4CE1BDCFBADD} - System32\Tasks\Avanquest Software\Soda PDF Desktop 14\Update => C:\Program Files\Soda PDF Desktop 14\soda.exe [3681752 2024-12-10] (Avanquest Software (7270356 Canada Inc) -> Avanquest Software)
Task: {2D46F1C7-4704-4CBD-88F2-057B265DCB90} - System32\Tasks\AVG\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [5330760 2025-04-09] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {A3D506EE-8092-4C15-A236-FEDA119E6FEF} - System32\Tasks\AVG\AVG Antivirus Patcher => C:\Program Files\Common Files\AVG\Icarus\avg-av\icarus.exe [8618824 2025-03-27] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {F0F5824F-F465-472E-9BAD-86C07BEABE61} - System32\Tasks\AVG\AVG TuneUp BugReport => C:\Program Files\AVG\TuneUp\AvBugReport.exe [6079304 2025-04-01] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) -> --send "dumps|report" --silent --product 74 --programpath "C:\Program Files\AVG\TuneUp" --configpath "C:\ProgramData\AVG\TuneUp" --path "C:\ProgramData\AVG\TuneUp\log" --path "C:\ProgramData\AVG\Icarus\Logs" --logpath "C:\ProgramData\AVG\TuneUp\log" --guid 73b8ec24-dd8f-467d-a5d9-15adfc619ac9
Task: {0C326950-D625-4BB8-991E-879522C174B6} - System32\Tasks\AVG\AVG TuneUp Update => C:\Program Files\Common Files\AVG\Icarus\avg-tu\icarus.exe [8618824 2025-03-31] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {2A12E363-9133-4304-A9AB-08B77EA093A2} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2601800 2025-03-04] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {9D4C64EB-B73D-4520-87EB-E71DAE5EC796} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-04-09] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {4A754D61-8AFA-4D7C-B07B-E5E85649A891} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [6139696 2025-04-09] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "ffb0f100-00b3-420f-b3b7-38b1f909257f" --version "6.35.0.11488" --silent
Task: {A7208C9A-F397-4DFC-AFB1-FB7BE88A4BA0} - System32\Tasks\CCleanerSkipUAC - Diego Canales => C:\Program Files\CCleaner\CCleaner.exe [39622960 2025-04-09] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {58511F76-E0B6-441E-A138-AF8A7D4BCFFB} - System32\Tasks\CleanGenius => C:\Program Files (x86)\EaseUS\EaseUS CleanGenius\bin\CleanGenius.exe [656384 2024-07-12] () [Archivo no firmado]
Task: {FE961769-9BFB-4FF2-81EF-7ACF62E26AB0} - System32\Tasks\FxSound\Update => C:\Program Files\FxSound LLC\FxSound\updater.exe [1675152 2025-03-08] (FxSound, LLC -> FxSound LLC)
Task: {47906EC9-73D1-4A25-B830-9C5C2702D607} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem137.0.7115.0{993FE926-C9BD-4AED-9467-607640C0ECEE} => C:\Program Files (x86)\Google\GoogleUpdater\137.0.7115.0\updater.exe [7360096 2025-04-08] (Google LLC -> Google LLC)
Task: {712C8838-351F-40D1-A739-245724B103A3} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2118144 2025-03-22] () [Archivo no firmado]
Task: {7B875D03-A058-4248-94AD-EC881E9A27A0} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1296002004-1646576553-2792702146-1001 => C:\Users\Diego Canales\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [88584 2024-05-17] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {3901A9C0-2BCC-43C2-8018-BF1AAEF2486C} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [129368 2024-06-27] (Lenovo -> Lenovo)
Task: {1744799E-3264-47F2-B7F7-122B9172C847} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [67424 2024-06-27] (Lenovo -> )
Task: {509FCDA4-A6C8-40C3-A392-1168A9773B26} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28609776 2025-03-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {364F19A1-6589-44F8-A289-A754D92B87DE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28609776 2025-03-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {A1C1F631-0785-44E3-B79B-CEF63C8121BB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312496 2025-04-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {BD6AC14C-596B-42B4-B95E-5EA07F09C9BA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312496 2025-04-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE277189-4BF6-4473-B579-6E451B91540A} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [187024 2025-03-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {4CB572FA-8B8A-4117-9DD1-75A0205B05FE} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4464552 2025-03-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F4ADF69-B023-487D-A0E5-D5A92C97136E} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\D7CD089E-4736-440C-BBC4-580FCE3B48A5\OS Edition Upgrade event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [504320 2025-03-26] (Microsoft Windows -> Microsoft Corporation)
Task: {DD61BAEC-30F3-4B7B-9726-D21FBB7C935A} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\D7CD089E-4736-440C-BBC4-580FCE3B48A5\Passport for Work alert created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [504320 2025-03-26] (Microsoft Windows -> Microsoft Corporation)
Task: {3145EC10-82DD-4E7C-B8ED-BEFDFC678501} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\D7CD089E-4736-440C-BBC4-580FCE3B48A5\Provisioning initiated session => C:\WINDOWS\system32\deviceenroller.exe [504320 2025-03-26] (Microsoft Windows -> Microsoft Corporation)
Task: {075815F8-2FB1-40C7-BF1D-D10207E113AE} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\D7CD089E-4736-440C-BBC4-580FCE3B48A5\PushLaunch => C:\WINDOWS\system32\deviceenroller.exe [504320 2025-03-26] (Microsoft Windows -> Microsoft Corporation)
Task: {84C0AABF-406B-4205-80DC-1936D3F1E56F} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\D7CD089E-4736-440C-BBC4-580FCE3B48A5\PushRenewal => C:\WINDOWS\system32\deviceenroller.exe [504320 2025-03-26] (Microsoft Windows -> Microsoft Corporation)
Task: {B5E9B94F-B3A8-41E2-BB26-838B94E7004C} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\D7CD089E-4736-440C-BBC4-580FCE3B48A5\Refresh schedule created by Declared Configuration to refresh any settings changed on the device => C:\WINDOWS\system32\deviceenroller.exe [504320 2025-03-26] (Microsoft Windows -> Microsoft Corporation)
Task: {368D1880-E186-4BF4-A625-2ABA50E3E363} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\D7CD089E-4736-440C-BBC4-580FCE3B48A5\Retry Schedule created for incomplete session => C:\WINDOWS\system32\deviceenroller.exe [504320 2025-03-26] (Microsoft Windows -> Microsoft Corporation)
Task: {33223CB7-B565-4488-9523-FF76331DFBA2} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\D7CD089E-4736-440C-BBC4-580FCE3B48A5\Schedule #1 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [504320 2025-03-26] (Microsoft Windows -> Microsoft Corporation)
Task: {5C92C64D-E9AD-4CE0-B7AB-CE1AADFAD174} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\D7CD089E-4736-440C-BBC4-580FCE3B48A5\Schedule #2 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [504320 2025-03-26] (Microsoft Windows -> Microsoft Corporation)
Task: {129AD475-E2CD-425C-938E-C54C3C0B418B} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\D7CD089E-4736-440C-BBC4-580FCE3B48A5\Schedule #3 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [504320 2025-03-26] (Microsoft Windows -> Microsoft Corporation)
Task: {37126BD9-00B0-440A-AE98-3EC01B90FACB} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\D7CD089E-4736-440C-BBC4-580FCE3B48A5\Schedule created by enrollment client for renewal of certificate warning => C:\WINDOWS\system32\deviceenroller.exe [504320 2025-03-26] (Microsoft Windows -> Microsoft Corporation)
Task: {02FDF7B6-87C1-4957-92B0-24FA70DCDFA9} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\D7CD089E-4736-440C-BBC4-580FCE3B48A5\Schedule to run OMADMClient by client => C:\WINDOWS\system32\omadmclient.exe [515584 2025-03-26] (Microsoft Windows -> Microsoft Corporation)
Task: {0AE8463A-6513-4748-85FF-0DBF7917C5D1} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\D7CD089E-4736-440C-BBC4-580FCE3B48A5\Schedule to run OMADMClient by server => C:\WINDOWS\system32\omadmclient.exe [515584 2025-03-26] (Microsoft Windows -> Microsoft Corporation)
Task: {BF981CD1-D4EB-4C2C-8147-F548D55A0FA5} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\D7CD089E-4736-440C-BBC4-580FCE3B48A5\Win10 S Mode event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [504320 2025-03-26] (Microsoft Windows -> Microsoft Corporation)
Task: {DDCF3F92-8FEB-495D-92D3-A57A8409C945} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\D7CD089E-4736-440C-BBC4-580FCE3B48A5\Wsc Startup event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [504320 2025-03-26] (Microsoft Windows -> Microsoft Corporation)
Task: {0C975C89-99D0-437A-AD67-4A8626DF1359} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\SessionRetry\D7CD089E-4736-440C-BBC4-580FCE3B48A5\Retry Schedule created for incomplete session {862BBF62-A6E3-3A2A-9CE7-63CE2EB9D65E} => C:\WINDOWS\system32\deviceenroller.exe [504320 2025-03-26] (Microsoft Windows -> Microsoft Corporation)
Task: {0DA63693-1162-407B-AFDF-9FF9021862D4} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\SessionRetry\D7CD089E-4736-440C-BBC4-580FCE3B48A5\Retry Schedule created for incomplete session {938A1A92-FE73-4997-B645-C09573D57D3B} => C:\WINDOWS\system32\deviceenroller.exe [504320 2025-03-26] (Microsoft Windows -> Microsoft Corporation)
Task: {22800945-7093-47A7-A66B-DAB93A5DFCBC} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\SessionRetry\D7CD089E-4736-440C-BBC4-580FCE3B48A5\Retry Schedule created for incomplete session {DC8C94D2-6AA1-4171-8F19-1A61A34C1962} => C:\WINDOWS\system32\deviceenroller.exe [504320 2025-03-26] (Microsoft Windows -> Microsoft Corporation)
Task: {3B60FC9E-B7C1-433E-88F4-A57DE23D8914} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-1296002004-1646576553-2792702146-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [695360 2025-04-07] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (la entrada de datos tiene 6 más caracteres).
Task: {6211B3EF-1E6C-4CBE-AFF6-5DABC97D256B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-04-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {1871C125-FA0F-4510-ABE7-ABD9E07AF72A} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223808 2025-04-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {C8F3B6CC-A85B-46EA-9E7A-B1B4D18E1488} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1296002004-1646576553-2792702146-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223808 2025-04-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {AF0B4EB1-3F5A-4822-BB1F-03774E05038B} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1296002004-1646576553-2792702146-1003 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223808 2025-04-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {B76CA12B-AF28-4CEC-B975-E9995DCAFE17} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1296002004-1646576553-2792702146-1005 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223808 2025-04-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {05C1B40B-C21D-4653-BA71-29259088F437} - System32\Tasks\OneDrive Startup Task-S-1-5-21-1296002004-1646576553-2792702146-1001 => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\OneDriveLauncher.exe [674624 2025-04-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {C03815EF-F39D-48CF-B57A-57C1F2275CED} - System32\Tasks\Opera scheduled assistant Autoupdate 1738713073 => C:\Users\Diego Canales\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5647768 2025-04-02] (Opera Norway AS -> Opera Software) -> --scheduledtask --productiscomponent --bypasslauncher --installdir="C:\Users\Diego Canales\AppData\Local\Programs\Opera\assistant" --producttype=assistant $(Arg0)
Task: {28DD27A3-500E-4962-972C-CDB887CFBC1C} - System32\Tasks\Opera scheduled Autoupdate 1738713065 => C:\Users\Diego Canales\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5647768 2025-04-02] (Opera Norway AS -> Opera Software)
Task: {4C4A4EFF-FD0F-42A0-BAF4-8B486EE24E8A} - System32\Tasks\PowerToys\Autorun for Diego Canales => C:\Users\Diego Canales\AppData\Local\PowerToys\PowerToys.exe [1249864 2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {630F532C-521A-4233-ABD7-390D2F0EA175} - System32\Tasks\Wise Care 365.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe [8397208 2024-12-11] (Lespeed Technology Co., Ltd -> WiseCleaner.com) -> C:\Program Files (x86)\Wise\Wise Care 365\-StartTray
Task: {C62CAFA0-82D9-4970-8335-5773105AC082} - System32\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [9164184 2024-08-28] (Lespeed Technology Co., Ltd -> wisecleaner.com)
Task: {BD26FDF8-482C-4B48-BF74-E68B1A3B08CF} - System32\Tasks\WpsExternal_Diego Canales_20250415183154 => C:\Users\Diego Canales\AppData\Local\Kingsoft\WPS Office\12.2.0.20795\office6\wpscloudsvr.exe [945536 2025-04-15] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) -> /wpscloudlaunch /run_plugin /plugin_name=ktaskschdtool /plugin_entry=ktaskschdtool.dll /task=wpsexternal /launchtask /ver=1.0 /start_from=task_external
Task: {3530D221-A9FB-4EE2-8E40-7F799FC8DAD7} - System32\Tasks\WpsUpdateTask_Diego Canales => C:\Users\Diego Canales\AppData\Local\Kingsoft\WPS Office\12.2.0.20795\office6\wpsupdate.exe [1709440 2025-04-15] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {ED834C25-5BD0-49CA-BB47-23BD05405CA0} - System32\Tasks\ZoomUpdateTaskUser-S-1-5-21-1296002004-1646576553-2792702146-1001 => C:\Users\Diego Canales\AppData\Roaming\Zoom\bin\Zoom.exe [436024 2025-04-10] (Zoom Video Communications, Inc. -> Zoom Communications, Inc.)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 200.28.4.130 200.28.4.129
Tcpip\..\Interfaces\{2300e2fc-b488-40ae-9c8c-64b6091664cd}: [DhcpNameServer] 200.28.4.130 200.28.4.129
Tcpip\..\Interfaces\{32fd6fa6-adb5-413d-90b4-2bf55f7b6e87}: [DhcpNameServer] 200.28.4.130 200.28.4.129
Tcpip\..\Interfaces\{32fd6fa6-adb5-413d-90b4-2bf55f7b6e87}\6456E696875303: [DhcpNameServer] 200.28.4.130 200.28.4.129
Tcpip\..\Interfaces\{32fd6fa6-adb5-413d-90b4-2bf55f7b6e87}\7596649602553454E4: [DhcpNameServer] 172.20.60.212 172.20.8.80
Tcpip\..\Interfaces\{32fd6fa6-adb5-413d-90b4-2bf55f7b6e87}\7596649602553454E4: [DhcpDomain] ucentral.cl
Tcpip\..\Interfaces\{32fd6fa6-adb5-413d-90b4-2bf55f7b6e87}\75966696F5553656E6472716C6: [DhcpNameServer] 172.20.60.212 172.20.8.80
Tcpip\..\Interfaces\{32fd6fa6-adb5-413d-90b4-2bf55f7b6e87}\75966696F5553656E6472716C6: [DhcpDomain] ucentral.cl

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Diego Canales\AppData\Local\Microsoft\Edge\User Data\Default [2025-04-18]
Edge Extension: (YouTube™ Enhancer Plus) - C:\Users\Diego Canales\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojcplklhdbhcndefcidaipkccnnagod [2025-03-16]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Random User-Agent (Switcher)) - C:\Users\Diego Canales\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\einpaelgookohagofgnnkcfjbkkgepnp [2025-03-16]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Documentos de Google sin conexión) - C:\Users\Diego Canales\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-04-03]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\Diego Canales\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2025-04-16]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (Cisco Webex Extension) - C:\Users\Diego Canales\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ikdddppdhmjcdfgilpnbkdeggoiicjgo [2025-03-16]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (MEGA) - C:\Users\Diego Canales\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jemjknhgpjaacbghpdhgchbgccbpkkgf [2025-04-12]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (HP Network Check Launcher) - C:\Users\Diego Canales\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2025-03-16]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Edge relevant text changes) - C:\Users\Diego Canales\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-03-15]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (Ace Script) - C:\Users\Diego Canales\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2025-03-16]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (AdBlock — block ads across the web) - C:\Users\Diego Canales\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2025-04-16]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (Reverso - Traducción, diccionario) - C:\Users\Diego Canales\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\onhiacboedfinnofagfgoaanfedhmfab [2025-04-10]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Avast SafePrice) - C:\Users\Diego Canales\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\phhhmbgggfifgikoihlakngnngdehhfe [2025-03-16]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx

FireFox:
========
FF DefaultProfile: nthv27pq.default
FF ProfilePath: C:\Users\Diego Canales\AppData\Roaming\SWP\Profiles\tgqf8t9w.default [2025-02-06]
FF Extension: (DOM Inspector) - C:\Program Files (x86)\MacKichan\SWP\extensions\[email protected] [2025-02-06] [Heredado] [no firmado]
FF Extension: (JavaScript Debugger) - C:\Program Files (x86)\MacKichan\SWP\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8} [2025-02-06] [Heredado] [no firmado]
FF ProfilePath: C:\Users\Diego Canales\AppData\Roaming\SW\Profiles\1offh7wt.default [2025-02-06]
FF Extension: (DOM Inspector) - C:\Program Files (x86)\MacKichan\SW\extensions\[email protected] [2025-02-06] [Heredado] [no firmado]
FF Extension: (JavaScript Debugger) - C:\Program Files (x86)\MacKichan\SW\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8} [2025-02-06] [Heredado] [no firmado]
FF ProfilePath: C:\Users\Diego Canales\AppData\Roaming\SNB\Profiles\3avcyk1l.default [2025-02-06]
FF Extension: (DOM Inspector) - C:\Program Files (x86)\MacKichan\SNB\extensions\[email protected] [2025-02-06] [Heredado] [no firmado]
FF Extension: (JavaScript Debugger) - C:\Program Files (x86)\MacKichan\SNB\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8} [2025-02-06] [Heredado] [no firmado]
FF ProfilePath: C:\Users\Diego Canales\AppData\Roaming\Mozilla\Firefox\Profiles\nthv27pq.default [2025-02-14]
FF ProfilePath: C:\Users\Diego Canales\AppData\Roaming\Mozilla\Firefox\Profiles\y98za4w3.default-release [2025-04-17]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-02]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi [2024-11-21] [Heredado]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\[email protected]
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\[email protected] [2024-11-21]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\PDF Architect 9\creator\plugins\FirefoxAddin\[email protected]
FF Extension: (PDF Architect 8 Creator) - C:\Program Files\PDF Architect 9\creator\plugins\FirefoxAddin\[email protected] [2024-11-29]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Soda PDF Desktop 14\creator\plugins\FirefoxAddin\[email protected]
FF Extension: (Soda PDF Desktop 12 Creator) - C:\Program Files\Soda PDF Desktop 14\creator\plugins\FirefoxAddin\[email protected] [2024-12-10]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Nuance\Nuance Power PDF\bin\SFirefoxExtn
FF Extension: (Nuance PDF Create) - C:\Program Files (x86)\Nuance\Nuance Power PDF\bin\SFirefoxExtn [2025-02-07] [Heredado]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\PDF Suite 2021\creator\plugins\FirefoxAddin\[email protected]
FF Extension: (PDF Suite 2020 Creator) - C:\Program Files\PDF Suite 2021\creator\plugins\FirefoxAddin\[email protected] [2023-02-22]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\PDF Architect 9\creator\plugins\FirefoxAddin\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Soda PDF Desktop 14\creator\plugins\FirefoxAddin\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Nuance\Nuance Power PDF\bin\SFirefoxExtn
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\PDF Suite 2021\creator\plugins\FirefoxAddin\[email protected]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-03-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2025-02-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2025-02-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2025-02-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-03-13] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: PDF Suite 2021 -> C:\Program Files\PDF Suite 2021\np-previewer.dll [2023-02-22] (Avanquest Software (7270356 Canada Inc) -> Interactive Brands Malta Limited)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [2025-01-09] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [2025-01-09] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [2025-01-09] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [2025-01-09] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-12-05] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-12-05] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-12-05] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-12-05] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.441.2 -> C:\Program Files (x86)\Java\jre1.8.0_441\bin\dtplugin\npDeployJava1.dll [2024-12-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.441.2 -> C:\Program Files (x86)\Java\jre1.8.0_441\bin\plugin2\npjp2.dll [2024-12-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2025-03-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-03-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-10] (Nero AG -> Nero AG)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2025-02-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2025-02-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2025-02-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin-x32: PDF Suite 2021 -> C:\Program Files (x86)\PDF Suite 2021\np-previewer.dll [2023-02-22] (Avanquest Software (7270356 Canada Inc) -> Interactive Brands Malta Limited)
FF Plugin HKU\S-1-5-21-1296002004-1646576553-2792702146-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2025-02-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin HKU\S-1-5-21-1296002004-1646576553-2792702146-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2025-02-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin HKU\S-1-5-21-1296002004-1646576553-2792702146-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2025-02-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Diego Canales\AppData\Local\Google\Chrome\User Data\Default [2025-04-18]
CHR Extension: (MEGA) - C:\Users\Diego Canales\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2025-04-15] [UpdateUrl:hxxps://mega.nz/firefox-web-extension-updates.json] <==== ATENCIÓN
CHR Extension: (YouTube™ Enhancer Plus) - C:\Users\Diego Canales\AppData\Local\Google\Chrome\User Data\Default\Extensions\bojcplklhdbhcndefcidaipkccnnagod [2025-02-04]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\Diego Canales\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2025-04-10]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Foxit PDF Creator) - C:\Users\Diego Canales\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifnddnffldieaamihfkhkdgnbhfmaci [2025-02-05]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Diego Canales\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-04-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Random User-Agent (Switcher)) - C:\Users\Diego Canales\AppData\Local\Google\Chrome\User Data\Default\Extensions\einpaelgookohagofgnnkcfjbkkgepnp [2025-02-04]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Diego Canales\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-20]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (AdBlock — block ads across the web) - C:\Users\Diego Canales\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2025-04-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Sin Nombre) - C:\Users\Diego Canales\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpaiobkfhnonedkhhfjpmhdalgeoebfa [2025-02-04]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Picture-in-Picture Extension (by Google)) - C:\Users\Diego Canales\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgfoiooedgoejojocmhlaklaeopbecg [2025-02-13]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Cisco Webex Extension) - C:\Users\Diego Canales\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2025-02-04]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Diego Canales\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-02-04]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Reverso - Traducción, diccionario) - C:\Users\Diego Canales\AppData\Local\Google\Chrome\User Data\Default\Extensions\onhiacboedfinnofagfgoaanfedhmfab [2025-04-10]hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\ChromeAddin\ChromeAddin.crx [2024-11-21]
CHR HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKU\S-1-5-21-1296002004-1646576553-2792702146-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\ChromeAddin\ChromeAddin.crx [2024-11-21]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Opera: 
=======
OPR DefaultProfile: Default

elturco · 18 Abril, 2025 03:28

Copio segunda parte del reporte FRST


==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S2 ABBYY.Licensing.FineReader.16.0; C:\Program Files\Common Files\ABBYY\FineReader\16\Licensing\NetworkLicenseServer.exe [1528968 2023-01-18] (ABBYY Development Inc. -> ABBYY Development, Inc.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2025-03-21] (Adobe Inc. -> Adobe Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [17705760 2024-07-19] (Autodesk, Inc. -> Autodesk)
S2 AdskNLM; C:\Program Files (x86)\Common Files\Autodesk Shared\Network License Manager\lmgrd.exe [1368872 2023-09-12] (Flexera Software LLC -> Flexera)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [5643072 2025-04-12] (AnyDesk Software GmbH -> AnyDesk Software GmbH)
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103776 2024-10-02] (Apple Inc. -> Apple Inc.)
S3 Autodesk Access Service Host; C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe [16030488 2024-11-21] (Autodesk, Inc. -> Autodesk, Inc.)
R2 Autodesk CER Service; C:\Program Files\Autodesk\Autodesk CER\service\cer_service.exe [34799528 2024-01-25] (Autodesk, Inc. -> )
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [844104 2025-04-09] (AVG Technologies USA, LLC -> Gen Digital Inc.)
R2 AVG Firewall; C:\Program Files\AVG\Antivirus\afwServ.exe [2551624 2025-04-09] (AVG Technologies USA, LLC -> Gen Digital Inc.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [896328 2025-04-09] (AVG Technologies USA, LLC -> Gen Digital Inc.)
S3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [7524680 2025-04-09] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVGWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2025-03-04] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S4 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft -> Alcohol Soft Development Team)
S4 AxVirtualAHCISrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe [105888 2019-06-12] (Alcohol Soft -> Alcohol Soft Development Team)
S3 becldr5Service; C:\Program Files (x86)\BCL Technologies\easyConverter SDK 5\Common\becldr.exe [259448 2019-03-13] (BCL Technologies -> BCL Technologies, Inc.)
S2 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [395024 2022-09-28] (Corel Corporation -> Corel Corporation)
R2 CleanupPSvc; C:\Program Files\AVG\TuneUp\TuneupSvc.exe [19304776 2025-04-01] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14044936 2025-03-30] (Microsoft Corporation -> Microsoft Corporation)
S4 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-04-20] (CyberLink -> CyberLink)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4940848 2025-01-31] (AVB Disc Soft, SIA -> Disc Soft Limited)
S2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2020-06-02] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [32448 2023-03-10] (CHENGDU YIWO Tech Development Co., Ltd. -> )
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncHelper.exe [3543888 2025-04-11] (Microsoft Corporation -> Microsoft Corporation)
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2019-06-20] (Firebird Project) [Archivo no firmado]
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3854336 2019-06-20] (Firebird Project) [Archivo no firmado]
S4 FoxitPhantomPDFUpdateService; C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Editor\FoxitPDFEditorUpdateService.exe [2499560 2025-01-09] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S2 FoxitReaderUpdateService; C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2500072 2024-11-25] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 GUBootService; C:\Program Files (x86)\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe [888200 2025-01-17] (Glarysoft Ltd -> Glarysoft Ltd)
S2 GUMemfilesService; C:\Program Files (x86)\Glary Utilities\x64\MemfilesService.exe [414096 2025-04-03] (Glarysoft Ltd -> Glarysoft Ltd)
S3 GUPMService; C:\Program Files (x86)\Glary Utilities\GUPMService.exe [76680 2025-04-03] (Glarysoft Ltd -> Glarysoft Ltd)
S2 IBMPMSVC; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_c861c131e09ec856\x64\ibmpmsvc.exe [1037024 2024-05-16] (Lenovo -> Lenovo)
S4 IviRegMgr; c:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [110736 2010-05-20] (Corel Corporation -> InterVideo)
S2 Lenovo Instant On; C:\WINDOWS\SysWOW64\EasyResume.exe [2352392 2024-06-27] (Lenovo -> Lenovo Group Limited)
S3 LibreOfficeMaintenance; C:\Program Files\LibreOffice\program\update_service.exe [123304 2025-03-22] (The Document Foundation -> The Document Foundation)
S2 LPlatSvc; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_c861c131e09ec856\x64\LPlatSvc.exe [916192 2024-05-16] (Lenovo -> Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9407072 2025-04-05] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-04-05] (Malwarebytes Inc. -> Malwarebytes)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpDefenderCoreService.exe [1926976 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 Media Center 33 Service; C:\Program Files\J River\Media Center 33\JRService.exe [457224 2025-01-30] (Jriver, Inc -> JRiver, Inc.)
S2 NativePushService; C:\Users\Diego Canales\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [564104 2024-12-19] (Wondershare Technology Group Co.,Ltd -> Wondershare)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.051.0317.0003\OneDriveUpdaterService.exe [3891536 2025-04-11] (Microsoft Corporation -> Microsoft Corporation)
S4 ONLYOFFICE Update Service; C:\Program Files\ONLYOFFICE\DesktopEditors\updatesvc.exe [682192 2024-11-28] (Ascensio System SIA -> Ascensio System SIA)
S4 PDF Architect 9; C:\Program Files\PDF Architect 9\activation-service.exe [3407296 2024-11-29] (pdfforge GmbH -> Avanquest pdfforge GmbH)
S4 PDF Architect 9 Creator; C:\Program Files\PDF Architect 9\creator-ws.exe [509376 2024-11-29] (pdfforge GmbH -> Avanquest pdfforge GmbH)
S4 PDF Architect 9 Update Service; C:\Program Files\PDF Architect 9\update-service.exe [415680 2024-11-29] (pdfforge GmbH -> Avanquest pdfforge GmbH)
S3 PDF Suite 2021; C:\Program Files\PDF Suite 2021\ws.exe [2008576 2023-02-22] (Avanquest Software (7270356 Canada Inc) -> Interactive Brands Malta Limited)
S3 PDF Suite 2021 Creator; C:\Program Files\PDF Suite 2021\creator\common\creator-ws.exe [570368 2023-02-22] (Avanquest Software (7270356 Canada Inc) -> Interactive Brands Malta Limited)
S4 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort14\PDFProFiltSrvPP.exe [77312 2016-08-16] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
S2 PPN22 Data Cache Service; C:\Program Files (x86)\PROMT Professional NMT 22\DCS\Promt.DCSHost.exe [42960 2021-04-09] (PROMT LLC -> )
S2 PPN22 Database Service; C:\Program Files (x86)\PROMT Professional NMT 22\DBS\Promt.DbServer15.exe [20528 2019-06-27] (PROMT LLC -> )
S2 PrivacyPService; C:\Program Files (x86)\GiliSoft\Privacy Protector\PPService.exe [103696 2018-08-30] (SiChuan HengYiDa XinXiJiShu YouXianGongSi -> )
S2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-07-02] (CyberLink -> ) [Archivo no firmado]
S4 RoxMediaDB15; C:\Program Files (x86)\Roxio Creator NXT Pro 9\Common\RoxMediaDB15.exe [1163320 2022-09-28] (Corel Corporation -> Corel Corporation)
S4 RoxWatch15; C:\Program Files (x86)\Roxio Creator NXT Pro 9\Common\RoxWatch15.exe [300600 2022-09-28] (Corel Corporation -> Corel Corporation)
S2 sadmind; C:\SdlSrv51\service\sadmind.exe [53760 1999-02-22] () [Archivo no firmado]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559304 2025-03-26] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 shttpd; C:\SdlSrv51\service\shttpd.exe [23040 1999-02-22] () [Archivo no firmado]
S4 Soda PDF Desktop 14; C:\Program Files\Soda PDF Desktop 14\activation-service.exe [3295704 2024-12-10] (Avanquest Software (7270356 Canada Inc) -> Avanquest Software)
S4 Soda PDF Desktop 14 Creator; C:\Program Files\Soda PDF Desktop 14\creator-ws.exe [393176 2024-12-10] (Avanquest Software (7270356 Canada Inc) -> Avanquest Software)
S4 Soda PDF Desktop 14 Update Service; C:\Program Files\Soda PDF Desktop 14\update-service.exe [298968 2024-12-10] (Avanquest Software (7270356 Canada Inc) -> Avanquest Software)
S2 SPDFCreatorReadSpool; C:\Program Files (x86)\SolidDocuments\SolidPDFCreator\SPC\SolidPdfServicex64.exe [262544 2020-04-28] (Solid Documents Ltd -> Solid Documents Limited)
S2 sschdled; C:\SdlSrv51\service\sschdled.exe [23040 1999-02-22] () [Archivo no firmado]
S2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [Archivo no firmado]
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234824 2025-02-17] (soft Xpansion GmbH & Co.KG -> soft Xpansion)
S2 TechSmithAgent; C:\Program Files\Common Files\TechSmith Shared\TechSmith Agent\TechSmithAgent.exe [324968 2025-02-10] (TechSmith Corporation -> TechSmith Corporation)
S4 TeraCopyService.exe; C:\Program Files\TeraCopy\TeraCopyService.exe [317664 2023-06-29] (CODE SECTOR PTY LTD -> )
S2 VMAuthdService; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [77168 2024-11-28] (Broadcom Inc -> VMware, Inc.)
S2 VMnetDHCP; C:\WINDOWS\SysWOW64\vmnetdhcp.exe [373112 2024-11-28] (Broadcom Inc -> VMware, Inc.)
R2 VMUSBArbService; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [1009112 2024-07-19] (Broadcom Inc -> VMware, Inc.)
R2 VMware NAT Service; C:\WINDOWS\SysWOW64\vmnat.exe [420208 2024-11-28] (Broadcom Inc -> VMware, Inc.)
S3 VmwareAutostartService; C:\Program Files (x86)\VMware\VMware Workstation\vmware-autostart.exe [64888 2024-11-28] (Broadcom Inc -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\NisSrv.exe [4352456 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MsMpEng.exe [270056 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [651216 2023-09-11] (Lespeed Technology Co., Ltd -> WiseCleaner.com)
S3 wpscloudsvr; C:\Program Files (x86)\Kingsoft\office6\wpscloudsvr.exe [936832 2025-02-06] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
S3 WsDrvInst; C:\Program Files (x86)\iMusic\iMusic\DriverInstall.exe [107720 2019-08-22] (WONBO TECHNOLOGY Co.,LIMITED -> Wondershare)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [248376 2025-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [393272 2025-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [296528 2025-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [84560 2025-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [28280 2025-03-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [37944 2025-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [282680 2025-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [553528 2025-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [98872 2025-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [69688 2025-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [942672 2025-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [1427512 2025-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [207440 2025-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [391760 2025-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 clwvd10; C:\WINDOWS\System32\drivers\clwvd10.sys [47624 2024-11-06] (CyberLink Corp. -> CyberLink Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2025-02-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2025-02-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 dvdfabio; C:\WINDOWS\system32\drivers\dvdfabio.sys [12704 2022-02-25] (Fengtao Software Inc. -> DVDFab Software)
R1 DVDHelp; C:\WINDOWS\System32\drivers\DVDHelp.sys [28696 2025-02-15] (Pepstyle International Limited -> )
R3 ecmntdrv; C:\WINDOWS\system32\ecmntdrv.sys [36280 2023-02-17] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R0 FileLock; C:\WINDOWS\System32\drivers\FileLock.sys [61600 2025-02-15] (Shaanxi Hundred Mile Electroic Technology Co., Ltd -> Shaanxi Hundred Mile Electroic Technology Co., Ltd)
R3 FXVAD; C:\WINDOWS\system32\drivers\fxvad.sys [326656 2024-12-24] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 GSVDRIVE; C:\WINDOWS\system32\DRIVERS\GSVDRIVE.sys [28568 2025-02-15] (Pepstyle International Limited -> GiliSoft International LLC.) [Archivo no firmado]
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [23232 2025-03-18] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd)
R2 hcmon; C:\WINDOWS\system32\DRIVERS\hcmon.sys [72144 2024-07-19] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.)
R3 IBMPMDRV; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_c861c131e09ec856\x64\ibmpmdrv.sys [56648 2024-05-16] (Lenovo -> Lenovo)
S3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [278944 2025-03-06] (Microsoft Windows -> Microsoft Corporation)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234072 2025-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-04-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2025-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 NewAudioTechnologySpatialSoundCard; C:\WINDOWS\System32\drivers\vacnatkd.sys [114008 2020-06-15] (New Audio Technology GmbH -> NEW AUDIO TECHNOLOGY)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2024-03-21] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R1 PMDRVS; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_c861c131e09ec856\x64\pmdrvs.sys [42320 2024-05-16] (Lenovo -> Lenovo)
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [73464 2021-03-08] (Corel Corporation -> Corel Corporation)
S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
R0 Sahdad64; C:\WINDOWS\System32\Drivers\Sahdad64.sys [46392 2022-09-28] (Corel Corporation -> Corel Corporation)
R0 Saibad64; C:\WINDOWS\System32\Drivers\Saibad64.sys [38200 2022-09-28] (Corel Corporation -> Corel Corporation)
R1 SaibVdAd64; C:\WINDOWS\System32\Drivers\SaibVdAd64.sys [45880 2022-09-28] (Corel Corporation -> Corel Corporation)
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [207344 2025-02-06] (Disc Soft Ltd -> Duplex Secure Ltd)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 stdriver; C:\WINDOWS\system32\DRIVERS\stdriverx64.sys [54664 2025-02-08] (NCH Software Pty Ltd -> )
R2 UI5IFS; C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 15\IFS64.sys [40400 2020-10-28] (Ashampoo GmbH & Co. KG -> )
R3 vdrive; C:\WINDOWS\system32\DRIVERS\vdrive.sys [44960 2022-02-25] (Fengtao Software Inc. -> DVDFab Software)
R0 vmci; C:\WINDOWS\System32\drivers\vmci.sys [106424 2024-07-17] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Inc.)
R3 VMnetAdapter; C:\WINDOWS\System32\drivers\vmnetadapter.sys [31288 2024-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Inc.)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [53704 2024-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Inc.)
R2 VMnetuserif; C:\WINDOWS\system32\DRIVERS\vmnetuserif.sys [30664 2024-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Inc.)
R2 vmx86; C:\WINDOWS\system32\DRIVERS\vmx86.sys [100920 2024-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Inc.)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [91176 2024-07-17] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [20016 2025-03-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [601520 2025-03-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100768 2025-03-06] (Microsoft Windows -> Microsoft Corporation)
R3 WsAudio_Device; C:\WINDOWS\system32\drivers\VirtualAudio.sys [48424 2018-01-19] (Wondershare Technology Co.,Ltd -> Wondershare)
U3 avgArDisk; no ImagePath

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2025-04-17 22:57 - 2025-04-17 23:12 - 000082395 _____ C:\Users\Diego Canales\Downloads\FRST.txt
2025-04-17 22:56 - 2025-04-17 23:11 - 000000000 ____D C:\FRST
2025-04-17 22:55 - 2025-04-17 22:55 - 002404864 _____ (Farbar) C:\Users\Diego Canales\Downloads\FRST64.exe
2025-04-16 22:29 - 2025-04-17 21:55 - 000000000 ____D C:\Users\Diego Canales\AppData\Local\BitTorrentHelper
2025-04-16 19:14 - 2025-04-17 22:30 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2025-04-16 16:42 - 2025-04-17 22:30 - 000002958 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2025-04-16 16:42 - 2025-04-17 22:30 - 000000670 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2025-04-16 16:32 - 2025-04-17 17:33 - 000000000 ____D C:\SecurityCheck
2025-04-16 16:24 - 2025-04-16 16:24 - 000033643 _____ C:\FMRS_2025_04_16__16_17_05.txt
2025-04-15 18:32 - 2025-04-17 22:30 - 000002676 _____ C:\WINDOWS\system32\Tasks\WpsUpdateTask_Diego Canales
2025-04-15 18:32 - 2025-04-15 18:32 - 000002502 _____ C:\Users\Diego Canales\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office.lnk
2025-04-15 18:31 - 2025-04-17 22:30 - 000003104 _____ C:\WINDOWS\system32\Tasks\WpsExternal_Diego Canales_20250415183154
2025-04-14 19:15 - 2025-04-14 19:15 - 000000000 ____D C:\inetpub
2025-04-12 23:08 - 2025-04-12 23:08 - 000000000 ___HD C:\Users\Diego Canales\WPS Cloud Files
2025-04-10 22:36 - 2025-04-10 22:36 - 000000000 ____D C:\Users\Diego Canales\AppData\Roaming\NuGet
2025-04-10 22:35 - 2025-04-10 22:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerShell
2025-04-10 22:34 - 2025-04-10 22:34 - 000000000 ____D C:\Program Files\PowerShell
2025-04-10 22:25 - 2025-04-17 21:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\PowerToys
2025-04-10 22:25 - 2025-04-10 22:25 - 000000000 ____D C:\Users\Diego Canales\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerToys (Preview)
2025-04-10 22:24 - 2025-04-10 22:24 - 000000000 ____D C:\Users\Diego Canales\AppData\Local\PowerToys
2025-04-09 21:38 - 2025-04-09 21:38 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice
2025-04-09 21:23 - 2025-04-09 21:23 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote.lnk
2025-04-09 21:23 - 2025-04-09 21:23 - 000000000 ____D C:\ProgramData\evernote-client-updater
2025-04-09 21:23 - 2025-04-09 21:23 - 000000000 ____D C:\Program Files (x86)\Evernote
2025-04-09 21:07 - 2025-04-17 22:30 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-04-09 21:07 - 2025-04-09 21:07 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk
2025-04-09 21:07 - 2025-04-09 21:07 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-04-09 21:02 - 2025-04-09 21:02 - 000000000 ____D C:\Users\Diego Canales\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2025-04-09 21:01 - 2025-04-09 21:01 - 000001302 _____ C:\Users\Diego Canales\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GIMP 3.0.2-1.lnk
2025-04-09 13:39 - 2025-04-09 13:37 - 000316232 _____ (Gen Digital Inc.) C:\WINDOWS\system32\avgBoot.exe
2025-04-08 22:07 - 2025-04-17 17:39 - 000000000 ____D C:\Users\Diego Canales\AppData\Roaming\Kodi
2025-04-08 22:03 - 2025-04-08 22:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi
2025-04-08 22:03 - 2025-04-08 22:03 - 000000000 ____D C:\Program Files\Kodi
2025-04-08 17:04 - 2025-04-08 17:04 - 000000000 ___HD C:\$WinREAgent
2025-04-05 19:55 - 2025-04-17 23:04 - 000000000 ____D C:\Users\Diego Canales\AppData\Local\Malwarebytes
2025-04-05 19:55 - 2025-04-05 19:55 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-04-05 19:55 - 2025-04-05 19:55 - 000002081 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2025-04-05 19:52 - 2025-04-05 19:52 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-04-05 19:52 - 2025-04-05 19:52 - 000000000 ____D C:\Program Files\Malwarebytes
2025-04-05 13:48 - 2025-04-17 22:30 - 000002582 _____ C:\WINDOWS\system32\Tasks\CleanGenius
2025-04-04 22:28 - 2025-04-04 22:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProgDVB
2025-04-04 17:47 - 2025-04-17 22:30 - 000003070 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1296002004-1646576553-2792702146-1003
2025-04-04 00:50 - 2025-04-04 00:50 - 000000218 _____ C:\Users\Diego Canales\AppData\Local\recently-used.xbel
2025-04-03 20:46 - 2025-04-03 20:46 - 000000000 ____D C:\Users\Diego Canales\AppData\Local\gtk-3.0
2025-04-03 20:42 - 2025-04-03 20:42 - 000000000 ____D C:\Users\Diego Canales\AppData\Roaming\GIMP
2025-04-03 20:42 - 2025-04-03 20:42 - 000000000 ____D C:\Users\Diego Canales\AppData\Local\GIMP
2025-04-03 20:42 - 2025-04-03 20:42 - 000000000 ____D C:\Users\Diego Canales\.dbus-keyrings
2025-04-03 20:41 - 2025-04-03 20:41 - 000000000 ____D C:\Users\Diego Canales\AppData\Local\gegl-0.4
2025-04-03 20:41 - 2025-04-03 20:41 - 000000000 ____D C:\Users\Diego Canales\AppData\Local\fontconfig
2025-04-03 20:41 - 2025-04-03 20:41 - 000000000 ____D C:\Users\Diego Canales\AppData\Local\babl-0.1
2025-04-03 16:30 - 2025-04-17 16:32 - 000000000 ____D C:\Users\Diego Canales\Documents\Patrimonio Cultural y Legislación
2025-04-02 16:39 - 2025-04-02 13:49 - 006835692 _____ C:\Users\Diego Canales\Documents\Protocolo Pretítulo y título.pdf
2025-04-01 17:55 - 2025-04-15 17:55 - 000000000 ____D C:\Users\Diego Canales\Documents\Introducción al Desafío de la Sostenibilidad
2025-04-01 17:31 - 2025-04-01 17:38 - 000691076 _____ C:\Users\Diego Canales\Documents\Programa Curso Sello.pdf
2025-04-01 17:22 - 2025-04-01 17:23 - 000736440 _____ C:\Users\Diego Canales\Documents\Syllabus Curso Sello.pdf
2025-04-01 17:11 - 2025-04-01 17:11 - 014744035 _____ C:\Users\Diego Canales\Documents\El concepto España en el Medioevo (MARAVALL).pdf
2025-03-30 12:52 - 2025-03-30 12:52 - 000000000 ____D C:\Program Files\Common Files\minitab shared
2025-03-30 12:51 - 2025-03-30 12:51 - 000001143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minitab Statistical Software 22.lnk
2025-03-30 12:51 - 2025-03-30 12:51 - 000000000 ____D C:\Program Files\Minitab
2025-03-30 12:23 - 2025-04-17 22:29 - 000000000 ____D C:\Users\Diego Canales\AppData\Roaming\uTorrent Web
2025-03-30 12:23 - 2025-03-30 12:23 - 000001905 _____ C:\Users\Diego Canales\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk
2025-03-29 21:01 - 2025-03-29 21:01 - 000000000 ____D C:\Users\Gato\AppData\Roaming\Wondershare
2025-03-29 21:00 - 2025-04-17 22:30 - 000003070 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1296002004-1646576553-2792702146-1005
2025-03-29 21:00 - 2025-03-29 21:01 - 000000000 ____D C:\Users\Gato\AppData\Roaming\Microsoft\Word
2025-03-29 21:00 - 2025-03-29 21:00 - 000000000 ____D C:\Users\Gato\AppData\Roaming\WordRake Holdings
2025-03-29 21:00 - 2025-03-29 21:00 - 000000000 ____D C:\Users\Gato\AppData\Roaming\Nuance
2025-03-29 21:00 - 2025-03-29 21:00 - 000000000 ____D C:\Users\Gato\AppData\Roaming\Nitro
2025-03-29 21:00 - 2025-03-29 21:00 - 000000000 ____D C:\Users\Gato\AppData\Roaming\Microsoft\UProof
2025-03-29 21:00 - 2025-03-29 21:00 - 000000000 ____D C:\Users\Gato\AppData\Roaming\Microsoft\Proof
2025-03-29 21:00 - 2025-03-29 21:00 - 000000000 ____D C:\Users\Gato\AppData\Roaming\Microsoft\Office
2025-03-29 21:00 - 2025-03-29 21:00 - 000000000 ____D C:\Users\Gato\AppData\Roaming\Microsoft\AddIns
2025-03-29 21:00 - 2025-03-29 21:00 - 000000000 ____D C:\Users\Gato\AppData\Roaming\FxSound
2025-03-29 21:00 - 2025-03-29 21:00 - 000000000 ____D C:\Users\Gato\AppData\Roaming\Foxit Software
2025-03-29 21:00 - 2025-03-29 21:00 - 000000000 ____D C:\Users\Gato\AppData\Roaming\AnyDesk
2025-03-29 21:00 - 2025-03-29 21:00 - 000000000 ____D C:\Users\Gato\AppData\Local\WordRake Holdings
2025-03-29 21:00 - 2025-03-29 21:00 - 000000000 ____D C:\Users\Gato\AppData\Local\Nuance
2025-03-29 21:00 - 2025-03-29 21:00 - 000000000 ____D C:\Users\Gato\AppData\Local\Deployment
2025-03-29 21:00 - 2025-03-29 21:00 - 000000000 ____D C:\Users\Gato\AppData\Local\Autodesk
2025-03-29 21:00 - 2025-03-29 21:00 - 000000000 ____D C:\Users\Gato\AppData\Local\Apps\2.0
2025-03-29 20:59 - 2025-03-29 20:59 - 000000000 ____D C:\Users\Gato\AppData\Local\Publishers
2025-03-29 20:58 - 2025-04-11 18:01 - 000000000 ____D C:\Users\Gato
2025-03-29 20:58 - 2025-03-29 20:59 - 000000000 ____D C:\Users\Gato\AppData\Local\Packages
2025-03-29 20:58 - 2025-03-29 20:59 - 000000000 ____D C:\Users\Gato\AppData\Local\Intel
2025-03-29 20:58 - 2025-03-29 20:58 - 000002413 _____ C:\Users\Gato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-03-29 20:58 - 2025-03-29 20:58 - 000002354 _____ C:\Users\Gato\Desktop\Microsoft Edge.lnk
2025-03-29 20:58 - 2025-03-29 20:58 - 000002339 _____ C:\Users\Gato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-03-29 20:58 - 2025-03-29 20:58 - 000002280 _____ C:\Users\Gato\Desktop\Google Chrome.lnk
2025-03-29 20:58 - 2025-03-29 20:58 - 000000020 ___SH C:\Users\Gato\ntuser.ini
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 _SHDL C:\Users\Gato\Reciente
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 _SHDL C:\Users\Gato\Plantillas
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 _SHDL C:\Users\Gato\Mis documentos
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 _SHDL C:\Users\Gato\Menú Inicio
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 _SHDL C:\Users\Gato\Impresoras
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 _SHDL C:\Users\Gato\Entorno de red
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 _SHDL C:\Users\Gato\Documents\Mis vídeos
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 _SHDL C:\Users\Gato\Documents\Mis imágenes
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 _SHDL C:\Users\Gato\Documents\Mi música
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 _SHDL C:\Users\Gato\Datos de programa
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 _SHDL C:\Users\Gato\Configuración local
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 _SHDL C:\Users\Gato\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 _SHDL C:\Users\Gato\AppData\Local\Historial
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 _SHDL C:\Users\Gato\AppData\Local\Datos de programa
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 _SHDL C:\Users\Gato\AppData\Local\Archivos temporales de Internet
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 __SHD C:\Users\Gato\IntelGraphicsProfiles
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 ___SD C:\Users\Gato\AppData\Roaming\Microsoft\SystemCertificates
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 ___SD C:\Users\Gato\AppData\Roaming\Microsoft\Protect
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 ___SD C:\Users\Gato\AppData\Roaming\Microsoft\Crypto
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 ___SD C:\Users\Gato\AppData\Roaming\Microsoft\Credentials
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 ___RD C:\Users\Gato\3D Objects
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 ____D C:\Users\Gato\Documents\Inventor
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 ____D C:\Users\Gato\AppData\Roaming\Microsoft\Windows
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 ____D C:\Users\Gato\AppData\Roaming\Microsoft\Vault
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 ____D C:\Users\Gato\AppData\Roaming\GlarySoft
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 ____D C:\Users\Gato\AppData\Roaming\Adobe
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 ____D C:\Users\Gato\AppData\LocalLow\Intel
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 ____D C:\Users\Gato\AppData\Local\VirtualStore
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 ____D C:\Users\Gato\AppData\Local\Lenovo
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 ____D C:\Users\Gato\AppData\Local\Google
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 ____D C:\Users\Gato\AppData\Local\D3DSCache
2025-03-29 20:58 - 2025-03-29 20:58 - 000000000 ____D C:\Users\Gato\AppData\Local\ConnectedDevicesPlatform
2025-03-29 20:58 - 2025-02-05 08:33 - 000000000 ___RD C:\Users\Gato\OneDrive
2025-03-29 20:58 - 2025-02-04 22:12 - 000000000 ____D C:\Users\Gato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
2025-03-29 20:58 - 2025-02-04 22:07 - 000002167 _____ C:\Users\Gato\Desktop\LG Burning Tool.lnk
2025-03-29 20:58 - 2025-02-04 20:28 - 000000000 ____D C:\Users\Gato\AppData\Roaming\Microsoft\Network
2025-03-29 12:11 - 2025-03-29 12:11 - 000172133 _____ C:\Users\Diego Canales\Documents\Pago Diplomado Archivística 2025.pdf
2025-03-28 19:34 - 2025-03-28 19:34 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-03-28 19:31 - 2025-03-28 19:31 - 000002538 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Empresarial.lnk
2025-03-28 19:31 - 2025-03-28 19:31 - 000002497 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project.lnk
2025-03-28 19:31 - 2025-03-28 19:31 - 000002489 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2025-03-28 19:31 - 2025-03-28 19:31 - 000002470 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2025-03-28 19:31 - 2025-03-28 19:31 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio.lnk
2025-03-28 19:31 - 2025-03-28 19:31 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2025-03-28 19:31 - 2025-03-28 19:31 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2025-03-28 19:31 - 2025-03-28 19:31 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook (classic).lnk
2025-03-28 19:31 - 2025-03-28 19:31 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2025-03-28 19:31 - 2025-03-28 19:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office
2025-03-28 19:29 - 2025-04-14 19:16 - 000000000 ____D C:\Program Files\Microsoft Office
2025-03-28 19:29 - 2025-03-28 19:29 - 000000000 ____D C:\Program Files\Microsoft Office 15
2025-03-28 13:52 - 2025-04-17 22:30 - 000002716 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-03-28 13:50 - 2025-04-17 22:30 - 000003100 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-1296002004-1646576553-2792702146-1001
2025-03-28 11:20 - 2025-03-28 11:20 - 000000000 __SHD C:\ProgramData\tl
2025-03-28 11:20 - 2025-03-28 11:20 - 000000000 ____D C:\Users\Diego Canales\AppData\Local\mbamtray
2025-03-28 11:19 - 2025-03-28 11:19 - 000000000 ____D C:\Program Files (x86)\7-Zip
2025-03-26 18:00 - 2025-04-17 22:30 - 000002270 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Diego Canales
2025-03-26 16:44 - 2025-03-26 16:44 - 000000000 ____D C:\Users\Diego Canales\AppData\Roaming\Microsoft\Publisher
2025-03-26 10:26 - 2025-03-26 10:26 - 000000000 ____D C:\Office 2021
2025-03-26 01:04 - 2025-04-17 22:30 - 000003232 _____ C:\WINDOWS\system32\Tasks\Wise Turbo Checker.job
2025-03-26 01:04 - 2025-04-17 22:30 - 000003068 _____ C:\WINDOWS\system32\Tasks\Wise Care 365.job
2025-03-25 22:45 - 2025-04-10 13:49 - 000003446 _____ C:\WINDOWS\system32\Tasks\ZoomUpdateTaskUser-S-1-5-21-1296002004-1646576553-2792702146-1001
2025-03-25 22:44 - 2025-04-17 22:30 - 000003024 _____ C:\WINDOWS\system32\Tasks\klcp_update
2025-03-25 22:40 - 2025-04-02 00:23 - 000004070 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1738713073
2025-03-25 22:40 - 2025-04-02 00:23 - 000003780 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1738713065
2025-03-25 22:02 - 2025-04-17 22:30 - 000003712 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{38496002-5393-45DB-A2D3-83A5DC85E41D}
2025-03-25 22:02 - 2025-04-17 22:30 - 000003488 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{318BC129-1983-4AC1-95C2-4DA7BFD25354}
2025-03-25 22:01 - 2025-04-17 22:30 - 000003070 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1296002004-1646576553-2792702146-1001
2025-03-25 21:38 - 2025-03-25 21:38 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2025-03-25 21:10 - 2025-03-25 21:10 - 000000000 ____D C:\WINDOWS\pss
2025-03-25 21:03 - 2025-04-17 22:56 - 000000000 ____D C:\ProgramData\AnyDesk
2025-03-25 21:03 - 2025-04-11 20:59 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2025-03-25 21:03 - 2025-03-25 21:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyDesk
2025-03-25 20:58 - 2025-04-17 22:56 - 000000000 ____D C:\Users\Diego Canales\AppData\Roaming\AnyDesk
2025-03-25 17:32 - 2025-04-11 00:38 - 000000000 ____D C:\Users\Diego Canales\Documents\PowerShell
2025-03-25 17:32 - 2025-03-25 17:32 - 000000000 ____D C:\Users\Diego Canales\AppData\Local\ToastNotificationManagerCompat
2025-03-25 15:54 - 2025-04-05 20:46 - 000000000 ____D C:\Users\Diego Canales\AppData\LocalLow\IGDump
2025-03-25 15:53 - 2025-03-25 15:53 - 000000000 ____D C:\Users\Diego Canales\AppData\Local\mbam
2025-03-25 14:05 - 2025-03-25 14:07 - 000000000 ____D C:\AdwCleaner
2025-03-24 22:26 - 2025-03-24 22:26 - 000000000 ____D C:\Users\Diego Canales\AppData\Roaming\Moises
2025-03-24 22:25 - 2025-03-24 22:25 - 000002401 _____ C:\Users\Diego Canales\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Moises.lnk
2025-03-24 22:25 - 2025-03-24 22:25 - 000000000 ____D C:\Users\Diego Canales\AppData\Local\moises-desktop-updater
2025-03-24 12:16 - 2025-04-15 17:42 - 000000000 ____D C:\Users\Diego Canales\AppData\Local\Power-user
2025-03-22 22:27 - 2025-03-22 22:27 - 000001629 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoSolo Screen Recorder.lnk
2025-03-22 22:19 - 2025-03-22 22:19 - 000000000 ____D C:\Users\Public\Documents\Blackmagic Design
2025-03-22 22:19 - 2025-03-22 22:19 - 000000000 ____D C:\Users\Diego Canales\Documents\Blackmagic Design
2025-03-22 22:18 - 2025-03-22 22:18 - 000000000 ____D C:\Users\Diego Canales\AppData\Roaming\Blackmagic Design
2025-03-22 22:18 - 2025-03-22 22:18 - 000000000 ____D C:\Users\Diego Canales\AppData\Local\DaVinci Resolve Welcome
2025-03-22 22:16 - 2025-03-22 22:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TEAM R2R
2025-03-22 22:16 - 2025-03-22 22:16 - 000000000 ____D C:\Program Files\TEAM R2R
2025-03-22 22:12 - 2025-03-22 22:15 - 000000000 ____D C:\Users\Diego Canales\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2025-03-22 22:12 - 2025-03-22 22:12 - 000000000 ____D C:\ProgramData\Blackmagic Design
2025-03-22 22:04 - 2025-03-22 22:04 - 000000000 ____D C:\Program Files\Common Files\OFX
2025-03-22 22:03 - 2025-03-22 22:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2025-03-22 22:03 - 2025-03-22 22:03 - 000000000 ____D C:\Program Files\Blackmagic Design
2025-03-22 22:02 - 2025-03-22 22:03 - 000000000 ____D C:\Program Files (x86)\Blackmagic Design
2025-03-22 21:36 - 2025-03-26 18:23 - 000000000 ____D C:\Users\Diego Canales\AppData\Local\VideoSolo Studio
2025-03-22 21:36 - 2025-03-22 21:36 - 000000000 ____D C:\Users\Diego Canales\Documents\VideoSolo Studio
2025-03-22 21:31 - 2025-03-22 22:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoSolo
2025-03-22 21:30 - 2025-03-22 22:29 - 000000000 ____D C:\ProgramData\VideoSolo Studio
2025-03-22 21:30 - 2025-03-22 22:29 - 000000000 ____D C:\Program Files (x86)\VideoSolo Studio
2025-03-22 21:24 - 2025-03-22 21:24 - 000001510 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoByte DVD Creator.lnk
2025-03-22 21:24 - 2025-03-22 21:24 - 000000000 ____D C:\Users\Diego Canales\AppData\Local\VideoByte
2025-03-22 21:24 - 2025-03-22 21:24 - 000000000 ____D C:\ProgramData\VideoByte
2025-03-22 21:24 - 2025-03-22 21:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoByte
2025-03-22 21:24 - 2025-03-22 21:24 - 000000000 ____D C:\Program Files (x86)\VideoByte
2025-03-22 21:21 - 2025-03-22 21:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HyperCam 6 Business Edition
2025-03-22 21:20 - 2025-03-22 21:21 - 000000000 ____D C:\Program Files (x86)\HyperCam 6 Business Edition
2025-03-22 21:14 - 2025-03-22 21:14 - 000000000 ____D C:\Users\Diego Canales\AppData\Local\MediaMonkey
2025-03-22 21:13 - 2025-03-22 21:20 - 000000000 ____D C:\Users\Diego Canales\AppData\Roaming\MediaMonkey5
2025-03-22 21:13 - 2025-03-22 21:13 - 000000000 ____D C:\Users\Diego Canales\AppData\Roaming\EurekaLab s.a.s
2025-03-22 21:13 - 2025-03-22 21:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey
2025-03-22 21:13 - 2025-03-22 21:13 - 000000000 ____D C:\ProgramData\MediaMonkey2024
2025-03-22 21:12 - 2025-03-22 21:13 - 000000000 ____D C:\Program Files (x86)\MediaMonkey
2025-03-22 09:03 - 2025-03-22 09:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FxSound
2025-03-22 09:03 - 2025-03-22 09:03 - 000000000 ____D C:\ProgramData\FxSound
2025-03-22 09:03 - 2025-03-22 09:03 - 000000000 ____D C:\Program Files\FxSound LLC
2025-03-22 09:00 - 2025-03-22 09:00 - 000000000 ____D C:\ProgramData\FxSound LLC
2025-03-21 17:52 - 2025-03-21 17:54 - 000183000 _____ C:\Users\Diego Canales\Documents\Carta de Motivación.pdf
2025-03-21 17:51 - 2025-03-21 17:54 - 000775193 _____ C:\Users\Diego Canales\Documents\Curriculum Vitae.pdf
2025-03-19 23:28 - 2025-03-19 23:28 - 000001276 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Selector de tareas de Microsoft Works.lnk
2025-03-19 23:27 - 2025-03-19 23:27 - 000000000 ____D C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2025-03-18 16:28 - 2025-03-18 16:29 - 000001724 _____ C:\Users\Diego Canales\Desktop\Wise Care 365.lnk

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2025-04-17 23:11 - 2025-02-15 09:49 - 000000000 _____ C:\WINDOWS\FileLock.bin
2025-04-17 22:42 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-04-17 22:30 - 2025-03-08 23:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2025-04-17 22:27 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-04-17 21:24 - 2025-02-04 20:32 - 000000000 ____D C:\Users\Diego Canales\AppData\Local\D3DSCache
2025-04-17 21:20 - 2025-02-04 20:51 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-04-17 18:18 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2025-04-17 18:17 - 2025-02-09 11:20 - 000000000 ____D C:\Users\Diego Canales\AppData\Roaming\Wise Care 365
2025-04-17 17:57 - 2025-02-18 20:50 - 000000000 ____D C:\Users\Diego Canales\AppData\LocalLow\Temp
2025-04-17 17:56 - 2025-02-09 11:07 - 000000242 _____ C:\WINDOWS\SysWOW64\_WKERNEL.SYL
2025-04-17 17:47 - 2025-02-05 21:43 - 000000000 ____D C:\Users\Diego Canales\AppData\Local\CrashDumps
2025-04-17 17:43 - 2025-02-08 11:05 - 000000000 ____D C:\Program Files (x86)\Glary Utilities
2025-04-17 17:41 - 2025-02-05 19:25 - 000000000 ____D C:\Users\Diego Canales\AppData\Roaming\Telegram Desktop
2025-04-17 17:40 - 2025-02-08 10:59 - 000000000 ____D C:\Program Files\CCleaner
2025-04-17 17:39 - 2025-02-04 19:41 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2025-04-17 17:39 - 2025-02-04 19:40 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-04-17 17:39 - 2020-11-18 18:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-04-17 17:33 - 2025-02-11 09:07 - 000000000 ____D C:\Users\Diego Canales\AppData\Local\EBWebView
2025-04-17 17:26 - 2025-02-15 19:21 - 000000000 ____D C:\Users\Diego Canales\AppData\Roaming\Microsoft\PowerPoint
2025-04-17 16:22 - 2025-02-10 14:14 - 000000000 ____D C:\Users\Diego Canales\AppData\Local\Deployment
2025-04-16 17:33 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-04-16 16:24 - 2025-02-04 20:26 - 000000000 ____D C:\Users\Diego Canales
2025-04-16 16:11 - 2025-02-05 08:53 - 000000000 ____D C:\Users\Diego Canales\AppData\Roaming\Zoom
2025-04-16 16:10 - 2025-02-04 19:40 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-04-16 15:43 - 2025-02-04 19:25 - 000000000 __SHD C:\Users\Diego Canales\IntelGraphicsProfiles
2025-04-15 21:21 - 2025-03-07 22:12 - 000000000 ____D C:\Users\Diego Canales\AppData\Local\AVG
2025-04-15 19:15 - 2025-02-16 12:37 - 000000000 ____D C:\WINDOWS\Minidump
2025-04-14 20:58 - 2025-02-04 14:55 - 001776408 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-04-14 19:16 - 2025-03-03 20:02 - 000000000 ____D C:\ProgramData\VMware
2025-04-14 19:16 - 2025-02-09 19:21 - 000000000 ____D C:\ProgramData\AVG
2025-04-14 19:16 - 2025-02-04 20:24 - 000008192 ___SH C:\DumpStack.log.tmp
2025-04-14 19:16 - 2025-02-04 19:25 - 000000000 ____D C:\Intel
2025-04-14 19:16 - 2020-11-18 19:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-04-14 19:16 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ServiceState
2025-04-14 19:16 - 2019-12-07 05:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2025-04-14 19:15 - 2019-12-07 10:57 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-04-14 19:15 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-04-14 19:15 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2025-04-14 19:15 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-04-14 19:15 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-04-14 19:15 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2025-04-14 19:15 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-04-14 19:12 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-04-14 18:59 - 2025-02-05 10:21 - 000000000 ____D C:\ProgramData\Package Cache
2025-04-11 18:01 - 2025-02-14 20:49 - 000002166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-04-11 18:01 - 2025-02-05 08:32 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-04-10 22:25 - 2025-02-12 21:07 - 000000000 ____D C:\Users\Diego Canales\AppData\Local\Package Cache
2025-04-10 13:58 - 2025-02-05 17:06 - 000000000 ___RD C:\Users\Diego Canales\Desktop\Programas en escritorio
2025-04-10 13:56 - 2025-02-05 10:20 - 000000000 ____D C:\Users\Diego Canales\AppData\Local\Adobe
2025-04-10 13:56 - 2025-02-05 10:20 - 000000000 ____D C:\ProgramData\Adobe
2025-04-09 21:36 - 2025-02-05 09:06 - 000000000 ____D C:\Program Files\LibreOffice
2025-04-09 21:18 - 2025-02-11 11:38 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2025-04-09 21:15 - 2025-02-06 12:07 - 000000000 ____D C:\Program Files\dotnet
2025-04-09 21:13 - 2025-03-12 22:45 - 000001069 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-04-09 21:13 - 2025-02-04 20:28 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2025-04-09 21:13 - 2025-02-04 19:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-04-09 21:12 - 2025-02-07 23:06 - 000000000 ____D C:\Program Files\iTunes
2025-04-09 20:53 - 2025-02-08 11:06 - 000001151 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities.lnk
2025-04-09 20:20 - 2019-12-07 05:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-04-09 18:29 - 2025-02-06 19:05 - 000000000 ____D C:\Users\Diego Canales\AppData\Roaming\Microsoft\Word
2025-04-09 13:40 - 2025-03-07 22:10 - 000393272 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2025-04-09 13:39 - 2025-02-09 19:23 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2025-04-09 13:38 - 2025-03-07 22:10 - 001427512 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgSP.sys
2025-04-09 13:38 - 2025-03-07 22:10 - 000942672 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2025-04-09 13:38 - 2025-03-07 22:10 - 000553528 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2025-04-09 13:38 - 2025-03-07 22:10 - 000391760 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2025-04-09 13:38 - 2025-03-07 22:10 - 000296528 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2025-04-09 13:38 - 2025-03-07 22:10 - 000248376 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2025-04-09 13:38 - 2025-03-07 22:10 - 000084560 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2025-04-09 13:38 - 2025-03-07 22:10 - 000069688 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2025-04-09 13:38 - 2025-03-07 22:10 - 000037944 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2025-04-09 13:37 - 2025-03-07 22:10 - 000282680 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2025-04-09 13:37 - 2025-03-07 22:10 - 000098872 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2025-04-09 00:42 - 2025-02-05 09:00 - 000000000 ____D C:\ProgramData\ProgDVB
2025-04-06 19:50 - 2025-02-17 19:08 - 000000000 ____D C:\Users\Diego Canales\AppData\Local\TheSage
2025-04-05 19:44 - 2025-02-04 14:52 - 000000000 ____D C:\Users\Diego Canales\AppData\Local\Packages
2025-04-05 19:43 - 2020-11-18 19:46 - 000000000 ____D C:\ProgramData\Packages
2025-04-05 13:30 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Registration
2025-04-05 10:26 - 2025-02-10 14:14 - 000000000 ____D C:\Users\Diego Canales\AppData\Roaming\Microsoft\UProof
2025-04-05 10:26 - 2025-02-04 14:55 - 000000000 ____D C:\Users\Diego Canales\AppData\Roaming\Microsoft\MMC
2025-04-04 22:30 - 2025-02-05 09:00 - 000000000 ____D C:\Program Files (x86)\ProgDVB
2025-04-04 14:40 - 2025-02-04 19:51 - 000001482 _____ C:\Users\Diego Canales\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2025-04-02 20:25 - 2025-02-26 15:30 - 000000000 ____D C:\Users\Diego Canales\AppData\Roaming\FxSound
2025-04-02 16:32 - 2025-02-05 15:10 - 000000000 ____D C:\Users\Diego Canales\Documents\SoftMaker
2025-04-02 15:57 - 2025-02-06 14:18 - 000000000 ____D C:\Users\Diego Canales\AppData\Roaming\kingsoft
2025-03-31 13:50 - 2025-02-08 13:36 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2025-03-30 23:58 - 2025-02-17 22:39 - 000097523 _____ C:\Users\Diego Canales\Documents\El comercio y la crisis colonial (VILLALOBOS).odt
2025-03-30 21:28 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2025-03-30 13:33 - 2025-02-07 18:22 - 000000000 ____D C:\ProgramData\Minitab
2025-03-30 12:52 - 2025-02-07 18:28 - 000000000 ____D C:\ProgramData\regid.1994-02.com.minitab
2025-03-29 20:58 - 2020-11-18 19:46 - 000000000 __RHD C:\Users\Public\AccountPictures
2025-03-29 18:20 - 2025-02-10 14:05 - 000000000 ____D C:\Users\Diego Canales\AppData\Roaming\Microsoft\Excel
2025-03-28 20:42 - 2025-02-10 14:05 - 000000000 ____D C:\Users\Diego Canales\AppData\Roaming\Microsoft\AddIns
2025-03-28 19:31 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2025-03-27 15:43 - 2025-02-10 14:14 - 000000000 ____D C:\ProgramData\RainbowAnalyst
2025-03-26 17:31 - 2019-12-07 10:56 - 000000000 ____D C:\WINDOWS\system32\0409
2025-03-26 17:31 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2025-03-26 17:31 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2025-03-26 17:31 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-03-26 17:23 - 2025-02-05 00:04 - 000207216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpcivsp.sys
2025-03-26 16:03 - 2025-02-04 20:46 - 000000000 ____D C:\Users\Diego Canales\AppData\Roaming\Microsoft\Spelling
2025-03-26 14:21 - 2015-07-10 07:04 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2025-03-26 11:08 - 2025-02-10 14:13 - 000000000 ____D C:\Users\Diego Canales\AppData\Roaming\Microsoft\Office
2025-03-26 11:07 - 2019-12-07 10:59 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2025-03-26 11:07 - 2019-12-07 10:59 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-03-26 11:07 - 2019-12-07 10:59 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2025-03-26 11:07 - 2019-12-07 10:56 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2025-03-26 11:07 - 2019-12-07 10:56 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2025-03-26 11:07 - 2019-12-07 10:56 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2025-03-26 11:07 - 2019-12-07 10:56 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2025-03-26 11:07 - 2019-12-07 10:56 - 000000000 ____D C:\WINDOWS\system32\winrm
2025-03-26 11:07 - 2019-12-07 10:56 - 000000000 ____D C:\WINDOWS\system32\WCN
2025-03-26 11:07 - 2019-12-07 10:56 - 000000000 ____D C:\WINDOWS\system32\slmgr
2025-03-26 11:07 - 2019-12-07 10:56 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2025-03-26 11:07 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2025-03-26 11:07 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2025-03-26 11:07 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-03-26 11:07 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\system32\dsc
2025-03-26 11:07 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2025-03-26 11:07 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2025-03-26 11:07 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-03-26 11:07 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Windows Defender
2025-03-26 11:07 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2025-03-26 11:07 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\servicing
2025-03-26 11:03 - 2025-02-05 10:33 - 000000000 ____D C:\Users\Diego Canales\AppData\Local\PlaceholderTileLogoFolder
2025-03-26 11:03 - 2019-12-07 10:58 - 000000000 ____D C:\WINDOWS\OCR
2025-03-26 11:00 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2025-03-26 10:59 - 2025-02-04 21:26 - 000000000 ____D C:\Users\Diego Canales\AppData\Roaming\Microsoft\InputMethod
2025-03-26 10:59 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-03-26 10:59 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-03-26 10:59 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-03-26 10:59 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\IME
2025-03-26 10:59 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\System
2025-03-26 00:55 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2025-03-25 22:44 - 2025-02-09 11:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2025-03-25 22:44 - 2025-02-09 11:03 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2025-03-25 21:58 - 2025-02-05 00:36 - 000000000 ____D C:\WINDOWS\system32\compatrel
2025-03-25 21:58 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2025-03-25 21:58 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-03-25 21:58 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-03-25 21:58 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-03-25 21:58 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-03-25 21:58 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-03-25 21:58 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-03-25 21:15 - 2020-11-18 19:44 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-03-25 17:48 - 2025-03-12 22:12 - 000000000 ____D C:\Users\Diego Canales\AppData\Roaming\Slack
2025-03-25 17:28 - 2025-03-09 14:33 - 000000000 ____D C:\Program Files\PDF Suite 2021
2025-03-23 23:39 - 2025-02-06 14:05 - 000000000 ____D C:\Users\Diego Canales\AppData\Roaming\PeaZip
2025-03-22 09:03 - 2025-02-26 15:30 - 000000000 ____D C:\WINDOWS\system32\Tasks\FxSound
2025-03-21 17:52 - 2025-02-10 20:57 - 000000000 ____D C:\Users\Diego Canales\AppData\Local\Tracker Software
2025-03-19 23:28 - 2025-02-04 21:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
2025-03-19 23:28 - 2025-02-04 21:57 - 000000000 ____D C:\Program Files (x86)\Microsoft Works
2025-03-19 18:07 - 2025-02-06 19:23 - 000000000 ____D C:\Users\Diego Canales\Documents\Jutoh Documents
2025-03-18 14:47 - 2025-02-08 11:06 - 000001139 _____ C:\Users\Public\Desktop\Glary Utilities.lnk
2025-03-18 14:47 - 2025-02-08 11:05 - 000023232 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2025-03-18 08:47 - 2025-02-13 19:41 - 000000000 ____D C:\Users\Diego Canales\AppData\Roaming\Microsoft\HTML Help

==================== Archivos en la raíz de algunos directorios ========

2025-02-04 19:33 - 2025-02-04 20:27 - 000050909 _____ () C:\Program Files\chrome_installer.log
2025-02-04 19:23 - 2025-02-04 20:33 - 000136789 _____ () C:\Program Files\msedge_installer.log
2025-02-06 19:03 - 2025-02-06 19:03 - 000000128 ____H () C:\Users\Diego Canales\AppData\Roaming\3f23fc0ab525179ff9de8583cd6be65cfabe1774
2025-02-06 19:03 - 2025-02-06 19:03 - 000000128 ____H () C:\Users\Diego Canales\AppData\Roaming\ecf00c38dc807e105d881c433a6b455dd2c606b6
2025-02-05 14:26 - 2025-02-05 14:26 - 000002048 _____ () C:\Users\Diego Canales\AppData\Roaming\user60.rdb
2025-02-07 21:58 - 2025-02-07 21:58 - 000001532 _____ () C:\Users\Diego Canales\AppData\Local\2527-22588-CLCSIWriter.txt
2025-02-08 12:13 - 2025-02-08 12:13 - 000001532 _____ () C:\Users\Diego Canales\AppData\Local\2528-131312-CLCSIWriter.txt
2025-02-08 19:07 - 2025-02-08 19:07 - 000001532 _____ () C:\Users\Diego Canales\AppData\Local\2528-20750-CLCSIWriter.txt
2025-02-08 08:49 - 2025-02-08 08:49 - 000001532 _____ () C:\Users\Diego Canales\AppData\Local\2528-94919-CLCSIWriter.txt
2025-02-08 23:15 - 2025-02-08 23:15 - 000001532 _____ () C:\Users\Diego Canales\AppData\Local\2529-01536-CLCSIWriter.txt
2025-02-08 23:34 - 2025-02-08 23:34 - 000001532 _____ () C:\Users\Diego Canales\AppData\Local\2529-03414-CLCSIWriter.txt
2025-02-09 10:02 - 2025-02-09 10:02 - 000001526 _____ () C:\Users\Diego Canales\AppData\Local\2529-11214-CLCSIWriter.txt
2025-02-09 14:11 - 2025-02-09 14:11 - 000001532 _____ () C:\Users\Diego Canales\AppData\Local\2529-151113-CLCSIWriter.txt
2025-02-09 08:48 - 2025-02-09 08:48 - 000001526 _____ () C:\Users\Diego Canales\AppData\Local\2529-94819-CLCSIWriter.txt
2025-02-09 14:14 - 2025-02-09 14:14 - 000000048 _____ () C:\Users\Diego Canales\AppData\Local\computerid
2025-04-04 00:50 - 2025-04-04 00:50 - 000000218 _____ () C:\Users\Diego Canales\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

elturco · 18 Abril, 2025 03:39

Copio reporte Addition. (Pido disculpas, no había leído esas instrucciones Addition.txt (314,7 KB)